robin/Robin_PHD
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

got half way through WEEEEEEEEEEEE removal

Browse Source 
on CH5 and all the way through CH4. Very frustrating
and mind numbing excersize.
This commit is contained in:
Robin Clark 2013-09-12 06:22:02 +01:00
parent 36f4e4b8de
commit eb23af4c96
2 changed files with 240 additions and 719 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

365
submission_thesis/CH4_FMMD/copy.tex
View File

@ -32,7 +32,7 @@ work together to perform a simple function are chosen: these groups are termed `
%
The components to include in a {\fg} are chosen by hand.
%a human, the analyst.
%We can represent the `Functional~Group' as a class.
%piss can represent the `Functional~Group' as a class.
% When we have a
% {\fg} we can look at the components it contains,
% and from this determine the failure modes of all the components that belong to it.
@ -53,7 +53,7 @@ All the failure modes of all the components within a {\fg} are collected.
%has a set of failure modes associated with it,
%the {\fg} represents a set of sets of failure modes.
%
%We convert this
%piss convert this
%into a flat set
%of failure modes for use in analysis.
%
@ -94,18 +94,18 @@ with its own set of failure modes.
Because a {\dc} has a set of failure modes we can use it in higher level {\fgs}
which in turn produce higher level {\dcs}.
%
We can then use these {\dcs} to build further {\fgs} until a hierarchy of {\fgs}
These {\dcs} can be used to build further {\fgs} until a hierarchy of {\fgs}
and {\dcs} has been built, converging to a final {\dc}
at the top of the hierarchy.
%
The failure modes of the final or top {\dc}
are the failure modes of the system under investigation.
%
That is, we take the traditional FMEA process and modularise it from the bottom-up.
%We break down each stage of reasoning
That is, the traditional FMEA process has be taken and modularised from the bottom-up.
%piss break down each stage of reasoning
%into small manageable groups, and use the failure mode behaviour from them to create {\dcs}
%to build higher level groups.
In this way we can incrementally apply FMEA to an entire system. %, with documented reasoning stages.
In this way FMEA is applied incrementally to an entire system. %, with documented reasoning stages.
\fmmdglossDC
\fmmdgloss
%
@ -124,7 +124,7 @@ thus avoiding state explosion).
%%
%% GARK BEGIN
We demonstrate the principles of FMMD, by using it to analyse a
The principles of FMMD are demonstrated, by using it to analyse a
commonly used circuit, a non-inverting amplifier built from an op amp~\cite{aoe}[p.234] and
two resistors; a circuit schematic for this is shown in figure \ref{fig:noninvamp}.
%
@ -148,7 +148,7 @@ defined by $ G_v = 1 + \frac{R2}{R1} $ at the output.
\paragraph{Analysing the failure modes of the Potential Divider.}
\label{subsec:potdiv}
Since the resistors work to provide a clearly defined function, that of a potential divider,
we can treat them as a collection of components with a specific functionality---i.e. a `{\fg}'.
they can be treated as a collection of components with a specific functionality---i.e. a `{\fg}'.
This {\fg} has two members, $R1$ and $R2$.
%
The potential divider circuit can be considered as a component
@ -162,8 +162,8 @@ Using the EN298 specification for resistor failure~\cite{en298}[App.A],
we can assign failure modes of $OPEN$ and $SHORT$ to the resistors individually (assignment of failure modes
is discussed in more detail in section~\ref{sec:resistorfm}).
%
We represent a resistor and its failure modes as a directed acyclic graph (DAG)
(see figure \ref{fig:rdag}).
A resistor and its failure modes are represented as a directed acyclic graph (DAG)
in figure \ref{fig:rdag}.
\begin{figure}[h+]
\centering
\begin{tikzpicture}[shorten >=1pt,->,draw=black!50, node distance=\layersep]
@ -185,16 +185,16 @@ We represent a resistor and its failure modes as a directed acyclic graph (DAG)
Thus $R1$ has failure modes $\{R1_{OPEN}, R1_{SHORT}\}$ and $R2$ has failure modes $\{R2_{OPEN}, R2_{SHORT}\}$.
%
We look at each of these base component failure modes,
and determine how they affect the operation of the potential~divider.
Each of these base component failure modes are examined
to determine how they affect the operation of the potential~divider.
%Each failure mode scenario we look at will be given a test case number,
%which is represented on the diagram, with an asterisk marking
%which failure modes is modelling (see figure \ref{fig:fg1a}).
%
Each resistor failure mode is a potential {\fc} in the potential~divider.
%%For this example we look at single failure modes only.
For each failure mode in our {\fg}---potential~divider---we can assign a {\fc}
number (see table \ref{tbl:pdfmea}).
For each failure mode in this {\fg}---potential~divider---a {\fc}
number is assigned (see table \ref{tbl:pdfmea}).
%
Each {\fc} is analysed to determine %the symptom of
a failure in
@ -208,7 +208,7 @@ This would mean the resulting failure of the potential~divider would be voltage
%
The failure mode of a high potential~divider output is termed `HighPD', and
for it outputting a low voltage `LowPD'. % Andrew asked for this to be defined before the table. ...
%We can now consider the {\fg}
%piss can now consider the {\fg}
%as a component in its own right, and its symptoms as its failure modes.
%
{ \small
@ -239,28 +239,28 @@ for it outputting a low voltage `LowPD'. % Andrew asked for this to be defined b
}
%
%\vbox{
From table \ref{tbl:pdfmea} we can see that the resistor
From table \ref{tbl:pdfmea} it can be seen that the resistor
failures modes lead to some common symptoms of failure from the perspective of the {\fg}.
%YOU FIDDLINGING FITTAS, TELL ME TO USE THE TERM SYMPTOM AND THEN TELL ME TO FIDDLINGING REMOVE IT A YEAR LATER> FITTAS
%symptoms.
%These common symptoms of failure are an important concept for FMMD.
Notice the many to one mapping from {\bc} failure modes to {\dc} failure mode;
this is a typical effect of an FMMD analysis stage, and means that with each analysis stage we reduce
the number of failure modes to consider.
this is a typical effect of an FMMD analysis stage, and means that with each analysis stage
the number of failure modes to consider has been reduced.
%
%\fmmdglossDC
%This means that we can take multiple failure modes from {\fgs} components and resolve them
%to failure modes of the {\fg}.
%
%This means that
We thus simplify the FMMD analysis task for further stages.
The FMMD analysis task is therefore simplified for further stages.
%
By drawing vertices for failure modes, % symptoms,
and edges for the relationships between them
%component failure modes and
%{\dc} failure modes. % resultant symptoms.
%The {\fg} can now be considered a derived component.
we represent the analysis with the DAG in figure \ref{fig:fg1adag}.
analysis is represented by the DAG in figure \ref{fig:fg1adag}.
%}
%
\begin{figure}[h]
@ -305,17 +305,18 @@ we represent the analysis with the DAG in figure \ref{fig:fg1adag}.
\label{fig:fg1adag}
\end{figure}
%
We now have % can now create % formulate
a {\dc} to represent this potential divider:
we name this \textbf{PD}.
%piss now have % can now create % formulate
A {\dc} to represent this potential divider has been created :
this is named \textbf{PD}.
%
\fmmdglossDC
This {\dc} will have two failure modes, $HighPD$ and $LowPD$.
% HTR 05SEP2012 We use the symbol $\derivec$ to represent the process of taking the analysed
% HTR 05SEP2012 piss use the symbol $\derivec$ to represent the process of taking the analysed
% HTR 05SEP2012 {\fg} and creating from it a {\dc}.
% HTR 05SEP2012 The creation of the {\dc} \textbf{PD} is represented as a
% HTR 05SEP2012 hierarchy diagram in figure~\ref{fig:dc1}.
% HTR 05SEP2012 We represent the {\dc} \textbf{PD}, as a DAG in figure \ref{fig:dc1dag}.
%We could represent it algebraically thus: $ \derivec(PotDiv) =
% HTR 05SEP2012 piss represent the {\dc} \textbf{PD}, as a DAG in figure \ref{fig:dc1dag}.
%piss could represent it algebraically thus: $ \derivec(PotDiv) =
% FIDDLINGING OVERSATTNING THIS IS to be REMOVED TOO : FITTAS
% \begin{figure}[h+]
% \centering
@ -325,10 +326,10 @@ This {\dc} will have two failure modes, $HighPD$ and $LowPD$.
% manual process and from this the {\dc} is created.}
% \label{fig:dc1}
% \end{figure}
% We can now represent the potential divider as a {\dc}.
% piss can now represent the potential divider as a {\dc}.
% Because we have its symptoms (or failure mode behaviour),
% we can treat these as the failure modes of a new {\dc}.
% We can represent this as a DAG (see figure \ref{fig:dc1dag}).
% piss can represent this as a DAG (see figure \ref{fig:dc1dag}).
% \begin{figure}[h+]
% \centering
% \begin{tikzpicture}[shorten >=1pt,->,draw=black!50, node distance=\layersep]
@ -350,9 +351,9 @@ This {\dc} will have two failure modes, $HighPD$ and $LowPD$.
%
% The derived component is defined by its failure modes and
% the functional group used to derive it.
% %We can consider this an an orthogonal WHAT???? Group ???? Collection ????
We now have a {\dc} model for a generic potential divider, and can use it
as a building block for other {\fgs} in the same way as we used the base components $R1$ and $R2$.
% %piss can consider this an an orthogonal WHAT???? Group ???? Collection ????
With this {\dc} model for a generic potential divider, it can be used
as a building block for other {\fgs} in the same way the base components $R1$ and $R2$ were.
%
%\clearpage
%
@ -360,7 +361,9 @@ as a building block for other {\fgs} in the same way as we used the base compone
%
\label{sec:opamp_fms}
%\clearpage
Let us now consider the op-amp as a {\bc}. According to
Consider the op-amp as a {\bc}.
%
According to
FMD-91~\cite{fmd91}[3-116] an op amp may have the following failure modes %(with assigned probabilities):
latch-up (l\_up), where the output voltage is stuck at high , % (12.5\%),
latch-down (l\_dn), where the output voltage is stuck low, %(6\%),
@ -373,7 +376,7 @@ and low~slew~rate (lowslew) where the op-amp cannot react quickly to changes on
\fmodegloss
%
%\clearpage
We can represent these failure modes on a DAG (see figure~\ref{fig:op1dag}).
These op-amp failure modes are represented on the DAG in figure~\ref{fig:op1dag}.
\begin{figure}[h+]
\centering
\begin{tikzpicture}[shorten >=1pt,->,draw=black!50, node distance=\layersep]
@ -410,13 +413,13 @@ We can represent these failure modes on a DAG (see figure~\ref{fig:op1dag}).
The op-amp and the {\dc} {\em PD} now % andrew heavily critised this sentence but it made sense to Chris and I
form a {\fg} to model the failure mode behaviour of the non-inverting amplifier.
%
%We have the failure modes of the {\dc} for the potential divider,
%piss have the failure modes of the {\dc} for the potential divider,
%so we do not need to go back and consider the individual resistor failure modes that defined its behaviour.
%
%We can now create a {\fg} for the non-inverting amplifier
%piss can now create a {\fg} for the non-inverting amplifier
%by bringing together the failure modes from \textbf{opamp} and \textbf{PD}.
%
The two components in this new {\fg}, the op-amp and the {\dc} {\em PD} have failure modes, which we use
The two components in this new {\fg}, the op-amp and the {\dc} {\em PD} have failure modes, which are used
as {\fcs} in table~\ref{tbl:ampfmea1}.
%Each of these failure modes will be given a {\fc} for analysis,
%and this is represented in table \ref{tbl:ampfmea1}.
@ -596,11 +599,11 @@ as {\fcs} in table~\ref{tbl:ampfmea1}.
%amplification characteristics from FS2 and FS6 can be considered as low output from the OPAMP for the application
%in hand (say milli-volt signal amplification).
%
For this amplifier configuration we have three {\dc} failure modes; {\em AMP\_High, AMP\_Low, LowPass}. % see figure~\ref{fig:fgampb}.
For this amplifier configuration there are three {\dc} failure modes; {\em AMP\_High, AMP\_Low, LowPass}. % see figure~\ref{fig:fgampb}.
% HTR 05SEP2012
This model now has two stages of analysis, as represented in figure~\ref{fig:eulerfmmd}.
%
From the analysis in table \ref{tbl:ampfmea1} we can create the {\dc} {\em NONINVAMP}, which
From the analysis in table \ref{tbl:ampfmea1} the {\dc} {\em NONINVAMP} can be created, which
represents the failure mode behaviour of the non-inverting amplifier.
%
% HTR 05SEP2012 \begin{figure}[h]
@ -613,8 +616,8 @@ represents the failure mode behaviour of the non-inverting amplifier.
% HTR 05SEP2012 \end{figure}
%
%
We can represent the analysis stages of INVAMP as an Euler diagram,
showing the choice of de-composition of the system into {\fgs} (see figure~\ref{fig:eulerfmmd}).
The analysis stages of INVAMP are presented as an Euler diagram,
showing the choice of de-composition of the system into {\fgs} in figure~\ref{fig:eulerfmmd}.
%where the curves
%define the components and {\dcs} used to form the INVAMP model, see figure~\ref{fig:eulerfmmd}.
%
@ -629,10 +632,10 @@ the components have been grouped into {\fgs} and then used as {\dcs} to build th
%
%\clearpage %%% This figure seems to escape furher down the chapter
%
We can now examine the failure mode relationships in the {\dc} {\em INVAMP} by drawing it as a DAG.
The failure mode relationships in the {\dc} {\em INVAMP} can be traced through the DAG.
%expand the {\em PD} {\dc} and have a full FMMD failure %mode
%model
We can traverse this DAG, tracing the top level % symptoms
It is possible to traverse this DAG, tracing the top level % symptoms
failure modes
down to the base component failure modes, %leaves of the tree (the leaves being {\bc} failure modes),
and thus determine all possible causes for
@ -641,14 +644,15 @@ the three high level symptoms, i.e. the failure~modes of the non-inverting ampli
Knowing all possible causes for a top level event/failure~mode
is extremely useful;
if a particular top~level/system~failure was classified as catastrophic for instance,
we could use this information
this information could be used
to strengthen components that could cause that particular top level event/system~failure.
%
%
Figure \ref{fig:noninvdag1} shows a DAG,
from which we can trace top level failure modes to the base component failure modes
where top level failure modes can be traced to the base component failure modes
that can cause them.
That is, we can trace failure mode effects
%
That is, failure mode effects can be traced
from base component level to the top and vice versa.
\fmodegloss
@ -660,15 +664,15 @@ from base component level to the top and vice versa.
\section{Defining terms}
\paragraph{A discussion on the terms Parts, Components and Base Components.}
A component is anything we use to build a %a product or
%
A component is anything used to build a %a product or
system.
It could be something quite complicated
like an %integrated
micro-controller/servo motor, or quite simple like the resistor.
%
We %can
usually identify a
component by its name, a manufacturer's part number and perhaps
A
component is usually identified by its name, a manufacturer's part number and perhaps
a vendor's reference number. %In a controlled production evironment
%
Geoffrey Hall, writing in Spacecraft Systems Engineering~\cite{scse}[p.619]
@ -679,18 +683,20 @@ This definition %of a `part'
is useful, but consider parts, such as quad packaged op-amps:
in this case we have four op-amps on one chip.
%
Using traditional FMEA methods~\cite{sccs}[p.34] we would consider each op-amp in the package
as a separate building block for a circuit. For FMMD each of these four op-amps
Using traditional FMEA methods~\cite{sccs}[p.34] each op-amp in the package would be considered
as a separate building block for a circuit.
%
For FMMD each of these four op-amps
in the chip would be considered to be a separate {\bc}.
% CAN WE FIND SUPPORT FOR THIS IN LITERATURE???
\fmmdglossBC
%
We need to go further than the above definition of a part, and define % defining
The above definition of a part, needs further refinement, and to be defined as % defining
an atomic entity. % used as a building block.
%The term component, in American English, can mean a building block or a part.
%In British-English a component generally is given to mean the definition for part above.
We define {\bc} to be the lowest level---an entity with which we begin our analysis---a component
that we use as a starting bottom-up building block.
{\Bc} is defined as the lowest level entity ---an entity with which we begin our analysis---a component
used as a starting bottom-up building block.
%This is a choice made by the analyst, often guided by the standards to which the analysis is being performed. % to.
%
Both op-amps and transistors have published statistical failure rates and yet an op-amp is constructed from transistors.
@ -701,7 +707,7 @@ as lowest level building blocks.
In fact any lowest level building block with published failure modes could be considered to be a {\bc},
but this determination is the choice of the analyst, which may be influenced by the particular
standard~\cite{en298}~\cite{en61508} %~\cite{en230}
to which we are approving/analysing a system.
to which the system is being approved/analyed.
%a lowest level of assembly `part' or an atomic entity, which ever is the smaller
%and component to mean either a part or a sub-assembly.
@ -745,19 +751,19 @@ always be possible to obtain a set of failure modes
for each component.
%In FMMD terms a sub-system is a derived component.
%
If we look at the sound system example,
Looking at the sound system example,
the CD~player could fail in several distinct ways,
and this could have been caused by a number of {{the CD players internal}} component failure modes.
%no matter what has happened to it or has gone wrong inside it.
%
Using the reasoning that working from the bottom up forces the consideration of all possible
component failures (which can be missed in a top~down approach \cite{faa}[Ch.9]),
we are presented with a problem: which initial collections of base components should we choose?
a problem is encountered: which initial collections of base components should we choose?
%
For instance in the CD~player example, if we start at the bottom, we are presented with
a massive list of base~components, resistors, motors, user~switches, laser~diodes, etc.
For instance in the CD~player example, if we start at the bottom,
a massive list of base~components will be found, resistors, motors, user~switches, laser~diodes, etc.
%Clearly,
Working from the bottom~up, we need to pick small
Working from the bottom~up, it is necessary to pick small
collections of components that work together in some way.
These collections are termed `{\fgs}'.
\fmmdglossFG
@ -770,12 +776,12 @@ it performs a well defined function and it could be considered a design module.
\paragraph{Functional grouping to {\dc} process outline.}
%In choosing the lowest level (base component) sub-systems we would look
%for the smallest `functional~groups' of components within a system.
%We %can
%piss %can
%define a
{\Fgs} have been defined as a set of components that interact
to perform a specific function.
%
When we have analysed the fault behaviour of a {\fg}, we can treat it as a `black~box'.
After analysis of the fault behaviour of a {\fg}, it can be treated as a `black~box'.
%
\fmmdglossFG
\fmmdglossDC
@ -803,46 +809,7 @@ An outline of the FMMD process is itemised below:
\fmmdglossBC
%
The FMMD process is described in using formal definitions and algorithms in section~\ref{sec:symptomabs}.
%We can now call our functional~group a sub-system or a derived~component.
%The goal here is to know how it will behave under fault conditions !
%Imagine buying one such `sub~system' from a very honest vendor.
%One of those sir, yes but be warned it may fail in these distinct ways, here
%in the honest data sheet the set of failure modes is listed!
%This type of thinking is starting to become more commonplace in product literature, with the emergence
%of reliability safety standards such as IOC1508\cite{sccs},EN61508\cite{en61508}.
%FIT (Failure in Time - expected number of failures per billion hours of operation) values
%are published for some micro-controllers. A micro~controller
%is a complex sub-system in its self and could be considered a `black~box' with a given reliability.
%\footnote{Microchip sources give an FIT of 4 for their PIC18 series micro~controllers\cite{microchip}, The DOD
%1991 reliability manual\cite{mil1991} applies a FIT of 100 for this generic type of component}
% \begin{table}[h+]
% \caption{CANbus messages id}
% \begin{tabular}{|p{1cm}|p{10cm}|}
% \hline \hline
% \textbf{Bit Field} & \textbf{Description} \\ \hline \hline
% 29 & Priority bit, set to zero gives the can message high priority in physical layer arbitration.\\ \hline
% 27-26 & extended source unit, 2 bits (shift left by 4).\\ \hline
% 25-24 & extended local unit, 2 bits (shift left by 4).\\ \hline
% 20 & unit to unit bit. This means message for communication between UNITS on the CANbus, not peripheral devices.\\ \hline
% 19-16 & source unit address (see bits 27-26).\\ \hline
% 15-12 & local unit address (see bits 25-24).\\ \hline
% 11 & broadcast bit (for time signals etc.).\\ \hline
% 10-5 & can handle (6 bit peripheral identifier, used in conjunction with six bit local address).\\ \hline
% 4 & peripheral bit, set to 0 indicates a message from a UNIT, to 1 from a peripheral.\\ \hline
% 3-0 & CAN ID message. For messages between peripherals and units, this identifies the message type. \\
% \hline \hline
% \end{tabular}
% \label{tbl:fmmd_defs}
% \end{table}
}
%What components all have in common is that they can fail, and fail in a
% number of well defined ways.
@ -896,7 +863,7 @@ The UML class diagram in figure
\ref{fig:component} shows a component as a data
structure with its associated failure modes.
%
From this diagram we see that each component must have at least one failure mode.
From this diagram it can be seen that each component must have at least one failure mode.
%
\label{ch4:mutex}
To clearly show that the failure modes are mutually exclusive states, or unitary states associated with one component,
@ -905,47 +872,10 @@ each failure mode is referenced back to only one component.
\fmmdglossMUTEX
%
This constraint is discussed in detail in section~\ref{sec:unitarystate}.
%%-%% MTTF STATS CHAPTER MAYBE ??
%%-%%
%%-%% This modelling constraint is due to the fact that even generic components with the same
%%-%% failure mode types, may have different statistical MTTF properties within the same
%%-%% circuitry\footnote{For example, consider resistors one of high resistance and one low.
%%-%% The generic failure modes for a resistor will be the same for both.
%%-%% The lower resistance part will draw more current and therefore have a statistically higher chance of failure.}.
%Controlled products are typically built using a large number of components and these are traditionally
%kept in a `parts~list'.
%
%For a safety critical product this is usually a formal document
%and is used for ordering systems from third parties, and by quality inspectors
%to ensure the correct parts are being fitted.
%The parts list is shown for completeness here, as people involved with Printed Circuit Board (PCB) and electronics production, verification and testing would want to know where it lies in the model.
%The parts list is not actively used in the FMMD method, but is shown in the UML model for completeness.
%
%For the UML diagram in figure \ref{fig:componentpl} the parts list is simply a collection of components.
%
% \begin{figure}[h]
% \centering
% \includegraphics[width=400pt,bb=0 0 712 68,keepaspectratio=true]{CH4_FMMD/componentpl.png}
% % componentpl.png: 712x68 pixel, 72dpi, 25.12x2.40 cm, bb=0 0 712 68
% \caption{Parts List of Components}
% \label{fig:componentpl}
% \end{figure}
%
% %Components in the parts list % (bought in parts)
%will be termed `base~components'.
%Components derived from base~components (i.e. sub-assemblies) will not always require
%parts~numbers\footnote{It is common practise for sub-assemblies, PCB's, mechanical parts,
%software modules and some collections of components to have part numbers.
%This is a production/configuration~control issue, and linked to Bill of Material (BOM)~\cite{opmanage}
%database structures etc. Parts numbers for derived components are not directly related to the analysis process
%we are concerned with here.}, and will
%not require a vendor reference, but must be named locally in the FMMD model.
%We can term
By `modularising a system' we mean recursively breaking it into smaller sections for analysis.
By `modularising a system' this means recursively breaking it into smaller sections for analysis.
%
When modularising a system from the top~down, as in Fault Tree Analysis (FTA)~\cite{nasafta}\cite{nucfta} ,
it is common to term the modules identified as sub-systems.
@ -969,20 +899,20 @@ a system into 'sub-systems'.
%To perform FMEA appraisals we begin with {\bcs}~\cite{en298}~\cite{bfmea}~\cite{en61508}.
%These will have a set of failure modes assigned to them.
In order to perform FMEA we require a set of failure modes for each {\bc} in the system under investigation.
In order to perform FMEA a set of failure modes is required for each {\bc} in the system under investigation.
%
These are failure modes from the perspective of the user
of the component.
%
We are not usually concerned with how the component has failed
The FMEA analyst is not usually concerned with how the component has failed
internally.
%
What we need to know are the symptoms of failure.
What the analyst need to know are the symptoms of failure.
%
\fmmdglossSYMPTOM
%
With these symptoms, we can trace their effects through the system under investigation
and finally determine top-level failure events. % outcomes.
With these symptoms, their effects can be traced through the system under investigation
and finally top-level failure events can be determined. % outcomes.
%
Different approval agencies may list different failure mode sets for the same generic components.
%
@ -1027,7 +957,7 @@ starting where possible with known base~component failure~modes.
%
%
%
An advantage of working from the bottom up is that we can ensure that
An advantage of working from the bottom up is that it can be ensured that
all component failure modes must be considered.
%
A top down approach (such as FTA)
@ -1040,9 +970,11 @@ especially where there are non-obvious top-level faults.
\subsection{From functional group to newly derived component}
\label{fg}
%
The process for taking a {\fg}, analysing its failure mode behaviour, considering
all the failure modes of all the components in the group
and collecting symptoms of failure, is termed `symptom abstraction'.
%
\fmmdglossSA
%
This is dealt with in detail using an algorithmic description, in appendix \ref{sec:algorithmfmmd}.
@ -1053,12 +985,12 @@ This is dealt with in detail using an algorithmic description, in appendix \ref{
% component which has a set of failure modes,
% corresponding to the failure symptoms from the {\fg} from which it was derived.
% %
% We now consider a {\dc} as a black box, or component
% piss now consider a {\dc} as a black box, or component
% for use in further levels of analysis.
% %, and in this case it would have a set of failure modes.
% %Looking at the {\fg} in this way is seeing it as a {\dc}.
In terms of our UML model (see figure~\ref{fig:cfg}), the symptom abstraction process takes a {\fg}
In terms of the UML model (see figure~\ref{fig:cfg}), the symptom abstraction process takes a {\fg}
and creates a new {\dc} from it.
%To do this it first creates
%a new set of failure modes, representing the fault behaviour
@ -1066,6 +998,7 @@ and creates a new {\dc} from it.
%must consider all the failure modes of the components in the functional
%group.
The newly created {\dc} requires a set of failure modes of its own.
%
As a derived component inherits from component, the UML model shows
that it inherits the property of a set of failure modes.
%
@ -1074,7 +1007,7 @@ that it inherits the property of a set of failure modes.
%Because these new failure modes were derived from a {\fg}, we can call
%these `derived~failure~modes'.
%It then creates a new derived~component object, and associates it to this new set of derived~failure~modes.
%We thus have a `new' component, %or system building block, but
%piss thus have a `new' component, %or system building block, but
%with a known and traceable
%fault behaviour.
A {\fg} must comprise of at least one component, and the UML diagram shows this
@ -1126,8 +1059,8 @@ The lowest level in this hierarchy are the {\bcs}, the resistors and the op-amp.
%
The resistors are collected into a {\fg}, and the ${PD}$ derived component created from its analysis, is shown enclosing R1 and R2. % above the {\fg}.
%
As this derived component inherits the properties of a component, we may use
it in a {\fg} higher in the hierarchy.
As this derived component inherits the properties of a component, it may be used
in a {\fg} higher in the hierarchy.
%
The {\em PD} derived component is now placed into a {\fg}
with the op-amp.
@ -1139,7 +1072,7 @@ aid auditors to understand the reasoning behind each analysis test~case.}.
\fmmdglossSS
%
%
We may now use the {\em INVAMP} {\dc} in even higher level {\fgs}.
The {\em INVAMP} {\dc} may now be used in even higher level {\fgs}.
%
An analysis report is generated for each stage in the FMMD % {\fg} to {\dc}
process. %\footnote
@ -1208,7 +1141,8 @@ between the entities used in FMMD.
To keep track of the level in the hierarchy (i.e. how many stages of component
derivation %`$\derivec$'
have led to the current derived component)
we can add an attribute to the component data type.
we can add an attribute to the component data type.
%
This can be a natural number called the level variable $\abslev \in \mathbb{N}$.
% J. Howse says zero is a given in comp sci. This can be a natural number called the level variable $\alpha \in \mathbb{N}_0$.
The $\abslev$ level variable in each component,
@ -1217,6 +1151,7 @@ have a `level' of $\abslev=0$.
% I do not know how to make this simpler
Derived~components take a level based on the highest level
component used to build the functional group it was derived from plus 1.
%
So a derived component built from base level components
would have an $\abslev$ value of 1.
%
@ -1231,114 +1166,17 @@ a {\fg} could erroneously include a component above its-self in the hierarchy).
%
The abstraction level concept is formally defined in appendix~\ref{sec:abstractionlevel}.
% \section{Set Theory Description}
%
% $$ System \stackrel{has}{\longrightarrow} PartsList $$
%
% $$ PartsList \stackrel{has}{\longrightarrow} Components $$
%
% $$ Component \stackrel{has}{\longrightarrow} FailureModes $$
%
% $$ FunctionalGroup \stackrel{has}{\longrightarrow} Components $$
%
% Using the symbol $\derivec$ to indicate an analysis process that takes a
% functional group and converts it into a new component.
%
% $$ \derivec ( FG ) \rightarrow DerivedComponent $$
%
%%-
%%- Need a complete and more complicated UML diagram here
%%- the other parts were just fragments to illustrate points
%%-
%%-
% \section{Complete UML Diagram}
%
% In this section we examine the entities used in FMMD and their relationships.
% We have been building parts of the data structure up until now,
% and can now complete the picture.
% For the complete UML data model we need to consider the system
% as a data structure.
%
%The `parts~list' is the
%key reference point and starting point. % in the data structure.
%Our base components are kept here.
%
%From the {\bcs} the initial {\fgs} are formed, and from the first {\fgs},
%the first {\dcs}.
%
% \paragraph{Re-factoring the UML model to remove {\fgs}.}
% While useful for describing the context of the FMMD analysis process,
% it is desirable to remove the {\fg} from the UML diagram as this is by-product of the analysis process.
% Figure~\ref{fig:cfg2} presents a final (and simpler) UML model for FMMD.
% However, the analysis report, is a core feature of FMMD. Having an analysis
% report associated with each incremental stage in the analysis is a strength
% compared to traditional FMEA, where we only have one stage (possibly undocumented)
% for each {\bc} {\fm} to system level event/failure mode.
% The {\fg} and the analysis report have one to one relationships. We can therefore re-factor
% these into an analysis report (which would list the components used to
% make up and thus define the {\fg}) associated with the {\dc}.
%
%
% %
% % Two other data types/entities are required
% % however: we need to model environmental and operational states and
% % where they fit into the data structure.
% % %
%
%
%
% % \paragraph{UML Diagram Additional Objects.}
% % The additional objects System, Environment and Operational States
% % are added to UML diagram in figure \ref{fig:cfg} are represented in figure \ref{fig:cfg2}.
%
% \label{completeuml}
%
% \begin{figure}[h]
% \centering
% \includegraphics[width=300pt,keepaspectratio=true]{./CH4_FMMD/master_uml.png}
% % cfg2.png: 702x464 pixel, 72dpi, 24.76x16.37 cm, bb=0 0 702 464
% \caption{Complete UML diagram}
% \label{fig:cfg2}
% \end{figure}
%% XXX bit of a loose end here, maybe delete this
% \subsection{Ontological work on FMEA}
%
% Ontological work on FMEA reviewed so far, has concentrated on
% formalising the natural language process of FMEA and thus
% defining relationships between components, failure modes and top level outcomes
% an overview of this work may found here~\cite{ontfmea}.
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\section{Conclusion}
%Tie into wish list at end of chapter 3. Solves state explosion, completeness, traceability, models for related such as FMECA
\paragraph{Failure model Completeness.}
It is undesirable to miss any component {\fm} in the analysis process; were this to
happen our failure model would be incomplete.
%
Given the starting conditions of base component {\fms} from the literature,
we can ensure that all these {\fms} are traceable to subsequent {\dc} {\fms}
it can be ensured that all these {\fms} are traceable to subsequent {\dc} {\fms}
in the model.
%
With the above condition true, we term this a `complete' FMMD failure model.
With the above condition true, this is termed a `complete' FMMD failure model.
Ensuring this condition is described in section~\ref{sec:completetest}.
\paragraph{Mutual exclusivity of {\dc} failure modes.}
@ -1365,12 +1203,8 @@ This property, termed a `unitary~state~failure~mode', is examined formally in se
Because the top level failure symptoms of an FMMD analysis are objective, or the result of reasoning,
we can have a final stage where we consider the subjective or contextual effects of these symptoms.
%
With traditional FMEA methodologies we
have to make this decision (the contextual effects) for each component {\fm} in the system.
With traditional FMEA methodologies this decision (the contextual effects)
has to be made for each component {\fm} in the system.
\paragraph{State explosion problem of FMEA solved by FMMD.}
%
@ -1378,7 +1212,7 @@ Because FMMD considers failure modes within functional groups;
the traditional state explosion problem in FMEA where the ideal of exhaustive FMEA (XFMEA)---where each failure
mode could be considered in the context of all other components in the system---disappears.
%
With FMMD, because the {\fgs} have small numbers of components in them, we can easily apply XFMEA within the {\fgs}.
With FMMD, because the {\fgs} have small numbers of components in them, XFMEA can be easily applied within the {\fgs}.
%
In broad terms, FMMD mitigates state explosion by reducing the number of checks---{\fms} against components---to perform.
%
@ -1400,7 +1234,9 @@ provides a forward search derived failure mode model.
%modes have been considered in the analysis (i.e. completeness as described above).
%
This means that for every system level failure we can traverse back to possible failure causes
in the base components. Coupled with MTTF statistics for the base components
in the base components.
%
Coupled with MTTF statistics for the base components
this allows prediction of statistical failure rates for system level failures (this is
described in greater detail in section~\ref{sec:determine_fms}).
%
@ -1414,13 +1250,16 @@ described in greater detail in section~\ref{sec:determine_fms}).
% system level application (i.e. if system level failures $\alpha,beta$ or $\gamma$ occur function $\omega$
% of the system will be impaired, and )
% %
We can also use the FMMD model to derive information
The FMMD model can also be used to derive information
to assist in creating related models such as FTA~\cite{nucfta,nasafta},
traditional FMEA, FMECA~\cite{safeware}[p.344], FMEDA~\cite{scsh}, diagnostics schemas~\cite{dbamafta}
and other failure mode analysis methodologies.
%
\fmmdglossFTA
\fmmdglossFMECA
\fmmdglossFMEDA
\fmmdgloss
%\fmmdglossFMEA
\fmeagloss
\fmeagloss
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

594
submission_thesis/CH5_Examples/copy.tex
View File

@ -50,178 +50,7 @@ by applying FMMD to a sigma delta ADC.
\item Section~\ref{sec:Pt100} demonstrates FMMD being applied to a commonly used Pt100
safety critical temperature sensor circuit, this is analysed for single and then double failure modes.
\end{itemize}
%
%~\ref{sec:chap4}
%can be re-used. %, but with provisos.
%
%The first
%(see section~\ref{sec:diffamp})
%
%
%
%
%
%
%
% Moving Pt100 to metrics
%
%Sections~\ref{sec:Pt100}~and~\ref{sec:Pt100d} demonstrate both statistical
%failure mode classification % analysis for top level events traced back to {\bc} failure modes
%and the analysis of double simultaneous failure modes.
%
% Now in CHAPTER 6: Finally section~\ref{sec:elecsw} demonstrates FMMD analysis of a combined electronic and software system.
%
% \section{Basic Concepts Of FMMD}
%
% The %idea
% driving concept behind FMMD is to modularise, from the bottom-up, failure mode effects analysis.
% Traditional FMEA takes part failure modes and then determines what effect each of these
% failure modes could have on the system under investigation.
%
% Traditional FMEA, by looking at {\bc}--- or `part'---level failure modes,
% involves what we could term a large `reasoning~distance'; that is to say
% in a complex system, taking a particular failure mode, of a particular {\bc}
% and then trying to predict the outcome in the context of an entire system, is
% a leap~of~faith.
% %
% There will be numerous possibilities of effects and side effects on
% other components in the system; more than is practically possible to rigorously examine.
% To simply trace a simple route from a particular {\bc} failure mode to a top level system error/symptom
% oversimplifies the task of failure mode analysis, and makes the process arbitrary and error prone.
%
% Fortunately most real-world designs take a modular approach. In Electronics
% for instance, commonly used configurations of parts are used to create
% amplifiers, filters, potential dividers etc.
% %It is therefore natural to collect parts to form functional groups.
% It is common design practise in electronics, to use collections of parts in specific configurations
% to form well-defined and well-known building blocks.
% These commonly used configurations of parts, or {\fgs}, will
% also have a specific failure mode behaviour.
% We can take a {\fg}, analyse it using FMEA and determine its {\em symptoms} of failure.
%
% When we have done this we can treat this {\fg} as a component in its own right.
% %
% If we term {\bcs} as the components we start analysis with and components we have determined
% from functional groups as derived components, we can modularise the FMEA process.
% %
% If we start building {\fgs} from derived components we can start to build a modular
% hierarchical failure mode model. Modularising FMEA should give benefits of reducing reasoning distance,
% allowing re-use of modules and reducing the number of by-hand analysis checks to consider.
%
% As all forms of FMEA are bottom-up processes---we start with {\bcs}---the lowest or most basic components/parts.
% %and with their failure modes.
% % It is worth defining clearly the term part here.
% % Geoffry Hall writing in Space Craft Systems Engineering~\cite{scse}[p.619], defines it thus:
% % ``{Part(definition)}---The Lowest level of assembly, beyond which further disassembly irrevocably destroys the item''.
% % In the field of electronics a resistor, capacitor and op-amp would fit this definition of a `part'.
% % Failure modes for part types can be found in the literature~\cite{fmd91}\cite{mil1991}.
% %
% %
% %
% % \paragraph {Definitions: for practical FMMD analysis}
% %
% % \begin{itemize}
% % \item {\bc} - is taken to mean a `part' as defined above~\cite{scse}[p.619]. We should be able to define a set of failure modes for every {\bc}.
% % \item {\fm} - failure mode - the ways in which a component can fail
% % \item {\fg} - a collection of components chosen to perform a particular task
% % \item {\em symptom} - a failure mode of a functional group caused by one or more of its component failure modes.
% % \item {\dc} - a new component derived from an analysed {\fg}
% % \end{itemize}
%
%
%%%% XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
%
% This section might fit in with the literature review.... Chris thinks its not relevant here
% and I agree 20OCT2012
%
%%%% XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
%
% % \section{ FMMD overview}
% %
% % In the next sections we apply FMMD to electronic circuits, analogue/digital and electronic/software hybrids.
% % The basic principles of FMMD are presented here for clarity.
% %
% % \paragraph{ Creating a fault hierarchy.}
% % The main concept of FMMD is to build a hierarchy of failure behaviour from the {\bc}
% % level up to the top, or system level, with analysis stages between each
% % transition to a higher level in the hierarchy.
% %
% %
% % The first stage is to choose
% % {\bcs} that interact and naturally form {\fgs}. The initial {\fgs} are collections of base components.
% % %These parts all have associated fault modes. A module is a set fault~modes.
% % From the point of view of failure analysis,
% % we are not interested in the components themselves, but in the ways in which they can fail.
% %
% % A {\fg} is a collection of components that perform some simple task or function.
% % %
% % In order to determine how a {\fg} can fail,
% % we need to consider all the failure modes of all its components.
% % %
% % By analysing the fault behaviour of a `{\fg}' with respect to all its components failure modes,
% % we can determine its symptoms of failure.
% % %In fact we can call these
% % %the symptoms of failure for the {\fg}.
% %
% % With these symptoms (a set of derived faults from the perspective of the {\fg})
% % we can now state that the {\fg} (as an entity in its own right) can fail in a number of well defined ways.
% % %
% % In other words, we have taken a {\fg} and analysed how
% % \textbf{it} can fail according to the failure modes of its components, and then can
% % determine the {\fg} failure modes.
% %
% % \paragraph{Creating a derived component.}
% % We create a new `{\dc}' which has
% % the failure symptoms of the {\fg} from which it was derived, as its set of failure modes.
% % This new {\dc} is at a higher `failure~mode~abstraction~level' than {\bcs}.
% % %
% % \paragraph{An example of a {\dc}.}
% % To give an example of this, we could look at the components that
% % form, say an amplifier. We look at how all the components within it
% % could fail and how that would affect the amplifier.
% % %
% % The ways in which the amplifier can be affected are its symptoms.
% % %
% % When we have determined the symptoms, we can
% % create a {\dc} (called say AMP1) which has a {\em known set of failure modes} (i.e. its symptoms).
% % We can now treat $AMP1$ as a pre-analysed, higher level component.
% % %The amplifier is an abstract concept, in terms of the components.
% % To a make an `amplifier' we have to connect a group of components
% % in a specific configuration. This specific configuration corresponds to
% % a {\fg}. Our use of it as a subsequent building block corresponds to a {\dc}.
% %
% %
% % %What this means is the `fault~symptoms' of the module have been derived.
% % %
% % %When we have determined the fault~modes at the module level these can become a set of derived faults.
% % %By taking sets of derived faults (module level faults) we can combine these to form modules
% % %at a higher level of fault abstraction. An entire hierarchy of fault modes can now be built in this way,
% % %to represent the fault behaviour of the entire system. This can be seen as using the modules we have analysed
% % %as parts, parts which may now be combined to create new functional groups,
% % %but as parts at a higher level of fault abstraction.
% % \paragraph{Building the Hierarchy.}
% % We can now apply the same process of building {\fgs} but with {\dcs} instead of {\bcs}.
% % We can bring {\dcs}
% % together to form functional groups and then create new {\dcs}
% % at even higher abstraction levels. Eventually we will have a hierarchy
% % that converges to one top level {\dc}. At this stage we have a complete failure
% % mode model of the system under investigation.
% %
% % \begin{figure}[h]
% % \centering
% % \includegraphics[width=300pt,keepaspectratio=true]{CH5_Examples/tree_abstraction_levels.png}
% % % tree_abstraction_levels.png: 495x292 pixel, 72dpi, 17.46x10.30 cm, bb=0 0 495 292
% % \caption{FMMD Hierarchy showing ascending abstraction levels}
% % \label{fig:treeabslev}
% % \end{figure}
% %
% % Figure~\ref{fig:treeabslev} shows an FMMD hierarchy, where the process of creating a {\dc} from a {\fg}
% % is shown as a `$\derivec$' symbol.
% %
% %
% %
% %
%
\clearpage
\section{Example Analysis: Inverting OPAMP}
%
@ -236,9 +65,11 @@ safety critical temperature sensor circuit, this is analysed for single and then
\end{figure}
%
%This configuration is interesting from methodology pers.
There are two obvious ways in which we can model this circuit.
There are two obvious ways in which this circuit can be modelled.
%
One is to do this in two stages, by considering the gain resistors to be a potential divider
and then combining it with the OPAMP failure mode model.
%
The second is to place all three components in one {\fg}.
Both approaches are followed in the next two sub-sections.
%
@ -248,12 +79,12 @@ Ideally we would like to re-use {\dcs} from the $PD$ from section~\ref{subsec:po
looks a good candidate for this.
%
However,
we cannot directly re-use $PD$, and not just because
it cannot directly re-use $PD$, and not just because
the potential divider is floating i.e. that the polarity of
the R2 side of the potential divider is determined by the output from the op-amp.
%
The circuit schematic stipulates that the input is positive.
What we have then, in normal operation, is an inverted potential divider.
In normal operation then, this is an inverted potential divider.
%, but in addition, it facilitates the
%output feedback forming a current balance with the input signal. %---that potential divider would only be valid if the input signal were negative.
%We want if possible to have detectable errors.
@ -261,10 +92,11 @@ What we have then, in normal operation, is an inverted potential divider.
%If we can refine the operational states of the functional group, we can obtain clearer
%symptoms.
%Were the input to be guaranteed % the input will only be
We can therefore view it as an inverted potential divider
and analyse it as such; see table~\ref{tbl:pdneg}.
It must therefore be viewed as an inverted potential divider
and analysed as such; see table~\ref{tbl:pdneg}.
%
A valid range for the output value of this circuit is assumed.
%
We assume a valid range for the output value of this circuit.
Thus negative or low voltages can be considered as LOW
and voltages higher than a given threshold considered as HIGH.
%
@ -325,10 +157,10 @@ and voltages higher than a given threshold considered as HIGH.
\end{figure}
%
%
We can form a {\dc} from the analysis results in table~\ref{tbl:pdneg} %this,
and call it an inverted potential divider $INVPD$.
A {\dc} can be formed from the analysis results in table~\ref{tbl:pdneg} %this,
and called an inverted potential divider $INVPD$.
%
We can now progress to the final stage of analysis for this amplifier,
The final stage of analysis for this amplifier, is made by
by forming a {\fg} with the OpAmp and our new {\dc} $INVPD$.
%
\begin{table}[h+]
@ -456,11 +288,14 @@ by forming a {\fg} with the OpAmp and our new {\dc} $INVPD$.
%
%The differences are the root causes or component failure modes that
%lead to the symptoms (i.e. the symptoms are the same but causation tree will be different).
We can now express the failure modes for the {\dc} $INVAMP$ thus;
Tailure modes for the {\dc} $INVAMP$ can be expressed thus;
%% $$ fm(INVAMP) = \{ {lowpass}, {high}, {low} \}.$$
$$ fm(INVAMP) = \{ HIGH, LOW, LOW PASS \} .$$
%
We can draw a DAG representing the failure mode behaviour of
this amplifier (see figure~\ref{fig:invdag1}). Note that this allows us
this amplifier (see figure~\ref{fig:invdag1}).
%
Note that this allows us
to trace failure symptoms back to causes, i.e.
to traverse from system level or top failure modes to base component failure modes.
%%%%% 12DEC 2012 UP to here in notes from AF email.
@ -469,9 +304,11 @@ to traverse from system level or top failure modes to base component failure mod
%
\subsection{Second Approach: Inverting OpAmp analysing with three components in one larger {\fg}}
\label{subsec:invamp2}
Here we analyse the same problem without using an intermediate $PD$
derived component. We would have to do this
if the input voltage was not constrained to being positive.
%
The problem above is analysed without using an intermediate $PD$
derived component.
%
If the input voltage was not constrained to being positive this one stage analysis would be necessary.
This concern is re-visited in the differencing amplifier example in the next section.
%We can view the failure mode mode produced with FMMD as a DAG
%in figure~\ref{fig:
@ -517,17 +354,6 @@ This concern is re-visited in the differencing amplifier example in the next sec
\label{tbl:invamp}
\end{table}
%Much more general. OUT OF RANGE symptom maps to many component failure modes.
%Observability problem... system. In fact can we get a metric of how observable
%a system is using the ratio of component failure modes X op states to a symptom ????
%Could further refine this if MTTF stats available for each component failure.
\clearpage
\subsection{Comparison between the two approaches}
@ -550,24 +376,10 @@ inverting amplifier (i.e. the same failure modes for the {\dc} INVAMP).
All FMEA is performed in the context of the environment and functionality of the entity
under analysis.
This example shows that for the condition where the input voltage
is constrained to being positive, we can apply two levels of decomposition.
For the unconstrained case, we have to consider all three components as one larger {\fg}.
% METRICS The complexity comparison figures
% METRICS bear this out. For the two stage analysis, using equation~\ref{eqn:rd2}, we obtain a CC of $4.(2-1)+6.(2-1)=10$
% METRICS and for the second analysis a CC of $8.(3-2)=16$.
% CAN WE MODULARISE TOO FAR???? CAN W MAKE IT TOO FINELY GRAINED. 08FEB2012
%Again, for the two stage analysis, using equation~\ref{eqn:rd}, we obtain a CC of $4.(2-1)+6.(2-1)=10$
%and for the second analysis a CC of $8.(3-2)=16$.
is constrained to being positive, two levels of decomposition can be applied.
For the unconstrained case, it is necessary to consider all three components as one larger {\fg}.
%If the input voltage can be negative the potential divider
%becomes reversed in polarity.
%This means that detecting which failure mode has occurred from knowing the symptom, has become a more difficult task; or in other words
%the observability of the causes of failure are reduced. Instead of the more specific symptoms $HIGH$ or $LOW$ we
%obtain $OUT OF RANGE$ instead.
\clearpage
\section{Differencing Amplifier using two op-amps}
@ -592,170 +404,19 @@ Because this differencing amplifier presents high impedance to both inputs, and
this is a useful circuit wherever a high impedance differencing amplifier is required.
It is a configuration that will be used in many electronic circuits.
It would therefore, be desirable to represent this circuit as a {\dc} called say $DiffAMP$.
We begin by identifying {\fgs} from the components in the circuit.
% WE CAN RE_USE THE NONINVAMP FROM CHAPTER 4 HERE.......
% \subsection{Functional Group: Potential Divider}
% For the gain setting resistors R1,R2 -- we can re-use the potential divider from section~\ref{subsec:potdiv}.
%
% %R1 and R2 perform as a potential divider.
% %Resistors can fail OPEN and SHORT (according to GAS burner standard EN298 Appendix A).
% %$$ fm(R) = \{ OPEN, SHORT \}$$
%
%
%
% % \begin{table}[ht]
% % \caption{Potential Divider $PD$: Failure Mode Effects Analysis: Single Faults} % title of Table
% % \centering % used for centering table
% % \begin{tabular}{||l|c|c|l|l||}
% % \hline \hline
% % \textbf{Test} & \textbf{Pot.Div} & \textbf{ } & \textbf{General} \\
% % \textbf{Case} & \textbf{Effect} & \textbf{ } & \textbf{Symtom Description} \\
% % % R & wire & res + & res - & description
% % \hline
% % \hline
% % TC1: $R_1$ SHORT & LOW & & LowPD \\
% % TC2: $R_1$ OPEN & HIGH & & HighPD \\ \hline
% % TC3: $R_2$ SHORT & HIGH & & HighPD \\
% % TC4: $R_2$ OPEN & LOW & & LowPD \\ \hline
% % \hline
% % \end{tabular}
% % \label{tbl:pdfmea}
% % \end{table}
% %
% % By collecting the symptoms in table~\ref{tbl:pdfmea} we can create a derived
% % component $PD$ to represent the failure mode behaviour
% % of a potential divider.
%
% Thus for single failure modes, a potential divider can fail
% with $fm(PD) = \{PDHigh,PDLow\}$.
%
%
% The potential divider is used to program the gain of IC1.
% IC1 and PD provide the function of buffering
% /amplifying the signal $+V1$.
% We can now examine IC1 and PD as a functional group.
%
% \pagebreak[3]
% \subsection{Functional Group: Amplifier first stage}
%
% Let use now consider the op-amp. According to
% FMD-91~\cite{fmd91}[3-116] an op-amp may have the following failure modes:
% latchup(12.5\%), latchdown(6\%), nooperation(31.3\%), lowslewrate(50\%).
%
%
% $$ fm(OPAMP) = \{L\_{up}, L\_{dn}, Noop, L\_slew \} $$
%
%
% By bringing the $PD$ derived component and the $OPAMP$ into
% a functional group we can analyse its failure mode behaviour.
%
%
% \begin{table}[ht]
% \caption{Non Inverting Amplifier $NI\_AMP$: Failure Mode Effects Analysis: Single Faults} % title of Table
% \centering % used for centering table
% \begin{tabular}{||l|c|c|l|l||}
% \hline \hline
% %\textbf{Test} & \textbf{Amplifier} & \textbf{ } & \textbf{General} \\
% %\textbf{Case} & \textbf{Effect} & \textbf{ } & \textbf{Symtom Description} \\
% \textbf{Failure} & & \textbf{Amplifier Effect} & & \textbf{Derived Component} \\
% \textbf{cause} & & \textbf{ } & & \textbf{Failure Mode} \\
%
% % R & wire & res + & res - & description
% \hline
% \hline
% TC1: $OPAMP$ LatchUP & & Output High & & AMPHigh \\
% TC2: $OPAMP$ LatchDown & & Output Low : Low gain& & AMPLow \\ \hline
% TC3: $OPAMP$ No Operation & & Output Low & & AMPLow \\
% TC4: $OPAMP$ Low Slew & & Low pass filtering & & LowPass \\ \hline
% TC5: $PD$ LowPD & & Output High & & AMPHigh \\ \hline
% TC6: $PD$ HighPD & & Output Low : Low Gain& & AMPLow \\ \hline
% %TC7: $R_2$ OPEN & LOW & & LowPD \\ \hline
% \hline
% \end{tabular}
% \label{ampfmea}
% \end{table}
%
%
% Collecting the symptoms we can see that this amplifier fails
% in 3 ways $\{ AMPHigh, AMPLow, LowPass \}$.
% We can now create a derived component, $NI\_AMP$, to represent it.
% The FMMD reasoning process is represented in the DAG in figure~\ref{fig:noninvdag11}.
%
Looking first at the components in the signal path, we notice that we have a non-inverting
amplifier formed by R1,R2 and IC1. In fact, apart from being
%
Identifying {\fgs} from the components in the circuit is the starting point for analysis.
%
Looking first at the components in the signal path, it can be noticed that we have a non-inverting
amplifier formed by R1,R2 and IC1.
%
In fact, apart from being
inverted visually on the schematic, it is identical to the example
used in section~\ref{sec:noninvamp} (the first practical example used to demonstrate FMMD).
We thus re-use the {\dc} $NI\_AMP$ and can express the failure modes for it thus:
%
It is therefore possible to re-use the {\dc} $NI\_AMP$ and the failure modes for it, thus:
$$ fm(NI\_AMP) = \{ AMPHigh, AMPLow, LowPass \} .$$
%
%
% \begin{figure}[h+]
% \centering
% \begin{tikzpicture}[shorten >=1pt,->,draw=black!50, node distance=\layersep]
% \tikzstyle{every pin edge}=[<-,shorten <=1pt]
% \tikzstyle{fmmde}=[circle,fill=black!25,minimum size=30pt,inner sep=0pt]
% \tikzstyle{component}=[fmmde, fill=green!50];
% \tikzstyle{failure}=[fmmde, fill=red!50];
% \tikzstyle{symptom}=[fmmde, fill=blue!50];
% \tikzstyle{annot} = [text width=4em, text centered]
%
%
% \node[component] (OPAMP) at (0,-1.8) {$OPAMP$};
% \node[component] (R1) at (0,-6) {$R_1$};
% \node[component] (R2) at (0,-7.6) {$R_2$};
%
%
% \node[failure] (OPAMPLU) at (\layersep,-0) {l-up};
% \node[failure] (OPAMPLD) at (\layersep,-1.2) {l-dn};
% \node[failure] (OPAMPNP) at (\layersep,-2.5) {noop};
% \node[failure] (OPAMPLS) at (\layersep,-3.8) {lowslew};
%
% \node[failure] (R1SHORT) at (\layersep,-5.1) {$R1_{Sh}$};
% \node[failure] (R1OPEN) at (\layersep,-6.4) {$R1_{Op}$};
%
% \node[failure] (R2SHORT) at (\layersep,-7.7) {$R2_{Sh}$};
% \node[failure] (R2OPEN) at (\layersep,-9.0) {$R2_{Op}$};
%
% \path (OPAMP) edge (OPAMPLU);
% \path (OPAMP) edge (OPAMPLD);
% \path (OPAMP) edge (OPAMPNP);
% \path (OPAMP) edge (OPAMPLS);
%
% \path (R1) edge (R1SHORT);
% \path (R1) edge (R1OPEN);
%
% \path (R2) edge (R2SHORT);
% \path (R2) edge (R2OPEN);
%
%
% % Potential divider failure modes
% %
% \node[symptom] (PDHIGH) at (\layersep*2,-6) {$PD_{HIGH}$};
% \node[symptom] (PDLOW) at (\layersep*2,-7.6) {$PD_{LOW}$};
% \path (R1OPEN) edge (PDHIGH);
% \path (R2SHORT) edge (PDHIGH);
% \path (R2OPEN) edge (PDLOW);
% \path (R1SHORT) edge (PDLOW);
% \node[symptom] (AMPHIGH) at (\layersep*3.4,-3) {$AMP_{HIGH}$};
% \node[symptom] (AMPLOW) at (\layersep*3.4,-5) {$AMP_{LOW}$};
% \node[symptom] (AMPLP) at (\layersep*3.4,-7) {$LOWPASS$};
% \path (PDLOW) edge (AMPHIGH);
% \path (OPAMPLU) edge (AMPHIGH);
% \path (PDHIGH) edge (AMPLOW);
% \path (OPAMPNP) edge (AMPLOW);
% \path (OPAMPLD) edge (AMPLOW);
% \path (OPAMPLS) edge (AMPLP);
%
% \end{tikzpicture}
% % End of code
% \caption{Full DAG representing failure modes and symptoms of the Non Inverting Op-amp Circuit}
% \label{fig:noninvdag11}
% \end{figure}
\subsection{The second stage of the amplifier}
@ -804,7 +465,7 @@ Here it is more intuitive to model the resistors not as a potential divider, but
\label{ampfmea}
\end{table}
Collecting the symptoms we can see that this amplifier fails
Collecting the symptoms it can be seen that this amplifier fails
in four ways. %$\{ AMPHigh, AMPLow, LowPass, AMPIncorrectOutput\}$.
%We can now
We create a derived component, $SEC\_AMP$, to represent it
@ -821,6 +482,7 @@ $$ fm(SEC\_AMP) = \{ AMPHigh, AMPLow, LowPass, AMPIncorrectOutput \} .$$
For the final stage we create a {\fg} consisting of
two derived components of the type $NI\_AMP$ and $SEC\_AMP$.
%
We apply FMMD analysis to this {\fg} in table~\ref{tbl:diffampfinal}.
%
\begin{table}[h+]
@ -853,22 +515,23 @@ We apply FMMD analysis to this {\fg} in table~\ref{tbl:diffampfinal}.
\label{tbl:ampfmea}
\end{table}
%
Collecting common symptoms of failure we determine the failure modes for this circuit.
Collecting common symptoms of failure the failure modes for this circuit are determined.
%$\{DiffAMPLow, DiffAMPHigh, DiffAMP\_LP, DiffAMPIncorrect \}$.
We create a derived component to represent the failure mode behaviour of the differencing amplifier circuit (see figure~\ref{fig:circuit1}).
$$ fm (DiffAMP) = \{DiffAMPLow, DiffAMPHigh, DiffAMP\_LP, DiffAMPIncorrect\} $$
A derived component to represent the failure mode behaviour
of the differencing amplifier circuit (see figure~\ref{fig:circuit1}) is created:
$$ fm (DiffAMP) = \{DiffAMPLow, DiffAMPHigh, DiffAMP\_LP, DiffAMPIncorrect\} . $$
We can represent the failure analysis performed as a directed graph (see figure~\ref{fig:circuit1_dag}).
The failure analysis performed is represented as a directed graph (see figure~\ref{fig:circuit1_dag}).
%of the failure modes and derived components.
%
Using this we can trace any top level fault back to
a component failure mode that could have caused it\footnote{ In fact we can
re-construct an FTA diagram from the information in this graph.
We merely have to choose a top level event and work down using $XOR$ gates.}.
Using this any top level fault can be traced back to
a component failure mode that could have caused it\footnote{An FTA diagram can be constructed
from the information in this graph.
A top level event is chosen and the DAG worked down through its edges using $XOR$ gates.}.
%
This circuit performs poorly from a safety point of view.
%
Its failure modes could be undetectable, i.e. indistinguishable from valid readings (especially
when it becomes a V2 follower).
@ -929,7 +592,7 @@ Starting at the input, we have a first order low pass filter buffered by an op-a
the output of this is passed to a Sallen~Key~\cite{aoe}[p.267]~\cite{electronicssysapproach}[p.288] second order low-pass filter.
The output of this is passed into another Sallen~Key filter. % -- which although it may have different values
%for its resistors/capacitors and thus have a different frequency response -- is identical from a failure mode perspective.
Thus we can analyse the first Sallen~Key low pass filter and re-use it
The first Sallen~Key low pass filter is analysed and then re-used
for the second stage
(avoiding repeat work that would have been performed using traditional FMEA).
@ -945,7 +608,8 @@ for the second stage
\paragraph{First Order Low Pass Filter.}
\label{sec:lp}
We begin with the first order low pass filter formed by $R10$ and $C10$.
% WEEEE ECUNT
Starting with the first order low pass filter formed by $R10$ and $C10$.
%
This configuration (or {\fg}) is very commonly
used %in electronics
@ -955,14 +619,17 @@ from a signal. %; here it is being used as a first stage of a more sophisticated
R10 and C10 act as a potential divider, with the crucial difference between a purely resistive potential divider being
that the impedance of the capacitor is lower for higher frequencies.
%
Thus higher frequencies are attenuated at the point that we
read its output signal.
Thus higher frequencies are attenuated at the point
its output signal is read/used.
%
However, from a failure mode perspective we can analyse it in a very similar way
However, from a failure mode perspective it can be analysed in a very similar way
to a potential divider (see section~\ref{subsec:potdiv}).
%
Capacitors generally fail OPEN but some types fail OPEN and SHORT.
We will consider the worst case: a two failure mode model for this analysis.
We analyse the first order low pass filter in table~\ref{tbl:firstorderlpass}.\\
%
Consider the worst case: a two failure mode model for this analysis.
%
The first order low pass filter is analysed in table~\ref{tbl:firstorderlpass}.\\
\begin{table}[h+]
@ -988,14 +655,20 @@ We analyse the first order low pass filter in table~\ref{tbl:firstorderlpass}.\\
\end{table}
We collect the symptoms $\{ LPnofilter,LPnosignal \}$ and create a derived component
called $FirstOrderLP$. Applying the $fm$ function yields $$ fm(FirstOrderLP) = \{ LPnofilter,LPnosignal \}.$$
The symptoms $\{ LPnofilter,LPnosignal \}$ are collected and a derived component created
called $FirstOrderLP$.
%
Applying the $fm$ function yields $$ fm(FirstOrderLP) = \{ LPnofilter,LPnosignal \}.$$
%
\paragraph{Addition of Buffer Amplifier: First stage.}
The op-amp IC1 is being used simply as a buffer. By placing it between the next stages
%
The op-amp IC1 is being used simply as a buffer.
%
By placing it between the next stages
on the signal path, we remove the possibility of unwanted signal feedback.
%
The buffer is one of the simplest op-amp configurations.
%
It has no other components, and so we can now form a {\fg}
from the $FirstOrderLP$ and the OpAmp component.
@ -1026,15 +699,18 @@ from the $FirstOrderLP$ and the OpAmp component.
\end{table}
From the table~\ref{tbl:firststage} we can see three symptoms of failure of
the first stage of this circuit (i.e. R10,C10,IC1).
We can create a derived component for it, lets call it $LP1$.
From the table~\ref{tbl:firststage} three symptoms of failure of
the first stage of this circuit (i.e. R10,C10,IC1) are observed.
%
A {\dc} is created for it, lets call it $LP1$.
$$ fm(LP1) = \{ LP1High, LP1Low, LP1filterincorrect, LP1nosignal \} $$
In terms of the circuit, we have modelled the {\fgs} $FirstOrderLP$, and
$LP1$. We can represent these on the circuit diagram by drawing contours around the components
In terms of the circuit, the {\fgs} $FirstOrderLP$, and
$LP1$ have been modelled.
%
These can be represented on the circuit diagram by drawing contours around the components
on the schematic as in figure~\ref{fig:circuit2002_LP1}.
\begin{figure}[h]
@ -1050,8 +726,9 @@ on the schematic as in figure~\ref{fig:circuit2002_LP1}.
\paragraph{Second order Sallen Key Low Pass Filter.}
The next two filters in the signal path are R1,R2,C2,C1,IC2 and R3,R4,C4,C3,IC3.
From a failure mode perspective these are identical.
We can analyse the first one (see table~\ref{tbl:sallenkeylp}) and then re-use these
results for the next stage of analysis (see figure~\ref{fig:circuit2002_FIVEPOLE}).
%
The first one can be analysed (see table~\ref{tbl:sallenkeylp}) and then these
results re-used for the next stage of analysis (see figure~\ref{fig:circuit2002_FIVEPOLE}).
\begin{table}[ht]
\caption{Sallen Key Low Pass Filter SKLP: Failure Mode Effects Analysis: Single Faults} % title of Table
@ -1086,29 +763,26 @@ results for the next stage of analysis (see figure~\ref{fig:circuit2002_FIVEPOLE
\label{tbl:sallenkeylp}
\end{table}
We now can create a derived component to represent the Sallen Key low pass filter, which we can call $SKLP$.
$$ fm ( SKLP ) = \{ SKLPHigh, SKLPLow, SKLPIncorrect, SKLPnosignal \} $$
A derived component is created to represent the Sallen Key low pass filter, called $SKLP$:
%
$$ fm ( SKLP ) = \{ SKLPHigh, SKLPLow, SKLPIncorrect, SKLPnosignal . \} $$
%
%
\paragraph{A failure mode model of Op-Amp Circuit 2.}
%
We now have {\dcs} representing the three stages of this filter
and this follows the signal flow in the filter circuit (see figure~\ref{fig:blockdiagramcircuit2}).
%
%
%
%
As the signal has to pass through each block/stage
in order to be `five~pole' filtered, we need to bring these three blocks together into a {\fg}
in order to get a failure mode model for the whole circuit.
We can index the Sallen Key stages, and these are marked on the circuit schematic in figure~\ref{fig:circuit2002_FIVEPOLE}.
in order to be `five~pole' filtered, these three blocks are brought together to form a {\fg}.
%
This will give a failure mode model for the whole circuit.
%
The Sallen Key stages can be indexed,
and these are marked on the circuit schematic in figure~\ref{fig:circuit2002_FIVEPOLE}.
%
\begin{figure}[h]+
\centering
@ -1121,7 +795,8 @@ We can index the Sallen Key stages, and these are marked on the circuit schemati
\pagebreak[4]
%
So our final {\fg} will consist of the derived components $\{ LP1, SKLP_1, SKLP_2 \}$.
We represent the desired FMMD hierarchy in figure~\ref{fig:circuit2h}.
%
The FMMD hierarchy is shown in figure~\ref{fig:circuit2h}.
%
%
% HTR 20OCT2012 \begin{figure}[h]+
@ -1188,7 +863,8 @@ We represent the desired FMMD hierarchy in figure~\ref{fig:circuit2h}.
\label{tbl:fivepole}
\end{table}
%
We now can create a {\dc} to represent the circuit in figure~\ref{fig:circuit2}, we call this
% FUCKING HELL WEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE
A {\dc} is created to represent the circuit in figure~\ref{fig:circuit2}, called
$FivePoleLP$: applying the $fm$ function (see table~\ref{tbl:fivepole})
yields $$fm(FivePoleLP) = \{ HIGH, LOW, FilterIncorrect, NO\_SIGNAL \}.$$
%
@ -1196,8 +872,13 @@ yields $$fm(FivePoleLP) = \{ HIGH, LOW, FilterIncorrect, NO\_SIGNAL \}.$$
%\pagebreak[4]
%
The failure modes for the low pass filters are very similar, and the propagation of the signal
is simple (as it is never inverted). The circuit under analysis is -- as shown in the block diagram (see figure~\ref{fig:blockdiagramcircuit2}) --
three op-amp driven non-inverting low pass filter elements. It is not surprising therefore that they have very similar failure modes.
is simple (as it is never inverted).
%
The circuit under analysis is -- as shown in the block diagram (see figure~\ref{fig:blockdiagramcircuit2}) --
three op-amp driven non-inverting low pass filter elements.
%
It is not surprising therefore that they have very similar failure modes.
%
From a safety point of view, the failure modes $LOW$, $HIGH$ and $NO\_SIGNAL$
could be easily detected; the failure symptom $FilterIncorrect$ may be less detectable.
%
@ -1205,15 +886,8 @@ could be easily detected; the failure symptom $FilterIncorrect$ may be less det
This example shows the analysis of a linear signal path circuit with three easily identifiable
{\fgs} and re-use of the Sallen-Key {\dc}.
%
%
%
%
%
\clearpage
%
% BUBBAOSC
%
%
\section{Quad Op-Amp Oscillator}
\label{sec:bubba}
%
@ -1224,11 +898,12 @@ This example shows the analysis of a linear signal path circuit with three easil
\caption{Circuit diagram for the Quad Op-Amp `Bubba' Oscillator}
\label{fig:circuit3}
\end{figure}
%
%\clearpage
%\section{Standard Non-inverting OP AMP}
%
This circuit is described in the Analog Applications Journal~\cite{bubba}[p.37].
%
The circuit implements an oscillator using four 45 degree phase shifts, and an inverting amplifier to provide
gain and the final 180 degrees of phase shift (making a total of 360). % degrees of phase shift).
The circuit provides two outputs with a quadrature phase relationship.
@ -1249,10 +924,10 @@ However, this is not a problem for FMMD, as {\fgs} are readily identifiable.
% METRICS We now create FMMD models and compare the complexity of FMMD and FMEA.
%
%We start the FMMD process by determining {\fgs}.
We initially identify three types of {\fgs}, an inverting amplifier (analysed in section~\ref{fig:invamp}),
Initially three types of {\fgs} are identified, an inverting amplifier (analysed in section~\ref{fig:invamp}),
a 45 degree phase shifter (a {$10k\Omega$} resistor and a $10nF$ capacitor) and a non-inverting buffer
amplifier. We can name these $INVAMP$, $PHS45$ and $NIBUFF$ respectively.
We can use these {\fgs} to describe the circuit in block diagram form with arrows indicating the signal path, in figure~\ref{fig:bubbablock}.
These {\fgs} are used to describe the circuit in block diagram form with arrows indicating the signal path, in figure~\ref{fig:bubbablock}.
\begin{figure}[h]
\centering
@ -1262,32 +937,34 @@ We can use these {\fgs} to describe the circuit in block diagram form with arrow
\label{fig:bubbablock}
\end{figure}
We can now analyse each of these {\fgs} and create failure mode models for them, and from these
Each of these {\fgs} are analysed to create failure mode models for them, and from these
determine {\dcs}.
\subsection{Inverting Amplifier: INVAMP}
The inverting amplifier was analysed in section~\ref{sec:invamp} and we can therefore simply re-use those results
i.e. the {\dc} $INVAMP$.
The inverting amplifier, as a {\dc}, has the following failure modes:
$$ fm(INVAMP) = \{ AMP\_High, AMP\_Low, LowPass \}. $$ % \{ HIGH, LOW, LOW PASS \}. $$
% METRICS and has a CC of 10.
\subsection{Phase shifter: PHS45}
This consists of a resistor and a capacitor.
%
We already have failure mode models for these components -- $ fm(R) = \{OPEN, SHORT\}$, $fm(C) = \{OPEN, SHORT\}$ --
we now need to see how these failure modes would affect the phase shifter.
The inverting amplifier was analysed in section~\ref{sec:invamp} and can therefore simply re-use those results
i.e. the {\dc} $INVAMP$.
%
The inverting amplifier, as a {\dc}, has the following failure modes:
%
$$ fm(INVAMP) = \{ AMP\_High, AMP\_Low, LowPass \}. $$ % \{ HIGH, LOW, LOW PASS \}. $$
%
% METRICS and has a CC of 10.
%
%
\subsection{Phase shifter: PHS45}
%
This consists of a resistor and a capacitor.
% CUNT CUNT CUNT WEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE this is doing my head in
Failure mode models exist for these components -- $ fm(R) = \{OPEN, SHORT\}$, $fm(C) = \{OPEN, SHORT\}$ --
the question next is, how do these failure modes affect the phase shifter?
%
Note that the circuit here
is identical to the low pass filter in circuit topology (see section~\ref{sec:lp}), but its intended use is different.
%
We have to analyse this circuit from the perspective of it being a {\em phase~shifter} not a {\em low~pass~filter}.
%
Our {\fg} for the phase shifter consists of a resistor and a capacitor, $G_0 = \{ R, C \}$
The {\fg} for the phase shifter consists of a resistor and a capacitor, $G_0 = \{ R, C \}$
(FMMD analysis details in appendix section~\ref{detail:PHS45}),
%
%
@ -1295,9 +972,14 @@ $$ fm (G_0) = \{ nosignal, 0\_phaseshift \} . $$
%$$ CC(G_0) = 4 \times 1 = 4 $$
%23SEP2012
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%% WE romoval ends here for CH5: doing my fucking head in re-arranging sentences.
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\subsection{Non Inverting Buffer: NIBUFF.}
%
The non-inverting buffer {\fg} is comprised of one component, an op-amp.
%
We use the failure modes for an op-amp~\cite{fmd91}[p.3-116] to represent this group.
% GARK
We can express the failure modes for the non-inverting buffer ($NIBUFF$) thus:
@ -1307,18 +989,18 @@ $$ fm(NIBUFF) = fm(OPAMP) = \{L\_{up}, L\_{dn}, Noop, L\_slew \} . $$
%its comparison complexity is zero. In re-using {\dcs} we expend no extra analysis effort.
%$$ CC(NIBUFF) = 0 $$
%\subsection{Forming a functional group from the PHS45 and NIBUFF.}
%
% describe what we are doing, a buffered 45 degree phase shift element
%
\subsection{Bringing the {\fgs} Together: FMMD model of the `Bubba' Oscillator.}
%
We could at this point bring all the {\dcs} together into one large functional
group (see figure~\ref{fig:bubbaeuler1}) %{fig:poss1finalbubba})
or we could try to merge in smaller stages, which will have the side-effect of
creating intermediate {\dcs}.
%
Initially we use the first identified {\fgs} to create our model without further stages of refinement/hierarchy.
%
\subsection{FMMD Analysis using initially identified {\fgs}}