When Technical Conservatism Becomes Technical Risk

Written By Rushton Westcott
Role Electrical Engineer
Organization Lockheed Martin
Environment High-reliability prototype, defense-grade tolerances

The Problem: A Waveform That Whispered Warning

During validation testing on a high-reliability prototype program at Lockheed Martin, I noticed something most engineers would dismiss: subtle trailing-edge degradation in a 10V flyback converter's output waveform as load current decreased. The circuit technically passed all specifications, but the behavior suggested we were approaching the boundary between continuous conduction mode (CCM) and discontinuous conduction mode (DCM)

"In high-consequence systems, the difference between 'technically compliant' and 'genuinely robust' often emerges only under operational stress—when it's too expensive to fix."

This wasn't just an academic concern. In DCM, converters exhibit higher output ripple that varies nonlinearly with load—exactly the kind of instability that propagates through tightly coupled control systems. In a program with minimal tolerance for transient faults, this represented a latent failure mode waiting for the right combination of environmental conditions to manifest.

The challenge:

Surface a risk that hadn't yet caused failure, in a component outside my formal expertise area, while navigating aggressive schedule pressure and organizational preferences for conservative, SME-led design decisions.

The Analysis: First Principles Under Pressure

With no formal switch-mode power supply design background and limited time, I rebuilt the flyback converter analysis from electromagnetic fundamentals. The core physics is straightforward: the CCM/DCM boundary is defined by the relationship between switching frequency, duty cycle, inductance value, and minimum load current.

The Elegant Solution

Increasing the coupled inductance would shift the CCM boundary lower, allowing the converter to maintain continuous conduction across the entire operating range. Better yet: higher-value inductors were available in the same package footprint.

This was the critical insight—no PCB redesign, no layout changes, no re-qualification testing. A $500 component substitution that addressed the root cause while preserving schedule and cost. The technical solution aligned with organizational constraints rather than fighting them.

The Proposal Framework

I framed the recommendation around what matters to program leadership: **risk, cost, and schedule**. Rather than leading with circuit theory, I positioned it as: "Here's marginal behavior indicating system-level risk, and here's a component-level mitigation that adds margin without requiring redesign or schedule impact."

What Happened: Organizations Choose Familiarity

Despite the analysis, the proposal was rejected on the primary program. The team pursued a full redesign optimized for DCM operation—viewed as the more conservative, formally supported path given design authority boundaries and institutional skepticism about power supply guidance from someone without SMPS credentials.

The consequences were predictable:

The redesigned board exhibited approximately **10% output voltage ripple** under specific load conditions, triggering brownout sensitivity in the control electronics and system lockdown protocols. What followed was a cascade of late-stage problems:

  • Extended troubleshooting cycles consuming weeks of engineering time

  • Manual "white-wire" rework of prototype units (40-60 hours per unit)

  • Additional functional and environmental retesting

  • 6-8 week schedule slip during critical program phase

"Technical conservatism doesn't always produce reliable outcomes. The 'properly engineered' DCM redesign proved riskier than the simpler CCM preservation approach."

The Parallel Program Validation

Meanwhile, other high-reliability programs facing identical challenges adopted the CCM-preservation approach. These implementations operated within original tolerances throughout integration—no ripple issues, no rework, no schedule delays. The contrast provided empirical evidence: operating mode stability mattered more than optimization within that mode.

Quantified Impact

$150K+ Cost avoided per program through CCM approach
6-8 weeks Schedule slip prevented on parallel programs
Zero Ripple or brownout issues in CCM implementations

Beyond direct costs, the parallel program outcomes created organizational learning that shifted future power supply design philosophy across multiple product lines. This knowledge diffusion—practical engineering wisdom derived from real program experience—compounds in value across future programs.

Key Takeaways

  • Technical risk compounds exponentially with program maturity

    A $500 component change during design becomes a $50K rework cycle during integration, and a $500K field retrofit after deployment. Early risk identification preserves the degrees of freedom to implement simple solutions before they become complex problems.

  • Conservative redesigns don't guarantee reliability

    The DCM optimization appeared conservative because it followed established patterns, but introduced complexity without addressing fundamental stability. The CCM approach proved more robust in practice—simplicity often beats sophistication in high-reliability systems.

  • Effective decisions require multi-dimensional tradeoff analysis

    Technical correctness is necessary but insufficient. Successful proposals address cost, schedule, risk, and organizational dynamics simultaneously. Frame solutions in terms of decision-makers' priorities, not engineering preferences.

  • Influence requires clear communication and stakeholder alignment

    The parallel program successes shared a pattern: proposals framed to resonate with specific concerns, supported by data that made adoption feel safe. Technical leadership isn't about having the best ideas—it's about packaging those ideas for successful adoption.

Why This Matters

This experience crystallized an approach to technical program management that extends beyond circuit design: **surface risks early, challenge assumptions with data, and prioritize solutions that protect schedule and cost without compromising reliability.**

The principles are universally applicable—systems thinking that traces component behavior to operational consequences, early intervention that prevents exponential downstream costs, and communication strategies that navigate organizational dynamics as skillfully as technical constraints.

As I transition into technical program management roles, this case study reflects the leadership philosophy I bring: create environments where early risk identification is rewarded, where technical merit can prevail over institutional inertia, and where the most valuable contributions are often the quiet insights that prevent expensive mistakes.

Rushton Westcott