high system reliability through design innovation

Tan Guan Hong

Senior Director, Smart Nation Systems and Solutions

Government Technology Agency of Singapore

High System Reliability

through Design Innovation18th IEEE High Assurance Systems Engineering

Copyright of GovTech © FOR INTERNAL USE ONLY

GovTech’s priorities in Smart Nation

Smart City

Systems

Smart Citizen

Platforms

Digital

Government

Put in place the

technology and

infrastructure

(Smart Nation Platform)

Deliver better and

anticipatory services to

citizens

Empower citizens to

co-create useful

solutions

We are a new ICT and Engineering govt agency formed in Oct 2016

Copyright of GovTech © FOR INTERNAL USE ONLY3

Objective of the Smart Nation Platform

SNP supports the Government’s vision to transform Singapore into a Smart Nation.

This will be achieved through the following 3 key thrusts:

Architecting & Implementing Common Infrastructures & Services for WoG’s

use, such as for Communications (through Demand Aggregation), Analytics

Platforms;

Enabling sharing of physical Discrete Sensors & Cameras deployed by Govt

Agencies, through WoG oversight and WoG sensor deployment (Resource

optimization for potential cost minimization e.g. PUB, SPF’s PolCAM and NEA) ;

and

Facilitating Sharing of Sensor metadata between Govt Agencies, through

common services such as an API gateway, Video delivery system (potential new

applications – Crowd Density, Littering, Vehicle Counting etc.)


IoT Vertical Stacks

Sensors

Communication

Data Centre

Visualization & Support

Video Analytics

Data Science

Syste

m E

ng

ineeri

ng

Cyb

er

Sec

uri

ty

Define the IoT Eco-System


Consumer IoTIIoT or Industrie 4.0

Structured Work Process with SOPs

Paid to provide Service

Unstructured Process as dealing with individuals

Pays for Service

Focus on Efficient and Outcomes Conflicting individual goals for self interest & benefit.

Wants & Needs

Highly fragmented, flexible and change over

time fast

Inflexible and Large Organisations,

no single individual ownership

IoT

Influence by stake holders and KPIs Influenced by individuals, social behaviour

and friends

Consumer facingProcess Driven

B2B IoT , Enterprise IIoT or Industrie 4.0

(Reliable Focus)

B2C IoT , Consumer IoT (Cost Focus)


High System Reliability means:-

• Front End IoT Sensor Devices

• Infra Structure for End 2 End (Power &

Communications)

• Accurate & Reliable Data

• Secure System

• Cost effective and Maintainable

System in Eco-system


Two-dimensional (2D) camera: These sensors capture data over time frames. Using various video

analytics algorithms, these 2D camera sensors can provide different information. For example, within

the same image, the algorithms can extract information such as (i) people count, (ii) number and

colour of cars (iii) lighting condition, etc. Over time, processed metadata can yield further insights such

as tracking of (iv) people’s movement, (v) dwell time, etc.

Sensor

IoT Sensor Devices:-

Slow Sensor Data: Temperature, Humidity, Hydrostatic pressure, Strain Gauge, Tilt and Infra-red

sensors acquire data in minutes or hours. These are Quasi-static sensors.

Dynamic (Fast) Sensor Data: Accelerometer provides G m/s2 in milliseconds or faster. Acoustic

sound sensor provides voltage signals over time. When these sensor data are processed in the

Frequency Domain using Fast Fourier Transform, the data can provide Peak Vibration Level at various

Frequencies.

Copyright of GovTech © Not to be reproduced unless with explicit consent by GovTech.8

Static

Quasi Static

Dynamic

Periodic

Dynamic

Transient

Sensor

Understand What Parameter you are sensing

Copyright of GovTech © Not to be reproduced unless with explicit consent by GovTech.

High Repeatability

High Accuracy

High Repeatability

Low Accuracy

Low Repeatability

High Accuracy

Low Repeatability

Low Accuracy

Sensor

7

Which

sensor data

do you trust

& faster to

process in

Real Time ?


ResolutionLinearity

Sensor

Important parameters when Converting Analog Data into Digital DataV

oltage

Voltage

DistanceDistance


Sensor Measurement Error due to aliasing

Sensor

9


Understanding Measurement Principle is important !

Actual

Temperature

Sampled

Temperature

Displayed

Temperature

Nyquist

Frequency:-

Sample at

least Twice

the Highest

frequency

Temperature don’t

change at all !

If sample too slow

Temperature is

actually

fluctuating

Sensor


In sensor system, design with proper

instrumentation grounding rather than have a

poor grounding design and then use filters to

remove the unwanted noise

Prevention is better than cure


Accuracy of Information depends :-

Accuracy of SensorMaintenance & Calibration of Sensor (Function of Time, Drift, Deterioration )

Video Analytics is Processing of Image Data into Structured Information

Accuracy and Repeatability only in controlled environment

Installation of SensorUse of Sensor in its context (monitoring & control function)

Expected functional accuracy for decision making

IT’s view is sensor data is stable, repeatable and maintenance free !

While an Electronics view is always drift, accuracy and noise

IT is in Cyber World while Electronics view is deployment into physical

environment which Mother Nature controls)

Sensor


Accuracy of SensorsAverage Water Depth of 10 m

Water Depth variation of +/- 0.5 m @ 0.1 Hz

in flowing canals+ 0.5 m

- 0.5 m

Acceptable Accuracy is then +/- 0.25 m

Expected Physical Accuracy to measure

Sensor accuracy needs to be x 2 better to be

cost effective

10 m

Sensor when used outdoor deteriorates over time

Regular Cleaning maintenance, validation and re-calibration

Sensor diaphragm membrane is stiffened by barnacles,

hence affect the readings

Sensor


Electronic Engineer’s view of Temperature sensors

Temperature Sensors are

Non-Linear Devices:-

Thermistor

RTD

Thermocouple

Temperature

Digitise and

Linearise to T oC

Volt

T oC

IT’s view of Temperature

sensor is Information from

Black Box

Sensor

Engineer’s view of

Temperature sensor

is Voltage & Needs

Digitiser


Design for Data Quality and NOT just Availability of Data alone

Sensor

You could also be Sensing unwanted Noise!

SQL

Physical Sensor output can be affected by

Data corruption from

EMI Noise, Humidity, Temperature, Pressure,

Vibration (Lose connections)

Output of data is taken

from a Database and

usually many trust this

data !

When retrieved from SQL dB, the data is Highly

Repeatable and Accurate !

System is Auditable and Computers don’t lie !

CyberPhysical


https://www.isixsigma.com/tools-templates/capability-indices-process-capability/process-capability-cp-cpk-and-process-performance-pp-ppk-what-difference/

When using sensor to measure the physical parameters,

there is a need to understand the Process Capability and concept of ± 3σ.

When program

interrogate a SQL,

the data feedback

is always at 0 σ !

Everytime

Measurement Capability

Distance

Fre

qu

en

cy


Accelerometer

Sensor on

Railway Track

Digitizer

Electro Magnetic Interference from

Motors, Welding Equipment, etc

Digital DataAnalogue Signals

Use of a Spectrum

Analyzer to check the

Signal to Noise Ratio to

verify Quality of Signal

presented to the Digitizer

Wanted Sensor Signal

EMI Noise

1.0 G = 0.9 G + 0.1 G

= 0.8 G + 0.2 G

Real Data Noise

Sensor

When train passes over the Railway track, it

generates 1.0 KHz vibration levels

What G number are you

actually measuring ?

Signal to Noise Ratio


Real Impact of Electro-Magnetic Interference (EMI) on

Sensor Information

Sensor

LTA Real Time

Strut Force

Readings

Load (

kN

)

Lunch Lunch

200 kN

Fluctuating

reduction in

Load = Weight of

15 Merc E200


Water Sensor readings will change over

time due to Biofouling

Sensor


Outdoor Data Logging System and Camera uses Solar Panel

as Direct Solar Radiation Shield to reduce Thermal loads

Sensor


Design for IoT Outdoor Water Quality Sensor

Sensor

Operate

24x7 in

High

Humidity

& Heat


First Prototype @ Bedok Reservoir tested for 6 months for Reliability

Sensor

System Engineers


Using Camera as a Sensor

• Accurate & Reliable Data

• Outdoor Operating Conditions are

huge challenges

• One Camera gives many Metadata

and is a Contactless Sensor

Camera as a Sensor


Camera as a SensorHigh Value Real Time Analytics rather than Forensic

People & Object DetectionDetection of Road

Surface Flood But Not like this

Deployment !

Road Surface Flood

CCTV can be used for:-

Counting Cars, Bicycles

and Humans

Lighting

People Crossing @

Junction

Debris on Roads and

Pavements

Visible Water Pollution

Water level, Water flow


https://www.technologyreview.com/s/601786/are-face-recognition-systems-accurate-depends-on-your-race/

Facial Recognition needs to

have a trained mugshot

facial data base to get 95%

under controlled conditions

Nice Clear Frontal Mugshots

with many facial points

Clear Multi-view Mugshots with

many facial points

Fewer facial points from one view

Camera as a Sensor


http://www.dailymail.co.uk/sciencetech/article-3658797/Facial-recognition-ISN-T-reliable-Massive-test-using-million-faces-finds-controversial-

technology-not-accurate-claimed.html

Facial recognition needs pre-trained images to be accurate, it cannot work without database to compare with !

Camera as a Sensor


http://www.pbs.org/wgbh/nova/next/tech/the-limits-of-facial-recognition/

The Real Truth about using Video

Analytics to trace the Boston Bombing !

Camera as a Sensor


Some System Design Considerations

•Sensors selection and location

•Transmitting results from sensor to central data

logger

•Amount of data measurement and data

transmission

•Noise and Surge Protection

•Signal degradation from sensor to signal

conditioner

Design


System Engineering Approach

Sensors Comms Video Analytics

For a system to work, all 3 sub-blocks must work

Up time++

Each sub-block has 2 states, “0” Not-working Logic

and “1” Working Logic

This system has 2 x 2 x 2 possible combinations (23= 8)

System Engineering


The system has 3 functional sub-blocks

0 0 00 0 10 1 10 1 01 0 01 1 01 0 11 1 1

For system to work, the probability is

1/8 = 12%

The possibility of system not working

is 7/8= 88% !

When getting it to work, can you

assume that the person has the skills

to troubleshoot any of the 7/8 ?

UnlikelyIoT Stack

Sensors

Communication

Data Centre

Visualization & Support

Video Analytics

Data Science

is 26 = 64

1/64=1.5%

System Engineering


We are trained on how it works

but we are NOT trained to get a

non-working to work…

Troubleshooting demands a

wider range of skills and

innovations

System Engineering


Start with an

End in MindSteven Covey

2. Identify all and Critical

parameters needed at End State

1. Define the End State of Goal

3. Test & Validate Critical

Parameters before Scaling Up

System Engineering


Full Scale Ops

Deployment

Man Power skillsets

Ops & Tech support

Video bandwidth

Infra

Storage Capacity

Multi-Agency usage

Analytics Accuracies

False Alarms

Improvements of VA

View Angle changes

Proof of Concept

Man Power & Ops

Process

Video Infra

Analytics Accuracies

Start with an End in Mind Steven Covey

All projects to start with a project system

design for operational deployment

Engage stake holders in Ops and project financing

Project Concept formulation must be < 3 months

Proof of Concept must be < 6 months with Mgt Review

Critical Parameter identification and leverage on

external expertise

??

??

If POC is the end ,

then team will only

discover other critical

parameters when

project scales to full

deployment !

Design Thinking Process

System Engineering


Confidential and Copyright

Hierarchy Tasks Deliverables:

1. Functionality

2. Performance

3. Reliability

4. Convenience

5. Price

R&D / 1 set with Love &Care

Mass Production / 108 sets

Reproducibility

No need for field support

Grandma can use also

Full Scale System

Copyright of GovTech © FOR INTERNAL USE ONLY37Confidential and Copyright

Concept to

Prototype

x 1

Lab Model

Prototype to

Pre-Production

x 100

POC

Production to

Sustaining

x 100,000

Production

Functionality

Reliability

Price

Performance

Reliability

Reliability

Price

Convenience

Price

Requirements change from more Nice to Have to

more Need to Have when the Quantities increase

Need 2 Have

Nice 2 Have

Need 2 Have

Full Scale System


Priority of System

Specification

1.Functionality

2.Performance

3.Reliability

4.Convenience

5.Price

System Engineering


Commissioning

at functionality

level only

After 6~12 months for

outdoor systems if design

without reliability built-into

the system

Reliability


Protection & Safety

Schemes to ensure

System Reliability

•Environmental

•Lightning

•Wind Load

Reliability


System Design for Outdoor Environment

Reliability


IP Protection standard for Data Logger Chassis

IP55

IP67

IP68

Reliability


Most of the time, many consider only the chassis box and

there are other considerations:-

1. Connectors (material & thickness of plating on pin

connections, sealing method)

2. Heat extraction if modules are enclosed in IP65 casing,

which is good for water proofing. But it also means heat

cannot be extracted out! If the chassis is metal for good

thermal heat transfer, then direct sunlight will also heat

up the chassis. So it is not about buying the IP65 chassis

alone, but rather heat extraction strategy at system level

3. …….other design considerations

Reliability


Wiring interface with the

IP65 chassis

Type of

connectors

Type of

connection pin

plating and

water proofing

Reliability

Computer

grade

connectors

kept inside

chassis


Protection & Safety

Schemes to ensure

System Reliability

•Environmental

•Lightning

•Wind Load

Reliability


NASA website: Data from space-based optical sensors

reveal the uneven distribution of worldwide lightning strikes.

Units: Lightning Flashes / km2/ year.

Reliability


A Proper Protection System is not just

about buying and installing the correct

part numbers according to catalogue

pictures

Wiring the lightning discharge path

Isolating the signal, power and mains earth

Mains discharge path is different from

signal noise discharge path

Reliability


Lightning Protection is more than installing

electronics as it needs system design

Data Logger

50,000 volts transient voltage across Piezometer to Data Logger

Reliability


Lightning Protection

Module ExplodeTree bark peel off due to

lightning discharge

Reliability


Reliability

Strike on

overhead LinesCoupling by

RadiationRise in Ground

Potential

Affected Equipment

housed inside

building

Electronic

Equipment

damaged NOT

from direct

Lightning Strike !

Lightning

Conductor

50kV 50kV 50kV 50kV250kV

Underground

cables


Lightning Protection of Instruments and sensors

• Selecting the lightning protection modules

• Installing modules without proper current discharge system

design is NO protection

• Protect at both ends of the cables

• Design discharge ground points for protection modules

• Lightning discharge for Structure Protection is different from

that for Electronic Equipment protection ! Electronic usually can

survive at A while Structures can handle Amps easily

Reliability


Protection & Safety

Schemes to ensure

System Reliability

•Environmental

•Lightning

•Wind Load

Reliability


Wind Load of Solar Panels

CP3 / BS6399 Wind Code assumes 35 m/s wind speed

Solar

Panel

Reliability

The horizontal wind force

will create a turning

moments at the base


Standard outdoor design

• Solar power with battery as backup

• Battery cut off circuit at 10V to protect battery from damage

• Battery box at the base for access and stability

• Lighting protection discharge point at the base

• Solar Panel and Extra Sun Shield used as Heat Buffer shield for the enclosures and camera casing, to avoid direct sun light heating up the electronics (“Attap” House)

• Modems and Electronics plastic covers to be removed as these are heat insulators

• All external wires are protected black flexible PVC shield as Ultra-violet will harden the rubber insulation

• Battery charging current to be measured when servicingLightning

discharge

Reliability

Turning

moments


Solar powered systems in SingaporeReliability


Path from Innovation

to a Product:

Handling Failures &

Chaos

Innovation


Many who are

successful,

Can’t handle Failures to

Recover

Failures are

Opportunities to Learn !

Innovation


V+

V-

Vo

G

V- = Vo

( V+ - V- ) G = Vo

If V+ = V- , then Vo = 0

For the OpAmp to be stable, there must be an acceptable

feedback error, which is V+ ≠ V-

So to get feedback, there must be errors made so that

improvements can be made

Good to have Small ErrorFeedback

Control System

When you get a cut,

you feel the pain to be

alive !

Innovation


Old Capability

Limit

Under Challenge - Sure Pass

Over Challenge – Fail !

Time

New

Capability

Limit

Capab

ility

Innovation

Maximum Performance occurs at

the Edge of Failure


Confidential and Copyright

Product

Drop Test

Concept of using Testing to Failure to Improve Design

Pass

Fail

Fail

Pass

Drop the set at 1 m, Pass Drop Test

Drop the set at 1.2 m, Fail Drop Test

Concept of Test to

Failure to identify

critical component

weakness to

improve

Identify that the bracket needs to have

chamfer to strength stressed corners

for next mold design change

Innovation

61

Thank you!