From Your Severity Assessment — What Needs Testing
Highest RPN
441
MQTT clean_session (N.2)
Newly Elevated
+90 RPN
Latch retract 3.2 (150→240)
Items >200 RPN
7
Require active mitigation
Biggest Win
-192
DFI harness I.1 (216→24)
Your assessment signal: 21 de-risked items (avg -69 RPN) vs 4 elevated items. The 4 elevated items — latch retract (+90), dock misalignment (+36), path deviation (+24), bin seating (+12) — all share one root cause: mechanical interfaces under load at speed. Your instinct about cables getting caught in moving systems is directly in this category. These need targeted accelerated tests, not just cycle counts.
Accelerated Testing Concepts — Applied to V3 Neo
HALT
Highly Accelerated Life TestingIntentionally stress beyond design limits to find the failure margin — not to simulate field life, but to find the cliff edge. You run until it breaks, then back off to 80% of that limit as your operating envelope.
The key insight: you're not trying to simulate 1 year of use. You're trying to find what breaks first. For V3 Neo, this means running the latch and climb motors with progressively heavier bins until motor current hits the trip threshold — that tells you your actual margin.
Apply to V3 Neo: Latch retract test (RPN 240). Start at 16kg bins, go to 20kg, 25kg, 32kg. At each weight: 20 cycles. Log peak current. The point where current exceeds rated = your margin. Anything under 30% margin = action required before go-live.
HASS
Highly Accelerated Stress ScreeningUsed on production units (not prototypes) to screen out infant mortality before shipping. Uses thermal cycling + vibration together to find latent defects — things that would fail in week 1 of deployment due to manufacturing variance.
Different from HALT: HASS is within design limits, applied 100% of the time to all units. HALT is destructive and done once to define limits.
Apply to V3 Neo: Before crating, power the robot on, run 5 full end-to-end sequences (order → climb → pick → PA present → dock) while vibrating the chassis with an orbital sander or rubber mallet taps on the frame. This screens for connector pull-outs and loose crimps that vibration will find in transit.
Step-Stress Testing
Progressive Load EscalationInstead of testing at nominal load for many cycles, step up the stress parameter (load, speed, temperature) at defined intervals. You get the same confidence level in a fraction of the cycles because each step compresses time-to-failure.
N_equivalent = N_step × Σ(stress_factor_i / stress_nominal)^β
β ≈ 3 for mechanical, β ≈ 2 for electronics (inverse power law)
β ≈ 3 for mechanical, β ≈ 2 for electronics (inverse power law)
Practical rule: 10 cycles at 2× load ≈ 80 cycles at nominal load for mechanical systems (β=3).
Apply to V3 Neo: Fork motor test. Instead of 100 picks at 16kg, do: 20 picks at 16kg → 20 picks at 24kg → 20 picks at 32kg. Total: 60 picks but equivalent stress coverage of ~180 nominal cycles. Particularly useful for the SM260BL at 3× the V3 torque.
Zero-Failure Binomial Confidence
How Many Cycles Do You Actually Need?The formula from the PFMEA governs how many cycles you need without a single failure to make a statistical claim that the system is reliable at a given confidence level and failure rate.
n = ln(1 − CL) / ln(1 − p)
CL = confidence level · p = max tolerable failure rate
CL = confidence level · p = max tolerable failure rate
| Confidence | Fail Rate | Cycles Needed | V3 Neo Use Case |
|---|---|---|---|
| 90% | 5% | 45 | Motor smoke tests, connector checks |
| 95% | 5% | 59 | Latch endurance, fork endurance |
| 95% | 2% | 149 | Climb motor (highest field risk, RPN 240) |
| 99% | 1% | 459 | MQTT resilience (RPN 441 — statistical only) |
Key insight: The 200-cycle targets in the PFMEA correspond to ~95%@2% failure rate. For latch retract (RPN now 240, your highest hardware risk), you want 95%@2% = 149 cycles minimum. If you only have time for 60 cycles pre-ship, supplement with Step-Stress (above) to get equivalent confidence.
Cable Snag & Interference Testing Your Specific Requirement
Moving Mechanism Cable Clearance ValidationThis is not a standard IEC test but it's one of the most common causes of field failures in robotic systems with multiple moving axes. The failure mode is insidious: cables appear fine at zero load and low speed, but at full speed with a loaded bin, the cable gets pinched by the mechanism at a specific position in its travel range.
Why it's non-obvious: Cable routing is designed at zero-load, but under load the chassis deflects by 0.5–2mm, cable bundles shift, and the previously safe routing now has a contact point. This typically manifests as an intermittent fault (E-stop or motor error) that disappears when you look at it — because the load is removed for inspection.
LATCH (Extend/Retract)
The Cubemars AK70-10 cable travels with the latch arm. At full extension, the cable is at maximum arc. Under load, the fork body deflects and the cable can contact the fork side wall at approximately 80–90% extension. Test: 20 cycles at full speed with a cable inspection light. Look for any rubbing marks on cable jacket.
FORK (Extend/Retract)
The Feetech SM260BL cable must follow the fork through its full stroke. The EtherCAT cable for the SM260BL is stiffer than the RS485 cable on the V3 (because of shielding). Stiffer cable = higher spring-back force = higher snag risk at full retract. Test: flex cable by hand through full travel range. Minimum bend radius must not be violated at any stroke position.
PA LIFT + TURNTABLE
The PA has two simultaneous moving axes — lift (linear) and turntable (rotary). Cable chains (energy chains) manage the lift cable routing. The turntable cables are the higher risk — they must rotate 180° each presentation cycle. Any extra cable slack accumulates and can contact the bin tray. Test: 50 full present cycles. After cycle 10 and 50, inspect cable routing position visually.
Cable snag pass criteria: (1) No rubbing marks on cable jacket after 50 cycles. (2) No motor current anomalies at any point in travel (a snag shows as a brief current spike). (3) No intermittent motor errors. (4) Minimum bend radius maintained at all travel positions. (5) Cable does not contact bin or any metal edge during full range of motion.
Thermal Soak / Burn-in
Discard Infant Mortality ZoneElectronic components fail non-linearly — they fail most often in the first 10–20 hours of operation (infant mortality), then have a long flat period (useful life), then wear-out. Burn-in deliberately runs the system through the infant mortality zone before shipping.
For V3 Neo: the first 10 navigation cycles are thermal warmup. Discard these for accuracy data. Motor PID tuning doesn't converge until cycle 20–30. Any connector or crimp failure will show up in cycles 5–15.
V3 Neo burn-in target: 10 full end-to-end cycles (order → navigate → climb → pick → present → return → dock) before declaring the robot shippable. Run with telemetry logging. Any error in cycles 1–5 = infant mortality, investigate immediately. Errors in cycles 6–10 = systematic issue, must fix before ship.
Design Margin Testing
Know Your Safety Factor at Every SubsystemFor each subsystem, the question isn't "does it work at nominal?" — it's "how much margin do we have?" A system with 5% margin is a ticking clock. A system with 50% margin can absorb the unexpected variance at a new site.
| Subsystem | Rated Limit | Test At | Min OK Margin |
|---|---|---|---|
| Fork motor torque | 260 kgcm | 32kg bin (worst case) | >40% margin |
| Latch motor (AK70-10) | 85 kgcm | 32kg bin on rack | >30% margin |
| Climb motor current | Kinco MD60 rated | Loaded child + max bin | >25% current margin |
| Battery runtime | Target shift length | Full loaded routes | >20% battery reserve at EOD |
| Navigation accuracy | ±15mm tolerance | Loaded, post 30 cycles | Drift <±10mm average |
Today is Mar 18 — SHIP DAY. Transit ~6 days by rail. Arrival DLF Moti Nagar Mar 24. Full site commissioning Mar 24–25. Go-live target Mar 26 evening (overnight charge test is the final gate).
Mar 18 — Ship Day (Today)
Wed
Mar 18 — TODAY
SHIP DAY
4 crates + spares box sealed & steel-strapped. Load to rail transport. Capture consignment number
DG declaration
Lithium battery paperwork for 2× LFP 240Wh packs. All crate labels: FRAGILE THIS SIDE UP (Hindi + English)
Site handoff
Send on-arrival checklist to DLF team. Schedule Mar 24 arrival inspection call at 9am
Remote site prep
Pre-configure site: MQTT broker live, WiFi SSID/password confirmed, FMS server deployed, power backup tested
Thu–Tue
Mar 19–24
IN TRANSIT
~6 days by rail. Track consignment daily. No action required
Site infra final checks
Confirm AP positioning, MQTT broker stable, FMS E2E smoke test from remote. Resolve any gaps before robot arrives
Bin tag prep
Site team prepares 226-bin QC checklist using SOP in crate 4
Wiring team SOP
Prepare wiring team work plan for any field reconnections at site. Document cable ID reference
Mar 24–26 — Arrival, Commissioning & Go-Live
Mon
Mar 24
ARRIVAL
Inspect crates for crush damage before opening. Remove ALL shipping locks (turntable wedge, fork zip-tie, latch zip-tie, ball screw clamp)
Mechanical inspection
Ball screw smooth by hand. Turntable bearing: no roughness or play. Staubli pins under magnifier (fretting check). All LP-24/YM-20 wiggle test
Load cell recalibration
Zero with no bin. Verify with 1kg test weight. Mandatory — transit vibration drifts baseline
Battery check
Cell voltages delta <50mV before first charge. Connect BMS display. Verify SoC reading consistent
PLC terminal torque
Check all dock DIN rail terminal block screws — re-torque to spec before energising
Tue
Mar 25
First power-on
Mother only. No Child. No faults = proceed. Check all EtherCAT devices enumerate. PA door 10 cycles before any lift/rotate command
Autocharge verify
Dock Mother. Charge current >0.5A within 2 min via M100. LMFB feedback confirmed
QR tag install
Install + inspect all floor QR tags. 100% read rate before any navigation command
WiFi site survey
RF map: rack zone, corridor, PA zone. Flag any dead spots. Reposition AP before navigation test
Navigation + PID
10 navigation cycles. Log position error at each tag. Tune Kinco gains if drift >±10mm
226 bin tag sweep
Full RFID scan of all bin tags per QC SOP. Flag damaged or unreadable tags for replacement
Wed
Mar 26
Loaded climb test
10 climb cycles with max-weight bin, all rack levels. Monitor motor temp + current. Listen for any bind
Full E2E — 5 cycles
5 complete order cycles with real bins. This is the go-live acceptance test. Zero manual interventions required
MQTT resilience
3 broker restart + 2 WiFi dropout scenarios in real bank environment. Verify state recovery
Overnight charge gate
Leave docked from ~8pm. Verify full charge by 6am. This is the final go/no-go criterion
GO-LIVE TARGET
Overnight charge passes = system is live. Handoff to Axis bank operations team. Begin monitoring
Open Tasks Still To Complete (from PFMEA + Assessment Comments)
| # | Task | Owner | Blocks | Must-Do Before | Status |
|---|---|---|---|---|---|
| T-01 | MQTT clean_session=false on all clients RPN 441 — single highest risk in full system. Assessment flag: architecture change needed |
SW/Arch | All network-dependent tests | Mar 13 | |
| T-02 | RC module test cases — plan and execute Assessment comment 0.4: "not well tested, test cases need planning". B1.8 only has 3 cycles |
SW | Remote recovery at site | Mar 15 | |
| T-03 | Cubemars AK70-10 protocol validation at 48V Assessment note 3.1: "Cubemars protocol validation, 24V→48V change verification". New voltage, same motor |
HW | Latch endurance test | Mar 14 | |
| T-04 | Fork motor MQTT trigger management validation Assessment note 4.4: "Fork motor MQTT trigger management needs validation". New EtherCAT + MQTT command path |
SW | Fork integration tests | Mar 15 | |
| T-05 | Dock misalignment test with new castor cup Assessment note 7.2: "Test with new dock and castor cup" — RPN elevated +36. Child-Mother dock redesigned |
HW | Integration tests | Mar 15 | |
| T-06 | Autocharge from dock circuitry end-to-end test Assessment note 13.6: "Autocharge from dock circuitry needs testing". New Staubli 195771 + M100 path |
HW | Overnight site reliability | Mar 14 | |
| T-07 | Load cell plate — check mounting at PA, potential loose Assessment note 10.8: "Loadcell plate might be loose, needs site visit". Physical hardware issue |
HW | Bin weight detection | Mar 13 | |
| T-08 | Bin tag QC checklist + preventive maintenance SOP Assessment note 4.3: "QC checklist and preventive maintenance SOP" — all 226 bin tags need inspection procedure |
Ops | Site commissioning day 1 | Mar 17 | |
| T-09 | Tag reader position change — hardware mount validation Assessment note 5.1: "Position change requires hardware mount validation". Physical mount moved from V3 |
HW | Climb + bin read accuracy | Mar 14 | |
| T-10 | Motor controller — 200 cycles (only 200 run so far per assessment) Assessment note 2.2: "200 cycles run without issues, needs more inference". Target is 200+ cycles for 95% confidence |
HW | Navigation reliability claim | Mar 16 | |
| T-11 | Fork overload — system-wide overload test cases Assessment note 6.2: "System-wide overload test cases". Feetech SM260BL at 3× torque — overload profile unknown |
HW | Fork safety at site | Mar 15 | |
| T-12 | Dock misalignment mechanical test cases with rationale Assessment note 7.2: "Mechanical test cases with proper rationale". ±5mm, ±10mm offset docking tests needed |
HW | Dock reliability at site | Mar 15 |
Major design changes from V3 to V3 Neo. This tab tracks every mechanical, electrical, and software change that needs verification before and during site commissioning. Design review completed over the weekend. Each item has risk tagging and owner assignment.
Major System-Level Changes
Design Changes Tracked
42
Across Mother, Child, PA, Dock
Open Questions
9
Require answers before go-live
New Components (Zero Field Hours)
14
No prior deployment data
Top-Level Changes Requiring Full Validation
1
PA Upgrade — Complete Redesign
New turntable (CRBH6013A bearing), ball screw lift (THK HGW20), Kinco FD415P servo, Omron PLC controls. Zero field hours. All-new MQTT interface to FMS.
CRITICAL
2
Mother / Child Design Update
New suspension springs (longer shafts), new castor cup, PU wheel upgrade, Controls Box Neo with new wiring harness. Mother algorithm changes for navigation accuracy.
CRITICAL
3
FMS Algorithms for PA Transfer
New task sequencing for turntable + lift coordination. MQTT topic structure changed. PLC handshake protocol is entirely new — never deployed at any site.
CRITICAL
4
Charging Dock Restart Logic
External charging via Staubli 195771 connector. M100 controller triggers charge. PLC manages dock power. Restart after overnight charge requires specific boot sequence.
HIGH
5
Production-Related Changes
Powder coating on boxes, new wire guides, updated cable routing. Production changes affect mechanical tolerances and assembly sequence.
HIGH
6
Camera Addition
New camera mounting on both Mother and Child. Additional wiring, mounting brackets, and data path. Cable management in existing tight spaces.
MEDIUM
7
PA Top Cutout Dimensions
New cutout in PA top panel for bin presentation clearance. Dimension tolerances must match bin sizes (Jumbo + Large). Verify no interference with turntable rotation.
MEDIUM
8
MQTT Issues — Architecture Changes
clean_session=false migration, QoS changes, new topic structure for PA PLC, diagnostic message rate reduction (10Hz to 1Hz). Broker persistence configuration.
CRITICAL
9
Mother / Child Algorithm Updates
Navigation PID tuning for new Kinco motors, path planning updates for site-specific layout, loaded vs unloaded dynamics compensation.
HIGH
Mother — Design and Assembly Tasks
Mother Build Tasks
M-01
Electronic Box — Component Placement
Controls Box Neo layout: verify all PCBs, drivers, and bus bars are positioned per updated CAD. Component placement affects thermal path and cable routing.
HIGH
M-02
Electronic Box — Powder Coating
New powder-coated enclosure. Verify coating does not interfere with grounding points. Check all tapped holes for coating buildup. Re-tap if needed before assembly.
MEDIUM
M-03
Electronic Box — Wiring Plan
Complete wiring plan for Mother electronics: power distribution, signal routing, connector mapping. Wiring team needs clear plan before assembly starts.
CRITICAL
M-04
Camera Mounting — Mother
New camera mount position. Bracket design, cable routing through existing frame members. FOV verification after mounting.
MEDIUM
M-05
Side Casing
Updated side casing panels for Mother. Check fitment with new electronic box and wire guide positions. Must not pinch any cables when installed.
MEDIUM
M-06
Wire Guides
New wire guide design for cable management. Critical for preventing cable snag failures (see Cable Snag testing in Accelerated Testing tab). Route all cables through guides before closing casing.
HIGH
M-07
Battery Mounting
New LFP/LMFP 48V 5Ah packs. Mounting bracket accommodates different form factor. Verify vibration isolation and connector strain relief.
HIGH
M-08
New Longer Shafts for Suspension Springs
Suspension spring shaft length increased for V3 Neo. Verify spring preload at new length. Check that shaft does not bottom-out under max load (32kg bin + child weight).
HIGH
Child — Design and Assembly Tasks
Child Build Tasks
CH-01
Moving Castor Cup Upgrade
New castor cup design for improved docking alignment. Verify fitment on Child base. Test dock alignment at +/-10mm offset (feeds into N-02 test).
HIGH
CH-02
Wire Protectors
New wire protection channels on Child frame. Must cover all cable runs near moving parts (latch arm, fork mechanism, climb motor area).
HIGH
CH-03
Casing — Top and Side
Updated casing for Child. Top casing must clear camera mount. Side casing must provide access to latch mechanism for maintenance. Check all screw holes align.
MEDIUM
CH-04
Powder Coating the Box
Child electronics box powder coating. Same concerns as Mother (M-02): grounding, tapped holes, coating buildup.
MEDIUM
CH-05
Mounting External Charging
External charging connector mount on Child. Connector must align with dock pins when Mother docks. Staubli 195771 alignment tolerance is tight.
HIGH
CH-06
Camera Mounting — Child
Camera position on Child for bin-level inspection. Bracket and cable routing. Must not interfere with climb mechanism or latch arm travel.
MEDIUM
CH-07
Bottom Casing
New bottom casing for Child. Must accommodate castor cup upgrade and external charging connector. Check clearance from floor when Mother navigates.
MEDIUM
CH-08
Swap GTB Sensors to Always-Off
GTB sensors being changed to always-off configuration. Verify sensor logic inversion in firmware. Test all sensor-dependent states after swap.
HIGH
CH-09
Changing Circuit to Match External Charging Trigger
Circuit modification for external charging compatibility. M100 trigger must match new Staubli connector pinout. Verify charging initiates correctly.
CRITICAL
CH-10
Check Mother Motor Data Sheet
Verify Kinco iWMC 400W motor specifications match actual unit delivered. Check rated current, peak current, thermal limits against what firmware expects.
MEDIUM
CH-11
Antenna Cable Change
New antenna cable routing for WiFi module. Must maintain minimum cable length for signal quality. Verify RSSI after cable change.
MEDIUM
PA (Presentation Area) — Design and Assembly Tasks
PA Build Tasks
PA-D1
QA Tracking — All PA Components
Full QA checklist for PA assembly: turntable bearing preload, ball screw backlash, lift rail alignment, PLC wiring verification. Each component needs incoming inspection.
CRITICAL
PA-D2
Wiring Tracking — PA Electrical
Full wiring log for PA: PLC I/O, motor drivers, sensors, MQTT interface board. Every connection documented with wire ID for field troubleshooting.
HIGH
PA-D3
Redesign the Box
PA enclosure redesign for Neo. New top cutout, door mechanism upgrade, cable entry points. Verify IP rating maintained after modifications.
HIGH
PA-D4
Latching Logic Without Sensor on Rack (New Homing)
New homing procedure for PA mechanisms without rack-side sensor. Must define zero position using motor current signature or mechanical end-stop. Firmware must handle gracefully.
CRITICAL
PA-D5
End Stops Design Change
Updated end-stop positions on PA lift and turntable. Mechanical hard stops must be positioned to prevent over-travel. Verify end-stop sensor alignment with physical stops.
HIGH
PA-D6
New PA Assembly Sequence
Complete assembly sequence documentation for the redesigned PA. Order of operations matters — certain sub-assemblies must be installed before others due to access constraints.
HIGH
Charging Dock — Design and Assembly Tasks
Dock Build Tasks
DK-01
Staubli Connector Alignment
Staubli 195771 multi-coupling must align with Child connector within +/-2mm. Dock mounting plate adjustability. LMFB feedback pins must engage reliably.
CRITICAL
DK-02
PLC Dock Power Management
PA PLC manages dock power sequence. Architecture risk: charging depends on PLC. Consider hardware relay bypass for overnight reliability.
HIGH
DK-03
Dock Restart / Wake-Up Sequence
After overnight charge, dock must trigger robot wake-up at scheduled time. Define boot sequence: PLC powers on, M100 status check, robot MCB enable, 3-min boot.
HIGH
Open Questions — Must Answer Before Go-Live
Questions to Answer
Q-01
How much testing is enough?
Statistical answer: see Zero-Failure Binomial in Accelerated Testing tab. 95% confidence at 2% failure rate = 149 cycles for high-risk items. Practical answer: complete the subsystem + integration test plan with zero critical failures.
Q-02
What all might fail at site?
See severity-assessment.html — 73 failure modes catalogued. Top risks: MQTT (RPN 441), charging (RPN 200+), latch (RPN 240). Transit damage is addressed in shipping-risk.html.
Q-03
Final BOM accuracy — are we shipping the right parts?
BOM reconciliation dashboard tracks delta between design BOM and actual procurement. See bom-reconciliation.html. Critical gaps must be closed before crating.
Q-04
Execution plan for site — who does what, when?
Full Timeline tab has day-by-day plan for Mar 24-26. Commissioning owner assignments needed. Wiring team on-site schedule must be confirmed.
Q-05
DFMEA parameters — are our severity scores calibrated?
Current severity scores are based on V3 field data + engineering judgment. Consider running a process-level DFMEA study for Mother/Child design updates to validate assumptions.
Q-06
Inventory challenges — spare parts coverage
Spare parts tracker (spare-parts-tracker.html) identifies gaps. Key concern: long-lead items with zero spares at site. Must ship critical spares with the main crate.
Q-07
Site preparation — is DLF Moti Nagar ready?
Rack installation, power provisioning, network infrastructure, floor QR tags, PA mounting. Site readiness checklist must be confirmed by DLF team before robot arrives.
Q-08
Timeline clarity — can we hit Mar 26?
Mar 18 ship, Mar 24 arrival, 2 days commissioning, Mar 26 go-live. Zero contingency buffer. Any transit delay or critical failure at site pushes go-live.
Q-09
Total test cycles needed — how do we track?
Use subsystem test tab status tracking. Each test case has pass/fail/in-progress status. Accumulate cycle counts across pre-ship and site commissioning phases.
Process FMEA Consideration
Should we run a Process-Level DFMEA? With this many design changes from V3 to V3 Neo (42 tracked items above), the Mother/Child system has fundamentally changed. The current severity assessment is a design FMEA. A process FMEA would evaluate the assembly and manufacturing risk — i.e., the risk that we build it wrong, not that we designed it wrong. Given the tight timeline, a focused process FMEA on the top 10 items (marked CRITICAL above) is recommended during the transit window (Mar 19-23). See pfmea-dashboard.html for the full process FMEA framework.
Cable snag flags 🔌 CABLE RISK are marked on any test case where cable interference with the moving mechanism is a realistic failure mode. These require visual inspection mid-test, not just pass/fail at the end.
Latch System (RPN 240 — Highest Hardware Risk After Assessment)
| ID | Test Case | Method | Cycles | Pass Criteria | Fail Criteria | Status | Comments |
|---|---|---|---|---|---|---|---|
| L-01 | Latch protocol at 48V 🔌 CABLE RISK T-03 prerequisite. Cubemars AK70-10 was 24V in V3, now 48V. Protocol timing changes with voltage |
Power on latch controller only. Send extend command. Measure response time and current draw at 48V. Compare to 24V spec sheet values. | 5 cycles | Response time within 10% of spec. Current at 48V ≤ rated. Encoder position feedback correct. Cable moves freely at all positions. | Any overcurrent fault. Response time >2× spec. Cable contacts chassis at any position. | ||
| L-02 | Latch extend-retract nominal load 🔌 CABLE RISK Baseline cycle count at nominal weight. Establishes current/position baseline before step-stress |
Load child with 16kg bin on rack. Run latch extend → hold 2s → retract. Log peak current, position error, cycle time each rep. Inspect cable routing at rep 10 and 20. | 20 cycles | Zero failed extends/retracts. Peak current <70% rated. Position error <±2mm. No cable marks after 20 cycles. | Any extend or retract failure. Current >85% rated. Cable abrasion marks visible. | ||
| L-03 | Latch step-stress — 24kg then 32kg 🔌 CABLE RISK Step-stress methodology: 20 cycles at 24kg, 20 cycles at 32kg. 10 cycles at 2× load ≈ 80 nominal. This gives equivalent confidence of ~140 nominal cycles |
20 cycles with 24kg bin. Log all metrics. Inspect cables. Then 20 cycles with 32kg (Jumbo max). Final cable inspection. Check for any deflection or flex in latch arm bracket at max weight. | 40 cycles | Zero failures at both weights. Current margin >30% at 32kg. No bracket flex >1mm. Cable routing unchanged after 40 cycles. | Any failure at 32kg. Current margin <20% at 32kg. Any cable snag or contact point found. | ||
| L-04 | Latch recovery — manual extraction procedure Assessment note 3.2: "Test under load with manual extraction procedure". If latch jams on rack, what does the operator do? |
With 32kg bin on rack, deliberately trigger latch fault (kill power to latch motor mid-extend). Time manual extraction. Verify operator can retrieve child without tools in <5 minutes. | 3 scenarios | Manual extraction completes <5 min. No damage to rack. Documented SOP confirmed correct. | Extraction takes >10 min. Rack or latch damage on extraction. SOP is missing a step. | ||
| L-05 | Latch brake hold under vibration New brake added in V3 Neo. Must hold extended position under lateral vibration (child swaying on rack) |
Latch extended, child loaded with 32kg. Apply lateral force by hand (5N, 10N, 15N) at child base. Verify latch does not slip. Use AK70-10 brake command to hold. | 9 tests | No slippage at 15N lateral force. Encoder position change <1mm under force. Brake releases cleanly on command. | Any slip under <10N force. Encoder drift >3mm under lateral load. |
Fork System (RPN 96 — Newly Elevated, New EtherCAT Protocol)
| ID | Test Case | Method | Cycles | Pass Criteria | Fail Criteria | Status | Comments |
|---|---|---|---|---|---|---|---|
| F-01 | Fork cable minimum bend radius check 🔌 CABLE RISK EtherCAT cable for SM260BL is stiffer than RS485 on V3. Full stroke must not violate min bend radius |
Manually drive fork to full extend, full retract, 50% position. At each position, measure cable bend radius at tightest point. Compare to EtherCAT cable spec (typically 10× OD min bend radius). | 1 check | Min bend radius maintained at all 3 positions. No kinking or flattening of cable. | Cable kinks at any position. Bend radius <10× OD. Cable contacts guide rail edge. | ||
| F-02 | Fork MQTT trigger → EtherCAT command latency 🔌 CABLE RISK Assessment note 4.4: MQTT trigger management needs validation. New path: MQTT → FMS → PLC → EtherCAT → SM260BL |
Send fork extend command via MQTT. Log time from MQTT publish to first encoder movement. 20 trials. Vary network load (normal, 50% packet loss simulation). Cable inspection after 20 cycles. | 20 cycles | Latency <200ms at zero load. Under 50% packet loss: fork still extends within 500ms. No missed commands. No cable contact. | Any command not executed. Latency >1s at normal conditions. Cable snag found. | ||
| F-03 | Fork overload protection — bin weight escalation 🔌 CABLE RISK Assessment note 6.2: System-wide overload test cases. SM260BL at 3× V3 torque — must confirm overload trip threshold |
Step-stress: 10 picks at 16kg → 10 at 24kg → 10 at 32kg → attempt 36kg (above rated max). At 36kg, verify system either refuses the pick or triggers overload fault correctly. Do NOT allow rack damage. | 31 cycles | All picks ≤32kg complete without fault. At 36kg: overload fault triggers, fork retracts safely. No rack or bin damage. Cable shows zero contact marks after full set. | Overload fault at ≤32kg. No fault at 36kg (safety concern). Cable damage visible. |
PA Turntable + Lift (RPN 150–160 — All New, Zero Field Hours)
| ID | Test Case | Method | Cycles | Pass Criteria | Fail Criteria | Status | Comments |
|---|---|---|---|---|---|---|---|
| PA-01 | Turntable cable routing — 180° rotation 🔌 CABLE RISK Turntable rotates 180° each presentation. Cables must follow rotation without slack buildup or contact |
10 slow rotations (10% speed). Observe cable position at 0°, 90°, 180°. Mark any cable that gets close to bin tray edge. Then 40 cycles at full speed. Inspect routing at cycle 10, 25, 40. | 50 cycles | No cable contacts bin tray at any angle. No slack accumulation after 50 cycles. No rubbing marks on cable jacket. | Cable contacts bin tray in any cycle. Slack loops form. Any rubbing marks. | ||
| PA-02 | Ball screw lift — full travel + cable chain 🔌 CABLE RISK THK HGW20 rails + ball screw. Cable chain manages vertical travel. Chain must not bind or contact carriage |
20 lift cycles at full travel range (bottom→top→bottom). Log position accuracy at top and bottom (±2mm tolerance). Verify cable chain deploys and retracts without sagging. Load: 32kg bin. | 20 cycles | Position accuracy ±2mm at both ends. Cable chain no contact with any moving part. Backlash <2mm over full run. | Position error >2mm. Cable chain contact with carriage. Any binding in travel. | ||
| PA-03 | Bin tilt test — turntable bearing at max weight CRBH6013A bearing: tilt tolerance <2°. Bin contents shift at bank if tilt exceeds 2°. RPN 160 |
Place 32kg bin on turntable. Measure tilt with digital level at 0°, 90°, 180° rotation positions. Repeat after 50 cycles. Check for any change in tilt baseline (bearing wear indicator). | 50+1 check | Tilt <1.5° at all positions at start. After 50 cycles: tilt <2°. No increase >0.3° between start and end. | Tilt >2° at any position. Any increase >0.5° after 50 cycles (bearing wear signal). | ||
| PA-04 | PA door interlock — 100 cycles V3 chronic door failures. V3 Neo "improved" but unvalidated. Interlock must block turntable/lift while open |
100 open-close cycles. At cycles 25, 50, 75, 100: attempt to send turntable rotate command while door open — must be rejected. After 100 cycles, check micro-switch actuation point for drift. | 100 cycles | 100/100 successful opens and closes. All turntable commands rejected while door open (0 exceptions). Micro-switch actuation point drifts <0.3mm after 100 cycles. | Any door jam. Any turntable command accepted while door open. Micro-switch drift >0.5mm. |
Charging & Power System (RPN 200 — Silent Failure Risk)
| ID | Test Case | Method | Cycles | Pass Criteria | Fail Criteria | Status | Comments |
|---|---|---|---|---|---|---|---|
| C-01 | Autocharge — dock to full charge end-to-end Assessment note 13.6: autocharge circuitry needs testing. Silent failure: robot docks but M100 never triggers. Dead by morning. |
Deplete battery to 20%. Navigate to dock. Confirm Staubli 195771 engagement (LMFB feedback pins). Verify charge current >0.5A within 2 min via M100. Leave for 4h. Confirm full charge. | 3 full cycles | Charge current confirmed within 2 min of every dock. Full charge reached in expected time. LMFB feedback consistent across all 3 docks. | Any dock where charge current not confirmed in 2 min. Any silent failure (docked, no current). LMFB inconsistency. | ||
| C-02 | New BMS — first charge cycle cell balance RPN 180. New BMS zero field cycles. Cell voltage delta must be <50mV at end of charge |
Discharge to 20%. Charge to full. Measure all cell voltages individually at 100% SoC. Repeat for cycle 2. Log delta between highest and lowest cell. | 2 cycles | Cell voltage delta <50mV at end of both charge cycles. BMS does not trigger protection cut-off at any point. SoC reads correctly on display. | Cell delta >100mV. BMS protection trip. SoC reading inconsistent with measured voltage. |
Navigation & Mother (RPN 120–160)
| ID | Test Case | Method | Cycles | Pass Criteria | Fail Criteria | Status | Comments |
|---|---|---|---|---|---|---|---|
| N-01 | PID convergence — Kinco iWMC 400W tuning New 48V EtherCAT motors. PID needs 20–30 cycles to converge. Discard first 10 cycles as thermal warmup. |
Run 40 navigation cycles on full route. Log X/Y position error at each QR tag. Plot error vs cycle number. Confirm convergence by cycle 30 (error should plateau). Tune gains if needed between cycles 20–30. | 40 cycles | Position error converges to <±10mm by cycle 30. Variance reduces cycle-over-cycle from cycle 10 to 30. Consistent ±10mm or better from cycle 30 onwards. | Error >±15mm after cycle 30. Increasing error trend after cycle 30 (runaway drift). Any navigation abort due to motor fault. | ||
| N-02 | Dock alignment tolerance — offset docking Assessment note 7.2: RPN elevated +36. Test with ±5mm and ±10mm intentional offsets using castor cup |
Place dock target at: nominal, +5mm X, -5mm X, +10mm X, -10mm X, +5mm Y, -5mm Y. 5 dock attempts at each position. Record: successful dock %, alignment correction distance, any child instability. | 35 attempts | 100% dock success at ±5mm offset. >80% at ±10mm. No child instability at any offset. Compliant plate correction observed at >5mm offset. | Any failed dock at ±5mm offset. Child instability at any tested offset. Aligner pin bending observed. |
Integration test philosophy: Subsystem tests confirm individual components work. Integration tests confirm the handoffs work — MQTT message triggers the right mechanical action, at the right time, in the right sequence. The failures you haven't seen yet happen at the boundaries, not in the middle of a subsystem.
MQTT Resilience (Highest RPN cluster: 441, 288, 280, 270)
| ID | Test Case | Scenario | Trials | Pass Criteria | Status | Comments |
|---|---|---|---|---|---|---|
| MQ-01 | Broker restart mid-task (clean_session=false) RPN 441 — N.2. If clean_session=true, ALL subscriptions and QoS 2 state lost on reconnect. Must be false. |
Start a task (order received). When robot is mid-navigate, kill broker and restart. Verify: (1) robot pauses safely, (2) reconnects within 30s, (3) resumes task from last known state, (4) no duplicate order execution. | 5 trials | All 5 recoveries complete within 30s. Task resumes (not restarts). No duplicate orders. Robot does not e-stop or require manual intervention. | ||
| MQ-02 | WiFi dropout during climb (robot mid-rack) RPN 280 — N.1. If robot loses WiFi while child is on rack, must hold position safely until reconnect |
Child on rack at level 3. Kill WiFi AP. Verify: child holds position (climb brake engaged), no descent without command. Restore WiFi after 60s. Verify reconnect and task resume. | 3 trials | Child holds rack position (brake engaged) during entire WiFi-out period. Reconnects within 30s of AP restore. Task resumes correctly. No manual intervention required. | ||
| MQ-03 | PLC ↔ FMS MQTT link failure during PA presentation RPN 270 — 10.7. If FMS loses MQTT to PA PLC mid-presentation, lift or turntable may be left in unsafe position |
PA mid-presentation (bin on lift, lift raised). Kill FMS-PLC MQTT connection. Verify: lift stays at position (does not drop), turntable does not spin, door does not open. Restore and verify graceful resume. | 3 trials | Lift holds position during MQTT outage. No autonomous movement. Restore resumes cleanly. No bin spill or fall. | ||
| MQ-04 | QoS 2 stall — message delivery confirmation delay RPN 288 — 1.3. QoS 2 requires 4-packet handshake. If PUBREC not received, publisher stalls. Robot waits forever. |
Inject 500ms delay on MQTT PUBREC response (broker-side network emulation). Send 20 orders back-to-back. Measure: time to first motor movement, any stall detected, timeout handling. | 20 orders | All 20 orders processed. First motor movement within 1s of order receipt even with 500ms delay. No indefinite stalls. Timeout handler fires if delay >2s. |
Full End-to-End Integration (Burn-in Cycles)
| ID | Scenario | Sequence | Cycles | Pass Criteria | Status | Comments |
|---|---|---|---|---|---|---|
| E2E-01 | Nominal order — full cycle, 16kg bin Standard workday scenario. Must complete 100% without intervention for go-live confidence |
FMS sends order → Mother navigates → Child docks to Mother → Child climbs to level 2 → latch extends → fork picks 16kg bin → child descends → fork transfers to PA → turntable → lift → door opens → present to customer → return → dock → charge | 10 cycles | 10/10 completions with zero manual interventions. End-to-end time within target. Log any soft errors (retries OK, but must be logged). | ||
| E2E-02 | Max-weight order — Jumbo bin, 32kg, top rack level Worst-case mechanical load. Every motor at highest stress. Most likely scenario to reveal cable snag or torque margin issues. |
Same as E2E-01 but: 32kg bin, level 4 (highest rack). This maximises climb motor load, latch motor load, fork torque, and PA lift load simultaneously. 🔌 CABLE RISK — inspect cables after 5 cycles. | 5 cycles | 5/5 completions. All motor currents within rated limits. No cable contact marks after 5 cycles. Tilt on PA turntable <2° at all positions. | ||
| E2E-03 | Back-to-back orders — no idle time between tasks Simulates peak bank hours. Thermal load accumulates. Cables see more flex cycles without cool-down. |
Queue 5 orders with 0s gap between them. Robot goes directly from dock to next order without charging. Monitor motor temps, verify no overheating. Cable inspection after 5-order run. | 5 orders | All 5 orders complete. Motor temps don't exceed rated max (check Kinco thermal spec). Battery ≥30% at end of 5 orders. No cable snag found. | ||
| E2E-04 | Power cycle recovery — full system off/on mid-task RPN 162 — P.2. Robot mid-navigate: kill MCB. Restore power. System must boot and recover state cleanly. |
Kill site power (MCB off) while robot is navigating between QR tags. Wait 10s. Restore power. Measure time to full boot (DFI + MQTT reconnect + motor enumerate). Verify position recovery from last known QR tag. | 3 scenarios | System boots within 3 minutes. MQTT reconnects. Robot knows its last known position. Task can be resumed without manual positioning. No data corruption in FMS state. |
From your severity assessment comments + PFMEA gaps: These are the 12 non-testing tasks that must be completed before ship. Separate from test pass/fail — these are build/config/SOP actions.
🔴 Must Do Before Mar 14 (Hardware Ready Day)
| Task | Why | Status |
|---|---|---|
| Load cell plate tightening — physical inspection at PA | Assessment note 10.8: "might be loose" | |
| Tag reader mount validation — verify position change from V3 | Assessment 5.1: position change, mount not re-validated | |
| Cubemars 48V protocol check — current + timing at new voltage | Prerequisite for L-01 test | |
| Autocharge circuit test — M100 → Staubli 195771 path | Assessment 13.6: untested path. Silent failure risk. |
🟡 Must Do Before Mar 17 (Crating Day)
| Task | Why | Status |
|---|---|---|
| MQTT clean_session=false — on ALL clients, not just robot | RPN 441. Must cover broker, FMS, PLC clients. | |
| RC module test plan — 3 power cycle + hibernate/wake scenarios | Assessment 0.4: "not well tested" | |
| Fork MQTT→EtherCAT trigger path — command latency validation | Assessment 4.4: untested command path | |
| Dock castor cup — misalignment test ±10mm | Assessment 7.2: RPN elevated +36 | |
| Bin tag QC SOP — 226 tags inspection checklist for site team | Assessment 4.3: no QC procedure exists | |
| Manual latch extraction SOP — documented, timed | Assessment 3.2: RPN +90, extraction procedure needed | |
| Fork overload test plan — SM260BL trip threshold confirmed | Assessment 6.2: 3× torque upgrade, no overload profile | |
| DG declaration for 2× LFP 240Wh batteries | Rail shipping legal requirement |
Site Commissioning — On Arrival Mar ~24 (Not Ship-Blocking But Must Be Scheduled)
| Activity | Cycles / Duration | Owner | Notes from Assessment |
|---|---|---|---|
| Climb endurance — loaded, all rack levels | 200 cycles over 3 days | HW | V3 #3 error. Kinco MD60 unchanged but must validate at new 48V power supply and new frame geometry |
| Latch endurance — beyond pre-ship cycles | 140+ additional cycles to reach 200 total | HW | RPN 240. Pre-ship gets to ~60 cycles (step-stress equiv). Site gets to statistical 95%@2% |
| Navigation endurance — full loaded routes | 60 additional routes (to reach 100 total) | HW/SW | Assessment 2.7: navigation accuracy 160 RPN. Needs site-specific QR tag verification |
| Charging endurance — 40 additional dock cycles | 40 dock-charge-undock cycles | HW | Pre-ship only gets 3 full cycles. Site gets to 50 total for charging confidence |
| WiFi site survey | 1 survey (2–3 hours) | Infra | RPN 240 (N.4). Map all dead zones in bank environment. Rack zones are dense steel — known interference source |
| 226 bin tag inspection + RFID scan | Full sweep, 1 day | Ops | Assessment 4.3: QC SOP to be prepared pre-ship (T-08) |
| Load cell recalibration | 30 min | HW | Mandatory after transit vibration drift (see shipping risk page) |
| MQTT resilience — 20 disconnect scenarios at site | 1 day | SW/Infra | RPN 441/280/288. Pre-ship tests 5–8 scenarios. Site environment has different WiFi characteristics |