Appendix 6

Reliability, Maintainability (and Safety) Plan Example

RELIABILITY AND MAINTAINABILITY (AND SAFETY) PLAN SUPER SYSTEM

CONTENTS

PART 1 RELIABILITY, MAINTAINABILITY (AND SAFETY) PLAN OVERVIEW

1.1 Introduction

1.2 Reliability, Availability, Maintainability and Safety (RAMS) Requirements

1.3 RAMS Tasks

PART 2 RELIABILITY AND MAINTAINABILITY ENGINEERING TASKS

2.1 Reliability Modelling

2.2 Reliability Prediction and Apportionment

2.3 Failure Modes, Effects and Criticality Analysis

2.4 Fault Tree Analysis

2.5 Reliability Testing

2.6 Failure Reporting and RAMS Monitoring

2.7 Production Reliability Activities

2.8 Maintainability Analysis and Demonstration

2.9 In-Service RAMS Monitoring

PART 3 SAFETY ENGINEERING TASKS

3.1 Preliminary Hazard Analysis

3.2 System and Subsystem Hazard Analysis

3.3 Hazard Tracking (Hazard Log)

PART 4 PROJECT RAMS MANAGEMENT AND REPORTING

4.1 Responsibilities

4.2 RAMS Reviews

Appendix 1 RAMS Work Plans

Appendix 2 RAMS Deliverables

References

1. RELIABILITY, MAINTAINABILITY (AND SAFETY) PLAN OVERVIEW

1.1 Introduction

This Plan describes the organization and responsibilities for the reliability, maintainability (and safety) (RAMS) engineering tasks that will be integrated into the design, development, production and in-service support activities for the Super system project. It also describes the RAMS tasks that will be undertaken.

The RAMS requirements form part of the overall performance requirements for the system, as described in Reference 1.

The RAMS tasks will managed and performed in compliance with the requirements and guidelines in Reference 2.

During the design and development stage, the Company will ensure that their system and equipment suppliers and subcontractors fully understand and comply with the RAMS requirements and with the RAMS engineering tasks specified to them.

In order to achieve these requirements the design, development test, and production philosophy will be for the creation of intrinsically robust, failure-free designs, including the design of all production processes, and followed by stringent production quality assurance and improvement. The failure-free design (FFD) philosophy of hardware and of processes will ensure that all stresses, variations, and other potential or actual causes of failure will be identified and corrected, by the adoption of an integrated, concurrent approach to design, development, and production control. The primary objective of the reliability programme will be to ensure that designs are inherently robust in relation to manufacturing processes and to the environmental conditions of storage, maintenance and operation, throughout the life of the system. To this end, all design analyses and tests will be directed towards identifying and eliminating causes of failure. Particular features of the RAMS programme in this respect will be:

• Prediction and measurement of reliability will be performed as described, but these activities will be treated as secondary to the primary objective of creating an inherently failure-free design.
• The effects of variation of environmental conditions, parameter values and manufacturing processes will be assessed by analysis and by the use of statistically designed tests, including Taguchi methods, to ensure that all designs are robust in relation to all sources of variation over the life of the system.
• The methods of Highly Accelerated Life Testing (HALT) and Highly Accelerated Stress Screening (HASS) will be applied to development and production testing. The objective of these tests will be to force failures by applying high stresses, so that designs and processes can be optimized.
• The reliability test programme will be fully integrated with the overall development test programme. A common failure reporting and corrective action system (FRACAS) will be applied. All failures will be fully investigated and corrective action taken to prevent recurrence. The test programme will include sub-system and system level tests, statistical experiments to assess variation, environmental tests, trials, as well as tests specifically designed to stimulate reliability growth. Reliability growth in development will be monitored in terms of problems discovered and corrected. All test and failure data and corrective action information will be reported, with assessments of reliability achieved and expected in relation to development programme objectives and the in-service requirements.
• By the end of the development programme the Company will have demonstrated that the system and subsystem designs are inherently capable of being produced and tested, and of withstanding the storage, operating and maintenance environments without failure during the in-service life. All relevant failures which occur during development testing will have been corrected by changes to designs or processes, and the effectiveness of the corrective action will have been proved.
• All subcontractors will be required to undertake reliability programmes based upon the same philosophy and methods. The results of their analyses and tests will be closely monitored to ensure a common approach, and to ensure that design improvements and corrective action is implemented promptly and effectively. Subcontractors will be selected on the basis of their proven excellence in the technologies involved, and they will be motivated to adopt the same philosophy for RAMS.

1.2 Reliability, availability, maintainability and safety (RAMS) requirements

The RAMS requirements for the project, related to a service life of are:

• System reliability requirement: not more than N failures per, causing.
• System maintainability requirement: repairs to be performed in not more than minutes for % of failures.
• (Safety)

Where responsibility for design and development of a sub- system or component is let by the company to a subcontractor the RAMS requirements for that system, sub-system or equipment will be fully specified by the Project RAMS Engineer in accordance with the relevant Company Procedure.

1.3 RAMS tasks

To ensure achievement and assurance of the RAMS requirements, comprehensive reliability, maintainability (and safety) engineering tasks will be applied. Parts 2 and 3 detail the RAMS engineering tasks that will be undertaken to satisfy the particular requirements in the specification. The tasks will be applied where relevant, from the initial design phase through to, and including, the in-service warranty period.

The RAMS tasks that will be applied at appropriate stages of design and development are:

• Quality function deployment (QFD) to identify and prioritize key design and process requirements.
• Reliability modelling of the system and sub-systems using reliability block diagrams.
• Reliability predictions and apportionment for sub-systems and components, as appropriate.
• Failure analysis by failure mode, effect and criticality analysis (FMECA) and fault tree analysis (FTA).
• Testing, with the emphasis on HALT.
• Failure reporting, analysis and corrective action (FRACAS).
• Maintainability analysis and demonstration.
• System safety analysis by the application of hazard identification and hazard analysis techniques.
• RAMS reviews, in which compliance with RAMS tasks will be audited.
• Production quality assurance and improvement methods.

The Work Plan for these tasks is shown in Appendix 1, and the list of RAMS deliverables is in Appendix 2.

2. RELIABILITY AND MAINTAINABILITY ENGINEERING TASKS

2.1 Reliability modelling

RBDs will be constructed following the guidelines given in . . . ., and will be updated to reflect the state of the design. RBD interfaces will be agreed with and controlled by the Project RAMS Engineer.

2.2 Reliability prediction and apportionment

Reliability prediction will be carried out, covering all areas of design following the guidelines set out in. . . . The methods and data sources will be declared to the Customer.

The reliability prediction process will be started at the commencement of the project, and will be updated to take account of design changes. Predictions will be used to identify high risk components and sub-systems, and for updating reliability apportionments.

2.3 Failure modes, effects and criticality analysis

FMECA will be carried out following the guidelines given in. . . . FMECA software will be used to create and record the analysis. Wherever appropriate computer-aided design (CAD) models and data will be used as inputs and for analysis.

The relevant Design, Quality Assurance and Safety staff will be responsible for formal response to the analyses regarding preventive actions, compensating factors or the effects on safety.

2.4 Fault tree analysis

FTA will be undertaken on equipment designs where safety-related Top Events have been identified. To enable FTA to be undertaken Top Events will be defined and described.

FTA software will be used to perform and record the analysis.

2.5 Reliability testing

An integrated test programme will be conducted, as described in the Project Test Plan (Reference 3). The main features of the test approach will be:

(HALT)

(Taguchi)

2.6 Failure reporting and RAMS monitoring

During the design and development phase of the project the Company will operate a failure reporting, analysis and corrective action system (FRACAS) as described in the Company Quality Manual.

Failure reporting action will be taken on all failures that occur on hardware and software used on the Company and subcontractor tests and trials undertaken during the design and development phase of the project. Failures during production testing will be reported and managed in accordance with the Company Quality Manual.

Reliability and maintainability achievement will be monitored during all development testing.

2.7 Production reliability assurance

The Quality Assurance Plan describes the methods that will be applied prior to and during production to ensure that production systems will achieve the reliability requirements. The QA activities will be integrated with the reliability activities wherever appropriate.

Particular features of the QA programme to ensure reliability will be:

• FMECA will be used for the derivation of production functional test and inspection methods. Production FMECA will also be performed.
• Statistical Process Control (SPC) will be applied to all manufacturing processes in which variation can affect yield and reliability. SPC limits will be based where relevant on the results of analysis and test of development hardware, particularly when statistical experiments have been conducted to optimize product and process designs.
• Production stress screening methods (HASS) will be developed as part of the development test programme. HASS will be applied to all production hardware, at sub-system and system level, and will be tailored to provide the optimum screens for the items concerned. HASS profiles and durations will be continuously monitored and modified during production, to ensure the most cost-effective approach. The HASS will provide assurance that all production hardware is function and capable of withstanding the storage and use environments.
• All failures occurring at any test or inspection stage will be investigated, with the objective of preventing recurrence. The objective of the failure reporting and corrective action system (FRACAS), in conjunction with monitoring of SPC, will be to generate continuous improvement of all processes.
• All subcontractors will be required to work to the same philosophy of continuous improvement. Their performance will be closely monitored, and they will be assisted where necessary.

2.8 Maintainability analysis and demonstration

Maintainability will be analysed during design to ensure that the requirements are achieved, and will be measured during development. Preventive maintenance tasks will be optimized using the reliability centred maintenance (RCM) method.

2.9 In-service RAMS monitoring (ISRM)

The Company will maintain a FRACAS for all systems in service, to monitor RAMS achievement, to ensure that all reliability requirements are achieved, and that any shortcomings or failures are promptly investigated and corrected.

3. SAFETY ENGINEERING TASKS

3.1 Preliminary hazard analysis

The Company and subcontractors will apply preliminary hazard analysis (PHA) to all areas of design responsibility in accordance with the Company RAMS Manual and Reference. . . .

The output from the PHA will consist of documented hazards associated with the system.

3.2 System and sub-system hazard analysis

System and sub-system hazard analysis (SHA) will be carried out to identify hazards associated with the system and sub-system design, which may not have been identified in the PHA, including component fault modes, critical human error inputs, and hazards resulting from interfaces within the equipment. The techniques that will be applied will be HAZOPS, FMECA, FTA, and event tree analysis (ETA), as appropriate. They will be applied to all areas of design responsibility in accordance with the Company RAMS Manual.

The output from the SHA will detail system and sub-system hazards, their severity and probability values, together with recommendations for actions necessary to eliminate them, or to control the risk to a level that is agreed to be as low as practicable (ALARP).

3.3 Hazard tracking (Hazard log)

Hazard Tracking will be applied to all conditions which could possibly produce a Catastrophic (Severity Level 1) effect or Hazardous (Severity Level 2) effect, as defined in Reference. . . .

Hazards will be tracked from the point of identification until the hazard is eliminated or the associated risk is reduced to a level agreed with the Customer as being acceptable. The Hazard Tracking system will be maintained after design work is complete and throughout the warranty period.

A Hazard Log will be maintained, containing as a minimum:

• Description of each hazard, by nature, cause, and effect.
• Severity rating.
• Status of actions to resolve.
• Traceability of resolution to the point of risk acceptance.

The Company will ensure that the hazard tracking system is correctly maintained, and will make the records available to the Customer for audit and review.

4. PROJECT RAMS ENGINEERING MANAGEMENT AND REPORTING

4.1 Responsibilities

For the effective management of RAMS engineering formal management procedures and guidelines on analysis techniques will be applied for all tasks outlined in the RAMS Plan The management procedures are contained within the relevant Company Procedures The application of the RAMS Plan will be the responsibility of the Project Reliability and Safety Engineer on behalf of the Project Manager Subcontractors will be required to prepare RAMS Plans that comply with the Project RAMS Plan as appropriate to the sub systems.

4.2 RAMS reviews

The RAMS Review is the formal audit of the RAMS engineering tasks undertaken by the Company and implemented as detailed in the RAMS Work Plan.

RAMS Reviews will be conducted in accordance with the relevant Company Procedure, on all areas of design for which the Company and subcontractors are responsible. The responsibility for conducting RAMS Reviews is assigned to the Company Project Reliability (and Safety) Engineer.

On completion of a RAMS Review, a RAMS Progress Report will be raised by the Company, to highlight areas of non-conformance or risk, and to advise on the extent to which the RAMS requirements are expected to be achieved.

References

1. Super System Specification.
2. (Detailed method guidelines/descriptions: relevant company procedures, standards, etc.).
3. Super System Test Plan.

Appendices

1. RAMS Work Plans.
2. RAMS Deliverables.