72 lines
3.1 KiB
TeX
72 lines
3.1 KiB
TeX
%The certification process of safety critical products for European and
|
|
%other international standards often demand environmental stress,
|
|
%endurance and Electro Magnetic Compatibility (EMC) testing. Theoretical, or 'static testing',
|
|
%is often also required.
|
|
%
|
|
|
|
|
|
%% INTRO
|
|
% the problem
|
|
% the solution
|
|
% why you would want to read the paper
|
|
|
|
|
|
The certification process of safety critical products for European and
|
|
other international standards often demand environmental stress,
|
|
endurance and Electro Magnetic Compatibility (EMC) testing. Theoretical, or 'static testing',
|
|
is often also required. Failure Mode effects Analysis (FMEA) is a tool used
|
|
for static testing. Its use is traditionally applied to hardware (electrical and mechanical) systems.
|
|
With the increasing use of micro-controllers in smart instruments and control
|
|
systems generally, software is increasingly being seen as a missing factor in FMEA analysis.
|
|
This paper takes a simple example of a hardware/software hybrid (an industry standard {\ft} input), analyses it
|
|
using hardware and software FMEA, and then discusses the effectiveness of the
|
|
failure modelling from the perspective of the hybrid hardware/software sub-system.
|
|
This paper demonstrates the pitfalls and benefits of applying HFMEA and SFMEA
|
|
to a hybrid system.
|
|
%
|
|
|
|
|
|
%% MIDDLE
|
|
% some background
|
|
% how important software is today
|
|
%
|
|
Failure Mode Effects Analysis (FMEA), is a bottom-up technique that aims to assess the effect all
|
|
component failure modes on a system.
|
|
It is used both as a design tool (to determine weaknesses), and is a requirement of certification of safety critical products.
|
|
FMEA has been successfully applied to mechanical, electrical and hybrid electro-mechanical systems.
|
|
|
|
Work on software FMEA (SFMEA) is beginning, but
|
|
at present no technique for SFMEA that
|
|
integrates hardware and software models %known to the authors
|
|
exists. FMEA performed on mechanical and electronic
|
|
systems can be termed Hardware FMEA (HFMEA).
|
|
%
|
|
Software generally, sits on top of most modern safety critical control systems
|
|
and defines its most important system wide behaviour and communications.
|
|
Currently standards that demand FMEA for hardware (e.g. EN298, EN61508),
|
|
do not specify it for Software, but instead specify, good practise,
|
|
review processes and language feature constraints.
|
|
%
|
|
Where FMEA % scientifically
|
|
traces component {\fms}
|
|
to resultant system failures, software has been left in a non-analytical
|
|
limbo of best practises and constraints.
|
|
Where software FMEA (SFMEA) has been applied, it is
|
|
performed a separately from the HFMEA.
|
|
|
|
%% CONCLUSIONS.
|
|
%
|
|
%
|
|
|
|
This paper presents an analysis of a simple software/hardware hybrid sub-system (a {\ft} input circuit, MUX, ADC and two software functions
|
|
that are used to convert the electrical current signal into a value for use in software).
|
|
HFMEA is applied to the hardware and SFMEA to the software components.
|
|
The two failure models are then compared, and then compared with heuristic
|
|
knowledge about {\ft} inputs circuitry and software.
|
|
|
|
Conclusions are then reached giving a positive and negative aspects
|
|
of analysing the hardware/software hybrid system using HFMEA and SFMEA.
|
|
|
|
|
|
|