ooops forgot to commit for a day
This commit is contained in:
Robin Clark
parent
1c31e67a27
commit
056d759258
19
mybib.bib
19
mybib.bib
@ -796,6 +796,25 @@ OPTissn = {},
|
||||
OPTabstract = {},
|
||||
}
|
||||
|
||||
@TechReport{steamboilers,
|
||||
author = {Nancy Leveson},
|
||||
title = {High-Pressure steam Engines and Computer Software},
|
||||
institution = {University of Washington},
|
||||
year = {1994},
|
||||
OPTkey = {},
|
||||
OPTtype = {},
|
||||
OPTnumber = {},
|
||||
OPTaddress = {},
|
||||
OPTmonth = {},
|
||||
OPTnote = {},
|
||||
OPTannote = {},
|
||||
OPTurl = {},
|
||||
OPTdoi = {},
|
||||
OPTissn = {},
|
||||
OPTlocalfile = {},
|
||||
OPTabstract = {},
|
||||
}
|
||||
|
||||
@Book{aoe,
|
||||
title = {The Art of Electronics},
|
||||
publisher = {Cambridge},
|
||||
|
||||
@ -1,3 +1,40 @@
|
||||
|
||||
\abstract{
|
||||
The ability to assess the safety of man made equipment has been a concern
|
||||
since the dawn of the industrial age~\cite{indacc01}~\cite{steamboilers}.
|
||||
The philosophy behind safety measure has progressed
|
||||
with time, and by world war two~\cite{boffin} we begin to see concepts such as `no single component failure should cause
|
||||
a dangerous system failure' emerging.
|
||||
The concept of a double failure causing a dangerous condition being unacceptable,
|
||||
can be found in the legally binding European standard EN298~\cite{en298}.
|
||||
More sophisticated statistically based standards, i.e EN61508~\cite{en61508} and variants thereof,
|
||||
governing failure conditions and determining risk levels associated with systems.
|
||||
|
||||
All of these risk assessment techniques are based on variations on the theme of
|
||||
Failure Mode Effect Analysis (FMEA), which has its roots in the 1940's mass production industry
|
||||
and was designed to save large companies money by fixing the most financially
|
||||
draining problems in a product first.
|
||||
|
||||
This thesis show that the refinements and additions made to
|
||||
FMEA to tailor them for military or statistical commercial use, have common flaws
|
||||
which make them unsuitable for the higher safety requirements of the 21st century.
|
||||
Problems with state explosion in failure mode reasoning and the impossibility
|
||||
of integrating software and hardware failure mode models are the most obvious of these. %flaws.
|
||||
The methodologies are explained in chapter~\ref{sec:chap2} and the advantages and drawbacks
|
||||
of each FMEA variant are examined in chapter~\ref{sec:chap3}.
|
||||
In chapter~\ref{sec:chap4}, a new methodology is then proposed which addresses the state explosion problem
|
||||
and, using contract programmed software, allows the modelling of integrated
|
||||
software/electrical systems.
|
||||
This is followed by two chapters showing examples of the new modular FMEA analysis technique (Failure Mode Modular De-Composition FMMD)
|
||||
firstly looking at electronic circuits and then at electronic/software hybrid systems.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
}
|
||||
|
||||
\section{Introduction}
|
||||
|
||||
Msc project Euler/Spider Diagram editor --- Euler/Spider Diagrams
|
||||
|
||||
Loading…
Reference in New Issue
Block a user