Reliability Criteria? Design goals? Strength specification?

Hardware inside and outside of the ECU
Post Reply
User avatar
AndreyB
Site Admin
Posts: 14292
Joined: Wed Aug 28, 2013 1:28 am
Location: Jersey City
Github Username: rusefillc
Slack: Andrey B

Reliability Criteria? Design goals? Strength specification?

Post by AndreyB »

In light of https://github.com/andreika-git/hellen-one/issues/119 I think a Reliability Criteria? Design goals? Strength specification? document. What shall we call it?

Sounds like it should cover
temperature
load dump
surge
continues to +12
dead short
?

Sounds like there some of
aec-q200
AEC - Q101

CISPR12
CISPR25
ISO7637
ISO 11451
ISO 11452
JEDEC
JESD22-A102

could be relevant?

So. how do we not reinvent the bicycle? What is the proper name for the document I am looking to write for each of the specific rusEFI ECUs and what kind of standard test dictionary can we rely on?
Very limited telepathic abilities - please post logs & tunes where appropriate - http://rusefi.com/s/questions

Always looking for C/C++/Java/PHP developers! Please help us see https://rusefi.com/s/howtocontribute
User avatar
AndreyB
Site Admin
Posts: 14292
Joined: Wed Aug 28, 2013 1:28 am
Location: Jersey City
Github Username: rusefillc
Slack: Andrey B

Re: Reliability Criteria? Design goals? Strength specification?

Post by AndreyB »

Very limited telepathic abilities - please post logs & tunes where appropriate - http://rusefi.com/s/questions

Always looking for C/C++/Java/PHP developers! Please help us see https://rusefi.com/s/howtocontribute
ssmith
Posts: 92
Joined: Sun Oct 17, 2021 10:21 pm

Re: Reliability Criteria? Design goals? Strength specification?

Post by ssmith »

I think things like AEC-Qxxx are good for component selection, i.e. which ones are designed for temperature/vibration environment that a car is subjected to.

Separately, it is probably worth deciding what user-errors you want to tolerate. This is more important with wire-in ECU than plug-in ECU, as you'll be subject to more user errors with wire-in ECUs.

If it's easy, try to make inputs ok with shorts from 0-12V. I think RusEFI already handles that.
For user 5V output, you could polyfuse it, but the voltage drop is probably enough to cause calibration errors. You could sample the 5v on the other side of the fuse and scale results accordingly. In my boost controller I tried using an AP22652, though I doubt it could handle the heat from a constant short. The AP22652A probably would have been a better choice as it shuts off rather than acts as constant current. There are probably better bigger choices out there. Maybe try investigating USB host power ICs.

For protecting outputs shorted to 12V, there are smart low side switches; I think Hellen uses them for injector outputs, but they're pretty big (6-7mm x 6-7mm). I ended up using smaller mosfets with really low rdson and just hope for the best - BUK9M15-40H is about 3.5mm x 3.5mm with an Rds-on of 0.015 ohm or so with decent heat sinking, but it doesn't have any protection.
User avatar
AndreyB
Site Admin
Posts: 14292
Joined: Wed Aug 28, 2013 1:28 am
Location: Jersey City
Github Username: rusefillc
Slack: Andrey B

Re: Reliability Criteria? Design goals? Strength specification?

Post by AndreyB »

ssmith wrote:
Fri Dec 03, 2021 3:31 am
If it's easy, try to make inputs ok with shorts from 0-12V. I think RusEFI already handles that.
One step back :)

Q1: what do we call this document for each board?
Q2: is there a good template/example/else for such document so that we are not reinventing the wheel?

I am trying to reuse existing knowledge. We can spell all load dump tests ourselves but can we point at some XXX-YYY.ZZZ-WWW and reuse their test description?
Very limited telepathic abilities - please post logs & tunes where appropriate - http://rusefi.com/s/questions

Always looking for C/C++/Java/PHP developers! Please help us see https://rusefi.com/s/howtocontribute
mck1117
running engine in first post
running engine in first post
Posts: 1493
Joined: Mon Jan 30, 2017 2:05 am
Location: Seattle-ish

Re: Reliability Criteria? Design goals? Strength specification?

Post by mck1117 »

ISO 7637 is replaced by ISO 16750.

ISO 16750 has 5 sections:
-1: General
-2: Electrical
-3: Mechanical
-4: Climatic
-5: Chemical

We probably care the most about -2 for now. Parts of ISO 16750-2 we care about:
- Overvoltage (too much supply voltage, failed alternator regulator, jump start from 24v vehicle).
- Superimposed AC voltage on supply (failed alternator diode, etc).
- Discontinuities in supply voltage (fuse trips on another circuit, briefly drops supply voltage then it returns).
- Supply voltage profile for cranking (simulates low voltage drop on starter engage, then ripple as engine cranks, and return to nominal after start)
- Load dump! Everybody's favorite. (when the positive battery cable falls off and the alternator briefly overvolts the car)
- Reverse voltage
- Short circuit tests (short each relevant input/output of the DUT to ground and supply voltage for 60 seconds)
mck1117
running engine in first post
running engine in first post
Posts: 1493
Joined: Mon Jan 30, 2017 2:05 am
Location: Seattle-ish

Re: Reliability Criteria? Design goals? Strength specification?

Post by mck1117 »

A good way to enumerate this is a spreadsheet with a row for every pin, then a column for each scenario: open circuit, short to ground, short to 5v, short to 12v, etc.

In each cell goes the "functional status classification", as explained in 16750-1:

Class A: All functions perform as designed during and after the test.
Class B: All functions perform as designed, but some may go beyond the specified tolerance. Returns to normal after the test.
Class C: One or more functions do not perform as designed during the test, but return automatically to normal after the test.
Class D: One or more functions do not perform as designed during the test, but do not return to normal until the device is "reset" by "simple operator action" (fuse blows, for example)
Class E: One or more functions do not perform as designed during the test, and cannot be returned to proper operation without repair.

For example, the 5v sensor supply outputs on Hellen are currently class E for a short to ground or short to 12v.
mck1117
running engine in first post
running engine in first post
Posts: 1493
Joined: Mon Jan 30, 2017 2:05 am
Location: Seattle-ish

Re: Reliability Criteria? Design goals? Strength specification?

Post by mck1117 »

IMO, a very possible and admirable goal is for single pin to be at least class C for a short to ground or to +12v. ISO agrees with that goal in 16750-2 section 4.10.2.2.
User avatar
AndreyB
Site Admin
Posts: 14292
Joined: Wed Aug 28, 2013 1:28 am
Location: Jersey City
Github Username: rusefillc
Slack: Andrey B

Re: Reliability Criteria? Design goals? Strength specification?

Post by AndreyB »

Very limited telepathic abilities - please post logs & tunes where appropriate - http://rusefi.com/s/questions

Always looking for C/C++/Java/PHP developers! Please help us see https://rusefi.com/s/howtocontribute
User avatar
AndreyB
Site Admin
Posts: 14292
Joined: Wed Aug 28, 2013 1:28 am
Location: Jersey City
Github Username: rusefillc
Slack: Andrey B

Re: Reliability Criteria? Design goals? Strength specification?

Post by AndreyB »

Very limited telepathic abilities - please post logs & tunes where appropriate - http://rusefi.com/s/questions

Always looking for C/C++/Java/PHP developers! Please help us see https://rusefi.com/s/howtocontribute
mck1117
running engine in first post
running engine in first post
Posts: 1493
Joined: Mon Jan 30, 2017 2:05 am
Location: Seattle-ish

Re: Reliability Criteria? Design goals? Strength specification?

Post by mck1117 »

Some progress on an FMEA for Proteus: https://rusefi.com/forum/viewtopic.php?p=43446#p43446
image.png
image.png (33.61 KiB) Viewed 4682 times
Best I can tell this covers:
ISO 16750 4.3 - overvoltage
ISO 16750 4.7 - reversed voltage
ISO 16750 4.9 - open circuits
ISO 16750 4.10 - short circuit protection
mck1117
running engine in first post
running engine in first post
Posts: 1493
Joined: Mon Jan 30, 2017 2:05 am
Location: Seattle-ish

Re: Reliability Criteria? Design goals? Strength specification?

Post by mck1117 »

Other sections I think ordinary humans could reasonably test:

4.4 - superimposed alternating voltage: should be able to connect a function generator in series with a DC supply.
4.6.3 - starting profile - I've previously checked this one before by scoping the ignition voltage on an actual starting car, and it looks VERY similar to the spec'd curve, so we probably actually test this every time you start the car.
User avatar
AndreyB
Site Admin
Posts: 14292
Joined: Wed Aug 28, 2013 1:28 am
Location: Jersey City
Github Username: rusefillc
Slack: Andrey B

Re: Reliability Criteria? Design goals? Strength specification?

Post by AndreyB »

Stumbled over "Worst Case Circuit Analysis (WCCA)" term
Very limited telepathic abilities - please post logs & tunes where appropriate - http://rusefi.com/s/questions

Always looking for C/C++/Java/PHP developers! Please help us see https://rusefi.com/s/howtocontribute
Post Reply