diff --git a/presentations/fmea/fmea_pres.tex b/presentations/fmea/fmea_pres.tex index de28066..7c6aa5f 100644 --- a/presentations/fmea/fmea_pres.tex +++ b/presentations/fmea/fmea_pres.tex @@ -131,41 +131,6 @@ double failure scenarios (for burner lock-out scenarios). \end{frame} -\section{FMEA used for Saftey Critical Aprovals} -\begin{frame} -\frametitle{Safety Critical Approvals FMEA} -Experts from Approval House and Equipement Manufacturer -discuss selected component failure modes -judged to be in critical sections of the product. - - -\begin{figure}[h] - \centering - \includegraphics[width=100pt,keepaspectratio=true]{./tech_meeting.png} - % tech_meeting.png: 350x299 pixel, 300dpi, 2.97x2.53 cm, bb=0 0 84 72 - \caption{FMEA Meeting} - \label{fig:tech_meeting} -\end{figure} -\end{frame} - -\begin{frame} -\frametitle{Safety Critical Approvals FMEA} - -\begin{figure}[h] - \centering - \includegraphics[width=70pt,keepaspectratio=true]{./tech_meeting.png} - % tech_meeting.png: 350x299 pixel, 300dpi, 2.97x2.53 cm, bb=0 0 84 72 - \caption{FMEA Meeting} - \label{fig:tech_meeting} -\end{figure} - -\begin{itemize} - \pause \item Impossible to look at all component failures let alone apply FMEA rigorously. - \pause \item In practise, failure scenarios for critical sections are contested, and either justified or extra safety measures implemented. - \pause \item Meeting notes or minutes only. -\end{itemize} - -\end{frame} \section{PFMEA - Production FMEA : 1940's to present} @@ -345,6 +310,7 @@ if it can be shown that selfchecking will detect failure modes. \end{frame} \begin{frame} +\frametitle{ FMEDA - Failure Modes Effects and Diagnostic Analysis} Failure modes are classified as Safe or Dangerous according to the putative system level failure they will cause. The Failure modes are also classified as Detected or @@ -356,6 +322,7 @@ is represented by lambda variables (i.e. $\lambda_{SD}$, $\lambda_{SU}$, $\lambda_{DD}$, $\lambda_{DU}$). \end{frame} \begin{frame} +\frametitle{ FMEDA - Failure Modes Effects and Diagnostic Analysis} \textbf{Diagnostic Coverage.} The diagnostic coverage is simply the ratio of the dangerous detected probabilities @@ -369,6 +336,7 @@ $$ DiagnosticCoverage = \Sigma\lambda_{DD} / \Sigma\lambda_D $$ \begin{frame} +\frametitle{ FMEDA - Failure Modes Effects and Diagnostic Analysis} The diagnostic coverage for safe failures, where $\Sigma\lambda_{SD}$ represents the percentage of safe detected base component failure modes, and $\Sigma\lambda_S$ the total number of safe base component failure modes, @@ -388,9 +356,49 @@ $$ SFF = \big( \Sigma\lambda_S + \Sigma\lambda_{DD} \big) / \big( \Sigma\lambda_ \end{frame} \begin{frame} +\frametitle{ FMEDA - Failure Modes Effects and Diagnostic Analysis} SIL Levels are how they are calculated \end{frame} + + +\section{FMEA used for Safety Critical Approvals} + +\begin{frame} +\frametitle{Safety Critical Approvals FMEA} +Experts from Approval House and Equipment Manufacturer +discuss selected component failure modes +judged to be in critical sections of the product. + + +\begin{figure}[h] + \centering + \includegraphics[width=100pt,keepaspectratio=true]{./tech_meeting.png} + % tech_meeting.png: 350x299 pixel, 300dpi, 2.97x2.53 cm, bb=0 0 84 72 + \caption{FMEA Meeting} + \label{fig:tech_meeting} +\end{figure} +\end{frame} + +\begin{frame} +\frametitle{Safety Critical Approvals FMEA} + +\begin{figure}[h] + \centering + \includegraphics[width=70pt,keepaspectratio=true]{./tech_meeting.png} + % tech_meeting.png: 350x299 pixel, 300dpi, 2.97x2.53 cm, bb=0 0 84 72 + \caption{FMEA Meeting} + \label{fig:tech_meeting} +\end{figure} + +\begin{itemize} + \pause \item Impossible to look at all component failures let alone apply FMEA rigorously. + \pause \item In practise, failure scenarios for critical sections are contested, and either justified or extra safety measures implemented. + \pause \item Meeting notes or minutes only. +\end{itemize} + +\end{frame} + \section{FMEA - General Criticism} \begin{frame} \frametitle{FMEA - General Criticism} @@ -402,42 +410,60 @@ $$ SFF = \big( \Sigma\lambda_S + \Sigma\lambda_{DD} \big) / \big( \Sigma\lambda_ \pause \item FMEA type methodologies were designed for simple electro-mechanical systems of the 1940's to 1960's. \end{itemize} -FMEDA is a modern extension of FMEA, in that it will allow for -self checking features, and provides detailed recommendations for computer/software architecture, -but +%FMEDA is a modern extension of FMEA, in that it will allow for +%self checking features, and provides detailed recommendations for computer/software architecture, +%but \end{frame} +\begin{frame} +\frametitle{FMEA - Better Metodology - Wish List} +\begin{itemize} + + \pause \item State explosion + \pause \item Rigorous + \pause \item Reasoning Traceable + \pause \item re-useable + \pause \item +\end{itemize} + +%FMEDA is a modern extension of FMEA, in that it will allow for +%self checking features, and provides detailed recommendations for computer/software architecture, +%but + +\end{frame} \section{Failure Mode Modular De-Composition} -\subsection{FMEA and complexity of each failure scenario analysis} \begin{frame} -Consider the FMEA type methodologies -where we look at all the failure modes in a system, and then -see how they can affect all other components within it, -to determine its system level symptom or failure mode. -We need to look at a large number of failure scenarios -to do this completely (all failure modes against all components). -This is represented in equation~\ref{eqn:fmea_state_exp}, -where $N$ is the total number of components in the system, and -$cfm$ is the number of failure modes per component. - -\begin{equation} - \label{eqn:fmea_state_exp} - N.(N-1).cfm % \\ - %(N^2 - N).cfm -\end{equation} +% Consider the FMEA type methodologies +% where we look at all the failure modes in a system, and then +% see how they can affect all other components within it, +% to determine its system level symptom or failure mode. +% We need to look at a large number of failure scenarios +% to do this completely (all failure modes against all components). +% This is represented in equation~\ref{eqn:fmea_state_exp}, +% where $N$ is the total number of components in the system, and +% $cfm$ is the number of failure modes per component. +% +% \begin{equation} +% \label{eqn:fmea_state_exp} +% N.(N-1).cfm % \\ +% %(N^2 - N).cfm +% \end{equation} The FMMD methodology breaks the analysis down into small stages, -by making the analyst choose functional groups, and then when analysed the groups -are treated as components to be used for a higher stage. -This is designed to address the state explosion (where $O$ is order +by making the analyst choose functional groups of components, which are then when analysed. +When analysed, we will have a set of symptoms of failure for the functional group. +We can then create a derived~component, +to represent the functional group. +We can use derived components to form `higher~level' functional groups. +This addresses the state explosion (where $O$ is order of complexity) $O=N^2$ inherent in equation~\ref{eqn:fmea_state_exp}. \end{frame} - +\begin{frame} We can view the functional groups in FMMD as forming a hierarchy. If for the sake of example we consider each functional group to be three components, figure~\ref{fig:three_tree} shows @@ -451,7 +477,7 @@ how the levels work and converge to a top or system level. \label{fig:three_tree} \end{figure} -\clearpage +\end{frame} We can represent the number of failure scenarios to check in an FMMD hierarchy with equation~\ref{eqn:anscen}. @@ -498,7 +524,7 @@ group is the same for equation~\ref{eqn:fmea_state_exp22} and equation~\ref{eqn:anscen}. \clearpage -\section{Example} +%\section{Example} To see the effects of reducing `state~explosion' we need to look at a larger system. Let us take a system with 3 levels and apply these formulae.