robin/Robin_PHD
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

...

Browse Source
This commit is contained in:
Robin Clark 2011-06-27 09:24:42 +01:00
parent c45380c0cc
commit 246e2eea20
1 changed files with 38 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

75
fmmd_concept/System_safety_2011/submission.tex
View File

@ -13,7 +13,8 @@
\newcommand{\fc}{\em fault scenario}
\newcommand{\fcs}{\em fault scenarios}
\date{}
\renewcommand{\encodingdefault}{T1}
\renewcommand{\rmdefault}{tnr}
%\newboolean{paper}
%\setboolean{paper}{true} % boolvar=true or false
@ -71,8 +72,8 @@ failure mode of the component or sub-system}}}
%\nodate
\maketitle
\paragraph{Keywords:} FMMD FTA FMEA static failure mode modelling safety critical
\small
\paragraph{Keywords:} static failure mode modelling safety-critical
%\small
\abstract{ \em {
The certification process of safety critical products for European and
@ -174,7 +175,7 @@ can reveal.
%\subsection{Bottom-up approach: }
\paragraph{State Explosion problem for FMEA, FMECA, FMEDA.}
%\paragraph{State Explosion problem for FMEA, FMECA, FMEDA.}
The bottom-up techniques all suffer from % a problem of
state explosion.
To perform the analysis rigorously, we would need to consider the effect
@ -184,9 +185,9 @@ and operational states further increases this effect.
Let $N$ be the number of components in our system, and $K$ be the average number of component failure modes
(ways in which a component can fail). The approximate total number of base component failure modes
is $N \times K$. To examine the effect that one failure mode has on all
the other components\footnote{A %base
component failure will typically affect the sub-system
it is part of, and create a failure effect at the system level.}
the other components %\footnote{A %base
%component failure will typically affect the sub-system
%it is part of, and create a failure effect at the system level.}
will be $(N-1) \times N \times K$. %, in effect a very large set cross product.
If $E$ is the number of environmental conditions to consider
in a system, and $A$ the number of applied/operational states (or modes of the system),
@ -245,7 +246,7 @@ From the deficiencies outlined above, ideally we can form a set of desirable cr
\label{fmmdreq}
\item Address the state explosion problem. % 1
\item Ensure that all component failure modes be considered in the model. % 2
\item Be easy to integrate mechanical, electronic and software models \cite{sccs}[pp.287]. %3
\item Be easy to integrate mechanical, electronic and software models \cite{sccs}[p.287]. %3
\item Be modular, in that commonly used {\fgs} can be re-used in other designs/projects. %4
\item It should have a formal basis, that is to say, be able to produce mathematical traceability %5
for its results, such as error causation trees.%, reliability and safety statistics.
@ -433,7 +434,7 @@ As an example, we consider a standard non-inverting op amp~\cite{aoe}[p.234], s
\begin{figure}[h+]
\centering
\includegraphics[width=150pt,keepaspectratio=true]{../../noninvopamp/noninv.png}
\includegraphics[width=100pt,keepaspectratio=true]{../../noninvopamp/noninv.png}
% noninv.jpg: 341x186 pixel, 72dpi, 12.03x6.56 cm, bb=0 0 341 186
\caption{Standard non inverting amplifier configuration}
\label{fig:noninvamp}
@ -597,7 +598,7 @@ we can show the relationships between the component failure modes and resultant
%The {\fg} can now be considered a derived component.
This is represented in the DAG in figure \ref{fig:fg1adag}.
\begin{figure}[h+]
\begin{figure}[h]
\centering
\begin{tikzpicture}[shorten >=1pt,->,draw=black!50, node distance=\layersep]
\tikzstyle{every pin edge}=[<-,shorten <=1pt]
@ -607,14 +608,14 @@ This is represented in the DAG in figure \ref{fig:fg1adag}.
\tikzstyle{symptom}=[fmmde, fill=blue!50];
\tikzstyle{annot} = [text width=4em, text centered]
\node[component] (R1) at (0,-4) {$R_1$};
\node[component] (R2) at (0,-6) {$R_2$};
\node[component] (R1) at (0,-0.7) {$R_1$};
\node[component] (R2) at (0,-1.9) {$R_2$};
\node[failure] (R1SHORT) at (\layersep,-2) {$R1_{SHORT}$};
\node[failure] (R1OPEN) at (\layersep,-4) {$R1_{OPEN}$};
\node[failure] (R1SHORT) at (\layersep,-0) {$R1_{Sh}$};
\node[failure] (R1OPEN) at (\layersep,-1.2) {$R1_{Op}$};
\node[failure] (R2SHORT) at (\layersep,-6) {$R2_{SHORT}$};
\node[failure] (R2OPEN) at (\layersep,-8) {$R2_{OPEN}$};
\node[failure] (R2SHORT) at (\layersep,-2.5) {$R2_{Sh}$};
\node[failure] (R2OPEN) at (\layersep,-3.8) {$R2_{Op}$};
\path (R1) edge (R1SHORT);
\path (R1) edge (R1OPEN);
@ -624,8 +625,8 @@ This is represented in the DAG in figure \ref{fig:fg1adag}.
% Potential divider failure modes
%
\node[symptom] (PDHIGH) at (\layersep*2,-4) {$PD_{HIGH}$};
\node[symptom] (PDLOW) at (\layersep*2,-6) {$PD_{LOW}$};
\node[symptom] (PDHIGH) at (\layersep*2,-0.7) {$PD_{HIGH}$};
\node[symptom] (PDLOW) at (\layersep*2,-2.2) {$PD_{LOW}$};
\path (R1OPEN) edge (PDHIGH);
\path (R2SHORT) edge (PDHIGH);
@ -768,12 +769,12 @@ We can represent these failure modes on a DAG (see figure~\ref{fig:op1dag}).
\tikzstyle{symptom}=[fmmde, fill=blue!50];
\tikzstyle{annot} = [text width=4em, text centered]
\node[component] (OPAMP) at (0,-2.3) {$OPAMP$};
\node[component] (OPAMP) at (0,-1.8) {$OPAMP$};
\node[failure] (OPAMPLU) at (\layersep,-0) {latchup};
\node[failure] (OPAMPLD) at (\layersep,-1.5) {latchdown};
\node[failure] (OPAMPNP) at (\layersep,-2.9) {noop};
\node[failure] (OPAMPLS) at (\layersep,-4.1) {lowslew};
\node[failure] (OPAMPLU) at (\layersep,-0) {l-up};
\node[failure] (OPAMPLD) at (\layersep,-1.2) {l-dn};
\node[failure] (OPAMPNP) at (\layersep,-2.4) {noop};
\node[failure] (OPAMPLS) at (\layersep,-3.6) {lowslew};
\path (OPAMP) edge (OPAMPLU);
\path (OPAMP) edge (OPAMPLD);
@ -990,9 +991,9 @@ to assist in building models for FTA, FMEA, FMECA and FMEDA failure mode analysi
% This is the same as writing \foreach \name / \y in {1/1,2/2,3/3,4/4}
% \node[component, pin=left:Input \#\y] (I-\name) at (0,-\y) {};
\node[component] (OPAMP) at (0,-2.8) {$OPAMP$};
\node[component] (R1) at (0,-7) {$R_1$};
\node[component] (R2) at (0,-10) {$R_2$};
\node[component] (OPAMP) at (0,-1.8) {$OPAMP$};
\node[component] (R1) at (0,-6) {$R_1$};
\node[component] (R2) at (0,-7.6) {$R_2$};
%\node[component] (C-3) at (0,-5) {$C^0_3$};
%\node[component] (K-4) at (0,-8) {$K^0_4$};
@ -1004,16 +1005,16 @@ to assist in building models for FTA, FMEA, FMECA and FMEDA failure mode analysi
%\foreach \name / \y in {1,...,5}
% \path[yshift=0.5cm]
\node[failure] (OPAMPLU) at (\layersep,-0) {latchup};
\node[failure] (OPAMPLD) at (\layersep,-1.6) {latchdown};
\node[failure] (OPAMPNP) at (\layersep,-3.2) {noop};
\node[failure] (OPAMPLS) at (\layersep,-4.4) {lowslew};
\node[failure] (OPAMPLU) at (\layersep,-0) {l-up};
\node[failure] (OPAMPLD) at (\layersep,-1.3) {l-dn};
\node[failure] (OPAMPNP) at (\layersep,-2.6) {noop};
\node[failure] (OPAMPLS) at (\layersep,-3.9) {lowslew};
\node[failure] (R1SHORT) at (\layersep,-6.0) {$R1_{SHORT}$};
\node[failure] (R1OPEN) at (\layersep,-7.6) {$R1_{OPEN}$};
\node[failure] (R1SHORT) at (\layersep,-5.2) {$R1_{Sh}$};
\node[failure] (R1OPEN) at (\layersep,-6.5) {$R1_{Op}$};
\node[failure] (R2SHORT) at (\layersep,-9.2) {$R2_{SHORT}$};
\node[failure] (R2OPEN) at (\layersep,-10.7) {$R2_{OPEN}$};
\node[failure] (R2SHORT) at (\layersep,-7.8) {$R2_{Sh}$};
\node[failure] (R2OPEN) at (\layersep,-9.1) {$R2_{Op}$};
@ -1037,8 +1038,8 @@ to assist in building models for FTA, FMEA, FMECA and FMEDA failure mode analysi
% Potential divider failure modes
%
\node[symptom] (PDHIGH) at (\layersep*2,-7) {$PD_{HIGH}$};
\node[symptom] (PDLOW) at (\layersep*2,-9) {$PD_{LOW}$};
\node[symptom] (PDHIGH) at (\layersep*2,-6) {$PD_{HIGH}$};
\node[symptom] (PDLOW) at (\layersep*2,-7.6) {$PD_{LOW}$};
@ -1240,7 +1241,7 @@ failure modes, with each step annotated as {\fcs}, the model is easier to mainta
%\today
%
{ \tiny
{ %\tiny %\footnotesize
\bibliographystyle{plain}
\bibliography{vmgbibliography,mybib}
}