diff --git a/fmmd_concept/template-_abstract_submitted.odt b/fmmd_concept/System_safety_2011/abstract_as_accepted.odt
similarity index 100%
rename from fmmd_concept/template-_abstract_submitted.odt
rename to fmmd_concept/System_safety_2011/abstract_as_accepted.odt
diff --git a/fmmd_concept/System_safety_2011/full-paper-template-system-safety-1.pdf b/fmmd_concept/System_safety_2011/full-paper-template-system-safety-1.pdf
new file mode 100644
index 0000000..0e72873
Binary files /dev/null and b/fmmd_concept/System_safety_2011/full-paper-template-system-safety-1.pdf differ
diff --git a/fmmd_concept/System_safety_2011/submission.tex b/fmmd_concept/System_safety_2011/submission.tex
new file mode 100644
index 0000000..f83bb47
--- /dev/null
+++ b/fmmd_concept/System_safety_2011/submission.tex
@@ -0,0 +1,167 @@
+ \documentclass[twocolumn]{article}
+%\documentclass[a4paper,10pt]{report}
+
+\usepackage{graphicx}
+\usepackage{fancyhdr}
+\usepackage{tikz}
+\usetikzlibrary{shapes,snakes}
+\usepackage{amsfonts,amsmath,amsthm}
+%\input{../style}
+\usepackage{ifthen}
+\usepackage{lastpage}
+
+\newboolean{paper}
+\setboolean{paper}{true} % boolvar=true or false
+
+
+%\newtheorem{definition}{Definition:}
+
+\begin{document}
+\pagestyle{fancy}
+\fancyhf{}
+%\renewcommand{\chaptermark}[1]{\markboth{ \emph{#1}}{}}
+\fancyhead[LO]{}
+\fancyhead[RE]{\leftmark}
+%\fancyfoot[LE,RO]{\thepage}
+\cfoot{Page \thepage\ of \pageref{LastPage}}
+\rfoot{\today}
+\lhead{Developing a rigorous bottom-up modular static failure mode modelling methodology}
+
+%\outerhead{{\small\bf Developing a rigorous bottom-up modular static failure mode modelling methodology}}
+%\innerfoot{{\small\bf R.P. Clark } }   
+                                              % numbers at outer edges
+\pagenumbering{arabic}                        % Arabic page numbers hereafter
+\author{R.P.Clark}
+\title{Developing a rigorous bottom-up modular static failure mode modelling methodology}
+\maketitle 
+
+
+\abstract{
+This paper proposes a methodology for
+creating failure mode models of safety critical systems, which
+has a common notation
+for mechanical, electronic and software domains and applies an
+incremental and rigorous approach.
+
+The four main static failure mode analysis methodologies were examined and 
+in the context of newer European safety standards, assessed.
+Some of the deficiencies identified in these methodologies led to
+a wish list for a more rigorous methodology.
+%%
+%% What I have found
+%%
+From the wish list 
+%and considering some constraints determined from
+%the evaluation of the four established methodologies, 
+a new
+methodology is developed and proposed. 
+This has been named Failure Mode Modular De-Composition (FMMD).
+
+%% Sell it
+%%
+In addition to addressing the traditional weaknesses of
+Fault Tree Analysis (FTA), Fault Mode Effects Analysis (FMEA), Failure Mode Effects Criticality Analysis (FMECA)
+and Failure Mode Effects and Diagnostic Analysis (FMEDA), FMMD provides the means to model multiple failure mode scenarios 
+as specified in newer European Safety Standards \cite{en298}.
+The proposed methodology is bottom-up and can guarantee to leave no component failure mode un-handled. 
+It is also modular, meaning that the results of analysed components may be re-used in other projects.
+}
+
+\section{Introduction}
+ The certification process of safety critical products for European and 
+other international standards often involve environmental stress, 
+endurance and EMC testing. Theoretical, or 'static testing',
+ is often also required to highlight modifications that must be made to
+ improve the product safety, or identify theoretical weaknesses in the design.
+ This paper proposes a new theoretical methodology for creating failure mode models of safety critical systems.
+  It has a common notation for mechanical, electronic and software domains and is modular and hierarchical.
+ These properties provide advantages in rigour and efficiency when compared to current methodologies.
+Current methodologies We briefly analyse the four current methodologies:
+Fault Tree Analysis (FTA) is a top down methodology in which a diagram is drawn for
+ each undesirable top level event, presenting the conditions that must arise to cause
+ the event. It is suitable for large complicated systems with few undesirable top
+ level events and focuses on those events considered most important or most catastrophic.
+ Effects of duplication/redundancy of safety systems can be readily assessed. 
+It uses notations that are readily understood by engineers. 
+However, it cannot guarantee to model all base component failure modes 
+or be used to determine system level errors other than those modelled. 
+Each diagram is a separate model, creating duplication of modelled elements, 
+and there is no facility to cross check between diagrams. It has limited 
+support for environmental and operational states.
+Fault Mode Effects Analysis (FMEA) is used principally in manufacturing. 
+Each defect is assessed by its cost to repair and its frequency, using a 
+failure mode ratio. A list of failures and their cost is generated. 
+It is easy to identify single component failure to system failure scenarios 
+and an estimate of product reliability can be calculated. It cannot focus on 
+component interactions that cause system failure modes or determine potential 
+problems from simultaneous failure modes. It does not consider environmental 
+or operational states in sub-systems or components. It cannot model 
+self-checking safety elements or other in-built safety features or 
+analyse how particular components may fail.
+Failure Mode Criticality Analysis (FMECA) is a refinement of FMEA, using 
+two extra variables: the probability of a component failure mode occurring 
+and the probability that this will cause a top level failure, and the perceived 
+criticality. It gives better estimations of product reliability/safety and the 
+occurrence of particular system failure modes than FMEA but has similar deficiencies.
+Failure Modes, Effects and Diagnostic Analysis (FMEDA) is a refinement of 
+FMEA and FMECA and models self-checking safety elements. It assigns two 
+attributes to component failure modes: detectable/undetectable and safe/dangerous.
+ Statistical measures about the system can be made and used to classify a 
+safety integrity level. It allows designs with in-built safety features to be assessed. 
+Otherwise, it has similar deficiencies to FMEA but has limited support 
+for environmental and operational states in sub-systems or components, 
+via self checking statistical mitigation.
+Requirements for an improved methodology The deficiencies identified in the 
+current methodologies are used to establish criteria for an improved methodology. 
+It must include all component failure modes and therefore should be bottom-up, 
+starting with individual component failure modes. Components should be broken 
+down into small functional groups to enable the examination of the effect of a
+ component failure mode on the other components in the group.
+Development of the new methodology An ontology is developed of 
+failure modes and their relationship to environmental factors, 
+operational states and the hierarchical nature inherent in product design, 
+defining the relationships between the system as a whole, components, 
+failure modes, operational and environmental states. The ontology is used 
+to determine the nature of a hierarchy modelling the system, and to which 
+entities, various conditions/procedures are germane. From the ontology, 
+we determine that environmental effects relate to components, and 
+operational states to functional groups. A functional group can be 
+analysed with respect to its component failure modes, operational 
+states and environmental conditions and from this a set of failures 
+modes, or symptoms for the functional group can be determined. A functional group 
+can be treated as a derived component. Derived components can be 
+used to build functional groups at a higher level. In this manner we 
+can build a hierarchical model with each layer consisting of 
+components derived from the functional groups of derived components.
+From the ontology, a set of rules for simplifying the failure 
+modes (collecting them into common symptoms) as we traverse up the 
+hierarchy is developed. The hierarchical model can have layers added 
+until it converges to a top level single functional group. On collecting 
+symptoms from this, we are left with the top level, or system level, failure modes.
+The model is presented in a diagrammatic notation that has been 
+designed to be intuitive and understandable. It uses well tested 
+visual techniques to represent the elements of the model and their 
+relationships. Software support for the development of models in this 
+notation has been designed and proof-of-concept tools have been implemented.
+This new approach is called 
+Failure Mode Modular De-Composition (FMMD) and is designed 
+to be a superset of the current four approaches, that is to say, 
+from an FMMD model, we should be able to 
+derive models that the other four methodologies would have been 
+able to create. As this approach is modular, many of the results of 
+analysed components may be re-used in other projects, so 
+test efficiency is improved.
+FMMD is based on generic failure modes, so it is not constrained to a 
+particular field. It can be applied to mechanical, electrical or software domains. 
+It can therefore be used to analyse systems comprised of electrical,
+mechanical and software elements in one integrated model.
+
+
+%
+
+\bibliographystyle{plain}
+\bibliography{../vmgbibliography,../mybib}
+
+\today
+\end{document}
+
diff --git a/invopamp/invopamp.tex b/invopamp/invopamp.tex
index ca2d0b3..4e898bb 100644
--- a/invopamp/invopamp.tex
+++ b/invopamp/invopamp.tex
@@ -66,7 +66,7 @@ A standard non inverting  op amp (from ``The Art of Electronics'' ~\cite{aoe}[pp
 
 \begin{figure}[h]
  \centering
- \includegraphics[width=200pt,keepaspectratio=true]{./noninvopamp/noninv.png}
+ \includegraphics[width=200pt,keepaspectratio=true]{./invopamp/noninv.png}
  % noninv.jpg: 341x186 pixel, 72dpi, 12.03x6.56 cm, bb=0 0 341 186
  \caption{Standard non inverting amplifier configuration}
  \label{fig:noninvamp}
@@ -127,7 +127,7 @@ to represent each failure mode, taken from the components R1 and R2,
 in the current balance/virtual ground, shown in figure \ref{fig:fg1}.
 \begin{figure}[h]
  \centering
- \includegraphics[width=200pt,keepaspectratio=true]{./noninvopamp/fg1.png}
+ \includegraphics[width=200pt,keepaspectratio=true]{./invopamp/fg1.png}
  % fg1.jpg: 430x271 pixel, 72dpi, 15.17x9.56 cm, bb=0 0 430 271
  \caption{current balance/virtual ground `functional group' failure modes}
  \label{fig:fg1}
@@ -200,7 +200,7 @@ in table~\ref{pdfmea}.
 
 \begin{figure}[h+]
  \centering
- \includegraphics[width=200pt,keepaspectratio=true]{./noninvopamp/fg1a.png}
+ \includegraphics[width=200pt,keepaspectratio=true]{./invopamp/fg1a.png}
  % fg1a.jpg: 430x271 pixel, 72dpi, 15.17x9.56 cm, bb=0 0 430 271
  \caption{current balance/virtual ground with test cases}
  \label{fig:fg1a}
@@ -303,7 +303,7 @@ We can represent the collection of these symptoms by drawing connecting lines be
 the test cases and naming them (see figure \ref{fig:fg1b}).
 \begin{figure}[h+]
  \centering
- \includegraphics[width=200pt,keepaspectratio=true]{./noninvopamp/fg1b.png}
+ \includegraphics[width=200pt,keepaspectratio=true]{./invopamp/fg1b.png}
  % fg1b.jpg: 430x271 pixel, 72dpi, 15.17x9.56 cm, bb=0 0 430 271
  \caption{Collection of current balance/virtual ground failure mode symptoms}
  \label{fig:fg1b}
@@ -319,7 +319,7 @@ We can use the symbol $\bowtie$ to represent taking the analysed
 %We could represent it algebraically thus: $ \bowtie(PotDiv) = 
 \begin{figure}[h+]
  \centering
- \includegraphics[width=200pt,keepaspectratio=true]{./noninvopamp/dc1.png}
+ \includegraphics[width=200pt,keepaspectratio=true]{./invopamp/dc1.png}
  % dc1.jpg: 430x619 pixel, 72dpi, 15.17x21.84 cm, bb=0 0 430 619
  \caption{From functional group to derived component}
  \label{fig:dc1}
@@ -378,7 +378,7 @@ latchup(12.5\%), latchdown(6\%), nooperation(31.3\%), lowslewrate(50\%).
 We can represent these failure modes on a diagram (see figure~\ref{fig:op1}).
 \begin{figure}[h+]
  \centering
- \includegraphics[width=200pt,keepaspectratio=true]{./noninvopamp/op1.png}
+ \includegraphics[width=200pt,keepaspectratio=true]{./invopamp/op1.png}
  % op1.jpg: 406x221 pixel, 72dpi, 14.32x7.80 cm, bb=0 0 406 221
  \caption{Op Amp failure modes}
  \label{fig:op1}
@@ -438,7 +438,7 @@ from the current balance/virtual ground {\dc}, represented by figure~\ref{fig:fg
 
 \begin{figure}[h+]
  \centering
- \includegraphics[width=200pt,keepaspectratio=true]{./noninvopamp/fgamp.png}
+ \includegraphics[width=200pt,keepaspectratio=true]{./invopamp/fgamp.png}
  % fgamp.jpg: 430x330 pixel, 72dpi, 15.17x11.64 cm, bb=0 0 430 330
  \caption{Amplifier Functional Group}
  \label{fig:fgamp}
@@ -450,7 +450,7 @@ regions) see figure~\ref{fig:fgampa}.
 
 \begin{figure}[h+]
  \centering
- \includegraphics[width=200pt,keepaspectratio=true]{./noninvopamp/fgampa.png}
+ \includegraphics[width=200pt,keepaspectratio=true]{./invopamp/fgampa.png}
  % fgampa.jpg: 430x330 pixel, 72dpi, 15.17x11.64 cm, bb=0 0 430 330 hno
  \caption{Amplifier Functional Group with Test Cases}
  \label{fig:fgampa}
@@ -506,7 +506,7 @@ For this amplifier configuration we have three failure modes, $AMPHigh, AMPLow,
 We can now derive a `component' to represent this amplifier configuration (see figure ~\ref{fig:noninvampa}).
 \begin{figure}[h+]
  \centering
- \includegraphics[width=200pt,keepaspectratio=true]{./noninvopamp/noninvampa.png}
+ \includegraphics[width=200pt,keepaspectratio=true]{./invopamp/noninvampa.png}
  % noninvampa.jpg: 436x720 pixel, 72dpi, 15.38x25.40 cm, bb=0 0 436 720
  \caption{Non Inverting Amplifier Derived Component}
  \label{fig:noninvampa}
@@ -1023,4 +1023,4 @@ Software used to edit these diagrams, keeps the model in a directed acyclic grap
 for this purpose.
 
 \clearpage
-%\end{document}
\ No newline at end of file
+%\end{document}
diff --git a/thesis.tex b/thesis.tex
index 37cdb7c..0d852b6 100644
--- a/thesis.tex
+++ b/thesis.tex
@@ -147,6 +147,12 @@
 \typeout{ ---------------- non inv op amp}
 \input{noninvopamp/noninvopamp}
 
+\chapter{FMMD functional~groups to \\derived component example : Inverting Op-AMP}
+\setboolean{dag}{false} % boolvar=true or false
+\setboolean{pld}{true} % boolvar=true or false
+\typeout{ ---------------- non inv op amp}
+\input{invopamp/invopamp}
+
 \chapter{FMMD functional~group to \\derived component example: `ON/OFF' Switch}
 \typeout{ ---------------- switch1}
 %\input{switch1/switch1}