Merge branch 'master' of dev:/home/robin/git/thesis
Conflicts: submission_thesis/colophon/copy.tex
This commit is contained in:
Robin Clark
commit
f726db842e
@ -56,12 +56,14 @@ The more dangerous the consequences of failure
|
||||
the higher SIL rating we can demand for it.
|
||||
%
|
||||
A band-saw with one operative may require a SIL rating of 1,
|
||||
a nuclear power-station, with far greater consequences on dangerous failure
|
||||
but something with higher potential for harm to a larger number of people,
|
||||
such as a nuclear power-station or air-liner,
|
||||
with far greater consequences on dangerous failure
|
||||
may require a SIL rating of 4.
|
||||
%
|
||||
What we are saying is that while we may tolerate a low incidence of failure on a band-saw,
|
||||
we will only tolerate extremely low incidences of failure in nuclear plant.
|
||||
SIL ratings give us another objective yardstick for the measurement of system safety.
|
||||
SIL ratings provide another objective yardstick for the measurement of system safety.
|
||||
%governing failure conditions and determining risk levels associated with systems.
|
||||
|
||||
All of these risk assessment techniques are based on variations of %on the theme of
|
||||
@ -80,11 +82,11 @@ which make them unsuitable for the higher safety requirements of the 21st centur
|
||||
Problems with state explosion in failure mode reasoning and the current difficulties %impossibility
|
||||
of integrating software and hardware failure mode models~\cite{1372150} are the most obvious of these. %flaws.
|
||||
%
|
||||
The four current methodologies are described in chapter~\ref{sec:chap2} and %the advantages and drawbacks
|
||||
These four current methodologies are described in chapter~\ref{sec:chap2} and %the advantages and drawbacks
|
||||
%of each FMEA variant are examined
|
||||
critically assessed in chapter~\ref{sec:chap3}.
|
||||
In chapter~\ref{sec:chap4}, a new methodology is proposed which addresses the state explosion problem
|
||||
and, using contract programmed software, allows the modelling of integrated
|
||||
and using contract programmed software, allows the modelling of integrated
|
||||
software/electrical systems.
|
||||
%
|
||||
This is followed by two chapters showing examples of the new modular FMEA analysis technique (Failure Mode Modular De-Composition FMMD)
|
||||
@ -169,9 +171,10 @@ Using the symptoms of failure, we could now treat these modules as components in
|
||||
{\fgs}. Higher and higher levels of {\fgs} could be built until we had a hierarchy
|
||||
representing a failure mode model for the system.
|
||||
%
|
||||
Because this is modular, we can apply double simultaneous failure mode checking; and as %because
|
||||
Because this is modular, %we can apply double simultaneous failure mode checking; and as %because
|
||||
double simultaneous failure mode checking can be applied as
|
||||
the number of components
|
||||
in each {\fg} is typically small---we avoid state explosion problems. % for the general case. % AF says `in the general case' here 12JAN2013
|
||||
in each {\fg} is typically small; we therefore avoid state explosion problems. % for the general case. % AF says `in the general case' here 12JAN2013
|
||||
%
|
||||
%
|
||||
If we apply
|
||||
@ -179,7 +182,7 @@ double checking all the way up the hierarchy we can guarantee to have considered
|
||||
every double simultaneous failure of all components in a system.
|
||||
%
|
||||
This means, as a fortunate by-product, that many multiple as well as double
|
||||
failures would be analysed, but because failure modes are traceable from the base components to the top level---or system---failure modes
|
||||
failures would be analysed, but because failure modes are traceable from the base components to the top level---or system---failure modes,
|
||||
these relationships can be held in a traversable data structure.
|
||||
%
|
||||
If held in a traversable data structure we can apply automated methods to search for all the combinations of multiple failure modes
|
||||
@ -200,7 +203,7 @@ be more user friendly than using formal logic.
|
||||
For an FMEA Spider diagram, contours represent failure modes, and the Spider diagram
|
||||
`existential~points' represent instances of failure modes.
|
||||
%
|
||||
Overlapping contours could represent multiple failure modes.
|
||||
Overlapping contours represent multiple failure modes.
|
||||
%
|
||||
By drawing a spider collecting existential points, a common failure symptom could
|
||||
be determined and from this a new diagram generated automatically to represent the {\dc}.
|
||||
|
||||
@ -1,7 +1,13 @@
|
||||
%\renewcommand{\baselinestretch}{1.15}
|
||||
\chapter*{Colophon}
|
||||
|
||||
%Thanks every body !
|
||||
Completing my PhD degree is the most intellectually challenging %% FUCK OFF ZERNIKE POLYNOMIALS WERE MORE DIFFICULT --- and actually useful unlike set theory
|
||||
In short ``Thanks every body''!
|
||||
%
|
||||
\\
|
||||
\\
|
||||
%
|
||||
Completing my PhD %degree
|
||||
is the most intellectually challenging %% FUCK OFF ZERNIKE POLYNOMIALS WERE MORE DIFFICULT --- and actually useful unlike set theory
|
||||
activity of my first 52 years of my life! %% SET THEORY IS A LOAD OF BOLLOCKS
|
||||
%
|
||||
The best and worst moments of this journey
|
||||
@ -10,65 +16,99 @@ have been shared with many people.
|
||||
It has been a great privilege to spend several years
|
||||
visiting the Mathematics and Engineering departments of
|
||||
the University of Brighton, pushing me forward in clarity of self-expression,
|
||||
precision through mathematics, critical assessment and carefully crafted English,
|
||||
precision through mathematics, critical assessment and carefully crafted English:
|
||||
its members will always remain dear to me.
|
||||
%
|
||||
%%%% IS THIS BIT A BIT MAD????
|
||||
Like an army recruits training Sergeant Major I found them
|
||||
hard task masters at first, and then, as with realising the rationale behind training and
|
||||
{\em even} parade drill, respected and grew to like them.
|
||||
%
|
||||
%
|
||||
My first debt of gratitude must go to my supervisors,
|
||||
Dr. C Garret, %% TOP BLOKE
|
||||
Professor J. Howse and %% JAVALA LAT HUND
|
||||
Dr. A. Fish. %% JAVALA LAT HUND
|
||||
Dr. A. Fish,
|
||||
Dr. C Garret and %% TOP BLOKE
|
||||
%Dr. C Garret, %% TOP BLOKE
|
||||
Professor J. Howse. %% JAVALA LAT HUND
|
||||
%Dr. A. Fish. %% JAVALA LAT HUND
|
||||
%
|
||||
They patiently provided the guidance,
|
||||
encouragement and advice necessary for me to proceed through the
|
||||
research, consolidation and write-up phases of the PhD program,
|
||||
to submit three papers to conferences~\cite{syssafe2011,syssafe2012,Clark_fastzone}
|
||||
to prepare and present three papers to conferences~\cite{syssafe2011,syssafe2012,Clark_fastzone}
|
||||
and to complete and submit this thesis.
|
||||
|
||||
\\
|
||||
\\
|
||||
%
|
||||
%
|
||||
I owe a debt of thanks to Dr J. flower, my MSc project supervisor,
|
||||
who explained that the chapter in my project documentation postulating a modular form of
|
||||
FMEA---which had obvious potential for making FMEA
|
||||
FMEA---which had %obvious
|
||||
potential for making the process %FMEA
|
||||
more efficient---was a concept worthy of being developed for a PhD and assisting me
|
||||
to submit this as a conference paper~\cite{Clark200519}.
|
||||
to present the chapter as %submit this as
|
||||
a conference paper~\cite{Clark200519}.
|
||||
%
|
||||
Further I thank her for encouraging me to apply for the PhD. %% PITY SHE DID NOT STAY ON AS MY PHD SUPERVISOR
|
||||
%
|
||||
|
||||
I am deeply thankful to the directors of Energy Technology Control not only for
|
||||
\\
|
||||
\\
|
||||
%
|
||||
I am deeply thankful to the directors of {\etc} not only for
|
||||
funding this course, but providing training and work experience in the
|
||||
field of safety critical engineering, and giving me Friday
|
||||
afternoons to pursue my studies.
|
||||
%
|
||||
At Energy Technology Control, the following people gave encouragement, and
|
||||
validated the concepts for modular FMEA that I was proposing, Martin~Thirsk, Colin~Talmay,
|
||||
Darren~Legge and Hazel~Anderson. The environment and context of the work there
|
||||
was very useful for clarifying concepts relating to FMEA and
|
||||
safety, at least once a week there would be a new practical case study arising
|
||||
and being discussed, be it the observability of the effect of failures in an amplifier,
|
||||
or how a particular sensor could fail.
|
||||
%
|
||||
The field of industrial burner control
|
||||
is rich with practical examples that my new methodology have been % be
|
||||
applied to and thus the theoretical aspects were often
|
||||
sounded out against `real~world' problems.
|
||||
%
|
||||
These real~world failure scenarios were reflected in the
|
||||
design documentation, often submitted in support of
|
||||
safety accreditation, that I am tasked to produce there.
|
||||
%
|
||||
Again I thank energy Technology control Ltd, for giving me
|
||||
these parallel tasks, which aided my studies.
|
||||
|
||||
At Energy~Technology~Control, the following people gave encouragement, and
|
||||
validated the concepts for the `modular~FMEA' that I was developing, Martin~Thirsk, Colin~Talmay,
|
||||
Darren~Legge and Hazel~Anderson.
|
||||
%
|
||||
These Engineers, whose whole careers
|
||||
have been focused on the safety critical electronic/computing area,
|
||||
gave valuable time to look at and comment on my FMMD proposals.
|
||||
%
|
||||
|
||||
|
||||
% Grandma Serife Gur and grandaunt Fadime Altinteril, who left us too soon.
|
||||
|
||||
I wish to thank my parents, Jeniffer and Richard Clark.
|
||||
Their comments gave me confidence that the methodology I was developing had
|
||||
%was not only an academic exercise but had
|
||||
potential practical
|
||||
applications and benefits.
|
||||
%
|
||||
The environment and context of the work at {\etc}
|
||||
was very useful for clarifying concepts relating to FMEA and
|
||||
safety; at least once a week there is a new practical case study arising
|
||||
and being discussed, be it, say, the observability of the effect of failures in an
|
||||
traditional amplifier configuration,
|
||||
or how a particular sensor could fail.
|
||||
%
|
||||
The field of industrial burner control, is highly regulated and
|
||||
is rich with practical examples of safety measures built into
|
||||
hybrid digital/electronic systems.
|
||||
%
|
||||
This has given me many opportunities to % has been % be
|
||||
apply the new methodology against `real~world' problems.
|
||||
%
|
||||
%and thus its
|
||||
%theoretical aspects have been often
|
||||
%sounded out against `real~world' problems.
|
||||
%
|
||||
These real~world failure scenarios and their proposed solutions, were often detailed in
|
||||
requirements and design documentation, submitted in support of
|
||||
safety accreditation.
|
||||
%
|
||||
I was glad to be tasked to produce many of these documents.
|
||||
%
|
||||
Again I thank {\etc}, for giving me
|
||||
these parallel tasks, which aided my studies.
|
||||
\\
|
||||
\\
|
||||
%
|
||||
%
|
||||
I wish to thank my parents, Jennifer and Richard Clark.
|
||||
% MY MUM for proof reading alot!
|
||||
I hope that this work makes you proud.
|
||||
%
|
||||
\\
|
||||
\\
|
||||
|
||||
%\vspace{3cm}
|
||||
Typeset in \LaTeX \today.
|
||||
\renewcommand{\baselinestretch}{1.5}
|
||||
|
||||
@ -58,7 +58,7 @@
|
||||
\newcommand{\pin}{\ensuremath{\stackrel{pi}{\longleftrightarrow}}}
|
||||
\newcommand{\half}{\ensuremath{\frac{1}{2}}}
|
||||
\newcommand{\cf}[1]{\textbf{#1()}}
|
||||
|
||||
\newcommand{\etc}{Energy~Technology~Control~Ltd}
|
||||
%
|
||||
% OK after about 3 years its not rigorous FMEA (RFMEA) anymore, oh no, its Exhaustive FMEA
|
||||
% but since the fuckers might change it yet again, I am making this a macro.
|
||||
|
||||
Loading…
Reference in New Issue
Block a user