Night time edit
This commit is contained in:
parent
ae4f384f06
commit
ce15cb51bd
@ -80,27 +80,30 @@ It has a common notation for mechanical, electronic and software domains and is
|
||||
These properties provide advantages in rigour and efficiency when compared to current methodologies.
|
||||
}
|
||||
|
||||
\section{Introduction}
|
||||
|
||||
This paper describes and criticises the four current failure mode methodologies,
|
||||
discusses their advantages and deficiencies and defines a desirable criteria list
|
||||
for an ideal static failure mode methodology.
|
||||
\paragraph{Introduction}
|
||||
{
|
||||
This paper describes and appraises four current failure mode methodologies.
|
||||
Their advantages and deficiencies are discussed and a desirable criteria list
|
||||
for an `ideal' static failure mode methodology is developed.
|
||||
A new proposed
|
||||
methodology is then described and discussed. A worked example is then provided, which models the failure mode
|
||||
behaviour of a non inverting op-amp.
|
||||
Using the worked example the new methodology is evaluated.
|
||||
|
||||
methodology is then described.% and discussed.
|
||||
A worked example is then presented, using the new methodology, which models the failure mode
|
||||
behaviour of a non inverting op-amp circuit.
|
||||
Using the worked example the new methodology is evaluated.
|
||||
Finally the desirable criteria list is presented as a check box table alongside
|
||||
the four current methodologies.
|
||||
}
|
||||
|
||||
\paragraph{Current methodologies}
|
||||
|
||||
We briefly analyse the four current methodologies.
|
||||
We briefly analyse four current methodologies.
|
||||
Comprehensive overviews of these methodologies maybe found
|
||||
in ~\cite{safeware,sccs}.
|
||||
|
||||
\paragraph{Fault Tree Analysis (FTA)}
|
||||
|
||||
FTA~\cite{nucfta,nasafta} is a top down methodology in which a hierarchical diagram is drawn for
|
||||
each undesirable top level failure, presenting the conditions that must arise to cause
|
||||
each undesirable top level failure/event, presenting the conditions that must arise to cause
|
||||
the event.
|
||||
%
|
||||
It is suitable for large complicated systems with few undesirable top
|
||||
@ -117,18 +120,19 @@ and there is no facility to cross check between diagrams. It has limited
|
||||
support for environmental and operational states.
|
||||
|
||||
|
||||
\paragraph{Fault Mode Effects Analysis FMEA)} is used principally in manufacturing.
|
||||
\paragraph{Fault Mode Effects Analysis (FMEA)} is used principally to determine system reliability.
|
||||
It is bottom up and starts with component failure modes, which
|
||||
lead to top level failure/events.
|
||||
Each top level failure is assessed by its cost to repair and its estimated frequency.%, using a
|
||||
Each top level failure is assessed by its cost to repair (or perceived criticality) and its estimated frequency. %, using a
|
||||
%failure mode ratio.
|
||||
A list of failures according to their cost to repair~\cite{bfmea}, or effect on system reliability is then calculated.
|
||||
It is easy to identify single component failure to system failure scenarios
|
||||
and an estimate of product reliability can be calculated.
|
||||
%This can be viewed as a prioritised `to~fix' list.
|
||||
%
|
||||
It cannot focus on
|
||||
It cannot focus on complex
|
||||
component interactions that cause system failure modes or determine potential
|
||||
problems from simultaneous failure modes. It does not consider environmental
|
||||
problems from simultaneous failure modes. It does not consider changing environmental
|
||||
or operational states in sub-systems or components. It cannot model
|
||||
self-checking safety elements or other in-built safety features or
|
||||
analyse how particular components may fail.
|
||||
@ -309,9 +313,11 @@ for its results, such as error causation trees.%, reliability and safety statis
|
||||
|
||||
\section{The proposed Methodology}
|
||||
\label{fmmdproc}
|
||||
Any new static failure mode methodology must ensure that it
|
||||
represents all component failure modes and it therefore should be bottom-up,
|
||||
starting with individual component failure modes.
|
||||
% Any new static failure mode methodology must ensure that it
|
||||
% represents all component failure modes and it therefore should be bottom-up,
|
||||
% starting with individual component failure modes.
|
||||
To ensure all component failure modes are represented the new methodology must be bottom-up.
|
||||
%
|
||||
This seems essential to satisfy criteria 2.
|
||||
The proposed methodology is therefore a bottom-up process
|
||||
starting with base~components.
|
||||
@ -321,7 +327,7 @@ mechanical, electronic or software components,
|
||||
criteria 3 is satisfied.
|
||||
%
|
||||
In order to address the state explosion problem, the process must be modular
|
||||
and deal with small groups of components at a time, should address criteria 1.
|
||||
and deal with small groups of components at a time, this should address criteria 1.
|
||||
In the proposed methodology components are collected into functional groups
|
||||
and each component failure mode (and optionally combinations) are considered in the
|
||||
context of the {\fg}.
|
||||
@ -332,11 +338,11 @@ there will be a corresponding resultant failure, from the perspective of the {\f
|
||||
% MAYBE NEED TO DESCRIBE WHAT A SYMPTOM IS HERE
|
||||
%
|
||||
From the perspective of the {\fg} failures of components will be symptoms.
|
||||
It is proposed that many symptoms will be common. That is to say
|
||||
It is conjectured that many symptoms will be common. That is to say
|
||||
that component failure modes, will often cause the same symptoms of failure
|
||||
from the perspective of a {\fg}.
|
||||
%
|
||||
A common symptom collection stage is then applied. Here common symptoms are collected
|
||||
A common symptom collection stage is now applied. Here common symptoms are collected
|
||||
from the results of the test~cases. Because optional combinations of failures are possible,
|
||||
multiple failures can be modelled, satisfying criteria 6.
|
||||
%
|
||||
@ -477,9 +483,9 @@ in the potential divider, shown in figure \ref{fig:fg1}.
|
||||
|
||||
\ifthenelse {\boolean{dag}}
|
||||
{
|
||||
Modelling this as a functional group, we can draw this as a directed graph
|
||||
failure modes, taken from the components R1 and R2,
|
||||
in the potential divider, shown in figure \ref{fig:fg1dag}.
|
||||
Modelling this as a functional group, we can draw a directed graph
|
||||
of failure modes, starting from the components R1 and R2,
|
||||
in the potential divider, as shown in figure \ref{fig:fg1dag}.
|
||||
\begin{figure}
|
||||
\centering
|
||||
\begin{tikzpicture}[shorten >=1pt,->,draw=black!50, node distance=\layersep]
|
||||
@ -525,7 +531,7 @@ in the potential divider, shown in figure \ref{fig:fg1dag}.
|
||||
{
|
||||
}
|
||||
|
||||
We can now look at each of these base component failure modes,
|
||||
We shall now look at each of these base component failure modes,
|
||||
and determine how they will affect the operation of the potential divider.
|
||||
%Each failure mode scenario we look at will be given a test case number,
|
||||
%which is represented on the diagram, with an asterisk marking
|
||||
@ -559,7 +565,7 @@ on the potential dividers' operation. For instance
|
||||
were the resistor $R_1$ to go open, the circuit would not be grounded and the
|
||||
voltage output from it would be high (+ve).
|
||||
This would mean the symptom of the failed potential divider, would be that it
|
||||
gives an output high voltage reading.%We can now consider the {\fg}
|
||||
gives a high voltage output.%We can now consider the {\fg}
|
||||
%as a component in its own right, and its symptoms as its failure modes.
|
||||
|
||||
From table \ref{pdfmea} we can see that resistor
|
||||
@ -672,8 +678,8 @@ We can use the symbol $\bowtie$ to represent taking the analysed
|
||||
\ifthenelse {\boolean{dag}}
|
||||
{
|
||||
We can now represent the potential divider as a {\dc}.
|
||||
Because we have its symptoms or failure mode behaviour,
|
||||
we can treat these as the failure modes of a a new {\dc}.
|
||||
Because we have its symptoms (or failure mode behaviour),
|
||||
we can treat these as the failure modes of a new {\dc}.
|
||||
We can represent this as a DAG (see figure \ref{fig:dc1dag}).
|
||||
|
||||
\begin{figure}[h+]
|
||||
@ -700,8 +706,10 @@ We can represent this as a DAG (see figure \ref{fig:dc1dag}).
|
||||
}
|
||||
|
||||
|
||||
Because the derived component is defined by its failure modes and
|
||||
the functional group used to derive it, we can use it
|
||||
The derived component is defined by its failure modes and
|
||||
the functional group used to derive it.
|
||||
%We can consider this an an orthogonal WHAT???? Group ???? Collection ????
|
||||
We now have a {\dc} model for a generic potential divider, and can use it
|
||||
as a building block for other {\fgs} in the same way as we used the base components $R1$ and $R2$.
|
||||
|
||||
%\clearpage
|
||||
@ -765,9 +773,9 @@ We can represent these failure modes on a DAG (see figure~\ref{fig:op1dag}).
|
||||
%\clearpage
|
||||
|
||||
\paragraph{Modelling the OP amp with the potential divider.}
|
||||
We can now consider bringing the OP amp and the potential divider components to
|
||||
form a {\fg} to represent the non inverting amplifier. We have the failure modes of the {\fg} for the potential divider,
|
||||
so we do not need to go back and consider the individual resistor failure modes that define its behaviour.
|
||||
We can now consider merging the OP amp and the potential divider, to
|
||||
form a {\fg} to represent the non inverting amplifier. We have the failure modes of the {\dc} for the potential divider,
|
||||
so we do not need to go back and consider the individual resistor failure modes that defined its behaviour.
|
||||
\ifthenelse {\boolean{pld}}
|
||||
{
|
||||
We can make a new functional group to represent the amplifier, by bringing the component \textbf{opamp}
|
||||
@ -1078,9 +1086,9 @@ base component failures from eight to three failure symptoms.
|
||||
%
|
||||
In general,
|
||||
because symptoms are collected, we can state
|
||||
the the number of failure symptoms for a {\fg} will be less then or equal to the number
|
||||
the the number of failure symptoms for a {\fg} will be less than or equal to the number
|
||||
of component failures. In practise the number of symptoms is usually around half the
|
||||
number of component failure modes, at each stage of FMMD analysis.
|
||||
number of component failure modes, for each stage of FMMD analysis.
|
||||
|
||||
|
||||
|
||||
@ -1127,9 +1135,9 @@ This allows causation trees \cite{sccs} or, minimal cut sets~\cite{nasafta}[Ch.1
|
||||
to be determined by traversing the DAG from top level events down to their causes.
|
||||
|
||||
|
||||
\item{ It should be capable of producing reliability and danger evaluation statistics.}
|
||||
The minimal cuts sets for the SYSTEM level failures can have computed MTTF
|
||||
and danger evaluation statistics sourced from the component failure mode statistics~\cite{fmd91,mil1991}.
|
||||
% \item{ It should be capable of producing reliability and danger evaluation statistics.}
|
||||
% The minimal cuts sets for the SYSTEM level failures can have computed MTTF
|
||||
% and danger evaluation statistics sourced from the component failure mode statistics~\cite{fmd91,mil1991}.
|
||||
|
||||
% \item{ It should be easy to use, ideally
|
||||
% using a graphical syntax (as opposed to a formal mathematical one).}
|
||||
@ -1174,7 +1182,9 @@ FMMD is based on generic failure modes, so it is not constrained to a
|
||||
particular field. It can be applied to mechanical, electrical or software domains.
|
||||
It can therefore be used to analyse systems comprised of electrical,
|
||||
mechanical and software elements in one integrated model.
|
||||
|
||||
Furthermore the reasoning path is traceable. By being able to trace a
|
||||
top level event down through derived components, to base component
|
||||
failure modes, with each step annotated as test cases, the model is easier to maintain.
|
||||
|
||||
{ %\tiny
|
||||
\begin{table}[ht]
|
||||
|
||||
Loading…
Reference in New Issue
Block a user