

## **Double Isolation**

ECSS-Q-70-12, splinter meeting 17-18 March 2011, ESTEC

F. Tonicello,

TEC-EPM, ESA ESTEC, Noordwijk, The Netherlands

European Space Agency

#### **Double isolation**



OUTLINE OF THE PRESENTATION

- 1. Definitions
- 2. DI, where
- 3. DI, where, examples
- 4. DI, what
- 5. DI, how
- 6. DI, present standardisation activities
- 7. Conclusions......chart 21

Double Isolation | F. Tonicello | ESA ESTEC, Noordwijk, THe Netherlands | 23/11/2010 | TEC-EPC | Slide 2

European Space Agency

#### DI, definitions



1. Double isolation according to ECSS-E-ST-20C, 31 July 2008, paragraph 3.2, " Terms specific to the present standard"

#### *"3.2.12, double insulation*

barrier between conductors or elements of an electronic circuit such that after any credible single failure, conductors or elements of an electronic circuit are still insulated from each other"

2. "Critical lines"... preliminary definition (it does not appear in any known standard yet):

*Critical lines* are those electrical lines requiring, in case of failures, double insulation (either reciprocal or with respect to another conductor) to avoid catastrophic effects or other undesirable consequences

### DI, any "credible" single failure



- Repeat of the main DI definition:
  - "barrier between conductors or elements of an electronic circuit such that after any credible single failure, conductors or elements of an electronic circuit are still insulated from each other"
- Importance of identifying the credible single failure!
- Risk = Severity\* Probability
- Dependant on technology, interface, manufacturing, handling (or mishandling), operator's mistakes and accidents, cleanliness...

Double Isolation | F. Tonicello | ESA ESTEC, Noordwijk, THe Netherlands | 23/11/2010 | TEC-EPC | Slide 4

European Space Agency

#### DI, where



- 1. Applicability of Double Insulation requirements
  - a. to prevent **single** insulation failures\* that may generate or propagate anomalies with critical consequences (catastrophic or anyhow unacceptable consequences) at mission level.
  - Not only **flight** equipment, but also ground support equipment to exclude dramatic effects of single insulation failures affecting flight hardware (through connection interfaces)
- 2. DI is a overhead...

it shall be applied only when and where it is needed... on "critical lines" of course

- 3. Examples
  - a. Power lines (6 examples...)
  - b. Signal lines (2 examples...)

\* SPFF (Single Point Failure Free) approach generally applies

Double Isolation | F. Tonicello | ESA ESTEC, Noordwijk, THe Netherlands | 23/11/2010 | TEC-EPC | Slide 5

European Space Agency



Individual Solar Array Regulators (SAR's)







Double Isolation | F. Tonicello | ESA ESTEC, Noordwijk, THe Netherlands | 23/11/2010 | TEC-EPC | Slide 7

European Space Agency



Combined Solar Array Regulators (SAR's) (2/3 hot redundant)



Double Isolation | F. Tonicello | ESA ESTEC, Noordwijk, THe Netherlands | 23/11/2010 | TEC-EPC | Slide 8

**European Space Agency** 



Power System, Power bus lines



Double Isolation | F. Tonicello | ESA ESTEC, Noordwijk, THe Netherlands | 23/11/2010 | TEC-EPC | Slide 9

European Space Agency



#### Cross strapped lines within a generic, internally redundant equipment



Double Isolation | F. Tonicello | ESA ESTEC, Noordwijk, THe Netherlands | 23/11/2010 | TEC-EPC | Slide 10

European Space Agency



Generic equipment, primary to secondary power (and signal) lines where insulation is required



Double Isolation | F. Tonicello | ESA ESTEC, Noordwijk, THe Netherlands | 23/11/2010 | TEC-EPC | Slide 11

European Space Agency

DI, critical signal lines, examples, #1



Critical, majority voted, essential signals: Error Voltage in Power systems (1/2)

Ideal, no redundancy



Double Isolation | F. Tonicello | ESA ESTEC, Noordwijk, THe Netherlands | 23/11/2010 | TEC-EPC | Slide 12

European Space Agency

DI, critical signal lines, examples, #1



Critical, majority voted, essential signals: Error Voltage in Power systems (2/2)

Real, 2/3 hot redundancy



Double Isolation | F. Tonicello | ESA ESTEC, Noordwijk, THe Netherlands | 23/11/2010 | TEC-EPC | Slide 13

**European Space Agency** 

## DI, critical signal lines, examples, #2



#### Cross strapped lines within an internally redundant equipment



Double Isolation | F. Tonicello | ESA ESTEC, Noordwijk, THe Netherlands | 23/11/2010 | TEC-EPC | Slide 14

European Space Agency





- 1. First indication... reduce instances of critical lines by design as much as possible
- 2. The areas interested to DI are all those conductors that might carry critical lines:
  - a. EEE components and terminations
  - b. PCBs
  - c. Harness (wires & bundles)
  - d. Connectors (including pins and back-shells)
  - e. Bus bars
  - f. All relevant interfaces including conductive supports, brackets, etc





- 1. Concern relevant
  - a. to *design* (as designed status) => Design guidelines and requirements,

but also

- b. to workmanship (as built status) => Unambiguous, reliable and certified process control, based on clear plans and procedures for
  - Design review
  - Manufacturing and Integration review (Inspection)
  - Certification

# DI, how, examples of "possible" implementation measures



#### **1**. EEE components and terminations

- a. Conformal coating, check for interferences before/after equipment integration, additional distance/insulation...
- b. Multiple, independent, different insulating materials used for wires in transformers and coils
- 2. PCBs
  - a. Tracks carrying critical lines: additional distance/insulation, allow only single conductive layer among pre-preg insulation, no tracks on external layers shall be routed beneath any component or bracket
  - b. Via's: to be avoided in tracks carrying critical signal/power lines. Alternatively, redundancy of via's shall be implemented
- **3.** Harness (wires & bundles)
  - a. Multiple, independent, different insulating materials
  - b. Careful harness fixation points, with soft interface
  - c. Careful routing, minimum bending radiuses and minimum distance from moving parts and hinges to be respected

# DI, how, examples of "possible" implementation measures



- 4. **Connectors** (including pins and back-shells)
  - a. Pins/wire interface to be covered by shrinking sleeve according to pre-defined interface drawing and pictures, or specific insulation formers shall be used
  - b. Control on engagement of pins in receptacles, fixation of wires in a bundle to avoid instances of pins retraction during mating
  - c. Clear procedures for mating and de-mating connectors to avoid possibility of bending pins, electrical checks to confirm no bent pins are present, or use of robust connectors for which mating is only possible with correct axial insertion
- 5. Bus bars
  - a. Minimum distance, insulation layer, check for interferences before/after equipment integration, ...
- 6. All relevant interfaces including conductive supports, brackets, etc.
  - a. Minimum distance, insulation layer, check for interferences before/after equipment integration ...

## DI, the "foreign" conductive particle



- Practical method to assess suitability of design against DI ... imagine to run all over the critical points to be double isolated a foreign conductive particle of the maximum size that might be *reasonably* encountered in the application
- 2. OK if no short circuit can be envisaged, on the contrary additional design measures shall be taken

Double Isolation | F. Tonicello | ESA ESTEC, Noordwijk, THe Netherlands | 23/11/2010 | TEC-EPC | Slide 19

### DI, present standardisation activities



- A specific task force is actually nominated to assess DI on PCBs in the frame of ECSS-Q-ST-70-12 preparation, "Design rules for printed circuit boards"
- 2. No additional DI generic guideline or standard activity is presently running

Double Isolation | F. Tonicello | ESA ESTEC, Noordwijk, THe Netherlands | 23/11/2010 | TEC-EPC | Slide 20



- 1. DI is felt as an important key for success of our missions
- DI should not only correctly designed for, it is also important to verify it applying consolidated inspection procedures and resorting to trained personnel
- 3. DI would deserve a combined Agency and Industry effort to specify a minimum, yet sufficient and consistent set of rules and/or guidelines

Double Isolation | F. Tonicello | ESA ESTEC, Noordwijk, THe Netherlands | 23/11/2010 | TEC-EPC | Slide 21

European Space Agency