robin/Robin_PHD
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Forgot to commit last night

Browse Source
This commit is contained in:
Your Name 2012-04-17 09:46:28 +01:00
parent a05887fd0e
commit 8dff718d03
1 changed files with 19 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
papers/software_fmea/software_fmea.tex
View File

@ -139,8 +139,8 @@ component failure modes on a system.
It is used both as a design tool (to determine weaknesses), and is a requirement of certification of safety critical products. It is used both as a design tool (to determine weaknesses), and is a requirement of certification of safety critical products.
FMEA has been successfully applied to mechanical, electrical and hybrid electro-mechanical systems. FMEA has been successfully applied to mechanical, electrical and hybrid electro-mechanical systems.
Work on software FMEA is beginning, but Work on software FMEA (SFMEA) is beginning, but
at present no technique for software FMEA that at present no technique for SFMEA that
integrates hardware and software models known to the authors exists. integrates hardware and software models known to the authors exists.
% %
Software generally, sits on top of most modern safety critical control systems Software generally, sits on top of most modern safety critical control systems
@ -149,7 +149,8 @@ Currently standards that demand FMEA for hardware (e.g. EN298, EN61508),
do not specify it for Software, but instead specify, good practise, do not specify it for Software, but instead specify, good practise,
review processes and language feature constraints. review processes and language feature constraints.
This is a weakness; where FMEA scientifically traces component {\fms} This is a weakness; where FMEA % scientifically
traces component {\fms}
to resultant system failures, software has been left in a non-analytical to resultant system failures, software has been left in a non-analytical
limbo of best practises and constraints. limbo of best practises and constraints.
% %
@ -163,6 +164,7 @@ This paper presents an FMEA methodology which can be applied to software, and is
and integrate-able with FMEA performed on mechanical and electronic systems. and integrate-able with FMEA performed on mechanical and electronic systems.
} }
\today
\nocite{en298} \nocite{en298}
\nocite{en61508} \nocite{en61508}
@ -217,7 +219,7 @@ all the above variants of FMEA.
\subsection{Current work on Software FMEA} \subsection{Current work on Software FMEA}
Work on software FMEA usually does not seek to integrate Work on SFMEA usually does not seek to integrate
hardware and software models, but to perform hardware and software models, but to perform
FMEA on the software in isolation~\cite{procsfmea}. FMEA on the software in isolation~\cite{procsfmea}.
Some work has been performed using databases Some work has been performed using databases
@ -227,7 +229,10 @@ introduce automation into the FMEA process~\cite{appswfmea} and code analysis
automation~\cite{modelsfmea}. Although the SFMEA and hardware FMEAs are performed separately automation~\cite{modelsfmea}. Although the SFMEA and hardware FMEAs are performed separately
some schools of thought aim for FTA~\cite{nasafta}~\cite{nucfta} (top down - deductive) and FMEA (bottom-up inductive) some schools of thought aim for FTA~\cite{nasafta}~\cite{nucfta} (top down - deductive) and FMEA (bottom-up inductive)
to be performed on the same system to provide insight into the to be performed on the same system to provide insight into the
software hardware/interface~\cite{embedsfmea}. software hardware/interface~\cite{embedsfmea}, although this
would give a better picture of the failure mode behaviour, it
is by no means a rigorous approach to tracing errors that may occur in hardware
through the top (and therfore untimately controlling) layer of software.
\subsection{Current FMEA techniques are not suitable for software} \subsection{Current FMEA techniques are not suitable for software}
@ -459,7 +464,7 @@ and to outputs (where they can be considered {failure symptoms} in FMMD terminol
For the purpose of example, we chose a simple common safety critical industrial circuit For the purpose of example, we chose a simple common safety critical industrial circuit
that is nearly always used in conjunction with a programmatic element. that is nearly always used in conjunction with a programmatic element.
A common method for delivering a quantitative value in analogue electronics is A common method for delivering a quantitative value in analogue electronics is
to supply a current signal to represent the value to be sent~\cite{aoe}[p.849]. to supply a current signal to represent the value to be sent~\cite{aoe}[p.934].
Usually, $4mA$ represents a zero or starting value and $20mA$ represents the full scale, Usually, $4mA$ represents a zero or starting value and $20mA$ represents the full scale,
and this is referred to as {\ft} signalling. and this is referred to as {\ft} signalling.
% %
@ -954,14 +959,14 @@ of this paper.
\paragraph{Future work} %\paragraph{Future work}
\begin{itemize} %\begin{itemize}
\item A complete software/electrical/mechanical system analysed % %\item A complete software/electrical/mechanical system analysed
\item % \item
\item % \item
\end{itemize} % \end{itemize}
%\today % %\today
% % %
{ %\tiny % { %\tiny %
\footnotesize \footnotesize
\bibliographystyle{plain} \bibliographystyle{plain}