robin/Robin_PHD
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

morning edit, and made Makefile

Browse Source
This commit is contained in:
Your Name 2012-03-23 08:45:49 +00:00
parent faed2488d9
commit ee84cdc9c2
2 changed files with 39 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
papers/software_fmea/Makefile Normal file
View File

@ -0,0 +1,13 @@
PNG =
%.png:%.dia
dia -t png $<
all:
pdflatex software_fmea
acroread software_fmea.pdf
bib:
bibtex software_fmea

28
papers/software_fmea/software_fmea.tex
View File

@ -136,11 +136,12 @@ It is used both as a design tool (to determine weakness), and is a requirement o
FMEA has been successfully applied to mechanical, electrical and hybrid electro-mechanical systems. FMEA has been successfully applied to mechanical, electrical and hybrid electro-mechanical systems.
At present no technique for Software FMEA known to the authors exists. At present no technique for Software FMEA known to the authors exists.
Software generally, sits on top of most safety critical control systems
and defines its most important system wide behaviour and communications.
Standards~\cite{en298}~\cite{en61508} that use FMEA Standards~\cite{en298}~\cite{en61508} that use FMEA
do not specify it for Software, but do specify, good practise, do not specify it for Software, but do specify, good practise,
review processes and language feature constraints. review processes and language feature constraints.
Software generally, sits on top of most safety critical control systems
and
This is a weakness; where FMEA scientifically traces component {\fms} This is a weakness; where FMEA scientifically traces component {\fms}
to resultant system failures; software has been left in a non-analytical to resultant system failures; software has been left in a non-analytical
limbo of best practises and constraints. limbo of best practises and constraints.
@ -168,14 +169,37 @@ to existing software\footnote{Existing software excluding recursive code, and un
\section{FMEA Process} \section{FMEA Process}
What FMEA is, briefly variants...
\section{Modularising FMEA} \section{Modularising FMEA}
Advantages to modularisation, ref SYS SAFETY 2011 paper,
\section{Software: How can we apply FMEA} \section{Software: How can we apply FMEA}
If FMEA can be applied to software we can build complete failure models
of typical modern safety critical systems.
With modular FMEA (FMMD) we have the concepts of failure~modes
of components, {\fgs} and symptoms of failure for a functional group.
A programatic function is very similar to a functional group.
It calls other functions, which could be viewed as its `components'.
It has outputs which will be used by functiona that may call it.
However, we need to define a clear concept of failure modes of a function in order to
map FMMD to software.
\subsection{Software, a natural hierarchy} \subsection{Software, a natural hierarchy}
Same as FMMD ! Same as FMMD !
Software written for safety critical systems is usually constrained to
be modular~\cite{en61508}[bb]~\cite{misra}[cc] and non recursive~\cite{misra}[aa].
Because of this we can assume a direct call tree. Functions call functions
from the top down and eventually call the lowest level library or IO
functions that interact with hardware/electronics.
\subsection{Contract programming description} \subsection{Contract programming description}
\subsubsection{Mapping contract pre-condition violations to failure modes} \subsubsection{Mapping contract pre-condition violations to failure modes}