robin/Robin_PHD
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Added a very important condition for each state tc

Browse Source 
Each test case must be examined in the light of any applied states
or environmental conditions applied to it.

For instance a test circuit that has two positions
has two states.

Each one must be applied to all the test cases.

In the case of the NASA O ring this could have been the
environmental temperature range behaviour etc
This commit is contained in:
Robin Clark 2010-10-26 21:07:00 +01:00
parent dd07b8b174
commit 5dce3ea282
4 changed files with 49 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
fmmd_design_aide/fmmd_design_aide.tex
View File

@ -165,7 +165,8 @@ Typically this type of circuit would be used to read a thermocouple
and this erro symptom, "LOW READING" would mean our plant could and this erro symptom, "LOW READING" would mean our plant could
beleive that the temperature reading is lower than it actually is. beleive that the temperature reading is lower than it actually is.
To take an example from a K type thermocouple, the offset of 1.86mV To take an example from a K type thermocouple, the offset of 1.86mV
from the potential divider represents amplified to $\approx \, 342mV$ would represent $\approx \; 46\,^{\circ}{\rm C}$. from the potential divider represents amplified to
$\approx \, 342mV$ would represent $\approx \; 46\,^{\circ}{\rm C}$.
\clearpage \clearpage
\subsection{Undetected Failure Mode: Incorrect Reading} \subsection{Undetected Failure Mode: Incorrect Reading}
@ -181,14 +182,51 @@ allowance according to EN61508.
\section{Proposed Checking Method} \section{Proposed Checking Method}
Were we to switch in a a second resistor in parrallel with the Were we to able to switch a second resistor in parrallel with the
safety resistor $R_{safety}$, using a switch (or transistor) safety resistor and switch it out again, we could tet
we could detect the effect on the reading with the potential divider that it is still functioning correctly.
With the new resistor switched in we would expect
the voltage added by the potential divider
to increase.
The circuit in figure \ref{fig:mvamp2} shows an NPN transistor
controlled by the `test line' connection, which can switch in the resitor R30
also with a value of \ohms{2.2M}.
We could detect the effect on the reading with the potential divider
according to the following formula. according to the following formula.
\vspace{10pt} The potential divider is now $\frac{820R}{1M1+820R}$ over 5V this gives
Work out a pot div formula, and some typical values 3.724mV, amplified by 184 this is 0.685V \adcten{140}.
\vspace{10pt} The potential divider with the second resistor
switched out is $\frac{820R}{2M2+820R}$ over 5V gives 1.86mV,
amplified by 184 gives 0.342V \adcten{70}.
This is a difference of \adcten{70} in the readings.
So periodically, perhaps even as frequently as once every few seconds
we can apply the checking resistor and look for a corresponding
change in the reading.
Lets us analyse this in more detail to prove that we are indeed checking for
the failure of the safety resistor, and that we are not instroducing
any new problems.
First let us look at the new transistor and resistor and
treat these as a functional group.
In our analysis of the failure modes we have to consider
both states of the transistor, ON and OFF.
\begin{figure}[h]
\centering
\includegraphics[width=200pt,keepaspectratio=true]{./mv_opamp_circuit2.png}
% mv_opamp_circuit2.png: 577x479 pixel, 72dpi, 20.35x16.90 cm, bb=0 0 577 479
\caption{Amplifier with check circuit}
\label{fig:mvamp2}
\end{figure}
\section{FMMD analysis of Safety Addition} \section{FMMD analysis of Safety Addition}

BIN
fmmd_design_aide/mv_opamp_circuit2.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 14 KiB

3
symptom_ex_process/algorithm.tex
View File

@ -312,13 +312,14 @@ $$ atc(TC) = R $$
\begin{algorithmic}[1] \begin{algorithmic}[1]
\STATE { let r be a `test case result'} \STATE { let r be a `test case result'}
\STATE { Let the function $Analyse : tc \rightarrow r $ } \COMMENT { This analysis is a human activity, examining the failure~modes in the test case and determining how the functional~group will fail under those conditions} \STATE { Let the function $Analyse : tc \rightarrow r $ } \COMMENT { This analysis is a human activity, examining the failure~modes in the test case and determining how the functional~group will fail under those conditions}
\FORALL { Environmental and Specific Conditions }
\STATE { $ R $ is a set of test case results $r_j \in R$ where the index $j$ corresponds to $tc_j \in TC$} \STATE { $ R $ is a set of test case results $r_j \in R$ where the index $j$ corresponds to $tc_j \in TC$}
\FORALL { $tc_j \in TC$ } \FORALL { $tc_j \in TC$ }
\STATE { $ rc_j = Analyse(tc_j) $} \COMMENT {this is Fault Mode Effects Analysis (FMEA) applied in the context of the functional group} \STATE { $ rc_j = Analyse(tc_j) $} \COMMENT {this is Fault Mode Effects Analysis (FMEA) applied in the context of the functional group}
%\STATE { $ rc_j \in R $ } \COMMENT{Add $rc_j$ to the set R} %\STATE { $ rc_j \in R $ } \COMMENT{Add $rc_j$ to the set R}
\STATE{ $ R := R \cup rc_j $ } \COMMENT{Add $rc_j$ to the set R} \STATE{ $ R := R \cup rc_j $ } \COMMENT{Add $rc_j$ to the set R}
\ENDFOR \ENDFOR
\ENDFOR
\RETURN $R$ \RETURN $R$
%\hline %\hline

2
symptom_ex_process/process.tex
View File

@ -83,6 +83,8 @@ form `test cases'.
\item Using the `test cases' as scenarios to examine the effects of component failures \item Using the `test cases' as scenarios to examine the effects of component failures
we determine failure~mode behaviour of the functional group. we determine failure~mode behaviour of the functional group.
This is a human process involving detailed analysis of the failure modes in the test case on the operation of the {\fg}. This is a human process involving detailed analysis of the failure modes in the test case on the operation of the {\fg}.
Where spcific environment conditions, or applied states are germane to the {\fg} these must be examined
for each test case.
\item Collect common~symptoms by determining which test cases produce the same fault symptoms {\em from the perspective of the functional~group}. \item Collect common~symptoms by determining which test cases produce the same fault symptoms {\em from the perspective of the functional~group}.
\item The common~symptoms are now the fault mode behaviour of the {\fg}. i.e. given the {\fg} as a `black box' the symptoms are the ways in which it can fail. \item The common~symptoms are now the fault mode behaviour of the {\fg}. i.e. given the {\fg} as a `black box' the symptoms are the ways in which it can fail.
\item A new `derived component' can now be created where each common~symptom, or lone symptom is a failure~mode of this new component. \item A new `derived component' can now be created where each common~symptom, or lone symptom is a failure~mode of this new component.