robin/Robin_PHD
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Got a printer, things moving alot quicker now

Browse Source
This commit is contained in:
Robin Clark 2012-12-29 19:05:28 +00:00
parent d1e0a1ced2
commit 6c3469c27b
3 changed files with 36 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
mybib.bib
View File

@ -113,6 +113,16 @@ ISSN={Doi:10.1145/2330667.2330683},}
YEAR = "2011" YEAR = "2011"
} }
@ARTICLE{fftoriginal,
author={James W. Cooley and John W. Tukey},
journal={Mathematics of Computation},
year={1965},
volume={19},
pages={297-301},
publisher={American Mathematical Society}
}
@article{Lutz:1997:RAU:590564.590572, @article{Lutz:1997:RAU:590564.590572,
author = {Lutz, Robyn R. and Woodhouse, Robert M.}, author = {Lutz, Robyn R. and Woodhouse, Robert M.},
title = {Requirements analysis using forward and backward search}, title = {Requirements analysis using forward and backward search},

39
submission_thesis/CH1_introduction/copy.tex
View File

@ -23,7 +23,7 @@ The ability to assess the safety of man made equipment has been a concern
since the dawn of the industrial age~\cite{usefulinfoengineers,steamboilers}. since the dawn of the industrial age~\cite{usefulinfoengineers,steamboilers}.
The philosophy behind safety measure has progressed The philosophy behind safety measure has progressed
with time, and by World War Two we begin to see concepts such as `no single component failure should cause with time, and by World War Two we begin to see concepts such as `no single component failure should cause
a dangerous system failure'~\cite{echoesofwar}[Ch.13] emerging. a dangerous system failure'~\cite{boffin} emerging~\cite{echoesofwar}[Ch.13].
% %
Concepts such as these allow us to apply Concepts such as these allow us to apply
objective criteria to safety assessment. We can extend the `no~single~failure' concept objective criteria to safety assessment. We can extend the `no~single~failure' concept
@ -32,8 +32,9 @@ to double or even multiple failures being unacceptable as the cause of dangerous
The concept of a double failure causing a dangerous condition being forbidden The concept of a double failure causing a dangerous condition being forbidden
can be found in the legally binding European standard EN298\footnote{EN298:2003 became can be found in the legally binding European standard EN298\footnote{EN298:2003 became
a legal requirement for all new forced draft industrial burner controllers in 2006 within a legal requirement for all new forced draft industrial burner controllers in 2006 within
the European Union.} which became the European Union.} which
a legal requirement in 2006~\cite{en298}. came into force
in 2006~\cite{en298}.
% %
More sophisticated statistically based standards, i.e EN61508~\cite{en61508} and variants thereof, More sophisticated statistically based standards, i.e EN61508~\cite{en61508} and variants thereof,
are based on statistical thresholds for the frequency of dangerous failures. are based on statistical thresholds for the frequency of dangerous failures.
@ -55,12 +56,12 @@ the higher SIL rating we can demand for it.
A band-saw with one operative may require a SIL rating of 1, A band-saw with one operative may require a SIL rating of 1,
a nuclear power-station, with far greater consequences on dangerous failure a nuclear power-station, with far greater consequences on dangerous failure
may require a SIL rating of 4. may require a SIL rating of 4.
SIL ratings give us another objective yardstick to measure system safety. SIL ratings give us another objective yardstick for the measurement of system safety.
%governing failure conditions and determining risk levels associated with systems. %governing failure conditions and determining risk levels associated with systems.
All of these risk assessment techniques are based on variations of %on the theme of All of these risk assessment techniques are based on variations of %on the theme of
Failure Mode Effect Analysis (FMEA), which has its roots in the 1940's mass production industry Failure Mode Effect Analysis (FMEA), which has its roots in the 1940's mass production industry
and was designed to save large companies money by prioritising most financially and was designed to save large companies money by prioritising the most financially
draining problems in a product. % first. draining problems in a product. % first.
% %
The FMEA of the 1940's has been refined and extended into four main variants. The FMEA of the 1940's has been refined and extended into four main variants.
@ -94,7 +95,7 @@ MSc and my project was to create an Euler/Spider~Diagram~\cite{howse:spider} edi
This editor allowed the user to draw Euler/Spider diagrams, and could then This editor allowed the user to draw Euler/Spider diagrams, and could then
represent these as abstract---i.e. mathematical---definitions. represent these as abstract---i.e. mathematical---definitions.
The primary motive for writing the Spider diagram editor was to provide an alternative The primary motive for writing the Spider diagram editor was to provide an alternative
to to formal languages for software specification. to formal languages for software specification.
Because of my exposure to FMEA, I started thinking of ways to apply formal languages and spider diagrams to Because of my exposure to FMEA, I started thinking of ways to apply formal languages and spider diagrams to
failure mode analysis. failure mode analysis.
\paragraph{European Safety Requirements increase in scope and complexity.} \paragraph{European Safety Requirements increase in scope and complexity.}
@ -127,13 +128,13 @@ analysis of identical circuitry was performed many times.
% %
% %
\paragraph{Modularising/De-Composing FMEA: Initial concepts.} % and augmenting this with concepts from Euler/Spider Diagrams.} \subsection{Modularising/De-Composing FMEA: Initial concepts.} % and augmenting this with concepts from Euler/Spider Diagrams.}
In the field of digital signal processing there is an algorithm that revolutionised In the field of digital signal processing there is an algorithm that revolutionised
access to frequency analysis of digital samples called the Fast Fourier transform (FFT)~\cite{fpodsadsp}[Ch.8]. access to frequency analysis of digital samples called the Fast Fourier transform (FFT)~\cite{fftoriginal}.
This took the discrete Fourier transform (DFT), and applied de-composition to its This took the discrete Fourier transform (DFT), and applied de-composition to its
mesh of (often repeated) complex number calculations. mesh of (often repeated) complex number calculations~\cite{fpodsadsp}[Ch.8].
By doing this it broke the problem down from having an exponential By doing this it broke the computing order of complexity problem down from having a polynomial %n exponential
order to a polynomial~\cite{ctw}[pp.401-3]. order to logarithmic order~\cite{ctw}[pp.401-3].
I wondered if this thinking could be applied to the state explosion problems encountered in FMEA. I wondered if this thinking could be applied to the state explosion problems encountered in FMEA.
% %
%Following the concept of de-composing a problem, and thus simplifying the state explosion---using the thinking behind %Following the concept of de-composing a problem, and thus simplifying the state explosion---using the thinking behind
@ -142,7 +143,7 @@ I wondered if this thinking could be applied to the state explosion problems enc
My reasoning was that were we to analyse the problem in small modules, from the bottom-up following the FFT example, we could apply My reasoning was that were we to analyse the problem in small modules, from the bottom-up following the FFT example, we could apply
checking for all double failure scenarios. checking for all double failure scenarios.
% %
Once these first modules were analysed---we now call them {\fgs}--we could determine the symptoms of failure for them. Once these first modules were analysed---we now call them {\fgs}---we could determine the symptoms of failure for them.
Using the symptoms of failure, we could now treat these modules as components in their own right---or {\dcs}---and use them to build higher level Using the symptoms of failure, we could now treat these modules as components in their own right---or {\dcs}---and use them to build higher level
{\fgs}. Higher and higher levels of {\fgs} could be built until we had a hierarchy {\fgs}. Higher and higher levels of {\fgs} could be built until we had a hierarchy
representing a failure mode model for the system. representing a failure mode model for the system.
@ -157,7 +158,7 @@ every double simultaneous failure of all components in a system.
% %
This means, as a fortunate by-product, that many multiple as well as double This means, as a fortunate by-product, that many multiple as well as double
failures would be analysed, but because failure modes are traceable from the base components to the top level---or system---failure modes failures would be analysed, but because failure modes are traceable from the base components to the top level---or system---failure modes
and these can be held in a traversable data structure. these relationships can be held in a traversable data structure.
% %
If held in a traversable data structure we can apply automated methods to search all the cardinalities of multiple failure modes If held in a traversable data structure we can apply automated methods to search all the cardinalities of multiple failure modes
within the model. within the model.
@ -183,6 +184,7 @@ meant that the analyst was forced to associate one component failure mode with o
% %
These concepts were presented at the ``Euler~2004''~\cite{Clark200519} conference held at Brighton University. These concepts were presented at the ``Euler~2004''~\cite{Clark200519} conference held at Brighton University.
This defined the concepts for modularising FMEA using the formal visual notations from Spider diagrams. This defined the concepts for modularising FMEA using the formal visual notations from Spider diagrams.
This lead to work on rapidly calculating available zones in Euler diagrams~\cite{Clark_fastzone}.
% %
The spider diagram notation was useful in defining the concepts and The spider diagram notation was useful in defining the concepts and
initial ideas, but a more traditional `spreadsheet' format has been used initial ideas, but a more traditional `spreadsheet' format has been used
@ -194,7 +196,7 @@ variant of FMEA that this thesis proposes and defends.
% %
% %
\subsection{Objectives of the thesis.} \section{Objectives of the thesis.}
The primary objective of the work performed for this thesis is to present a new modularised variant of The primary objective of the work performed for this thesis is to present a new modularised variant of
FMEA which solves the problems of: FMEA which solves the problems of:
\begin{itemize} \begin{itemize}
@ -203,15 +205,16 @@ FMEA which solves the problems of:
\item Re-usability of pre-analysed modules, \item Re-usability of pre-analysed modules,
\item Inclusion of software in failure mode modelling. \item Inclusion of software in failure mode modelling.
\end{itemize} \end{itemize}
To support this worked examples using the new methodology were created and the work published and presented to To support this, worked examples using the new methodology were created and the work published and presented to
IET safety conferences. % in 2011~\cite{syssafe2011} and 2012~\cite{syssafe2012}. IET safety conferences. % in 2011~\cite{syssafe2011} and 2012~\cite{syssafe2012}.
The development of this new methodology The development of FMMD, starting with a critique of FMEA and a wish-list for a better methodology,
was presented to the IET System safety conference in 2011,~\cite{syssafe2011}. was presented to the IET System safety conference in 2011,~\cite{syssafe2011}.
FMEA, currently cannot integrate software into its failure mode models~\cite{sfmea,modelsfmea,embedsfmea,sfmeainterface}. FMEA, currently cannot integrate software into its failure mode models~\cite{sfmea,modelsfmea,embedsfmea,sfmeainterface}.
A modular variant of FMEA can use the existing structure of functional software, in conjunction FMMD can use the existing structure of functional software, in conjunction
with contract programming, to model software~\cite{syssafe2012}. with contract programming, to model software and this concept was presented to the IET System safety conference in 2012~\cite{syssafe2012}.
\paragraph{Overview---quick guide to contents of the thesis.}
Chapter~\ref{sec:chap2} examines the current state of FMEA based methodologies, Chapter~\ref{sec:chap3} Chapter~\ref{sec:chap2} examines the current state of FMEA based methodologies, Chapter~\ref{sec:chap3}
examines the benefits and drawbacks of these methodologies examines the benefits and drawbacks of these methodologies
and proposes a detailed wish list for an ideal FMEA technique. and proposes a detailed wish list for an ideal FMEA technique.

9
vmgbibliography.bib
View File

@ -11,11 +11,12 @@
year = {2007} year = {2007}
} }
@MISC{Clark_fastzone, % FZD fzd
@ARTICLE{Clark_fastzone,
author = {Robin Clark}, author = {Robin Clark},
title = {Fast Zone Discrimination}, title = {Fast Zone Discrimination, an algorithm for quickly determining available zones in Euler diagrams using the java area and shape classes},
year = {2007}, year = {2007},
booktitle = {Submitted to Visual Languages and Computing 2007}, journal = {Visual Languages and Computing 2007, Idaho, USA},
} }