Know Your Safety Application Notes—Part 3: Pin FMEA

×

Figure 1

   

摘要

This article aims to provide insights into the importance of an IC’s pin failure mode and effects analysis (FMEA), as found in Analog Devices’ safety application notes, to comply with functional safety standards such as IEC 61508 and ISO 13849. Such standards have normative and informative sections regarding failures to be assumed for integrated circuits (ICs) and printed circuit boards (PCBs) when system integrators are doing their technical safety analysis.

Introduction

This article is the last part in a series discussing how Analog Devices’ safety application notes provide critical information needed for technical safety analysis by system integrators designing safety related systems (SRS). Part 1 showed how such application notes contain an IC’s failure rate based on Arrhenius high temperature operating life (HTOL), SN 29500, and IEC 62380, while Part 2 showed how relevant failure modes can be captured in a failure mode distribution (FMD).

This final part of the series aims to provide insights into the importance of knowing an IC’s pin failure mode and effects analysis (FMEA) when designing a safety-related system and how such pin FMEA information is available in ADI’s safety application notes.

What Is a Pin FMEA?

A pin FMEA is a type of FMEA focusing on the analysis of potential failure modes of an IC package and their effects on the system function. This can be used along with the package failure rate calculated, for example, via IEC 62380, to determine the failure rate distribution of the IC. This can be seen in Figure 1. The failure rate allocation can then be classified into either safe, dangerous, no-effect, or no-part. Such failure rate identification is essential to derive the safe failure fraction (SFF) and the probability of dangerous failure of the SRS.

This IC’s pin FMEA is another piece of safety information already provided by ADI’s safety application notes to help system integrators in their technical safety analysis. Figure 2 shows the pin FMEA of the LTC2933, which can be found in its safety application note. With such an application note, one will know whether a pin fault will cause damage or just operational issues to the system.

What Does IEC 61508 Say?

Table A.1 of the basic functional safety (FS) standard² shows the failures to be assumed when quantifying the effect of random hardware failures or to be considered to derive the SFF. Notably, to assume the DC fault model, failure modes such as stuck-at faults, stuck-open, open or high impedance outputs, short circuits between signal lines, and for ICs, short circuits between any two connections (pins) need to be considered.

A pin FMEA shows these assumed failures: stuck-at faults (short-to-supply and short-to-ground), open or high impedance, and short circuit between any two adjacent connections (short-to-adjacent pin).

What Do Other Standards Say?

Compliance with functional safety often requires compliance with more than one standard. Aside from IEC 61508, system integrators designing an SRS also comply with other standards applicable to them. This may be due to national law, national directive, sector-specific, product-specific, or application-specific standard. Often, standards have their own set of normative (required) and informative (not required) sections.

An example of an informative requirement found in ISO 13849-2 Annex D regards the failures to be assumed for different components. Table 1 shows this, indicating the assumed failures for programmable and/or complex ICs, while nonprogrammable or noncomplex ICs do not consider the first and last assumed failures. System integrators can utilize this if they’re the ones doing the analysis for the IC to derive the FMD. Otherwise, they can utilize what the component manufacturer provides, such as in ADI’s safety application notes, as discussed in Part 1 and Part 2 of this series.

Table 1. Faults for Programmable and/or Complex ICs³

Printed circuit boards (PCBs) are also included in the technical safety analysis. ISO 13849-2:2012 has recommended fault (failure modes) and fault exclusions for PCBs wherein recommended assumed failure modes are allowed to be excluded if certain design considerations were made—for instance, those found in the Remarks column in Table 2.

Table 2. Faults for PCBs³

With these assumed failures for PCBs, especially with the components mounted to them, system integrators will need information on the effect of such PCB failures on the IC operation, which may affect the safety function. Note that short circuits between two adjacent tracks/pads can manifest as a form of short circuit between a pin and the supply, a pin and ground, and neighboring pins while open tracks can translate to an open circuit for an IC—all of which are considered in the pin FMEA found in ADI’s safety application notes, which is readily accessible for system integrators in an FS-enabled part’s webpage.

Conclusion

This series has primarily provided guidance regarding the use of information embedded in ADI’s safety application notes. The first two parts discussed failure rates and failure mode distributions. Meanwhile, this final part discussed pin FMEA in the context of the IEC 61508 and ISO 13849. Furthermore, this series raised awareness on such application notes’ existence with ADI components, especially those tagged as FS-enabled parts—standard ICs that, despite not being developed to a functional safety standard, can still be used in safety-critical applications.

References

¹ “ISO 26262. Road Vehicles—Functional Safety, Part 11: Guidelines on Application of ISO 26262 to Semiconductors.” International Organization for Standardization, 2018.

² “IEC 61508. All Parts. Functional Safety of Electrical/Electronic/Programmable Electronic Safety-Related Systems.” International Electrotechnical Commission, 2010.

³ “ISO 13849. Safety of Machinery—Safety-Related Parts of Control Systems, Part 2: Validation.” International Organization for Standardization, 2012.

关于作者