

# Testability Concept and Development on the EuroFighter

Paul Gatland

14 August 2012

# What is Testability?

**A design characteristic which allows the status (operable, inoperable, degraded) of an item to be determined and the isolation of faults within the item to be performed in a timely manner**

- Characteristic of the design
- Enable determination of item status
- Facilitates testing and diagnostics

# What is EuroFighter?



|                             |                                                                                                                                                       |
|-----------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------|
| <b>Role</b>                 | Multirole fighter                                                                                                                                     |
| <b>Manufacturer</b>         | Eurofighter GmbH                                                                                                                                      |
| <b>First flight</b>         | 27 March 1994                                                                                                                                         |
| <b>Service introduction</b> | 4 August 2003                                                                                                                                         |
| <b>Status</b>               | In service                                                                                                                                            |
| <b>Primary users</b>        | Royal Air Force (160)<br>Luftwaffe (143)<br>Italian Air Force (96)<br>Spanish Air Force (73)<br>Austrian Air Force (15)<br>Royal Saudi Air Force (72) |
| <b>Number built</b>         | 300 as of October 2011<br>(559 ordered)                                                                                                               |
| <b>Unit cost</b>            | £64.8 million (Tranche 1 & 2)<br>€72 million (Tranche 3)                                                                                              |

# Testability Overview

**Testability underpins the following equipment RAMS requirements:**

- Safety Compliance (e.g. Integrity requirements, Safe Failure Fraction, dormancy, time at risk)
- Maintenance Requirements (e.g. MTTF, MTTR, fault isolation)
- Availability Requirements (e.g. MTBF/(MTBF + MTTR)

# Testability Tasks

**The following are the testability tasks required by the EuroFighter development programme:**

- Testability Specification(s)
- Failure Catalogue (an extension to the FMECA)
- Testability Analysis
- Testability Demonstration

# Testability Specification(s)

**The following are the testability specifications required by the EuroFighter development programme:**

- Built-In Test (BIT) Concept
- BIT Specification(s)
  - LRU Level
  - Module Level
- LRU Test Requirements Document (TRD)
- Module Test Requirement Document(s) (TRDs)

# Built-In Test Concept

Each avionic Line Replaceable Unit (LRU) provides:

- Power-On BIT (PBIT)
- Continuous BIT (CBIT)
- Initiated BIT (IBIT)

# Line Replaceable Unit (LRU)



14<sup>th</sup> August 2012

Testability Concept and Development on the EuroFighter

**SMART Engineering Services Ltd**

*Safety   Maintainability   Availability   Reliability   Testability*

# Replaceable Items (example)



# Testability Concept (Avionics)



# Testability Concept (LRU - On-aircraft)



14<sup>th</sup> August 2012

Testability Concept and Development on the EuroFighter

**SMART Engineering Services Ltd**

*Safety   Maintainability   Availability   Reliability   Testability*

# Testability Concept (LRU - Off-aircraft)



# BIT Status Report (EuroFighter Maintenance Data Protocol)

|        | MSB                                   | LSB                               |
|--------|---------------------------------------|-----------------------------------|
|        | 15                                    | 0                                 |
|        | 15 14 13 12 11 10 9 8 7 6 5 4 3 2 1 0 |                                   |
| Word 0 | RT Address                            | Databus BC Equip ID Failure Count |
| Word 1 | 1 Affected RI                         | Affected RI Affected RI           |
| Word 2 | ELAPSED TIME INDICATION ( ETI )       |                                   |
| Word 3 | LRI Serial Number                     |                                   |
| Word 4 | LRI HARDWARE Configuration            |                                   |
| Word 5 | LRI SOFTWARE Configuration            |                                   |
| Word 6 | BIT ID                                | FAILURE IDENTIFICATION CODE       |
| Word 7 | EFABUS Time Tag Counter               |                                   |
| Word 8 | PARAMETRIC DATA                       |                                   |
| Word 9 | PARAMETRIC DATA                       |                                   |
| ...    |                                       |                                   |
| Word n | PARAMETRIC DATA                       |                                   |

# Failure Catalogue

An extension to the FMECA which includes:  
Identification of failure detection, method of detection  
(On-aircraft PBIT, CBIT or IBIT, Off-aircraft test) and  
failure isolation.

| FAILURE CATALOGUE |           |                                           | Equipment : AC/NC                                                          |                                     | RI : CEM       |                  |                  | Date : 25.05.2007 |                     |                      | Page 1                         |
|-------------------|-----------|-------------------------------------------|----------------------------------------------------------------------------|-------------------------------------|----------------|------------------|------------------|-------------------|---------------------|----------------------|--------------------------------|
| Failure No.       | FMECA No. | Signal(s) or Functional Block(s) Affected | Failure Criterion/ Failure Description                                     |                                     | Equipment Mode | Failure Location | Failure Can Be   |                   |                     | Test Name/ Test Step | Remarks                        |
|                   |           |                                           | Next Higher Assy :                                                         | Break-down Code : 57071-048 Annex A |                |                  | Detect By        | Isol. By          | Isol. to RI(s)      |                      |                                |
| 5261              | 1.1.1.1.1 | POWER FPGA PROGRAMM.                      | Loss of Power FPGA VPP or VPN (N N)                                        | All modes                           |                | --               | --               |                   |                     |                      | NCTA ( Not Operational Effect) |
| 5262              | 1.1.1.2.1 | EFEX 1 FPGA POWER                         | Open Circuit for one or more EFEX1 FPGA Power Sect. capacitors (A N)       | All modes                           | CEM            | E                | E                | 1                 |                     | ATP                  | EFEX1 test; FF-OFF             |
| 5263              | 1.1.1.2.2 | EFEX 1 FPGA POWER                         | Short Circuit for one or more EFEX1 FPGA Power Sect. 3.3V capacitors (X Z) | All modes                           | CEM            | PBIT, IBIT, CBIT | PBIT, IBIT, CBIT | 1                 | P02G1, I02G1, C02H1 | Element NO           | Element NOGO active.           |
| 5264              | 1.1.1.2.3 | EFEX 1 FPGA POWER                         | Short Circuit for one or more EFEX1 FPGA Power Sect. 2.5V capacitors (X Z) | All modes                           | CEM            | PBIT, IBIT, CBIT | PBIT, IBIT, CBIT | 1                 | P02G1, I02G1, C02H1 | Element NO           | Element NOGO active.           |
| 5265              | 1.1.1.2.4 | EFEX 1 FPGA POWER                         | Loss of EFEX1 FPGA Power Sect.VPP or VPN (N N)                             | All modes                           |                | --               | --               |                   |                     |                      | NCTA ( Not Operational Effect) |
| 5266              | 1.1.1.2.5 | EFEX 1 FPGA POWER                         | Loss of EFEX1 FPGA Power Sect. 3.3 or 2.5 V (X Z)                          | All modes                           | CEM            | PBIT, IBIT, CBIT | PBIT, IBIT, CBIT | 1                 | P02G1, I02G1, C02H1 | Element NO           | Element Fail active,           |

14<sup>th</sup> August 2012

Testability Concept and Development on the EuroFighter

SMART Engineering Services Ltd

Safety Maintainability Availability Reliability Testability

# Testability Analysis

## Calculation of the following:

- Failure Detection
  - Safety critical failures (req: 100% detection by CBIT)
  - All failures (req:  $\geq 95\%$  detection by BIT)
- Failure Isolation
  - 1 RI (req: 90% by BIT)
  - 2 RI's (req: 95% by BIT)
  - $\geq 3$  RI's (req: 100% by BIT)
- Test Time (req: PBIT $\leq 10s$ , IBIT  $\leq 60s$ )
- False Alarm Rate (req:  $\leq 5\%$ )

# Testability Demonstration

**Practical fault insertion to assess and demonstrate the accuracy of the FMECA/Failure Catalogue and the Testability Analysis.**

- Testability Demonstration Plan
- Fault Simulation List (customer selected failures from Failure Catalogue, approx 20 per RI)
- Testability Demonstration
- Testability Demonstration Report

# Fault Simulation List (example)

|                                         |                                        |                            |                                      |                                        |
|-----------------------------------------|----------------------------------------|----------------------------|--------------------------------------|----------------------------------------|
| FAILURE SIMULATION LIST<br>RECORD SHEET | Equipment: IPU T2<br>Next Higher Assy: | RI: CPM<br>Breakdown Code: | Date: 21st July 2008<br>Revision: 05 | Sheet 8 of 31<br>Name: P. Gatland, RCD |
|-----------------------------------------|----------------------------------------|----------------------------|--------------------------------------|----------------------------------------|

| Item No. | Failure No.                   | Failure Mode Description                                    | Description of the Simulation                                                                                                                                               | Equipment Mode | Failure Detected by | Failure Isolated by | Loc. RI(s) | BIT Test Result Indication | Test Name/ Test Step       | Remarks |
|----------|-------------------------------|-------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------------|---------------------|---------------------|------------|----------------------------|----------------------------|---------|
|          |                               |                                                             |                                                                                                                                                                             |                |                     |                     |            | Error Code                 |                            |         |
| 8        | 2.4.6.1<br>(Criti. Class. II) | One or more data/address lines on PCI Bus stuck high or low | <u>Suggested Implementation</u><br><br>Connect JN5000 pin 61 (PCI32_AD(0)) to JN5000 pin 63 (GND).<br><br><u>Implementation Realised</u><br><br><u>Switch No: 3 (DIP 2)</u> | All modes      | P                   | P                   | 1          | P01C4                      | Processor Exception Raised |         |
|          |                               |                                                             |                                                                                                                                                                             |                | I                   | I                   | 1          | I01C4                      | Processor Exception Raised |         |
|          |                               |                                                             |                                                                                                                                                                             |                | C                   |                     |            | C0871<br>C0872             | Address Line Check         |         |
|          |                               |                                                             |                                                                                                                                                                             |                |                     |                     |            |                            | Observed Results           |         |
|          |                               |                                                             |                                                                                                                                                                             |                |                     |                     |            |                            |                            |         |
|          |                               |                                                             |                                                                                                                                                                             |                |                     |                     |            |                            |                            |         |
|          |                               |                                                             |                                                                                                                                                                             |                |                     |                     |            |                            |                            |         |
|          |                               |                                                             |                                                                                                                                                                             |                |                     |                     |            |                            |                            |         |
|          |                               |                                                             |                                                                                                                                                                             |                |                     |                     |            |                            |                            |         |
|          |                               |                                                             |                                                                                                                                                                             |                |                     |                     |            |                            |                            |         |

# Demonstration Test Set-Up



14<sup>th</sup> August 2012

Testability Concept and Development on the EuroFighter

**SMART Engineering Services Ltd**

*Safety   Maintainability   Availability   Reliability   Testability*

# Testability “Lessons Learnt”

## Design

- Testability concept an essential part of the design (BIT and 2<sup>nd</sup>/3<sup>rd</sup> line test)
- Good testability design will improve product RAMS resulting in reduced manufacturing costs and Life Cycle Costs.
- Design for Testability (BIST, JTAG, Memory with parity or coded protection, stimulation and monitoring etc.)
- BIT Specifications (hardware and software)

# Testability “Lessons Learnt”

## Process

- Perform FMECA/Failure Catalogue and Testability Analysis early so can influence design.
- Don't rely upon theoretical analysis – perform actual fault simulation on representative equipment to verify FMECA, Failure Catalogue and Testability Analysis.