diff --git a/submission_thesis/CH4_FMMD/Makefile b/submission_thesis/CH4_FMMD/Makefile index d8c8515..b92da04 100644 --- a/submission_thesis/CH4_FMMD/Makefile +++ b/submission_thesis/CH4_FMMD/Makefile @@ -1,6 +1,6 @@ -PNG_DIA = cfg2.png cfg.png compco2.png compco3.png compco.png component.png componentpl.png fmmd_uml2.png fmmd_uml.png partitioncfm.png master_uml.png top_down_de_comp.png dc1.png dc2.png +PNG_DIA = cfg2.png cfg.png compco2.png compco3.png compco.png component.png componentpl.png fmmd_uml2.png fmmd_uml.png partitioncfm.png master_uml.png top_down_de_comp.png dc1.png dc2.png eulerfmmd.png %.png:%.dia diff --git a/submission_thesis/CH4_FMMD/copy.tex b/submission_thesis/CH4_FMMD/copy.tex index ec78c0e..368fe8c 100644 --- a/submission_thesis/CH4_FMMD/copy.tex +++ b/submission_thesis/CH4_FMMD/copy.tex @@ -52,13 +52,29 @@ \section{Introduction} This chapter -considers %starts with %an overview of current failure modelling techniques, and then +starts with %starts with %an overview of current failure modelling techniques, and then a worked example to introduce % using the new methodology, Failure Mode Modular De-composition (FMMD). This is followed by a discussion on the design of the FMMD methodology and then a %an ontological description using UML class models. + +% This chapter defines the FMMD process and related concepts and calculations. +FMMD is in essence modularised FMEA. Rather than taking each component failure mode +and extrapolating top level or system failure symptoms from it, +small groups of components are collected into {\fgs} and analysed, +and then {\dcs} are used to represent the {\fgs}. +These {\dcs} are used to then build further {\fgs} until a hierarchy of {\fgs} +and {\dcs} has been built, converging to a final {\dc} +at the top of the hierarchy. +% +Or in other words we take the traditional FMEA process, and modularise it. +We break down each stage of reasoning +into small manageable groups, and use the results of those groups, as {\dcs} +to build higher level groups. +% %This has advantages of concentrating +% %effort in where modules interact, %A notation is then described to index and classify objects created in FMMD hierarchical models. @@ -453,11 +469,9 @@ description using UML class models. -To demonstrate the principles behind FMMD, we use it to analyse a +To demonstrate the principles of FMMD, we use it to analyse a commonly used circuit, the non-inverting op amp~\cite{aoe}[p.234], shown in figure \ref{fig:noninvamp}. - - - +% \begin{figure}[h+] \centering %\includegraphics[width=100pt,keepaspectratio=true]{../../noninvopamp/noninv.png} @@ -466,21 +480,22 @@ commonly used circuit, the non-inverting op amp~\cite{aoe}[p.234], shown in fig \caption{Standard non inverting amplifier configuration} \label{fig:noninvamp} \end{figure} - - - +% The function of the resistors in this circuit is to set the amplifier gain. -They operate as a potential divider\footnote{The resistors act as a potential divider assuming the op-amp has high impedance.} +They operate as a potential divider, the resistors act as a potential divider assuming the op-amp has high impedance, and program the inverting input on the op-amp to balance them against the positive input, giving the voltage gain ($G_v$) defined by $ G_v = 1 + \frac{R2}{R1} $ at the output. -\subsection{Potential Divider.} +\paragraph{Potential Divider.} \label{subsec:potdiv} As the resistors work to provide a specific function, that of a potential divider, we can treat them as a collection of components with a specific functionality---which can be termed a `{\fg}'. This {\fg} has two members, $R1$ and $R2$. +Taken as an entity the potential divider can be viewed as a {\dc}. +That is to say we can treat the potential divider, comprised of two resistors +to act as a component. % Using the EN298 specification for resistor failure~\cite{en298}[App.A], we can assign failure modes of $OPEN$ and $SHORT$ to the resistors individually (assignment of failure modes @@ -507,7 +522,7 @@ We represent a resistor and its failure modes as a directed acyclic graph (DAG) \label{fig:rdag} \end{figure} -Thus $R1$ has failure modes $\{R1\_OPEN, R1\_SHORT\}$ and $R2$ has failure modes $\{R2\_OPEN, R2\_SHORT\}$. +Thus $R1$ has failure modes $\{R1_{OPEN}, R1_{SHORT}\}$ and $R2$ has failure modes $\{R2_{OPEN}, R2_{SHORT}\}$. % We look at each of these base component failure modes, and determine how they affect the operation of the potential divider. @@ -522,7 +537,11 @@ Each {\fc} is analysed to determine the `symptom' of the potential dividers' operation. For instance if resistor $R_1$ were to become open, then the potential~divider would not be grounded and the voltage output from it would float high (+ve). -This would mean the symptom of the failed potential divider would be voltage high output. %We can now consider the {\fg} +This would mean the symptom of the failed potential divider would be voltage high output. +% +The failure symptom of a high potential divider output is termed `HighPD', and +for it outputing a low voltage `LowPD'. % Andrew asked for this to be defined before the table. ... +%We can now consider the {\fg} %as a component in its own right, and its symptoms as its failure modes. { \small @@ -531,8 +550,8 @@ This would mean the symptom of the failed potential divider would be voltage hig \centering % used for centering table \begin{tabular}{||l|c|c|l||} \hline \hline - \textbf{Fault} & \textbf{Pot.Div} & \textbf{Symptom} \\ - \textbf{Scenario} & \textbf{Effect} & \textbf{Description} \\ + \textbf{Fault} & \textbf{Pot.Div} & \textbf{Derived Component} \\ % \textbf{Symptom} \\ + \textbf{Mode} & \textbf{Effect} & \textbf{Failure modes} \\ %\textbf{Description} \\ % R & wire & res + & res - & description \hline \hline @@ -547,17 +566,22 @@ This would mean the symptom of the failed potential divider would be voltage hig } -\vbox{ +%\vbox{ From table \ref{tbl:pdfmea} we can see that the resistor -failures modes lead to some common symptoms. -These common symptoms are an important concept for FMMD. -It means that we can take multiple failure modes from a {\fg} and resolve them -to a a common symptom. This means that we simplify the FMEA analysis task for further stages. -By drawing directed edges from the failure modes to the symptoms, -we can show the relationships between the component failure modes and resultant symptoms. +failures modes lead to some common symptoms of failure from the perspective of the {\fg}. +%YOU FUCKING CUNTS, TELL ME TO USE THE TERM SYMPTOM AND THEN TELL ME TO FUCKING REMOVE IT A YEAR LATER> CUNTS +%symptoms. +These common symptoms of failure are an important concept for FMMD. +It means that we can take multiple failure modes from {\fgs} components and resolve them +to failure modes of the {\fg}. +% +This means that we simplify the FMEA analysis task for further stages. +By drawing directed edges from the failure modes to the {\dc} failure modes, % symptoms, +we show the relationships between the component failure modes and +{\dc} failure modes. % resultant symptoms. %The {\fg} can now be considered a derived component. This is represented in the DAG in figure \ref{fig:fg1adag}. -} +%} \begin{figure}[h] \centering @@ -569,14 +593,14 @@ This is represented in the DAG in figure \ref{fig:fg1adag}. \tikzstyle{symptom}=[fmmde, fill=blue!50]; \tikzstyle{annot} = [text width=4em, text centered] - \node[component] (R1) at (0,-0.7) {$R_1$}; - \node[component] (R2) at (0,-1.9) {$R_2$}; + \node[component] (R1) at (0,-1.0) {$R_1$}; + \node[component] (R2) at (0,-3.0) {$R_2$}; - \node[failure] (R1SHORT) at (\layersep,-0) {$R1_{Sh}$}; - \node[failure] (R1OPEN) at (\layersep,-1.1) {$R1_{Op}$}; + \node[failure] (R1SHORT) at (\layersep,-0) {$R1_{SHORT}$}; + \node[failure] (R1OPEN) at (\layersep,-1.8) {$R1_{OPEN}$}; - \node[failure] (R2SHORT) at (\layersep,-2.4) {$R2_{Sh}$}; - \node[failure] (R2OPEN) at (\layersep,-3.7) {$R2_{Op}$}; + \node[failure] (R2SHORT) at (\layersep,-3.4) {$R2_{SHORT}$}; + \node[failure] (R2OPEN) at (\layersep,-5.2) {$R2_{OPEN}$}; \path (R1) edge (R1SHORT); \path (R1) edge (R1OPEN); @@ -586,8 +610,8 @@ This is represented in the DAG in figure \ref{fig:fg1adag}. % Potential divider failure modes % - \node[symptom] (PDHIGH) at (\layersep*2,-0.7) {$PD_{HIGH}$}; - \node[symptom] (PDLOW) at (\layersep*2,-2.2) {$PD_{LOW}$}; + \node[symptom] (PDHIGH) at (\layersep*2,-1.0) {$PD_{HIGH}$}; + \node[symptom] (PDLOW) at (\layersep*2,-3.0) {$PD_{LOW}$}; \path (R1OPEN) edge (PDHIGH); \path (R2SHORT) edge (PDHIGH); @@ -602,23 +626,25 @@ This is represented in the DAG in figure \ref{fig:fg1adag}. \end{figure} -We can now formulate a `derived component' to represent this potential divider: +We can now create % formulate +a `derived component' to represent this potential divider: we name this \textbf{PD}. This {\dc} will have two failure modes. We use the symbol $\derivec$ to represent the process of taking the analysed -{\fg} and creating from it a {\dc}. The creation of the {\dc} \textbf{PD} is -represented in figure~\ref{fig:dc1}. +{\fg} and creating from it a {\dc}. +%The creation of the {\dc} \textbf{PD} isrepresented in figure~\ref{fig:dc1}. We represent the {\dc} \textbf{PD}, as a DAG in figure \ref{fig:dc1dag}. %We could represent it algebraically thus: $ \derivec(PotDiv) = -\begin{figure}[h+] - \centering - \includegraphics[width=200pt,keepaspectratio=true]{./CH4_FMMD/dc1.png} %%% Where the f**king hell is this file ????? in an old paper even in the SYSSAFE2011 - % dc1.jpg: 430x619 pixel, 72dpi, 15.17x21.84 cm, bb=0 0 430 619 - \caption{From functional group to derived component} - \label{fig:dc1} -\end{figure} +% FUCKING HELL THIS IS REMOVED TOO : CUNTS +% \begin{figure}[h+] +% \centering +% \includegraphics[width=200pt,keepaspectratio=true]{./CH4_FMMD/dc1.png} %%% Where the f**king hell is this file ????? in an old paper even in the SYSSAFE2011 +% % dc1.jpg: 430x619 pixel, 72dpi, 15.17x21.84 cm, bb=0 0 430 619 +% \caption{From functional group to derived component} +% \label{fig:dc1} +% \end{figure} % We can now represent the potential divider as a {\dc}. @@ -641,7 +667,7 @@ We represent the {\dc} \textbf{PD}, as a DAG in figure \ref{fig:dc1dag}. \path (PD) edge (PDHIGH); \path (PD) edge (PDLOW); \end{tikzpicture} - \caption{DAG representing a Potential Divider (PD) its failure symptoms} + \caption{DAG representing the {\dc} Potential Divider (PD) and its failure modes.} \label{fig:dc1dag} \end{figure} @@ -698,7 +724,7 @@ We can represent these failure modes on a DAG (see figure~\ref{fig:op1dag}). %} %\clearpage %\paragraph{Modelling the OP amp with the potential divider.} -We now collect the OP amp and the {\dc} {\em PD}, to +We now collect the OP amp and the {\dc} {\em PD} to % andrew critised this sentence but it made sense to Chris and I form a {\fg} to represent the non-inverting amplifier. % %We have the failure modes of the {\dc} for the potential divider, @@ -708,8 +734,9 @@ form a {\fg} to represent the non-inverting amplifier. %by bringing together the failure modes from \textbf{opamp} and \textbf{PD}. % The two components in this new {\fg} have failure modes. -Each of these failure modes will be given a {\fc} for analysis, -and this is represented in table \ref{tbl:ampfmea1}. +%Each of these failure modes will be given a {\fc} for analysis, +%and this is represented in table \ref{tbl:ampfmea1}. +% CUNTS NOW I CANNOT USE THE TERM FAILURE SCENARIO---was first column of table below %\clearpage {\footnotesize @@ -718,13 +745,13 @@ and this is represented in table \ref{tbl:ampfmea1}. \centering % used for centering table \begin{tabular}{||l|c|c|l||} \hline \hline - \textbf{Fault} & \textbf{Amplifier} & \textbf{Symptom} \\ - \textbf{Scenario} & \textbf{Effect} & \textbf{Description} \\ + \textbf{Fault} & \textbf{Amplifier} & \textbf{Derived component} \\ %Symptom} \\ + \textbf{Mode} & \textbf{Effect} & \textbf{Failure Modes} \\ %Description} \\ % R & wire & res + & res - & description \hline \hline FS1: $OPAMP$ & Output & AMPHigh \\ - LatchUP & High & \\ \hline + LatchUP & High & \\ \hline FS2: $OPAMP$ & Output Low& AMPLow \\ LatchDown & Low gain & \\ \hline @@ -784,11 +811,11 @@ and this is represented in table \ref{tbl:ampfmea1}. \node[failure] (OPAMPNP) at (\layersep,-2.5) {noop}; \node[failure] (OPAMPLS) at (\layersep,-3.8) {lowslew}; - \node[failure] (R1SHORT) at (\layersep,-5.1) {$R1_{Sh}$}; - \node[failure] (R1OPEN) at (\layersep,-6.4) {$R1_{Op}$}; + \node[failure] (R1SHORT) at (\layersep,-5.1) {$R1_{SHORT}$}; + \node[failure] (R1OPEN) at (\layersep,-6.4) {$R1_{OPEN}$}; - \node[failure] (R2SHORT) at (\layersep,-7.7) {$R2_{Sh}$}; - \node[failure] (R2OPEN) at (\layersep,-9.0) {$R2_{Op}$}; + \node[failure] (R2SHORT) at (\layersep,-7.7) {$R2_{SHORT}$}; + \node[failure] (R2OPEN) at (\layersep,-9.0) {$R2_{OPEN}$}; @@ -876,31 +903,57 @@ and this is represented in table \ref{tbl:ampfmea1}. %amplification characteristics from FS2 and FS6 can be considered as low output from the OPAMP for the application %in hand (say milli-volt signal amplification). -For this amplifier configuration we have three failure modes; {\em AMP\_High, AMP\_Low, LowPass}. % see figure~\ref{fig:fgampb}. -This model now has two stages of analysis hierarchy, as represented in figure~\ref{fig:dc2}. +% For this amplifier configuration we have three {\dc} failure modes; {\em AMP\_High, AMP\_Low, LowPass}. % see figure~\ref{fig:fgampb}. +% This model now has two stages of analysis hierarchy, +% as represented in figure~\ref{fig:dc2}. +% From the analysis in table \ref{tbl:ampfmea1} we can create the {\dc} {\em NONINVAMP}, which represents the failure mode behaviour of the non-inverting amplifier. +% \begin{figure}[h] +% \centering +% \includegraphics[width=225pt]{./CH4_FMMD/dc2.png} +% % dc2.png: 635x778 pixel, 72dpi, 22.40x27.45 cm, bb=0 0 635 778 +% \caption{Hierarchy representing the two stage FMMD analysis of the non-inverting amplifier} +% \label{fig:dc2} +% \end{figure} + + +We can represent the hierarchy as an Euler diagram as well, where the curves +define the components and {\dcs} used to form {\fgs}, see figure~\ref{fig:eulerfmmd}. + \begin{figure}[h] \centering - \includegraphics[width=225pt]{./CH4_FMMD/dc2.png} - % dc2.png: 635x778 pixel, 72dpi, 22.40x27.45 cm, bb=0 0 635 778 - \caption{Hierarchy representing the two stage FMMD analysis of the non-inverting amplifier} - \label{fig:dc2} + \includegraphics[width=300pt]{./CH4_FMMD/eulerfmmd.png} + % eulerfmmd.png: 413x207 pixel, 72dpi, 14.57x7.30 cm, bb=0 0 413 207 + \caption{FMMD analysis of the INVAMP represented as an Euler diagram, showing the relationships between base and derived components.} + \label{fig:eulerfmmd} \end{figure} We can now examine the failure mode relationships in the {\dc} {\em INVAMP} by drawing it as a DAG. %expand the {\em PD} {\dc} and have a full FMMD failure %mode %model -We can traverse this DAG, tracing the top level symptoms down to the leaves of the tree (the leaves being {\bc} failure modes), +We can traverse this DAG, tracing the top level % symptoms +failure modes +down to the base component failure modes, %leaves of the tree (the leaves being {\bc} failure modes), and thus determine all possible causes for -the three high level symptoms, i.e. the failure~modes of the non-inverting amplifier {\em INVAMP}. +the three high level symptoms, i.e. the failure~modes of the non-inverting amplifier {\dc} {\em INVAMP}. Knowing all possible causes for a top level event/failure~mode -is extremely useful. Were the top level event to be classified as catastrophic for instance, we could use this information -to strengthen components that could cause the top level event/failure. +is extremely useful. Were the top level event to be classified as catastrophic for instance, +we could use this information +to strengthen components that could cause that particular top level event/failure. % -Figure \ref{fig:noninvdag1} shows a fully expanded DAG, from which we can derive information -to assist in building models for FTA, FMEA, FMECA and FMEDA failure mode analysis methodologies. +Figure \ref{fig:noninvdag1} shows a DAG, +from which we can trace top level failure modes to the base component failure modes +that can cause them. +That is to say that we can trace failure mode effects +from base component level to the top and vice versa. +% +Having a base component failure modes traceable to top event events, +provides a a failure mode model, from which +we can derive information +to assist in building models for FTA, FMEA, FMECA, FMEDA +and other failure mode analysis methodologies. @@ -961,7 +1014,7 @@ Base Component & An atomic building block used at the lowest level of an FMMD mo {\em Constraint} & This object must have a defined set of failure~modes. \\ \hline -Component & A building block, this may be a {\bc} or a {\dc} or manufacturers part. \\ +Component & A building block, this may be a {\bc} or a {\dc}. \\%or manufacturers part. \\ {\em Constraint} & This object must have a defined set of failure~modes. \\ \hline @@ -977,8 +1030,8 @@ Functional Grouping & A collection of components with a functional purpose. \\ \hline -Symptom & A failure symptom of a {\fg}, caused by % WHICH MUST BE UNIQUE AND SEPARATE WITHIN THE \fg - a combination of its component failure modes. \\ \hline +% Symptom & A failure symptom of a {\fg}, caused by % WHICH MUST BE UNIQUE AND SEPARATE WITHIN THE \fg +% a combination of its component failure modes. \\ \hline Derived Component & A theoretical component, created to represent the failure @@ -990,8 +1043,8 @@ Derived Component & A theoretical component, created to represent the failure Unitary State & A component with `unitary~state' failure modes, means that it cannot fail with more than one of its failure modes at a time.\\ \hline -Failure Scenario & A single failure mode (or a combination), used to - determine failure mode effects on a {\fg}. +% Failure Scenario & A single failure mode (or a combination), used to +% determine failure mode effects on a {\fg}. \\ \hline @@ -1009,18 +1062,19 @@ like an %integrated micro-controller/servo motor, or quite simple like the resistor. % We %can -identify a +usually identify a component by its name, a manufacturer's part number and perhaps -a vendor's reference number. - +a vendor's reference number. %In a controlled production evironment +% Geoffrey Hall, writing in Spacecraft Systems Engineering~\cite{scse}[p.619] defines a `part' thus ``{{Part(definition)}---The lowest level of assembly, beyond which further disassembly irrevocably destroys the item''. - -This definition of a `part' is useful, but consider parts, such as quad packaged op-amps. % -Here we have four op-amps on one chip. For FMEA we would consider each op-amp in the package -as a separate building block for a circuit. +This definition of a `part' is useful, but consider parts, such as quad packaged op-amps: +% +in this case, we have four op-amps on one chip. For FMEA we would consider each op-amp in the package +as a separate building block for a circuit. For FMMD each of these four op-amps +in the chip would be considered to be a separate {\bc}. % CAN WE FIND SUPPORT FOR THIS IN LITERATURE??? % We, in fact, need to go a little further than the above definition of a part, @@ -1035,7 +1089,7 @@ Both op-amps and transistors have published statistical failure rates and yet an However, a circuit designer would usually consider individual transistors and individual op-amps as lowest level building blocks. % -In fact any component with published failure modes could be considered to be a {\bc}, +In fact any lowest level building block with published failure modes could be considered to be a {\bc}, but this determination is the choice of the analyst, which may be influenced by the particular standard~\cite{en298}~\cite{en61508} %~\cite{en230} to which we are approving/analysing a system. @@ -1051,9 +1105,9 @@ to which we are approving/analysing a system. %000000elpful here to define the terms, `system', `functional~group', `component', `base~component', `symptom' and `derived~component/sub-system'. %These are listed in table~\ref{tab:symexdef}. -A system, is any coherent entity that would be sold as a product. % safety critical product. +A system, is any coherent piece of equipment that performs a given task. % safety critical product. % -A component is a system that is a part of some larger system. +A component can be viewed as a sub-system that is a part of some larger system. % A modular system common to many homes is the sound separates audio system or stereo hi-fi. % @@ -1079,14 +1133,14 @@ for each `component'. % If we look at the sound system example, the CD~player could fail in several distinct ways, -and this could have been caused by a number of {\textbf{the CD players internal}} component failure modes. +and this could have been caused by a number of {{the CD players internal}} component failure modes. %no matter what has happened to it or has gone wrong inside it. % Using the reasoning that working from the bottom up forces the consideration of all possible component failures (which can be missed in a top~down approach \cite{faa}[Ch.9]), -we are presented with a problem. Which initial collections of base components should we choose? +we are presented with a problem: which initial collections of base components should we choose? % -For instance in the CD~player example; if we start at the bottom, we are presented with +For instance in the CD~player example, if we start at the bottom, we are presented with a massive list of base~components, resistors, motors, user~switches, laser~diodes, etc. Clearly, working from the bottom~up, we need to pick small collections of components that work together in some way. @@ -1161,7 +1215,8 @@ Currently, failure mode information is generally only available for generic com %What components all have in common is that they can fail, and fail in a % number of well defined ways. For common {\bcs} -there is established literature for the failure modes for the system designer to consider (often with accompanying statistical +there is established literature for the failure modes for the system designer to consider +(often with accompanying statistical failure rates)~\cite{mil1991,en298,fmd91}. % For instance, a simple resistor is generally considered @@ -1330,11 +1385,14 @@ A flat set is a set containing just the failure modes and not sets of failure mo %In practical term each component failure mode is considered as a `failure~scenario' or 'test~case' %for the {\fg}. % -Each of these failure modes, and optionally combinations of them, are -formed into failure~scenarios which are +Each of these failure modes %, and optionally combinations of them, are +%formed into failure~scenarios which +are analysed for their effect on the failure mode behaviour of the `{\fg}'. % Once we have the failure mode behaviour of the {\fg}, we can determine its symptoms of failure. +%, +%or the failure modes of the {\dc}. %for the {\fg}. % We view these symptoms as derived failure modes of the {\fg}. diff --git a/submission_thesis/CH4_FMMD/eulerfmmd.dia b/submission_thesis/CH4_FMMD/eulerfmmd.dia new file mode 100644 index 0000000..83d61dd Binary files /dev/null and b/submission_thesis/CH4_FMMD/eulerfmmd.dia differ