1、Best Practices Entry: Best Practice Info:a71 Committee Approval Date: 2000-04-04a71 Center Point of Contact: MSFCa71 Submitted by: Wilson HarkinsSubject: Sneak Circuit Analysis Guideline for Electro-Mechanical Systems Practice: Sneak circuit analysis should be used in safety critical systems to iden
2、tify latent paths which cause the occurrence of unwanted functions or inhibit desired functions, assuming all components are functioning properly. It is based upon the analysis of engineering and manufacturing documentation. Because of the high cost of a sneak circuit analysis, it should be conducte
3、d only in areas where there is a high potential for a hazard.Programs that Certify Usage: This practice has been used on the Redstone, Apollo, Skylab, and Shuttle programs.Center to Contact for Information: MSFCImplementation Method: This Lesson Learned is based on Reliability Practice Number PD-AP-
4、1314, from NASA Technical Memorandum 4322A, Reliability Preferred Practices for Design and Test.Identification of sneak circuits in the design phase of a project prior to manufacture can improve reliability; eliminate costly redesign and schedule delays; and eliminate problems in test, launch, on-or
5、bit, and protracted space operations. Sneak circuit analysis can also be beneficial in identifying drawing errors and design concerns.Implementation Method:Provided by IHSNot for ResaleNo reproduction or networking permitted without license from IHS-,-,-Some of the devices and equipment benefiting f
6、rom hardware sneak circuit analysis are solid state electronic devices, relay logic systems and digital systems. The relay equipment includes associated items such as: resistors, capacitors, single load devices, diodes, switches, integrated circuits, and other semiconductors. Another type, analog eq
7、uipment, includes amplifiers, inverters, converters, and feedback systems. Sneak circuit analysis is an effective tool for locating potential problems in software, and for identifying potential drawing errors and design concerns. Sneak circuit analysis is a labor intensive technique which requires s
8、pecialized training and is often limited to those areas of a design where safety compliance is an issue. When considering sneak circuit analysis as an applicable tool to be applied to a program, the following considerations are recommended:1. Reasons for conducting a sneak circuit analysis: a. Impro
9、ve reliability which results from the identification and resolution of system problems.b. Conduct an independent analysis of the design.c. Locate unresolved system problems that could not be found by other analyses or tests.d. Identify high criticality items (crew and mission-critical).e. Respond to
10、 a high change rate in baseline design.2. Applicable systems: a. Systems which perform active functions.b. Electrical power distribution and controls.c. Computer programs which control and sequence system functions.Sneak circuit analysis can be implemented on a limited subsystem, a complete function
11、al system or a complete vehicle or program. Analysis is based on documentation in the form of “as built“ schematics, drawings, wire lists and “as coded“ source computer programs. The preferred start time to begin sneak circuits analysis is during the engineering development phase prior to Critical D
12、esign Review (CDR), but sneak circuit analysis can be performed during any phase of the program. The analysis cannot be completed until the overall program/project drawings are baselined. Performing sneak circuit analysis during the last phases of the program tends to drive program costs up because
13、of the potential redesign effort. The effects of making a change later in a program are illustrated in Figure 1.Provided by IHSNot for ResaleNo reproduction or networking permitted without license from IHS-,-,-refer to D descriptionD The data used for sneak circuit analysis must represent the system
14、 circuitry as built, contingent upon quality control checks, tests, and inspections. The technique for sneak circuit analysis requires the analyst to accumulate detailed circuit diagrams and wire lists, arrange circuit elements into topological network trees, and to examine these network trees for s
15、uspected sneak circuits.After the topological trees have been produced, the next step is to identify the basic topological patterns that appear in each tree. The five basic topological patterns are: (1) the single line (no-node), (2) the ground dome, (3) the power dome, (4) the combination dome, and
16、 (5) the “H“ pattern. These topological patterns are illustrated in Figure 2. The “PWR“ represents electrical power, “S“=switching element, “L“=electrical load, and “G“=ground. The “H“ pattern usually has the highest incidence of problems due primarily to the higher number of power sources, returns,
17、 loads, and switches. The problems normally occur in the “H“ crossbar, which includes L3, S3, and S4. This can result in power reversals, ground reversals and current reversals. As the analyst examines each node in the network tree, the analyst must identify which pattern or patterns that node is pa
18、rt of and apply the basic clues that have been found to typlify sneak circuits involving that particular pattern.Provided by IHSNot for ResaleNo reproduction or networking permitted without license from IHS-,-,-refer to D descriptionD Associated with each pattern is a list of clues to help the analy
19、st identify sneak circuit conditions. The clues are questions that the analyst must ask about the circuit in question. The clue list becomes longer and more complicated with each successive topograph. The clue list for the “H“ patterns includes more than 60 clues. Almost half of the critical sneak c
20、ircuits can be attributed to the “H“ pattern so this pattern should be analyzed very carefully. (Depending upon contract provisions, the developed clues may be proprietary to the performing contractor.)Sneak conditions are classified into four basic types:1. Sneak paths - which cause current to flow
21、 along an unexpected route.2. Sneak timing - which may cause or prevent the activation or inhibition of function at an unexpected time.3. Sneak indications - which may cause an ambiguous or false display of system operating conditions.4. Sneak labels - which may cause operator error through inapprop
22、riate control activation.When a suspect sneak condition is identified, the analyst should verify that the circuit is valid. The circuit should be checked against the latest drawings, revisions, as-built documentation and equipment; and operational information should be reviewed concerning the system
23、 in question. Upon verification of the sneak condition, a sneak circuit report should be written which includes the drawings, an explanation of the condition, system level impact, and a recommendation for correcting the sneak circuit. Software sneak analysis should be used to discover program logic
24、which causes one of the four sneak condition types.During the sneak circuit analysis, unnecessary or undesired conditions may be discovered. These conditions could be newly identified failure points, unsuppressed inductive loads, unnecessary components, unnecessary software codes and inadequate redu
25、ndancy provisions. These conditions should be documented in design concern reports. Any documentation discrepancies should be Provided by IHSNot for ResaleNo reproduction or networking permitted without license from IHS-,-,-reported in document error reports. A final sneak analysis report should be
26、written that details the scope, procedures, results and conclusions of the analysis. The final report should also include all sneak conditions, design concern reports, documentation error reports and report tracking status sheets.Technical Rationale:Sneak analysis is a reliability-enhancement method
27、 used to identify designed-in conditions that could introduce undesired events and inhibit desired system functions which could adversely affect crew safety or mission success. The sneak circuit analysis technique differs from other system analysis techniques in that it is based on identification of
28、 designed-in inadvertent modes of operation and is not based on failed equipment or software.References1. Buratti, Davey L. and Sylvia G. Godey: “Sneak Analysis Application Guidelines“, RADC-TR-82-179, Boeing Aerospace Company for Rome Air Development Center, Griffis AFB, NY 13 441, June, 1982.2. Hi
29、ll, E.J. and C. J. Bose: “Sneak Circuit Analysis of Military Systems“, Boeing Aerospace Company, Seattle, WA, 2nd AIAA International Systems Safety Conference, San Diego, CA, July 21-25, 1975, Proceedings, A77-16726- 31, Newport Beach, CA, System Safety Society, 1976, pgs. 351-372.3. Miller, Jeff: “
30、Integration of Sneak Analysis with Design“, RADC-TR-109, Vol. 1 of 2, Sohar Incorporated for Rome Air Development Center, Griffis AFB, NY 13441, June, 1990.4. Walker, Frank Ellis: “Sneak Circuit Analysis Automation“, Boeing Aerospace, Seattle, IEEE, 1989 Proceedings Annual Reliability and Maintainab
31、ility Symposium.5. Wilson, Joe L. and Robert C. Clardy: “Sneak Circuit Analysis Application to Control System Design“, The Boeing Company, Houston, TX, AGARD-AG-224, In AGARD Integrity of Electronic Flight Control Systems for Aircraft Reliability, April, 1977.6. Vogas, James L.: “Sneak Analysis of A
32、pplication Specific Integrated Circuits“, Boeing Aerospace Operation, Inc., Houston, TX, AIAA-92-0976, 1992 Aerospace Design Conference, Irvine, CA, February 1992.7. MIL-STD-785B: “Reliability Program for Systems and Equipment Development and Production“, Military Standard, September 15, 1980.8. NST
33、S 22254B: “Methodology for Conduct of Space Shuttle Program Hazard Analysis“, NASA, Johnson Space Center, Houston, TX 77058, December 30, 1993.Impact of Non-Practice: Sneak circuits that escape cursory design screening can result in schedule delays, damage to equipment during test, downtime during o
34、peration, increased cost, and possible loss of spacecraft or Provided by IHSNot for ResaleNo reproduction or networking permitted without license from IHS-,-,-crew. Too-late implementation of a sneak analysis can result in high project costs due to redesign and redevelopment efforts.Related Practices: N/AAdditional Info: Approval Info: a71 Approval Date: 2000-04-04a71 Approval Name: Eric Raynora71 Approval Organization: QSa71 Approval Phone Number: 202-358-4738Provided by IHSNot for ResaleNo reproduction or networking permitted without license from IHS-,-,-
