From 2b49372540d0bdbc9821a274c59f644493f401b4 Mon Sep 17 00:00:00 2001 From: "Robin P. Clark" Date: Wed, 12 Sep 2012 09:05:53 +0100 Subject: [PATCH] morning edit --- submission_thesis/CH4_FMMD/copy.tex | 92 ++++++++++++++--------- submission_thesis/CH6_Evaluation/copy.tex | 1 + 2 files changed, 56 insertions(+), 37 deletions(-) diff --git a/submission_thesis/CH4_FMMD/copy.tex b/submission_thesis/CH4_FMMD/copy.tex index 55b5401..ff93a88 100644 --- a/submission_thesis/CH4_FMMD/copy.tex +++ b/submission_thesis/CH4_FMMD/copy.tex @@ -56,15 +56,16 @@ starts with %starts with %an overview of current failure modelling techniques, a worked example to introduce % using a new methodology, Failure Mode Modular De-composition (FMMD). -This is followed by a discussion on the design of FMMD and then a +This is followed by a discussion on the design of FMMD, a %an ontological -description and re-factoring process using UML class models. +description of the FMMD process and finally the +data structures required using UML class models. % This chapter defines the FMMD process and related concepts and calculations. FMMD is in essence a modularised variant of traditional FMEA~\cite{sccs}[pp.34-38]. % -FMEA is a bottom-up, or forward search failure mode technique starting with -base component failure modes~\cite{safeware}[p.341]. +%FMEA is a bottom-up, or forward search failure mode technique starting with +%base component failure modes~\cite{safeware}[p.341]. % %\subsection{FMMD Process in outline.} % @@ -79,7 +80,7 @@ The components to include in a {\fg} are chosen by hand. {\fg} we can look at the components it contains, and from this determine the failure modes of all the components that belong to it. % -Initial {\fgs} will consist of {\bcs}. +%Initial {\fgs} will consist of {\bcs}. % % and determine a failure mode model for that group. % @@ -90,15 +91,15 @@ Initial {\fgs} will consist of {\bcs}. % All the failure modes of all the components within a {\fg} are collected. % -As each component %mode holds -has a set of failure modes associated with it, -the {\fg} represents a set of sets of failure modes. +%As each component %mode holds +%has a set of failure modes associated with it, +%the {\fg} represents a set of sets of failure modes. % -We convert this -into a flat set -of failure modes for use in analysis. +%We convert this +%into a flat set +%of failure modes for use in analysis. % -A flat set is a set containing just the failure modes and not sets of failure modes~\cite{joyofsets}[p.8]. +%A flat set is a set containing just the failure modes and not sets of failure modes~\cite{joyofsets}[p.8]. % %In practical term each component failure mode is considered as a `failure~scenario' or 'test~case' %for the {\fg}. @@ -113,7 +114,8 @@ Once we have the failure mode behaviour of the {\fg}, we can determine its sympt %or the failure modes of the {\dc}. %for the {\fg}. % -We view these symptoms as derived failure modes of the {\fg}. +We view these symptoms as %derived +failure modes of the {\fg}. % Or in other words we can determine how the `{\fg}' can fail. We can now consider the {\fg} as a {\dc} % sort of super component @@ -156,8 +158,8 @@ In this way we can incrementally apply FMEA to an entire system. %, with documen % This has advantages of concentrating effort in where modules interact (interfaces), of -being able to re-use work and a saving in the complexity of performing -FMEA. +being able to re-use work and a savings in the complexity of performing +FMEA (because the analysis is performed in small stages). %A notation is then described to index and classify objects created in FMMD hierarchical models. @@ -709,7 +711,7 @@ This {\dc} will have two failure modes, $HighPD$ and $LowPD$. % \caption{DAG representing the {\dc} Potential Divider (PD) and its failure modes.} % \label{fig:dc1dag} % \end{figure} - +% % The derived component is defined by its failure modes and % the functional group used to derive it. % %We can consider this an an orthogonal WHAT???? Group ???? Collection ???? @@ -973,7 +975,7 @@ represents the failure mode behaviour of the non-inverting amplifier. % % We can represent the analysis stages of INVAMP as an Euler diagram, -showing the choice of de-composition of the system into {\fgs}.} +showing the choice of de-composition of the system into {\fgs} (see figure~\ref{fig:eulerfmmd}). %where the curves %define the components and {\dcs} used to form the INVAMP model, see figure~\ref{fig:eulerfmmd}. % @@ -1131,12 +1133,13 @@ as a separate building block for a circuit. For FMMD each of these four op-amps in the chip would be considered to be a separate {\bc}. % CAN WE FIND SUPPORT FOR THIS IN LITERATURE??? % -We, need to go further than the above definition of a part defining an atomic entity. % used as a building block. +We, need to go further than the above definition of a part, and define % defining +an atomic entity. % used as a building block. %The term component, in American English, can mean a building block or a part. %In British-English a component generally is given to mean the definition for part above. We define {\bc} to be the lowest level---an entity with which we begin our analysis---a component that we use as a building block. -This is a choice made by the analyst, often guided by the standards to which the analysis is being performed. % to. +%This is a choice made by the analyst, often guided by the standards to which the analysis is being performed. % to. % Both op-amps and transistors have published statistical failure rates and yet an op-amp is constructed from transistors. % @@ -1292,7 +1295,8 @@ Because they are design related they rarely show %clearly detail the failure modes of the component, with environmental factors and MTTF~\cite{sccs}[p.165] statistics. Given the growing usage of FMEA/FMEDA in industry this may change. Currently, failure mode information is generally only available for generic component types~\cite{mil1991, fmd91}. -Thus we can associate a set of faults to this component $ResistorFaultModes=\{OPEN, SHORT\}$\footnote{The failure modes of the resistor +Thus we can associate a set of failure modes to types of component, +for example $ResistorFaultModes=\{OPEN, SHORT\}$\footnote{The failure modes of the resistor are discussed in section~\ref{sec:resistorfm}.}. @@ -1454,17 +1458,30 @@ and creates a new {\dc} from it. %must consider all the failure modes of the components in the functional %group. The newly created {\dc} requires a set of failure modes of its own. -These failure modes are the failure mode behaviour---or symptoms---of the {\fg} from which it was derived. +As a derived component inherits component, the UML model shows +that it inherits a set of failure modes. % -Because these new failure modes were derived from a {\fg}, we can call -these `derived~failure~modes'. +%These failure modes are the failure mode behaviour---or symptoms---of the {\fg} from which it was derived. +% +%Because these new failure modes were derived from a {\fg}, we can call +%these `derived~failure~modes'. %It then creates a new derived~component object, and associates it to this new set of derived~failure~modes. -We thus have a `new' component, %or system building block, but -with a known and traceable -fault behaviour. - +%We thus have a `new' component, %or system building block, but +%with a known and traceable +%fault behaviour. +A {\fg} must comprise of two or more components, and the UML diagram shows this +with the two to many relationship. +Under exceptional circumstances a component may need to be a member of more than +one {\fg} (this is looked at in section~\ref{sec:sideeffects}). The relationship between +the {\fg} and component is therefore $ \star \leftrightarrow 2..\star$. +% +A {\fg} will only be associated with one {\dc} and is given a one to one relationship in the UML diagram. +% +Each {\fg} will have one analysis report associated with it. +% The UML representation (in figure \ref{fig:cfg}) shows a `{\fg}' having a one to one relationship with a derived~component. % +% The symbol $\derivec$ is used to indicate the analysis process that takes a functional group and converts it into a new component. \begin{definition} @@ -1513,16 +1530,17 @@ process. %\footnote % \paragraph{Traceability and quality of FMMD analysis.} By having an analysis report report for each analysis stage, %i.e. {\fg} to {\dc}, -we add traceability to the reasoning applied to the FMEA process. +we add traceability to the reasoning applied to the FMMD process. % Consider that traditional FMEA has one large reasoning stage, that of component failure mode directly to system level failure. The reasoning given is typically a one line comment on a spreadsheet entry~\cite{sccs}[p.38]. % (if we are lucky!). % -FMMD typically has several reasoning stages (i.e. from each {\dc} to {\fms}) up to to -final system level failure modes. +FMMD typically has several reasoning stages (i.e. from each {\fg} to {\dc}) up to the +final system level {\dc}. % -Thus, each possible cause for a system {\fm} will have a collection of FMMD analysis reports associated with it. +Thus, each possible cause for a system failure %{\fm} +will have a collection of FMMD analysis reports associated with it. % These collections of analysis reports will provide a cause and effect story for each possible scenario that could cause the system level failure. @@ -2175,8 +2193,8 @@ Ensuring this condition is described in section~\ref{sec:completetest}. \paragraph{State explosion problem of FMEA solved by FMMD.} % -Because FMMD considers failure modes within functional groups -the traditional state explosion problem in FMEA, where each failure +Because FMMD considers failure modes within functional groups; +the traditional state explosion problem in FMEA where each failure mode could be considered in the context of all other components in the system disappears. % @@ -2186,11 +2204,11 @@ This issue addressed formally in section~\ref{sec:cc}. % Having a failure mode graph/model, where base component failure modes are traceable to top event events, provides a forward search derived failure mode model. -A forward search means that we can apply checks to ensure that -all known component failure -modes have been considered in the analysis (i.e. completeness as described above). +%A forward search means that we can apply checks to ensure that +%all known component failure +%modes have been considered in the analysis (i.e. completeness as described above). % -This means that for every system level failure we can track back to possible causes +This means that for every system level failure we can traverse back to possible failure causes in the base components. Coupled with MTTF statistics for the base components this allows use to predict statistical failure rates for system level failures (this is described in greater detail in section~\ref{sec:determine_fms}). diff --git a/submission_thesis/CH6_Evaluation/copy.tex b/submission_thesis/CH6_Evaluation/copy.tex index 7a9f093..9b870b8 100644 --- a/submission_thesis/CH6_Evaluation/copy.tex +++ b/submission_thesis/CH6_Evaluation/copy.tex @@ -1199,6 +1199,7 @@ condition in higher levels of the system. \subsection{Problems in choosing membership of functional groups} \subsubsection{Side Effects: A Problem for FMMD analysis} +\label{sec:sideeffects} A problem with modularising according to functionality is that we can have component failures that would intuitively be associated with one {\fg} that may cause unintended side effects in other {\fgs}.