robin/Robin_PHD
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

lunch time edit geddit

Browse Source
This commit is contained in:
Robin P. Clark 2014-08-13 13:25:17 +01:00
parent 8c5076362c
commit 1f774d0c33
2 changed files with 30 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
mybib.bib
View File

@ -1294,7 +1294,7 @@ OPTissn = {},
OPTkey = {},
author = {Microchip},
OPTorganization = {},
address = {http://ww1.microchip.com/downloads/en/DeviceDoc/80519d.pdf},
address = {http://ww1.microchip.com/ downloads/en/DeviceDoc/80519d.pdf},
OPTedition = {},
OPTmonth = {},
year = {2011},
@ -1333,7 +1333,7 @@ OPTissn = {},
OPTkey = {},
author = {Microchip},
OPTorganization = {},
address = {http://ww1.microchip.com/downloads/en/DeviceDoc/39755c.pdf},
address = {http://ww1.microchip.com/ downloads/en/DeviceDoc/39755c.pdf},
OPTedition = {},
OPTmonth = {},
year = {2009},

46
papers/JOURNAL_fmea_sw_hw/sw_hw_fmea.tex
View File

@ -113,6 +113,7 @@ failure mode of the component or sub-system}}}
%\nodate
\maketitle
\today
\paragraph{Keywords:} static failure mode modelling; safety-critical; software fmea
%\small
@ -156,7 +157,7 @@ This paper presents a simple worked example of FMMD applied to an
integrated electronics/software system, the industry standard
{\ft} signalling loop.
%
}
} % abstract
@ -212,7 +213,8 @@ the known failure mode behaviour.
%Presently FMEA, stops at the glass ceiling of the computer program: FMMD seeks to address
%this, and offers additional test efficiency benefits.
This paper is a condensed version of the PhD thesis entitled `failure Mode Modular De-compositon'~\cite{clark}. \today
}
%\today
\nocite{en298}
@ -485,7 +487,7 @@ it terms `indenture' levels. Indenture levels are arranged from the top down
and identify finer and finer grained modules. For instance, an aircraft
may be the first indenture level, and the next may be an identifiable module such as
an altitude radar: within that finer grained modules may be identified until
the base components are listed. Note that this is a top down approach and
the base components are listed. Note that this is a top down approach to modularisation and
this can introduce errors into the reliability calculations~\cite{MILSTD1629short}.
%
\paragraph{Modularisation in Software}
@ -644,17 +646,25 @@ in an improved FMEA methodology,
\section{The proposed Methodology}
\label{fmmdproc}
In essence, this methodology beginning with low level modules (or {\fgs})
which are analysed and assigned a failure mode behaviour.
They are then considered as higher level components with
their own failure mode behaviour. These higher level components
are then collected to form {\fgs} and so on until a hierarchy is built
representing the entire system.
%
%% One line
The idea is to modularise from the bottom-up, by choosing groups of components that
work together to perform a given function: the failure modes of the components
are considered, and a failure mode behaviour for the group determined: this group
can now be used as a component in its own right with a set of failure modes.
%
% In essence, this methodology beginning with low level modules (or {\fgs})
% which are analysed and assigned a failure mode behaviour.
% They are then considered as higher level components with
% their own failure mode behaviour. These higher level components
% are then collected to form {\fgs} and so on until a hierarchy is built
% representing the entire system.
%
% Any new static failure mode methodology must ensure that it
% represents all component failure modes and it therefore should be bottom-up,
% starting with individual component failure modes.
\paragraph{FMMD process.}
To ensure all component failure modes are modelled, the new methodology must be bottom-up.
%
%This seems essential to satisfy criterion 2.
@ -663,7 +673,7 @@ A {\em {\fg}}, is defined as a small collection of components
that interact to provide
a function or task within a system.
%
Starting with base~components small {\fgs} are chosen and each component failure mode considered in the
Starting with {\bcs} small {\fgs} are chosen and each component failure mode considered in the
context of the {\fg}.
%
%% GARK
@ -692,10 +702,9 @@ The failure modes of this new {\dc} are the symptoms of the {\fg} it was derived
%
By using {\dcs} in higher level functional groups, a hierarchy can be built representing
the failure mode behaviour of a system. Because the hierarchy maintains information
linking the symptoms to component failure modes (via {\fcs}).
Reasoning connections from base component failures to top level failures can now be made
by tracing cause and effect though the hierarchy of modules.
linking the symptoms to component failure modes (via {\fcs}), reasoning connections from base component failures to top level failures can now be made
by tracing cause and effect though the hierarchy of modules~\footnote{This means that an FMMD model can be used to produce traditional FMEA reports where each {\bc} {\fm} is linked to
a system level failure.}.
%The traceability should satisfy criterion 5.
An advantage of performing FMEA in this modular way, is that the
{\fgs} are small in terms of the numbers of components. This means the $O(N^2)$ effect
@ -704,7 +713,8 @@ This addresses the state explosion problem of XFMEA.
It also means that modules are re-usable (analogous to software classes).
%
%
A practical example of a hardware FMEA performed both traditionally and using FMMD may be found in~\cite{syssafe2011}
A practical example of a hardware FMEA performed both traditionally and using FMMD may be found in~\cite{syssafe2011}, a hybrid
software and hardware hybrid example is analysed in~\cite{syssafe2012}
and examples of `reasoning~distance' efficiency savings can be found in~\cite{clark}[Ch.7].
%
\paragraph{Integrating software into the FMMD model}
@ -774,7 +784,7 @@ applying FMMD means deciding on the members for {\fgs} and the subsequent hierar
%
\section{Example for analysis} % : How can we apply FMEA}
%
For the purpose of example, we chose a simple common safety critical industrial circuit
For the purpose of example, a simple common safety critical industrial circuit has been chosen
that is nearly always used in conjunction with a programmatic element.
A common method for delivering a quantitative value in analogue electronics is
to supply a current signal to represent the value to be sent~\cite{aoe}[p.934].