From 9a2b15345d1a96059cd291ef6dddb2c04e841f30 Mon Sep 17 00:00:00 2001 From: Robin Clark Date: Tue, 19 Jun 2012 17:59:20 +0100 Subject: [PATCH] JMC proof read --- .../fmmd_software_hardware/software_fmmd.tex | 23 +++++++++++-------- 1 file changed, 13 insertions(+), 10 deletions(-) diff --git a/papers/fmmd_software_hardware/software_fmmd.tex b/papers/fmmd_software_hardware/software_fmmd.tex index 97742aa..b86975a 100644 --- a/papers/fmmd_software_hardware/software_fmmd.tex +++ b/papers/fmmd_software_hardware/software_fmmd.tex @@ -101,7 +101,7 @@ failure mode of the component or sub-system}}} \setlength{\headsep}{0in} %\setlength{\textheight}{22cm} \setlength{\textwidth}{18cm} -\setlength{\textheight}{24.5cm} +\setlength{\textheight}{24.35cm} %\setlength{\textwidth}{20cm} \setlength{\oddsidemargin}{0in} \setlength{\evensidemargin}{0in} @@ -171,20 +171,23 @@ Currently standards that demand FMEA for hardware (e.g. EN298, EN61508), do not specify it for software, but instead specify, good practise, review processes and language feature constraints. % -This is a weakness +This is a weakness. Where FMEA % scientifically traces component {\fms} to resultant system failures, software has been left in a non-analytical limbo of best practises and constraints. % % If software and hardware integrated FMEA were possible, electro-mechanical-software hybrids could -be modelled; and could thus be `complete' failure mode models. +be modelled, and could thus be `complete' failure mode models. +% Failure modes in components in say a sensor, could be traced up through the electronics and then through the controlling software. +% Presently FMEA, stops at the glass ceiling of the computer program. +% This paper presents a modular variant of FMEA, Failure Mode Modular De-Composition (FMMD), a methodology which can be applied to software, and is compatible -and integrate-able with FMMD performed on mechanical and electronic systems. +and integrable with FMMD performed on mechanical and electronic systems. } %\today @@ -213,7 +216,7 @@ and unstructured non-functional languages}. %What FMEA is, briefly variants... -Failure Mode effects Analysis is the process of taking +Failure Mode Effects Analysis is the process of taking component failure modes, and by reasoning, tracing their effects through a system and determining what system level failure modes could be caused. % @@ -268,7 +271,7 @@ In a complicated system, mapping a component failure mode to a system level fail will mean a long reasoning distance; that is to say the actions of the failed component will have to be traced through several sub-systems and the effects of other components on the way. % -With software at the higher levels of these sub-systems +With software at the higher levels of these sub-systems, we have yet another layer of complication. % In order to integrate software, %in a meaningful way @@ -504,8 +507,8 @@ to supply a current signal to represent the value to be sent~\cite{aoe}[p.934]. Usually, $4mA$ represents a zero or starting value and $20mA$ represents the full scale, and this is referred to as {\ft} signalling. % -{\ft} has a an electrical advantage as well, because the current in a loop is constant~\cite{aoe}[p.20] -resistance in the wires between the source and the receiving end is not an issue +{\ft} has an electrical advantage as well, because the current in a loop is constant~\cite{aoe}[p.20]. +Thus resistance in the wires between the source and the receiving end is not an issue that can alter the accuracy of the signal. % This circuit has many advantages for safety. If the signal becomes disconnected @@ -646,7 +649,7 @@ double read_ADC( int channel ) { /* return out of range result */ /* if invalid channel selected */ - if ( channnel > ADC_CHAN_RANGE ) + if ( channel > ADC_CHAN_RANGE ) return -2.0; /* set the multiplexer to the desired channel */ ADCMUX = channel; @@ -964,7 +967,7 @@ of reasoning for each component failure mode. % % Part of the design philosophy of a {\ft} loop, is that % if anything goes wrong, we should be able to detect it. -% In fact unless all electrical elements in the loop +% In fact, unless all electrical elements in the loop % are in working order we will detect a failure in % the majority of cases. % \paragraph{Sending side of a {\ft} loop}