diff --git a/submission_thesis/CH8_Conclusion/copy.tex b/submission_thesis/CH8_Conclusion/copy.tex index 2155bd6..0f08813 100644 --- a/submission_thesis/CH8_Conclusion/copy.tex +++ b/submission_thesis/CH8_Conclusion/copy.tex @@ -25,6 +25,7 @@ In all cases there was a performance gain, that is to say that for all but trivial cases, the number of manual analysis operations to perform was significantly reduced. +\fmmdglossRD % Not only this, but the analysis naturally provided modules which could be re-used, re-used not only in the circuit under analysis but potentially in different and future projects as well. @@ -48,6 +49,7 @@ the examples from chapter~\ref{sec:chap5}. % in this regard. % A unitary state failure mode concept was developed (see section~\ref{sec:unitarystate}), and it was shown that the FMMD process naturally enforced this throughout the hierarchy of a model. +\fmmdglossMUTEX % Finally the FMMD process was described algorithmically using set theory in appendix~\ref{sec:algorithmfmmd}.%{app:alg}. @@ -78,7 +80,7 @@ These benefits fall under the following assumptions and constraints: \item Software is hierarchical and its elements (functions) can be modelled using contract programming. %\item \end{itemize} - +\fmmdglossRD Whilst investigating FMMD a number of further areas for research revealed themselves. @@ -119,7 +121,7 @@ This is very closely related to the structure of FTA (top down) failure causatio The possibility of automatically producing FTA diagrams from FMMD models is examined in section~\ref{sec:fta}. % - +\fmmdglossRD \subsection{Statistics: From base component failure modes to System level events/failures.} \label{sec:bcstats} @@ -140,12 +142,12 @@ use FMMD to produce an FMEDA report. \paragraph{Pt100 Example: Single Failures and statistical data.} %Mean Time to Failure} - +\frategloss From an earlier example, the model for the failure mode behaviour of the Pt100 circuit, we can add {\bc} {\fm} statistics and determine the probability of symptoms of failure. % The DOD electronic reliability of components -document MIL-HDBK-217F\cite{mil1991} gives formulae for calculating +document MIL-HDBK-217F~\cite{mil1991} gives formulae for calculating the %$\frac{failures}{{10}^6}$ ${failures}/{{10}^6}$ % looks better @@ -154,8 +156,8 @@ in hours for a wide range of generic components can give conservative reliability figures when applied to modern components}. % -Using the MIL-HDBK-217F\cite{mil1991} specifications for resistor and thermistor -failure statistics, the reliability for the Pt100 example (see section~\ref{sec:Pt100}) is calculated below. +Using the MIL-HDBK-217F%~\cite{mil1991} +specifications for resistor and thermistor failure statistics, the reliability for the Pt100 example (see section~\ref{sec:Pt100}) is calculated below. % % \paragraph{Resistor FIT Calculations.} @@ -189,7 +191,7 @@ resistor{\lambda}_p = {\lambda}_{b}{\pi}_{R}{\pi}_Q{\pi}_E \end{tabular} \label{tab:resistor} \end{table} - +\frategloss Applying equation \ref{resistorfit} with the parameters from table \ref{tab:resistor} give the following failures in ${10}^6$ hours: @@ -250,6 +252,7 @@ resistor{\lambda}_p = {\lambda}_{b}{\pi}_Q{\pi}_E % Thus thermistor, bead type, `non~military~spec' is given a FIT of 315.0. % +\frategloss Using the RIAC finding we can draw up the following table (table \ref{tab:stat_single}), showing the FIT values for all single failure modes. %\glossary{name={FIT}, description={Failure in Time (FIT). The number of times a particular failure is expected to occur in a $10^{9}$ hour time period.}} @@ -291,6 +294,7 @@ This circuit is around 10 times more likely to fail in this way than in any othe Were we to need a more reliable temperature sensor, this would probably be the fault~mode we would scrutinise first. % +\frategloss % \begin{figure}[h+] \centering @@ -350,6 +354,7 @@ statistics for electronic sourced failures. % %\glossary{name={FIT}, description={Failure in Time (FIT). The number of times a particular failure is expected to occur in a $10^{9}$ hour time period. Associated with continuous demand systems under EN61508~\cite{en61508}}} % +\frategloss \fmmdglossFIT % \subsection{Deriving FTA diagrams from FMMD models} @@ -375,8 +380,16 @@ different behaviour due to environmental or operational states~\cite{nucfta,nasa If we require FMMD to produce full FTA diagrams, we need to add these attributes to the FMMD UML model\footnote{Top down failure mode models, such as FTA, are additionally useful in guiding diagnostic analysis.}. -\fmmdglossINHIBIT % +\fmmdglossINHIBIT +\fmmdglossFTA +% +%% +%% Here could describe how XOR not OR is implemented and how AND +%% only works due to failure symptoms being derived from multiple failures. +%% This is a tangent and probably detracts from the main flow. +%% 02SEP2013 +%% \paragraph{Environment, operational states and inhibit gates: additions to the UML model.} % FTA, in addition to using symbols borrowed from digital logic introduces three new symbols to @@ -407,7 +420,7 @@ An undesired condition may occur where it could be necessary to inhibit some act This is rather like a logical guard criterion. For instance in the gas burner standard EN298 it states that a flame detector must confirm that a pilot flame has been established before the main burner fuel can be applied. In FTA terms this would be an inhibit condition on the main fuel, i.e. PILOT\_NOT\_CONFIRMED. - +\fmmdglossFTA We now look at the nature of these three attributes and decide how they should fit into the UML model for FMMD developed in section~\ref{sec:fmmd_uml}. @@ -423,9 +436,10 @@ Environmental analysis is thus applicable to components. Environmental influences, such as over-stress due to voltage can be eliminated by down-rating components as discussed in section~\ref{sec:determine_fms}. With given environmental constraints, we can therefore eliminate some failure modes from the model. - +\fmmdglossFTA \paragraph{Operational states.} +% Within the field of safety critical engineering, we often encounter elements that include test or self-test facilities. % @@ -470,7 +484,7 @@ both environmental conditions and failure modes. % % % - +\fmmdglossFTA \paragraph{UML Diagram Additional Objects.} The additional objects System, Environment, Inhibit and Operational States @@ -489,13 +503,13 @@ are added to UML diagram in figure \ref{fig:cfg} are represented in figure \ref \clearpage \subsection{Retrospective failure mode analysis and FMMD} - +\fmmdgloss The reasons for applying retrospective failure mode analysis could be: \begin{itemize} %\item approving previously un-assessed systems to a safety standard, - \item to re-visit a safety analysis after a small h/w or s/w change, - \item upon discovery of a new {\bc} {\fm}, - \item or to determine the failure mode behaviour of an previously un-assessed instrument used in safety critical verification. + \item to re-visit a safety analysis after a small hardware or software change, + \item upon discovery of a new {\bc} {\fm}---or in software---a new contract programming requirement, + \item or to determine the failure mode behaviour of an previously un-assessed sub-system/instrument used in safety critical verification. \end{itemize} % verification. % @@ -524,6 +538,7 @@ The electronic components {\fms} are established in the literature~\cite{fmd91,m % Each function in the software would have to be assigned a `design~contract'~\cite{dbcbe} (where violations of contract clauses will be treated as failure modes in FMMD). +\fmmdgloss \paragraph{Effect of newly discovered failure modes in components.} % @@ -539,6 +554,7 @@ This is linked to the concepts behind the need for failure mode coverage against all components in the system, that provoked discussions leading to idealised XFMEA requirements (see section~\ref{sec:reasoningdistance}). % +\fmmdgloss \fmmdglossSFMEA % Using FMMD only those modules in the hierarchy above the @@ -581,14 +597,15 @@ we thus reveal design deficiencies in both the software, the electronics and the %in the hardware/software interface. % \fmmdglossFMEDA +\fmmdgloss FMEDA does not handle software ---or---the software/hardware interface. It thus potentially misses many undetected failures (in EN61508 terms undetected-dangerous and undetected safe failures). In Safety Integrity Level (SIL)~\cite{en61508} terms, by identifying undetectable faults and fixing them, we raise the safe failure fraction (SFF). - - % - +% +% +% \section{Objective and Subjective Reasoning stages} %Opportunity for formal definitions and perhaps an interface or process for achieving it.... The act of applying failure mode effects analysis, is commonly performed from @@ -635,6 +652,8 @@ FMEDA~\cite{en61508,fmeda} with its classification of dangerous and safe failure It is the author's opinion that more work is required to clarify this area. The scope of FMMD is the objective level only. Accurate models of objective failure modes, are seen by the author to be a pre-requisite for subjective assessment. - - -\today \ No newline at end of file +% +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +%\today%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% \ No newline at end of file diff --git a/submission_thesis/colophon/copy.tex b/submission_thesis/colophon/copy.tex index e56db7b..c6ab6cc 100644 --- a/submission_thesis/colophon/copy.tex +++ b/submission_thesis/colophon/copy.tex @@ -1,113 +1,113 @@ %\renewcommand{\baselinestretch}{1.15} \chapter*{Colophon} -In short ``Thanks every body''! -% -\\ -\\ -% -Completing my PhD %degree -is the most intellectually challenging %% FUCK OFF ZERNIKE POLYNOMIALS WERE MORE DIFFICULT --- and actually useful unlike set theory -activity of my first 52 years of my life! %% SET THEORY IS A LOAD OF BOLLOCKS -% -The best and worst moments of this journey -have been shared with many people. -% -It has been a great privilege to spend several years -visiting the Mathematics and Engineering departments of -the University of Brighton, pushing me forward in clarity of self-expression, -precision through mathematics, critical assessment and carefully crafted English: -its members will always remain dear to me. -% -%%%% IS THIS BIT A BIT MAD???? YES! 27AUG2013 -% % % Like an army recruits training Sergeant Major I found them -% % % hard task masters at first, and then, as with realising the rationale behind training and -% % % {\em even} parade drill, respected and grew to like them. -% % % % -% -My first debt of gratitude must go to my supervisors, -Dr. A. Fish, -Dr. C Garret and %% TOP BLOKE -%Dr. C Garret, %% TOP BLOKE -Professor J. Howse. %% JAVALA LAT HUND -%Dr. A. Fish. %% JAVALA LAT HUND -% -They patiently provided the guidance, -encouragement and advice necessary for me to proceed through the -research, consolidation and write-up phases of the PhD program, -to prepare and present three papers to conferences~\cite{syssafe2011,syssafe2012,Clark_fastzone} -and to complete and submit this thesis. -\\ -\\ -% -% -I owe a debt of thanks to Dr J. flower, my MSc project supervisor, -who explained that the chapter in my project documentation postulating a modular form of -FMEA---which had %obvious -potential for making the process %FMEA -more efficient---was a concept worthy of being developed for a PhD and assisting me -to present the chapter as %submit this as -a conference paper~\cite{Clark200519}. -% -Further I thank her for encouraging me to apply for the PhD. %% PITY SHE DID NOT STAY ON AS MY PHD SUPERVISOR -% -\\ -\\ -% -I am deeply thankful to the directors of {\etc} not only for -funding this course, but providing training and work experience in the -field of safety critical engineering, and giving me Friday -afternoons to pursue my studies. -% -At Energy~Technology~Control, the following people gave encouragement, and -validated the concepts for the `modular~FMEA' that I was developing, Martin~Thirsk, Colin~Talmay, -Darren~Legge and Hazel~Anderson. -% -These Engineers, whose whole careers -have been focused on the safety critical electronic/computing area, -gave valuable time to look at and comment on my FMMD proposals. -% -Their comments gave me confidence that the methodology I was developing had -%was not only an academic exercise but had -potential practical -applications and benefits. -% -The environment and context of the work at {\etc} -was very useful for clarifying concepts relating to FMEA and -safety; at least once a week there is a new practical case study arising -and being discussed, be it, say, the observability of the effect of failures in an -traditional amplifier configuration, -or how a particular sensor could fail. -% -The field of industrial burner control, is highly regulated and -is rich with practical examples of safety measures built into -hybrid digital/electronic systems. -% -This has given me many opportunities to % has been % be -apply the new methodology against `real~world' problems. -% -%and thus its -%theoretical aspects have been often -%sounded out against `real~world' problems. -% -These real~world failure scenarios and their proposed solutions, were often detailed in -requirements and design documentation, submitted in support of -safety accreditation. -% -I was glad to be tasked to produce many of these documents. -% -Again I thank {\etc}, for giving me -these parallel tasks, which aided my studies. -\\ -\\ -% -% -I wish to thank my parents, Jennifer and Richard Clark. -% MY MUM for proof reading alot! -I hope that this work makes you proud. -% -\\ -\\ +% In short ``Thanks every body''! +% % +% \\ +% \\ +% % +% Completing my PhD %degree +% is the most intellectually challenging %% FUCK OFF ZERNIKE POLYNOMIALS WERE MORE DIFFICULT --- and actually useful unlike set theory +% activity of my first 52 years of my life! %% SET THEORY IS A LOAD OF BOLLOCKS +% % +% The best and worst moments of this journey +% have been shared with many people. +% % +% It has been a great privilege to spend several years +% visiting the Mathematics and Engineering departments of +% the University of Brighton, pushing me forward in clarity of self-expression, +% precision through mathematics, critical assessment and carefully crafted English: +% its members will always remain dear to me, and a strong influence. +% % +% %%%% IS THIS BIT A BIT MAD???? YES! 27AUG2013 +% % % % Like an army recruits training Sergeant Major I found them +% % % % hard task masters at first, and then, as with realising the rationale behind training and +% % % % {\em even} parade drill, respected and grew to like them. +% % % % % +% % +% My first debt of gratitude must go to my supervisors, +% Dr. A. Fish, +% Dr. C Garret and %% TOP BLOKE +% %Dr. C Garret, %% TOP BLOKE +% Professor J. Howse. %% JAVALA LAT HUND +% %Dr. A. Fish. %% JAVALA LAT HUND +% % +% They patiently provided the guidance, +% encouragement and advice necessary for me to proceed through the +% research, consolidation and write-up phases of the PhD program, +% to prepare and present three papers to conferences~\cite{syssafe2011,syssafe2012,Clark_fastzone} +% and to complete and submit this thesis. +% \\ +% \\ +% % +% % +% I owe a debt of thanks to Dr J. flower, my MSc project supervisor, +% who explained that the chapter in my project documentation postulating a modular form of +% FMEA---which had %obvious +% potential for making the process %FMEA +% more efficient---was a concept worthy of being developed for a PhD and assisting me +% to present the chapter as %submit this as +% a conference paper~\cite{Clark200519}. +% % +% Further I thank her for encouraging me to apply for the PhD. %% PITY SHE DID NOT STAY ON AS MY PHD SUPERVISOR +% % +% \\ +% \\ +% % +% I am deeply thankful to the directors of {\etc} not only for +% funding this course, but providing training and work experience in the +% field of safety critical engineering, and giving me Friday +% afternoons to pursue my studies. +% % +% At Energy~Technology~Control, the following people gave encouragement, and +% validated the concepts for the `modular~FMEA' that I was developing, Martin~Thirsk, Colin~Talmay, +% Darren~Legge and Hazel~Anderson. +% % +% These Engineers, whose whole careers +% have been focused on the safety critical electronic/computing area, +% gave valuable time to look at and comment on my FMMD proposals. +% % +% Their comments gave me confidence that the methodology I was developing had +% %was not only an academic exercise but had +% potential practical +% applications and benefits. +% % +% The environment and context of the work at {\etc} +% was very useful for clarifying concepts relating to FMEA and +% safety; at least once a week there is a new practical case study arising +% and being discussed, be it, say, the observability of the effect of failures in an +% traditional amplifier configuration, +% or how a particular sensor could fail. +% % +% The field of industrial burner control, is highly regulated and +% is rich with practical examples of safety measures built into +% hybrid digital/electronic systems. +% % +% This has given me many opportunities to % has been % be +% apply the new methodology against `real~world' problems. +% % +% %and thus its +% %theoretical aspects have been often +% %sounded out against `real~world' problems. +% % +% These real~world failure scenarios and their proposed solutions, were often detailed in +% requirements and design documentation, submitted in support of +% safety accreditation. +% % +% I was glad to be tasked to produce many of these documents. +% % +% Again I thank {\etc}, for giving me +% these parallel tasks, which aided my studies. +% \\ +% \\ +% % +% % +% I wish to thank my parents, Jennifer and Richard Clark. +% % MY MUM for proof reading alot! +% I hope that this work makes you proud. +% % +% \\ +% \\ %\vspace{3cm} Typeset in \LaTeX \today.