robin/Robin_PHD
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

..

Browse Source
This commit is contained in:
Robin Clark 2010-12-03 11:04:58 +00:00
parent aa9f6755f6
commit ba38bfe6c5
4 changed files with 190 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

207
fmmd_data_model/fmmd_data_model.tex
View File

@ -174,7 +174,7 @@ Graph (DAG).
% \label{fig:cfg2fmmd_data} % \label{fig:cfg2fmmd_data}
% \end{figure} % \end{figure}
\pagebreak[4] %\pagebreak[4]
\subsection{Find Failure Modes} \subsection{Find Failure Modes}
Consider the SYSTEM environment with its temperature range of ${{0}\oc}$ to ${{125}\oc}$. Consider the SYSTEM environment with its temperature range of ${{0}\oc}$ to ${{125}\oc}$.
@ -186,7 +186,7 @@ gives the following failure modes, $fm(K) =\{ K^0_a, K^0_b, K^0_d \}$.
Were our system specified for a ${{0}\oc}$ to ${{80}\oc}$ range Were our system specified for a ${{0}\oc}$ to ${{80}\oc}$ range
we could say $fm(K) =\{ K^0_a, K^0_b \}$. we could say $fm(K) =\{ K^0_a, K^0_b \}$.
\pagebreak[3] %\pagebreak[3]
\paragraph{Get the failure modes from the functional groups.} \paragraph{Get the failure modes from the functional groups.}
Applying the function $fm$ to our functional groups, with the SYSTEM environmental Applying the function $fm$ to our functional groups, with the SYSTEM environmental
constraint applied to component type `K', yields constraint applied to component type `K', yields
@ -408,7 +408,7 @@ We can represent $ C^1_1 $ as an addition to the DAG (see figure \ref{fig:dag1})
\label{fig:dag1} \label{fig:dag1}
\end{figure} \end{figure}
\clearpage %n\clearpage
\subsection{ Creating Derived components from $FG^0_2$ and $FG^0_3$ } \subsection{ Creating Derived components from $FG^0_2$ and $FG^0_3$ }
Applying the FMMD process for $FG^0_2$ and $FG^0_3$. Applying the FMMD process for $FG^0_2$ and $FG^0_3$.
@ -703,10 +703,10 @@ This is shown in the DAG in figure \ref{fig:dag3}.
\clearpage %\clearpage
%\pagebreak[4] %\pagebreak[4]
\subsection{Using Derived Components in Functional Groups} \subsection{Using Derived Components in Functional Groups}
\label{dagexample}
The DAG we have in figure \ref{fig:dag3} does not yet give us SYSTEM or `top~level' The DAG we have in figure \ref{fig:dag3} does not yet give us SYSTEM or `top~level'
failure modes. failure modes.
We can apply $fm$ to the derived components and We can apply $fm$ to the derived components and
@ -976,22 +976,24 @@ at low temperatures.
What we have is an inhibit condition, in this case the temperature What we have is an inhibit condition, in this case the temperature
being in range makes the particular failure mode impossible. being in range makes the particular failure mode impossible.
%[regular polygon,regular polygon sides=9]
\begin{figure} \begin{figure}
\centering \centering
\begin{tikzpicture}[shorten >=1pt,->,draw=black!50, node distance=\layersep] \begin{tikzpicture}[shorten >=1pt,->,draw=black!50, node distance=\layersep]
\tikzstyle{every pin edge}=[<-,shorten <=1pt] \tikzstyle{every pin edge}=[<-,shorten <=1pt]
\tikzstyle{fmmde}=[circle,fill=black!25,minimum size=17pt,inner sep=0pt] \tikzstyle{fmmde}=[circle,fill=black!25,minimum size=17pt,inner sep=0pt]
\tikzstyle{fmmdi}=[rectangle,fill=black!25,minimum size=17pt,inner sep=0pt] \tikzstyle{fmmdi}=[regular polygon,regular polygon sides=6,fill=black!25,minimum size=17pt,inner sep=0pt]
%\tikzstyle{fmmdi}=[rectangle,fill=black!25,minimum size=17pt,inner sep=0pt]
\tikzstyle{component}=[fmmde, fill=green!50]; \tikzstyle{component}=[fmmde, fill=green!50];
\tikzstyle{failure}=[fmmde, fill=red!50]; \tikzstyle{failure}=[fmmde, fill=red!50];
\tikzstyle{symptom}=[fmmde, fill=blue!50]; \tikzstyle{symptom}=[fmmde, fill=blue!50];
\tikzstyle{inhibit}=[fmmdi, fill=grey!20]; \tikzstyle{inhibit}=[fmmdi, fill=black!20];
\tikzstyle{conjunction}=[fmmde, fill=red!20]; \tikzstyle{conjunction}=[fmmde, fill=red!20];
\tikzstyle{annot} = [text width=4em, text centered] \tikzstyle{annot} = [text width=4em, text centered]
\node[component] (C-1) at (0,-2) {$C^0_1$}; \node[component] (C-1) at (0,-2) {$C^0_1$};
\node[fmmdi] (I-1) at (\layersep,-2) {$ > 80\oc$}; \node[inhibit] (I-1) at (\layersep,-2) {$ > 80\oc$};
\path (C-1) edge (I-1); \path (C-1) edge (I-1);
\node[failure] (f) at (\layersep*2,-2) {$a$}; \node[failure] (f) at (\layersep*2,-2) {$a$};
\path (I-1) edge (f); \path (I-1) edge (f);
@ -1004,7 +1006,7 @@ being in range makes the particular failure mode impossible.
\subsection{Conjunction} \subsection{Conjunction}
Failure conjuction is simply considering, at the {\fg} analysis stage Failure conjunction is simply considering, at the {\fg} analysis stage
the possibility of two components failing within the same timeframe. the possibility of two components failing within the same timeframe.
We could for instance, looking at a fuel train to a burner/chemical~reactor; We could for instance, looking at a fuel train to a burner/chemical~reactor;
consider both shutoff valves failing at the same time. consider both shutoff valves failing at the same time.
@ -1044,8 +1046,8 @@ simultaneous failures may have to be considered \cite{en298}.
\end{tikzpicture} \end{tikzpicture}
% End of code % End of code
\caption{DAG representing conjuction condition on failure modes $a \wedge b \wedge c$} \caption{DAG representing conjunction condition on failure modes $a \wedge b \wedge c$}
\label{fig:dagconjuction} \label{fig:dagconjunction}
\end{figure} \end{figure}
\subsection{Failure Mode Conjuction Conditions represented in the DAG} \subsection{Failure Mode Conjuction Conditions represented in the DAG}
@ -1096,20 +1098,185 @@ Show how FMMD makes this tracable
% clear the page if its a paper to keep the diagram out of the references % clear the page if its a paper to keep the diagram out of the references
\ifthenelse {\boolean{paper}} \ifthenelse {\boolean{paper}}
{ {
\clearpage %\clearpage
} }
{ {
} }
\section{Current Static Failure Mode Methodologies} \pagebreak[3]
\ifthenelse {\boolean{paper}} \section{Failure inhibition and conjunction}
{
paper \subsection{Inhibition}
} Failure inhibition is where a failure can only become active given a pre-condition.
{ A component suseptible to a given temperature range
chapter making a failure mode a possibility is an inhibit condition.
}
For instance in electronics, a semi-conductor may begin to
fail at an eleveted temperature range.
Or in mechanical engineering a rubber seal may become brittle and leak
at low temperatures.
What we have is an inhibit condition, in this case the temperature
being in range makes the particular failure mode impossible.
The component $K$ in the DAG example (see section \ref{dagexample}), has
a failure mode $d$ that is only present at an elevated temperature
range, and has been considered as a static failure possibility in that model.
Where dynamic modelling of environmental conditions is required, inhibit gates
need be used in the model.
Inhibit conditions are part of the FTA methodology.%\cite{nucfta}[IV-9].
To ensure that FMMD can produce FTA models, support for inhibit gates has been included.
Both the NASA \cite{nasafta} and the U.S. Nuclear regulatory commission\cite{nucfta}[IV-9] use
a hexagon as a symbol for an inhibit gate in thier FTA documentation. That notation has been carried forward into FMMD.
%[regular polygon,regular polygon sides=7]
% \begin{figure}
% \centering
% \begin{tikzpicture}[shorten >=1pt,->,draw=black!50, node distance=\layersep]
% \tikzstyle{every pin edge}=[<-,shorten <=1pt]
% \tikzstyle{fmmde}=[circle,fill=black!25,minimum size=17pt,inner sep=0pt]
% %\tikzstyle{fmmdi}=[rectangle,fill=black!25,minimum size=17pt,inner sep=0pt]
% \tikzstyle{fmmdi}=[regular polygon,regular polygon sides=6],fill=black!25,minimum size=17pt,inner sep=0pt]
% \tikzstyle{component}=[fmmde, fill=green!50];
% \tikzstyle{failure}=[fmmde, fill=red!50];
% \tikzstyle{symptom}=[fmmde, fill=blue!50];
% \tikzstyle{inhibit}=[fmmdi, fill=black!20];
% \tikzstyle{conjunction}=[fmmde, fill=red!20];
% \tikzstyle{annot} = [text width=4em, text centered]
%
% \node[component] (C-1) at (0,-2) {$C^0_1$};
% \node[fmmdi] (I-1) at (\layersep,-2) {$ > 80\oc$};
% \path (C-1) edge (I-1);
% \node[failure] (f) at (\layersep*2,-2) {$a$};
% \path (I-1) edge (f);
%
% \end{tikzpicture}
% % End of code
% \caption{DAG representing inhibit condition ($ > 80\oc$) on failure mode $a$}
% \label{fig:daginhibit}
%\end{figure}
We can also use a failure mode as an inhibit condition.
For instance if we have a failure mode $C^0_{1a}$ that when active
makes failure mode $C^0_{1b}$ possible we can link
them using an inhibit gate as shown in figure \ref{fig:inhibitf2}.
\begin{figure}
\centering
\begin{tikzpicture}[shorten >=1pt,->,draw=black!50, node distance=\layersep]
\tikzstyle{every pin edge}=[<-,shorten <=1pt]
\tikzstyle{fmmde}=[circle,fill=black!25,minimum size=17pt,inner sep=0pt]
%\tikzstyle{fmmdi}=[rectangle,fill=black!25,minimum size=17pt,inner sep=0pt]
\tikzstyle{fmmdi}=[regular polygon,regular polygon sides=6],fill=black!25,minimum size=17pt,inner sep=0pt]
\tikzstyle{component}=[fmmde, fill=green!50];
\tikzstyle{failure}=[fmmde, fill=red!50];
\tikzstyle{symptom}=[fmmde, fill=blue!50];
\tikzstyle{inhibit}=[fmmdi, fill=blue!20];
\tikzstyle{conjunction}=[fmmde, fill=red!20];
\tikzstyle{annot} = [text width=4em, text centered]
\node[component] (C-1) at (0,-2) {$C^0_1$};
\node[component] (C-2) at (0,-5) {$C^0_1$};
\node[failure] (c1a) at (\layersep*2,-2) {$a$};
\node[failure] (c2a) at (\layersep*2,-5) {$b$};
\node[failure] (c2b) at (\layersep*2,-4) {$a$};
\path (C-2) edge (c2a);
\path (C-2) edge (c2b);
\node[inhibit] (I-1) at (\layersep,-2) {Inhibit};
\path (C-1) edge (I-1);
\path (c2b) edge (I-1);
\path (I-1) edge (c1a);
\end{tikzpicture}
% End of code
\caption{DAG representing inhibit of failure mode $C_{2b}$ on another failure mode $C_{1a}$}
\label{fig:daginhibit2}
\end{figure}
\subsection{Conjunction}
Failure conjunction is simply considering, at the {\fg} analysis stage
the possibility of two components failing within the same timeframe.
We could for instance, looking at a fuel train to a burner/chemical~reactor;
consider both shutoff valves failing at the same time.
For high levels of safety or reliability, in critical sub-systems, all possible double
simultaneous failures may have to be considered \cite{en298}.
\begin{figure}
\centering
\begin{tikzpicture}[shorten >=1pt,->,draw=black!50, node distance=\layersep]
\tikzstyle{every pin edge}=[<-,shorten <=1pt]
\tikzstyle{fmmde}=[circle,fill=black!25,minimum size=17pt,inner sep=0pt]
%\tikzstyle{fmmdi}=[rectangle,fill=black!25,minimum size=17pt,inner sep=0pt]
\tikzstyle{fmmdi}=[regular polygon,regular polygon sides=6],fill=black!25,minimum size=17pt,inner sep=0pt]
\tikzstyle{component}=[fmmde, fill=green!50];
\tikzstyle{failure}=[fmmde, fill=red!50];
\tikzstyle{symptom}=[fmmde, fill=blue!50];
\tikzstyle{inhibit}=[fmmdi, fill=grey!40];
\tikzstyle{conjunction}=[fmmde, fill=red!40];
\tikzstyle{annot} = [text width=4em, text centered]
\node[component] (C-1) at (0,-2) {$C^0_1$};
\node[failure] (C-1a) at (\layersep,-1) {a};
\node[failure] (C-1b) at (\layersep,-2) {b};
\node[failure] (C-1c) at (\layersep,-3) {c};
\path (C-1) edge (C-1a);
\path (C-1) edge (C-1b);
\path (C-1) edge (C-1c);
\node[conjunction, right of=C-1b] (CJ) {$\&$};
\path (C-1a) edge (CJ);
\path (C-1b) edge (CJ);
\path (C-1c) edge (CJ);
\end{tikzpicture}
% End of code
\caption{DAG representing conjunction condition on failure modes $a \wedge b \wedge c$}
\label{fig:dagconjunction}
\end{figure}
\subsection{Failure Mode Conjuction Conditions represented in the DAG}
White filled node with an \& in it.
\subsection{Inhibit Conditions represented in the DAG}
Inhibit node type. Octagon (to follow example from FTA).
a -> OCT
inhibitcond--
%\section{Current Static Failure Mode Methodologies}
%\ifthenelse {\boolean{paper}}
%{
%paper
%}
%{
%chapter
%}

1
fmmd_data_model/paper.tex
View File

@ -7,6 +7,7 @@
\input{../style} \input{../style}
\usepackage{ifthen} \usepackage{ifthen}
\usepackage{lastpage} \usepackage{lastpage}
\usetikzlibrary{shapes,snakes}
\newboolean{paper} \newboolean{paper}
\setboolean{paper}{true} % boolvar=true or false \setboolean{paper}{true} % boolvar=true or false

2
fmmd_design_aide/fmmd_design_aide.tex
View File

@ -77,7 +77,7 @@ The `undetectable' failure modes undertsandably, are the most worrying for the s
EN61058, the statistically based European Norm, using ratios EN61058, the statistically based European Norm, using ratios
of detected and undetected system failure modes to of detected and undetected system failure modes to
classify the sytems safety levels and describes sub-clasifications classify the sytems safety levels and describes sub-clasifications
for detected and undetected failure modes \cite{EN61508}. for detected and undetected failure modes \cite{en61508}.
%It is these that are, generally the ones that stand out as single %It is these that are, generally the ones that stand out as single
%failure modes. %failure modes.

1
thesis.tex
View File

@ -3,6 +3,7 @@
\usepackage{graphicx} \usepackage{graphicx}
\usepackage{fancyhdr} \usepackage{fancyhdr}
\usepackage{tikz} \usepackage{tikz}
\usetikzlibrary{shapes,snakes}
\usepackage{subfigure} \usepackage{subfigure}
\usepackage{amsfonts,amsmath,amsthm} \usepackage{amsfonts,amsmath,amsthm}
\usepackage{algorithm} \usepackage{algorithm}