\documentclass[twocolumn]{article}
%\documentclass[a4paper,10pt]{report}

\usepackage{graphicx}
\usepackage{fancyhdr}
\usepackage{tikz}
\usetikzlibrary{shapes,snakes}
\usepackage{amsfonts,amsmath,amsthm}
%\input{../style}
\usepackage{ifthen}
\usepackage{lastpage}

\newboolean{paper}
\setboolean{paper}{true} % boolvar=true or false


%\newtheorem{definition}{Definition:}

\begin{document}
\pagestyle{fancy}
\fancyhf{}
%\renewcommand{\chaptermark}[1]{\markboth{ \emph{#1}}{}}
\fancyhead[LO]{}
\fancyhead[RE]{\leftmark}
%\fancyfoot[LE,RO]{\thepage}
\cfoot{Page \thepage\ of \pageref{LastPage}}
\rfoot{\today}
\lhead{Developing a rigorous bottom-up modular static failure mode modelling methodology}

%\outerhead{{\small\bf Developing a rigorous bottom-up modular static failure mode modelling methodology}}
%\innerfoot{{\small\bf R.P. Clark } }   
                                              % numbers at outer edges
\pagenumbering{arabic}                        % Arabic page numbers hereafter
\author{R.P.Clark}
\title{Developing a rigorous bottom-up modular static failure mode modelling methodology}
\maketitle 


\abstract{
This paper proposes a methodology for
creating failure mode models of safety critical systems, which
has a common notation
for mechanical, electronic and software domains and applies an
incremental and rigorous approach.

The four main static failure mode analysis methodologies were examined and 
in the context of newer European safety standards, assessed.
Some of the deficiencies identified in these methodologies led to
a wish list for a more rigorous methodology.
%%
%% What I have found
%%
From the wish list 
%and considering some constraints determined from
%the evaluation of the four established methodologies, 
a new
methodology is developed and proposed. 
This has been named Failure Mode Modular De-Composition (FMMD).

%% Sell it
%%
In addition to addressing the traditional weaknesses of
Fault Tree Analysis (FTA), Fault Mode Effects Analysis (FMEA), Failure Mode Effects Criticality Analysis (FMECA)
and Failure Mode Effects and Diagnostic Analysis (FMEDA), FMMD provides the means to model multiple failure mode scenarios 
as specified in newer European Safety Standards \cite{en298}.
The proposed methodology is bottom-up and can guarantee to leave no component failure mode un-handled. 
It is also modular, meaning that the results of analysed components may be re-used in other projects.
}

\section{Introduction}
 The certification process of safety critical products for European and 
other international standards often involve environmental stress, 
endurance and EMC testing. Theoretical, or 'static testing',
 is often also required to highlight modifications that must be made to
 improve the product safety, or identify theoretical weaknesses in the design.
 This paper proposes a new theoretical methodology for creating failure mode models of safety critical systems.
  It has a common notation for mechanical, electronic and software domains and is modular and hierarchical.
 These properties provide advantages in rigour and efficiency when compared to current methodologies.
Current methodologies We briefly analyse the four current methodologies:
Fault Tree Analysis (FTA) is a top down methodology in which a diagram is drawn for
 each undesirable top level event, presenting the conditions that must arise to cause
 the event. It is suitable for large complicated systems with few undesirable top
 level events and focuses on those events considered most important or most catastrophic.
 Effects of duplication/redundancy of safety systems can be readily assessed. 
It uses notations that are readily understood by engineers. 
However, it cannot guarantee to model all base component failure modes 
or be used to determine system level errors other than those modelled. 
Each diagram is a separate model, creating duplication of modelled elements, 
and there is no facility to cross check between diagrams. It has limited 
support for environmental and operational states.
Fault Mode Effects Analysis (FMEA) is used principally in manufacturing. 
Each defect is assessed by its cost to repair and its frequency, using a 
failure mode ratio. A list of failures and their cost is generated. 
It is easy to identify single component failure to system failure scenarios 
and an estimate of product reliability can be calculated. It cannot focus on 
component interactions that cause system failure modes or determine potential 
problems from simultaneous failure modes. It does not consider environmental 
or operational states in sub-systems or components. It cannot model 
self-checking safety elements or other in-built safety features or 
analyse how particular components may fail.
Failure Mode Criticality Analysis (FMECA) is a refinement of FMEA, using 
two extra variables: the probability of a component failure mode occurring 
and the probability that this will cause a top level failure, and the perceived 
criticality. It gives better estimations of product reliability/safety and the 
occurrence of particular system failure modes than FMEA but has similar deficiencies.
Failure Modes, Effects and Diagnostic Analysis (FMEDA) is a refinement of 
FMEA and FMECA and models self-checking safety elements. It assigns two 
attributes to component failure modes: detectable/undetectable and safe/dangerous.
 Statistical measures about the system can be made and used to classify a 
safety integrity level. It allows designs with in-built safety features to be assessed. 
Otherwise, it has similar deficiencies to FMEA but has limited support 
for environmental and operational states in sub-systems or components, 
via self checking statistical mitigation.
Requirements for an improved methodology The deficiencies identified in the 
current methodologies are used to establish criteria for an improved methodology. 
It must include all component failure modes and therefore should be bottom-up, 
starting with individual component failure modes. Components should be broken 
down into small functional groups to enable the examination of the effect of a
 component failure mode on the other components in the group.
Development of the new methodology An ontology is developed of 
failure modes and their relationship to environmental factors, 
operational states and the hierarchical nature inherent in product design, 
defining the relationships between the system as a whole, components, 
failure modes, operational and environmental states. The ontology is used 
to determine the nature of a hierarchy modelling the system, and to which 
entities, various conditions/procedures are germane. From the ontology, 
we determine that environmental effects relate to components, and 
operational states to functional groups. A functional group can be 
analysed with respect to its component failure modes, operational 
states and environmental conditions and from this a set of failures 
modes, or symptoms for the functional group can be determined. A functional group 
can be treated as a derived component. Derived components can be 
used to build functional groups at a higher level. In this manner we 
can build a hierarchical model with each layer consisting of 
components derived from the functional groups of derived components.
From the ontology, a set of rules for simplifying the failure 
modes (collecting them into common symptoms) as we traverse up the 
hierarchy is developed. The hierarchical model can have layers added 
until it converges to a top level single functional group. On collecting 
symptoms from this, we are left with the top level, or system level, failure modes.
The model is presented in a diagrammatic notation that has been 
designed to be intuitive and understandable. It uses well tested 
visual techniques to represent the elements of the model and their 
relationships. Software support for the development of models in this 
notation has been designed and proof-of-concept tools have been implemented.
This new approach is called 
Failure Mode Modular De-Composition (FMMD) and is designed 
to be a superset of the current four approaches, that is to say, 
from an FMMD model, we should be able to 
derive models that the other four methodologies would have been 
able to create. As this approach is modular, many of the results of 
analysed components may be re-used in other projects, so 
test efficiency is improved.
FMMD is based on generic failure modes, so it is not constrained to a 
particular field. It can be applied to mechanical, electrical or software domains. 
It can therefore be used to analyse systems comprised of electrical,
mechanical and software elements in one integrated model.


%

\bibliographystyle{plain}
\bibliography{../vmgbibliography,../mybib}

\today
\end{document}