robin/Robin_PHD
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

function definitions domain and range and specific

Browse Source
This commit is contained in:
Robin 2010-06-11 19:17:44 +01:00
parent b1b776265c
commit 69a813989f
3 changed files with 139 additions and 71 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
component_failure_modes_definition/component_failure_modes_definition.tex
View File

@ -243,10 +243,20 @@ This corresponds to the `mutually exclusive' definition in
probability theory\cite{probandstat}.
\end{definition}
We can define a function $FM$ to
take a given component $C$ and return its set of failure modes $F$.
Let the set of all possible tomponents to be $\mathcal{C}$
and let the set of all possible failure modes be $\mathcal{F}$.
$$ FM : C \mapsto F $$
We can define a function $FM$
\begin{equation}
FM : \mathcal{C} \mapsto \mathcal{F}
\end{equation}
defined by
$$ FM ( C ) = F $$
i.e. take a given component $C$ and return its set of failure modes $F$.
\begin{definition}
We can define a set $\mathcal{U}$ which is a set of sets of failure modes, where

55
pt100/pt100.tex
View File

@ -83,6 +83,23 @@ Thus a little loss of supply current due to resistance in the cables
does not impinge on accuracy.
The resistance to temperature conversion is achieved
through the published PT100 tables\cite{eurothermtables}.
The standard voltage divider equations (see figure \ref{fig:vd} and
equation \ref{eqn:vd} can be used to calculate
expected voltages for failure mode and temperature reading purposes.
\begin{figure}[h]
\centering
\includegraphics[width=100pt,bb=0 0 183 170,keepaspectratio=true]{./pt100/voltage_divider.png}
% voltage_divider.png: 183x170 pixel, 72dpi, 6.46x6.00 cm, bb=0 0 183 170
\caption{Voltage Divider}
\label{fig:vd}
\end{figure}
%The looking at figure \ref{fig:vd} the standard voltage divider formula (equation \ref{eqn:vd}) is used.
\begin{equation}
\label{eqn:vd}
V_{out} = V_{in}.\frac{Z2}{Z2+Z1}
\end{equation}
\section{Safety case for 4 wire circuit}
@ -235,21 +252,21 @@ valid temperature range for this example ({0\oc} .. {300\oc}) we can calculate
valid voltage reading ranges by using the standard voltage divider equation \ref{eqn:vd}
for the circuit shown in figure \ref{fig:vd}.
\begin{figure}[h]
\centering
\includegraphics[width=100pt,bb=0 0 183 170,keepaspectratio=true]{./pt100/voltage_divider.png}
% voltage_divider.png: 183x170 pixel, 72dpi, 6.46x6.00 cm, bb=0 0 183 170
\caption{Voltage Divider}
\label{fig:vd}
\end{figure}
%The looking at figure \ref{fig:vd} the standard voltage divider formula (equation \ref{eqn:vd}) is used.
\begin{equation}
\label{eqn:vd}
V_{out} = V_{in}.\frac{Z2}{Z2+Z1}
\end{equation}
%
%\begin{figure}[h]
% \centering
% \includegraphics[width=100pt,bb=0 0 183 170,keepaspectratio=true]{./pt100/voltage_divider.png}
% % voltage_divider.png: 183x170 pixel, 72dpi, 6.46x6.00 cm, bb=0 0 183 170
% \caption{Voltage Divider}
% \label{fig:vd}
%\end{figure}
%%The looking at figure \ref{fig:vd} the standard voltage divider formula (equation \ref{eqn:vd}) is used.
%
%\begin{equation}
%\label{eqn:vd}
% V_{out} = V_{in}.\frac{Z2}{Z2+Z1}
%\end{equation}
%
\subsection{Proof of Out of Range \\ Values for Failures}
@ -286,8 +303,7 @@ Since the lowreading or sense- is directly connected to the 0V rail,
both temperature readings will be 0V.
$$ lowreading = 5V.\frac{100\Omega}{2k2+100\Omega} = 0.218V$$
With pt100 at the high end of the temperature range 300\oc.
$$ highreading = 5V $$
$$ lowreading = 5V.\frac{212.02\Omega}{2k2+212.02\Omega} = 0.44V$$
$$ highreading = 5V.\frac{212.02\Omega}{2k2+212.02\Omega} = 0.44V$$
Thus with $R_2$ shorted both readings are outside the
proscribed range in table \ref{ptbounds}.
@ -433,7 +449,7 @@ This figure is referred to as a FIT\footnote{FIT values are measured as the numb
failures per Billion (${10}^9$) hours of operation, (roughly 114,000 years). The smaller the
FIT number the more reliable the fault~mode} Failure in time.
The formula given for a thermistor in MIL-HDBK-217F\cite{mil1992}[9.8] is reporoduced in
The formula given for a thermistor in MIL-HDBK-217F\cite{mil1992}[9.8] is reproduced in
equation \ref{thermistorfit}. The variable meanings and values are described in table \ref{tab:thermistor}.
\begin{equation}
@ -525,5 +541,8 @@ conditions.
\clearpage
\section{ PT100 Double Simultaneous \\ Fault Analysis}
DO THE DOUBLE
% typeset in {\Huge \LaTeX} \today

139
symptom_ex_process/symptom_ex_process.tex
View File

@ -3,15 +3,14 @@
In failure mode analysis, it is essential to
know the failure modes of the sub-systems and components used.
This paper outlines a technique for determining the failure modes of a sub-system given
its component parts.
%, and the failure modes of those parts.
its components.
This chapter describes a process for taking a functional group of components, applying FMEA analysis and then determining how that functional group can fail.
With this information, we can trat the functional group
With this information, we can treat the functional group
as a component in its own right.
This new component is a derived component.
For a top down technique this would correspond to a sub-system.
For a top down technique this would correspond to a low~level sub-system.
%The technique uses a graphical notation, based on Euler\cite{eulerviz} and Constraint diagrams\cite{constraint} to model failure modes and failure mode common symptom collection. The technique is designed for making building blocks for a hierarchical fault model.
Once the failure modes have been determined for a sub-system/derived~component,
@ -30,10 +29,10 @@ Once a hierarchy is in place it can be converted into a fault data model.
%
From the fault data model, automatic generation
of FTA\cite{nasafta} (Fault Tree Analysis) and mimimal cuts sets\cite{nucfta} are possible.
Also statistical reliability\cite{en61508} and MTTF (Mean Time to Failure) calculations can be produced
Also statistical reliability/probability of failure~on~demand\cite{en61508} and MTTF (Mean Time to Failure) calculations can be produced
automatically, where component failure mode statistics are available\cite{mil1991}.
%
This paper focuses on the process of building the blocks that are used in the hierarchy.
This paper focuses on the process of building the blocks, that are key to creating an FMMD hierarchy.
\end{abstract}
@ -55,7 +54,8 @@ and checks will be made, and finally a component or a low level sub-system
will be found to be faulty.
A natural fault finding process is thus top~down.
\subsection{FMMD - Bottom~up Analysis}
The FMMD technique described here works the other way. It works from the bottom up.
The FMMD technique does not follow the `natural fault finding' or top down approach,
it instead works from the bottom up.
Starting with a collection of components that form
a simple functional group, the effect of all component error modes are
examined, as to their effect on the functional group.
@ -102,7 +102,7 @@ The aims are
It is helpful here to define some terms, `system', `functional~group', `component', `base~component' and `derived~component/sub-system'.
These are listed in table~\ref{tab:symexdef}.
A System, is really any coherent entity that would be sold as a safety critical product.
A System, is really any coherent entity that would be sold as a product. % safety critical product.
A sub-system is a system that is part of some larger system.
For instance a stereo amplifier separate is a sub-system. The
whole Sound System, consists perhaps of the following `sub-systems':
@ -112,8 +112,8 @@ CD-player, tuner, amplifier~separate, loudspeakers and ipod~interface.
%and is the way in which FTA\cite{nucfta} analyses a System
%and breaks it down.
A sub-system will be composed of component parts, which
may themselves be sub-systems. However each `component part'
A sub-system will be composed of components, which
may themselves be sub-systems. However each `component'
will have a fault/failure behaviour and it should
always be possible to obtain a set of failure modes
for each `component'. In FMMD terms a sub-system is a derived component.
@ -166,6 +166,7 @@ Currently this sort of information is generally only available for generic comp
%\vspace{0.3cm}
\begin{table}[h]
\center
\begin{tabular}{||l|l||} \hline \hline
{\em Definition } & {\em Description} \\ \hline
System & A product designed to \\
@ -205,8 +206,9 @@ that we have to consider are all the failure modes of its components.
Each failure mode (or combination of) investigated is termed a `test case'.
Each `test case' is analysed.
The component failure modes are examined with respect to their effect on the functional~group.
The philosophy behind this analysis is, how will the functional~group react
to each of the test case conditions. The aim is to produce a set of failure modes from the perspective of the functional~group.
The aim of this analysis is to find out how the functional~group react
to each of the test case conditions.
The goal of the process is to produce a set of failure modes from the perspective of the functional~group.
\paragraph{Symptom Identification}
When all `test~cases' have been analysed a second phase is applied.
%
@ -222,20 +224,12 @@ will both cause the same failure; $no\_sound$ !
\paragraph{Collection of Symptoms}
The common symptoms of failure and lone~component failure~modes are identified and collected.
We can now consider the functional~group as a component and the common symptoms as its failure modes.
Note that here because this is bottom up, we can ensure that all failure modes
associated with a functional~group have been handled.
Note that here because the process is bottom up, we can ensure that all failure modes
associated with a functional~group have been handled.
Were failure~modes missed any failure mode model could be dangerously incomplete.
It is possible here for an automated system to flag unhandled failure modes.
\ref{requirement at the start}
% \paragraph{symptom abstraction represented on the diagram} This process can be applied using a diagram. From the collection of parts for the sub-system under analysis, a set of failure modes for each component is obtained. A diagram is then drawn with each component failure mode represented by a contour. Component failure mode combinations are chosen for `test cases'.\footnote{Combinations of component failure modes can be represented by overlapping contours} A `test case' is represented on the diagram as a point or asterisk, in a region enclosed by the contours representing the failure modes it investigates. The effect on the sub-system of each test case is analysed. %It is then represented on the diagram by an asterisk on the contour representing the failure mode. The `test~case~results' are archived. When all test cases have been analysed, we switch our attention to a higher abstraction level. % We treat the sub-system as a black box, or as a component part itsself. % We can now look at the test case results from the perspective of a `user' % of this sub-system. % %
% We treat the sub-system as a `black box' and view the effects of the component failure
% at the sub-system level. This mean we are not interested so much in what the compoent does,
% but how the sub-system reacts when it fails in a certain way.
%
% Each `test case' is labelled from the perspective of the failure as seen at sub-system level.
% We can now try to simplfy by determining common symptoms. A common symptom, in this context, is defined as faults caused by different component failure modes that have the same effect from the perspective of a `user' of the sub-system. Test case results can now viewed as failure modes of the sub-sytem or `black box', and grouped together where there are common symptoms. These are grouped together by joining them with lines. These lines form collected groups (or `spiders'). See figure \ref{fig:gensubsys3}.
% It can be seen now that each {\em lone test case} and {\em spider} on the diagram is a distinct failure mode of the sub-system. This means that these failure modes represent the fault behaviour of the sub-system. We can now treat this sub-system as a component in its own right, or in other words, we have derived a failure mode model at a higher level of abstraction. We can now draw a new diagram to represent the failure modes of the sub-system. Each spider or lone test case, becomes a contour representing a failure mode of the sub-system in this new diagram (see figure \ref{fig:gensubsys4}.
\section{The Process : To analyse a base level Derived~Component/sub-system}
@ -260,39 +254,70 @@ Determine which test cases produce the same fault symptoms {\em from the perspec
\section{A general derived Component/Sub-System example}
Consider a functional group $FG$ with component parts $A$,$B$ and $C$.
Consider a functional group $FG$ with components $C_1$, $C_2$ and $C_3$.
$$ FG = \{ A, B , C \} $$
$$ FG = \{ C_1 , C_2 , C_3 \} $$
Each part has a set of related fault modes (i.e. ways in which it can fail to operate correctly).
Let us define the following failure modes for each component part, defining a function $FM()$ where $K$
is a component part and $F$ is its set of failure modes\footnote{Base component failure modes are defined, often with
Each component has a set of related fault modes (i.e. ways in which it can fail to operate correctly).
Let us define the following failure modes for each component, defining a function $FM()$
that is passed a component and returns the set of failure modes associated with it
\footnote{Base component failure modes are defined, often with
statistics and evironmental factors in a variety of sources. \cite{mil1991}
}.
$$
FM : K \mapsto F
$$
\\
For our example above
\\
$$ FM(A) = \{ a_1, a_2, a_3 \} $$
$$ FM(B) = \{ b_1, b_2 \} $$
$$ FM(C) = \{ c_1, c_2 \} $$
To re-cap from the definitions chapter \ref{chap:definitions}.
\paragraph{NOTE TO ANDREW : SHOULD I DEFINE A FUNCTION HERE THAT CONVERTS A FUNCTIONAL GROUP
TO the set of failure modes in all its component parts ??? Am I being lazy here ???}
Let the set of all possible components be $\mathcal{C}$
and let the set of all possible failure modes be $\mathcal{F}$.
We can now represent the functional~group $FG$ as a set of component faulure modes $FG_{cfm}$,
thus
We can define a function $FM$
\begin{equation}
FG_{cfm} = \{a_1, a_2, a_3, b_1, b_2, c_1, c_2 \}
FM : \mathcal{C} \mapsto \mathcal{P}\mathcal{F}
\end{equation}
defined by
$$ FM ( C ) = F $$
%\\
And for this example:
$$ FM(C_1) = \{ a_1, a_2, a_3 \} $$
$$ FM(C_2) = \{ b_1, b_2 \} $$
$$ FM(C_3) = \{ c_1, c_2 \} $$
\paragraph{Finding all failure modes within the functional group}
For FMMD failure mode analysis we need to consider the failure modes
from all the components in the functional group as a flat set.
This can be found by applying function $FM$ to all the components
in the functional~group and taking the union of them thus:
$$ FunctionalGroupAllFailureModes = \bigcup_{j \in \{1...n\}} FM(C_j) $$
We can actually overload the notation for the function FM
and define it for the set components within a functional group $FG$ (i.e. where $FG \subset \mathcal{C} $) thus:
\begin{equation}
FM : FG \mapsto \mathcal{F}
\end{equation}
Applied to the functional~group $FG$ in the example above:
\begin{equation}
FM(FG) = \{a_1, a_2, a_3, b_1, b_2, c_1, c_2 \}
\end{equation}
This can be seen as all the failure modes that can affect the failure mode group $FG$.
\subsection{Analysis of the functional group failure modes}
% The failure modes of the components can be represented as contours on on the diagram in \ref{fig:gensubsys1}. \begin{figure} \centering \includegraphics[width=3in,height=3in,bb=0 0 513 541]{symptom_abstraction/synmptom_abstraction.jpg} % synmptom_abstraction.jpg: 570x601 pixel, 80dpi, 18.10x19.08 cm, bb=0 0 513 541 \label{fig:gensubsys1} \caption{$FG_{cfm}$ Component Failure modes represented as contours} \end{figure} % % DIAGRAM WITH SPIDER % \begin{figure} % \centering % \includegraphics[scale=20]{./synmptom_abstraction.jpg} % % synmptom_abstraction.jpg: 570x601 pixel, 80dpi, 18.10x19.08 cm, bb=0 0 513 541 % \label{fig:gensubsys2} % \caption{$SS_{cfm}$ Component Failure modes represented as contours} % \end{figure} We can now look at the effects that component failure modes have on the sub-system. This process involves examining `test cases'. Each `test case' represents the fault behaviour of the sub-system due to particular combinations of component fault modes. Each test case can be represented on the diagram as a labeled point. The labeled point will reside in a region on the diagram enclosed by the contours representing particular component fault modes. The label will indicate the fault symptom from the perspective of the sub-system. For the sake of example, only single component failure modes are considered. We can now assign a test~case to each contour, and mark it on the diagram. % \begin{figure}[h+] % \centering % \includegraphics[scale=20]{./symptom_abstraction2.jpg} % % synmptom_abstraction.jpg: 570x601 pixel, 80dpi, 18.10x19.08 cm, bb=0 0 513 541 % \label{fig:gensubsys2} % \caption{Component Failure modes with analysed test cases} % \end{figure} \begin{figure} \centering \includegraphics[width=3in,height=3in,bb=0 0 513 541]{symptom_abstraction/symptom_abstraction2.jpg} % symptom_abstraction2.jpg: 570x601 pixel, 80dpi, 18.10x19.08 cm, bb=0 0 513 541 \label{fig:gensubsys2} \caption{Component Failure modes with analysed test cases} \end{figure}
For this example we shall consider single failure modes.
%For each of the failure modes from $FM(FG)$ we shall
%create a test case ($fgfm_i$). Next each test case is examined/analysed
%and its effect on the functional group determined.
\par
%\vspace{0.3cm}
@ -300,6 +325,7 @@ thus
\begin{tabular}{||c|c|c|c||} \hline \hline
{\em Component Failure Mode } & {\em test case} & {\em Functional Group} & {\em Functional Group} \\
{\em } & {\em } & {\em failure mode} & {\em Symptom} \\ \hline
%
$a\_1$ & $fs\_1$ & $fgfm_{1}$ & SP2 \\ \hline
$a\_2$ & $fs\_2$ & $fgfm_{2}$ & SP1 \\ \hline
$a\_3$ & $fs\_3$ & $fgfm_{3}$ & SP2\\ \hline
@ -307,6 +333,7 @@ $b\_1$ & $fs\_4$ & $fgfm_{4}$ & SP1 \\ \hline
$b\_2$ & $fs\_5$ & $fgfm_{5}$ & SP1 \\ \hline
$c\_1$ & $fs\_6$ & $fgfm_{6}$ & \\ \hline
$c\_2$ & $fs\_7$ & $fgfm_{7}$ & SP2\\ \hline
%
\hline
\end{tabular}
\caption{Component to functional group to failure symptoms example}
@ -315,13 +342,13 @@ $c\_2$ & $fs\_7$ & $fgfm_{7}$ & SP2\\ \hline
%\vspace{0.3cm}
Table~\ref{tab:fexsymptoms} shows the analysis process.
In this example we are only looking at single fault possibilities.
As we are only looking at single fault possibilities for this example each failure mode
is represented by a test~case.
The Component failure modes become test cases\footnote{The test case stage is necessary because for more complex analysis we have to consider the effects of combinations of component failure modes}.
The test cases are analysed w.r.t. the functional~group.
These become functional~group~failure~modes ($fgfm$'s).
The functional~group~failure~modes are how the functional group fails for the test~case, rather than how the components failed.
% The sub-system fault symptoms are now represented on the diagram as in figure \ref{fig:gensubsys2}. A second stage of analysis is now applied. Empirically, it is often noticed that a sub-system will fail in the same way due to a variety of reasons. To the `user' of the sub-system, it does not matter which component or combination of components has failed. The sub-system can thus be considered to have its own set of failure modes. This stage of the analysis is to determine these, to collect `like symptoms'. This is performed on the diagram by linking the test cases with lines to form `spiders'
For the sake of example let us consider the fault symptoms of $\{fgfm_2, fgfm_4, fgfm_5\}$ be
identical from the perspective of the functional~group.
That is to say, that the way in which functional~group fails if $fgfm_2$, $fgfm_4$ or $fgfm_5$ % failure modes
@ -339,7 +366,6 @@ Likewise
let $SP2 = \{fgfm_1, fgfm_3, fgfm_7\}$ be an identical failure mode {\em from the perspective of the functional~group}.
Let $\{fgfm_6\}$ be a distinct failure mode {\em from the perspective of the functional~group i.e. it cannot be grouped as a common symptom}.
% The diagram can now be drawn as in figure \ref{fig:gensubsys3}. % \begin{figure}[h+] % \centering % \includegraphics[scale=20]{./symptom_abstraction3.jpg} % % synmptom_abstraction.jpg: 570x601 pixel, 80dpi, 18.10x19.08 cm, bb=0 0 513 541 % \label{fig:gensubsys3} % \caption{Common failure modes collected as `Spiders'} % \end{figure} \begin{figure}[h+] \centering \includegraphics[width=3in,height=3in,bb=0 0 513 541]{symptom_abstraction/symptom_abstraction3.jpg} % symptom_abstraction3.jpg: 570x601 pixel, 80dpi, 18.10x19.08 cm, bb=0 0 513 541 \label{fig:gensubsys3} \caption{Common failure modes collected as `Spiders'} \end{figure}
We have now in $SP1$, $SP2$ and $fgfm_6$ as the three ways in which this functional~group can fail.
In other words we have derived failure modes for this functional~group.
@ -420,14 +446,27 @@ this section
using set theory.
The {\em symptom abstraction process} (given the symbol `$\bowtie$') takes a functional group $FG$
and converts it to a sub-system $DC$.
and converts it to a derived~component/sub-system $DC$.
%The sub-system $SS$ is a collection
%of failure~modes of the sub-system.
Note that
$DC$ is a derived component at a higher level of fault analysis abstraction,
it may be thus be treated
than the functional~group it was derived from.
However, it can still be treated
as a component with a known set of failure modes.
Thus $DC$ can be used as a system building block at a higher
level of fault abstraction.
\paragraph{enumerating abstraction levels}
If $DC$ is included in a functional~group
that functional~group must be considered to be a a higher level of
abstraction than a base level functional~group.
%
In fact if the abstraction level is enumerated
the functional~group must take the abstraction level
of the highest assigned to any of its components.
%
$DC$ can be used as a system building block at a higher
level of fault abstraction. Because the derived components
merge to form functional groups, a converging hierarchy is
naturally formed with the abstraction level increasing with each tier.
The algorithm, representing the function $\bowtie$, has been broken down into five stages, each following on from the other.