Evening edit after work...

fmmd_concept/fmmd_concept.tex

@@ -98,7 +98,7 @@ of analysis.
 The FMMD
 methodology provides a detailed, hierarchical, incremental and analytical
 modelling system which will create a failure mode model from which
-the data models from FTA, FMEA, FMECA and FMEDA % (the statistical approach) 
+the data models for FTA, FMEA, FMECA and FMEDA % (the statistical approach) 
 can be 
 derived. % if required. 
 An FMMD model is effectively a super set of all the four traditional models.
@@ -106,10 +106,10 @@ It also focuses on component interaction within the model,
 something not formally considered in the four established methodologies.
 %
 In addition it applies rigorous checking in all the analysis stages
-ensuring that all component failure modes must be considered in the model.
+ensuring that \textbf{all} component failure modes must be considered in the model.
 
 %
-\paragraph{FMMD Process outline.}
+\paragraph{FMMD process outline.}
 This methodology has been named Failure Mode Modular De-composition (FMMD)
 because it decomposes a SYSTEM into a hierarchy of modules or {\dc}s.
 This
@@ -123,7 +123,7 @@ chapter
 presents the design considerations that motivated and provided the specification for
 the FMMD methodology.
 %
-It first reviews the four traditional
+Firstly it briefly reviews the four traditional
 static failure mode analysis methodologies and 
 lists their known weaknesses. A wish list is then drawn up
 addressing these weaknesses and adding some extra requirements.
@@ -146,7 +146,8 @@ at higher levels of analysis, until we have a complete
 hierarchy representing the failure behaviour of the SYSTEM.
 %
 Because all the failure modes of all the components
-are held in a computer program, we can determine if the model is complete
+are held in a computer program, we can determine if the model has complete coverage
+for component failure modes
 (i.e. all component failure modes have been included in the model).
 
 
@@ -214,15 +215,16 @@ Or we may have a mechanical device that has a different
 failure mode behaviour for say, different ambient pressures or temperatures.
 
 If $E$ is the number of applied states or environmental conditions to consider
-in a system, the job of the bottom-up analyst is presented with an
+in a system, and $A$ the number of applied states,
+the job of the bottom-up analyst is presented with two
 additional %cross product 
-factor, 
+factors, 
-$(N-1) \times N \times K \times E$.
+$(N-1) \times N \times K \times E \times A$.
 If we put some typical very small embedded system numbers\footnote{these figures would
 be typical of a very simple temperature controller, with a micro-controller sensor 
-and heater circuit.} into this, say $N=100$, $K=2.5$ and $E=10$
+and heater circuit.} into this, say $N=100$, $K=2.5$, $A=2$, and $E=10$
-we have $99 \times 100 \times 2.5 \times 10 = 247500 $.
+we have $99 \times 100 \times 2.5 \times 10 \times 2 = 495000 $.
-To look in detail at a quarter of a million test cases is obviously impractical.
+To look in detail at a half of a million test cases is obviously impractical.
 
 If we were to consider multiple simultaneous failure modes,
 we have yet another cross product of checks to be performed.
@@ -306,7 +308,7 @@ Consider an unused feature failing.}. Muliplying these
 together, 
 gives a risk probability number (RPN), given by $RPN = S \times O \times D$.
 This gives in effect
-a prioritised `todo list', with higher $RPN$ values being the most urgent.
+a prioritised `to~do~list', with higher $RPN$ values being the most urgent.
 
 
 \subsubsection{ FMEA weaknesses }
@@ -379,7 +381,7 @@ makes the factor less statistically reliable.
 Failure Modes, Effects, and Diagnostic Analysis (FMEDA)
 % This 
 is a process that takes all the components in a system,
-and using the  failure modes of those components; the investigating engineer
+and using the  failure modes of those components, the investigating engineer
 ties them to possible SYSTEM level events/failure modes.
 %
 This technique 
@@ -727,8 +729,12 @@ to SYSTEM level errors.
 The problem with this is that the base component failure mode under investigation,
 are not rigorously examined in relation to functionally adjacent components.
 %
-Thus there is the `possibility to miss failure mode effects
+If failures modes could be collected and simplified somehow
-at the much higher SYSTEM level' criticism of the FTA, FMEDA and FMECA methodologies.
+at each stage in a hierarchy of {\fgs}, the functionally adjacent
+ideal would be met, and as we progress up the hierarchy the number
+of failure modes should decrease.
+%Thus there is the `possibility to miss failure mode effects
+%at the much higher SYSTEM level' criticism of the FTA, FMEDA and FMECA methodologies.
 %%%
 %%% OK Got up to here Lunchtime edit 06DEC2010.............
 
@@ -807,7 +813,7 @@ In this way as we build the hierarchy, we naturally abstract the
 failure mode behaviour, but can check that all failure modes in 
 the hierarchy have been considered and tied to causing symptoms.
 
-\paragraph{Design Decision: Derived components can be determined from functional groups}
+\paragraph{Design Decision: Derived components must be determined from functional groups.}
 The symptoms obtained from analysing a {\fg} will be used as the `failure~modes'
 of its corresponding {\dc}.
 
@@ -839,7 +845,7 @@ With the results from the test cases we will now have the ways in which the
 We can refine this further, by grouping the common symptoms, or results that
 are the same failure {\wrt} the {\fg}.
 %
-We can now treat the {\fg} as a component, and call it a {\dc}, in other words, a sub-system with a known set of failure modes.
+We can now treat the {\fg} as a component, and create a corresponding {\dc}: in other words, a `sub-system' with a known set of failure modes.
 %
 We can now create a new/{\dc} and assign it these common symptoms
 as its failure modes.
@@ -847,7 +853,7 @@ as its failure modes.
 This {\dc} can be used to build higher level
 {\fg}s, and this will naturally form a hierarchy.
 This hierarchy can be extended until it encompasses 
-an entire system. 
+an entire SYSTEM. 
 %
 It can be considered complete when
 all failure modes from all components are included in the model
@@ -902,7 +908,7 @@ A derived component when created must always have a greater $\alpha$ value than
 of the components included in the {\fg} from which it was derived.
 
 
-\paragraph{Natural Reduction in number of failure modes with abstraction level}
+\paragraph{Natural Reduction in number of failure modes with abstraction level.}
 %
 Because common symptoms are being collected, as we build the tree upward
 the number of failure modes decreases (or exceptionally stays the same)
@@ -1128,11 +1134,6 @@ at each FMMD stage.
 Where appropriate, multiple simultaneous failures can be modelled by
 introducing test~cases where the conjunction of failure modes is considered.
 
-\subsubsection {Inhibit Conditions}
-Some failure modes only occur when another failure has occurred, or
-due to an environmental condition reaching a critical value. This is specifically
-dealt with using the FTA methodology~\cite{nucfta}[IV 9].
-An example FTA inhibit gate is shown in figure \ref{fig:inhibitconcept}.
 
  \begin{figure}
  \centering
@@ -1173,6 +1174,11 @@ An example FTA inhibit gate is shown in figure \ref{fig:inhibitconcept}.
  \label{fig:inhibitconcept}
 \end{figure}
 
+\subsubsection {Inhibit Conditions}
+Some failure modes only occur when another failure has occurred, or
+due to an environmental condition reaching a critical value. This is specifically
+dealt with using the FTA methodology~\cite{nucfta}[IV 9].
+An example FTA inhibit gate is shown in figure \ref{fig:inhibitconcept}.
 \paragraph{Static or Dynamic Modelling of Inhibit}
 If the model is static we can consider the conditional failure,
 at a lower probability of occurring (i.e. the probability