From 70103f5ee9d2e46e2c8ab73d4f9abf46ce0a27c4 Mon Sep 17 00:00:00 2001 From: Robin Date: Sun, 25 Apr 2010 12:54:28 +0100 Subject: [PATCH] 25APR2010 --- introduction/introduction.tex | 38 ++++++++++++++++++++++++++++++----- 1 file changed, 33 insertions(+), 5 deletions(-) diff --git a/introduction/introduction.tex b/introduction/introduction.tex index 2ba8a7a..2120c07 100644 --- a/introduction/introduction.tex +++ b/introduction/introduction.tex @@ -76,12 +76,40 @@ was going to be impractical. To do this with complete coverage each component failure mode would have to have been checked against the other thousand or so components for influence, and then a determination of the effects on the system would have had to have been -determined. Thus millions of checks would have to have been performed, and +made. Thus millions of checks would have to have been performed, and as FMEA is an `expert only' time consuming technique, this idea was -obviously impractical. - - - +obviously impractical. Note that most of the checks made would be redundant. +Most components affect the performance of a few that they are placed to work with +to perform some particular low-level function. +\paragraph{Top down Approach} +A top down approach has several potential problems. +By its nature it means that at the start of the process +a set of system or top level faults or undesireable outcomes are defined. +It then must break the system down into modules and +decide which of these can contribute to a system level fault mode. +Potentially failure modes, be they from components or the interaction +betweem modules can be missed. A disturbing example of this +is the NASA space shuttle in 1986, which missed the fault mode of an O +ring. +\paragraph{Bottom-up Approach} +A bottom-up approach look impractical at first due to the shear number +of component failure modes in a typical system. However +were this bottom-up approach to be modular +we can reduce the +, and built into a hierachy +of modules rising up until all components are covered, we +can model an entire complex system. +This is the core concept behind this study. +By working from the bottom up, at the lowest level taking the +smallest functional~groups of components +and analysing these, we can obtain a set of failure modes +for the functional~groups. We can then treat these +as `higher level' components and combine them +to form new `functional~groups'. +In this way all failure modes from all components must be at the very least considered. +Also a hierarchy is formed when the top level errors are formed +naturally from the lower levels of analysis. +Unlike a top~down analysis, we cannot miss a top level fault condition. \section{Safety Critical Systems}