diff --git a/mybib.bib b/mybib.bib index a859df9..c944031 100644 --- a/mybib.bib +++ b/mybib.bib @@ -388,9 +388,9 @@ doi={10.1109/RAMS.1996.500640}, ISSN={0149-144X},} @ARTICLE{sfmea, - AUTHOR = "Chris Price, Neal Snooke", + AUTHOR = "Neal Snooke and Chris Price", TITLE = "An Automated Software FMEA", - JOURNAL = "International System Safety conference singapore 2008", + JOURNAL = "International System Safety conference Singapore 2008", YEAR = "2008" } @@ -544,7 +544,7 @@ ISSN={2166-563X},} % my bib file. @ARTICLE{fmd91, - AUTHOR = "Reliability Analysis Center", + AUTHOR = "Reliability~Analysis~Center US~DOC", TITLE = "Failure Mode/Mechanisms Distributions 1991", JOURNAL = "United States Department of Commerce: F30602-91-C-0002", YEAR = "1991" @@ -884,7 +884,7 @@ strength of materials, the causes of boiler explosions", } @BOOK{bfmea, - AUTHOR = "Robin E McDermot et all", + AUTHOR = "Robin McDermot", TITLE = "The Basics of FMEA ISBN: 0-527-76320-9", PUBLISHER = "Productivity", YEAR = "1996" @@ -899,7 +899,7 @@ strength of materials, the causes of boiler explosions", @BOOK{faa, - AUTHOR = "Federal Aviation Administration", + AUTHOR = "Federal~Aviation~Administration FAA", TITLE = "System Safety Handbook", PUBLISHER = "http://www.faa.gov/library/manuals/aviation/risk\_management/ss\_handbook/", YEAR = "2008" @@ -973,14 +973,14 @@ ISSN={1530-2059},} } @PHDTHESIS{maikowski, - AUTHOR = "Leo M Maikowski", - TITLE = "Tolreranced Multiple Fault Diagnosis of Analog Circuits", + AUTHOR = "Leo~M Maikowski", + TITLE = "Tolereranced Multiple Fault Diagnosis of Analog Circuits", SCHOOL = " Brighton University, School of Electrical Engineering", YEAR = "1995" } @BOOK{cbds, - AUTHOR = "Chris~Price", + AUTHOR = "Chris Price", TITLE = "Computer-Based Diagnostic Systems ISBN 3-540-76198-5", PUBLISHER = "Springer Practitioner series", YEAR = "1999" @@ -1013,14 +1013,14 @@ ISSN={1530-2059},} @BOOK{f77, - AUTHOR = "A.~Balfour D.H.~Marwick", + AUTHOR = "A. Balfour and D.H. Marwick", TITLE = "Programming in Standard Fortran 77 ISBN 0-435-77486-7", PUBLISHER = "Heinemann Educational Books", YEAR = "1979" } @BOOK{ctw, - AUTHOR = "Gregory~J.E.~Rawlins", + AUTHOR = "Gregory~J.E. Rawlins", TITLE = "Compared to What ? An introduction to the analysis of algorithms ISBN 0-7167-8243-x", PUBLISHER = "Computer Science Press", YEAR = "1991" @@ -1029,14 +1029,14 @@ ISSN={1530-2059},} @BOOK{alg, - AUTHOR = "Alan~Gibbons", + AUTHOR = "Alan Gibbons", TITLE = "Algorithmic Graph Theory ISBN 0-521-28881-9", PUBLISHER = "Cambridge University Press", YEAR = "1985" } @BOOK{found, - AUTHOR = "Ian~Stewart, David~Tall", + AUTHOR = "Ian Stewart and David Tall", TITLE = "The Foundations of Mathematics : ISBN 0-19-853165-6", PUBLISHER = "Oxford University Press", YEAR = "1977" @@ -1050,42 +1050,42 @@ ISSN={1530-2059},} } @BOOK{probstatcrash, - AUTHOR = " M~R~Spiegel, J~Schiller, A~Srinivasan", + AUTHOR = " M~R Spiegel and J Schiller and A Srinivasan", TITLE = "Probability and Statistics Crash Course : SHCAUM'S : ISBN 0-07-138341-7", PUBLISHER = "McGraw Hill", YEAR = "2001" } @BOOK{probstat, - AUTHOR = " M~R~Spiegel", + AUTHOR = " M~R Spiegel", TITLE = "Probability and Statistics Second edition : SHCAUM'S : ISBN 0-07-135004-7", PUBLISHER = "Oxford University Press", YEAR = "1988" } @BOOK{idmfssz, - AUTHOR = " D~C~Ince", + AUTHOR = " D~C Ince", TITLE = " An Introduction to Discrete Mathematics, Formal System Specification and Z : Oxford : ISBN 0-19-853836-7", PUBLISHER = "Oxford University Press", YEAR = "1988" } @BOOK{rdh, - AUTHOR = "F~Langford-Smith", + AUTHOR = "F Langford-Smith", TITLE = "Radio designers Handbook: Fourth Edition", PUBLISHER = "ILIFFE", YEAR = "1953" } @BOOK{wdycwopt, - AUTHOR = " Richard~P~Feynman", + AUTHOR = " Richard~P Feynman", TITLE = " What do you care what other people think: Harper Collins : ISBN 0-586-21855-6", PUBLISHER = " harpercollins", YEAR = "1988" } @BOOK{joyofsets, - AUTHOR = " Keith~devlin", + AUTHOR = " Keith Devlin", TITLE = " The Joy of Sets: 2nd edition: ISBN 978-0-387-94094-6", PUBLISHER = " Springer", YEAR = "1993" @@ -1133,61 +1133,61 @@ ISSN={0098-5589},} address = {Greenwich, CT, USA}, } @MISC{eulerviz, - author = "Peter~Rodgers, John~Howse, Andrew~Fish", + author = "Peter Rodgers and John~Howse and Andrew~Fish", title = "Visualization of Euler Diagrams", howpublished = "http://www.cmis.bton.ac.uk/research/vmg/papers/EulerViz.pdf", year = "2005" } @MISC{eulerprop, - author = "Peter~Rodgers, John~Howse, Gem~Stapleton", + author = "Gem~Stapleton and Peter~Rodgers and John~Howse, ", title = "Properties of Euler Diagrams", howpublished = "http://www.cmis.bton.ac.uk/research/vmg/papers/", year = "2007" } @MISC{en161, - author = "E N Standard", + author = "EN~Standard BSI", title = "EN161:2007 Automatic shutoff valves for gas burners and gas appliances", howpublished = "British standards Institution http://www.bsigroup.com/", year = "2003" } @MISC{en298, - author = "E N Standard", + author = "EN~Standard BSI", title = "EN298:2003 Gas Burner Controllers with forced draft", howpublished = "British standards Institution http://www.bsigroup.com/", year = "2003" } @MISC{en230, - author = "E N Standard", + author = "EN~Standard BSI", title = "EN230:2005 Automatic burner control systems for oil burners", howpublished = "British standards Institution http://www.bsigroup.com/", year = "2005" } @MISC{en60730, - author = "E N Standard", + author = "EN~Standard BSI", title = "EN60730: Automatic Electrical controls for household and similar use", howpublished = "British standards Institution http://www.bsigroup.com/", year = "1994" } @MISC{tisallenkey, - author="Texas Instruments", + author="Texas~Instruments TI", title = "Analysis of the Sallen Key architecture: Application report", howpublished = "Available from http://www.ti.com/lit/an/sloa024b/sloa024b.pdf", year="2002" } @MISC{challenger, - author = "U.S. Presidential Commission", + author = "US~Presidential~Commission US-PCOM", title = "Report of the SpaceShuttle Challanger Accident", howpublished = "Available from http://science.ksc.nasa.gov/shuttle/missions/51-l/docs/rogers-commission/table-of-contents.html", year = "1986" } @MISC{iec60812, - author = "IEC Standard", + author = "IEC~Standard BSI", title = "IEC 60812:1985 Analysis Techniques for system reliability - Procedure for failure mode and effects analysis (FMEA)", howpublished = "British standards Institution http://www.bsigroup.com/", year = "1985" @@ -1237,7 +1237,7 @@ OPTissn = {}, @Manual{tlp181, title = {TLP 181 Datasheet}, key = {TOSHIBA Photocoupler GaAs Ired and Photo−Transistor}, - author = {Toshiba inc.}, + author = {Toshiba}, OPTorganization = {}, address = {http://www.toshiba.com/taec/components2/Datasheet\_Sync//206/4191.pdf}, OPTedition = {}, @@ -1265,7 +1265,7 @@ OPTissn = {}, @Manual{pic18f25k80erratta, title = {Datasheet Erratta: PIC18F66K80 Family Silicon Errata and Data Sheet Clarification DS805119D}, OPTkey = {}, - author = {Microchip inc}, + author = {Microchip}, OPTorganization = {}, address = {http://ww1.microchip.com/downloads/en/DeviceDoc/80519d.pdf}, OPTedition = {}, @@ -1285,7 +1285,7 @@ OPTissn = {}, @Manual{pic18f2523, title = {PIC18F2523 Datasheet}, OPTkey = {}, - author = {Microchip inc}, + author = {Microchip}, OPTorganization = {}, address = {http://ww1.microchip.com/downloads/en/DeviceDoc/39755c.pdf}, OPTedition = {}, @@ -1404,9 +1404,9 @@ OPTissn = {}, @TechReport{eurothermtables, - author = {Eurotherm Ltd.}, + author = {Eurotherm}, title = {Thermocouple Emf TABLES and PLATINUM 100 RESISTANCE THERMOMETER TABLES}, - institution = {Eurotherm, UK}, + institution = {Eurotherm Ltd, UK}, year = {1973}, OPTkey = {}, OPTtype = {}, diff --git a/submission_thesis/CH2_FMEA/copy.tex b/submission_thesis/CH2_FMEA/copy.tex index 0071ea4..ffa53f5 100644 --- a/submission_thesis/CH2_FMEA/copy.tex +++ b/submission_thesis/CH2_FMEA/copy.tex @@ -1134,11 +1134,13 @@ must be made where appropriate. An example of component tolerance considered for FMEA is given in section~\ref{sec:resistortolerance}. -\section{FMEA in current usage: Five variants} +%\section{FMEA in current usage: Five variants} +\section{FMEA in current usage: Four variants} -\paragraph{Five main Variants of FMEA} +%\paragraph{Five main Variants of FMEA} +\paragraph{Four main Variants of FMEA} \begin{itemize} - \item \textbf{PFMEA - Production} Emphasis on cost reduction and product improvement; + %\item \textbf{PFMEA - Production} Emphasis on cost reduction and product improvement; \item \textbf{FMECA - Criticality} Emphasis on minimising the effect of critical systems failing; % Military/Space \item \textbf{FMEDA - Statistical Safety} Statistical analysis giving Safety Integrity Levels; \item \textbf{DFMEA - Design or Static/Theoretical} Approval of safety critical systems using FMEA and single or double failure prevention;% EN298/EN230/UL1998 @@ -1147,39 +1149,41 @@ is given in section~\ref{sec:resistortolerance}. - - -\section{PFMEA - Production FMEA : 1940's to present} -\fmmdglossPFMEA -% -Production FMEA (or PFMEA), is FMEA used to prioritise, in terms of -cost, problems to be addressed in product production. -% -It generally focuses on known problems and using their -statistical frequency %they occur -and their cost to fix multiplied gives a Risk Priority Number (RPN) -for the germane component {\fm}. -% -Fixing problems with the highest RPN number -will return most cost benefit~\cite{bfmea}. -% -An example PFMEA report is presented in table~\ref{tbl:pfmeareport}. - -% benign example of PFMEA in CARS - make something up. -\subsection{PFMEA Example} -\begin{table}[ht] -\label{tbl:pfmeareport} -\caption{FMEA Calculations} % title of Table -\centering % used for centering table -\begin{tabular}{|| l | l | c | c | l ||} \hline - \textbf{Failure Mode} & \textbf{P} & \textbf{Cost} & \textbf{Symptom} & \textbf{RPN} \\ \hline \hline - relay 1 n/c & $1*10^{-5}$ & 38.0 & indicators fail & 0.00038 \\ \hline - relay 2 n/c & $1*10^{-5}$ & 98.0 & doorlocks fail & 0.00098 \\ \hline -% rear end crash & $14.4*10^{-6}$ & 267,700 & fatal fire & 3.855 \\ -% ruptured f.tank & & & & \\ \hline -\hline -\end{tabular} -\end{table} +% Viva Voce: Chris Price said that production FMEA was FMEA for the production process not +% FMEA applied a s a cost saving strategy for mass produced items. +% I disagree slightly, but am removing it as it is explicitly mentioned as a minor correction. 21DEC2013 +% +% \section{PFMEA - Production FMEA : 1940's to present} +% \fmmdglossPFMEA +% % +% Production FMEA (or PFMEA), is FMEA used to prioritise, in terms of +% cost, problems to be addressed in product production. +% % +% It generally focuses on known problems and using their +% statistical frequency %they occur +% and their cost to fix multiplied gives a Risk Priority Number (RPN) +% for the germane component {\fm}. +% % +% Fixing problems with the highest RPN number +% will return most cost benefit~\cite{bfmea}. +% % +% An example PFMEA report is presented in table~\ref{tbl:pfmeareport}. +% +% % benign example of PFMEA in CARS - make something up. +% \subsection{PFMEA Example} +% \begin{table}[ht] +% \label{tbl:pfmeareport} +% \caption{FMEA Calculations} % title of Table +% \centering % used for centering table +% \begin{tabular}{|| l | l | c | c | l ||} \hline +% \textbf{Failure Mode} & \textbf{P} & \textbf{Cost} & \textbf{Symptom} & \textbf{RPN} \\ \hline \hline +% relay 1 n/c & $1*10^{-5}$ & 38.0 & indicators fail & 0.00038 \\ \hline +% relay 2 n/c & $1*10^{-5}$ & 98.0 & doorlocks fail & 0.00098 \\ \hline +% % rear end crash & $14.4*10^{-6}$ & 267,700 & fatal fire & 3.855 \\ +% % ruptured f.tank & & & & \\ \hline +% \hline +% \end{tabular} +% \end{table} \section{FMECA - Failure Modes Effects and Criticality Analysis} @@ -1231,10 +1235,15 @@ A history of the usage and development of FMECA may be found in~\cite{FMECAresea \paragraph{FMECA - Statistical variables.} % -FMECA extends PFMEA, but instead of cost, a criticality or -seriousness factor is ascribed to putative top level incidents. +%Viva Voce: remove +% FMECA extends PFMEA, but instead of cost, a criticality or +% seriousness factor is ascribed to putative top level incidents. +% FMECA has three probability factors for component failures, a system operational time and a severity factor. +FMECA refines FMEA, but instead of a simple top level failure as a result, a criticality or +seriousness factor is also ascribed. %ascribed to putative top level incidents. FMECA has three probability factors for component failures, a system operational time and a severity factor. + \textbf{FMECA ${\lambda}_{p}$ value.} This is the overall failure rate of a base component. This will typically be the failure rate per million ($10^6$) or diff --git a/submission_thesis/CH3_FMEA_criticism/copy.tex b/submission_thesis/CH3_FMEA_criticism/copy.tex index 941aaa9..90ae3f0 100644 --- a/submission_thesis/CH3_FMEA_criticism/copy.tex +++ b/submission_thesis/CH3_FMEA_criticism/copy.tex @@ -406,7 +406,8 @@ utterly anachronistic in the distributed real time system environment. A summary of deficiencies in current FMEA methodologies is listed below: \begin{itemize} %\item FMEA type methodologies were designed for simple electro-mechanical systems of the 1940's to 1960's, - \item State explosion - impossible to perform FMEA exhaustively, %rigorously + \item State explosion - %impossible + very difficult/time consuming to perform FMEA exhaustively, %rigorously \item Difficult to re-use previous analysis work, \item Very difficult to model simultaneous/multiple failures, \item Software and hardware models are separate (if the software is modelled at all) meaning the software interface may not be correctly modelled, @@ -555,7 +556,7 @@ A wish list is presented, stating the features that should exist in an improved FMEA methodology, \begin{itemize} \item Must be able to analyse hybrid software/hardware systems, - \item no state explosion (i.e. XFMEA is impractical), + \item avoid state explosion (i.e. XFMEA is impractical by hand~\cite{cbds}), \item exhaustive checking at a modular level, %(total failure coverage within {\fgs} all interacting component and failure modes checked), \item traceable reasoning inherent in system failure models,% to aid repeatability and checking, \item re-usable i.e. it should be possible to re-use analysis, diff --git a/submission_thesis/CH4_FMMD/copy.tex b/submission_thesis/CH4_FMMD/copy.tex index 41027ff..b5cd4fa 100644 --- a/submission_thesis/CH4_FMMD/copy.tex +++ b/submission_thesis/CH4_FMMD/copy.tex @@ -661,6 +661,9 @@ from base component level to the top and vice versa. \fmmdglossDC \fmmdglossSYMPTOM + + + \section{Defining terms} \paragraph{A discussion on the terms Parts, Components and Base Components.} @@ -690,6 +693,13 @@ as a separate building block for a circuit. For FMMD each of these four op-amps in the chip would be considered to be a separate {\bc}. % CAN WE FIND SUPPORT FOR THIS IN LITERATURE??? + + + + + + + \fmmdglossBC % The above definition of a part, needs further refinement, i.e. to be defined as % defining @@ -710,12 +720,19 @@ In fact any lowest level building block with published failure modes could be co but this determination is the choice of the analyst, which may be influenced by the particular standard~\cite{en298}~\cite{en61508} %~\cite{en230} to which the system is being approved/analysed. - +To summarise, the terms, part, component, module and sub-system may have subtly different +interpretations for different methodologies. +% +FMMD considers two types of components, these are: +\begin{itemize} + \item A {\bc} --- A starting or building block entity with given failure modes, + \item A {\dc} --- An entity determined from failure mode analysis. +\end{itemize} %a lowest level of assembly `part' or an atomic entity, which ever is the smaller %and component to mean either a part or a sub-assembly. %Definitions used in FMMD are lisfuckup mode or not?????ted in table~\ref{tbl:fmmd_defs} and discussed below. -%% FIDDLINGING STEREO SUB_SYSTEM EXAMPLE, THE FIDDLINGING CHILDRENS SECTION +%% \subsection{Definition of terms: sound system example.} \label{sec:cdplayer} @@ -775,7 +792,9 @@ to illuminate the CD might contain a handful of components, and as such would ma as one of the base level {\fgs}. It is a good candidate because it performs a well defined function and it could be considered a design module. -\paragraph{Functional grouping to {\dc} process outline.} +\subsubsection{Functional grouping to {\dc} process outline.} +\label{fmmdguide} +%\paragraph{Functional grouping to {\dc} process outline.} %In choosing the lowest level (base component) sub-systems we would look %for the smallest `functional~groups' of components within a system. %piss %can @@ -811,16 +830,24 @@ An outline of the FMMD process is itemised below: \fmmdglossBC % The FMMD process is described using formal definitions and algorithms in section~\ref{sec:symptomabs}. -} +% 21DEC2013 What is this bracket doing ?} -%What components all have in common is that they can fail, and fail in a -% number of well defined ways. +\paragraph{Functional grouping determination.} +Determining which components to include in a {\fg} is a decision +made by the analyst. The analyst must look at the system schematics/design~documentation and identify +potential {\fgs}. This would typically involve recognising configurations +of components performing specific functions. +To choose appropriate {\fgs} involves a good understanding of the sub-system in hand and an initial top down +perspective. % of it. + +\paragraph{Failure modes used for {\bcs}.} For common {\bcs} there is established literature for the failure modes for the system designer to consider (often with accompanying statistical failure rates)~\cite{mil1991,en298,fmd91}. % \fmmdglossBC +\fmmdglossDC % For instance, a simple resistor is generally considered to fail in two ways, it can go open circuit or it can short. @@ -1100,7 +1127,7 @@ the failure causation logic can be followed and thus the DAG's derived (see figu % \paragraph{Traceability and quality of FMMD analysis.} -By having an analysis report report for each analysis stage, %i.e. {\fg} to {\dc}, +By having an analysis report for each analysis stage, %i.e. {\fg} to {\dc}, we add traceability to the reasoning applied to the FMMD process. % Consider that traditional FMEA has one large reasoning stage, that of component failure mode @@ -1164,7 +1191,7 @@ Because {\fgs} may include components at varying levels of $\abslev$, having it quickly available as an attribute will be required in practical implementations to order the tree, and assist in preventing recursion in the hierarchy (i.e. where -a {\fg} could erroneously include a component above its-self in the hierarchy). +a {\fg} could erroneously include a component above its~self in the hierarchy). % The abstraction level concept is formally defined in appendix~\ref{sec:abstractionlevel}. @@ -1188,7 +1215,7 @@ are naturally mutually exclusive. % This also applies to {\dcs} produced in the FMMD process. % -In the FMMD process common symptoms are are collected, i.e no component failure modes may be %shared +In the FMMD process common symptoms are collected, i.e no component failure modes may be %shared linked to more than one symptom and therefore the failure modes of a {\dc} are mutually exclusive. % Thus FMMD naturally produces {\dcs} with failure modes that are mutually exclusive. @@ -1208,7 +1235,8 @@ we can have a final stage where we consider the subjective or contextual effects With traditional FMEA methodologies this decision (the contextual effects) has to be made for each component {\fm} in the system. -\paragraph{State explosion problem of FMEA solved by FMMD.} +\paragraph{State explosion problem of FMEA mitigated by FMMD.} +%\paragraph{State explosion problem of FMEA solved by FMMD.} % Because FMMD considers failure modes within functional groups; the traditional state explosion problem in FMEA--which lead to the ideal of XFMEA---disappears. diff --git a/submission_thesis/CH5_Examples/copy.tex b/submission_thesis/CH5_Examples/copy.tex index 497a761..77dcdad 100644 --- a/submission_thesis/CH5_Examples/copy.tex +++ b/submission_thesis/CH5_Examples/copy.tex @@ -84,6 +84,8 @@ output voltage above or equal to zero would be erroneous i.e. an `$AMP_{HIGH}$' A threshold would be determined for an `$AMP_{LOW}$' failure symptom (i.e. the output voltage more negative than expected). % error given the expected input range. % %This configuration is interesting from methodology pers. +Following the guidelines for the FMMD process (see section~\ref{fmmdguide}), initially potential {\fgs} are identified. +% There are two obvious ways in which this circuit can be modelled. % One is to do this in two stages, firstly by considering the gain resistors to be a potential divider @@ -321,8 +323,112 @@ this amplifier (see figure~\ref{fig:invdag1}). % Note that this allows failure symptoms to be traced back to causes, i.e. to traverse from system level or top failure modes to base component failure modes. +% +For the one stage analysis, a DAG showing the failure mode behaviour +is presented in figure~\ref{fig:invdag11}. %%%%% 12DEC 2012 UP to here in notes from AF email. % + +\begin{figure}[h+] + \centering + \begin{tikzpicture}[shorten >=1pt,->,draw=black!50, node distance=\layersep] + \tikzstyle{every pin edge}=[<-,shorten <=1pt] + \tikzstyle{fmmde}=[circle,fill=black!25,minimum size=30pt,inner sep=0pt] + \tikzstyle{component}=[fmmde, fill=green!50]; + \tikzstyle{failure}=[fmmde, fill=red!50]; + \tikzstyle{symptom}=[fmmde, fill=blue!50]; + \tikzstyle{annot} = [text width=4em, text centered] + + % Draw the input layer nodes + %\foreach \name / \y in {1,...,4} + % This is the same as writing \foreach \name / \y in {1/1,2/2,3/3,4/4} + % \node[component, pin=left:Input \#\y] (I-\name) at (0,-\y) {}; + + \node[component] (OPAMP) at (0,-1.8) {$OPAMP$}; + \node[component] (R1) at (0,-6) {$R_1$}; + \node[component] (R2) at (0,-7.6) {$R_2$}; + + %\node[component] (C-3) at (0,-5) {$C^0_3$}; + %\node[component] (K-4) at (0,-8) {$K^0_4$}; + %\node[component] (C-5) at (0,-10) {$C^0_5$}; + %\node[component] (C-6) at (0,-12) {$C^0_6$}; + %\node[component] (K-7) at (0,-15) {$K^0_7$}; + + % Draw the hidden layer nodes + %\foreach \name / \y in {1,...,5} + % \path[yshift=0.5cm] + + \node[failure] (OPAMPLU) at (\layersep,-0) {l-up}; + \node[failure] (OPAMPLD) at (\layersep,-1.2) {l-dn}; + \node[failure] (OPAMPNP) at (\layersep,-2.5) {noop}; + \node[failure] (OPAMPLS) at (\layersep,-3.8) {lowslew}; + + \node[failure] (R1SHORT) at (\layersep,-5.1) {$R1_{Sh}$}; + \node[failure] (R1OPEN) at (\layersep,-6.4) {$R1_{Op}$}; + + \node[failure] (R2SHORT) at (\layersep,-7.7) {$R2_{Sh}$}; + \node[failure] (R2OPEN) at (\layersep,-9.0) {$R2_{Op}$}; + + + + % Draw the output layer node + +% % Connect every node in the input layer with every node in the +% % hidden layer. +% %\foreach \source in {1,...,4} +% % \foreach \dest in {1,...,5} + \path (OPAMP) edge (OPAMPLU); + \path (OPAMP) edge (OPAMPLD); + \path (OPAMP) edge (OPAMPNP); + \path (OPAMP) edge (OPAMPLS); + + \path (R1) edge (R1SHORT); + \path (R1) edge (R1OPEN); + + \path (R2) edge (R2SHORT); + \path (R2) edge (R2OPEN); + + + % Potential divider failure modes + % + %\node[symptom] (PDHIGH) at (\layersep*2,-5.8) {$IPD_{HIGH}$}; + %\node[symptom] (PDLOW) at (\layersep*2,-8.1) {$IPD_{LOW}$}; + + + + %\path (R1OPEN) edge (PDLOW); + % \path (R2SHORT) edge (PDLOW); + + + %\path (R2OPEN) edge (PDHIGH); + % \path (R1SHORT) edge (PDHIGH); + + + + \node[symptom] (AMPHIGH) at (\layersep*4.4,-3) {$AMP_{HIGH}$}; + \node[symptom] (AMPLOW) at (\layersep*4.4,-5) {$AMP_{LOW}$}; + \node[symptom] (AMPLP) at (\layersep*4.4,-7) {$LOWPASS$}; + + \path (R1OPEN) edge (AMPHIGH); + \path (R1SHORT) edge (AMPLOW); + \path (R2SHORT) edge (AMPHIGH); + \path (R2OPEN) edge (AMPLOW); + + + %\path (PDLOW) edge (AMPHIGH); + \path (OPAMPLU) edge (AMPHIGH); + + %\path (PDHIGH) edge (AMPLOW); + \path (OPAMPNP) edge (AMPLOW); + \path (OPAMPLD) edge (AMPLOW); + + \path (OPAMPLS) edge (AMPLP); + + \end{tikzpicture} + % End of code + \caption{Full DAG representing failure modes and symptoms of the Inverting Op-amp Circuit analysed in one stage.} + \label{fig:invdag11} + \end{figure} % \clearpage \subsection{Second Approach: Inverting OpAmp analysing with three components in one larger {\fg}} @@ -473,7 +579,7 @@ It could be at either polarity. % (i.e. the other way around R4 could be the neg % Here, even though R3 and R4 are used as a potential divider, it could be either inverted or non-inverted according to the voltages on the inputs. -Therefore the resistors cannot modelled as a potential divider, but must be placed in the {\fg} +Therefore the resistors cannot be modelled as a potential divider, but must be placed in the {\fg} with the OpAmp and analysed. %This means we are either going to %get a high or low reading if R3 or R4 fail. @@ -629,6 +735,9 @@ This FMMD analysis also revealed an undetectable failure mode, $DiffAMPIncorrec The circuit in figure~\ref{fig:circuit2} shows a five pole low pass filter. % +Using the FMMD guidelines~\ref{fmmdguide}, a top down view of the circuit is taken, and then groups of components +performing specific tasks are identified. +% Starting at the input, there is a first order low pass filter buffered by an op-amp, the output of this is passed to a Sallen~Key~\cite{aoe}[p.267]~\cite{electronicssysapproach}[p.288] second order low-pass filter. % @@ -982,6 +1091,10 @@ hence a fault anywhere in the loop is likely to affect all stages. % However, this is not a problem for FMMD, as {\fgs} are readily identifiable. % +% +Using the FMMD guidelines~\ref{fmmdguide}, a top down view of the circuit is taken, and then groups of components +performing specific tasks are identified. +% %The signal path is circular (its a positive feedback circuit) and most failures would simply cause the output to stop oscillating. %The top level failure modes for the FMMD hierarchy bear this out. %However, FMMD is a bottom -up analysis methodology and we can therefore still identify diff --git a/submission_thesis/CH6_Software_Examples/software.tex b/submission_thesis/CH6_Software_Examples/software.tex index ff565d9..ab9ded4 100644 --- a/submission_thesis/CH6_Software_Examples/software.tex +++ b/submission_thesis/CH6_Software_Examples/software.tex @@ -97,7 +97,7 @@ What is potentially difficult with applying FMMD to a software function, is deci its component failure modes %(in electronics the failure modes of its components)---and and its symptoms of failure in a manner compatible with the FMMD process. %(the failure modes of a function taken as a {\dc}) are. % -With electronic components, the literature to points to suitable sets of +With electronic components, the literature points to suitable sets of {\fms}~\cite{fmd91}~\cite{mil1991}~\cite{en298}. %~\cite{en61508}~\cite{en298}. % With software only some library functions are well known and rigorously documented diff --git a/submission_thesis/colophon/abstract.tex b/submission_thesis/colophon/abstract.tex index 9f496bc..ad67441 100644 --- a/submission_thesis/colophon/abstract.tex +++ b/submission_thesis/colophon/abstract.tex @@ -147,7 +147,8 @@ the examples analysed and theoretical models are used to demonstrate this. % End what has been achieved ---- all in 300ish word OK here we go. %Conclusions are presented listing the %and FMMD is compared with traditional HFMEA and SFMEA. -This thesis presents a methodology that solves the state explosion problems of FMEA; +This thesis presents a methodology that %solves +mitigates the state explosion problems of FMEA; provides integrated hardware and software failure mode models; facilitates multiple failure mode analysis; encourages re-use of analysis work diff --git a/submission_thesis/colophon/copy.tex b/submission_thesis/colophon/copy.tex index 29ed6d7..cf93690 100644 --- a/submission_thesis/colophon/copy.tex +++ b/submission_thesis/colophon/copy.tex @@ -55,7 +55,7 @@ Further I thank her for encouraging me to apply for the PhD. %% PITY SHE DID NOT I also wish to thank Alan Jones of Brighton College of Technology for taking a chance on someone with no `A' levels and letting him start an HND in software Engineering in 1986. That more than anything -changed my life and gave me fantasic opportunities. +changed my life and gave me fantastic opportunities. % \\ \\ @@ -213,7 +213,7 @@ the examples analysed and theoretical models are used to demonstrate this. % End what has been achieved ---- all in 300ish word OK here we go. %Conclusions are presented listing the %and FMMD is compared with traditional HFMEA and SFMEA. -This thesis presents a methodology that solves the state explosion problems of FMEA; +This thesis presents a methodology that mitigates the state explosion problems of FMEA; provides integrated hardware and software failure mode models; facilitates multiple failure mode analysis; encourages re-use of analysis work