robin/Robin_PHD
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

CH2 tidy and fix cite

Browse Source 
JMCPR
This commit is contained in:
Robin Clark 2013-01-30 10:03:46 +00:00
parent d113f6a7bc
commit 1339bcffe9
3 changed files with 70 additions and 43 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
mybib.bib
View File

@ -270,6 +270,21 @@ keywords={Automotive engineering;Computer industry;Electrical engineering;Engine
doi={10.1109/STEP.2003.12}, doi={10.1109/STEP.2003.12},
ISSN={},} ISSN={},}
@article{1778436820050601,
Abstract = {Failure modes and effects analysis (FMEA) is used in the manufacturing industry to improve product quality and productivity. However, the traditional approach has many shortcomings that affect its effectiveness and limit its usefulness, especially in the early stages of design. Automating the FMEA report generation process seems to answer some of these problems, and there has been much past and on-going research in this area. However, most of the work is limited to specific applications. This paper proposes a method for FMEA generation for a generic application using minimum information during the conceptual design stage. Prototype software has been created for the proposed method. It has been evaluated using case studies from the design and manufacture of two-way radios. The evaluation revealed the feasibility of the proposal, as well as some weaknesses that need further improvement. Generally, the capability of the method to generate FMEA report with minimum information is demonstra},
Author = {Teoh, P. C. and Case, Keith},
ISSN = {0951192X},
Journal = {International Journal of Computer Integrated Manufacturing},
Keywords = {QUALITY of products, CONSUMER protection, QUALITY control, INDUSTRIAL productivity, MANUFACTURES, MANUFACTURING industries, QUALITY},
Number = {4},
Pages = {279 - 293},
Title = {An evaluation of failure modes and effects analysis generation method for conceptual design.},
Volume = {18},
URL = {http://search.ebscohost.com.ezproxy.brighton.ac.uk/login.aspx?direct=true&db=buh&AN=17784368&site=ehost-live},
Year = {2005},
}
@INPROCEEDINGS{931423, @INPROCEEDINGS{931423,
author={Throop, D.R. and Malin, J.T. and Fleming, L.D.}, author={Throop, D.R. and Malin, J.T. and Fleming, L.D.},
booktitle={Aerospace Conference, 2001, IEEE Proceedings.}, title={Automated incremental design FMEA}, booktitle={Aerospace Conference, 2001, IEEE Proceedings.}, title={Automated incremental design FMEA},

BIN
related_papers_books/17784368.pdf Normal file
View File

Binary file not shown.

98
submission_thesis/CH2_FMEA/copy.tex
View File

@ -33,9 +33,9 @@ how failures could affect some equipment in %an initial
a brain-storming session a brain-storming session
%in product design, %in product design,
to formal submission as part of safety critical certification. to formal submission as part of safety critical certification.
When performed as part of a safety critical certification process FMEA FMEA is a time intensive process. To reduce amount of work to perform,
is a time consuming business. To reduce amount of work to perform, software packages~\cite{931423, 1778436820050601} and analysis strategies have
software packages~\cite{931423} and analysis strategies have been developed~\cite{incrementalfmea, automatingFMEA1281774}. been developed~\cite{incrementalfmea, automatingFMEA1281774}.
% %
FMEA is always performed in context. That is, the equipment is always analysed for a particular purpose FMEA is always performed in context. That is, the equipment is always analysed for a particular purpose
and in a given environment. An `O' ring for instance can fail by leaking and in a given environment. An `O' ring for instance can fail by leaking
@ -464,6 +464,7 @@ that reports its readings via RS-232.
\centering \centering
\includegraphics[width=175pt]{./CH2_FMEA/mvamp.png} \includegraphics[width=175pt]{./CH2_FMEA/mvamp.png}
% mvamp.png: 561x403 pixel, 72dpi, 19.79x14.22 cm, bb=0 0 561 403 % mvamp.png: 561x403 pixel, 72dpi, 19.79x14.22 cm, bb=0 0 561 403
\caption{System diagram of a milli-volt reader, showing an expanded circuit diagram for the component of interest.}
\end{figure} \end{figure}
@ -524,12 +525,12 @@ approach in looking for system failures.
In this section we examine some fundamental concepts and underlying philosophies of FMEA. In this section we examine some fundamental concepts and underlying philosophies of FMEA.
\paragraph{The unacceptability of a single component failure causing a catastrophe} \paragraph{The unacceptability of a single component failure causing a catastrophe.}
% NEED SOME NICE HISTORICAL REFS HERE % NEED SOME NICE HISTORICAL REFS HERE
FMEA, due to its inductive bottom-up approach, is good FMEA, due to its inductive bottom-up approach, is good
at mapping potential single component failures to system level faults/events. at mapping potential single component failures to system level faults/events.
Used in the design phase of a project FMEA is an invaluable tool Used in the design phase of a project, FMEA is a useful tool
for unearthing potential failure scenarios. for discovering potential failure scenarios~\cite{1778436820050601}.
% %
% Subject Object Wiki answers : Best Answer % Subject Object Wiki answers : Best Answer
%It is not grammar or vocabulary. It is a philosophical reference. %It is not grammar or vocabulary. It is a philosophical reference.
@ -543,31 +544,34 @@ for unearthing potential failure scenarios.
FMEA is always performed in the context of the use of the equipment. FMEA is always performed in the context of the use of the equipment.
In terms of philosophy the context is in the domain of the subjective and the In terms of philosophy the context is in the domain of the subjective and the
logic and reasoning behind failure causation, the objective. logic and reasoning behind failure causation, the objective.
By using objective reasoning trace a component level failure to a system level event, %
By using objective reasoning we trace a component level failure to a system level event,
but only in but only in
the subjective sense can we determine its meaning and severity. the subjective sense can we determine its meaning and/or severity.
%
It is worth remembering that It is worth remembering that
failure mode analysis performed on the leaks possible from the O ring on the space shuttle failure mode analysis performed on the leaks possible from the O ring on the space shuttle
did not link this failure to the catastrophic failure of the spacecraft~\cite{challenger,sanjeev}. did not link this failure to the catastrophic failure of the spacecraft~\cite{challenger,sanjeev}.
This was not a failure in the objective reasoning, but more of the subjective, or the context in which the leak occurred. This was not a failure in the objective reasoning, but more of the subjective, or the context in which the leak occurred.
% %
FMEA is less useful for determining events for multiple FMEA is less useful for determining events for multiple
simultaneous\footnote{Multiple simultaneous failures are taken to mean failure that occur within the same detection period.} failures. simultaneous\footnote{Multiple simultaneous failures are taken to mean failures that occur within the same detection period.} failures.
This is because these two modes of thinking, it becomes more difficult to %
This is because with the additional complication of having to change between these two modes of thinking, it becomes more difficult to
get a balance between subjective and objective perspectives. get a balance between subjective and objective perspectives.
%subjective/objective become more cluttered when there are multiple possibilities %subjective/objective become more cluttered when there are multiple possibilities
%for the the results of an FMEA line of reasoning. %for the the results of an FMEA line of reasoning.
\paragraph{Failure modes, dectectable and undetectable} \paragraph{Failure modes, observability criterion: detectable and undetectable.}
Often the effects of a failure mode may be easy to detect, and our equipment can react by raising an alarm or compensating for the resulting fault. Often the effects of a failure mode may be easy to detect, and our equipment can react by raising an alarm or compensating for the resulting fault.
Some failure modes may cause undetectable failure, for instance a component that causes Some failure modes may cause undetectable failure, for instance a component that causes
a measured reading to change could have dire consequences yet not be obvious. a measured reading to change could have dire consequences yet not be obvious.
In fault diagnosis failures are said to be observable and unobservable~\cite{721666, ACS:ACS1297}. In fault diagnosis failures are said to be observable and unobservable~\cite{721666, ACS:ACS1297}.
\glossary{name={observability}, description={The property of a system failure in relation to a particular component failure mode, where it can bedetermined whether the readings/actions associated     with it are valid, or the by-product of a failure. If we cannot determine that there is a fault present, the system level failure is said to be unobservable.}} \glossary{name={observability}, description={The property of a system failure in relation to a particular component failure mode, where it can bedetermined whether the readings/actions associated     with it are valid, or the by-product of a failure. If we cannot determine that there is a fault present, the system level failure is said to be unobservable.}}
\paragraph{Impracticality of Field Data for modern systems} \paragraph{Impracticality of Field Data for modern systems.}
Modern electronic components, are generally very reliable, and the systems built from them Modern electronic components, are generally very reliable, and the systems built from them
are thus very reliable too. Reliable field data on failures will, therefore be sparse. are thus very reliable too. Reliable field data on failures will, therefore be sparse.
@ -587,9 +591,9 @@ statistical estimates of the equipment reliability.
A forward search starts with possible failure causes A forward search starts with possible failure causes
and uses logic and reasoning to determine system level outcomes. and uses logic and reasoning to determine system level outcomes.
Forward search types of fault analysis is said to be `inductive'. Forward search types of fault analysis is said to be `inductive'.
%
A backward search starts with (undesirable) system level events A backward search starts with (undesirable) system level events and
works back down to potential causes using de-composition of works back down to potential causes using de-composition
of the system and logic. of the system and logic.
FMEA based methodologies are forward searches\cite{Lutz:1997:RAU:590564.590572} and top down FMEA based methodologies are forward searches\cite{Lutz:1997:RAU:590564.590572} and top down
methodologies such as FTA~\cite{nucfta,nasafta} are backward searches. methodologies such as FTA~\cite{nucfta,nasafta} are backward searches.
@ -600,12 +604,16 @@ induced).
\label{reasoningdistance} \label{reasoningdistance}
A reasoning distance is the number of stages of logic and reasoning A reasoning distance is the number of stages of logic and reasoning
required to map a failure cause to its potential outcomes. required to map a failure cause to its potential outcomes.
%
In our basic FMEA example in section~\ref{basicfmea} In our basic FMEA example in section~\ref{basicfmea}
we were tasked to consider one failure mode against all the components in the milli-volt reader. we were asked to consider one failure mode against all the components in the milli-volt reader.
%
To create a complete FMEA report on the milli-volt reader we would have had to examine every To create a complete FMEA report on the milli-volt reader we would have had to examine every
known failure mode of every component within it---against all its other components. known failure mode of every component within it---against all its other components.
%
The reasoning~distance is defined as the sum of the number of failure modes, against all other components The reasoning~distance is defined as the sum of the number of failure modes, against all other components
in that system. in that system.
%
If the milli-volt reader had say 100 components, with three failure modes each, this If the milli-volt reader had say 100 components, with three failure modes each, this
would give a reasoning distance of 3 * 100 * 99. would give a reasoning distance of 3 * 100 * 99.
@ -625,7 +633,7 @@ To perform FMEA rigorously (i.e. to examine every possible interaction
of a failure mode with all other components in a system). Or in other words, of a failure mode with all other components in a system). Or in other words,
---we would need to look at all possible failure scenarios. ---we would need to look at all possible failure scenarios.
%to do this completely (all failure modes against all components). %to do this completely (all failure modes against all components).
This is represented in the equation below. %~\ref{eqn:fmea_state_exp}, This is represented in the equation below, %~\ref{eqn:fmea_state_exp},
where $N$ is the total number of components in the system, and where $N$ is the total number of components in the system, and
$f$ is the number of failure modes per component. $f$ is the number of failure modes per component.
@ -677,7 +685,7 @@ In practise these experts have to select the areas they see as most critical for
\paragraph{Five main Variants of FMEA} \paragraph{Five main Variants of FMEA}
\begin{itemize} \begin{itemize}
\item \textbf{PFMEA - Production} Car Manufacture etc \item \textbf{PFMEA - Production} Car Manufacture etc
\item \textbf{FMECA - Criticallity} Military/Space \item \textbf{FMECA - Criticality} Military/Space
\item \textbf{FMEDA - Statistical safety} EN61508/IOC1508 Safety Integrity Levels \item \textbf{FMEDA - Statistical safety} EN61508/IOC1508 Safety Integrity Levels
\item \textbf{DFMEA - Design or static/theoretical} EN298/EN230/UL1998 \item \textbf{DFMEA - Design or static/theoretical} EN298/EN230/UL1998
\item \textbf{SFMEA - Software FMEA --- only used in highly critical systems at present} \item \textbf{SFMEA - Software FMEA --- only used in highly critical systems at present}
@ -762,13 +770,13 @@ will cause a given system failure.
This corresponds to `Bayesian' probability, given a particular This corresponds to `Bayesian' probability, given a particular
component failure mode, the probability of a given system level failure. component failure mode, the probability of a given system level failure.
\textbf{FMECA `t' Value} \textbf{FMECA `t' Value.}
The time that a system will be operating for, or the working life time of the product is The time that a system will be operating for, or the working life time of the product is
represented by the variable $t$. represented by the variable $t$.
%for probability of failure on demand studies, %for probability of failure on demand studies,
%this can be the number of operating cycles or demands expected. %this can be the number of operating cycles or demands expected.
\textbf{Severity `s' value} \textbf{Severity `s' value.}
A weighting factor to indicate the seriousness of the putative system level error. A weighting factor to indicate the seriousness of the putative system level error.
%Typical classifications are as follows:~\cite{fmd91} %Typical classifications are as follows:~\cite{fmd91}
@ -805,12 +813,12 @@ for a project manager.
\subsection{ FMEDA - Failure Modes Effects and Diagnostic Analysis} \subsection{ FMEDA - Failure Modes Effects and Diagnostic Analysis}
\begin{itemize} % \begin{itemize}
\item \textbf{Statistical Safety} Safety Integrity Level (SIL) standards (EN61508/IOC5108). % \item \textbf{Statistical Safety} Safety Integrity Level (SIL) standards (EN61508/IOC5108).
\item \textbf{Diagnostics} Diagnostic or self checking elements modelled % \item \textbf{Diagnostics} Diagnostic or self checking elements modelled
\item \textbf{Complete Failure Mode Coverage} All failure modes of all components must be in the model % \item \textbf{Complete Failure Mode Coverage} All failure modes of all components must be in the model
\item \textbf{Guidelines} To system architectures and development processes % \item \textbf{Guidelines} To system architectures and development processes
\end{itemize} % \end{itemize}
FMEDA is the fundamental methodology of the statistical (safety integrity level) FMEDA is the fundamental methodology of the statistical (safety integrity level)
type standards (EN61508/IOC5108). type standards (EN61508/IOC5108).
@ -829,7 +837,7 @@ For software it provides procedural quality guidelines and constraints (such as
programming languages and/or features. programming languages and/or features.
\subsection{ FMEDA - Failure Modes Effects and Diagnostic Analysis} %\subsection{ FMEDA - Failure Modes Effects and Diagnostic Analysis}
\label{sec:FMEDA} \label{sec:FMEDA}
\textbf{Failure Mode Classifications in FMEDA.} \textbf{Failure Mode Classifications in FMEDA.}
\begin{itemize} \begin{itemize}
@ -851,7 +859,7 @@ $ \sum \lambda_{SD}$, $\sum \lambda_{SU}$, $\sum \lambda_{DD}$, $\sum \lambda_{D
% (i.e. $\lambda_{SD}$, $\lambda_{SU}$, $\lambda_{DD}$, $\lambda_{DU}$). % (i.e. $\lambda_{SD}$, $\lambda_{SU}$, $\lambda_{DD}$, $\lambda_{DU}$).
\subsection{ FMEDA - Failure Modes Effects and Diagnostic Analysis} %\subsection{ FMEDA - Failure Modes Effects and Diagnostic Analysis}
\textbf{Diagnostic Coverage.} \textbf{Diagnostic Coverage.}
The diagnostic coverage is simply the ratio The diagnostic coverage is simply the ratio
@ -866,7 +874,7 @@ $$ DiagnosticCoverage = \Sigma\lambda_{DD} / \Sigma\lambda_D $$
\subsection{ FMEDA - Failure Modes Effects and Diagnostic Analysis} %\subsection{ FMEDA - Failure Modes Effects and Diagnostic Analysis}
The \textbf{diagnostic coverage} for safe failures, where $\Sigma\lambda_{SD}$ represents the percentage of The \textbf{diagnostic coverage} for safe failures, where $\Sigma\lambda_{SD}$ represents the percentage of
safe detected base component failure modes, safe detected base component failure modes,
and $\Sigma\lambda_S$ the total number of safe base component failure modes, and $\Sigma\lambda_S$ the total number of safe base component failure modes,
@ -876,7 +884,7 @@ $$ SF = \frac{\Sigma\lambda_{SD}}{\Sigma\lambda_S} $$
\subsection{ FMEDA - Failure Modes Effects and Diagnostic Analysis} %\subsection{ FMEDA - Failure Modes Effects and Diagnostic Analysis}
\textbf{Safe Failure Fraction.} \textbf{Safe Failure Fraction.}
A key concept in FMEDA is Safe Failure Fraction (SFF). A key concept in FMEDA is Safe Failure Fraction (SFF).
This is the ratio of safe and dangerous detected failures This is the ratio of safe and dangerous detected failures
@ -901,7 +909,7 @@ by statistically determining how frequently it can fail dangerously.
\subsection{ FMEDA - Failure Modes Effects and Diagnostic Analysis} %\subsection{ FMEDA - Failure Modes Effects and Diagnostic Analysis}
\begin{table}[ht] \begin{table}[ht]
\caption{FMEA Calculations} % title of Table \caption{FMEA Calculations} % title of Table
@ -922,7 +930,7 @@ Table adapted from EN61508-1:2001 [7.6.2.9 p33]
\subsection{ FMEDA - Failure Modes Effects and Diagnostic Analysis} %\subsection{ FMEDA - Failure Modes Effects and Diagnostic Analysis}
FMEDA is a modern extension of FMEA, in that it will allow for FMEDA is a modern extension of FMEA, in that it will allow for
self checking features, and provides detailed recommendations for computer/software architecture. self checking features, and provides detailed recommendations for computer/software architecture.
It has a simple final result, a Safety Integrity Level (SIL) from 1 to 4 (where 4 is safest). It has a simple final result, a Safety Integrity Level (SIL) from 1 to 4 (where 4 is safest).
@ -969,14 +977,14 @@ judged to be in critical sections of the product.
\begin{itemize} \begin{itemize}
\item Impossible to look at all component failures let alone apply FMEA rigorously. \item Impossible to look at all component failures let alone apply FMEA rigorously.
\item In practise, failure scenarios for critical sections are contested, and either justified or extra safety measures implemented. \item In practice, failure scenarios for critical sections are contested, and either justified or extra safety measures implemented.
\item Often Meeting notes or minutes only. Unusual for detailed arguments to be documented. \item Often Meeting notes or minutes only. Unusual for detailed arguments to be documented.
\end{itemize} \end{itemize}
\section{Conculsions on current FMEA Methodologies} \section{Conclusions on current FMEA Methodologies}
%% FOCUS %% FOCUS
The focus of this chapter %literature review The focus of this chapter %literature review
@ -1003,11 +1011,11 @@ to multiple failure scenarios etc. Methodologies related to FMEA are briefly cov
%% AUDIENCE %% AUDIENCE
% Well duh! PhD supervisors and examiners.... % Well duh! PhD supervisors and examiners....
\subsection{Related Methodologies} % \subsection{Related Methodologies}
FTA --- HAZOP --- ALARP --- Event Tree Analysis --- bow tie concept % FTA --- HAZOP --- ALARP --- Event Tree Analysis --- bow tie concept
\subsection{Hardware FMEA (HFMEA)} % \subsection{Hardware FMEA (HFMEA)}
\subsection{Multiple Failure scenarios and FMEA} % \subsection{Multiple Failure scenarios and FMEA}
\subsection{Software FMEA (SFMEA)} % \subsection{Software FMEA (SFMEA)}
\paragraph{Current work on Software FMEA} \paragraph{Current work on Software FMEA}
@ -1055,10 +1063,11 @@ ionising radiation causing bits to be erroneously altered.
\paragraph{FMEA and Modularity} \paragraph{FMEA and Modularity}
Form the 1940's onwards, software has evolved from a simple procedural languages (i.e. assembly language/Fortran~\cite{f77} call return) From the 1940's onwards, software has evolved from a simple procedural languages (i.e. assembly language/Fortran~\cite{f77} call return)
to structured programming ( C~\cite{KandR}, pascal etc) and then to object oriented models (Java C++...). to structured programming ( C~\cite{DBLP:books/ph/KernighanR88}, pascal etc) and then to object oriented models (Java C++...).
FMEA has undergone no such evolution. FMEA has undergone no such evolution.
In a world where sensor systems, often including embedded software components, are bought in to %
In a world where sensor systems, often including embedded software components, are brought in to
create complex systems, FMEA still follows a rigid {\bc} {\fm} to system level error model, create complex systems, FMEA still follows a rigid {\bc} {\fm} to system level error model,
that is only suitable for simple electro mechanical systems. that is only suitable for simple electro mechanical systems.
@ -1066,7 +1075,10 @@ that is only suitable for simple electro mechanical systems.
% %
%
% MAYBE MOVE THIS TO CH3, FMEA CRITICISM
% 30JAN2013
%
\subsection{Where FMEA is now.} \subsection{Where FMEA is now.}
FMEA useful tool for basic safety --- provides statistics on safety where field data impractical --- FMEA useful tool for basic safety --- provides statistics on safety where field data impractical ---