emc for functional safety - ieeeewh.ieee.org/r6/ocs/pses/emcforfunctionalsafety.pdf · examples...
TRANSCRIPT
![Page 1: EMC For Functional Safety - IEEEewh.ieee.org/r6/ocs/pses/EMCForFunctionalSafety.pdf · Examples zFunctional EMC is a system issue and cannot be fashioned by simply combining the reliable](https://reader030.vdocuments.us/reader030/viewer/2022041000/5ea0bb0ab41a842b8855fdc2/html5/thumbnails/1.jpg)
1
EMC For Functional Safety
Ed NakauchiConsultantEmulex Corporation
![Page 2: EMC For Functional Safety - IEEEewh.ieee.org/r6/ocs/pses/EMCForFunctionalSafety.pdf · Examples zFunctional EMC is a system issue and cannot be fashioned by simply combining the reliable](https://reader030.vdocuments.us/reader030/viewer/2022041000/5ea0bb0ab41a842b8855fdc2/html5/thumbnails/2.jpg)
2
What is “Functional Safety”
The correct functioning of an electrical or electronic technology device that provides one or more functions having a direct impact on safetyErrors or malfunctions could have implications for safety where appropriate EMC engineering is required to control safety risksAll electrical or electronic technology devices are prone to errors or malfunctions due to EMI
![Page 3: EMC For Functional Safety - IEEEewh.ieee.org/r6/ocs/pses/EMCForFunctionalSafety.pdf · Examples zFunctional EMC is a system issue and cannot be fashioned by simply combining the reliable](https://reader030.vdocuments.us/reader030/viewer/2022041000/5ea0bb0ab41a842b8855fdc2/html5/thumbnails/3.jpg)
3
Why is “Functional Safety” Needed
Electrical/Electronic devices are increasingly being used in applications where reliable functionality is requiredAt the same time, the electromagnetic environment is increasing to higher levels of ambient noise
![Page 4: EMC For Functional Safety - IEEEewh.ieee.org/r6/ocs/pses/EMCForFunctionalSafety.pdf · Examples zFunctional EMC is a system issue and cannot be fashioned by simply combining the reliable](https://reader030.vdocuments.us/reader030/viewer/2022041000/5ea0bb0ab41a842b8855fdc2/html5/thumbnails/4.jpg)
4
Functional Safety
EMI is controlled by the EMC Directive– Does not address safety– EMC engineers generally do not have a detailed
knowledge of safetyLow Voltage Directive do not address EMC very well if at all– Safety engineers generally do not have a detailed
knowledge of EMC
![Page 5: EMC For Functional Safety - IEEEewh.ieee.org/r6/ocs/pses/EMCForFunctionalSafety.pdf · Examples zFunctional EMC is a system issue and cannot be fashioned by simply combining the reliable](https://reader030.vdocuments.us/reader030/viewer/2022041000/5ea0bb0ab41a842b8855fdc2/html5/thumbnails/5.jpg)
5
Standards
There are no EMC standards that are suited for achieving functional safetyThere are no safety standards that are suited for EMC functional safetyIEC 61508
– Covers EMI functional safety, but offers no specifics– Is not a listed under any EU directive– IEC 61511 / IEC 62061
IEC TS 61000-1-2– Offers practical recommendations
![Page 6: EMC For Functional Safety - IEEEewh.ieee.org/r6/ocs/pses/EMCForFunctionalSafety.pdf · Examples zFunctional EMC is a system issue and cannot be fashioned by simply combining the reliable](https://reader030.vdocuments.us/reader030/viewer/2022041000/5ea0bb0ab41a842b8855fdc2/html5/thumbnails/6.jpg)
6
Shortcomings of Existing Immunity
Faults and misuse are not addressedReal environments are not addressedNo EMI risk assessment is donePhysical environment is not consideredComplex interactions are not consideredShortcomings of “Performance Criteria”Process applies to entire lifecycle
![Page 7: EMC For Functional Safety - IEEEewh.ieee.org/r6/ocs/pses/EMCForFunctionalSafety.pdf · Examples zFunctional EMC is a system issue and cannot be fashioned by simply combining the reliable](https://reader030.vdocuments.us/reader030/viewer/2022041000/5ea0bb0ab41a842b8855fdc2/html5/thumbnails/7.jpg)
7
Examples
Functional EMC is a system issue and cannot be fashioned by simply combining the reliable items– Example
Closed loop speed sensor– Analog sensor with a magnetic coil sensing a magnetic– Comparator to convert “analog” to digital– Microprocessor to control speed– For high speed, higher rates of pulses and less impact from
noise– For low speed, lower rate of pulses and more impact from
noise– Unreliability could be very high at low speeds
Pacemaker
![Page 8: EMC For Functional Safety - IEEEewh.ieee.org/r6/ocs/pses/EMCForFunctionalSafety.pdf · Examples zFunctional EMC is a system issue and cannot be fashioned by simply combining the reliable](https://reader030.vdocuments.us/reader030/viewer/2022041000/5ea0bb0ab41a842b8855fdc2/html5/thumbnails/8.jpg)
8
Examples
– Example of environment changeIn the 1990’s analog cellphones were being replaced by digital cellphones. The digital cellphones operated at the same carrier frequency (around 900 MHz) as the analog cellphone, and operated at about the same power level. However, where the analog cellphones did not cause interference to hearing aids, the digital ones did. The difference, and what caused the interference, was the change to digital modulation.
![Page 9: EMC For Functional Safety - IEEEewh.ieee.org/r6/ocs/pses/EMCForFunctionalSafety.pdf · Examples zFunctional EMC is a system issue and cannot be fashioned by simply combining the reliable](https://reader030.vdocuments.us/reader030/viewer/2022041000/5ea0bb0ab41a842b8855fdc2/html5/thumbnails/9.jpg)
9
The Consultant’s Oath
If you’re not a part of the solution, there’s good money to be made in
prolonging the problem.
![Page 10: EMC For Functional Safety - IEEEewh.ieee.org/r6/ocs/pses/EMCForFunctionalSafety.pdf · Examples zFunctional EMC is a system issue and cannot be fashioned by simply combining the reliable](https://reader030.vdocuments.us/reader030/viewer/2022041000/5ea0bb0ab41a842b8855fdc2/html5/thumbnails/10.jpg)
10
EMC Functional Safety Process
Planning– Management Responsibilities
ProceduresDepartment interfaces and responsibilitiesAuthoritySupplier responsibilitiesBudget and schedule
– Develop an EMC Safety PlanLocation / environment / lifecycleWhat standards or specificationsDesign guides / training / consulting / testing / documentation
![Page 11: EMC For Functional Safety - IEEEewh.ieee.org/r6/ocs/pses/EMCForFunctionalSafety.pdf · Examples zFunctional EMC is a system issue and cannot be fashioned by simply combining the reliable](https://reader030.vdocuments.us/reader030/viewer/2022041000/5ea0bb0ab41a842b8855fdc2/html5/thumbnails/11.jpg)
11
Step 1: Determine the environment
Determine the worst-case electromagnetic environment that the device could reasonably be exposed to over its expected lifecycle– Mobile and portable devices– Future technology trends– Take into account “uncertainties”– EM threats caused by foreseeable misuse– Simultaneous threats– Effects of transport and storage– Use of existing IEC standards (61000-2-5)– If unknown, then make an “educated” guess
![Page 12: EMC For Functional Safety - IEEEewh.ieee.org/r6/ocs/pses/EMCForFunctionalSafety.pdf · Examples zFunctional EMC is a system issue and cannot be fashioned by simply combining the reliable](https://reader030.vdocuments.us/reader030/viewer/2022041000/5ea0bb0ab41a842b8855fdc2/html5/thumbnails/12.jpg)
12
Step 1: Determine the environment (cont)
– Physical environmentCould affect filtering, shielding, etc.Liquids, molding, sand, dust, cleaningMaintenance
– Opening / closing panels and doors– Extended operations of controls
– Perform a site survey
![Page 13: EMC For Functional Safety - IEEEewh.ieee.org/r6/ocs/pses/EMCForFunctionalSafety.pdf · Examples zFunctional EMC is a system issue and cannot be fashioned by simply combining the reliable](https://reader030.vdocuments.us/reader030/viewer/2022041000/5ea0bb0ab41a842b8855fdc2/html5/thumbnails/13.jpg)
13
Step 2: Determine intrasystem environment
Determine the worst-case electromagnetic environment that the device could reasonably be exposed from other parts of itself– Drifting of parameters– Aging of components or materials– Effect of external environment such as vibration,
temperature, humidity, etc.– Corrosion– Take into account “uncertainties”– Effects of transport and storage
![Page 14: EMC For Functional Safety - IEEEewh.ieee.org/r6/ocs/pses/EMCForFunctionalSafety.pdf · Examples zFunctional EMC is a system issue and cannot be fashioned by simply combining the reliable](https://reader030.vdocuments.us/reader030/viewer/2022041000/5ea0bb0ab41a842b8855fdc2/html5/thumbnails/14.jpg)
14
Step 3: Specify EM vs functional performance
Hazard identificationUncertaintiesRisk Analysis = Severity * Probability– Initial / Final– FMEA (MIL-STD-1629)– Criticality Analysis (FMECA)– MIL-HDBK-217 Reliability Standard– Event Tree– Fault Tree – Worst-case Analysis
![Page 15: EMC For Functional Safety - IEEEewh.ieee.org/r6/ocs/pses/EMCForFunctionalSafety.pdf · Examples zFunctional EMC is a system issue and cannot be fashioned by simply combining the reliable](https://reader030.vdocuments.us/reader030/viewer/2022041000/5ea0bb0ab41a842b8855fdc2/html5/thumbnails/15.jpg)
15
Step 4: Study and Design
Designing the device to achieve the required level of safety risk or risk reduction– Chose suitable hardware and software– Communication techniques
Detection techniquesCorrection techniquesOptical
– Use of appropriate design guides and techniquesShielding / separationFilteringPCB designPower distributionSimulation tools
![Page 16: EMC For Functional Safety - IEEEewh.ieee.org/r6/ocs/pses/EMCForFunctionalSafety.pdf · Examples zFunctional EMC is a system issue and cannot be fashioned by simply combining the reliable](https://reader030.vdocuments.us/reader030/viewer/2022041000/5ea0bb0ab41a842b8855fdc2/html5/thumbnails/16.jpg)
16
Step 4: Study and Design (cont.)
– Use of appropriate design guides and techniquesPhysical techniques (e.g. ventilation, sealing, vibration, thermal, oxidation, etc.)Safety engineering techniques
– Fuses– Effects of component short/open– Overvoltage / overcurrent protection
Control of suppliers and subcontractorsEnsure correct operation, maintenance, repair, and refurbishmentGood instructions
![Page 17: EMC For Functional Safety - IEEEewh.ieee.org/r6/ocs/pses/EMCForFunctionalSafety.pdf · Examples zFunctional EMC is a system issue and cannot be fashioned by simply combining the reliable](https://reader030.vdocuments.us/reader030/viewer/2022041000/5ea0bb0ab41a842b8855fdc2/html5/thumbnails/17.jpg)
17
Step 4: Study and Design (cont.)
– Overcome lack of useful product dataProtective enclosure Clever designAdditional product testingUse a custom product
![Page 18: EMC For Functional Safety - IEEEewh.ieee.org/r6/ocs/pses/EMCForFunctionalSafety.pdf · Examples zFunctional EMC is a system issue and cannot be fashioned by simply combining the reliable](https://reader030.vdocuments.us/reader030/viewer/2022041000/5ea0bb0ab41a842b8855fdc2/html5/thumbnails/18.jpg)
18
Step 4: Study and Design (cont.)
This is an iterative process since any new design or marketing changes should be re-assessed (i.e. it’s a living document)Do not consider only single fault– 10 independent faults that each occurs every 100
years for a particular hazard, so this hazard could occur in 10 years – may still unacceptable!
![Page 19: EMC For Functional Safety - IEEEewh.ieee.org/r6/ocs/pses/EMCForFunctionalSafety.pdf · Examples zFunctional EMC is a system issue and cannot be fashioned by simply combining the reliable](https://reader030.vdocuments.us/reader030/viewer/2022041000/5ea0bb0ab41a842b8855fdc2/html5/thumbnails/19.jpg)
19
Step 5: Create a Verification/Validation Plan
EMC TestingExpert Review– Checklists– Inspections– Reviews– Audits
Non-standardized testingModelling / analysisHALT / HAAS
![Page 20: EMC For Functional Safety - IEEEewh.ieee.org/r6/ocs/pses/EMCForFunctionalSafety.pdf · Examples zFunctional EMC is a system issue and cannot be fashioned by simply combining the reliable](https://reader030.vdocuments.us/reader030/viewer/2022041000/5ea0bb0ab41a842b8855fdc2/html5/thumbnails/20.jpg)
20
![Page 21: EMC For Functional Safety - IEEEewh.ieee.org/r6/ocs/pses/EMCForFunctionalSafety.pdf · Examples zFunctional EMC is a system issue and cannot be fashioned by simply combining the reliable](https://reader030.vdocuments.us/reader030/viewer/2022041000/5ea0bb0ab41a842b8855fdc2/html5/thumbnails/21.jpg)
21
![Page 22: EMC For Functional Safety - IEEEewh.ieee.org/r6/ocs/pses/EMCForFunctionalSafety.pdf · Examples zFunctional EMC is a system issue and cannot be fashioned by simply combining the reliable](https://reader030.vdocuments.us/reader030/viewer/2022041000/5ea0bb0ab41a842b8855fdc2/html5/thumbnails/22.jpg)
22
![Page 23: EMC For Functional Safety - IEEEewh.ieee.org/r6/ocs/pses/EMCForFunctionalSafety.pdf · Examples zFunctional EMC is a system issue and cannot be fashioned by simply combining the reliable](https://reader030.vdocuments.us/reader030/viewer/2022041000/5ea0bb0ab41a842b8855fdc2/html5/thumbnails/23.jpg)
23
![Page 24: EMC For Functional Safety - IEEEewh.ieee.org/r6/ocs/pses/EMCForFunctionalSafety.pdf · Examples zFunctional EMC is a system issue and cannot be fashioned by simply combining the reliable](https://reader030.vdocuments.us/reader030/viewer/2022041000/5ea0bb0ab41a842b8855fdc2/html5/thumbnails/24.jpg)
24
![Page 25: EMC For Functional Safety - IEEEewh.ieee.org/r6/ocs/pses/EMCForFunctionalSafety.pdf · Examples zFunctional EMC is a system issue and cannot be fashioned by simply combining the reliable](https://reader030.vdocuments.us/reader030/viewer/2022041000/5ea0bb0ab41a842b8855fdc2/html5/thumbnails/25.jpg)
25
![Page 26: EMC For Functional Safety - IEEEewh.ieee.org/r6/ocs/pses/EMCForFunctionalSafety.pdf · Examples zFunctional EMC is a system issue and cannot be fashioned by simply combining the reliable](https://reader030.vdocuments.us/reader030/viewer/2022041000/5ea0bb0ab41a842b8855fdc2/html5/thumbnails/26.jpg)
26
Conclusion
Functional safety requires much more than simply asking a test laboratory to perform some standardized testsAchieve a required level of confidence in functional safety performance over the anticipated lifetime