34 lines
1.8 KiB
TeX
34 lines
1.8 KiB
TeX
%The certification process of safety critical products for European and
|
|
%other international standards often demand environmental stress,
|
|
%endurance and Electro Magnetic Compatibility (EMC) testing. Theoretical, or 'static testing',
|
|
%is often also required.
|
|
%
|
|
Failure Mode Effects Analysis (FMEA), is a is a bottom-up technique that aims to assess the effect all
|
|
component failure modes on a system.
|
|
It is used both as a design tool (to determine weaknesses), and is a requirement of certification of safety critical products.
|
|
FMEA has been successfully applied to mechanical, electrical and hybrid electro-mechanical systems.
|
|
|
|
Work on software FMEA (SFMEA) is beginning, but
|
|
at present no technique for SFMEA that
|
|
integrates hardware and software models known to the authors exists.
|
|
%
|
|
Software generally, sits on top of most modern safety critical control systems
|
|
and defines its most important system wide behaviour and communications.
|
|
Currently standards that demand FMEA for hardware (e.g. EN298, EN61508),
|
|
do not specify it for Software, but instead specify, good practise,
|
|
review processes and language feature constraints.
|
|
|
|
This is a weakness; where FMEA % scientifically
|
|
traces component {\fms}
|
|
to resultant system failures, software has been left in a non-analytical
|
|
limbo of best practises and constraints.
|
|
%
|
|
If software FMEA were possible, electro-mechanical-software hybrids could
|
|
be modelled; and could thus be `complete' failure mode models.
|
|
%Failure modes in components in say a sensor, could be traced
|
|
%up through the electronics and then through the controlling software.
|
|
Presently FMEA, stops at the glass ceiling of the computer program.
|
|
|
|
This paper presents an FMEA methodology which can be applied to software, and is compatible
|
|
and integrate-able with FMEA performed on mechanical and electronic systems.
|