ECSS-Q-HB-30-08A

14 January 2011

Space product
assurance
Components reliability data sources
and their use

ECSS Secretariat
ESA-ESTEC
Requirements & Standards Division
Noordwijk, The Netherlands
 ECSS‐Q‐HB‐30‐08A
14 January 2011

Foreword
This Handbook is one document of the series of ECSS Documents intended to be used as supporting
material for ECSS Standards in space projects and applications. ECSS is a cooperative effort of the
European Space Agency, national space agencies and European industry associations for the purpose
of developing and maintaining common standards.
This handbook has been prepared by the ECSS‐Q‐HB‐30‐08 Working Group, reviewed by the ECSS
Executive Secretariat and approved by the ECSS Technical Authority.

Disclaimer
ECSS does not provide any warranty whatsoever, whether expressed, implied, or statutory, including,
but not limited to, any warranty of merchantability or fitness for a particular purpose or any warranty
that the contents of the item are error‐free. In no respect shall ECSS incur any liability for any
damages, including, but not limited to, direct, indirect, special, or consequential damages arising out
of, resulting from, or in any way connected to the use of this document, whether or not based upon
warranty, business agreement, tort, or otherwise; whether or not injury was sustained by persons or
property or otherwise; and whether or not loss was sustained from, or arose out of, the results of, the
item, or any services that may be provided by ECSS.

Published by: ESA Requirements and Standards Division

ESTEC, P.O. Box 299,
2200 AG Noordwijk
The Netherlands
Copyright: 2011 © by the European Space Agency for the members of ECSS

2
 ECSS‐Q‐HB‐30‐08A
14 January 2011

Change log

ECSS‐Q‐HB‐30‐08A First issue

14 January 2011

3
 ECSS‐Q‐HB‐30‐08A
14 January 2011

Table of contents

Change log .................................................................................................................3

1 Scope.......................................................................................................................6

2 References ..............................................................................................................7

3 Terms, definitions and abbreviated terms............................................................8

3.1 Terms from other documents ..................................................................................... 8
3.2 Abbreviated terms ...................................................................................................... 8

4 Selection of reliability data and methods .............................................................9

4.1 Introduction................................................................................................................. 9
4.2 Selection process ....................................................................................................... 9
4.3 Description of data ................................................................................................... 12
4.3.1 Handbook reliability data ............................................................................ 12
4.3.2 Manufacturer or user data .......................................................................... 12
4.4 Selection criteria for input sources ........................................................................... 12
4.4.1 Reliability handbooks.................................................................................. 12
4.4.2 Manufacturer or user data .......................................................................... 14
4.5 Justification for choice .............................................................................................. 15
4.6 Instructions for use ................................................................................................... 16
4.6.1 Reliability handbooks.................................................................................. 16
4.6.2 Manufacturer or user data .......................................................................... 16
4.7 Considerations for reliability prediction for mechanical parts ................................... 17
4.7.1 General....................................................................................................... 17
4.7.2 Part failure data analysis ............................................................................ 18
4.7.3 Empirical reliability relationships................................................................. 18
4.7.4 Analysis of the stress-strength ................................................................... 18
4.7.5 Handbook data ........................................................................................... 19
4.8 Documentation ......................................................................................................... 19

Annex A Potential data sources.............................................................................20

A.1 Introduction............................................................................................................... 20

4
 ECSS‐Q‐HB‐30‐08A
14 January 2011
A.2 EEE parts ................................................................................................................. 20
A.2.1 AT&T reliability manual............................................................................... 20
A.2.2 FIDES (UTE C 80-811)............................................................................... 20
A.2.3 HRD5.......................................................................................................... 20
A.2.4 IEEE Gold Book.......................................................................................... 21
A.2.5 IRPH ........................................................................................................... 21
A.2.6 MIL-HDBK-217 ........................................................................................... 21
A.2.7 PRISM (RAC / EPRD) ................................................................................ 21
A.2.8 RDF 2000 (UTE C 80-810, IEC-62380-TR Edition 1)................................. 21
A.2.9 Siemens SN29500...................................................................................... 22
A.2.10 Telcordia SR-332........................................................................................ 22
A.3 Mechanical parts ...................................................................................................... 22
A.3.1 NPRD-95 .................................................................................................... 22
A.3.2 NSWC-94/L07 - Handbook of Reliability Prediction Procedures for
Mechanical Equipment ............................................................................... 23

Annex B Applicability and limitations of MIL-HDBK-217F ...................................24

B.1 Introduction............................................................................................................... 24
B.2 EEE families applicability matrix............................................................................... 24
B.3 EEE packages applicability matrix (based on paragraph 5.6 MIL-HDBK-217)......... 27
B.4 EEE part equivalent quality grades .......................................................................... 27

Annex C Justification ..............................................................................................29

Bibliography.............................................................................................................31

Figures
Figure 4-1: Boundaries of ECSS-Q-ST-30-08 (inputs and outputs) ......................................... 9
Figure 4-2: Selection process................................................................................................. 10
Figure 4-3: Decision logic....................................................................................................... 11
Figure 4-4: Selection of manufacturer or user data................................................................ 14

Tables
Table 4-1: Reliability handbook selection criteria ................................................................... 13
Table 4-2: Percentiles of the χ² Distribution at 60 % and 90 % confidence for n<30 ............. 17
Table B-1 : EEE families applicability matrix for MIL-HDBK-217 ........................................... 25
Table B-2 : EEE package applicability ................................................................................... 27
Table B-3 : Designation of EEE part quality grades ............................................................... 28

5
 ECSS‐Q‐HB‐30‐08A
14 January 2011

1
Scope

This handbook identifies data sources and respective methods that can be used for reliability
prediction of components. It proposes suitable data sources and an application matrix for component
families.

6
 ECSS‐Q‐HB‐30‐08A
14 January 2011

2
References

ECSS‐S‐ST‐00‐01 ECSS ‐ Glossary of terms

ECSS‐Q‐ST‐30 Space product assurance ‐ Dependability
ECSS‐Q‐ST‐40 Space product assurance ‐ Safety
ECSS‐Q‐ST‐60 Space product assurance ‐ Electrical, electronic
and electromechanical (EEE) components
IEC 60050‐191 International Electrotechnical Vocabulary ‐
Chapter 191: Dependability and quality of service

7
 ECSS‐Q‐HB‐30‐08A
14 January 2011

3
Terms, definitions and abbreviated terms

3.1 Terms from other documents

For the purpose of this document, the terms and definitions from ECSS‐S‐ST‐00‐01 and IEC 60050‐191
apply.

3.2 Abbreviated terms

For the purpose of this document, the abbreviated terms from ECSS‐S‐ST‐00‐01 apply.

8
 ECSS‐Q‐HB‐30‐08A
14 January 2011

4
Selection of reliability data and methods

4.1 Introduction
This handbook can be used whenever EEE and mechanical components reliability data or failure rates
are needed to perform quantitative dependability or safety analyses in accordance with ECSS‐Q‐ST‐30
or ECSS‐Q‐ST‐40.
The boundaries of this process are shown in Figure 4‐1. Inputs are project requirements, handbook
data and manufacturer or user data. The selection process should consider selection criteria and
methods of use of data. Outputs are usually included in equipment reliability assessments. Selection is
supported by suitable justification.

Figure 4‐1: Boundaries of ECSS‐Q‐HB‐30‐08 (inputs and outputs)

4.2 Selection process

The selection of a suitable methodology is made according to Figure 4‐2. Where the customer requires
that a reliability prediction be computed according to a particular methodology, contractual
requirements are applicable.
The term “methodology” includes the process, data and equations as defined in a particular handbook
or prediction system.

9
 ECSS‐Q‐HB‐30‐08A
14 January 2011

Does the methodology

Does customer require any Use the required
Yes adequately address the Yes
particular methodology? methodology
component?

No

Use this document to select

Use the selected
No between a particular handbook or
methodology
manufacturing data

Figure 4‐2: Selection process

In the case where there is no prescribed methodology, this handbook should be applied and a suitable
methodology should be selected.
In the case where the prescribed methodology does not adequately address the component under
consideration, this handbook should be applied and a suitable methodology should be selected.
In order to perform any reliability predictions, reliability data is needed as an input, and a suitable
methodology needs to be applied.
Figure 3 shows the decision logic that should be applied when selecting data sources. Data should be
obtained from the following sources, in order of preference:
 Handbook data
 Manufacturer or user data.

10
 ECSS‐Q‐HB‐30‐08A
14 January 2011

Start

Collect data on
Collect data on
application
components used
environment

Use scoring system

to examine
applicability of
methodology

Is there an applicable
Yes Use it
methodology

No

Use manufacturer/
User data

Figure 4‐3: Decision logic

A description of data sources is given in clause 4.3.

The choice of a given data source is acceptable if it satisfies the criteria listed in clause 4.4. Data on the
handbook methodology, the components, environment and use should be collected. A suitable
methodology can be selected by using a weighted score ranking scheme, as described in clause 4.4.1.
The rationale for selection is justified according to clause 4.5.
A suitable methodology or instructions for use is described in clause 4.6.
If a handbook is determined to be not suitable for the component, then manufacturer or user data
should be used.

11
 ECSS‐Q‐HB‐30‐08A
14 January 2011

4.3 Description of data

4.3.1 Handbook reliability data

There are a number of reliability handbooks available; these publish reliability metrics on a large
number of components. Some examples are provided in Annex A. Care should be taken with such
data since it is not always possible to ascertain the actual source of the data. The data can be a mix of
field and test data, and even interpolated or extrapolated data can be present.

4.3.2 Manufacturer or user data

4.3.2.1 Manufacturer data

Manufacturer’s data is that which is supplied by the manufacturer based on tests on a particular
component. Data is normally presented according to the methods laid out in IEC 60319.

4.3.2.2 User data

User data is that which is produced by the company performing the prediction for the sole purpose of
deriving reliability information about components that can be obtained in no other way. Data can be,
for instance, from in house testing, user experience, lessons learned, or expert judgement. This
procedure is most often used for unique component types.

4.4 Selection criteria for input sources

4.4.1 Reliability handbooks

Table 4‐1 provides criteria to be considered for the selection of reliability handbooks. The criteria are
listed in order of importance. In order to provide an acceptable evaluation, each of the questions
mentioned should be addressed by the user.
The user should consider the use of a scoring scheme, which is shown in this table. In this example, if
a selection is made between handbooks, then that which has the higher score is considered acceptable.
If there is only one handbook, the scoring may be used to determine the adequacy of the handbook, by
defining a minimum acceptable score.
The scoring factors given in Table 4‐1 are an example. A particular company may wish to change these
scoring factors depending upon their experience.

12
 ECSS‐Q‐HB‐30‐08A
14 January 2011

Table 4‐1: Reliability handbook selection criteria

Item Question Scoring factor
Validity 1a) Is the considered technologya. covered by the GO / NO GO criteria
handbook?
1b) Is information available on the way in which the data 15 for yes
was collected? 0 for no
1c) If yes to 1a and 1b, are data collected and models 10 for yes
implemented according to an international standard 0 for no
or handbook (e.g. IEC)?
Suitability for 2a) Does the handbook cover the space environment? 10 for yes
space 0 for no
2b) Does the handbook consider the parts stress method? 10 for yes
0 for no
2c) Does the handbook address the quality levels of the 10 for yes
components being used? 0 for no
Maintenance of 3a) Has the handbook data been updated in the last 5 10 for yes
data years? 0 for no
3b) Are there any expectations to update the handbook 10 for yes
data in the next 5 years? 0 for no
International 4a) Is the handbook requested by the customer? 10 for yes
recognition 0 for no
4b) Is the handbook recognized by the reliability 5 for yes
community? 0 for no
Usability 5a) Is a commercial software tool available to support the 5 for yes
handbook? 0 for no
Suitability for 6a) Does the handbook provide extrapolation rules (e.g. 5 for yes
new technologies Moore’s law)? 0 for no
Cost Not considered ‐
a. Technology includes the component type, technology, family and package
b. Space environment includes launch vibrations, space vacuum, radiation, and temperature extremes.
c. In space applications, the component quality is in accordance with ECSS‐ST‐Q‐60, its equivalent, or as
otherwise specified.
d. Recognition by the reliability community can include, for example:
‐ It is an international standard or handbook;
‐ It is a national standard or handbook (e.g. MIL‐HDBK‐217);
‐ It is a recognized industrial or other standard or handbook (e.g. Telcordia SR‐332);
‐ It is otherwise recognized by the reliability community.

13
 ECSS‐Q‐HB‐30‐08A
14 January 2011

4.4.2 Manufacturer or user data

Use of manufacturer or user data is considered if data from a reliability handbook is not suitable.
Figure 4‐4 depicts the selection of manufacturer or user data.

Select Data
Source

Is Manufacturer data available? No Is user data available?

Yes Yes

Is data collected as per IEC

Is data presented as per IEC
60300-3-2 and analysed as per
60319 No
IEC 60300-3-5
No

Yes Yes

Perform very detailed check of

Check data provenance Check data provenance
data provenance
Quality review Quality review
Technical review

Data suitable for use? No Perform Risk Assessment

Yes

Use Data Generate reliability data

Figure 4‐4: Selection of manufacturer or user data

The steps for selection are as follows:

1. Select the data source.

14
 ECSS‐Q‐HB‐30‐08A
14 January 2011
2. If manufacturer data is available, check whether data is presented in accordance with IEC
60319, in which case it can be considered for use.
If the data is not presented in accordance with IEC 60319, then a detailed review of the
data should be performed to ensure the following is available:
o tests and test conditions applied to the components;
o lot sampling;
o number of lots;
o manufacturing and testing period;
o technological representativity;
o failure analysis.
Once this data is available, assess the effect of any missing data with respect to the
expected list above.
3. If user data is available, check whether data is collected and presented in accordance with
IEC 60300‐3‐2 and IEC 60300‐3‐5, in which case it can be considered for use.
If data is not presented in accordance with these standards, then a detailed review of data
should be made, to ensure the following is available:
For field return data the following should be reviewed:
o data collection procedures;
o relevance of failures;
o analysis techniques.
For test data the following should be reviewed:
o tests and test conditions applied to the components;
o lot sampling;
o number of lots;
o manufacturing and testing period;
o technological representativity;
o failure analysis.
Once this data is available, assess the effect of any missing data with respect to the
expected list above.
4. Once these checks have been performed, the analyst can decide on the use of the data.
5. In case suitability is not determined, the above steps are repeated to find an alternative.
6. In case a data source cannot be found, a risk assessment should be performed to
determine the necessity for obtaining further data, e.g. via a reliability test programme,
whether to use expert judgement or whether to accept the fact that data is not available
for the particular component under consideration.

4.5 Justification for choice

In order to ensure that any work performed is technically correct, justification for the choices made
should be presented whilst the work is performed. This allows the argument made for the

15
 ECSS‐Q‐HB‐30‐08A
14 January 2011
methodology followed to be understood at some later time. The justification should be included with
the reliability assessment report (see clause 4.7) and may be used as part of any reliability case
argued. Annex C provides more details of the justification.

4.6 Instructions for use

4.6.1 Reliability handbooks

The reliability models and methods that are described within the selected reliability handbook should
be used. Modifications to the models or methods should be supported with the rationale in
accordance with clause 4.4.

4.6.2 Manufacturer or user data

The selected manufacturer or user data should be used in accordance with IEC 60300‐3‐5. Test or
manufacturing data that conforms to this criterion is suitable for failure rate calculation. The failure
rate calculation procedure is described hereafter.
The necessary inputs for failure rate calculation are:
 number and nature of defects, and
 device hours (test duration and number of devices).
The number of devices should be derived using lot sampling procedures in accordance with a
recognized sampling plan such as ISO 2859‐0.
The failure rate can be assessed using the χ² (Chi‐square) distribution for time truncated and failure
truncated tests.
Given the total number of successful part operating hours (T) and the number of failures (f), the
following equations are used to calculate failure rate (λ) from test data:

 n2  10 9
For a time truncated test, where n = 2f + 2: 
2T
 n2  10 9
For a failure truncated test, where n = 2f: 
2T
where
λ= is the failure rate in 10‐9/hour (FIT) at test conditions;
χ² = is the percentile of the χ² distribution at confidence level (failure rates are provided at 60 %
confidence in the commonly used handbooks listed and described in Annex A);
n= is the degree of freedom of the statistics.

The failure rate can be extrapolated to the operating condition by applying the acceleration factor
between test conditions and operating conditions. Information on acceleration factors can be found in
IEC1709 or IEC 721‐3‐3
Percentiles of the χ² distribution at 60 % and 90% confidence level are given in Table 4‐2 for up to 30
degrees of freedom.

16
 ECSS‐Q‐HB‐30‐08A
14 January 2011

Table 4‐2: Percentiles of the χ² Distribution at 60 % and 90 %

confidence for n<30
n ² (60%) ² (90%)
2 1,83 4,61
4 4,04 7,78
6 6,21 10,6
8 8,35 13,4
10 10,5 16,0
12 12,6 18,5
14 14,7 21,1
16 16,8 23,5
18 18,9 26,0
20 21,0 28,4
22 23,0 30,8
24 25,1 33,2
26 27,2 35,6
28 29,2 37,9
30 32,3 40,3

Percentiles of the χ² distribution can be found in various literature.

NOTE The calculated failure rate for a given failure mechanism is highly
influenced by test conditions and the physics of failure. Whatever
the failure mechanism, an acceleration limitation applies. Highly
accelerated tests can induce failure mechanisms that are not
observed in the actual application. This leads to an overestimation
of failure rates. This acceleration limitation applies to all
acceleration factors (e.g. temperature, voltage, and current).

4.7 Considerations for reliability prediction for

mechanical parts

4.7.1 General
For mechanical reliability prediction, four approaches are available:
 part failure data analysis,
 empirical reliability relationships,
 stress‐strength, and

17
 ECSS‐Q‐HB‐30‐08A
14 January 2011
 handbook data.

There are a number of problems that are encountered when performing mechanical predictions and
these are summarized below.
 Part failure analysis
 Data often not available
 Available data is often grouped (individual times to failure are not available)
 For a completely new design, expensive testing may be required.
 Empirical reliability techniques
 Models available for limited number of part types
 New process/material not previously assessed
 Models are often for life and not hazard rate.
 Stress or strength interference analysis
 Results are probability of failure not hazard rate
 Interference often at extremes of distribution tails
 Standard deviation for stress is difficult to get.
 Handbook data
 Constant failure rates are assumed
 Failure rates are not application sensitive
 Design improvements doubtful.

4.7.2 Part failure data analysis

Statistical data analysis is the preferred approach to prediction when accurate failure data exist as part
of a manufacturer’s historical database. This data can also exist as a result of a dedicated reliability test
programme. When such data does exist, the underlying time to failure distribution should be
identified using statistical techniques such as the Weibull analysis. In every case a detailed analysis of
failed parts and their data should be performed to identify trends and failure mechanisms.

4.7.3 Empirical reliability relationships

Empirical reliability relationships are based on extensive testing for different combinations of, for
instance, loading, materials, and dimensions. The tools required to use these models include some
measures of part life and the ability to determine Weibull characteristic life.

4.7.4 Analysis of the stress-strength

An analysis of the stress‐strength relationship involves characterization of statistical distributions for
stresses acting on a mechanical part and material strength. The most positive benefit is the
understanding that stress and strength are subject to variability, and if an incorrect underlying
distribution is selected or variability is not accurately characterized, estimated probability of failure

18
 ECSS‐Q‐HB‐30‐08A
14 January 2011
can be significantly in error. In order to perform a stress‐strength analysis, the stress distribution and
strength distribution should be determined using best engineering practices.
If stress is greater than strength, failure occurs. This failure generally occurs in the area under the
intersection of the strength and stress distribution. Hence it is important to understand the shape and
location of these distributions.
More information on stress‐strength analysis can be found in IEC 60300‐3‐1.

4.7.5 Handbook data

Handbook data exists for mechanical parts and contain generic failure rate data, for example the RAC
publication NPRD. Care should be taken since the data can be quoted in, for instance, Failures/h,
Failures/Cycle, or Failures/Mile and should not be directly compared with data available on other
component types.

4.8 Documentation
Reliability assessment documentation should be prepared in accordance with ECSS‐Q‐ST‐30 and
ECSS‐Q‐ST‐40. The documentation includes:
 the selection process for the data sources,
 the description of calculation methods,
 the derived failure rates, and
 the justification for the methodology and data source choices made.

19
 ECSS‐Q‐HB‐30‐08A
14 January 2011

Annex A
Potential data sources

A.1 Introduction
This Annex provides information to the user concerning data sources for component failure rate
determination. This list is not comprehensive, and is not intended to give a preference for sources. It
remains up to the user to determine which data source is relevant for the application.

A.2 EEE parts

A.2.1 AT&T reliability manual

The AT&T reliability manual is more than just a prediction methodology. Although it outlines
prediction models and contains component failure data the book also describes the AT&T approach to
reliability and covers many diverse reliability topics, albeit with a bias towards reliability prediction.
The main prediction models are based on a decreasing hazard rate model, which is modelled using
Weibull data. In this respect the handbook is unique.

A.2.2 FIDES (UTE C 80-811)

FIDES is a new reliability data handbook (available since January 2004) developed by a consortium of
French industry under the supervision of the French DoD (DGA).
The FIDES methodology is based on physics of failures and is supported by the analysis of test data,
field returns and existing modelling. It aims to enable a realistic assessment of electronic equipment
reliability, including systems operating in severe environments (e.g. defense systems, aeronautics,
industrial electronics, and transport).
The FIDES guide is divided in two parts : a reliability prediction guide and a reliability process control
and audit guide. By identifying the factors contributing to reliability, whether technological, physical
or process‐based, FIDES allows the revision of product definition and intervention throughout the
product lifecycle, to improve and control reliability. FIDES is available on request at
[email protected].

A.2.3 HRD5
The British Telecom Handbook of reliability data, HRD5 is a reliability standard developed by British
Telecommunications plc that also provides models for a wide range of components. In general, HRD5
is similar to CNET 93, but provides simpler models and requires fewer data parameters for analysis.

20
 ECSS‐Q‐HB‐30‐08A
14 January 2011
The HRD5 method is available in a number of commercially available reliability software packages
but the original handbook is no longer on sale

A.2.4 IEEE Gold Book

The IEEE Gold book IEEE recommended practice for the design of reliable, industrial and commercial
power systems provides data concerning equipment reliability used in industrial and commercial
power distribution systems. Reliability data for different types of equipment are provided along with
other aspects of reliability analysis for power distribution systems, such as basic concepts of reliability
analysis, probability methods, fundamentals of power system reliability evaluation, economic
evaluation of reliability, and cost of power outage data.
More information about the IEEE Gold Book can be found on the IEEE website ( http:www.ieee.org).

A.2.5 IRPH
IRPH ITALTEL Reliability Prediction Handbook is the Italian telecommunication companies version
of CNET RDF. The standards are based on the same data sets with only some of the procedures and
factors changed.
The Italtel IRPH handbook is available on request from:
Direzione Qualita, Italtel Sit, CC1/2 Cascina Castelletto, 20019 Settimo Milanese Mi., Italy.

A.2.6 MIL-HDBK-217
MIL‐HDBK‐217, Reliability Prediction of Electronic Equipment, has been the mainstay of reliability
predictions for about 40 years.
The handbook was published by the Department of Defense, Washington DC, U.S.A, and is available
via several websites on the internet. Its last issue is the Rev. F + Notice 2.
The handbook is incorporated within several commercially available reliability software packages..

A.2.7 PRISM (RAC / EPRD)

The RAC (EPRD) Electronic Parts Reliability Data Handbook database is the same as that previously
used to support the MIL‐HDBK‐217, and is supported by a software tool marketed under the name of
PRISM, which is also available as a module of several commercial reliability software packages. The
models provided differ from those within MIL‐HDBK‐217.
The PRISM software is available from the address below, or is incorporated within several
commercially available reliability software packages:
The Reliability Analysis Center, 201 Mill Street, Rome, NY 13440‐6916, U.S.A.

A.2.8 RDF 2000 (UTE C 80-810, IEC-62380-TR Edition 1)

RDF 2000 is the latest version of the CNET handbook which was previously published as RDF93. This
handbook has been adopted by UTEC and is known as the UTEC80810 Reliability Data Handbook.
Recently this handbook has been adopted by IEC under the name IEC‐62380‐TR ‐ Reliability Data
Handbook – Universal model for reliability prediction of electronics components, PCBs and
equipment.

21
 ECSS‐Q‐HB‐30‐08A
14 January 2011
This handbook covers most of the same components as MIL‐HDBK‐217. The models take into account
power on/off cycling as well as temperature cycling and are very complex, with predictions for
integrated circuits requiring information on equipment outside ambient and print circuit ambient
temperatures, type of technology, number of transistors, year of manufacture, junction temperature,
working time ratio, storage time ratio, thermal expansion characteristics, number of thermal cycles,
thermal amplitude of variation, application of the device, as well as per transistor, technology related
and package related base failure rates.
The standard IEC‐62380 is available at:
The UTE UNION TECHNIQUE DE L’ÉLECTRICITÉ ET DE LA COMMUNICATION, Immeuble
VOLTA, 33, avenue du Général Leclerc ‐ BP 23, 92262 Fontenay‐aux‐Roses Cedex, France.

A.2.9 Siemens SN29500

The Siemens SN29500 Failure Rates of components and expected values method was developed by
Siemens AG for use by Siemens and Siemens associates as a uniform basis for reliability prediction.
The standard presented in the document is based on failure rates under specified conditions. The
failure rates given were determined from application and testing experience taking external sources
(e.g. MIL‐HDBK‐217) into consideration. Components are categorized into many different groups,
each of which has a slightly different reliability model. The π factors used in this model take into
account the variations in device operating temperature and electrical stress.
The standard is available on application to Siemens suppliers and customers of Siemens only and can
be obtained through your contact person in the company.

A.2.10 Telcordia SR-332

The SR–332, Reliability Prediction Procedure for Electronic Equipment, completely replaces TR‐332,
Issue 6, and documents the recommended methods for predicting device and unit hardware
reliability. The document contains several forms and tables to facilitate the derivation of reliability
predictions. It contains instructions for suppliers to follow when providing predictions of their device,
unit, or serial system reliability.
Device and unit failure rate predictions generated using this procedure are applicable for commercial
electronic products whose physical design, manufacture, installation, and reliability assurance
practices meet the appropriate Telcordia (or equivalent) generic and product‐specific requirements.
The Telcordia SR–332 is available from the address below:
Telcordia Technologies, Inc., 8 Corporate Place, PYA 3A‐184, Piscataway, NJ 08854‐4156, U.S.A.
The Telcordia SR–332 is incorporated within several commercially available reliability software
packages.

A.3 Mechanical parts

A.3.1 NPRD-95
NPRD‐95 data provides failure rates for a wide variety of items, including mechanical and electro‐
mechanical parts and assemblies. The document provides detailed failure rate data on over 25000
parts for numerous part categories grouped by environment and quality level. Because the data does
not include time‐to‐failure, the document is forced to report average failure rates to account for both

22
 ECSS‐Q‐HB‐30‐08A
14 January 2011
defects and wear‐out. Cumulatively, the database represents approximately 2,5 trillion part hours and
387000 failures accumulated from the early 1970ʹs through 1994. The environments addressed include
the same ones covered by MIL‐HDBK‐217; however, data is often very limited for some environments
and specific part types. For these cases, it then becomes necessary to use the ʺrolled upʺ estimates
provided, which make use of all data available for a broader class of parts and environments.
Although the data book approach is generally thought to be less desirable, it remains an economical
means of estimating ʺballparkʺ reliability for mechanical components. This is available from the
Reliability Analysis Center, 201 Mill Street, Rome, NY 13440‐6916, U.S.A

A.3.2 NSWC-94/L07 - Handbook of Reliability Prediction Procedures for

Mechanical Equipment
This handbook, developed by the Naval Surface Warfare Center – Carderock Division, provides
failure rate models for fundamental classes of mechanical components. Examples of the specific
mechanical devices addressed by the document include belts, springs, bearings, seals, brakes, slider‐
crank mechanisms, and clutches. Failure rate models include factors that are known to impact the
reliability of the components. For example, the most common failure modes for springs are fracture
due to fatigue and excessive load stress relaxation. The reliability of a spring therefore depends on the
material, design characteristics and the operating environment. NSWC‐94/L07 models attempt to
predict spring reliability based on these input characteristics. The drawback of the approach is that,
like the physics of failure models for electronics, the models require a significant amount of detailed
input data (e.g. material properties, and applied forces) that is often not readily available. They also do
not address the issue of manufacturing defects. Data can also be collected from a wide range of
applications and stress profiles, and is often grouped based on similar part types and application
environments.

23
 ECSS‐Q‐HB‐30‐08A
14 January 2011

Annex B
Applicability and limitations of MIL-HDBK-
217F

B.1 Introduction
This Annex provides information to the user about MIL‐HDBK‐217F. Even though it is obsolete, it is
still the most commonly used handbook for the space community and is likely to remain so for some
time after the publication of this handbook
The information here is not comprehensive, and is not intended to express a preference for sources.

B.2 EEE families applicability matrix

The following Table B‐1 provides the limitations of the MIL‐HDBK‐217 when applied to various part
types.

24
 ECSS‐Q‐HB‐30‐08A
14 January 2011

Table B‐1: EEE families applicability matrix for MIL‐HDBK‐217

Component Component category Component MIL‐217 MIL‐217 para and
class sub–category para limits
Active Integrated circuits Logic devices 5.1 ≤ 60 k gates
≥ 0,8 µm
Linear devices 5.1 ≤ 10 k trans
Microprocessors 5.1 ≤ 32 bits
≥0,8 µm
Volatile memories 5.2 ≤ 1 Mbit
≥0,8 µm
Non–volatile 5.2 ≤ 1 Mbit
memories ≥0,8 µm
Magnetic bubble 5.7
memories
VHSIC/VLSI devices 5.3 ≥0,8 µm and die area
(> 60 k gates) limitations
GaAs devices 5.4 ≤ 1 000 elements for
(MMICs) MMIC
≤ 10 000 elements for
digital
Hybrids/MCMs 5.5
SAW devices 5.6
Discrete semiconductor Diodes (LF and HF) 6.1, 6.2
Bipolar transistors 6.3, 6.6, 6.7
Field effect 6.4, 6.9
transistors (FETs)
Unijunction 6.5
transistors
GaAs transistors 6.8
Thyristors/SCRs 6.10
Optoelectronics 6.11
Meters and displays 6.12, 18.1
Laser diodes 6.13 < 3 mW/cm2 and forward
current < 25 A
Tubes 7.1, 7.2
Lasers 8
Passive Resistors Fixed and variable 9.1
Thermistors 9.1
Capacitors All except Tantalum 10.1
Tantalum 10.1
Inductive devices Transformers and 11.1, 11.2
coils

25
 ECSS‐Q‐HB‐30‐08A
14 January 2011

Component Component category Component MIL‐217 MIL‐217 para and

class sub–category para limits
Connectors General 15.1 ≤ 40 A/contact
Sockets 15.2 ≤ 180 contacts
Electronic filters Non‐tunable 21.1
Electromechanical Rotating devices, 12.1/2/3,
devices relays, switches 13.1/2,
14.1/2
Disc drive ‐
Miscellaneous Displays CRT ‐
Quartz crystals Crystal units 19.1 ≤ 105 MHz
Lamps Incandescent, Neon 20.1, 23.1 ≤ 37,5 V (Incan.)
Fuses 22.1
Passive optics Cables, connectors 23.1 No PI E and PI Q
Passive microwave Attenuators 23.1 no PI E and PI Q
devices
Fixed elements 23.1
Variable elements 23.1 no PI E and PI Q
Ferrite devices 23.1 no PI Q
Batteries ‐
PCB and connections PTH 16.1 ≤ 18 circuit planes
SMT 16.2
Solder connections 17.1

MIL‐HDBK‐217 should not be used (nor extrapolated) beyond its limitations identified in the table
above.
When a specific family is not covered by MIL‐HDBK‐217, the methodology prepared in the present
handbook should be used to choose the most appropriate alternative standard or handbook. RDF
(UTE C 80‐810) and Telcordia (SR‐332) are the most recently updated handbooks among these
commonly accepted in the reliability analysis community.
When no handbook properly covers the considered family, the manufacturer’s data can be considered
and should be collected and worked out as described in clause 4.6.

26
 ECSS‐Q‐HB‐30‐08A
14 January 2011

B.3 EEE packages applicability matrix (based on

paragraph 5.6 MIL-HDBK-217)
Table B‐2 provides the limitations of the MIL‐HDBK‐217 when applied to various package types.

Table B‐2: EEE package applicability

Package type Hermetic: DIPs with Flatpacks Cans Non‐hermetic:
DIP w/solder or weld seal, glass seal with axial DIPs, PGA,
Pin Grid Array, SMT leads on 50 SMT (leaded
(leaded and MIL centres and
non‐leaded) non‐leaded)
Maximum
224 64 24 16 224
number of pins
DIP: Dual in‐line package
SMT: Surface mount technology

MIL‐HDBK‐217 should not be used (nor extrapolated) beyond its limitations identified in the table
above.
When a specific package or technology is not covered by MIL‐HDBK‐217, the methodology presented
in the present handbook should be used to choose the most appropriate alternative standard or
handbook. RDF (UTE C 80‐810) and Telcordia (SR‐332) are the most recently updated handbooks
among the commonly accepted in the reliability analysis community.

B.4 EEE part equivalent quality grades

EEE parts quality grades are often needed in order to determine the failure rates. Different handbooks
treat part grades in different ways.
When addressing handbooks referring to quality levels (PI Q), Table B‐3 provides different quality
designations belonging to the same quality grade or level. (based on MIL‐HDBK‐217):
ECSS‐Q‐ST‐60 defines the quality grades applied in space projects and includes the use of non‐
standard parts.

27
 ECSS‐Q‐HB‐30‐08A
14 January 2011

Table B‐3: Designation of EEE part quality grades

Class S Class B Class B1 Other
categories a. categories a. categories a.
Active parts MIL b. JAN Class S MIL b. JAN Class B MIL b. 883 B Level in
MIL QML Class V
b. MIL QML Class Q
b. MIL QML Class M, N,
b. accordance
MIL QML Class K
b. MIL QML Class H
b. T with
manufacturer
MIL b. JANS MIL b. JANTXV, JANJ MIL b. QML Class D, E
test flow and
“S” SCD ESCC c. Level C MIL b. JANTX and JAN
additional
ESCC c. Level B JAXA d. QTS Class II DSCC b Drawing
testing (user
JAXA d. QTS Class I requirements)
Passive parts MIL b. Class S, T MIL b. “P” Failure rate MIL b. “M” or “L”
MIL b. “S” Failure Rate MIL b. Weibull “B” Failure rate
MIL “R” where no “S” ESCC Level C
b. c. DSCC b. drawing
QPL JAXA d. QTS Class II
MIL b. Weibull “C” (“D”
if available)
ESCC c. Level B
JAXA d. QTS Class I
NOTE 1 MIL‐HDBK‐217 contains, as a part of the reliability equations, factors for various parts classes. The factors
for microcircuits are:
*Low (= Class S category) = 0,25
**Medium (= Class B category) = 1,0
***High (= Class B1 category) = 2,0
****Unknown (= Other) = 10,0
Therefore failure of medium grade parts is 4 times more likely than that, for instance, low risk parts.
NOTE 2 Qualification of MIL passive EEE parts to exponential failure rates (S, R, P, M) is granted for the
manufacturing process, NOT the individual parts. Therefore, all products produced on an “S” level line are
“S” failure rated even though the manufacturer can take orders and mark parts to a “higher” (worse) failure
rate, for example “P” level. Therefore, there is generally no advantage to ordering “P” level parts for a Class
B programme when the supplier is qualified to “R” or “S” level.
Exponential failure rate levels are assigned as follows:
“M”= 1,0 %/1 000 hours
“P” = 0,1 %/1 000 hours
“R” = 0,01 %/1 000 hours
“S” = 0,001 %/1 000 hours
NOTE 3 Weibull refers to the 100 % accelerated life test performed on solid tantalum capacitors in order to establish
lot‐specific failure rate levels. Through this, testing failure rate levels are assigned as follows:
Weibull B = 0,1 % failures/1 000 hours
Weibull C = 0,01 % failures/1 000 hours
Weibull D = 0,001 % failures/1 000 hours.
NOTE 4 For passive EEE parts, Class S refers to specifications that are specifically written for space grade or
extremely high reliability applications. Examples include MIL‐PRF‐123 for ceramic capacitors and MIL‐PRF‐
87217 for metallized film capacitors. Class “T” refers to an established reliability level product that is
available with space application relevant testing in addition to the MIL test flow.
NOTE 5 The requirements defined in MIL‐PRF‐38535 for Class “T” active EEE parts are sufficiently vague to consider
them to be of a generally “high” risk for NASA applications. Per MIL‐PRF‐38535E Amendment 5 paragraph
3.4.8, “Class “T for active EEE parts is not for use in NASA manned, satellite, or launch vehicle programmes
without written permission from the applicable NASA Project Office (i.e. cognizant EEE parts authority).”
a. As specified in MIL‐HDBK‐217 for microcircuits (see 5‐15)
b. American Military quality standard (Defense Supply Center Columbus ‐ DSCC)
c. European Space Components Cooperation (ESCC)
d. Japan Aerospace Exploration Agency (JAXA)

28
 ECSS‐Q‐HB‐30‐08A
14 January 2011

Annex C
Justification

In an audit or similar task, justification for the choice of methodology should be provided, so that the
argument for the use of a particular methodology is technically verifiable. In order to provide a
complete justification the motives for performing tasks on a number of distinct levels should be
considered. The general approach is outlined in Figure C‐1, where in the first instance the use of a
particular technique and then each step of the methodology chosen should be justified.

Figure C‐1: Justification process

In order to justify the use of the technique, in this case reliability prediction, there are a number of
considerations that should be applied:
 If reliability prediction is the only way to perform the task in hand or generate information,
then the justification should specify why this is the only way.

29
 ECSS‐Q‐HB‐30‐08A
14 January 2011
 If reliability prediction is not the only way, but is the best way, then the justification should
specify why this is the best way.
 If reliability prediction is not the only way and is not the best way, then the justification should
specify why it is being used (perhaps because it is specified by a customer).
 Once reliability prediction is justified, then the actual prediction methodology should be
justified. This is done in the same manner as the justification for prediction.
 If method “X” is the only way to perform the prediction, then the justification should specify
why this is the only way.
 If method “X” is not the only way to perform the prediction, but is the best way, then the
justification should specify why this is the best way.
 If method “X” is not the only way and is not the best way, then the justification should specify
why it is being used (perhaps because it is specified by a customer).
Once the methodology is justified, any deviations from the methodology, for instance the use of
different failure rates, PI‐factors or equivalents, should be justified in the same manner.
The same approach should be followed when working with manufacturer’s data or other data
sources.
The justifications should be recorded so that the decisions made during the process can be defended.
The justification information can be used along with the results of a prediction as part of any
reliability case (as defined for example, by DEF00‐42 (Part 3) Reliability and Maintainability (R&M)
Assurance Guidance Part 3: R&M Case.

30
 ECSS‐Q‐HB‐30‐08A
14 January 2011

Bibliography

DEF00‐42 (Part 3) Reliability and Maintainability (R&M) Assurance Guidance Part

3: R&M Case
FIDES (UTE C 80‐811) Guide 2004 Reliability Methodology for Electronic Systems, DGA‐
DM/STTC/CO/477
GEIA SSB‐1C GEIA Engineering Bulletin: Guidelines for using plastic
encapsulated microcircuits and semiconductors in military,
aerospace and other rugged applications
HRD5 British Telecom Handbook of reliability data
IEEE Gold Book IEEE recommended practice for the design of reliable, industrial
and commercial power systems
IEC 60319 Presentation and specification of reliability data on electronic
components
IEC 60300‐3‐1 Dependability management ‐ Part 3‐1: Application guide ‐
Analysis techniques for dependability ‐ Guide on methodology
IEC 60300‐3‐2 Dependability management ‐ Part 3‐2: Application guide ‐
Collection of dependability data from the field
IEC 60300‐3‐5 Dependability management ‐ Part 3‐5: Application guide ‐
Reliability test conditions and statistical test principles
IEC 61709 Electronic components ‐ Reliability ‐ Reference conditions for
failure rates and stress models for conversion
IEC 60721‐1 Classification of environmental conditions ‐ Part 1:
Environmental parameters and their severities
IEC TR 62380 Ed.1 Reliability Data Handbook‐Universal model for reliability
prediction of Electronics components, PCBs and equipment or
UTE C80‐810, Reliability Data Handbook – A universal model for
reliability prediction of Electronic components, PCSs and
equipment
IRPH ITALTEL Reliability Prediction Handbook
ISO 2859‐0 Sampling procedures for inspection by attributes ‐ Part 0:
Introduction to the ISO 2859 attribute sampling system
MIL‐HDBK‐217 Reliability prediction of electronic equipment
Siemens SN29500 Failure Rates of components and expected values
SR‐332 Reliability Prediction for Electronic Equipment (Telcordia
Technologies)
UTE RDF 2000 (UTE C 80‐810)

31