AF comments for last week done, now CH2 and janet and john Weeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
This commit is contained in:
Robin Clark
parent
f7c7aa33a2
commit
5c5dade1fa
@ -284,6 +284,7 @@ was presented to the IET System safety conference in 2011,~\cite{syssafe2011}.
|
||||
%
|
||||
FMEA, currently cannot integrate software models into its hardware failure mode models~\cite{sfmea,modelsfmea,embedsfmea,sfmeainterface}, but
|
||||
%
|
||||
\fmmdglossCONTRACTPROG
|
||||
FMMD can use the existing structure of functional software, in conjunction
|
||||
with contract programming to model software;
|
||||
%and
|
||||
|
||||
@ -186,8 +186,8 @@ as defined in equation~\ref{eqn:fmea_single},
|
||||
%
|
||||
% This figure would mean we could compare the maximum number of checks (i.e. exhaustive %rigorous
|
||||
% analysis) with the number actually performed.
|
||||
Comlexity comparision here, means the maximum number of checks (i.e. exhaustive %rigorous
|
||||
analysis) could be compared to the number actually performed.
|
||||
Complexity comparison here, means the maximum number of checks (i.e. exhaustive %rigorous
|
||||
analysis) compared to the number actually performed.
|
||||
%
|
||||
In effect a yard~stick for the amount of work performed
|
||||
for a particular FMEA analysis technique/strategy.
|
||||
|
||||
@ -1436,7 +1436,7 @@ mode could be considered in the context of all other components in the system---
|
||||
%
|
||||
With FMMD, because the {\fgs} have small numbers of components in them, we can easily apply XFMEA within the {\fgs}.
|
||||
%
|
||||
In broad terms, FMMD mitigates state explosion by reducing the number of checks---{\fms} against components)---to perform.
|
||||
In broad terms, FMMD mitigates state explosion by reducing the number of checks---{\fms} against components---to perform.
|
||||
%
|
||||
This issue addressed formally in section~\ref{sec:cc}.
|
||||
\fmmdgloss
|
||||
|
||||
@ -53,7 +53,8 @@ A unitary state failure mode concept was developed (see section~\ref{sec:unitary
|
||||
the FMMD process naturally enforced this throughout the hierarchy of a model.
|
||||
\fmmdglossMUTEX
|
||||
%
|
||||
Finally the FMMD process was described algorithmically using set theory in appendix~\ref{sec:algorithmfmmd}.%{app:alg}.
|
||||
Finally the FMMD process was described algorithmically % using set theory
|
||||
in appendix~\ref{sec:algorithmfmmd}.%{app:alg}.
|
||||
|
||||
In conclusion then, a new method of failure analysis has been devised which improves on established techniques in the following ways:
|
||||
% \begin{itemize}
|
||||
@ -68,8 +69,8 @@ In conclusion then, a new method of failure analysis has been devised which imp
|
||||
% \end{itemize}
|
||||
\fmmdglossSTATEEX
|
||||
\begin{itemize}
|
||||
\item FMMD provides the means to create failure models that integrate software and hardware,
|
||||
\item the state explosion related to exhaustive FMEA solved,
|
||||
\item FMMD provides the means to determine failure models that integrate software and hardware,
|
||||
\item the state explosion related to exhaustive FMEA reduced from a polynomial to logarithmic order,
|
||||
\item a modular approach to FMEA means that analysis work is re-usable,
|
||||
%\item FMMD encourages
|
||||
\item distributed systems, and smart instruments, can now be analysed and assessed,
|
||||
@ -79,7 +80,7 @@ These benefits fall under the following assumptions and constraints:
|
||||
\begin{itemize}
|
||||
\item Failure modes are available for all {\bcs},
|
||||
\item Analysts are capable of finding suitable {\fgs} from electronic schematics,
|
||||
\item Software is hierarchical and its elements (functions) can be modelled using contract programming.
|
||||
\item Functional software and its elements (hardware interfaces, data and functions) can be modelled using contract programming.
|
||||
%\item
|
||||
\end{itemize}
|
||||
\fmmdglossRD
|
||||
@ -158,7 +159,7 @@ in hours for a wide range of generic components
|
||||
can give conservative reliability figures when applied to
|
||||
modern components}.
|
||||
%
|
||||
Using the MIL-HDBK-217F%~\cite{mil1991}
|
||||
Using the MIL-HDBK-217F %~\cite{mil1991}
|
||||
specifications for resistor and thermistor failure statistics, the reliability for the Pt100 example (see section~\ref{sec:Pt100}) is calculated below.
|
||||
%
|
||||
%
|
||||
@ -526,7 +527,7 @@ all failure modes of the resultant {\dcs} as we progress up a hierarchy.
|
||||
FMMD requires that all failure modes of components in a {\fg} are resolved to
|
||||
a symptom in the resulting {\dc}.
|
||||
%
|
||||
Because we can enforce a `complete' analysis, FMMD can find failure modes were missed by
|
||||
Because we can enforce a `complete' analysis, FMMD can find failure modes which were missed by
|
||||
other FMEA processes; meaning that the FMMD process can expose un-handled
|
||||
failure modes.
|
||||
%come to light.
|
||||
@ -562,7 +563,7 @@ leading to idealised XFMEA requirements (see section~\ref{sec:reasoningdistance}
|
||||
Using FMMD only those modules in the hierarchy above the
|
||||
component with the new failure mode need be re-visited.
|
||||
%
|
||||
The failure mode DAGs can be traced to determine exactly which
|
||||
The failure mode DAGs (see section~\ref{sec:chap4}) can be traced to determine exactly which
|
||||
{\fgs} exist in the hierarchy above the affected {\bcs}.
|
||||
%
|
||||
This means that with FMMD the re-work task can be precisely defined.
|
||||
@ -570,7 +571,9 @@ This means that with FMMD the re-work task can be precisely defined.
|
||||
Also where a new {\bc} {\fm} is merged with an existing symptom in the analysis
|
||||
the re-work need not continue above it in the hierarchy.
|
||||
%
|
||||
This could be automated in a software tool that can traverse the failure mode trees.
|
||||
That is a new {\bc} {\fm} may cause a symptom already found in the analysis hierarchy.
|
||||
%
|
||||
Finding these could be automated in a software tool that can traverse the failure mode trees.
|
||||
%
|
||||
% By %doing
|
||||
% applying contracts and seeing how calling functions deal with
|
||||
|
||||
@ -833,54 +833,54 @@ FMMD analysis tables from chapter~\ref{sec:chap6}.
|
||||
\label{sec:gnuplotxfmeafmmdcomp}
|
||||
|
||||
\begin{verbatim}
|
||||
##
|
||||
#####################################################################################
|
||||
# GNUPLOT SCRIPT to plot XFMEA FMMD reasoning distance
|
||||
# comparisons.
|
||||
#
|
||||
#
|
||||
# alway define fp in declaration, as in 'C'
|
||||
# or gnuplot treats these as integers.
|
||||
# Always define floating point explicitly at initialisation, as in 'C',
|
||||
# because otherwise gnuplot treats these as integers.
|
||||
#
|
||||
# number of failure modes per component
|
||||
fm = 3.0
|
||||
|
||||
#
|
||||
# number of components in each functional group
|
||||
k = 3.0
|
||||
|
||||
#
|
||||
# place the functional group size and failure mode per components
|
||||
# size into a string to use as the graph title
|
||||
#
|
||||
tt = sprintf("reasoning distance comparison for |fg| = %d and |fm| = %d", k, fm)
|
||||
set title tt
|
||||
|
||||
#
|
||||
a = 0.0
|
||||
b = 0.0
|
||||
|
||||
#
|
||||
# formula for reasoning distance in one level of FMMD
|
||||
# hierarchy (as given by ll)
|
||||
#
|
||||
fmmd(ll)=k**ll * k * fm * (k - 1)
|
||||
|
||||
#
|
||||
# set up iterative sum in gnuplot syntax
|
||||
# to iterate over FMMD levels
|
||||
#
|
||||
sum(a,b) = (a > b) ? 0 : fmmd(a) + sum(a+1, b)
|
||||
sig_fx(c) = sum(a,c)
|
||||
|
||||
#
|
||||
# reasoning distance for exhaustive case in FMEA
|
||||
# where ll is the hierarchy level
|
||||
xfmea(ll) = k**(ll+1) * ( k**(ll+1) -1 ) * fm
|
||||
|
||||
|
||||
#
|
||||
#
|
||||
set xrange [0:1000]
|
||||
set xlabel "Component count"
|
||||
set ylabel "reasoning distance"
|
||||
set logscale y
|
||||
|
||||
#
|
||||
set terminal png
|
||||
set output 'xfmea_fmmd_comp.png'
|
||||
plot sig_fx(x**(1/k)), xfmea(x**(1/k))
|
||||
#!sleep 20
|
||||
|
||||
#####################################################################################
|
||||
\end{verbatim}
|
||||
|
||||
|
||||
@ -127,8 +127,8 @@ Software Fault Tree Analysis (SFTA):
|
||||
top down failure investigation applied to software}}}
|
||||
|
||||
\newcommand{\fmmdglossSA}{\glossary{name={Symptom Abstraction},description={
|
||||
By applying failure mode analysis to a module, the symptoms of failure for the it are determined
|
||||
given the failure modes of its components, its topology and expected behaviour.}}}
|
||||
By applying failure mode analysis to a module the symptoms of failure for it are determined
|
||||
given the failure modes of its components, its topology and its expected behaviour}}}
|
||||
|
||||
\newcommand{\fmmdglossMUTEX}{\glossary{name={mutually~exclusive},description={
|
||||
Mutual exclusivity applied to component failure modes
|
||||
@ -138,7 +138,7 @@ only one of its failure modes may be active at any given time}}}
|
||||
\newcommand{\fmmdglossSTATEEX}{\glossary{name={State~explosion},description={
|
||||
State Explosion is the effect where very large numbers of combinations of conditions, or combinations of
|
||||
conditions and entities have to be processed. The number to be processed can quickly become too large
|
||||
for practical consideration, and when this happens `state~explosion' can be said to have occurred.
|
||||
for practical consideration, and when this happens `state~explosion' can be said to have occurred
|
||||
}}}
|
||||
|
||||
\newcommand{\fmmdglossFTA}{\glossary{name={FTA},description={
|
||||
|
||||
Loading…
Reference in New Issue
Block a user