Merge branch 'master' of dev:/home/robin/git/thesis

Conflicts:
	submission_thesis/CH2_FMEA/copy.tex
	submission_thesis/CH3_FMEA_criticism/copy.tex

mybib.bib

@@ -1,5 +1,61 @@
+@INPROCEEDINGS{probfmea_4338247,
+author={Grunske, Lars and Colvin, R. and Winter, K.},
+booktitle={Quantitative Evaluation of Systems, 2007. QEST 2007. Fourth International Conference on the}, title={Probabilistic Model-Checking Support for FMEA},
+year={Sept.},
+pages={119-128},
+keywords={fault diagnosis;formal verification;probability;system monitoring;effect analysis;failure mode;probabilistic fault injection;probabilistic model checking;Accidents;Australia;Cause effect analysis;Failure analysis;Hazards;Information analysis;Information technology;Probability;Risk analysis;Safety;Failure Mode;Probabilistic Model Checking;System Safety;and Effect Analysis},
+doi={10.1109/QEST.2007.18},}
 
 
+@article{parnas1991assessment,
+  title={Assessment of safety-critical software in nuclear power plants.},
+  author={Parnas, David Lorge and Asmis, GJK and Madey, Jan},
+  journal={Nuclear safety},
+  volume={32},
+  number={2},
+  pages={189--198},
+  year={1991}
+}
+
+@incollection{bishopsmartinstruments,
+year={2010},
+isbn={978-3-642-15650-2},
+booktitle={Computer Safety, Reliability, and Security},
+volume={6351},
+series={Lecture Notes in Computer Science},
+editor={Schoitsch, Erwin},
+doi={10.1007/978-3-642-15651-9_18},
+title={Overcoming Non-determinism in Testing Smart Devices: A Case Study},
+url={http://dx.doi.org/10.1007/978-3-642-15651-9_18},
+publisher={Springer Berlin Heidelberg},
+keywords={testing; non-determinism; smart instruments; safety},
+author={Bishop, Peter and Cyra, Lukasz},
+pages={237-250}
+}
+
+@incollection{swassessment,
+year={2010},
+isbn={978-1-84996-085-4},
+booktitle={Making Systems Safer},
+editor={Dale, Chris and Anderson, Tom},
+doi={10.1007/978-1-84996-086-1_4},
+title={Safety and Assurance Cases: Past, Present and Possible Future – an Adelard Perspective},
+url={http://dx.doi.org/10.1007/978-1-84996-086-1_4},
+publisher={Springer London},
+author={Bloomfield, Robin and Bishop, Peter},
+pages={51-67},
+language={English}
+}
+
+@INPROCEEDINGS{smart_instruments_1514209,
+	author={Nobes, T.S.},
+	booktitle={Is Your Product Safe? - IEE Seminar on (Ref. No. 2004/10724)}, title={Functional safety of smart instruments - a user perspective},
+	year={Sept.},
+	pages={67-87},
+	keywords={digital instrumentation;firmware;microprocessor chips;safety systems;smart cards;firmware;functional safety;microprocessors;nuclear industry;process instruments;safety instrumented systems;smart instruments},
+	doi={10.1049/ic:20040542},
+	ISSN={0537-9989},}
+
 @INPROCEEDINGS{bayesfrequentist, 
 	author={Lyons, Loius.}, 
 	booktitle={Contenporary Physics: Bayes and Frequentism, A paticle physicists perspective},

submission_thesis/CH2_FMEA/copy.tex

@@ -615,6 +615,20 @@ because we can usually find Mean Time to Failure (MTTF) statistics~\cite{fmd91,m
 Also, used in the design phase of a project, FMEA is a useful tool
 for discovering potential  failure scenarios~\cite{1778436820050601}.
 %
+From a whole system perspective, we may find that {\bc} {\fms}
+may have more than one possible system event associated with them.
+Often there will be a clear one to one mapping, but 
+probabilities to failure (as used in FMECA)
+could mean one to many.% mapping.
+%
+We could represent a failure mode and its possible outcomes using a Markov chain~\cite{probfmea_4338247}.
+%
+Where multiple simultaneous\footnote{Multiple simultaneous failures are taken to mean failures that occur within the same detection period.} 
+failure modes are considered this complicates
+the statistical nature of the Markov chain, cause effect model.
+%
+What we in fact get is the merging, or local interaction of two Markov chains
+for our cause effect model.
 % Subject Object Wiki answers : Best Answer
 %It is not grammar or vocabulary. It is a philosophical reference.
 %The dichotomy is the surrounding view of self that we act out of. It is often learned with language and not taught [like the alphabet and numbers are taught] in early life through language and the forming of distinctions.
@@ -635,8 +649,14 @@ the subjective sense can we determine its meaning and/or severity.
 It is worth remembering that
 failure mode analysis performed on the leaks possible from the O ring on the space shuttle
 did not link this failure to the catastrophic failure of the spacecraft~\cite{challenger,sanjeev}.
+%
 This was not a failure in the objective reasoning, but more of the subjective, or the context in which the leak occurred.
 %
+What this means is that for an objectively calculated failure mode outcome, we may have
+more than one subjective outcome definition for it.
+
+\paragraph{Multiple Simultaneous Failure Modes}
+%
 FMEA is less useful for determining events for multiple 
 simultaneous 
 failures\footnote{Multiple simultaneous failures are taken to mean failures that occur within the same detection period.}. 
@@ -644,8 +664,13 @@ failures\footnote{Multiple simultaneous failures are taken to mean failures that
 Work has been performed using component failure statistics to
 offer the more likely multiple failures~\cite{FMEAmultiple653556} for analysis.
 %
+We now compound the multiple symptoms from one {\bc} {\fm} possibility
+with the merging of Markov chains.
 %
-This is because with the additional complication of having to change between these two modes of thinking, it becomes more difficult to 
+So for multiple failures we have the objective criteria complicated, and the subjective
+adds another layer of complication.
+%
+Also with the additional complication of having to change between these two modes of thinking, it becomes more difficult to 
 get a balance between subjective and objective perspectives.
 
 %subjective/objective become more cluttered when there are multiple possibilities

submission_thesis/CH3_FMEA_criticism/copy.tex

@@ -76,7 +76,7 @@ Traditional FMEA deals only with electrical and mechanical components, i.e. it d
 Modern control systems nearly always have a significant software/firmware element,
 and not being able to model software with current FMEA methodologies 
 is a cause for criticism~\cite{safeware}[Ch.12]. Similar difficulties in integrating mechanical and electronic/software
-failure models are discussed in ~\cite{SMR:SMR580}.
+failure models are discussed in ~\cite{SMR:SMR580,swassessment}.
 
 
 \paragraph{Current work on Software FMEA}
@@ -105,7 +105,7 @@ through to the top (and therefore ultimately controlling) layer of software.
 %% AWE --- Atomic Weapons Establishment have this problem....
 A smart instrument is defined as one that uses a micro-processor and software 
 in conjunction with its sensing electronics, rather than
-analogue electronics only.
+analogue electronics only~\cite{smart_instruments_1514209}.
 %
 It is termed `smart' because it has some software, or intelligence incorporated into it.
 %
@@ -118,8 +118,9 @@ with firmware to read the user controls, and display results on an LCD.
 For quality control, many safety critical processes require regular inspections
 and measurements of physical characteristics of materials and machinery.
 %
-For highly critical systems i.e. the nuclear industry, the instruments used to perform these measurements, must be analysed for
-FMEA, to ensure that failure modes within the instrument cannot lead to invalid measurements.
+For highly critical systems i.e. the nuclear industry~\cite{parnas1991assessment}, 
+the instruments used to perform these measurements, must be analysed using traditional assessment (which entails
+FMEA), to ensure that failure modes within the instrument cannot lead to invalid measurements.
 %
 Some work has been performed to offer black~box---or functional testing---of these instruments instead of 
 static analysis~\cite{Bishop:2010:ONT:1886301.1886325}. 
@@ -136,6 +137,12 @@ While noting that being more modern, these instruments are likely to be more rel
 accurate than the analogue instruments in use some twenty years ago but this cannot be validated 
 to a high level of reliability. This remains an unsolved problem for the industries dealing with highly safety critical
 systems. %by traditional FMEA.
+%to a high level of reliability by traditional FMEA.
+%
+Currently the only way that some smart~instruments have been permitted for
+use in highly critical systems is the have the extensively
+functionally tested~\cite{bishopsmartinstruments}.
+%>>>>>>> 1b3d54f0ec2963017e98c4cdadc9a72a8bac911a
 
 \subsection{Distributed real time systems}
 
@@ -247,7 +254,7 @@ software hardware/interface~\cite{embedsfmea}.
 Although this
 would give a better picture of the failure mode behaviour, it
 is by no means a rigorous approach to tracing errors that may occur in hardware
-through to the top (and therefore ultimately controlling) layer of software.
+through to the top (and therefore ultimately controlling) layer of software~\cite{swassessment}.
 
 \paragraph{Current FMEA techniques are not suitable for software}
 

submission_thesis/Makefile

@@ -9,9 +9,10 @@ thesis:
 	acroread thesis.pdf || evince thesis.pdf
 
 clean:
-	#touch ${CHAPTERS}
 	rm thesis.pdf
-	rm ${CHAPTERS}
+	rm -rf  thesis.aux  thesis.blg  thesis.glo  thesis.ist  thesis.lof  thesis.lot  \
+		thesis.pdf  thesis.tex~ thesis.toc thesis.bbl  thesis.glg  thesis.gls  \
+		thesis.loa  thesis.log  thesis.out  thesis.tex.backup
 
 bib:
 	pdflatex thesis # do this first otherwise bibtex gets its knickers in a twist