Fmea Para Riesgo
-
Upload
holisticaconsulting -
Category
Documents
-
view
162 -
download
1
Transcript of Fmea Para Riesgo
1
An Overview of Quantitative Risk Assessment Methods
Fayssal Safie/MSFC
August 1, 2000
Shuttle Quantitative Risk Assessment - Technical Interchange Meeting
2
An Overview of Quantitative Risk Assessment Methods
• Definitions• Qualitative and Quantitative FMEA – FMECA• Qualitative and Quantitative Fault Tree Analysis (FTA)• Probabilistic Risk Assessment (PRA)• Reliability Allocation• Reliability Prediction• Reliability Demonstration• Trend Analysis• Probabilistic Structural Analysis• Design of Experiments (DOE)• Statistical Process Control (SPC)• Manufacturing Process Capability
3
Definitions
• Probability: The chance or the likelihood of occurrence of an event.
• Risk: The chance of occurrence of an undesired event and the severity of the resulting consequences.
• Risk Assessment: The process of qualitative risk categorization or quantitative risk estimation.
• Risk Management: The process of risk identification, risk assessment, risk disposition, and risk tracking and control.
4
Definitions
• Reliability: The probability that an item will perform its intended function for a specified mission profile.
• Safety: The freedom of injury, damage, or loss of resources.
• Hazard: The condition that can result in or contribute to a mishap.
• Mishap: An unintended event that can cause injuries, damage, or loss of resources.
5
Failure Modes and Effects Analysis (FMEA)
• FMEA is an inductive (bottom-up) engineering analysis method.
• It is intended to analyze system hardware, processes, or functions for failure modes, causes, and effects.
• Its primary objective is to identify critical and catastrophic failure modes and to assure that potential failures do not result in an adverse effect on safety and system operation.
• It is an integral part of the design process.
• It is performed in a timely manner to facilitate a prompt action by design organization and project management.
6
• Items in a typical FMEA sheet for the Shuttle program:
• Nomenclature and function
• Failure mode and cause
• Failure effect on subsystem
• Failure effect on element
• Failure effect on mission/crew and reaction time
• Failure detection
• Redundancy screens
• Correcting action/timeframe/remarks
• Criticality
Failure Modes and Effects Analysis (FMEA)
7
FAILURE MODE EFFECTS ANALYSISREVISION: Basic A FINAL COUNTDOWNDATE: March 15, 1988 B BOOSTPAGE: A-141 SUPERCEDES: ______ THRUST VECTOR CONTROL SUBSYSTEM C SEPARATIONANALYST: C. Barnes D DESCENTAPPROVED: G. Perry E RETRIEVAL
NOMENCLATUREAND FUNCTION
FAILURE MODEAND CAUSE
FAILURE EFFECTON SUBSYSTEM
FAILURE EFFECTON SRB
FAILURE EFFECT ON MISSION/CREW AND REACTION TIME
a. FAILURE DETECTIONb. REDUNDANCY SCREENS
CORRECTING ACTION/TIMEFRAME/REMARKS
CRITCAT
20-01-44FM Code A01
Turbine Exhaust Duct External A,B. Actual loss A,B. Probable Loss A,B. Probable Loss a) None Correcting Action: 1Assembly leakage of Loss of containment Fire and explosion. Fire and explosion b) N/A None
hot exhaust of hot exhaust will lead to loss Timeframe: N/AP/N: 10206-0002-102 gas (System gases. of the mission,
A and/or B) vehicle, and crew.Ref. Des.: None caused by:
Reaction Time:2 Required • Bellows Seconds
fracture/Vents HPU turbine exhaust fatigue C,D,E. No Effect C,D,E. No Effect C,D,E. No Effect a) N/A 3gas to atmosphere out- Failure mode not Failure mode not Failure mode not b) N/Aside of the aft skirt. • Flange/duct applicable to applicable to applicable to
fracture these phases. these phases. these phases.Exhaust Duct Assemblyincludes: • Seal failure
Upper Exhaust Assembly • Seal surface(three bellows) defect 10206-0003-101
• ImproperMiddle Exhaust Assembly torque 10206-0007-101 Alt. 10206-0031-851 • Contamination Alt. 10206-0044-851 during assembly Alt. 10206-0045-851
• ImproperlyLower Exhaust Assembly lockwired. 10206-0010-101
8
Failure Modes and Effects Analysis (FMEA)
Benefits:
• The FMEA provides a systematic evaluation and documentation of failure modes, causes and their effects.
• It categorizes the severity (criticality category) of the potential effects from each failure mode/failure cause.
• It provides input to the CIL (Critical Items List).
• It identifies all single point failures.
• The FMEA findings constitute a major consideration in design and management reviews.
• Results from the FMEA provide data for other types of analysis, such as design improvements, testing, operations and maintenance, and analysis of mission risk.
9
Failure Modes, Effects, and Criticality Analysis (FMECA)
• A FMECA is similar to a FMEA; however, a FMECA provides information to quantify, prioritize and rank failure modes. • It is an analysis procedure which identifies all possible failure modes,
determines the effect of each failure on the system, and ranks each failure according to a severity classification of failure effect.
• MIL-STD-1629A, Procedures for Performing a FMECA, discusses the FMECA as a two-step process:• Failure Modes and Effects Analysis (FMEA).• Criticality Analysis (CA).
• Criticality analysis can be done quantitatively using failure rates or qualitatively using a Risk Priority rating Number (RPN).
• CA using failure rates requires extensive amount of information and failure data.
• A RPN is relatively simple measure which combines relative weights for severity, frequency, and detectability of the failure. It is used for ranking high risk items.
10
Failure Modes, Effects, and Criticality Analysis (FMECA)Example
Part name/Part number
PotentialFailure modes
Causes (failureMechanism)
EffectsRisk Priority RatingSev Freq Det RPN
RecommendedImprovement
Risk Priority RatingSev Freq Det RPN
Turbine ExhaustDuct Assembly
P/N 10206-0002-102
External leakage of hot exhaust gas (System A and/or B)
1. Bellows fracture/fatigue
2. Flange/duct fracture
3. Seal failure
4. Seal surface defect
5. Improper torque
6. Contamination during assembly
7. Improperly lockwired
Fire and Explosion
Fire andExplosion
Fire and Explosion
Fire andExplosion
Fire and Explosion
Fire andExplosion
Fire and explosion
11
Qualitative Fault Tree Analysis (FTA)
• A FTA is a deductive (top-down) approach that graphically and logically represents events at a lower level which can lead to a top undesirable event.
• It is a tool that systematically can answer the question of what can go wrong by identifying failure scenarios.
• It is an excellent tool for analyzing complex systems.
• Qualitative FTA is predominately a Safety tool.
12
Qualitative Fault Tree Analysis (FTA)
X-34 Hydraulic System Example
18 HPvar
Pump LatchingRelay 2
PumpBattery 1 Pump Latching
Relay 1
Pump LatchingRelay 3
PumpBattery 2
PumpBattery 3
External PowerCharging Connector
FWD Manifold
Cooling Plate
18 HPvar
18 HPvar
PT
PT
PT
Flig
ht
Co
mp
ute
r
Pump MotorController 1
Pump MotorController 2
Pump MotorController 3
6
5
This is a portion of a schematic to a system which incorporates three hydraulic pump packages. The system can still function properly if two of the pumps operate. The fault tree example is only a tiny portion of one pump package from the hydraulic system fault tree from which this example was based.
13
Qualitative Fault Tree Analysis (FTA)
X-34 Hydraulic System Example
Inadequate Power toPump Package 1 Motor
MTR-1-PWRPage X
Pump Package 1 MotorController Off / Low
MTR-CTRL-1-OFF
Pump Package 1 MotorController Fails Off/ Low (Component
Failure)
MTR-CTRL-1-FOF
Pump Package 1 MotorController Commanded Off /
Low (Software / PressureTransducer Error)
MTR-1-CTRL-CMD-OFF
Inadequate / No Powerto Pump Package 1
Motor Controller
MTR-CTRL-1-PWR
Pump Package 1Battery Failure (Loss
of Charge /Inadequate Charge)
PMP-PKG-1-BAT-F
Pump Package RelayFails / Commanded
Off
PMP-PKG-1-REL-OFF
Pump Package 1 RelayFails Off
PKG-1-REL-FOF
Pump Package 1 RelayCommanded to "Off"
Position
PMP-PKG-1-CMD-OFF
Page XX
14
Qualitative Fault Tree Analysis (FTA)
Benefits:
• Provides a format for quantitative and qualitative evaluation.
• Provides a visual description of system functions that lead to undesired outcomes.
• Identifies failure potentials which may otherwise be overlooked.
• Identifies design features that preclude occurrence of a top level fault event.
• Identifies manufacturing and processing faults.
• Determines where to place emphasis for further testing and analysis.
• Directs the analyst deductively to accident-related events.• Useful in investigating accidents or problems resulting from use of a
complex system.
15
Qualitative Fault Tree Analysis (FTA)
Benefits: (cont’d)
• Can identify impact of operator/personal interaction with a system.
• Can help identify design, procedural, and external conditions which can cause problems under normal operations.
• Often identifies common faults or inter-related events which were previously unrecognized as being related.
• Excellent for ensuring interfaces are analyzed as to their contribution to the top undesired event.
• Can easily include design flaws, human and procedural errors which are sometimes difficult to quantify (and therefore, often ground-ruled out of quantitative analysis).
• Qualitative FTA requires cutset analysis to attain full benefits of the analysis. (Cutsets: Any group of non-redundant contributing elements which, if all occur, will cause the top event to occur)
16
Considerations:
• FTA addresses only one undesirable condition or event at a time. Many FTAs might be needed for a particular system.
• Both Quantitative and Qualitative FTAs are time/resource intensive.
• In general, design oriented FTAs require much more time than failure investigation FTAs. Management is mostly acquainted with failure investigations FTAs. Such FTA efforts can give a false sense of how quickly a design FTA can be developed.
Qualitative Fault Tree Analysis (FTA)
17
Quantitative Fault Tree Analysis (FTA)
• Quantitative FTA is used as a Reliability and a Safety tool.
• It diverges from Qualitative FTA in that failure rates or probabilities are input into the tree and the probability of occurrence is computed for the cutsets and the top undesirable event.
• Tends to be strictly “hardware failure” oriented as opposed to Qualitative FTA (which includes hardware and other less quantifiable faults).
• Is excellent in comparing different configurations of a system (even if the failure rate data uncertainty is fairly high).
• Can be used to calculate the probability of occurrence of different cutsets and the top undesirable event for reliability predictions.
18
System Description:
• Methane loading system - The methane is stored in a tank in a liquid form and then vaporized and loaded as a gas. This example terminated at valve failure.
Quantitative Fault Tree Analysis (FTA)
X-33 Methane Ground Storage and Loading Example
19
Quantitative Fault Tree Analysis (FTA)
X-33 Methane Ground Storage and Loading Example Inability to Load
Methane (CH4)
NO-LOAD-CH4
CH4 Not Supplied Through Manual
Valve V-1537
VIA-VLV-1537
Valve V-1557 Fails Open
VLV-1557-OP
3.90E-04
VLV-1537-CL
Loss / Blockage of CH4 in Loading Line
(Post V-1537)
LOAD-LINE
CH4 Vented Through Load
Line
CH4-LOAD-VNT
Solenoid Operated Valve SOV-1549
Mech. Fails Open
SOV-1549-MECH-OP
6.50E-06
Solenoid Operated Valve SOV-1549 Solenoid Fails
Open SOV-1549-SOL-OP
Relief Valve RV-1552 Open
RV-1552-OP
3.90E-05
CH4 Transfer Blocked Through
Load Line
CH4-LOAD-BLK
Solenoid Operated Valve SOV-1561
Fails Closed
SOV-1561-MECH-CL
Check Valve CV-1548 Fails Closed
CV-1548-CL
2.86E-08
Valve V-1537 Fails Closed
3.90E-04
3.90E-04
Solenoid Operated Valve SOV-1561
Mech. Fails Closed
SOV-1561-MECH-OP
6.50E-06
Solenoid Operated Valve SOV-1561 Solenoid Fails
Closed SOV-1561-SOL-OP
3.90E-04
20
Quantitative Fault Tree Analysis (FTA)
Considerations:• The probabilities derived from a Quantitative FTA should be
viewed with the uncertainty fully understood. • It is often difficult to obtain valid reliability data for
experimental / non-production related systems. In such cases:• Too few items are available for a proper statistical sample• Data from “Like” systems and operating environments must
be used
• Quantitative FTA has little or no place in failure investigations.
21
Probabilistic Risk Assessment (PRA)
• PRA is a process that follows a quantitative approach to determine the risk of a top undesirable event and the associated uncertainty arising from inherent causes.
• It provides a systematic way of answering the following questions:
• What can go wrong?
• How likely is it to happen?
• What are the consequences?
• How certain are we about the answer? (uncertainty or state of knowledge)
• The main tools used in PRA processes are fault trees, event sequence diagrams, and event trees.
• Other tools such as reliability block diagrams can be used to support a PRA study.
22
Probabilistic Risk Assessment (PRA)
A typical PRA process involves:
• Identification of end state(s) to be assessed.
• Identification of Initiating Events (IE) leading to the end states.
• Development of the Event Sequence Diagrams (ESD) for the initiating event. An ESD shows the sequence of events from IE to end states.
• Quantification of ESDs (event tree).
• Aggregation of risk for each system end state.
• Risk analysis which might include: risk ranking, risk reduction, sensitivity analysis, etc.
23
Probabilistic Risk Assessment (PRA)A PRA Process Example
Products1. System Risk2. Element Risk3. Subsystem Risk4. Risk Ranking5. Sensitivity Analysis etc..
FLIGHT/TEST DATAPROBABILISTIC STRUCTURAL MODELS
SIMILARITY ANALYSISENGINEERING JUDGMENT
Master Logic Diagram (MLD)
TurbineBlade Porosity
MissionSuccess
InspectionNot Effective
Porosity Presentin Critical Location
UNCERTAINTY DISTRIBUTION FOR LOV DUE TO TURBINE
BLADE POROSITY
Event Tree
RISK AGGREGATION OF BASIC EVENTS
Event Sequence Diagram (ESD)
End Stateor Transfer
Porosity Present in Critical
Location Leads to Crack in <4300 sec
ScenarioNumber
1 LOV
3 MS
4 MS
2 MS
TurbineBlade
Porosity
InspectionNot
Effective
PorosityPresent inCritical
Location
QUANTIFICATION OF ESD
INITIATING &PIVOTAL EVENTS
UNCERTAINTY DISTRIBUTION FOR
EVENT PROBABILITY
EVENT PROBABILITYDISTRIBUTION
Porosity in Critical Location Leads to
Crack in <4300 sec
MissionSuccess
MissionSuccess
Loss ofVehicle(LOV)
BladeFailure
MissionSuccess
BladeFailure
5 MS
MLD identifies all significant basic/initiating events that could leadto loss of vehicle.
24
Benefits:
• Imposes logic structure on risk assessment.
• Evaluates risk at various system levels including system interactions.
• Handles multiple failures and common causes.
• Provides more insight into the various system failure modes and the effects of human/process interaction.
• Provides a tool to combine both qualitative and quantitative risk analysis.
Limitations:
• Could be very expensive.
• Could be misapplied and misused due to the incorporation of qualitative data.
Probabilistic Risk Assessment (PRA)
25
Probabilistic Risk Assessment (PRA)
Event Tree Example – A Coolant System
P1
D
NormalCoolant
P2
A Coolant System
EmergencyCoolant
• P1 and P2 are electrically driven pumps, D is a flow detector, and EP (not shown) is the electric power
• Initiating event is a break in the normal coolant pipe
• Full system success (S) requires both pumps operating, the detection system, and the electrical power operating
• One pump operating results in partial success (P)
• Two pumps failing or failure of electrical power (EP) results in system failure (F)
26
P(P2)
Q(P2)
P(P2)
Q(P2)
P(P1)
Q(P1)P(D)
Q(D)
P(EP)
Q(EP)
NORMAL COOLANTPIPE FAILURE
1-S2-P3-P
4-F
6-F
5-F
Probabilistic Risk Assessment (PRA)
Event Tree Example – A Coolant System
P(.) - Probability of Component SuccessQ(.) - Probability of Component FailureS - Full System SuccessP - Partial System SuccessF - System Failure
27
Probabilistic Risk Assessment (PRA)
Reliability Block Diagram SRB Range Safety System (RSS) Example
NSD
NSD
LSC
S&A
S&A CDF1
CDF1 CDF2
CDF2
0.9998843
0.9998843
0.9965403
0.9965403
0.9996991 0.9996991
0.9996991 0.9996991
RSYS=[1 - (1- NSD*S&A*CDF1*CDF2)2] * LSC
0.9971161
NSD - NASA Standard DetonatorS&A - Safe and ArmCDF - Confined Detonating FuseLSC - Linear Shaped Charge
28
Reliability Allocation
• Reliability allocation is the top-down process of subdividing a system reliability requirement into subsystem and component requirements.
• Reliability allocation is performed in order to translate the system reliability requirement into more manageable, lower level requirements.
29
Reliability Allocation
Example
SSMEReliability
HPFTP HPOTP Chamber NozzleControls &Externals
TurbineAss’y
PumpAss’y
HousingAss’y
RotorAss’y
Blades Retainers
0.999
0.99975 0.99980 0.999850.99975
0.99985
0.99987 0.99987
0.999961 0.999909
0.999945 0.999964
30
Reliability Allocation
Benefits:
• Reliability allocation allows design trade-off studies to be performed in order to achieve the optimum combination of subsystems which meets the system reliability requirement.
31
Reliability Prediction
• Reliability prediction is the process of quantitatively estimating the reliability of a system.
• Reliability prediction is performed to the lowest level for which data is available. The sub-level reliabilities are then combined to derive the system level prediction.
• Reliability prediction during design is used as a benchmark for subsequent reliability assessments.
• Predictions provide managers and designers a rational basis for design decisions.
32
Reliability Prediction
• Reliability prediction techniques are dependent on the degree of the design definition and the availability of historical data.
• Similarity analysis techniques: Reliability of a new design is predicted using reliability of similar parts.
• Probabilistic design techniques: Reliability is predicted using engineering failure models.
• Techniques that utilize generic failure rates such as MIL-HDBK 217, Reliability Prediction of Electronic Equipment.
33
Reliability Prediction
Similarity Analysis Example Fuel Turbo Pump
• Assume a Fuel Turbo Pump (FTP) has a historical failure rate of:
50 per 100k firings
• Assume also the failure mode break down is:
• Then the Cracked/Fractured Failure rate is: .35 X 50 = 17.5/100k firings
Cracked/Fractured Blades
Turbine bearing Failure
Pump bearing Failure
Impeller Failure
Turbine Seal Failure
100%
35%
25%
20%
10%
10%
34
• If the failure causes for Cracked/Fractured are determined to be:
• Then the Thermal Stress Failure Rate is:
0.57 X 17.5 = 10/100k firings
100%
Reliability Prediction
Similarity Analysis Example Fuel Turbo Pump
35
•Failure Rate Adjustments established through:• Test Results• Preliminary Analyses• Integrated Product Team (IPT) Input
• Address "high hitters" - Using Thermal Stress failure rate of 10.0/100k firing• Design changes to improve reliability Cum Percent Failure Rate Improvement ReductionLower Operating Temperatures 20% 2.00(Test)Hollow Blades 30% (additional) 4.40(Analysis, Expert Opinion)Material Change 20% (additional) 5.52(Analysis)
Reliability Prediction
Similarity Analysis Example Fuel Turbo Pump
36
If no other changes are made, the FTP predicted reliability is then:
50 - 5.52 = 44.48 / 100k firings
Reliability Prediction
Similarity Analysis Example Fuel Turbo Pump
37
Reliability Prediction
Benefits:
• Provides a early quantitative evaluation of design
• Identifies problem areas
• Identifies parts and components with highest potential reliability improvements
• Makes full use of lessons learned
38
Reliability Demonstration
• Reliability Demonstration is a reliability estimation method that primarily uses test data (objective data) and statistical formulas to calculate demonstrated reliability or to demonstrate numerical reliability goal with some statistical confidence.
• Models and techniques used in reliability demonstration include Binomial, Exponential, Weibull models. Reliability growth techniques, such as the U.S. Army Material Systems Analysis Activity (AMSAA) and Duane models can also be used to calculate demonstrated reliability.
• Historically, some military and space programs employed this method to demonstrate reliability goals. For example, a reliability goal of .99 at 95% confidence level is demonstrated by conducting 298 successful tests.
39
0
50
100
150
200
250
300
350
400
450
500
0 100 200 300 400 500 600 700 800 900 1000
Number of Successful Tests Needed
De
mo
ns
tra
ted
Re
lia
bil
ity
-Me
an
Tim
e B
etw
ee
n F
ail
ure
s
(.998)
(.996)
With 95% Statistical Confidence
With 90% Statistical Confidence
(.990)Typical Case: To demonstrate .99 reliability
with 95% confidence, it takes 298 successful tests
Reliability Demonstration
Reliability Calculation through Demonstrated TestsBy Using Binomial Statistical Formula
40
Reliability DemonstrationBenefits:
• It provides a way to validate numerical reliability requirement.
• It provides a way to calculate the reliability that has been demonstrated so far by the item under consideration.
• It eliminates the subjectivity that is usually embedded in other reliability estimation methods.
• Through rigorous reliability demonstration test program, design weakness and failures can be revealed and corrective actions can be taken to significantly improve reliability.
Limitations:• It is very expensive and time-consuming to run through a
reliability demonstration program. • Data quantity sensitive.
41
Trend Analysis
• Problem/performance trending is a statistical characterization of problem/performance data using graphical/descriptive techniques.
• Performance trending is done using control-type charts.
• The simplest and most powerful trending tool is the Pareto Chart for problem trending.
• In general, problem trending involves:
• Extracting related problem data from a historical problem database.
• Normalizing raw problem counts into problem rate of occurrence based on prime parameter (starts, seconds of run time).
• Plotting normalized data to establish a frequency chart.
• Fitting a trend curve to the frequency plot.
• Analyzing the fitted curve for trends.
42
Problem Trending
Example Pareto Chart
SSME UCRs Reported From 01/01/1990 - 12/31/1999
0
200
400
600
800
1000
1200
1400
1600
1800
2000
Count
43
Benefits:
• Performance trending• Helps in identifying potential problems with a performance parameter
before it occurs.
• Problem trending• Identifies major problem areas for optimum allocation of resources.
• Evaluates effectiveness of past recurrence control actions.
• Predicts future failure rates in a given area.
• Points to desirable and undesirable effects of hardware processing changes.
• Communicates in simple, logical, visual, and easily understandable presentation.
Limitations:
• Significant engineering evaluation may be required to isolate appropriate set of problems.
• Rationale for frequency changes may not be obvious.
Trend Analysis
44
Probabilistic Structural Analysis
• It is a tool to probabilistically characterize the design and analyze its reliability using engineering failure models.
• It is a tool to evaluate the expected reliability of a part given the structural capability and the expected operating environment.
• It is used when failure data is not available and the design is characterized by complex geometry or is sensitive to loads, material properties, and environments.
45
FRACTURELOCATION
•During rig testing the AT/HPFTP Bearing experienced several cracked races.
•Summary of 440C race fractures / tests: 3 of 4 Fractured
Probabilistic Structural Analysis
Turbo-Pump Bearing Example
46
OBJECTIVE: Predict probability of inner race over-stress, under the conditions experienced in the test rig, and estimate the effect of manufacturing stresses on the fracture probability.
StressAllowable
Load
Failure Region
Probabilistic Structural Analysis
Turbo-Pump Bearing Example
47
Conditions• Using rig fits and clearances• Crack size data from actual cut-ups• Stresses associated with manufacturing (ideal)• Materials properties and their variations• Failure mode being analyzed is over-stress
Probabilistic Structural Analysis
Turbo-Pump Bearing Example
48
HPFTP Roller Bearing Inner Race - Model Flow
Randomly select values for inner race material properties
Randomly select values for shaft and sleeve material properties
Tolerance fits of rig test bearing
Inner race hoop stress contribution at given conditions
Shaft and sleeve hoop stress contribution at given conditions.
Total hoop stress
Stress due to Manufacturing Stress > Allowable Load
Iterate and compute Failure Probability
Variation in:o Fracture Toughnesso Yield Strengtho No. of Crackso Crack Deptho Crack Length
Compute AllowableLoad for each crack
Compute AllowableLoad (worst crack)
Probabilistic Structural Analysis
Turbo-Pump Bearing Example
49
RESULTS - FAILURE RATES
At Test
3 of 4 failed
---
---
In 15+ testsnever had athrough ringfracture
Race Configuration
440C w/ actual manufacturingstresses (ie ideal + abusivegrinding)
440C w/no manf. stresses
440C w/ideal manf. stresses
9310 w/ ideal manf stresses
Probabilistic Structural Analysis
68,000 fail/100k firings
1,500 fail/100k firings
27,000 fail/100k firings
10 fail/100k firings
It is estimated that 50% of the through ring fractures would result in an engine shutdown. The shutdown 9310 HPFTP Roller Bearing Inner Race Failure Rate is then: 0.50 X 10/100k = 5 fail/100k firings
Probabilistic Structural Analysis
Turbo-Pump Bearing Example
50
Probabilistic Structural Analysis
Benefits:
• Used to understand the uncertainty of the design and identify high risk areas.
• Used to perform sensitivity analysis and trade studies for reliability optimization.
• Used in identifying areas for further testing.
51
Design of Experiments (DOE)
• DOE is a systematic and scientific approach which allows design, manufacturing, and test engineers to better understand the variability of a design or a process and how the input variables affect the response.• It is used as a tool to optimize product design by identifying the
critical design parameters that affect the reliability of the design.
• It is used as a tool to understand manufacturing variability and to identify the critical process variables that affect the quality and the reliability of the product.
52
Initial Weld Process Sensitivities0.320” Oscillation Sensitivity 2195 Vertical VPPA Welding
Goal: Determine if the weld process is sensitive to cover pass oscillation parameters.
Factors examined included width, dwell and speed, each with three levels:
Width - how far does it oscillate : 0.03, 0.10, 0.17 inches
Dwell - how long do you pause at the ends of the oscillation : 0.35, 0.52, 0.70 sec
Speed - how fast do you oscillate : 10.0, 27.5, 45.0 inches per minute
Responses : Room Temperature and Cryo Tensile strengths
Model : Response Surface Model (Box-Behnken) generated and analyzed using ECHIP Software
Total number of tests : 16
ET Variable Polarity Plasma Arc (VPPA) Weld Process Example
Design of Experiments (DOE)
53
0.320” Cover Pass Oscillation Results-Width and Speed most Significant
-Oscillation Parameters can effect weld properties
-Ultimate Tensile Strength UTS (ksi) R2 = 0.895, Cryo UTS R2 = 0.913
60
55
50
45ECHIP
10
20
3040Speed
0.03
0.06
0.09
0.12
0.15 Width
Cryo UTSDwell = 0.00
50
45
40
35ECHIP
10
20
30
40
Speed
0.03
0.06
0.09
0.12
0.15 Width
RT UTSDwell = 0.00
Design of Experiments (DOE)
ET Variable Polarity Plasma Arc (VPPA) Weld Process Example
54
Design of Experiments (DOE)
Jet Engine Diffuser Case Example
• Use information from past manufacturing problems on the diffuser case to design the first fully cast jet engine diffuser case.
• Variables that lead to quality of casting:• Metal Feed Technique• Gating Scheme• Core Pack Technique• Stucco Application• Mold Preheat• Pour Temperature• Burn Out Temperature• Mold Insulation• Hip temperature• Heat Treat• Homogenize• Anneal
12 variables each at a high and low level.
55
• If we test all combinations of all variables, we need to run 2 = 4096 tests with no replication.
• Using the DOE technique only 43 of the possible points were tested. Resulting tests yielded the process levels necessary to optimize the quality and blueprint conformance of manufacturing the diffuser case.
12
Design of Experiments (DOE)
Jet Engine Diffuser Case Example
56
Design of Experiments (DOE)
Benefits:
• Provides a tool to understand variability in design and manufacturing.
• Reduces time to establish mature design and manufacturing processes.
• Saves time and money by optimizing the experiment input and output.
• Reduces potential of nonconformances.
57
Statistical Process Control (SPC)
• Statistical Process Control (SPC) is a statistical technique that measures and analyzes stability and variability of a process using control charts.
• Most commonly used SPC charts are the X-bar chart and R-chart.
• End product reliability is highly dependent on manufacturing process stability and variability. SPC provides an effective tool to ensure manufacturing quality.
58
Statistical Process Control (SPC)
Fastener Example
X-bar Chart for Fastener
Subgroup
X-b
ar
Centerline = 33.32
UCL = 36.6654
LCL = 29.9746
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 2028
30
32
34
36
38
40
59
Statistical Process Control (SPC)
Fastener Example
Range Chart for Fastener
Subgroup
Ran
ge
Centerline = 5.8
UCL = 12.2633
LCL = 0.0
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 200
3
6
9
12
15
60
Statistical Process Control (SPC)
RSRM Phenolic Tag End Example
RSRM Production• Material acceptance data ensures constituents are in family of
previously used components and the statistical trends can identify potential subtle changes in vendor processes.
• One (of many) nozzle phenolic insulator parameters trended is residual volatiles remaining after phenolic sample is heated.
• SPC evaluation showed changes in residual volatile levels of silica cloth phenolic.
• Additional investigation revealed unanticipated change in silica vendor furnace brick (resulting in slightly different oven heat environment during silica processing).
• Corrective action implemented at vendor prior to continued silica production - subsequent data verifies return of parameters to within statistical expectations.
61
0.00
0.50
1.00
1.50
2.00
2.50
3.00
1 4 7
10 13 16 19 22 25 28 31 34 37 40 43 46 49 52 55 58 61 64 67 70
Sample Number
Percent Res Vols
Lower Spec Limit
Lower Control Limit
X bar
Percent Residual Volatiles
Upper Control Limit
Upper Spec Limit
Vendor ChangeMade
Vendor ChangeCorrected
Statistical Process Control (SPC)
RSRM Phenolic Tag End Example
62
Statistical Process Control (SPC)
Benefits:
• Statistical process control provides a vehicle to ensure manufacturing process stability and end product reliability.
• Process anomalies can be discovered earlier and be resolved without any reliability impact on end product.
Limitations:
• SPC data and controlled features may not be directly related to reliability concerns.
• SPC technique may not be effective when applied to small run manufacturing processes (total only few parts are made).
63
Manufacturing Process Capability
• In simple terms, the manufacturing process capability is defined as the ratio of the engineering specification width to the process width (3-sigma for one-sided, 6-sigma for two-sided). This ratio is called the process capability index (Cpk).
• As a rule of thumb:
• Cpk > 1.33 Capable
• Cpk = 1.00-1.33 Capable with tight control
• Cpk < 1.00 Incapable
• Manufacturing process capability is essential to evaluate the suitability of the process to meet the spec.
• Manufacturing process capability data are one of essential data sources to support design feasibility and reliability trade study.
64
Injector Lox Post Tolerance Requirement
IDOD
Background: Lox post OD and ID dimensions have significant effect on lox and fuel mixture property. Uneven mixture of the propellants and localized overheating impact engine performance and reliability
Analysis Support: OD and ID tolerance boundaries need to be established withsound engineering rationale and be backed up by manufacturing process capability
lox post
Manufacturing Process Capability
Application Example
65
Analysis Approach and Result
• Performance impact is correlated with OD and ID dimensions.
• Localized overheating is assessed by OD and ID process variability.
• Tolerance boundaries were established as +/- .0005” for both OD and ID.
• Results indicate the process capability is feasible to support design and reliability requirement.
Injector Lox Post Tolerance Requirement
Manufacturing Process Capability
Application Example
66
-5 -3 -1 1 3 5
Post ID Deviation from Nominal
(X 0.0001”)
0
1
2
3
4
freq
uenc
yNominalLSL
-3s
USL
+3s
Mean = -.0000095”sigma = .000076”
Cpk = 2.14
Manufacturing Process Capability
Example: Main Injector Lox Post ID Dimension
67
Manufacturing Process Capability
Benefits:
• Manufacturing process capability data are vital to support design feasibility.
• Manufacturing process capability is a good tool to judge the suitability of the process to build a specific design.
Limitations:
• Process capability data represent dynamic manufacturing environment that can be easily misused.
• Maintaining a manufacturing process capability data bank is a very intensive effort.
68
• QRA is a well-established technology that involves methods and techniques beyond conducting classical PRA studies.
• QRA is essential to understanding uncertainty and controlling our critical processes.
• Implementation and use of QRA could be enhanced if • QRA is incorporated as part of the system management process• QRA methods and techniques are viewed as part of the system
engineering effectiveness tools
• QRA is extremely important for the Space Shuttle Program to understand and control risk. QRA techniques are well-established, however, the application of the techniques on a larger scale will require careful planning, extensive training, and strong commitment by Shuttle Program management to pursue long term plans.
Conclusions/Recommendations