robin/Robin_PHD
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

"We" removal!

Browse Source
This commit is contained in:
Robin P. Clark 2013-09-11 15:35:35 +01:00
parent 4a96ce3cdd
commit 125e7747a4
1 changed files with 15 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
submission_thesis/CH3_FMEA_criticism/copy.tex
View File

@ -56,14 +56,14 @@ one failure can influence the programmatic behaviour and decisions made,
complicating the analysis of additional failures.
%
Dual failure analysis is required by some recent European standards~\cite{en298,en230}
and with increasing demands on safety, we are likely to see more multiple failure
FMEA requirements.
and with increasing demands on safety, additional multiple failure
FMEA requirements are likely.
Other problems such as the inability to easily re-use, and validate/audit (through
traceable reasoning) FMEA models are presented.
%
Finally we conclude with a list of deficiencies in current FMEA methodologies and present a wish list
for an improved methodology.
Finally a list of deficiencies in current FMEA methodologies and a wish list
for an improved methodology are presented.
\section{Historical Origins of FMEA and the {\bc} {\fm} to system level failure/symptom paradigm}
@ -76,7 +76,9 @@ for predicting safety~levels/failure~rates.
%
However a typical entry in each of the above methodologies, starts with a
particular component failure mode and associates it with a system---or top level---failure symptom.
This means that we have one analysis case per component failure mode for all the components in the system under investigation.
%
This means that there is one analysis case per component failure mode for all the components in the system under investigation.
%
This analysis philosophy has not changed since FMEA was first used.
@ -100,7 +102,8 @@ to the component base in a system, it is very difficult to
determine which FMEA test scenarios must be re-worked.
%
It is common in safety critical systems to have repeated circuit topologies.
For instance we may have several signal input and output
%
For instance there may be several signal input and output
structures that are repeated.
%
The failure mode behaviour of these repeated structures will be the same.
@ -291,7 +294,7 @@ analogue electronics only~\cite{smart_instruments_1514209}.
%
It is termed `smart' because it has some software, or intelligence incorporated into it.
%
For instance, an AVO-8 multi-meter circa 1970, uses only analogue electronics, and we can determine
For instance, an AVO-8 multi-meter circa 1970, uses only analogue electronics,it can be determined
using FMEA how component failures within it could affect readings.
%
A modern multi-meter will have a small dedicated micro-processor and sensing electronics, all on the same chip,
@ -348,11 +351,14 @@ This adjustment could be direct, or could be another CANbus message passed to a
%
In terms of FMEA, see figure~\ref{fig:distcon}, our reasoning path spans (at least) four interface layers of electronics to software.
%
Traditional FMEA does not cater for the software hardware interface, and here we have the additional complications
Traditional FMEA does not cater for the software hardware interface, and this leads to the additional complications
%with the additional complications
of the communications protocol used to transmit data and the failure mode characteristics
of the communications physical layer. This means the signal path will
of the communications physical layer.
%
This means the signal path will
cross several hardware/software interfaces.
%
\fmmdglossSIGPATH
%(figure~\ref{fig:distcon}
The failure reasoning paths for a distributed real time system, % AF does not like this but I think its OK