Thoughts on Possible Reliability Work for TESLA

Transcription

1 DESY, 27 april 2004 Thoughts on Possible Reliability Work for TESLA Paolo Pierini, Daniele Sertore LASA

2 A few of the standard RAMS analyses: Parts Count Everything in series with its own MTBF (truly pessimistic) FMEA Failure Mode and Effect (Criticality) Analysis List all parts (get organized!) Think about main (or all) failure modes of the part and about their consequences on the system (do they lead to complete system faults or to reduced performances?) Bottom-up practice FAULT TREE Analysis Can be built from a FMEA, highlighting all the components that lead to certain system failure modes RBD Analysis Top-down practice Functional or logical scheme with explicit serial/parallel/connections of a given system state 27 april 2004 PP&DS 2

3 Figures of merit Goal is System Availability If much more effort is not dedicated to fault tolerance & redundancy the Reliability cannot be at this stage a relevant figure of merit R is Nearly identical to zero for a series connection of so many objects Component in series R = R 1 * R 2 * * R n Is the series connection true for all components? surely not! Components that do not lead to system faults should not be put in series for R/A modeling! Rough FMEA can be useful to prepare RBD models that exclude components that do not lead to system faults System Failure Modes leading to different RBDs No Beam in IP (simple, just no beam) Reduced luminosity operation (needs beam physics considerations) 27 april 2004 PP&DS 3

4 Input Data/1 Database of components is one of the weak points, as mentioned by the US group Need organization in a formal database for cross checks But more important to component data is the connection that is used to calculate its influence in the system Series, parallel, k out of n, bridge schemes, hot/warm parallelism, taking into account switching mechanisms, common cause failures All this can hide the influence/relevance of the component data RAMS methodologies and software packages can deal with many subtleties concerning these issues 27 april 2004 PP&DS 4

5 Input Data/2 Also, the role of component MTTR can be mistaken MTTR is not only the time to repair but: Time to identify the fault Time to prepare the system for access to the component (do we need to enter the tunnel? Warm up part of the linac?) Time to repair the component itself Time to prepare the system back for operation (tunnel search, cooldown if needed ) Time to restore nominal conditions In this context again the bare component MTTR can be of no influence to the time to recover from a system fault Standard industrial reliability software is well suited for this analysis Breakdown of maintenance tasks/subtasks, with resource allocation, and identifications of MTTR contribution (isolation, preparation, fix, retune, etc ) 27 april 2004 PP&DS 5

6 RAMS Tools are very flexible System Tree allowing linking to FMEA/RBD, automatic FT handling and maintenance calculations User defined Databases of components and failure modes based on component category, (here a very simple example) Nice reporting 27 april 2004 PP&DS 6

7 Analysis/Maintenance allocation Analysis of MTTR, with subtasks definitions to account for impact of system layout and manpower Staging repair actions to determine MTTR Link to parts DB RBD analysis 27 april 2004 PP&DS 7

8 Question/1 Do we accelerator physicists want to build our own reliability analysis tool? Can t we tweak in our expertise and use these (ISO9001 certified ) powerful software tools? Also, availability of expert advice through the distributors of the software tools, which are often RAMS consulting firms Also, there are a few design optimization tools that can evaluate impact of degraded components on operating parameters of the systems In our words, we have a way to input effect of component failure or degradation into physical parameters of a LC E.g. luminosity coefficients, etc! Other things like energy overhead, may be directly translated in standard reliability provisions (k out of n, load analysis ) 27 april 2004 PP&DS 8

9 Question/2 By using a RMAS tool, we can concentrate on the analysis of design choices and MTBF/MTTR data validation, we would not have to validate the tool! Useful as a validating and parallel activity w.r.t US study Sophisticated maintenance scheduling and provisions can be dealt in the existing codes Think about ways to insert role of diagnostics and control system procedures! But still, even using esisting tools, a system tree needs to be built, failure modes need to be identified, the component model needs to be set, the repair tasks described, the machine zones should be defined along with their maintenance provisions, etc. Rather big work, needs organization 27 april 2004 PP&DS 9

10 Appendix: RAMS in Industry RAMS (Reliability, Availability, Maintenance and Safety) tools are already a standard practice in many industrial fields since the many decades automotive aerospace nuclear electronics/telecom military... Formal methodologies started in the 60s (FMEA/FT), after reliability growth in the 50s driven by electronics components RAMS integrated at a large scale in the industrial production in the 90s 27 april 2004 PP&DS 10

11 Appendix: Lifecycle of a product The life cycle of programmes and products is followed with formal methodologies and ISO-9001 certified software tools, following several standardized procedures for reliability analysis for each stage: Conceptual Feasibility Starts with the definition of the System Mission RAMS objectives for the SM Technical Definition Layout of the technical specifications of system and components Failure and Risk identification RAMS predictions, iteration of system/component design, design optimization for RAMS Production Task organization Assurance of RAMS characteristics Operation Assess achievement of RAMS objectives 27 april 2004 PP&DS 11

12 Appendix: a few RAMS Tools Distributed both in D & I by RAMS consultants Optimization module Single environment for analysis Highly customizable Large industrial case (see site) Distributed in the UK Single environment for analysis Customizable 27 april 2004 PP&DS 12

13 Raptor Only RBD, Costing, Sensitivity analysis Aereonatics, Defense More can be found Reliability Workbench Complete package UK distributor ( ) 27 april 2004 PP&DS 13