From 8dff718d0372c42f7f6b1d2a2f0c0d91147f8164 Mon Sep 17 00:00:00 2001 From: Your Name Date: Tue, 17 Apr 2012 09:46:28 +0100 Subject: [PATCH] Forgot to commit last night --- papers/software_fmea/software_fmea.tex | 33 +++++++++++++++----------- 1 file changed, 19 insertions(+), 14 deletions(-) diff --git a/papers/software_fmea/software_fmea.tex b/papers/software_fmea/software_fmea.tex index 54fd28e..22815dd 100644 --- a/papers/software_fmea/software_fmea.tex +++ b/papers/software_fmea/software_fmea.tex @@ -139,8 +139,8 @@ component failure modes on a system. It is used both as a design tool (to determine weaknesses), and is a requirement of certification of safety critical products. FMEA has been successfully applied to mechanical, electrical and hybrid electro-mechanical systems. -Work on software FMEA is beginning, but -at present no technique for software FMEA that +Work on software FMEA (SFMEA) is beginning, but +at present no technique for SFMEA that integrates hardware and software models known to the authors exists. % Software generally, sits on top of most modern safety critical control systems @@ -149,7 +149,8 @@ Currently standards that demand FMEA for hardware (e.g. EN298, EN61508), do not specify it for Software, but instead specify, good practise, review processes and language feature constraints. -This is a weakness; where FMEA scientifically traces component {\fms} +This is a weakness; where FMEA % scientifically +traces component {\fms} to resultant system failures, software has been left in a non-analytical limbo of best practises and constraints. % @@ -163,6 +164,7 @@ This paper presents an FMEA methodology which can be applied to software, and is and integrate-able with FMEA performed on mechanical and electronic systems. } +\today \nocite{en298} \nocite{en61508} @@ -217,7 +219,7 @@ all the above variants of FMEA. \subsection{Current work on Software FMEA} -Work on software FMEA usually does not seek to integrate +Work on SFMEA usually does not seek to integrate hardware and software models, but to perform FMEA on the software in isolation~\cite{procsfmea}. Some work has been performed using databases @@ -227,7 +229,10 @@ introduce automation into the FMEA process~\cite{appswfmea} and code analysis automation~\cite{modelsfmea}. Although the SFMEA and hardware FMEAs are performed separately some schools of thought aim for FTA~\cite{nasafta}~\cite{nucfta} (top down - deductive) and FMEA (bottom-up inductive) to be performed on the same system to provide insight into the -software hardware/interface~\cite{embedsfmea}. +software hardware/interface~\cite{embedsfmea}, although this +would give a better picture of the failure mode behaviour, it +is by no means a rigorous approach to tracing errors that may occur in hardware +through the top (and therfore untimately controlling) layer of software. \subsection{Current FMEA techniques are not suitable for software} @@ -459,7 +464,7 @@ and to outputs (where they can be considered {failure symptoms} in FMMD terminol For the purpose of example, we chose a simple common safety critical industrial circuit that is nearly always used in conjunction with a programmatic element. A common method for delivering a quantitative value in analogue electronics is -to supply a current signal to represent the value to be sent~\cite{aoe}[p.849]. +to supply a current signal to represent the value to be sent~\cite{aoe}[p.934]. Usually, $4mA$ represents a zero or starting value and $20mA$ represents the full scale, and this is referred to as {\ft} signalling. % @@ -954,14 +959,14 @@ of this paper. -\paragraph{Future work} -\begin{itemize} -\item A complete software/electrical/mechanical system analysed -\item -\item -\end{itemize} -%\today -% +%\paragraph{Future work} +%\begin{itemize} +% %\item A complete software/electrical/mechanical system analysed +% \item +% \item +% \end{itemize} +% %\today +% % { %\tiny % \footnotesize \bibliographystyle{plain}