Download
1 / 69
690 likes | 852 Views
ECE 495 - INTEGRATED SYSTEMS I. Designing for Safety Timothy Burg. Career Note: You are Expected to Improve Your Skills as Part of Your Job. Document that you have added to your skills May be used in evaluations by current employer Use to market skills to new employer
E N D
ECE 495 - INTEGRATED SYSTEMS I Designing for Safety Timothy Burg
Career Note: You are Expected to Improve Your Skills as Part of Your Job • Document that you have added to your skills • May be used in evaluations by current employer • Use to market skills to new employer • May be difficult to prove a skill on your resume. Many people are skeptical of self-learning. Possible options: • Certifications • Licensing • University Courses • Conference Attendance • Short Courses and Workshops
Career Note: You are Expected to Improve Your Skills as Part of Your Job • Certification (by a vendor or an independent testing agency) • The Novell Certified Engineer Enterprise Services (NCE ES) certification shows that you have acquired and can demonstrate engineer-level skills in product expertise. • National Rural Electric Cooperative Association Loss Control Professional Certification • Licensing • FE Exam -> PE Exam • Some companies pay more for PE • PE required to work on certain types of projects such as public works • Requirements for PE may increase later (??), require MS degree • Enrollment in graduate school • Business classes • Technical classes
Career Note: You are Expected to Improve Your Skills as Part of Your Job • Conferences • American Control Conference ~1000 participants discussing new control theories and application Schedule for day 1 of a 3 day conference. Each block represents six 20 minute presentations
Career Note: You are Expected to Improve Your Skills as Part of Your Job • Short Courses sponsored by universities, companies, societies (e.g. IEEE) • Sold for profit Georgia Tech Professional Education (1 week, $1500)
Career Note: You are Expected to Improve Your Skills as Part of Your Job • Companies vary in philosophy and policies: • Some pay for some activities like a workshop. • Some will give you time for personal development. • Bottom Line: • When you interview, ask questions about professional development. • YOU need to develop your skills even if the company doesn’t support you.
Example – Ford Cruise Control Recall Brake Pressure Switch (SCDS) Brake Pedal Brake Cylinder Clutch Position Switch Brake Position Switch Approximate Electrical Connection • Cruise Control Regulates Speed of Car • Stepping on Brake (or clutch) pedal deactivates cruise control • Redundant signals to the controller Brake Pressure Switch (SCDS) 20A Fuse Cruise Control Unit +12V Clutch Position Switch +12V Brake PositionSwitch
Example – Ford Cruise Control Recall Snap Disk Switch Toggles Position Electrical Contact Opens Pressure Switch Opens when Driver Applies the Brake Hydraulic Pressure when Brake Pedal is Pushed.
Example – Ford Cruise Control Recall x Imagine how this would appear in a Functional Decomposition y f400(*) SCDS f401(*) Ford has a specification for the durability of the switch. This is a continuous duty rating that should well encompass a lifetime of heavy use.
Example – Ford Cruise Control Recall Pressure Switch Leaks earlier than predicted– hydraulic fluid leaks into the dry electrical area and deposits conducting “dendrites” Switch at 12V potential above car ground Plastic (Insulator) Conducting Deposits Conductor to 12V car ground
Example – Ford Cruise Control Recall Deposit and damage from over current Modified Approximate Electrical Connection X-ray of new switch (left) and Switch after a short (right) Brake Pressure Switch (SCDS) 20A Fuse Cruise Control Unit +12V Up to 20A before fuse is triggered
Example – Ford Cruise Control Recall Large current could overheat the switch and lead to vehicle fires. Test vehicle where switch caused fire.
Example – Ford Cruise Control Recall • Result: One of the ten largest recalls of all time • Ordered by the National Highway Transportation Safety Administration (NHTSA) • Total vehicles recalled: 10.4 million • Total complaints: 1,472 (65 fires, 1 death) • Cost: • Cost of in-house investigation - Unknown • Cost of notification (certified letters) =~ $12.3 million • Cost of 1st dealer visit (2 hr) @ $50/hr = $205 million • Cost of 2nd dealer visit (2hr) = $ 205 million • Cost re-engineering and producing the part - Unknown • Cost of the re-engineered part @$21/part= $86.2 million • Total cost (real costs) = ~$508.5 million
Generic Design Process Lesson: There are technical, professional, business, legal, and ethical elements that dictate a safe design. Identify Need Retire Research Maintain Specifications Use by Customer(s) Concepts • Safety is part of the Design: • Look ahead to the product lifecycle and find possibilities for Failures and the Effects of these failures. • Optimize design to make system as safe as possible Distribute and Sell Design Manufacture Prototype Testing
Outline • Definitions – Vocabulary to talk about “Safety”. • Why Worry About Safety? • Specific Design Approaches for Electrical Circuits • Risk Analysis – DFMEA Tool • Conclusion
SAFETY Vocabulary Lightning Strikes near Space Shuttle
Definition 1: Hazard • Any substance, condition or circumstance that is capable of causing harm to human health, property, or the environment. • Four general categories of hazards: • Physical hazards – heights, electricity, gears, high temperature, radiation, stored energy (e.g. springs) • Chemical hazards – all chemicals can be hazardous • Biological hazards – bacteria, fungus, virus, or oxygen deficiency • Ergonomic hazards – repetitive motions (e.g. data entry), lifting
Definition 2: Effects (or Consequences) of a Hazard • The potential harm to: • Human health (or death) – can cause cancer, birth defects, lung damage, liver problems, loss of limb, shock, burn, etc. • Property – may result in fire, contamination, corrosion, cessation of production, etc • The environment – deterioration of the air, land or sea emissions from controlled sources.
Example: Effects (or Consequences) of Electrical Hazards • Shocks - A person can become part of the circuit and the current passes through their body • Electrocution - If a large enough current passes through the body death can result • Burns - The current can produce heat in the body and cause burns • Fires • A short circuit current may cause enough heat to build up to start a fire in surrounding flammable or combustibles. • An arc can occur which can cause temperature of thousands of degrees.
Definition 3: Risk (or Failure) Probability • The likelihood of a specified undesired event occurring within a specified period or in specified circumstances. It may be expressed as a frequency or probability. • MIL-HDBK-217 (US Military Standard) is one source of models for electronic components. Resistor: lP=lbpTpPpSpQpEFailures/106 Hours Environment (use table) Quality (use table) Power Stress (use table) Power (use table) Temperature (use table) Type (use table): Wire wound (e.g. 0.0024) Fixed Composition Film (e.g. 0.0037) • This is often difficult !
Definition 4: Risk • Risk ~ Effects x Exposures x Risk Probability • Effects can be expressed as dollars or # injuries • Exposures – number of times or amount of time the system is used • Risk Probability - likelihood of an event
Example: Distinction between Risk and Hazard Design to Reduce Exposure A rattlesnake is a poisonous snake whose bite can have severe effects. The rattlesnake is a hazard because it can do harm. This hazard is an inherent property of rattlesnakes. If you are in a small room with a live rattlesnake, there is a high probability that you will get bitten. Same rattlesnake is confined to a cage - it is the same rattlesnake as before and still has the same hazard. The hazard is an inherent property of the snake and it hasn’t been changed by putting it in a cage. However, the risk of being bitten by the snake is very low because the hazard is being controlled. Hazard control is about finding an effective control to reduce the risk. Risk = 0 * Effect * Probability -> Low Risk Risk = Exposure * Effect * Probability -> High Risk
Example: We make Decisions About Risk in Our Daily Lives * Assuming number exposures = 1 for a one-time activity. You make a decision to participate by weighing the Effects and the Risks. We will formalize this approach for making decisions about a design.
Definition 5: Accident • Unexpected or unintentional event • Manifestation of a hazard Effects Exposure Risk Probability Risk Hazard Accident
Definition 6: Safety • Safety is the practical certainty that harm will not occur • Safety is the state of being free from danger, risk or injury in the workplace, the environment, and as a consumer • Safety is the attempt to control all of the hazards (minimize risk) so that an accident does not occur
Example: Is 99.9% Safe, Safe Enough? • 99.9 % Reliable -> 1 Defect per Thousand Units • 18 Airplane crashes per day • 17,660 pieces of mail lost per day • 10 babies dropped in delivery per day • $24.8 million to/from wrong bank accounts every hour • 500 incorrect operations per week • Would you consider this risk acceptable? Is 99.9999% safe enough? 1 in a million would suggest 10 events for the speed control on the 10 million Ford cars.
Safety – How Safe?, Acceptable Risks • Zero Risk is impossible to achieve (unless hazard is eliminated) • Risk can be reduced but there is always a residual risk • The question is whether the residual risk is the same as an “Acceptable risk” • Special Note of Caution: There is no general consensus of “Acceptable Risk” • No product should be designed or a process operated that will knowingly result in death or injury
Considerations in Designing for Safety -Why worry about safety?
Business: Economic Costs of Accidents The Iceberg Effect (example of an industrial accident) Tip of the Iceberg - Direct Costs $1.00 Indirect or hidden costs are often more than $30 - $50 for each $1 of direct costs. sing Direct Costs • Medical costs • Indemnity payments Indirect Costs • Train New Employee • Overhead costs • Legal fees • Increase in insurance costs • Damaged Product • Unhappy Customers • Time • Schedule delays • Lost time by: • Injured • Fellow Worker • Supervisor
Business: Image Costs of Recalls Number of Product Recalls by the Responsible Agency in 2003 FDA Food, drugs, medical devices, cosmetics 4,628 EPA Pesticides, car-emission systems 32 recalls. Department of Agriculture Meat, poultry, egg products, etc 68 National Highway Traffic Safety Administration (NHTSA) Vehicles, tires, child-safety seats 529 Coast Guard Boats and boating equipment 36 Consumer Product Safety Commission (CPSC) Everyday products from clothes to coffeemakers 280
Legal: Safety Laws and Regulations • OSHA (The Occupational Safety and Health Act, 1970) OSHA, is in the Department of Labor and the OSHA regulations are found in: • General Industry 29 CFR 1910. • Construction 29 CFR 1926. • EPA -The U.S. Environmental Protection Agency (1970 ). The regulations are found in: • 40 CFR261 (Identification and listing of Hazardous wastes • CPSC - Consumer Product Safety Commission • 16 CFR 1115.
Ethical: Moral Obligation to Protect People • Most people would agree that they don’t want to harm others. • Engineers should not design a product or operate a process that will knowingly result in loss of life, injury.
Professional: Code of Electrical Engineers • IEEE Code of Electrical Engineers We, the members of the IEEE, recognition of the importance of our technologies in affecting the quality of life throughout the world… agree: to accept responsibility in making decisions consistent with the safety, health and welfare of the public and to disclose promptly factors that might endanger the pubic or the environment
Customer Expectations: Often Benefits from Safety Analysis Process • Improved designs • Increase in reliability, quality and safety • Cost savings • Decrease in development time, warranty costs and waste
Electrical Protection - Protective Devices • Limit or stop the flow of current automatically in the event of: • a ground fault • overload • short circuit in the wiring system • switching transients • Provide safe current route
Device: Ground • Grounding devices provides a safe path if fault occurs
Device: Fuses and Circuit Breakers • Fuses and circuit breakers • Goal is to disconnect power source in the event of “too much” current • Slow Acting - allows for inrush currents • Slow Blow/Time Lag/ Time Delay fuses • i2t • Fast Acting – trips on maximum current • Very Fast Acting – trips on maximum current • 2 millisecond time frame to protect power semiconductors
Device: Ground Fault Circuit Interrupter (GFCI) • GFCIs can cut the current in 1/40 of a second and less than 5 milliamps. • Compares hot and neutral wire currents, if not equal then the current is going somewhere it shouldn’t • Protect persons from severe or fatal electric shocks The GFCI is designed to protect people from severe or fatal electric shocks.
Device: Arc Fault Circuit Interrupter (AFCI) • Protect against fires caused by arc faults. • Arc may have a temperature of 35,000ºF. • AFCIs are required in homes beginning in 2008 by the National Electric Code (NEC) • Use current signature to determine arc fault
Device: Thermal Sensing • Stops current when temperature of device exceeds a specific value One-shot cutoffs designed to protect against over-heating
Device: Polarized Cable Plugs Off Polarized AC plug prevents this situation No voltage between Internal circuit and ground Off Voltage between Internal circuit and ground!
Device: Interlocks • System is de-energized by opening of doors or panels.
Labels: Signs, Tags and Placards, Instructions, Lockouts • OSHA 29 CFR 1910.145 Signs and Tags Radiation Hazard Biological Hazard
Other Standards, Rules of Thumb, Conventions to Increase Safety Double-insulation: an insulation system comprised of basic insulation and supplementary insulation. Generally, if equipment is double insulated, it does not need to be earthed. Battery operated tools removed the 110 Volt hazard and it’s associated harm.
Other Standards, Rules of Thumb, Conventions to Increase Safety • Insulation (appropriate for environment and use); • Guarding (adequate barriers so that electrical hazards are not readily accessible such as cabinets, elevation, etc); • Proper size wiring (especially for extension cords); • Proper materials (aluminum connections can oxidize and create fires) • Follow codes for electricity in hazardous environment such as flammable liquids and wet environments) • Isolation transformers.
Other Standards, Rules of Thumb, Conventions to Increase Safety - Redundancy – use multiple components that perform the same task 120 V + Thermal Switch P(S1 Closes) P (continuity) P(S2 Closes) P(S1 Closes) P (continuity) P(S1 Opens) Could use 2 similar switches P(S1 Opens) P(S2 Closes) P (Open) P (Open) P(S2 Opens) P(S2 Opens) Probability that switch Closes or Opens as requested = 0.99 P=1-[1-.99] [1-.99] =.9999 P=.9801 P=.9999 P=.[99][.99] =.9801
AN Approach to Managing hazards – Design Failure modes effects analysis (DFMEA)
Risk Management and Accident Prevention • Primary goal: No harm occurs when a system fails. • How is this systematically accomplished in the design process? • Failure analysis tools
Design Failure Modes and Effects Analysis (DFMEA) • Bottom up approach: Failures->Effects • Developed by US military 1949 • Procedure • Start with a block diagram • Create a Table that pairs Failures with Effects and an evaluation of the effects • Make adjustments to reduce risks • Documentation of this activity usually required.
