Got a printer, things moving alot quicker now
This commit is contained in:
Robin Clark
parent
d1e0a1ced2
commit
6c3469c27b
10
mybib.bib
10
mybib.bib
@ -113,6 +113,16 @@ ISSN={Doi:10.1145/2330667.2330683},}
|
||||
YEAR = "2011"
|
||||
}
|
||||
|
||||
|
||||
@ARTICLE{fftoriginal,
|
||||
author={James W. Cooley and John W. Tukey},
|
||||
journal={Mathematics of Computation},
|
||||
year={1965},
|
||||
volume={19},
|
||||
pages={297-301},
|
||||
publisher={American Mathematical Society}
|
||||
}
|
||||
|
||||
@article{Lutz:1997:RAU:590564.590572,
|
||||
author = {Lutz, Robyn R. and Woodhouse, Robert M.},
|
||||
title = {Requirements analysis using forward and backward search},
|
||||
|
||||
@ -23,7 +23,7 @@ The ability to assess the safety of man made equipment has been a concern
|
||||
since the dawn of the industrial age~\cite{usefulinfoengineers,steamboilers}.
|
||||
The philosophy behind safety measure has progressed
|
||||
with time, and by World War Two we begin to see concepts such as `no single component failure should cause
|
||||
a dangerous system failure'~\cite{echoesofwar}[Ch.13] emerging.
|
||||
a dangerous system failure'~\cite{boffin} emerging~\cite{echoesofwar}[Ch.13].
|
||||
%
|
||||
Concepts such as these allow us to apply
|
||||
objective criteria to safety assessment. We can extend the `no~single~failure' concept
|
||||
@ -32,8 +32,9 @@ to double or even multiple failures being unacceptable as the cause of dangerous
|
||||
The concept of a double failure causing a dangerous condition being forbidden
|
||||
can be found in the legally binding European standard EN298\footnote{EN298:2003 became
|
||||
a legal requirement for all new forced draft industrial burner controllers in 2006 within
|
||||
the European Union.} which became
|
||||
a legal requirement in 2006~\cite{en298}.
|
||||
the European Union.} which
|
||||
came into force
|
||||
in 2006~\cite{en298}.
|
||||
%
|
||||
More sophisticated statistically based standards, i.e EN61508~\cite{en61508} and variants thereof,
|
||||
are based on statistical thresholds for the frequency of dangerous failures.
|
||||
@ -55,12 +56,12 @@ the higher SIL rating we can demand for it.
|
||||
A band-saw with one operative may require a SIL rating of 1,
|
||||
a nuclear power-station, with far greater consequences on dangerous failure
|
||||
may require a SIL rating of 4.
|
||||
SIL ratings give us another objective yardstick to measure system safety.
|
||||
SIL ratings give us another objective yardstick for the measurement of system safety.
|
||||
%governing failure conditions and determining risk levels associated with systems.
|
||||
|
||||
All of these risk assessment techniques are based on variations of %on the theme of
|
||||
Failure Mode Effect Analysis (FMEA), which has its roots in the 1940's mass production industry
|
||||
and was designed to save large companies money by prioritising most financially
|
||||
and was designed to save large companies money by prioritising the most financially
|
||||
draining problems in a product. % first.
|
||||
%
|
||||
The FMEA of the 1940's has been refined and extended into four main variants.
|
||||
@ -94,7 +95,7 @@ MSc and my project was to create an Euler/Spider~Diagram~\cite{howse:spider} edi
|
||||
This editor allowed the user to draw Euler/Spider diagrams, and could then
|
||||
represent these as abstract---i.e. mathematical---definitions.
|
||||
The primary motive for writing the Spider diagram editor was to provide an alternative
|
||||
to to formal languages for software specification.
|
||||
to formal languages for software specification.
|
||||
Because of my exposure to FMEA, I started thinking of ways to apply formal languages and spider diagrams to
|
||||
failure mode analysis.
|
||||
\paragraph{European Safety Requirements increase in scope and complexity.}
|
||||
@ -127,13 +128,13 @@ analysis of identical circuitry was performed many times.
|
||||
%
|
||||
|
||||
%
|
||||
\paragraph{Modularising/De-Composing FMEA: Initial concepts.} % and augmenting this with concepts from Euler/Spider Diagrams.}
|
||||
\subsection{Modularising/De-Composing FMEA: Initial concepts.} % and augmenting this with concepts from Euler/Spider Diagrams.}
|
||||
In the field of digital signal processing there is an algorithm that revolutionised
|
||||
access to frequency analysis of digital samples called the Fast Fourier transform (FFT)~\cite{fpodsadsp}[Ch.8].
|
||||
access to frequency analysis of digital samples called the Fast Fourier transform (FFT)~\cite{fftoriginal}.
|
||||
This took the discrete Fourier transform (DFT), and applied de-composition to its
|
||||
mesh of (often repeated) complex number calculations.
|
||||
By doing this it broke the problem down from having an exponential
|
||||
order to a polynomial~\cite{ctw}[pp.401-3].
|
||||
mesh of (often repeated) complex number calculations~\cite{fpodsadsp}[Ch.8].
|
||||
By doing this it broke the computing order of complexity problem down from having a polynomial %n exponential
|
||||
order to logarithmic order~\cite{ctw}[pp.401-3].
|
||||
I wondered if this thinking could be applied to the state explosion problems encountered in FMEA.
|
||||
%
|
||||
%Following the concept of de-composing a problem, and thus simplifying the state explosion---using the thinking behind
|
||||
@ -142,7 +143,7 @@ I wondered if this thinking could be applied to the state explosion problems enc
|
||||
My reasoning was that were we to analyse the problem in small modules, from the bottom-up following the FFT example, we could apply
|
||||
checking for all double failure scenarios.
|
||||
%
|
||||
Once these first modules were analysed---we now call them {\fgs}--we could determine the symptoms of failure for them.
|
||||
Once these first modules were analysed---we now call them {\fgs}---we could determine the symptoms of failure for them.
|
||||
Using the symptoms of failure, we could now treat these modules as components in their own right---or {\dcs}---and use them to build higher level
|
||||
{\fgs}. Higher and higher levels of {\fgs} could be built until we had a hierarchy
|
||||
representing a failure mode model for the system.
|
||||
@ -157,7 +158,7 @@ every double simultaneous failure of all components in a system.
|
||||
%
|
||||
This means, as a fortunate by-product, that many multiple as well as double
|
||||
failures would be analysed, but because failure modes are traceable from the base components to the top level---or system---failure modes
|
||||
and these can be held in a traversable data structure.
|
||||
these relationships can be held in a traversable data structure.
|
||||
%
|
||||
If held in a traversable data structure we can apply automated methods to search all the cardinalities of multiple failure modes
|
||||
within the model.
|
||||
@ -183,6 +184,7 @@ meant that the analyst was forced to associate one component failure mode with o
|
||||
%
|
||||
These concepts were presented at the ``Euler~2004''~\cite{Clark200519} conference held at Brighton University.
|
||||
This defined the concepts for modularising FMEA using the formal visual notations from Spider diagrams.
|
||||
This lead to work on rapidly calculating available zones in Euler diagrams~\cite{Clark_fastzone}.
|
||||
%
|
||||
The spider diagram notation was useful in defining the concepts and
|
||||
initial ideas, but a more traditional `spreadsheet' format has been used
|
||||
@ -194,7 +196,7 @@ variant of FMEA that this thesis proposes and defends.
|
||||
%
|
||||
|
||||
%
|
||||
\subsection{Objectives of the thesis.}
|
||||
\section{Objectives of the thesis.}
|
||||
The primary objective of the work performed for this thesis is to present a new modularised variant of
|
||||
FMEA which solves the problems of:
|
||||
\begin{itemize}
|
||||
@ -203,15 +205,16 @@ FMEA which solves the problems of:
|
||||
\item Re-usability of pre-analysed modules,
|
||||
\item Inclusion of software in failure mode modelling.
|
||||
\end{itemize}
|
||||
To support this worked examples using the new methodology were created and the work published and presented to
|
||||
To support this, worked examples using the new methodology were created and the work published and presented to
|
||||
IET safety conferences. % in 2011~\cite{syssafe2011} and 2012~\cite{syssafe2012}.
|
||||
|
||||
The development of this new methodology
|
||||
The development of FMMD, starting with a critique of FMEA and a wish-list for a better methodology,
|
||||
was presented to the IET System safety conference in 2011,~\cite{syssafe2011}.
|
||||
FMEA, currently cannot integrate software into its failure mode models~\cite{sfmea,modelsfmea,embedsfmea,sfmeainterface}.
|
||||
A modular variant of FMEA can use the existing structure of functional software, in conjunction
|
||||
with contract programming, to model software~\cite{syssafe2012}.
|
||||
FMMD can use the existing structure of functional software, in conjunction
|
||||
with contract programming, to model software and this concept was presented to the IET System safety conference in 2012~\cite{syssafe2012}.
|
||||
|
||||
\paragraph{Overview---quick guide to contents of the thesis.}
|
||||
Chapter~\ref{sec:chap2} examines the current state of FMEA based methodologies, Chapter~\ref{sec:chap3}
|
||||
examines the benefits and drawbacks of these methodologies
|
||||
and proposes a detailed wish list for an ideal FMEA technique.
|
||||
|
||||
@ -11,11 +11,12 @@
|
||||
year = {2007}
|
||||
}
|
||||
|
||||
@MISC{Clark_fastzone,
|
||||
% FZD fzd
|
||||
@ARTICLE{Clark_fastzone,
|
||||
author = {Robin Clark},
|
||||
title = {Fast Zone Discrimination},
|
||||
year = {2007},
|
||||
booktitle = {Submitted to Visual Languages and Computing 2007},
|
||||
title = {Fast Zone Discrimination, an algorithm for quickly determining available zones in Euler diagrams using the java area and shape classes},
|
||||
year = {2007},
|
||||
journal = {Visual Languages and Computing 2007, Idaho, USA},
|
||||
}
|
||||
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user