robin/Robin_PHD
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Glossary entries plus JMC PR of them:wq

Browse Source
This commit is contained in:
Robin Clark 2013-08-18 17:27:12 +01:00
parent 9c09f45a1a
commit 6c79532cb9
4 changed files with 167 additions and 43 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
submission_thesis/CH2_FMEA/copy.tex
View File

@ -675,6 +675,8 @@ It would mean having to consider combinations of internal component failures
as separate failure modes. This concept is discussed in sections~\ref{ch4:mutex}
and~\ref{ch7:mutex}.
%
\fmmdglossMUTEX
%
In general, failure modes
for simple components are mutually exclusive,
but large and complex components (such as integrated circuits), especially where they contain separate modules,

77
submission_thesis/CH4_FMMD/copy.tex
View File

@ -63,6 +63,7 @@ data structures required using UML class models.
% This chapter defines the FMMD process and related concepts and calculations.
FMMD is in essence a modularised variant of traditional FMEA~\cite{sccs}[pp.34-38].
\fmmdgloss
%
%FMEA is a bottom-up, or forward search failure mode technique starting with
%base component failure modes~\cite{safeware}[p.341].
@ -73,6 +74,8 @@ In order to analyse from the bottom-up and apply a modular methodology, we need
small groups of components that naturally
work together to perform a simple function: we term these groups `{\fgs}'.
%
\fmmdglossFG
%
The components to include in a {\fg} are chosen by hand.
%a human, the analyst.
%We can represent the `Functional~Group' as a class.
@ -117,12 +120,15 @@ Once we have the failure mode behaviour of the {\fg}, we can determine its sympt
We view these symptoms as the %derived
failure modes of the {\fg}.
%
\fmmdglossFG
\fmmdglossSYMPTOM
%Or in other words
That is, we can determine how the {\fg} can fail.
As we now have a set of failure modes for the {\fg} we can treat it as a component.
We can now consider the {\fg} as a `{\dc}' % sort of super component
with its own set of failure modes.
%
\fmmdglossDC
% Rather than taking each component failure mode
% and extrapolating top level or system failure symptoms from it,
% small groups of components are collected into {\fgs} and analysed.
@ -158,6 +164,8 @@ That is, we take the traditional FMEA process and modularise it from the bottom-
%into small manageable groups, and use the failure mode behaviour from them to create {\dcs}
%to build higher level groups.
In this way we can incrementally apply FMEA to an entire system. %, with documented reasoning stages.
\fmmdglossDC
\fmmdgloss
%
This has advantages of concentrating
effort in where modules interact (interfaces), of
@ -617,6 +625,7 @@ Notice the many to one mapping from {\bc} failure modes to {\dc} failure mode;
this is a typical effect of an FMMD analysis stage, and means that with each analysis stage we reduce
the number of failure modes to consider.
%
%\fmmdglossDC
%This means that we can take multiple failure modes from {\fgs} components and resolve them
%to failure modes of the {\fg}.
%
@ -676,6 +685,7 @@ we represent the analysis with the DAG in figure \ref{fig:fg1adag}.
We now have % can now create % formulate
a {\dc} to represent this potential divider:
we name this \textbf{PD}.
\fmmdglossDC
This {\dc} will have two failure modes, $HighPD$ and $LowPD$.
% HTR 05SEP2012 We use the symbol $\derivec$ to represent the process of taking the analysed
% HTR 05SEP2012 {\fg} and creating from it a {\dc}.
@ -737,6 +747,7 @@ and low~slew~rate (lowslew) where the op-amp cannot react quickly to changes on
%
%\ifthenelse {\boolean{dag}}
%{
\fmodegloss
%
%\clearpage
We can represent these failure modes on a DAG (see figure~\ref{fig:op1dag}).
@ -1015,8 +1026,11 @@ That is, we can trace failure mode effects
from base component level to the top and vice versa.
\fmodegloss
\fmmdgloss
\fmmdglossFG
\fmmdglossDC
\fmmdglossSYMPTOM
% \paragraph{Worked example. Effect on State explosion.}
@ -1137,6 +1151,7 @@ Using traditional FMEA methods~\cite{sccs}[p.34] we would consider each op-amp
as a separate building block for a circuit. For FMMD each of these four op-amps
in the chip would be considered to be a separate {\bc}.
% CAN WE FIND SUPPORT FOR THIS IN LITERATURE???
\fmmdglossBC
%
We need to go further than the above definition of a part, and define % defining
an atomic entity. % used as a building block.
@ -1179,7 +1194,9 @@ For instance a stereo amplifier separate/slave is a component.
%The
A whole sound system consists perhaps of the following components:
CD-player, tuner, amplifier~separate, loudspeakers and ipod~interface.
\fmmdglossSYS
\fmmdglossSS
%Thinking like this is a top~down analysis approach
%and is the way in which FTA\cite{nucfta} analyses a System
%and breaks it down.
@ -1187,6 +1204,9 @@ CD-player, tuner, amplifier~separate, loudspeakers and ipod~interface.
Components can be composed of components, recursively down to
the {\bcs}.
%
\fmmdglossFG
\fmmdglossBC
%
However each component
will have a fault/failure behaviour and it should
always be possible to obtain a set of failure modes
@ -1208,6 +1228,7 @@ a massive list of base~components, resistors, motors, user~switches, laser~diode
Working from the bottom~up, we need to pick small
collections of components that work together in some way.
These collections are termed `{\fgs}'.
\fmmdglossFG
%
For instance, the circuitry that powers the laser diode
to illuminate the CD might contain a handful of components, and as such would make a good candidate
@ -1223,6 +1244,10 @@ to perform a specific function.
%
When we have analysed the fault behaviour of a {\fg}, we can treat it as a `black~box'.
%
\fmmdglossFG
\fmmdglossDC
%
%
The {\fgs} fault behaviour will consist of a set of %
failure modes caused by combinations
of its component's failure modes.
@ -1240,6 +1265,10 @@ An outline of the FMMD process is itemised below:
\item Create and name a derived component for the {\fg},
\item Assign the common failure modes from the {\fg} as the failure modes of the {\dc}.
\end{itemize}
\fmmdglossFG
\fmmdglossDC
\fmmdgloss
\fmmdglossBC
%
The FMMD process is described in using formal definitions and algorithms in section~\ref{sec:symptomabs}.
@ -1290,12 +1319,16 @@ there is established literature for the failure modes for the system designer to
(often with accompanying statistical
failure rates)~\cite{mil1991,en298,fmd91}.
%
\fmmdglossBC
%
For instance, a simple resistor is generally considered
to fail in two ways, it can go open circuit or it can short.
%
Electrical components have data-sheets associated with them. The data sheets
supply detailed information on the component as supplied by the manufacturer.
%
\fmodegloss
%
Because they are written for system designers, and to an extent advertise the product,
they rarely give %show %clearly detail the
failure modes of the component.
@ -1337,6 +1370,8 @@ From this diagram we see that each component must have at least one failure mode
To clearly show that the failure modes are mutually exclusive states, or unitary states associated with one component,
each failure mode is referenced back to only one component.
%
\fmmdglossMUTEX
%
This constraint is discussed in detail in section~\ref{sec:unitarystate}.
%%-%% MTTF STATS CHAPTER MAYBE ??
@ -1383,9 +1418,13 @@ By `modularising a system' we mean recursively breaking it into smaller sections
When modularising a system from the top~down, as in Fault Tree Analysis (FTA)~\cite{nasafta}\cite{nucfta} ,
it is common to term the modules identified as sub-systems.
%
\fmmdglossFTA
\fmmdglossSS
%
When modularising failure mode behaviour from the bottom up, it is more meaningful to call them `derived~components'.
%
\fmmdglossDC
%
\section{Failure Modes in depth}
@ -1400,6 +1439,9 @@ We are not usually concerned with how the component has failed
internally.
%
What we need to know are the symptoms of failure.
%
\fmmdglossSYMPTOM
%
With these symptoms, we can trace their effects through the system under investigation
and finally determine top-level failure events. % outcomes.
%
@ -1432,9 +1474,13 @@ causing specific system level errors.
For example the FMEA variant FMECA, uses
Bayes theorem~\cite{probstat}[p.170]~\cite{nucfta}[p.74] (the relation between a conditional probability and its reverse)
and is applied to specific failure modes in components and their probability of causing given system level errors.
\fmmdglossFMECA
Another top down methodology is to apply cost benefit analysis
to determine which faults are the highest priority to fix~\cite{bfmea}.
%
%\fmmdglossFMEA
\fmeagloss
%
The aim of FMMD analysis is to produce complete\footnote{Completeness dependent upon the completeness/correctness of the {\fms} supplied by the germane standard
for our {\bcs}.} failure
models of safety critical systems from the bottom-up,
@ -1445,10 +1491,12 @@ starting where possible with known base~component failure~modes.
An advantage of working from the bottom up is that we can ensure that
all component failure modes must be considered.
%
A top down approach
A top down approach (such as FTA)
can miss individual failure modes of components~\cite{faa}[Ch.~9],
especially where there are non-obvious top-level faults.
%
\fmmdglossFTA
%
\subsection{From functional group to newly derived component}
@ -1458,8 +1506,8 @@ all the failure modes of all the components in the group
and collecting symptoms of failure, is termed `symptom abstraction'.
%
This is dealt with in detail using an algorithmic description, in appendix \ref{sec:algorithmfmmd}.
\fmmdglossFG
\fmmdglossDC
% % define difference between a \fg and a \dc
% A {\fg} is a collection of components. A {\dc} is a new `theoretical'
% component which has a set of failure modes,
@ -2228,6 +2276,8 @@ by a symptom within a {\fg}, and therefore the failure modes of a {\dc} are mutu
%
Thus FMMD naturally produces {\dcs} with failure modes that are mutually exclusive.
%
\fmmdglossMUTEX
%
This property is examined in more detail in section~\ref{ch7:mutex}.
\paragraph{Objective and contextual/subjective failure symptoms.}
@ -2246,6 +2296,7 @@ mode could be considered in the context of all other components in the system---
With FMMD, because the {\fgs} have small numbers of components in them, we can easily apply XFMEA within the {\fgs}.
%
This issue addressed formally in section~\ref{sec:cc}.
\fmmdgloss
\paragraph{Uses of the FMMD failure mode model.}
%
@ -2263,4 +2314,10 @@ described in greater detail in section~\ref{sec:determine_fms}).
We can also use the FMMD model to derive information
to assist in creating related models such as FTA~\cite{nucfta,nasafta},
traditional FMEA, FMECA~\cite{safeware}[p.344], FMEDA~\cite{scsh}, diagnostics schemas~\cite{dbamafta}
and other failure mode analysis methodologies.
and other failure mode analysis methodologies.
\fmmdglossFTA
\fmmdglossFMECA
\fmmdglossFMEDA
\fmmdgloss
%\fmmdglossFMEA
\fmeagloss

7
submission_thesis/CH7_Evaluation/copy.tex
View File

@ -738,6 +738,9 @@ are level shifted, adding to the complication of analysing it for failures.
\paragraph{Design Decision/Constraint}
An important factor in defining a set of failure modes is that they
should represent the failure modes as simply and minimally as possible.
%
\fmmdglossMUTEX
%
It should not be possible, for instance, for
a component to have two or more failure modes active at once.
Were this to be the case, we would have to consider additional combinations of
@ -798,7 +801,7 @@ Because of this, the failure mode set $F=fm(R)$ is `unitary~state'.
%therefore
%$ fm(R) \in \mathcal{U} $.
These concepts are expanded in section~\ref{sec:usprob}.
\fmmdglossMUTEX
We can make this a general case by taking a set $F$ (with $f_1, f_2 \in F$) representing a collection
@ -854,6 +857,8 @@ For instance, the voltage reading functions which consist
of a multiplexer and ADC---which must work together to channel readings--- could be considered to be components
inside the micro-controller package.
%
\fmmdglossMUTEX
%
The micro-controller thus becomes a collection of smaller components
that can be analysed separately~\footnote{It is common for the signal paths
in a safety critical product to be traced, and when entering a complex

124
submission_thesis/style.tex
View File

@ -78,41 +78,95 @@
%\fmodegloss
\newcommand{\fmmdglossSYS}{\glossary{name={system}, description={A product designed to work as a coherent entity}}}
\newcommand{\fmmdglossSS}{\glossary{name={sub-system}, description={A part of a system, sub-systems may contain sub-systems and so-on}}}
\newcommand{\fmmdglossDC}{\glossary{name={{\dc}}, description={A theoretical component, derived from a collection of components (which may be derived components themselves)}}}
\newcommand{\fmmdglossFG}{\glossary{name={{\fg}}, description={A collection of sub-systems and/or components that interact to perform a specific function}}}
\newcommand{\fmmdglossSYMPTOM}{\glossary{name={symptom}, description={A failure mode of a {\fg}, caused by a combination of its component failure modes}}}
\newcommand{\fmmdglossBC}{\glossary{name={base component}, description={Any bought in component, or lowest level module/or part}}}
\newcommand{\fmmdglossSYS}{\glossary{name={system}, description={
A product designed to work as a coherent entity}}}
\newcommand{\fmmdglossSS}{\glossary{name={sub-system}, description={
A part of a system, sub-systems may contain sub-systems and so-on}}}
\newcommand{\fmmdglossDC}{\glossary{name={{\dc}}, description={
A theoretical component, derived from a collection of components (which may be derived components themselves)}}}
\newcommand{\fmmdglossFG}{\glossary{name={{\fg}}, description={
A collection of sub-systems and/or components that interact to perform a specific function}}}
\newcommand{\fmmdglossSYMPTOM}{\glossary{name={symptom}, description={
A failure mode of a {\fg}, caused by a combination of its component failure modes}}}
\newcommand{\fmmdglossBC}{\glossary{name={{\bc}}, description={
Any bought in component, or lowest level module/or part}}}
%\newcommand{\fmmdglossFIT}{\glossary{name={FIT},description={Failure in Time (FIT). The statistical likelihood of failure mode occurring within a $10^9$ hour period.}}
\newcommand{\fmmdglossFIT}{\glossary{name={FIT}, description={Failure in Time (FIT). The number of times a particular
failure is expected to occur within a $10^{9}$ hour time period.}}}
\newcommand{\fmmdglossFIT}{\glossary{name={FIT}, description={
Failure in Time (FIT). The number of times a particular
failure is expected to occur within a $10^{9}$ hour time period}}}
\newcommand{\fmmdglossHFMEA}{\glossary{name={HFMEA},description={
Hardware FMEA. FMEA applied to hardware i.e. mechanical or electrical equipment.}}}
Hardware FMEA. FMEA applied to hardware i.e. mechanical or electrical equipment}}}
\newcommand{\fmmdglossSFMEA}{\glossary{name={SFMEA},description={
Software FMEA. FMEA techniques applied to software. }}}
Software FMEA (SFMEA). FMEA techniques applied to software}}}
\newcommand{\fmmdglossXFMEA}{\glossary{name={XFMEA},description={
Exhaustive FMEA. Applying FMEA exhaustively means checking each failure mode
Exhaustive FMEA (XFMEA). Applying FMEA exhaustively means checking each failure mode
for effects on all components in a given system. }}}
\newcommand{\fmmdglossDFMEA}{\glossary{name={DFMEA},description={Design FMEA. FMEA applied in design stages of a product. Used as a discussion method to reveal safety weakness and improve built in safety.}}}
\newcommand{\fmmdglossPFMEA}{\glossary{name={PFMEA},description={Production FMEA. FMEA applied applied for cost benefit analysis typically used in mass production.}}}
\newcommand{\fmmdglossSFTA}{\glossary{name={SFTA},description={Software Fault Tree Analysis (SFTA): top down failure investigation applied to software.}}}
\newcommand{\fmmdglossFTA}{\glossary{name={FTA},description={Fault Tree Analysis (FTA). A top down failure analysis technique which starts with undesirable top level events and works downwards to putative causes.}}}
\newcommand{\fmmdglossFMEDA}{\glossary{name={FMEDA},description={Failure Mode Effects and Diagnostic Analysis (FMEDA). An extended FMEA technique which provides for diagnostic mitigation and has a final statistical safety level as a result.}}}
\newcommand{\fmmdglossFMECA}{\glossary{name={FMECA},description={Failure Mode Effects and Criticality Analysis (FMECA). An extended FMEA technique which is used to order the severity or criticality of top level events/symptoms.}}}
\newcommand{\fmmdglossFS}{\glossary{name={forward~search},description={Failure analysis where the start points are base component failure modes and the result is system level failure/symptom.}}}
\newcommand{\fmmdglossBS}{\glossary{name={backward~search},description={Failure analysis where the start points are system level failure/symptom and the results are lower level putative causes.}}}
\newcommand{\fmmdglossINHIBIT}{\glossary{name={inhibit},description={A guard on a process such that if a condition is not met, the process may not continue.}}}
\newcommand{\fmmdglossSIGPATH}{\glossary{name={signal~path},description={The components (software or hardware) and connections that a particular signal or value is derived from in a system.}}}
\newcommand{\fmmdglossRD}{\glossary{name={reasoning~distance},description={A reasoning distance is the number of stages of logic and reasoning, counted by the number of components examined, used to map a failure cause to its potential outcomes.}}}
\newcommand{\fmmdglossOBS}{\glossary{name={observability}, description={If it cannot be detected that a failure has occurred it is termed unobservable or undetectable.}}}
\newcommand{\fmmdglossDFMEA}{\glossary{name={DFMEA},description={
Design FMEA. FMEA applied in design stages of a product.
Can be used as a discussion/brain~storming method to
reveal safety weakness and improve built in safety}}}
\newcommand{\fmmdglossPFMEA}{\glossary{name={PFMEA},description={
Production FMEA (PFMEA).
FMEA applied for cost benefit analysis typically used in mass production}}}
\newcommand{\fmmdglossSFTA}{\glossary{name={SFTA},description={
Software Fault Tree Analysis (SFTA):
top down failure investigation applied to software}}}
\newcommand{\fmmdglossMUTEX}{\glossary{name={mutually~exclusive},description={
Mutual exclusivity applied to component failure modes
means that for each component it is ensured that
only one of its failure modes may be active at any given time}}}
\newcommand{\fmmdglossFTA}{\glossary{name={FTA},description={
Fault Tree Analysis (FTA).
A top down failure analysis technique which starts with undesirable
top level events, and using symbols from digital logic builds
a tree, working downwards to putative causes.}}}
\newcommand{\fmmdglossFMEDA}{\glossary{name={FMEDA},description={
Failure Mode Effects and Diagnostic Analysis (FMEDA).
An extended FMEA technique which provides for diagnostic
mitigation and has a final statistical safety level as a result}}}
\newcommand{\fmmdglossFMECA}{\glossary{name={FMECA},description={
Failure Mode Effects and Criticality Analysis (FMECA).
An extended FMEA technique, based on Bayesian statistics,
which is used to order the severity or criticality of top level events/symptoms}}}
\newcommand{\fmmdglossFS}{\glossary{name={forward~search},description={
Failure analysis where the start points are base component failure modes and the result is system level failure/symptom.
Sometimes termed `bottom~up'}}}
\newcommand{\fmmdglossBS}{\glossary{name={backward~search},description={
Failure analysis where the start points are system level failure/symptom and the results are lower level putative causes.
Sometimes termed `top~down'}}}
\newcommand{\fmmdglossINHIBIT}{\glossary{name={inhibit},description={
A guard on a process such that if a condition is not met, the process may not continue}}}
\newcommand{\fmmdglossSIGPATH}{\glossary{name={signal~path},description={
The components (software or hardware) and connections from whi particular signal or value is derived from in a system}}}
\newcommand{\fmmdglossRD}{\glossary{name={reasoning~distance},description={
A reasoning distance is the number of stages of logic and reasoning,
counted by the number of components examined, used to map a failure cause to its potential outcomes}}}
\newcommand{\fmmdglossOBS}{\glossary{name={observability}, description={
If a failure mode cannot be detected it is termed unobservable or undetectable}}}
\newcommand{\fmmdglossSMARTINSTRUMENT}{\glossary{name={smart~instrument}, description={
A smart instrument is one that uses software
@ -121,7 +175,7 @@ analogue electronics only~\cite{smart_instruments_1514209}.}}}
\newcommand{\fmmdglossCONTRACTPROG}{\glossary{name={contract~programming}, description={
A software discipline whereby each function is assigned strict pre and post conditions
which define a formalised `contract' for how the function should behave.}}}
which define a formalised `contract' the function's behaviour}}}
%
%\newcommand{\fmmdglossRD}{\glossary{name={reasoning~distance}{yahda yahda ya}}}
@ -131,21 +185,27 @@ Failure Mode Modular De-Composition (FMMD). A bottom-up methodology for incremen
failure mode models, using a procedure taking functional groups of components and creating
derived components representing them, and in turn using the
derived components to create higher level functional groups, and so on,
that are used to build a hierarchical failure mode model of a system}}}
%that are used to build a
building a hierarchical failure mode model}}} % of a system}}}
\newcommand{\fmodegloss}{\glossary{name={failure mode},description={The way in which a failure occurs.
\newcommand{\fmodegloss}{\glossary{name={failure mode},description={ % The way in which a failure occurs.
A component or sub-system may fail in a number of ways, and each of these is a
failure mode of the component or sub-system.}}}
failure mode of that particular component type}}}
\newcommand{\fmeagloss}{\glossary{name={FMEA}, description={
Failure Mode and Effects analysis (FMEA) is a process where each failure mode of components in a given system,
is analysed to determine system level failures/symptoms.}}}
Failure Mode and Effects analysis (FMEA) is a process where each
{\bc} failure mode in a given system
is analysed to determine system level failures/symptoms}}}
\newcommand{\frategloss}{\glossary{name={failure rate}, description={
The number of failures within a population (of size N), divided by N over a given time interval}}}
\newcommand{\pecgloss}{\glossary{name={PEC},description={A Programmable Electronic controller,
will typically consist of sensors and actuators interfaced electronically, with some firmware/software component in overall control}}}
The number of failures expected over a given time interval}}}
\newcommand{\pecgloss}{\glossary{name={PEC},description={
A Programmable Electronic controller,
will typically consist of sensors and actuators interfaced electronically,
with some firmware/software component in overall control}}}
\usepackage{amsthm}