top - download
⟦d42782e4c⟧ Wang Wps File
Length: 38606 (0x96ce)
Types: Wang Wps File
Notes: Air Canada Proposal
Names: »1343A «
Derivation
└─⟦32f09e9a2⟧ Bits:30006250 8" Wang WCS floppy, CR 0084A
└─ ⟦this⟧ »1343A «
WangText
= =…05…=…06……86…1
…02…
…02…
…02…
…02…
…02…
CHAPTER 3
Page
#
DOCUMENT III TECHNICAL
PROPOSAL Oct. 8, 1981
Rev.:
Mar.
3,
1982
LIST OF CONTENTS Page
7. RELIABILITY, MAINTAINABILITY AND
AVAILABILITY ANALYSIS (RMA) 2
7.1 Introduction 2
7.2 Reliability Models and Block Diagrams 4
7.2.1 Reliability Models for PU's 6
7.2.2 Reliability Models for CU's 11
7.2.3 Node Reliability 16
7.2.4 EMH Reliability 17
7.2.5 GTW Reliability 18
7.2.6 Site Reliability 19
7.2.7 NCC Subsystem 20
7.2.8 Network Availability 21
7.3 Equipment Mean Time Between Failures (MTBF) 22
7.4 Equipment Maintainability (MTTR) 25
7.5 RMA Analysis 26
7.5.1 RMA Analysis for Communication Lines 27
7 R̲E̲L̲I̲A̲B̲I̲L̲I̲T̲Y̲,̲M̲A̲I̲N̲T̲A̲I̲N̲A̲B̲I̲L̲I̲T̲Y̲ ̲A̲N̲D̲ ̲A̲V̲A̲I̲L̲A̲B̲I̲L̲I̲T̲Y̲ ̲A̲N̲A̲L̲Y̲S̲I̲S̲
This chapter provides the detailed analysis of the
reliability and maintainability provided by the proposed
equipment. Emphasis has been given to include the analysis
for the range covered by the proposed system architecture.
Furthermore, detailed information with respect to failure
rates and repair times is provided for the various
components and modules included in the architecture.
7.1 I̲N̲T̲R̲O̲D̲U̲C̲T̲I̲O̲N̲
The availablity of the proposed equipment is very high
due not only to a high reliability of individual system
elments, but not least due to the chosen CR80 computer
configuration, where functional like elements automatically
substitute each other in case of failure. Overall system
availability has been calculated.
The high system availability has been achieved by use
of highly reliable modules, redundant processor units
and line termination units, and automatic reconfiguration
facilities. Care has been taken to ensure that single
point errors do not cause total system failure.
The reliability criteria imposed on the computer systems
has been evaluated and the proposed hardware/software
operational system analysed to determine the degree
of availability and data integrity provided. In this
chapter reliability is stated in numerical terms and
the detailed predictions derived from mathematical
models presented.
The availability predictions are made in accordance
with system reliability models and block daiagrams
corresponding to the proposed configuration. This procedure
involves the use of module level and processor unit
level failure rates, or MTBF, (mean time between failure)
ans repair times or MTTR, (mean time to repair); these
factors are used in conjunction with a realistic modelling
of the configuration to arrive at system level MTBF
and availability.
Tabulated results of the analysis are presented including
the reliabilty factors: system MTBF and repair time
MTTR.
The basic elements of the proposed system architecture
are constituted by standard CR80 units. Reliabilty
and maintainability engineering was significant factor
in guiding the development of the CR80.
The CR80 architecture is designed with a capability
to achieve a highly reliable computer system in a cost-effective
way. It provides a reliable set of services to the
users of the system, because it may be customised to
the actual availability requirements. The CR80 fault
tolerant computers are designed to avoid a single point
errors of all critical system elements by provision
of redundancy paths,processor capabilities and power
supplies.
The architecture reflects the fact that the reliability
of peripheral devices is lower than that of the associated
CR80 device controllers. This applies equally well
to communication lines where modems are used as part
of the transmission media. Thus, the peripheral devices
, modems, communication lines, etc impact the system
availability much more than the corresponding device
controllers.
In connection with communication lines, the CR80 CU's
utilises n out of n+1 LTU's and n LIA-S's to achieve
the highest possible availability to individual subscribers.
The functions of a failed LTU can automatically be
taken over by the spare LTU, electronically controlled
by enabling the appropriate LIA-S.
To assure this very highly reliable product, several
criterias were also introduced on the module level:
An extensive use of hi-rel, mil-spec components,
ICs are tested to the requirements of MIL-STD 883
level B or similar.
All hardware is designed in accordance with the
general CR80 H/W design principles. These include
derating specifications, which greatly enhance
the reliability and reduce the sensibility to parameter
variations.
Critical modules feature a Built-In(BIT) capability
as well as a display of the main states of the
internal process by Light Emitting Diodes on the
module front plate. This greatly improves module
maintainability, as it provides debug and trouble
shooting methods, which reduce the repair time.
A high quality production line, which includes
high quality soldering, inspection, burn-in and
an extensive automatic functional test.
7.2 R̲E̲L̲I̲A̲B̲I̲L̲I̲T̲Y̲ ̲M̲O̲D̲E̲L̲S̲ ̲A̲N̲D̲ ̲B̲L̲O̲C̲K̲ ̲ ̲D̲I̲A̲G̲R̲A̲M̲S̲
The computer system is partitioned into system elements
and the models used for relaibility and availabilty
predictions show how the proposed equipment provides
the high degree of reliability required.
The system reliability characteristics for the system
are stated in numerical terms by mathematical models;
the supporting detailed predictions are presented in
this chapter. The system models are partitioned into
modular units and system elements that reflect the
redundancy of the configuration; it accounts for all
interconnections and switching points. The MTBF and
MTTR for the individual elements used in the calculations
were obtained from experience with similar equipment
on the NICS-TARE,FIKS and CAMPS programmes. The figures
quoted on peripheral equipment are based on data supplied
by the manufacturers.
The equipment has been partitioned and functions apportioned
so that system elements can have only two states -
operable or failed. System elements are essentially
stand-alone and free of chain failures.
Careful attention has been paid in the design to eliminate
series risk elements. Redundants units are repairable
without interruption of service. Maintenance and reconfiguration
is possible without compromising system performance.…86…1
…02… …02… …02… …02…
The primary source selected for authenticated relaibility
data and predictions is the MIL-HDBK-217. The failure
rate data are primarily obtained from experience from
previous programmes and continuously revised as part
of the maintenance programme on concurrent programmes.
The relialibility models which apply to the proposed
configurations are identified in the figures shown
on the following pages.
7.2.1 R̲e̲l̲i̲a̲b̲i̲l̲i̲t̲y̲ ̲M̲o̲d̲e̲l̲s̲ ̲f̲o̲r̲ ̲P̲U̲'̲s̲
The relaibility models MTBF and availability predictions
for the Processing Units are shown in the figure below:
N̲O̲D̲E̲ ̲P̲R̲O̲C̲E̲S̲S̲O̲R̲ ̲U̲N̲I̲T̲
Fig.III 7.2.1-1
N̲M̲H̲ ̲P̲R̲O̲C̲E̲S̲S̲O̲R̲ ̲U̲N̲I̲T̲
Fig.III 7.2.1-2
N̲C̲C̲ ̲&̲ ̲G̲A̲T̲E̲W̲A̲Y̲ ̲P̲R̲O̲C̲E̲S̲S̲O̲R̲ ̲U̲N̲I̲T̲
Fig. III 7.2.1-3
E̲M̲H̲ ̲P̲R̲O̲C̲E̲S̲S̲O̲R̲ ̲U̲N̲I̲T̲
Fig. III 7.2.1-4
F̲E̲P̲ ̲P̲R̲O̲C̲E̲S̲S̲O̲R̲ ̲U̲N̲I̲T̲ ̲(̲M̲A̲X̲ ̲C̲O̲N̲F̲I̲G̲U̲R̲A̲T̲I̲O̲N̲)̲
Fig. III 7.2.1-5
7.2.2 R̲e̲l̲i̲a̲b̲i̲l̲i̲t̲y̲ ̲M̲o̲d̲e̲l̲s̲ ̲f̲o̲r̲ ̲C̲U̲'̲s̲
The reliability models, MTBF and availability for the
channel units are shown in the figures below.
N̲o̲d̲e̲ ̲C̲h̲a̲n̲n̲e̲l̲ ̲U̲n̲i̲t̲ ̲#̲ ̲1̲
N̲o̲d̲e̲ ̲C̲h̲a̲n̲n̲e̲l̲ ̲U̲n̲i̲t̲ ̲#̲ ̲2̲
N̲o̲d̲e̲ ̲C̲h̲a̲n̲n̲e̲l̲ ̲U̲n̲i̲t̲ ̲#̲ ̲3̲ ̲
E̲M̲H̲ ̲C̲h̲a̲n̲n̲e̲l̲ ̲U̲n̲i̲t̲
G̲T̲Y̲ ̲C̲h̲a̲n̲n̲e̲l̲ ̲U̲n̲i̲t̲
N̲C̲C̲ ̲C̲h̲a̲n̲n̲e̲l̲ ̲U̲n̲i̲t̲
F̲E̲P̲ ̲C̲h̲a̲n̲n̲e̲l̲ ̲U̲n̲i̲t̲
7.2.3 N̲o̲d̲e̲ ̲R̲e̲l̲i̲a̲b̲i̲l̲i̲t̲y̲
Shown in the figure below is the Node Reliability model
7.2.4 E̲M̲H̲ ̲R̲e̲l̲i̲a̲b̲i̲l̲i̲t̲y̲
In the figure below the reliability for the EMH is
shown.
7.2.5 G̲T̲W̲ ̲R̲e̲l̲i̲a̲b̲i̲l̲i̲t̲y̲
In the figure below the reliability for the Gateway
Processor is shown.
7.2.6 S̲i̲t̲e̲ ̲R̲e̲l̲i̲a̲b̲i̲l̲i̲t̲y̲
In the figures below the reliability models for the
sites are shown.
7.2.7 N̲C̲C̲ ̲S̲u̲b̲s̲y̲s̲t̲e̲m̲
In the figure below is the reliability model for the
NCC subsystem. The MTBF and Availability are also given.
7.2.8 N̲e̲t̲w̲o̲r̲k̲ ̲A̲v̲a̲i̲l̲a̲b̲i̲l̲i̲t̲y̲
In this section the network availability is calculated.
When the network is termed available it means that
a path from/to a̲l̲l̲ LIA connectors to/from a̲l̲l̲ Hosts
is available, without adversely affecting the user
due to a malfunction of a̲n̲y̲ network components
This means that the mean down time per month is approximately
7 minutes.
7.3 E̲Q̲U̲I̲P̲M̲E̲N̲T̲ ̲M̲E̲A̲N̲ ̲T̲I̲M̲E̲ ̲B̲E̲T̲W̲E̲E̲N̲ ̲F̲A̲I̲L̲U̲R̲E̲S̲(̲M̲T̲B̲F̲)̲
The high reliability of the proposed equipment is achieved
through use of proven failure rate equipment similar
to that supplied by Christian Rovsing for the NICS-TARE,FIKS
and CAMPS programmes.
Early in the design phase,a major objective for each
module is to achieve reliable performance. CR80 modules
make extensive use of carefully chosen components;
most of the IC's are tested to the requirement of MIL-STD
883 level B.
The inverse of MTBF representing failure rate which
apply to system elements and modules are listed in
Table 7-2 entitled CR80 Reliability Factors.
The MTBF data has been derived from reliability data
maintained on the NICS-TARE and CAMPS and similar programmes.
Inherent MTBF values are in general derived from the
reliability predictions accomplished in accordance
with the U.S. MIL-HDBK-217 "Reliable Predictions of
Electronic Equipment". This document, adopted by Christian
Rovsing through their involvement with NICS-TARE, is
used extensively on current military and aerospace
programmes.
Failure rate data for terminal and periphal equipment
is generally provided by the vendor in accordance with
the subcontract specifications.
R & M VALUES FOR MODULES AND PERIPHALS
Table 7-2(continues)
R & M Values for Modules and Periphals
Table 7-2(Cont'd)
7.4 E̲Q̲U̲I̲P̲M̲E̲N̲T̲ ̲M̲A̲I̲N̲T̲A̲I̲N̲A̲B̲I̲L̲I̲T̲Y̲ ̲(̲M̲T̲T̲R̲)̲
The proposed network is designed for ease of maintenance.
Each system built of modules each comprising a complete
well-defined function. Replacement of modular units
results in minimum repair time. Software and firmware
diagnostic routines rapidly isolate faulty modules;
repair can then be performed by semi-skilled maintenance
personnel and usually without special tools.
The proposed network, copmposed of redundant CR80 elemements,
meets the objective of ease of maintenance. All units
and system elements are of a modular construction so
that any defective module can be isolated and replaced
in a minimum amount of time.
In the design of the CR80, careful attention was given
to ease of maintenance without requiring special tools,
so that the maintenance could be performed by semiskilled
maintenance personnel.
Fault detection and isolation to the system element,
in some cases module level, is inherent in the software
residing in the various processors. In periphal devices,the
fault detection and isolation is accomplished by a
combination of on-line ,software, built-in tests, and
operator observations.
In case the correct function of the system is extremely
critical, the CR80 will have built-in,on-line, diagnostic
programmes. Even though the CR80 is highly reliable,
failures can occur; usage of the off-line diagnostics
minimises the downtime for a system.
An off-line diagnostics software package is employed
to ese the diagmostics in case of error. Normally,
this software package is stored on disc. After initiation,
the programme will test all modules forming the system
amd print the name and address of the erroneous module
on the operator's console. Having replaced the erroneous
module, the CR80 is ready for operation again. The
operator might ,if necessary, run the off-line diagnostics
programme once more to verify that the system is now
working without errors.
The command interpreter module of the diagnostic package
enables the operator to initiate any or all of the
test programmes for the specific subsystem off-line,
to assist in trouble shooting and to verify the repair.…86…1
…02… …02… …02… …02…
Examples of modules tested are:LTU's,CPU and RAM modules,
etc.
The diagnostic package will also assist in fault isolation
of the pripherals. However,common and special test
equipment might have to be used to isolate the faulty
module.
The Mean-Time-To-Repair for the equipment is derived
from two sources. The first is actual experience data
on the equipment proposed for the front-end system.
The other source is from predictions generated in accordance
with MIL-HDBK-472 or similar documents. As an example,
the MTTR for the Disc Storage Unit was derived from
repair times measured by the supplier. The repair times
of other units were derived by a time-line analysis
of the tasks associated with fault detection,isolation,repair,
and verification. These repair times were weighted
by the MTBF of each module to derive the unit MTTR.
The calculation of the Mean-Time-To-Repair(MTTR) is
done by weighting the individual module repair times
by the MTBF of the individual module. The MTTRs of
the major CR80 equipments are presented in Table 7-2.
The predicted MTTR values are from experience with
modules of the NICS-TARE,FIKS and CAMPS programmes.
The predicted MTTR assumes that all tools,repair parts,manpower,
etc required for maintenance are continuously available.
7.5 R̲M̲A̲ ̲A̲n̲a̲l̲y̲s̲i̲s̲
This section provides detailed information with respect
to RMA analysis of the PSEs. It includes the detailed
formulas which apply as part of the RMA calculations
and is followed by supporting examples.
The RMA analysis of a system provides information on
how much of the time the system provides a given set
of required functional capabilities, i.e. provides
operative availability. It shows how many times the
system is not opertaive during a given period and for
how long. A system may be operative even with one or
more elements of the total system down or taken off-line
for the purpose of repairing and/or replacement of
defect modules/units. Note that this is opertaive as
seen by a user of the functional capabilities, not
as seen by maintenance personnel.
The basis for determining the system level availability
is an RMA model of serial and parallel system elements.
Each of these elements defines a specific subset of
the total system with a well-defined state: either
functioning or not.…86…1 …02… …02… …02… …02…
Serial elements refer to elements all of which have
to be available for that set to be available. Parallel
elements describes those sets where not all elements
need to be available, the number determined by the
required service or the redundancy provided. The subsequent
section introduces the basic RMA building stones.
7.5.1 R̲M̲A̲ ̲A̲n̲a̲l̲y̲s̲i̲s̲ ̲f̲o̲r̲ ̲C̲o̲m̲m̲u̲n̲i̲c̲a̲t̲i̲o̲n̲ ̲L̲i̲n̲e̲s̲
This section provides an in-depth analysis of the n+1
redundancy concept with LTU's and switching LIA-S.
The stand-by provided for the subscribers by means
of the electronically controlled switching results
in an extremely high degree of service to each individual
subscriber.
A prerequisite for designing a system RMA model is
an extract definition of the required service level
of that particular system i.e. the minimum number of
active functional elements necessary to fulfil the
operational requirements.
Another important factor to be considered is the total
maintenance philosophy because of the great impact
on the resultant system reliability. To achieve the
optimum reliability very short repair times like MTTR=0.5
hour are necessary. Items with low failure rates and
forming part of the redundant concept, like LIA-S switch,
can be repaired once per day thus avoiding taking a
functioning group of channels out of service during
normal operation. The MTTR for LIA-S switch failure,
are in this case therfore 12 hours.
Preventive maintenance on the unused redundant elements
in the system has to be included in the considerations.
During normal system operation the unused redundant
elements might fail without affecting normal operation.
When a failure in the operating part of the system
then occurs it will not be able to switch to the redundant
circuitry and thus maintain full service level. The
redundant elements must therefore be functionally tested
at regualar intervals to maintain overall system availability.
If they are tested too often it might degrade operational
availability because of excessive testing, likewise
if they are tested too seldom the probability of multiple
hardware errors will increase and thus decrease the
reliability.
The resultant RMA model of the the n out n+1 LTU/LIA-S
concept is a simple series connection of the n LIA-S
common circuits with slightly increasing values of
FPMH and B(unavailability=1-A) dependent of n.
The equations are:
MTTR = 0.5 hour
LAMBDA = n(0.28+(n+1)0.0014)fpmh
B = n(0.14+(n+1)0.0008)10…0e…6…0f…
where n can be a maximum of 16.
This results in the following values:
̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲
LTU Model LAMBDA B MTTR
̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲
8+1 SPARE 2.3 fpmh 1.2/10…0e…6…0f… 0.5 hour
12+1 spare 3.6 fpmh 1.8/10…0e…6…0f… 0.5 hour
16+1 spare 4.9 fpmh 2.5/10…0e…6…0f… 0.5 hour
̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲
The LIA-S is a simple and thus highly reliable element.
In essence it consists of a multiple single throw FET
switch and a snmall control circuit. The FET switch
switches all the communication lines connected to a
LTU at the same time. Either the communication lines
are connected through switch section A of the LIA-S
to the normal LTU I/O circuitry or through switch section
B to the spare LTU I/O circuitry
Seen from a RMA point of view the LIA-S model looks
somewhat different. The LIA-S control circuit and some
other common circuitry like I/O connectors and solder
joints must always function properly. I fthe group
is connected to the normal LTU switch, A must not fail
open and switch B must not fail shortened to maintain
the function. Likewise when the group is connected
to the spare LTU switch, A must not fail shortened
and switch B must not fail open. The failure rate of
one half open or the other half shorted equals the
failure rate of one switch. The failure rate of the
LIA-S is:
LAMBDA…0f…LIA-S…0e…=LAMBDA…0f…COMMON…0e…+LAMBDA…0f…SWITCH…0e…
In the RMA model each LTU is in series with the corresponding
LIA-S switch section. The spare LTU is in series with
the other section of the LIA-S switch. All these branches
are parallel. The LIA-S common circuits are then in
series with this parallel group.
The operational conditions for this LTU/LIA-S RMA example
is that all n groups of lines shall be functioning.
This means that n out of n+1 LTU's shall be operable.
Furthermore, all the n LIA-S common circuitry shall
be operable
The MTTR values used in the example are:
MTTR…0f…A…0e… = 0.5h,LTU and LIA-S common.
MTTR…0f…B…0e… = 12h, LIA-S switch.
MTTR = ̲ ̲ ̲B̲ ̲ ̲ = .5 hour
LAMBDA
Figure. 2.3
Figure. 2.4
The above three equations are used to calculate the
RMA figures of a CU-CRATE with n out of n+1 redundancy.
The system avaialabliity and failure rate will be slightly
degraded baecause of the small probability of having
an undetected failure in the unused redundant elements
of the system during the regular preventive maintenance
periods, and at the same time have a failure in the
rest of the items.
The added unavailability because of multiple failures
equals:
B = LAMBDA…0f…T…0e… MTTR…0f…A…0e… LAMBDA…0f…R…0e… MTTR…0f…C…0e…
where
LAMBDA…0f…T…0e… equals the sum of all elements exclusive
of the redundant elements.
MTTR…0f…A…0e… equals the element MTTR
LAMBDA…0f…R…0e… equals the sum of all redundant elements.
MTTR…0f…C…0e… equals the preventive maintenance period, for
instance one week = 168 hours.
The MTTR will not be changed, and the failure rate
is therefore:
LAMBDA = ̲ ̲ ̲B̲ ̲ ̲ ̲
MTTR …0f…A…0e…
LIST OF CONTENTS
8. ENVIRONMENTAL CHARACTERISTICS & COMMON ASPECTS
8.1 General
8.2 Climatic Environmental Characteristics
8.2.1 General
8.2.2 Operating Characteristics
8.2.3 Storage and Transport Characteristics
8.3 Electrical Environmental Characteristics
8.3.1 Static Electricity
8.3.2 Electromagnetic Waves
8.3.3 Interference on Power Feed Lines
8.3.4 Overvoltage Protection
8.4 Common Aspect
8.4.1 Safety
8.4.2 Human Engineering
8.4.3 Maintenance and Repair
8.4.4 Expandability
8.4.5 System Life Time
8.4.6 Components
8.4.7 Testing
8.4.8 Marking
8.4.9 Changeable Marking
8.4.10 Mechanical Dimensions
8.4.11 Power Supplies
LIST OF CONTENTS Page
8. ENVIRONMENTAL CHARACTERISTICS & COMMON ASPECTS 2
8.1 General 2
8.2 Climatic Environmental Characteristics 2
8.2.1 General 2
8.2.2 Operating Characteristics 3
8.2.3 Storage and Transport Characteristics 5
8.3 Electrical Environmental Characteristics 6
8.3.1 Static Electricity 6
8.3.2 Electromagnetic Waves 6
8.3.3 Interference on Power Feed Lines 6
8.3.4 Overvoltage Protection 7
8.4 Common Aspect 8
8.4.1 Safety 8
8.4.2 Human Engineering 9
8.4.3 Maintenance and Repair 9
8.4.4 Expandability 11
8.4.5 System Life Time 11
8.4.6 Components 12
8.4.7 Testing 13
8.4.8 Marking 13
8.4.9 Changeable Marking 13
8.4.10 Mechanical Dimensions 14
8.4.11 Power Supplies 14
8. E̲N̲V̲I̲R̲O̲N̲M̲E̲N̲T̲A̲L̲ ̲C̲H̲A̲R̲A̲C̲T̲E̲R̲I̲S̲T̲I̲C̲S̲ ̲A̲N̲D̲ ̲C̲O̲M̲M̲O̲N̲ ̲A̲S̲P̲E̲C̲T̲S̲
8.1 G̲e̲n̲e̲r̲a̲l̲
The Christian Rovsing equipment will be designed,manufactured,tested,
and installed according to the prevailing CR Standards
and Specifications.
Unless otherwise stated, the Christian Rovsing equipment
will furthermore be in accordance with the CCITT recommendations
specified in the Christian Rovsing Technical Specification
at the issue applicable at the time of tender.
8.2 C̲l̲i̲m̲a̲t̲i̲c̲ ̲E̲n̲v̲i̲r̲o̲n̲m̲e̲n̲t̲a̲l̲ ̲C̲h̲a̲r̲a̲c̲t̲e̲r̲i̲s̲t̲i̲c̲s̲
8.2.1 G̲e̲n̲e̲r̲a̲l̲
The equipment is designed and constructed to be used
in normal office environments or air conditioned computer
rooms.
8.3. O̲p̲e̲r̲a̲t̲i̲n̲g̲ ̲C̲h̲a̲r̲a̲c̲t̲e̲r̲i̲s̲t̲i̲c̲s̲
These limits apply to the equipment installed as specified
and operating or under maintenance in a normal office
or computer room environment:
Room Temperature: 15 deg C - 32 deg C
Temperature Change: Less than 6 deg C/hour
Relative Humidity: 20% RH - 80% RH non-con-
densing
Humidity Change: Less than 10% RH/hour
Absolute Humidity: Less than 22g H…0f…2…0e…O/m…0e…3…0f… air
Altitude: 0-2000m
…02…Sinusodial Vibration: Accelaration amplitude of
0.2
g
limited
by
a
maximum
displacement amplitude
of
0.02mm in the frequency
range 5-150Hz
Mechanical Shock: Shock accelaration amplitude
of 1g with 10 mS half-sine
pulse. Not to be repeated
more often than one per
ten seconds.
The units are furthermore able to withstand normal
use and handling during service and maintenance periods.
The different pieces of equipment are designed to operate
in the comparatively benign environment in normal offices
or computer rooms. They are therefore able to tolerate
normal amounts of dust and sand.
The CR80 equipment itself is very insensitive to normal
amounts of dust and sand. The only moving parts are
fan motors and switches, which are all of the encapsulated
type.…86…1 …02… …02… …02… …02… …02…
The peripheral devices like printers and disc drivers
contain more moving parts, and are therefore basically
more sensitive to dust and sand. To avoid problems
these units are therefore supplied with appropriate
air filters and dust covers.
In case of high contents of dust and sand the maintenance
intervals between cleaning and replacement of air filters
must be shortened.
The equipment will not be discoloured or emit harmful
substances when exposed to light or normal heating
sources below 70 deg C.
All metal parts are adequately protected against corrosion
in a normal office environment by means of suitable
forms of painting and plating.
8.2.3 S̲t̲o̲r̲a̲g̲e̲ ̲a̲n̲d̲ ̲T̲r̲a̲n̲s̲p̲o̲r̲t̲ ̲C̲h̲a̲r̲a̲c̲t̲e̲r̲i̲s̲t̲i̲c̲s̲
These limits apply to equipment properly packed for
storage and transport.
Temperature: -40 deg C to 70 deg C.
Relative Humidity: 10%RH - 90%RH, non-condensing
Absolute Humidity: 0.1g H…0f…2…0e…O/m…0e…3…0f… - 35g H…0f…2…0e…O/m…0e…3…0f…
Altitude: 0-10000 m
Sinusodial Vibration: Accelaration amplitude of
1.5 g limited by a displacement
amplitude of 10 mm in the
frequency range 5-150 Hz.
Mechanical Shock: Shock accelaration amplitude
of 25g with 10mS half-sine
pulse.
Note: These limits apply to the outer surfaces of the packaging
container, not to the equipment inside.
During transport and storage the equipment will be
properly protected against attacks from fungi,insects
and rodents by the packaging material.
Furthermore, the inherent properties of the different
materials will also prevent such attacks on the equipment
because they do not contain natural rubber,natural
fibres etc.
8.3. E̲l̲e̲c̲t̲r̲i̲c̲a̲l̲ ̲E̲n̲v̲i̲r̲o̲n̲m̲e̲n̲t̲a̲l̲ ̲C̲h̲a̲r̲a̲c̲t̲e̲r̲i̲s̲t̲i̲c̲s̲
8.3.1 S̲t̲a̲t̲i̲c̲ ̲E̲l̲e̲c̲t̲r̲i̲c̲i̲t̲y̲
All the equipment will perform their intended functions
in a normal ESD environment. In order to reduce the
risk of ESD-induced failures however, high-insulating
floors should be avoided, and semiconducting floors
should be used instead.
The equipment will normally not be affected by a discharge
through 500 Ohm from a 150 pF capacitor charged to
5kV.
8.3.2 E̲l̲e̲c̲t̲r̲o̲m̲a̲g̲n̲e̲t̲i̲c̲ ̲W̲a̲v̲e̲s̲
The equipment will function according to the specifications
when exposed to an electromagnetic field of 1V/m in
the frequency range from 30 MHz to 500 MHz.
The equipment will not radiate electromagnetic waves
stronger than specified in CISPR B (secr)16.
8.3.3 I̲n̲t̲e̲r̲f̲e̲r̲e̲n̲c̲e̲ ̲o̲n̲ ̲P̲o̲w̲e̲r̲ ̲F̲e̲e̲d̲ ̲L̲i̲n̲e̲s̲
The equipment is as standard designed to be fed from
220 V AC source.
All the equipment is supplied with siutable mains filters
and are able to sustain noise pulses on main wires
with amplitudes less than 1000V and rise time longer
than 35nS, pulse duration 0.1 uS to 10uS and repetition
rate less than one per second.
The equipment will not emit more interference voltage
on the mains wires than specified in CISPR B (secr)
16.…86…1 …02… …02… …02… …02… …02…
8.3.4 O̲v̲e̲r̲v̲o̲l̲t̲a̲g̲e̲ ̲P̲r̲o̲t̲e̲c̲t̲i̲o̲n̲
The equipment is not connected directly to the signalling
lines, but to other equipment which then interfaces
to the lines. It is therefore not necessary to provide
the equipment with special line overvoltage protection
circuitry.
8.4 C̲o̲m̲m̲o̲n̲ ̲A̲s̲p̲e̲c̲t̲s̲
8.4.1 S̲a̲f̲e̲t̲y̲
The CR equipment is designed to meet the requirements
of IEC 435, Safety of Data Processing Equipment and
the Danish Safety Regulations.
Human Safety considerations have been taken into account
to protect the operating and maintenance personnel
against dangerous voltage levels or items with high
temperature by means of suitable protective covering
and warning labels. The equipment has also been designed
to eliminate the possibility of physichal injury to
the personnel under normal opertaing and maintenance
conditions..
Equipment Safety has been taken into account by inherent
protection against overcurrent and other dangerous
error conditions.
The equipment will not emit dangerous fumes when exposed
to light or normal heating sources below 70 deg C.
The equipment is manufactured from self-extinguishing
materials, but it may still be involved in a fire accident,
in which case the equipment will not give off more
poisonous gases than electronic equipment or building
materials normally do.
The acoustic noise emitted from the fan unit or other
units like terminals and disc drives will not exceed
70dB(A) re 20uPa measured in a distance of 2m under
free-field conditions.
8.4.2 H̲u̲m̲a̲n̲ ̲E̲n̲g̲i̲n̲e̲e̲r̲i̲n̲g̲
The equipment is designed with great emphasis on human
engineering aspects to ease the normal use,maintenance
and repair. The basic design is therefore a modular
self-contained construction where all normally used
fuses,switches,controls and displays are located is
such a way as to make them easily accesible on front
or near panels. The colour of LED indicators are standardised,
Red means alarm or error, Yellow is a status indicator
and Green means Power On or Working.
8.4.3 M̲a̲i̲n̲t̲e̲n̲a̲n̲c̲e̲ ̲a̲n̲d̲ ̲R̲e̲p̲a̲i̲r̲
In the design of the equipment great emphasis has been
put on maintenance. Meaning that the system can be
changed, updated or repaired without affecting the
traffic handling.
Repais is very easy due to the modular construction
where a module can be exchanged without use of special
tools. All the modules except the direct interface
to the lines can be changed without affecting the operation
due to the redundancy. This is applicable for both
the central processor and the input/output system.
The design is based upon distributed processing with
processors in more levels from the CR80 central processor
configuration to the LTU's. Besides the operational
work performed by the different processors in the system
these are also running tests to ensure proper system
operation. The principle used in the design of programs
is to a great extent based upon built-in test, meaning
that the modules will perform a self-test when requested
from the central processor and present a status specifying
the result of the test.
If a failing module is detected, it will, if possible,
be bypassed and the type and exact position of the
module will be printed out on the system console so
that it can be replaced by means of an operator. In
addition to the console print-out specifying the location
of the failing module, most of the modules have built-in
light emitting diodes on the front panel which shows
the status of the module (operating or faulty).
When used, test points will be located at easily accessible
places on front panels etc. Sensitiive test points
are protected if misuse can cause serious disturbance.
Due to the extensive use of microprocessors the system
can perform basic operations; even if a major part
of the hardware is out of service.
The modules are self-contained mechanical units which
slide into the frame aligned by the frame itself so
that the contacts are not damaged when modules are
replaced.
On the mechanics used for alignment no limit for exchange
of modules exists. The connectors used for interfacing
the modules to the remaining part of the system, normally
edge connectors, are a high quality type which allow
for more than 500 module exchanges.…86…1 …02… …02…
…02… …02… …02…
8.4.4 E̲x̲p̲a̲n̲d̲i̲b̲i̲l̲i̲t̲y̲
System extension is very easy to perform just by adding
the required hardware modules, crates, and racks and
integrate one side of the system while the other is
opertaing, and when this side is integrated and tested,
then switch the traffic to that side and extend the
last side. When this side is intergrated and tested
the system is ready to be put into normal operation,
i.e., that both sides of the system can handle the
extended traffic.
The systems are of a modular construction, where the
modules are mechanical self-contained circuit-boards
operating in accordance with a set of interface specifications
which are completely independent of the actual design
and technology used for implementing the modules' function.
8.4.5 S̲y̲s̲t̲e̲m̲ ̲L̲i̲f̲e̲ ̲T̲i̲m̲e̲
As mentioned above, the modules in the system are designed
to be compatible with a set of interface specifications
which covers mechanical, electrical, and functional
interfaces thereby allowing the modules to be changed
with modules of a new generation without adjustments
and without affecting the remaining part of the system
soft- or hardware.
By using this approach in the complete hardware, central
processor and interface modules, procurement of new
modules for system expansion, and spare parts are not
dependent on one single manufacturer or a specific
component and can therefore be guaranteed during the
long lifetime of the system.…86…1 …02… …02… …02… …02…
…02…
8.4.6 C̲o̲m̲p̲o̲n̲e̲n̲t̲s̲
The CR80 equipment is designed and produced according
to detailed internal standards and procedures. This
practice yields a product of high quality and reliability,which
has been produced and delivered to several military
systems.
The components used in the design are standard components
available from more than one manufacturer and to a
great extent MIL-specified and used in military projects
all over the world which ensures that the components
will be available on the market during the lifetime
of the system.
The critical components are tested to be in accordance
with the procurement specification, either by the component
manufacturer or by special test houses like the Danish
Elektronikcentralen.
The electrical design is performed in accordance with
CR internal standards which ensures that no component
in the system is overexposed to stressful conditions
or used under conditions for which the component is
not intended, thus securing a very low module failure
rate.
The only expendable items are things like air filters,
fuses and indicator lamps. They are all standard types
which are readily available.
8.4.7 T̲e̲s̲t̲i̲n̲g̲
In addition to the test performed on the components
all units are tested before release from the production
to comply with the specifications for the unit. This
test which to a great extent is based upon automatic
test equipment, includes a burn-in test to ensure that
the initial, comparitively high, failure rate for components
is removed before the units are released.
When the units are released they will be tested at
system level before shipment. Upon arrival to the site,
the units will be installed and integrated in the system
and thereafter be subject to extensive tests at system
level.
Coding straps and jumpers are mounted during the unit
production and test phase according to the actual system
requirements.
8.4.8 M̲a̲r̲k̲i̲n̲g̲
All plug-in units, connectors, test points, fuses,
switches, indicators, etc will be given suitable marking
identification to ensure efficient and reliable maintenance
and repair. The markings will sustain normal cleaning
agents, and will therefore still be legible after installation
and testing has been effected.
Component marking will consist of the component manufacturers'
standard marking.
8.4.9 C̲h̲a̲n̲g̲e̲a̲b̲l̲e̲ ̲M̲a̲r̲k̲i̲n̲g̲s̲
The different systems and subsystems will be individually
marked with the system nomenclature and designation
to facilitate identification during maintenance and
repair.…86…1 …02… …02… …02… …02… …02…
8.4.10 M̲e̲c̲h̲a̲n̲i̲c̲a̲l̲ ̲D̲i̲m̲e̲n̲s̲i̲o̲n̲s̲
The standard rack dimensions are:
- Height: 2150 mm
- Width: 600 mm
- Depth: 950 mm
The actual system dimensions and lay-out are described
in section 3.
8.4.11 P̲o̲w̲e̲r̲ ̲S̲u̲p̲p̲l̲i̲e̲s̲
The equipment is as standard designed to be fed from
220V AC source with the following characteristics:
Voltage: 220V, +7%, -10%
Frequency: 50Hz, +0.5%, -1.0Hz
Limits of superimposed interference voltage will be
as described earlier in 8.3.
