COVID-19 UPDATE: We are operational with updates to our procedures. Click here to learn how we're ensuring the safety of our customers & employees.

DESIGN VERIFICATION (DV)

What is DV Testing?

Design of a high-quality product requires verification that the design meets the requirements including safety, functionality, performance, and reliability. The process for doing this verification is called Design Verification (DV).

DV has multiple steps which are documented in a Design Verification Plan and Report (DVP&R) for testing of the design, and in analysis reports. These are

  • Analysis and calculations
  • The plan for the design verification testing
  • The testing
  • The report documenting the design verification testing

For safety related designs Pi Innovo follows ISO-26262 processes which drive the analysis and testing from tables that define the level of rigor for the different automotive safety integrity levels (ASIL). The ISO 26262 tables determine the safety related analysis and requirements for the design verification. For non-safety related designs Pi Innovo uses a less rigorous process with many steps shared with the ISO-26262 process.

As the Table 1 above shows, design failure mode effects analysis (DFMEA) is an inductive method used to analyze what the effects of a failure would be and what could cause those failures. DFMEA drives how to determine what components and subsystems require special attention in testing to determine the system will be robust enough to meet the requirements. The DFMEA process is used in most Pi Innovo projects.

For higher safety designs (ASIL-C and above) Pi Innovo also uses deductive analysis such as fault tree analysis (FTA) and quantitative failure modes, effects and diagnostic analysis (FMEDA).

Once the customer requirements and safety requirements driven from ISO 26262 Tables 1-3 in the figure above, are determine the requirements for testing and analysis are developed. ISO 26262 tables 10-12 below show how these requirements are determined for safety related projects. verification.

This development of project and safety requirements drives the DV Plan

Analysis

The analysis step of DV verifies that the design meets the safety and project requirements along with determining what additional test may be required. As can be seen in ISO26262 tables above this includes:

FTA – Fault tree analysis is a deductive method to determine what faults could happened and what lower level events could lead to those faults.

FMEDA – The failure modes, effects, and diagnostic analysis (FMEDA) is an inductive, systematic analysis technique to obtain subsystem / product level failure rates, failure modes and diagnostic capability.

The FMEDA technique considers:

  • All components of a design
  • The functionality of each component
  • The failure modes of each component
  • The effect of each component failure mode on the product functionality
  • The ability of any automatic diagnostics to detect the failure
  • The design strength (de-rating, safety factors)
  • The operational profile (environmental stress factors)

Given a component database calibrated with field failure data that is reasonably accurate [1] , the method can predict product level failure rate and failure mode data for a given application. The predictions have been shown to be more accurate [2] than field warranty return analysis or even typical field failure analysis given that these methods depend on reports that typically do not have sufficient detail information in failure records.[3]

WCA – The worst case analysis calculates whether the components in the design will be within the specified working range during the worst case conditions the unit will experience . Pi Innovo uses SMath Studio for much of this analysis with support from Excel spreadsheets and circuit simulations using SPICE.

DFA – The dependent failure analysis identifies possible common cause and cascading failures between parts in the design. This includes assessment of risk of violating a safety goal and the safety measures to mitigate such risk if necessary.

DV Plan

Once the design and safety requirements are fully determined the first step of DV is developing the design verification plan (DVP) f rom the design and safety requirements. The DVP includes acceptance criteria for the tests to show that the design meets the requirements. This acceptance criteria is usually included in the test specifications called out by a customer or industry standard.

The DV plan documents the timing and requirements for the DV testing including what tests will be performed, the order they will be performed in. The plan includes the following:

  • Test number – An identification number for tracking the test
  • Test Name – A descriptive name for the test
  • Specification – The specification for how the test is run. This may be from the customer or it may be an international standard such as ISO-16750
  • Test Leg – often units are tested through sequential series of test with each leg in parallel
  • Test Facility – The location where the test will be done. This may be at Pi Innovo or one of the testing house Pi Innovo uses such as TUV SUD America, or NTS Detroit
  • Samples Require – this is the number of units to be tested in the specific test.
  • Serial Numbers – the serial numbers of the units to be tested
  • Planned Start – the date the test is planned so start
  • Planned End – the date the test is planned to end

Pi Innovo documents flow of testing showing the number of units and what sequence the tests are to be performed in a chart like below:

The individual blocks describe what the test is, the operating mode of the device, the functional classification of the unit during the test and whether the unit is tested at Pi Innovo or at and outside vender. The key for these blocks is shown below

Testing

Once the DVP is approved and the specimens to be used for the DV testing have been produced the testing proceeds. As can be seen in the Test Facility column (highlight column above) this testing may occur at Pi Innovo, or at a testing facility contracted by Pi Innovo. The testing for design verification often includes the following types of tests depending on the nature of the project:

Parasitic Current MegOhm HV Isolation Test
Power Consumption Random Vibration - Sprung Mass
Operating Voltage Range Mechanical Shock - Pothole
Over Voltage Mechanical Shock - Collision
Jump Start Low Temperature Operation
Reverse Polarity High Temperature Degradation
Supply Voltage Ripple Electrostatic Discharge During Handling
Supply Voltage Dropout Electrostatic Discharge While Operating
Supply Voltage Dips Radiated Electrical Emission
Supply Voltage Ramp Up Conducted Electrical Emissions - Voltage Method
Supply Voltage Ramp Down Conducted Electrical Emissions - Current Method
Short Circuits in the Supply Bulk Current Injection (BCI)
Supply Voltage Offset Absorber Linded Shielded Enclosure (ALSE)
Ground Reference Offset Transient Immunity - Supply Lines
HiPot Test Transient Immunity - I/O & Sensor Lines

International Standard tests

ISO 16750-2:2003, Road vehicles — Environmental conditions and testing for electrical and electronic
equipment — Part 2: Electrical loads

ISO 16750-3:2003, Road vehicles — Environmental conditions and testing for electrical and electronic
equipment — Part 3: Mechanical loads

ISO 16750-4:2003, Road vehicles — Environmental conditions and testing for electrical and electronic
equipment — Part 4: Climatic loads

ISO 16750-5:2003, Road vehicles — Environmental conditions and testing for electrical and electronic
equipment — Part 5: Chemical loads

DIN 40050-9, Road vehicles — Degrees of protection (IP-code) — Protection against foreign objects, water and contact — Electrical equipment

IEC 60068 – Environmental Testing

IEC 61000 – Electromagnetic Compatibility

Millitary standard tests

500.4 Low Pressure (Altitude) 512.4 Immersion
501.4 High Temperature 513.5 Acceleration
502.4 Low Temperature 514.5 Vibration
503.4 Temperature Shock 515.5 Acoustic Noise
504 Contamination by Fluids 516.5 Shock
505.4 Solar Radiation (Sunshine) 517 Pyroshock
506.4 Rain 518 Acidic Atmosphere
507.4 Humidity 519.5 Gunfire
508.5 Fungus 520.2 Temperature, Humidity, Vibration, and Altitude
509.4 Salt Fog 521.2 Icing/Freezing Rain
510.4 Sand and Dust 522 Ballistic Shock
511.4 Explosive Atmosphere 523.2 Vibro-Acoustic/Temperature

General Motors Standard Tests

GMW3172 GMW3091
GMW3097 GMW3103

BMW

GS 95002

Daimler

MBN 10284

These tests stress the design to reveal deficiencies that cause the design to not meet requirements or cause premature failures. Discovery during DV allows these deficiencies to be addressed before the design goes to production.

Report

The last step of DV is writing the report which documents and tests were performed on which units and the results of the tests. The report typically will also include comments documenting any issues found, such as non-compliances, and what actions were taken or are planned to address the issues. The DV report provides a clear picture of the status of the DV that is understandable by all stakeholders including management, the customer and team members. It also provides clear documentation of the design testing if issues arise later in the product life.