Parts, Materials, and Processes Experience Summary

The ALERT program, a system for communicating common problems with parts, materials, and processes, is condensed and catalogued. Expanded information on selected topics is provided by relating the problem area (failure) to the cause, the investigations and findings, the suggestions for avoidance (inspections, screening tests, proper part applications), and failure analysis procedures. The basic objective of ALERT is the avoidance of the recurrence of parts, materials, and processed problems, thus improving the reliability of equipment produced for and used by the government

Lecture Script: "EMI Risk Management"

Content of the lecture: Fundamentals and methods of risk analysis; Basic design and technology of IEMI sources (e.g., VIRCATOR, Magnetron, Klystron, …); Modelling of IEMI threat scenarios; EMI effects on electric systems; Protective measure; Discussion and assessment of the risk for critical infrastructures; Case studies on a generic infrastructur

Resilience of an embedded architecture using hardware redundancy

In the last decade the dominance of the general computing systems market has being replaced by embedded systems with billions of units manufactured every year. Embedded systems appear in contexts where continuous operation is of utmost importance and failure can be profound. Nowadays, radiation poses a serious threat to the reliable operation of safety-critical systems. Fault avoidance techniques, such as radiation hardening, have been commonly used in space applications. However, these components are expensive, lag behind commercial components with regards to performance and do not provide 100% fault elimination. Without fault tolerant mechanisms, many of these faults can become errors at the application or system level, which in turn, can result in catastrophic failures. In this work we study the concepts of fault tolerance and dependability and extend these concepts providing our own definition of resilience. We analyse the physics of radiation-induced faults, the damage mechanisms of particles and the process that leads to computing failures. We provide extensive taxonomies of 1) existing fault tolerant techniques and of 2) the effects of radiation in state-of-the-art electronics, analysing and comparing their characteristics. We propose a detailed model of faults and provide a classification of the different types of faults at various levels. We introduce an algorithm of fault tolerance and define the system states and actions necessary to implement it. We introduce novel hardware and system software techniques that provide a more efficient combination of reliability, performance and power consumption than existing techniques. We propose a new element of the system called syndrome that is the core of a resilient architecture whose software and hardware can adapt to reliable and unreliable environments. We implement a software simulator and disassembler and introduce a testing framework in combination with ERA’s assembler and commercial hardware simulators

Analysis of dynamic performance and robustness of silicon and SiC power electronics devices

The emergence of SiC power devices requires evaluation of benefits and issues of the technology in applications. This is important since SiC power devices are still not as mature as their silicon counterparts. This research, in its own capacity, highlights some of the major challenges and analyzes them through extensive experimental measurements which are performed in many different conditions seeking to emulate various applications scenarios. It is shown that fast SiC unipolar devices, inherently reduce the switching losses while maintain low conduction losses comparable with contemporary bipolar technologies. This translates into lower temperature excursions and an enhanced conversion efficiency. However, such high switching rates may trigger problems in the device utilizations. The switching rates influenced by the device input capacitance can cause significant ringing in the output, especially in SiC SBDs. Measurements show that switching rate of MOSFETs increases with increasing temperature in turn on and reduces in turn off. Hence, the peak voltage overshoot and oscillation severity of the SiC SBD increases with temperature during diode turn off. This temperature dependence reduces at the higher switching rates. So accurate analytical models are developed for predicting the switching energy in unipolar SiC SBDs and MOSFET pairs and bipolar silicon PiN and IGBT pairs. A key parameter for power devices is electrothermal robustness. SiC MOSFETs have already demonstrated such merits compared to silicon IGBTs, however not for MOSFET body diodes. This research has quantified this in comparison with the similarly rated contemporary device technologies like CoolMOS. In a power MOSFET, high switching rates coupled with the capacitance of drain and body causes a displacement current in the resistive path of P body, inducing a voltage on base of the parasitic NPN BJT which might forward bias it. This may lead to latch up and destruction if the thermal limits are surpassed. Hence, trade offs between switching energy and electrothermal robustness are explored for the silicon, SiC and superjunction power MOSFETs. Measurements show that performance of body diodes of SiC MOSFETs is the most efficient due to least reverse recovery. The minimum forward current for inducing dynamic latch up decreases with increasing voltage, switching rate and temperature for all technologies. The CoolMOS exhibited the largest latch up current followed by the SiC and silicon power MOSFETs. Another problem induced by high switching rates is the electrical coupling between complementing devices in the same phase leg which manifests as short circuits across the DC link voltage. This has been understood for silicon IGBTs with known corrective techniques, however it is seen that due to smaller Miller capacitance resulting from a smaller die area, the SiC module exhibits smaller shoot through currents in spite of higher switching rates and a lower threshold voltage. Measurements show that the shoot through current exhibits a positive temperature coefficient for both technologies the magnitude of which is higher for the silicon IGBT. The effectiveness of common techniques of mitigating shoot through is also evaluated, showing that solutions are less effective for SiC MOSFET because of the lower threshold voltages and smaller margins for a negative gate bias

Advances in simulated moving bed : new operating modes : new design methodologies and product (FlexSMB-LSRE) development

Tese de doutoramento. Engenharia Química e Biológica. Faculdade de Engenharia. Universidade do Porto. 200

Toward Biologically-Inspired Self-Healing, Resilient Architectures for Digital Instrumentation and Control Systems and Embedded Devices

Digital Instrumentation and Control (I&C) systems in safety-related applications of next generation industrial automation systems require high levels of resilience against different fault classes. One of the more essential concepts for achieving this goal is the notion of resilient and survivable digital I&C systems. In recent years, self-healing concepts based on biological physiology have received attention for the design of robust digital systems. However, many of these approaches have not been architected from the outset with safety in mind, nor have they been targeted for the automation community where a significant need exists. This dissertation presents a new self-healing digital I&C architecture called BioSymPLe, inspired from the way nature responds, defends and heals: the stem cells in the immune system of living organisms, the life cycle of the living cell, and the pathway from Deoxyribonucleic acid (DNA) to protein. The BioSymPLe architecture is integrating biological concepts, fault tolerance techniques, and operational schematics for the international standard IEC 61131-3 to facilitate adoption in the automation industry. BioSymPLe is organized into three hierarchical levels: the local function migration layer from the top side, the critical service layer in the middle, and the global function migration layer from the bottom side. The local layer is used to monitor the correct execution of functions at the cellular level and to activate healing mechanisms at the critical service level. The critical layer is allocating a group of functional B cells which represent the building block that executes the intended functionality of critical application based on the expression for DNA genetic codes stored inside each cell. The global layer uses a concept of embryonic stem cells by differentiating these type of cells to repair the faulty T cells and supervising all repair mechanisms. Finally, two industrial applications have been mapped on the proposed architecture, which are capable of tolerating a significant number of faults (transient, permanent, and hardware common cause failures CCFs) that can stem from environmental disturbances and we believe the nexus of its concepts can positively impact the next generation of critical systems in the automation industry

Intelligent Economic Alarm Processor (IEAP)

The advent of electricity market deregulation has placed great emphasis on the availability of information, the analysis of this information, and the subsequent decision-making to optimize system operation in a competitive environment. This creates a need for better ways of correlating the market activity with the physical grid operating states in real time and sharing such information among market participants. Choices of command and control actions may result in different financial consequences for market participants and severely impact their profits. This work provides a solution, the Intelligent Economic Alarm Processor to be implemented in a control center to assist the grid operator in rapidly identifying the faulted sections and market operation management. The task of fault section estimation is difficult when multiple faults, failures of protection devices, and false data are involved. A Fuzzy Reasoning Petri-nets approach has been proposed to tackle the complexities. In this approach, the fuzzy reasoning starting from protection system status data and ending with estimation of faulted power system section is formulated by Petri-nets. The reasoning process is implemented by matrix operations. Next, in order to better feed the FRPN model with more accurate inputs, the failure rates of the protections devices are analyzed. A new approach to assess the circuit breaker’s life cycle or deterioration stages using its control circuit data is introduced. Unlike the traditional “mean time” criteria, the deterioration stages have been mathematically defined by setting up the limits of various performance indices. The model can be automatically updated as the new real-time condition-based data become available to assess the CB’s operation performance using probability distributions. The economic alarm processor module is discussed in the end. This processor firstly analyzes the fault severity based on the information retrieved from the fault section estimation module, and gives the changes in the LMPs, total generation cost, congestion revenue etc. with electricity market schedules and trends. Then some suggested restorative actions are given to optimize the overall system benefit. When market participants receive such information in advance, they make estimation about the system operator's restorative action and their competitors' reaction to it

Solar dynamic power system development for Space Station Freedom

The development of a solar dynamic electric power generation system as part of the Space Station Freedom Program is documented. The solar dynamic power system includes a solar concentrator, which collects sunlight; a receiver, which accepts and stores the concentrated solar energy and transfers this energy to a gas; a Brayton turbine, alternator, and compressor unit, which generates electric power; and a radiator, which rejects waste heat. Solar dynamic systems have greater efficiency and lower maintenance costs than photovoltaic systems and are being considered for future growth of Space Station Freedom. Solar dynamic development managed by the NASA Lewis Research Center from 1986 to Feb. 1991 is covered. It summarizes technology and hardware development, describes 'lessons learned', and, through an extensive bibliography, serves as a source list of documents that provide details of the design and analytic results achieved. It was prepared by the staff of the Solar Dynamic Power System Branch at the NASA Lewis Research Center in Cleveland, Ohio. The report includes results from the prime contractor as well as from in-house efforts, university grants, and other contracts. Also included are the writers' opinions on the best way to proceed technically and programmatically with solar dynamic efforts in the future, on the basis of their experiences in this program

The design and intelligent control of an autonomous mobile robot

This thesis presents an investigation into the problems of exploration, map building and collision free navigation for intelligent autonomous mobile robots. The project began with an extensive review of currently available literature in the field of mobile robot research, which included intelligent control techniques and their application. It became clear that there was scope for further development with regard to map building and exploration in new and unstructured environments. Animals have an innate propensity to exhibit such abilities, and so the analogous use of artificial neural networks instead of actual neural systems was examined for use as a method of robot mapping. A simulated behaviour based mobile robot was used in conjunction with a growing cell structure neural network to map out new environments. When using the direct application of this algorithm, topological irregularities were observed to be the direct result of correlations within the input data stream. A modification to this basic system was shown to correct the problem, but further developments would be required to produce a generic solution. The mapping algorithms gained through this approach, although more similar to biological systems, are computationally inefficient in comparison to the methods which were subsequently developed. A novel mapping method was proposed based on the robot creating new location vectors, or nodes, when it exceeded a distance threshold from its mapped area. Network parameters were developed to monitor the state of growth of the network and aid the robot search process. In simulation, the combination of the novel mapping and search process were shown to be able to construct maps which could be subsequently used for collision free navigation. To develop greater insights into the control problem and to validate the simulation work the control structures were ported to a prototype mobile robot. The mobile robot was of circular construction, with a synchro-drive wheel configuration, and was equipped with eight ultrasonic distance sensors and an odometric positioning system. It was self-sufficient, incorporating all its power and computational resources. The experiments observed the effects of odometric drift and demonstrated methods of re-correction which were shown to be effective. Both the novel mapping method, and a new algorithm based on an exhaustive mesh search, were shown to be able to explore different environments and subsequently achieve collision free navigation. This was shown in all cases by monitoring the estimates in the positional error which remained within fixed bounds