robin/Robin_PHD
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

More work on hard sell at the end

Browse Source
This commit is contained in:
Robin Clark 2011-10-03 18:58:36 +01:00
parent 052682ec45
commit 382f33e831
1 changed files with 155 additions and 53 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

208
presentations/fmea/fmea_pres.tex
View File

@ -239,6 +239,21 @@ will return most cost benefit.
http://www.youtube.com/watch?v=rcNeorjXMrE
\end{frame}
\section{FMECA - Failure Modes Effects and Criticallity Analysis}
\begin{frame}
\frametitle{ FMECA - Failure Modes Effects and Criticallity Analysis}
\begin{figure}
\centering
\includegraphics[width=100pt]{./military-aircraft-desktop-computer-wallpaper-missile-launch.jpg}
% military-aircraft-desktop-computer-wallpaper-missile-launch.jpg: 1024x768 pixel, 300dpi, 8.67x6.50 cm, bb=0 0 246 184
\caption{Military Aircraft}
\label{fig:f16missile}
\end{figure}
Emphasis on determining criticallity of failure.
Applies some baysian statistics (probabilities of component failues and those causing given system level failures).
\end{frame}
\section{FMECA - Failure Modes Effects and Criticallity Analysis}
@ -292,6 +307,17 @@ for a project manager.
\section{FMEDA - Failure Modes Effects and Diagnostic Analysis}
\begin{frame}
\frametitle{ FMEDA - Failure Modes Effects and Diagnostic Analysis}
\begin{figure}
\centering
\includegraphics[width=200pt]{./SIL.jpg}
% SIL.jpg: 350x286 pixel, 72dpi, 12.35x10.09 cm, bb=0 0 350 286
\caption{SIL requirements}
\end{figure}
\end{frame}
\begin{frame}
\frametitle{ FMEDA - Failure Modes Effects and Diagnostic Analysis}
FMEDA is the methodology behind statistical (safety integrity level)
@ -337,14 +363,16 @@ $$ DiagnosticCoverage = \Sigma\lambda_{DD} / \Sigma\lambda_D $$
\begin{frame}
\frametitle{ FMEDA - Failure Modes Effects and Diagnostic Analysis}
The diagnostic coverage for safe failures, where $\Sigma\lambda_{SD}$ represents the percentage of
The \textbf{diagnostic coverage} for safe failures, where $\Sigma\lambda_{SD}$ represents the percentage of
safe detected base component failure modes,
and $\Sigma\lambda_S$ the total number of safe base component failure modes,
is given as
$$ SF = \frac{\Sigma\lambda_{SD}}{\Sigma\lambda_S} $$
\end{frame}
\begin{frame}
\frametitle{ FMEDA - Failure Modes Effects and Diagnostic Analysis}
\textbf{Safe Failure Fraction.}
A key concept in FMEDA is Safe Failure Fraction (SFF).
This is the ratio of safe and dangerous detected failures
@ -404,7 +432,7 @@ part of product approval for many regulated products in the EU and the USA...
\section{FMEA used for Safety Critical Approvals}
\begin{frame}
\frametitle{Safety Critical Approvals FMEA}
\frametitle{DESIGN FMEA: Safety Critical Approvals FMEA}
Experts from Approval House and Equipment Manufacturer
discuss selected component failure modes
judged to be in critical sections of the product.
@ -420,7 +448,7 @@ judged to be in critical sections of the product.
\end{frame}
\begin{frame}
\frametitle{Safety Critical Approvals FMEA}
\frametitle{DESIGN FMEA: Safety Critical Approvals FMEA}
\begin{figure}[h]
\centering
@ -433,7 +461,7 @@ judged to be in critical sections of the product.
\begin{itemize}
\pause \item Impossible to look at all component failures let alone apply FMEA rigorously.
\pause \item In practise, failure scenarios for critical sections are contested, and either justified or extra safety measures implemented.
\pause \item Meeting notes or minutes only.
\pause \item Often Meeting notes or minutes only. Unusual for detailed arguments to be documented.
\end{itemize}
\end{frame}
@ -472,7 +500,7 @@ judged to be in critical sections of the product.
\end{frame}
\section{Failure Mode Modular De-Composition}
\begin{frame}
\frametitle{FMMD - Failure Mode Modular De-Composition}
% Consider the FMEA type methodologies
% where we look at all the failure modes in a system, and then
% see how they can affect all other components within it,
@ -492,31 +520,42 @@ judged to be in critical sections of the product.
The FMMD methodology breaks the analysis down into small stages,
by making the analyst choose functional groups of components, to which FMEA is applied.
When analysed, we will have a set of symptoms of failure for the functional group.
We can then create a derived~component,
to represent the functional group.
When analysed, a set of symptoms of failure for the functional group is used create a derived~component.
The derived components failure modes, are the symptoms of the functional group
from which it was derived.
We can use derived components to form `higher~level' functional groups.
This creates an analysis hierarchy.
This addresses the state explosion (where $O$ is order
of complexity) $O=N^2$ inherent in equation~\ref{eqn:fmea_state_exp}.
\end{frame}
\begin{frame}
\frametitle{FMMD - Failure Mode Modular De-Composition}
We can view the functional groups in FMMD as forming a hierarchy.
If for the sake of example we consider each functional group to
be three components, the figure below shows
how the levels work and converge to a top or system level.
% \begin{figure}
% \centering
% \includegraphics[width=300pt]{./three_tree.png}
% % three_tree.png: 780x226 pixel, 72dpi, 27.52x7.97 cm, bb=0 0 780 226
% \caption{Functional Group Tree example}
% \label{fig:three_tree}
% \end{figure}
\begin{figure}
\centering
\includegraphics[width=300pt]{./three_tree.png}
% three_tree.png: 780x226 pixel, 72dpi, 27.52x7.97 cm, bb=0 0 780 226
\caption{Functional Group Tree example}
\label{fig:three_tree}
\end{figure}
\end{frame}
\begin{frame}
\frametitle{FMMD - Failure Mode Modular De-Composition}
The fact FMMD analyses small groups of components at a time, and organises them
into a hierarchy
addresses the state explosion (where $O$ is order
of complexity) $O=N^2$ inherent in equation
\begin{equation}
\label{eqn:fmea_single2}
N.(N-1).cfm % \\
%(N^2 - N).cfm
\end{equation}
We can represent the number of failure scenarios to check in an FMMD hierarchy
with equation~\ref{eqn:anscen}.
@ -524,49 +563,58 @@ with equation~\ref{eqn:anscen}.
\label{eqn:anscen}
\sum_{n=0}^{L} {fgn}^{n}.fgn.cfm.(fgn-1)
\end{equation}
Where $fgn$ is the number of components in each functional group,
and $cfm$ is the number of failure modes per component
and L is the number of levels, the number of
analysis scenarios to consider is show in equation~\ref{eqn:anscen}.
~\ref{eqn:fmea_state_exp}.
So for a very simple analysis with three components forming a functional group where
each component has three failure modes, we have only one level (zero'th).
So to check every failure modes against the other components in the functional group
requires 18 checks.
\begin{equation}
\label{eqn:anscen2}
\sum_{n=0}^{0} {3}^{0}.3.3.(3-1) = 18
\end{equation}
\clearpage
\end{frame}
In other words, we have three components in our functional group,
and nine failure modes to consider.
So taking each failure mode and looking at how that could affect the functional group,
we must compare each failure mode against the two other components (the `$fgn-1$' term).
For the one `zero' level FMMD case we are doing the same thing as FMEA type analysis
(but on a very simple small sub-system).
We are looking at how each failure~mode can effect the system/top level.
We can use equation~\ref{eqn:fmea_state_exp44} to represent
the number of checks to rigorously perform FMEA, where $N$ is the total
number of components in the system, and $cfm$ is the number of failures per component.
% So for a very simple analysis with three components forming a functional group where
% each component has three failure modes, we have only one level (zero'th).
% So to check every failure modes against the other components in the functional group
% requires 18 checks.
%
% \begin{equation}
% \label{eqn:anscen2}
% \sum_{n=0}^{0} {3}^{0}.3.3.(3-1) = 18
% \end{equation}
% \clearpage
%
%
%
% In other words, we have three components in our functional group,
% and nine failure modes to consider.
% So taking each failure mode and looking at how that could affect the functional group,
% we must compare each failure mode against the two other components (the `$fgn-1$' term).
%
% For the one `zero' level FMMD case we are doing the same thing as FMEA type analysis
% (but on a very simple small sub-system).
% We are looking at how each failure~mode can effect the system/top level.
% We can use equation~\ref{eqn:fmea_state_exp44} to represent
% the number of checks to rigorously perform FMEA, where $N$ is the total
% number of components in the system, and $cfm$ is the number of failures per component.
Where $N=3$ and $cfm=3$ we can see that the number of checks for this simple functional
group is the same for equation~\ref{eqn:fmea_state_exp22}
and equation~\ref{eqn:anscen}.
\clearpage
%
% Where $N=3$ and $cfm=3$ we can see that the number of checks for this simple functional
% group is the same for equation~\ref{eqn:fmea_state_exp22}
% and equation~\ref{eqn:anscen}.
% \clearpage
%\section{Example}
To see the effects of reducing `state~explosion' we need to look at a larger system.
Let us take a system with 3 levels and apply these formulae.
\begin{frame}
\frametitle{FMMD - Failure Mode Modular De-Composition}
To see the effects of reducing `state~explosion' we can use an example.
% with fixed numbers
%for components in a functional group, and failure modes per component.
Let us take a system with 3 levels,
with three components per functional group and three failure modes per component,
and apply these formulae.
Having three levels (in addition to the top zero'th level)
will require 81 base level components.
@ -584,7 +632,11 @@ $$
\sum_{n=0}^{3} {3}^{n}.3.3.(2) = 720
%\end{equation}
$$
\end{frame}
\begin{frame}
\frametitle{FMMD - Failure Mode Modular De-Composition}
Thus for FMMD we needed to examine 720 failure mode scenarios, and for traditional FMEA
type analysis methods 19440.
% In practical example followed through, no more than 9 components have ever been required for a functional
@ -593,13 +645,16 @@ type analysis methods 19440.
% and 12 failure modes per component) and apply the formulas for a 4 level analysis
% (i.e.
\clearpage
\end{frame}
\begin{frame}
\frametitle{FMMD - Failure Mode Modular De-Composition}
Note that for all possible double simultaneous failures the equation~\ref{eqn:fmea_state_exp} becomes
equation~\ref{eqn:fmea_state_exp2} essentially making the order $N^3$.
The FMMD case (equation~\ref{eqn:anscen2}), is cubic within the functional groups only,
not all the components in the system.
\begin{equation}
\label{eqn:fmea_state_exp2}
N.(N-1).(N-2).cfm % \\
@ -610,6 +665,53 @@ not all the components in the system.
\label{eqn:anscen2}
\sum_{n=0}^{L} {fgn}^{n}.fgn.cfm.(fgn-1).(fgn-2)
\end{equation}
\end{frame}
\begin{frame}
\frametitle{FMMD - Failure Mode Modular De-Composition}
\textbf{traceability}
Because each reasoning stage contains associations ($FailureMode \mapsto Sypmtom$)
we can trace the `reasoning' from base level component failure mode to top level/system
failure.
\end{frame}
\begin{frame}
\frametitle{FMMD - Failure Mode Modular De-Composition}
\textbf{re-usability}
Electronic Systems use commonly re-used functional groups (such as potential~dividers, amplifier configurations etc)
Once a derived component is determined, it can generally be used in other projects.
\end{frame}
\begin{frame}
\frametitle{FMMD - Failure Mode Modular De-Composition}
\textbf{total coverage}
With FMMD we can ensure that all component failure modes
have been represented as a symptom in the derived components created from them.
We can thus apply automated checking to ensure that no
failure modes, from base or derived components have been
missed in an analysis.
\end{frame}
\begin{frame}
\frametitle{FMMD - Failure Mode Modular De-Composition}
\textbf{Conclusion: FMMD}
\begin{itemize}
\pause \item Addresses State Explosion
\pause \item Addresses total coverage of all cooomponents and their failure modes
\pause \item Provides tracable reasoning
\pause \item derived components are re-useable
\end{itemize}
\end{frame}
\begin{frame}
\frametitle{FMMD - Failure Mode Modular De-Composition}
\textbf{Questions?}
\end{frame}
\end{document}