TSU CONS Reliability Meeting - 2

Present: M. Blaszkiewicz, L. Felsberger, N. Voumard

Minutes

In the meeting we went through the top-level functionalities FMECA, which is supposed to identify the main functions of the system, their potential failures, effects and criticallity. In selected cases, we also discussed potential other protection layers (such as 2 redundant TSU having to fail in the same way, or redundancy on CIBDS asynchronous dump).

FMECA Table

• The table contains the following situations relevant to the TSU:
  • Normal operation
  • TSU in LOCAL mode
  • Dump request
  • Injection
  • Arming
  • Power outing
• For each of those, we discussed corresponding elements of the table:
  • NV menioned that there is a possibility of a bi-directional link between CIBAB and TSU - requires further discussions with the MI section.
  • DRT is used to have the timestamp of the dump; used for Post Mortem, IPOC, etc.; not critical.
  • LF observed that diagnostic and non-diagnostic functions are handled by the same FPGA - which can be problematic in case of a failure like a clock failure.
  • In the LOCAL mode, the requests are still transferred to the LBDS. 

Actions

1. Review the table from the presetnation. 
2. Build a Fault Tree for failure modes which are identified as the most critical and likely to occur. 
3. (NV) Check what happens when one of the UPS units fails; whether it is registered or noticed somehow.  
4. Other matters to check:
   • Whether Ring BIS is an input to the Injection BIS
   • What is the procedure to dump the beam when it's not possible via neither TSU nor CIBDS.