diff --git a/docs/features/feature_example/safety_analysis/fmea.rst b/docs/features/feature_example/safety_analysis/fmea.rst index 7d1a90da..255ad4e5 100644 --- a/docs/features/feature_example/safety_analysis/fmea.rst +++ b/docs/features/feature_example/safety_analysis/fmea.rst @@ -40,10 +40,9 @@ following tables. For all applicable failure initiators, the FMEA has to be perf Failure Mode List ----------------- -Fault Models for sequence diagrams - .. list-table:: Fault Models for sequence diagrams - :header-rows: 1 - :widths: 10,20,10,20 +.. list-table:: Fault Models for sequence diagrams + :header-rows: 1 + :widths: 10,20,10,20 * - ID - Failure Mode @@ -127,7 +126,7 @@ For all identified applicable failure initiators, the FMEA is performed in the f :sufficient: :status: - .. note:: Argument is inside the 'content'. Therefore content is mandatory. + .. note:: Argument is inside the 'content'. Therefore content is mandatory. .. attention:: The above directive must be updated according to your feature FMEA. diff --git a/score/component_example/docs/safety_analysis/fmea.rst b/score/component_example/docs/safety_analysis/fmea.rst index bfc39ce4..6fb93ca0 100644 --- a/score/component_example/docs/safety_analysis/fmea.rst +++ b/score/component_example/docs/safety_analysis/fmea.rst @@ -37,6 +37,79 @@ FMEA (Failure Modes and Effects Analysis) Failure Mode List ----------------- +.. list-table:: Fault Models for sequence diagrams + :header-rows: 1 + :widths: 10,20,10,20 + + * - ID + - Failure Mode + - Applicability + - Rationale + * - MF_01_01 + - message is not received (is a subset/more precise description of MF_01_05) + - + - + * - MF_01_02 + - message received too late (only relevant if delay is a realistic fault) + - + - + * - MF_01_03 + - message received too early (usually not a problem) + - + - + * - MF_01_04 + - message not received correctly by all recipients (different messages or messages partly lost). Only relevant if the same message goes to multiple recipients. + - + - + * - MF_01_05 + - message is corrupted + - + - + * - MF_01_06 + - message is not sent + - + - + * - MF_01_07 + - message is unintended sent + - + - + * - CO_01_01 + - minimum constraint boundary is violated + - + - + * - CO_01_02 + - maximum constraint boundary is violated + - + - + * - EX_01_01 + - Process calculates wrong result(s) (is a subset/more precise description of MF_01_05 or MF_01_04). This failure mode is related to the analysis if e.g. internal safety mechanisms are required (level 2 function, plausibility check of the output, …) because of the size / complexity of the feature. + - + - + * - EX_01_02 + - processing too slow (only relevant if timing is considered) + - + - + * - EX_01_03 + - processing too fast (only relevant if timing is considered) + - + - + * - EX_01_04 + - loss of execution + - + - + * - EX_01_05 + - processing changes to arbitrary process + - + - + * - EX_01_06 + - processing is not complete (infinite loop) + - + - + +FMEA +---- +For all identified applicable failure initiators, the FMEA is performed in the following section. + .. code-block:: rst .. comp_saf_fmea:: @@ -49,7 +122,7 @@ Failure Mode List :sufficient: <yes|no> :status: <valid|invalid> -.. note:: argument is inside the 'content'. Therefore content is mandatory + .. note:: argument is inside the 'content'. Therefore content is mandatory .. attention:: The above directive must be updated according to your component FMEA.