Where Are We Today?
The idea of performing SCA's has been around for 25 years and it has been done in increasingly automated ways over that period. The U.S. Dept. of Defense made good definitions of SCA over 15 years ago that set the standard for what to look for in circuit analysis. SCA tools have evolved to the point that the drudgery of entering schematics, netlists and component definitions has been reduced. The analysis methodologies have also evolved in that what previously was done manually can now be done quickly by common PC's and Workstations. The tool limitations are generally that analysis is carried out on the topology of the circuits and only DC circuits can be analyzed reliability. Rather complex circuits can certainly be handled but much manual analysis and steering is required.
Definitions
Definitions of SCA abound. Some are broad, some are narrow. Many focus on the specific type of SCA that individual companies need at the time.
MIL-STD-1543B defines a Sneak Condition as "anything that causes the occurrence of an unwanted function or inhibits a desired function even though all components function properly." It goes on to define Sneak Timing as "incompatible hardware or logical operational sequences which can cause an undesirable function to occur or inhibit a desired function" and Sneak Indicators as "circuits which allow improper operation or control of sensors or their display devices that can indicate false or ambiguous system status".
As can be seen, the definition of SCA is not limited to any particular type of circuit. In fact, it implies that all power, control and information circuits are included. It does not limit itself to DC, AC or digital circuits. It does not define the word "circuit" either, the implication being that circuits coupled inductively, capacitively or via other radiation coupling are included as well as traditional point-to-point copper paths.
Interestingly enough, the definition limits SCA to circuits in which the components are functioning normally. But 1543B recognizes that circuits degrade with time and that components fail. A list of things a designer should look for to eliminate certain common failures or limit the propagation of failures is included in the Standard. A process called Design Concern Analysis (DCA) is established which assures that these things are thoroughly reviewed. The attachment to this paper summarizes many of the electrical problems that have caused trouble in the past and the types of SCA and DCA evaluations that should be made to assure that reliable electrical products are produced.
How Does SCA Fit Into the Broader Engineering Function?
In the past, SCA generally was done by a small group of specialized engineers. Very often it was sent out to one of the very few companies who had SCA capability. Either way, information, schematics and notes on how the circuits were intended to function were sent out of the engineering departments. By definition, the design was well-advanced and expensive to change. What came back was a report showing possible sneak circuits. The engineers made whatever changes made sense. The SCA process was clearly not integrated into the overall engineering flow in companies and therefore was just a snapshot of the condition of a design at the time. Often the final designs never got re-analyzed because engineers felt their "intuitive evaluations" of the changes were sufficient. As a result, sneak circuits were designed-in or appeared after aging or common failures occurred.
Things have changed dramatically today. Government and engineering companies are demanding first-time quality and shorter time to market processes. Consumers expect products that work properly and recalls are very expensive in terms of real dollars and reputations. SCA and associated analyses play an important part in this and to be most effective, must be done continually during the design and testing process to assure that all changes receive the same rigorous analysis as the original design. Doing SCA the old way is not practical.
Furthermore, SCA as a stand-alone analytical function using separate techniques and tools also is expensive and is becoming impractical. Methodologies which make use of schematics, models, tools and component knowledge bases which already are other part of the engineering process have high leverage in improving the product and reducing cost. The highest leverage comes when SCA is an integral part of the engineering design and optimization process and uses the SAME tools. Clearly the most cost-effective approach is to settle on a tool, establish a solid component and standard model library and then use it repeatedly for SCA, DCA, FMEA and all sorts of design optimization.
DC, AC, Low Frequency, High Frequency
As mentioned earlier, the need to do SCA is not limited to DC circuits although the semi-automated tools available today generally limit themselves to DC circuits or low-frequency AC circuits. That has served the big automotive and aerospace industries nicely in the past because their vehicles used DC circuits almost exclusively.
Older tools found sneak circuits by looking for certain topological circuit types (H pattern, convergent and divergent nodes, etc.).and determining if current direction in certain legs is proper under specified operating modes. In order to analyze circuits with other topologies, a new approach is needed which does not have such a topology limitation, does not rely on current direction and can handle the effects of externally induced influences.
Today's modern circuits contain more and more computers, digital logic, data buses and high frequency components. Indeed even fiber optics is becoming pervasive because it is light, reliable and noise-free. The SCA tools of the future will have the ability to handle these types of technologies.
The Modern Approach
Integrated tools containing sophisticated modeling and reasoning capabilities are the next leap forward in the ability to analyze circuits and systems. The most sophisticated tool today is RODON from R.O.S.E. Informatik. It is a mathematics-intensive tool that utilizes the power of fast workstations and PC's to simulate and diagnose complex designs, including modern electrical circuits and electronics. Possibly the most beneficial part is that almost simultaneously RODON can perform many other parts of the Engineering process including Design Concern Analysis, FMEA, FMECA and design optimization. While SCA can be performed at any time during the life cycle, it has its greatest leverage when used early to minimize hard redesigns after expensive schematics have been drawn and prototypes are built.
The way RODON performs SCA is conceptually quite simple, but the mathematics involved in achieving the result is complex and far beyond other products today. Each electrical component in a circuit is modeled by defining its transfer function from input to output for nominal AND fault operation. (Fault operation for SCA in its purest form is not really required but who would want to build models without installing the capability to do DCA, FMEA and optimization at the same time?) The normal operating range based on component tolerances is also defined. Components not only include switches, sensors, effectors, lights, etc., but also the wires and connectors which themselves are prone to failure. For circuits that are susceptible to high-frequency coupling or the effects of radiation, these phenomena can also be modeled at this time. The host computer then completes running the simulation to evaluate circuit operation in all its operating modes which usually is for all switch settings or commanded modes. For nominal component operation, anomalous circuit function can then be traced to sneak circuit paths, outright faulty design or bad component selection. When diagnosis is done with faulted components activated, FMEA and identification of critical components results. The effects of typical user or environmental damage like bent connector pins or corrosion can be seen instantly.
As component libraries (and even libraries of common building-block circuits) are developed, the whole SCA and design analysis process becomes faster and faster and the real long-term benefits of shorter time-to-market and fewer design flaws detected late are realized.
Relation to other EDA Tools
When first bringing RODON into an established engineering culture, it is clearly advantageous to utilize as much existing technical data as possible. RODON contains convenient interfaces to other common EDA tools in order that models and wiring lists can be downloaded quickly with a minimum of manual intervention. This minimizes startup inefficiencies.
After RODON has been integrated into the engineering process and a reasonable model library has been established, the tool roles are reversed and RODON begins to feed the tools in terms of component definitions, wiring lists and in some cases, physical component layout.
Products of SCA are only part of the result of using RODON. Anything that needs data from the knowledge base can get it through the standard API capability. This will generally be diagnostic information for use in field testing, preparing user documentation and follow-on design evolution and enhancement.
Summary
A great deal has been written about the advantages of using Model-Based Reasoning in many places in the engineering process. SCA and its relatives are a natural extension of the use of MBR during the design process to detect and correct problems which later could be expensive to fix or which would compromise the product in the field. RODON is far and away the leader in this area because of its deep mathematical capability to find problems under a broad range of operating circumstances without regard to the type of technology that is involved.
REFERENCE MATERIAL
The following information was summarized from MIL-STD-1543B. It provides some excellent information about the total set of electrical analyses that can be done to maximize the reliability of a design. It goes far beyond SCA but much of it can still be part of the automated analysis that is within the capability of rodon. While this information is available to everyone, it is often not conveniently located. Scanning through it will help engineers visualize the "big picture" of the overall electrical analysis issue.
Design Concern Analysis
Identify design weaknesses which can manifest themselves as failures or degraded performance during the useful life of the system. Identify design weaknesses such as:
* Inadequate redundancy provisions
* Timing Inconsistencies
* Out-of-specification operating modes
* Improperly applied components
* Unnecessary components
* Other concerns developed by designer specific to the product
Circuit and Item Stress Analysis
Examine the effects of component and circuit parameter tolerances and parasitic parameters over the range of specified operating life and conditions and to ensure compliance to approved parts derating criteria. Perform sensitivity analyses which relate the parts operation and stress to circuits, modules, components, subsystems and system performance as they are influenced by:
* Maximum input and output variation
* Maximum line voltage variations and line transients
* Maximum part parameter variation
* Maximum performance demands and variations
* Maximum and minimum environment conditions
* Fail safe provisions
* Redundancy provisions
* Radiation effects, as applicable
* Parameter drift due to aging
* Transients due to turn-on, turn-off and state changes
* Fatigue due to cyclical loading
This amounts to worst-case analysis of reasonable combinations of component tolerance buildup.
Sneak Analysis Functional Clue List
The following list contains questions that electrical design engineers should ask themselves from a functional point-of-view as they analyze the data provided by their tools:
* Do functions perform as intended?
* Are all functions and grounds compatible with the power sources?
* Is power available when required to activate a function
* Are connected grounds compatible?
* Are connected power sources from different power buses, i.e., is there a potential power-to-power tie?
* Can any function be activated inadvertently or at incorrect times?
* Are there undesired effects when a current or energy path is unintentionally opened or closed?
* Can any combination of functions be activated by an unintended current or energy path?
Design Clue List
The following list contains questions that electrical design engineers should ask themselves from a design point-of-view as they analyze the data provided by their tools:
Sneak Paths
* Are signals apparently routed to unintended places? Is there an apparent reversal of polarity or phase between signals?
* Can an operational amplifier be driven into saturation unintentionally?
* Are totem pole outputs of digital devices connected together?
* Do circuits containing symmetry have any asymmetric elements or paths?
* Are grounds mixed in the same circuit?
* Are digital circuitry, relays, or squibs on the same ground?
* Is the isolation inadequate between tied power sources of different potential?
* Are power supply and associated grounds at different reference points?
* Are there any undesired capacitor discharge paths?
* Are there momentary undesired current paths present during change of state or switching circuits?
Sneak Timing
* Do circuits experience unintended modes or false outputs during power-up?
* Do digital signals sharing a common source and load split and later recombine?
* Are consecutive digital devices powered from different supplies?
* Are noise margin limits exceeded for digital devices?
* Do resistor-capacitor networks in digital circuits provide the required characteristics, such as pulse width and switching speed?
* Do large resistor-capacitor time constants cause excessive rise or fall times in switching circuits?
* Are there momentary undesired current paths during change-of-state of switches?
* Do relay coils have a single standard diode with a zener diode in series for transient suppression?
* Does high output impedance of transistor-to-transistor logic (TTL) devices cause an excessive resistor-capacitor time constant?
* Are there any ground paths to transistor-to-transistor logic (TTL) device inputs (momentary or otherwise) which can turn the device on?
* Does turn-on, turn-off or open-close timing of any device cause a problem in its application?
* Are there timing gaps (break-before-make) or overlaps (make-before-break) in switching circuits?
* Are command lines adjacent to power lines?
* Does the capacitance of a line cause excessive "skew" of the signal in it?
Sneak Conditions
* Does an indicator monitor a command of a function rather the function itself?
* Does an indicator circuit depend upon the function it monitors for p roper operation?
* Does a load perform an undesired function?
* Can a press-to-test circuit energize a circuit?
Potential Design Concerns
* Do uncommitted switching device outputs drive other switching circuitry?
* Is there a ground-to-output on transistor-to-transistor logic (TTL) devices?
* Do compatibility requirements differ at the interface of two integrated circuit technologies?
* Is fan-out of digital devices exceeded?
* Are input voltage or current requirements to semiconductor devices exceeded?
* Is any circuitry unused or unnecessary?
* Are any relay coils unsuppressed?
* Are any test points unprotected, i.e., lacking isolation resistance?
* Do amplifiers or comparators have capacitors greater than 0.1 microfarads connected from input to ground or as feedback elements without series limiting resistance?
* Do comparators have capacitors greater than 0.1 microfarads connected from output to ground without series limiting resistance?
* Do operational amplifier inputs see. unequal impedance?
* Do spare inputs of integrated circuit devices have open circuit inputs?
* Do complimentary metal oxide semiconductor (CMOS) devices have inputs feeding off the circuit card without pull-up or pull-down resistors?
* Do large scale transistor-to- transistor logic (TTL) devices have spare inputs connected to used inputs of the same gate?
* Are differentiator circuits used?
* Do integrated circuit devices or transistor-to-transistor logic (TTL) devices have any open inputs or gates.
* Do operational amplifiers lack bias current resistors or have resistors with improper values?
* Are any unused operational amplifiers not in a unity gain configuration with all inputs grounded?
* Do relay coils have single standard diodes for transient suppression?
* Is the noise margin less than 0.5 volts at inputs for large scale type logic devices?
* Is a transistor operating in the saturated region?
* Are any digital devices improperly biased?
* Do any capacitors have maximum charge or discharge currents that can damage other components?
* Is Vin of an integrated circuit greater than Vcc?
* Are any integrated circuit input. or outputs unsuppressed?
* Is available energy insufficient to "blow" a squib component?
* After firing, can the squib component short or open?
* Is static energy protection for squib components lacking?
* Is "no-fire" current protection lacking for squib components during checkout test?
* Is a squib component without a current limiting resistor?
* Can the forward resistance of a diode affect charging and discharging times?
* Are there potential reverse voltages which can damage tantalum capacitors?
* Can a semiconductor controlled rectifier turn on prematurely?
* Are lamps without isolation fuses?
* Can "cross-talk" adversely affect signals in adjacent wires?
* Are power switching transistors subject to damage of inductive switching spikes?
Drawing Errors
* Are any devices shown with power, signal, or ground connections missing?
* Do parts, components or interfaces on a drawing disagree with other drawings that represent different indenture levels or are continuation sheets?
* Does the parts list disagree with the drawings?
* Is a tantalum capacitor shown connected incorrectly?
* Is there a lack of dynamic stability?
* Are there deficient parts as evidenced by:
a. Failures of a generic or chronic character
b. Limited capability substitute parts
c. Over-stressed parts
* Is there a single multi-pole relay carrying redundant functions?
* Is there unintended thermal coupling between high dissipation or heat sensitive elements?
* Are harnesses, connectors, and tie points shared in common by otherwise redundant paths?
* Are there sympathetically induced failures such as common heat sink and electrical path for transistors, rectifiers, and blocking diodes?
* Are redundancy paths integrated into a common multi-layer printed circuit board?
* Is redundancy negated due to sneak paths embodied in sensors or signal processing circuits?
* Does command logic and execution hardware form a single point failure site for pyrotechnic or ordnance devices?
* Is there sharing of fuses?
* Is there sharing of redundant items, such as:
a. Common power supplies or converters
b. Common power lines and returns
c. Jumpered signal points
d. Common printed wire traces
e. Common connectors and pins
* Are multi-function parts, such as dual transistors. dual integrated circuits, or quad integrated circuits shared in redundant paths or alternate modes of operation?
* Are printed circuit board traces and wires properly derated?
* Are there common line decoupling capacitors?
* Are there single line decoupling capacitors or blocking diodes?
* Could there be structural or mechanical failure of housings (and support structure) containing redundant items?
* Are there microwave device failure modes which degrade electrical performance of companion redundant devices via poor isolation, high voltage standing wave ratio, or noise generation?
* Are there common jacks, pins, and connectors on splitters or dividers upstream from redundant items?
* Can a failure in one experiment result in spacecraft failure in multiple payload spacecraft?
* Is there exposure of redundant elements to a single failure stimulus?
* Is there an inability to detect a failed item?
* Can erroneous commands be induced by human error or software?
* Can test equipment or other ACE induced failures?
* Are there overstress mechanical failures?
* Are there overstress electrical failures?
* Are there overstress thermal or cyclic failures?
* Are there corrosion, electrochemical, or physicochemical failures?
* Are there contamination, plume impingement, outgassing and related failures?
* Have the effect of fluid sloshing been properly addressed?
* Have the inertial and coupling effects of masses been properly addressed?
* Is there adequate venting?
* Has the possibility of multipacting breakdown been properly addressed?
* Has the possibility of corona breakdown been properly addressed?
* Has the possibility of fatigue been properly addressed?
* Is there inadequate shielding or improper parts application that may lead to radiation damage?
* Are there microwave material or construction deficiencies resulting in generation of intermodulation products (IMP).
* Can events which terminate or seriously degrade performance or which constitute a safety hazard be caused by fewer than two distinct actions?
* Are there inadequate keying, clocking, size variations, or harness installations permitting crossmating of printed circuit boards, electrical, hydraulic, ordnance or other connectors?
* Can there be a repeat of past design weaknesses due to inadequate review of available histories of similar equipment and designs?
* Can there be electromagnetic compatibility or electromagnetic interference failures?
Bill Lokken
October 1996
(Sun Microsystems, Inc.)(1997).iso/products/ROSE/pointr4a.gif)
Return to White Paper Page