How to view the material certificate part 1Mohamed Farouk
The document discusses material certification according to EN 10204 standards. It explains that EN 10204 specifies different types of inspection documents provided by manufacturers, including Type 2.1 (declaration of compliance), 2.2 (test report with non-specific inspection), 3.1 (document from manufacturer with specific inspection and test results), and 3.2 (document prepared by manufacturer and purchaser representatives with specific inspection and test results). It provides details on the certification process, requirements for each certificate type, and how an independent third party would verify a Type 3.2 certificate for steel plates by inspecting the material, certificates, and test results to confirm compliance with standards.
Testing is the process of evaluating a system or its components to find whether it satisfies specified requirements. Testing is generally done by software testers, developers, project managers, and end users. There are different types of testing like unit testing, integration testing, system testing, and acceptance testing. Testing is performed at various stages of the software development life cycle to verify that the system is built correctly and meets requirements.
base plate in bending and anchor bolts in tensionabdul latief
This document describes analytical models for predicting the behavior of base plate connections under bending and anchor bolts in tension. It presents models for the stiffness and resistance of the "T-stub" component, which includes the base plate and anchor bolts. The models account for whether contact occurs between the base plate and concrete. The analytical models are verified by tests and finite element analysis. Key factors influencing behavior are the relative stiffness of the base plate and bolts, and the effective length of the T-stub.
The document provides information about engineering and manufacturing careers. It discusses what engineers do, using science and math to solve problems and create new things. It outlines the skills and education needed to become an engineer, including taking math, science, and technology courses and obtaining a 4-year engineering degree. The document also discusses rewarding aspects of engineering careers like helping people, solving problems, and high paying job opportunities. It provides examples of local engineering and manufacturing companies and colleges that offer engineering degrees.
This document provides an overview of software testing. It begins by introducing the topic and noting the large economic costs of software failures. The document then discusses what software is, why we test software, and defines what software testing is. It outlines the importance of software testing and some basic concepts like the differences between errors, faults and failures. The document also discusses test design methodologies, levels of testing from unit to system, and common challenges in software testing. The overall purpose is to provide an introduction to software testing concepts and practices.
This document provides an overview of piping materials and selection guidelines. It defines key piping terms like pipe and tubing. It describes various types of pipes based on the manufacturing method, such as electric resistance welded pipe, furnace butt welded pipe, seamless pipes, and more. The document outlines factors to consider for material selection like design life, temperature, pressure, corrosion allowance, service conditions, and economics. It provides specific guidelines for material selection for high temperature exposures above 232°C and ambient/intermediate temperatures from 0°C to 232°C. The focus is on selecting materials that will be resistant to various deterioration modes over the design life of the piping system.
This document provides an overview of fundamentals of software testing. It discusses why testing is necessary, defines key terms like errors, defects and failures. It describes the context in which software is used and how defects can impact systems. The seven principles of testing and fundamental test process involving planning, analysis, implementation and reporting are explained. Psychological aspects of testing and principles of ethical code are also covered at a high level.
Lecture 8_MDPE_Design of Nozzles & Flange.pdfPatelDhruvil20
Lecture 8_MDPE_Design of Nozzles & Flange.pdf
Introduction :
Concept of internal & external design pressure, design stress & design temperature,
Different types of equipments, Static & rotary equipments, Different types of static
equipments, Various mechanical properties of material, Different methods of
fabrication, Different types of welding joints, Joint efficiency, Radiography.
04
2 Mechanical design of Pressure vessel:
Introduction of ASME Code sec-VIII, DIV-I & IS-2825, Classification of pressure vessel as
per IS-2825,Mechanical design of Shell: shell subjected to internal pressure, Graphical
& analytical method for Shell subjected to external pressure, design of shell for
external pressure with & without stiffening ring, Different types of head, their selection
criteria, Mechanical design of heads: Heads subjected to internal pressure, Graphical
& analytical method for heads subjected to external pressure, Different types of
Nozzles, their selection criteria, Design of nozzle pipe, Design of reinforcement pad by
area for area method, Different types of flanges, Different types of standard flanges,
their important features & selection criteria, Different
How to view the material certificate part 1Mohamed Farouk
The document discusses material certification according to EN 10204 standards. It explains that EN 10204 specifies different types of inspection documents provided by manufacturers, including Type 2.1 (declaration of compliance), 2.2 (test report with non-specific inspection), 3.1 (document from manufacturer with specific inspection and test results), and 3.2 (document prepared by manufacturer and purchaser representatives with specific inspection and test results). It provides details on the certification process, requirements for each certificate type, and how an independent third party would verify a Type 3.2 certificate for steel plates by inspecting the material, certificates, and test results to confirm compliance with standards.
Testing is the process of evaluating a system or its components to find whether it satisfies specified requirements. Testing is generally done by software testers, developers, project managers, and end users. There are different types of testing like unit testing, integration testing, system testing, and acceptance testing. Testing is performed at various stages of the software development life cycle to verify that the system is built correctly and meets requirements.
base plate in bending and anchor bolts in tensionabdul latief
This document describes analytical models for predicting the behavior of base plate connections under bending and anchor bolts in tension. It presents models for the stiffness and resistance of the "T-stub" component, which includes the base plate and anchor bolts. The models account for whether contact occurs between the base plate and concrete. The analytical models are verified by tests and finite element analysis. Key factors influencing behavior are the relative stiffness of the base plate and bolts, and the effective length of the T-stub.
The document provides information about engineering and manufacturing careers. It discusses what engineers do, using science and math to solve problems and create new things. It outlines the skills and education needed to become an engineer, including taking math, science, and technology courses and obtaining a 4-year engineering degree. The document also discusses rewarding aspects of engineering careers like helping people, solving problems, and high paying job opportunities. It provides examples of local engineering and manufacturing companies and colleges that offer engineering degrees.
This document provides an overview of software testing. It begins by introducing the topic and noting the large economic costs of software failures. The document then discusses what software is, why we test software, and defines what software testing is. It outlines the importance of software testing and some basic concepts like the differences between errors, faults and failures. The document also discusses test design methodologies, levels of testing from unit to system, and common challenges in software testing. The overall purpose is to provide an introduction to software testing concepts and practices.
This document provides an overview of piping materials and selection guidelines. It defines key piping terms like pipe and tubing. It describes various types of pipes based on the manufacturing method, such as electric resistance welded pipe, furnace butt welded pipe, seamless pipes, and more. The document outlines factors to consider for material selection like design life, temperature, pressure, corrosion allowance, service conditions, and economics. It provides specific guidelines for material selection for high temperature exposures above 232°C and ambient/intermediate temperatures from 0°C to 232°C. The focus is on selecting materials that will be resistant to various deterioration modes over the design life of the piping system.
This document provides an overview of fundamentals of software testing. It discusses why testing is necessary, defines key terms like errors, defects and failures. It describes the context in which software is used and how defects can impact systems. The seven principles of testing and fundamental test process involving planning, analysis, implementation and reporting are explained. Psychological aspects of testing and principles of ethical code are also covered at a high level.
Lecture 8_MDPE_Design of Nozzles & Flange.pdfPatelDhruvil20
Lecture 8_MDPE_Design of Nozzles & Flange.pdf
Introduction :
Concept of internal & external design pressure, design stress & design temperature,
Different types of equipments, Static & rotary equipments, Different types of static
equipments, Various mechanical properties of material, Different methods of
fabrication, Different types of welding joints, Joint efficiency, Radiography.
04
2 Mechanical design of Pressure vessel:
Introduction of ASME Code sec-VIII, DIV-I & IS-2825, Classification of pressure vessel as
per IS-2825,Mechanical design of Shell: shell subjected to internal pressure, Graphical
& analytical method for Shell subjected to external pressure, design of shell for
external pressure with & without stiffening ring, Different types of head, their selection
criteria, Mechanical design of heads: Heads subjected to internal pressure, Graphical
& analytical method for heads subjected to external pressure, Different types of
Nozzles, their selection criteria, Design of nozzle pipe, Design of reinforcement pad by
area for area method, Different types of flanges, Different types of standard flanges,
their important features & selection criteria, Different
Aliaa delivered a session in the topic of “Test planning” using a new technique of delivering content through games and knowledge sharing instead of instructive technique. The session covered all test planning activities including defining test items, risk assessment techniques, testing strategies, planning for testing resources, testing scheduling, and test deliverables and the final test plan documents.
The session introduced to quality team at ITWorx (June , 2013)
Difference Between Piping and Pipeline -Piping vs pipelineVarun Patel
Learn about the difference between Piping and Pipeline. When it comes to transport the fluid, Piping and Pipeline are most frequent words use in Oil & Gas industries. Let us explore the similarity and differences between Piping and Pipeline. Piping and Pipeline both use to transport various liquid, gases and sometimes slurry and powder material.
The document discusses software testing concepts and processes. It covers definitions of testing, objectives of testing, types of defects and their costs. It also describes the typical software testing process which includes test planning, preparation, execution, reporting and defect tracking. Additionally, it discusses test strategies such as unit testing, integration testing, system testing and acceptance testing. The overall purpose is to provide an introduction and overview of basic software testing concepts.
Dynamic Object-Oriented Requirements System (DOORS)David Groff
This document provides an overview of requirements management (RM) and the IBM Rational DOORS tool. It discusses what RM is, who uses it, and what DOORS is and how it can be used. It describes the key components and architecture of DOORS, including modules, objects, attributes, and links. It also covers security roles, configurations, scripting with DXL, and integrations with other tools.
In order to plan for automated or manual regression test execution, it's always efficient in the long run to prepare your regression testing framework. This paper presents a simple framework which can be followed on systems with any level of complexity.
Fundamental of Pipe / Pipeline used in Process Piping.Varun Patel
Learn about every aspect of pipe that used in process piping in Oil & Gas Industries. This small pipe handbook cum guide includes Fundamental of pipe, types of pipe, manufacturing, dimension, testing, hydro testing, inspection, and marking.
MindScripts Technologies is the authorized Softwrae Testing Training institutes in Pune, providing a complete softwrae testing certification course with ISTQB certification. It provides a IBM Certified courses.
Piping Training course-How to be an Expert in Pipe & Fittings for Oil & Gas c...Varun Patel
Course Description
Piping a must know skill to work in Oil & Gas and similar Process Industries.
Oil and Gas industry is become a very competitive in the current time. Getting right mentor and right exposer within industry is difficult. With limited training budget spent by company on employee training, it is difficult to acquire the knowledge to success.
Knowing cross-functional skill give you an edge over others in your career success.
This course design based on years of field experience to ensure student will comprehend technical details easily and enjoy overall journey.
Learn in detail every aspect of Pipe & Pipe Fittings used in process industry
•Different types of Pipe, Pipe fittings (Elbow, Tee, reducers, Caps etc.), Flanges, Gaskets, Branch Connection, Bolting materials
•Materials (Metal-Carbon Steel, Stainless Steel, Alloy Steel etc. Non-Metal- PVC/VCM, HDPE, GRE-GRP etc.)
•Manufacturing methods
•Heat treatment requirements
•Inspection and Testing requirements (Non Destructive Testing, Mechanical & Chemical testing)
•Dimensions & Markings requirements
•Code & Standard used in piping
Content and Overview
With 2 hours of content including 30 lectures & 8 Quizzes, this course cover every aspect of Pipe, Pipe fittings, flanges, gaskets, branch connections and bolting material used in Process Piping.
This Course is divided in three parts.
1st part of the course covers fundamental of process industries. In this Part, you will learn about fundamental process piping. You will also learn about Code, Standard & Specification used in process industries.
2nd part cover various types of material used in process industries. In this part, you will learn about Metallic and Non-Metallic material used to manufacture pipe and other piping components.
3rd parts covers in detail about pipe and piping components used in Process piping. In this part we will learn about Industry terminology of Piping components, types of industrial material grade used in manufacturing and entire manufacturing process of these components. You will learn about different manufacturing methods, Heat treatment requirements, Destructive and Non-destructive testing, Visual & Dimensional inspection and Product marking requirements.
Upon completion, you will be able to use this knowledge direct on your Job and you can easily answer any interview question on pipe & fittings.
Buckling Restrained Braces (BRBs) were developed in Japan in the 1980s to allow cyclic lateral loads and earthquake-induced loads on buildings. BRBs consist of a steel core encased in a concrete or mortar casing with a debonding agent between them. This prevents buckling of the core while allowing movement. BRBs provide high stiffness and ductility, yielding in both tension and compression. They are commonly used in seismic retrofitting and as an alternative to Concentrically Braced Frames due to their economical and seismic performance. BRBs are tested at both the component and sub-assembly level to validate their behavior under cyclic loading.
Pipe racks are structures designed to support pipes, cables, and equipment in industrial facilities. The document discusses various design loads that should be considered when designing pipe racks, including dead loads, live loads, thermal loads, earthquake loads, wind loads, and load combinations. It provides guidance from codes like the IBC and standards like ASCE 7, and also discusses recommendations from industry sources like the PIP for determining and applying the different types of loads to the structural design of pipe racks.
This document provides information about various braided compression packing and gasket materials. It describes the properties and applications of materials like compressed non-asbestos sheets, ASP brands, carbon and NBR materials, and a new nitrosamine-free GLD material. Maximum temperatures, pressures, densities and other specifications are provided for material selection.
This document is a project report on piping stress analysis submitted by three students - Adwait A. Joshi, Robin T. Cherian, and Girish R. Rao - to the University of Mumbai in partial fulfillment of their Bachelor of Mechanical Engineering degree requirements. It was completed under the guidance of their internal project guide Prof. Ms. R. R. Easow at Sardar Patel College of Engineering, with external guidance from Prof. A. S. Moharir of IIT Bombay's Piping Engineering Cell. The report introduces piping stress analysis, outlines the objectives and scope of analyzing stresses in piping systems, and describes how loads are classified and their effects on piping stresses
The document discusses the origins and development of standards and codes by the American Society of Mechanical Engineers (ASME) beginning in the late 19th century. It describes how early discussions around standardizing parts like bolts and pipes led to the establishment of formal standards committees at ASME. It also explains how ASME published its first widely-adopted standard, the Boiler and Pressure Vessel Code, in response to many boiler explosions resulting from a lack of uniform safety standards. The document outlines ASME's current standards development process and how manufacturers can become accredited to use product certification stamps indicating compliance with ASME codes and standards.
This document provides an overview of piping systems and components. It discusses that piping is used to convey liquids, gases, or materials through a tubular system. Key piping components include pipes, fittings, flanges, valves, and strainers. Common piping materials include carbon steel, alloy steels, and stainless steels. The document also discusses piping design considerations like material selection, insulation, supports, flexibility analysis, and piping and instrumentation diagrams (P&IDs). Piping stress analysis is conducted to ensure stresses from pressures, temperatures, and other loads do not exceed design limits.
The document discusses various types of non-functional testing including performance, reliability, maintainability, availability, recovery, usability, configuration, and security testing. It provides definitions and examples of how to test each type of non-functional requirement. Performance testing aims to evaluate how well a system performs under different loads, and involves measuring response times, throughput, and resource utilization. Non-functional requirements are as important as functional requirements in building quality software.
Testing software is conducted to ensure the system meets user needs and requirements. The primary objectives of testing are to verify that the right system was built according to specifications and that it was built correctly. Testing helps instill user confidence, ensures functionality and performance, and identifies any issues where the system does not meet specifications. Different types of testing include unit, integration, system, and user acceptance testing, which are done at various stages of the software development life cycle.
The document summarizes Ted Sherwood's presentation on fire protection design basics. It provides an overview of Ted's background and experience in fire protection engineering. It then outlines the goals and agenda items for the session, which include understanding the fire protection design process, applicable codes and standards, common fire protection systems, and how to determine required systems for a project. It also discusses evaluating water supplies, developing water demand calculations, required testing and records, and accessing free online codes.
Common Cause Analysis - Zonal Safety AnalysisTom Jacyszyn
This document provides a common cause analysis and zonal safety analysis for the main landing gear bay of an S18 aircraft. It describes the systems installed in the main landing gear bay, including hydraulic systems, braking components, landing gear components, and an auxiliary power unit bleed duct. Guidelines for equipment installation and separation of redundant systems are discussed. Failure modes are analyzed to determine their effects on other systems. The analysis provides evidence that failures assumed to be independent are truly independent and that hazards from the systems in this zone will not cause a catastrophic failure condition.
Aliaa delivered a session in the topic of “Test planning” using a new technique of delivering content through games and knowledge sharing instead of instructive technique. The session covered all test planning activities including defining test items, risk assessment techniques, testing strategies, planning for testing resources, testing scheduling, and test deliverables and the final test plan documents.
The session introduced to quality team at ITWorx (June , 2013)
Difference Between Piping and Pipeline -Piping vs pipelineVarun Patel
Learn about the difference between Piping and Pipeline. When it comes to transport the fluid, Piping and Pipeline are most frequent words use in Oil & Gas industries. Let us explore the similarity and differences between Piping and Pipeline. Piping and Pipeline both use to transport various liquid, gases and sometimes slurry and powder material.
The document discusses software testing concepts and processes. It covers definitions of testing, objectives of testing, types of defects and their costs. It also describes the typical software testing process which includes test planning, preparation, execution, reporting and defect tracking. Additionally, it discusses test strategies such as unit testing, integration testing, system testing and acceptance testing. The overall purpose is to provide an introduction and overview of basic software testing concepts.
Dynamic Object-Oriented Requirements System (DOORS)David Groff
This document provides an overview of requirements management (RM) and the IBM Rational DOORS tool. It discusses what RM is, who uses it, and what DOORS is and how it can be used. It describes the key components and architecture of DOORS, including modules, objects, attributes, and links. It also covers security roles, configurations, scripting with DXL, and integrations with other tools.
In order to plan for automated or manual regression test execution, it's always efficient in the long run to prepare your regression testing framework. This paper presents a simple framework which can be followed on systems with any level of complexity.
Fundamental of Pipe / Pipeline used in Process Piping.Varun Patel
Learn about every aspect of pipe that used in process piping in Oil & Gas Industries. This small pipe handbook cum guide includes Fundamental of pipe, types of pipe, manufacturing, dimension, testing, hydro testing, inspection, and marking.
MindScripts Technologies is the authorized Softwrae Testing Training institutes in Pune, providing a complete softwrae testing certification course with ISTQB certification. It provides a IBM Certified courses.
Piping Training course-How to be an Expert in Pipe & Fittings for Oil & Gas c...Varun Patel
Course Description
Piping a must know skill to work in Oil & Gas and similar Process Industries.
Oil and Gas industry is become a very competitive in the current time. Getting right mentor and right exposer within industry is difficult. With limited training budget spent by company on employee training, it is difficult to acquire the knowledge to success.
Knowing cross-functional skill give you an edge over others in your career success.
This course design based on years of field experience to ensure student will comprehend technical details easily and enjoy overall journey.
Learn in detail every aspect of Pipe & Pipe Fittings used in process industry
•Different types of Pipe, Pipe fittings (Elbow, Tee, reducers, Caps etc.), Flanges, Gaskets, Branch Connection, Bolting materials
•Materials (Metal-Carbon Steel, Stainless Steel, Alloy Steel etc. Non-Metal- PVC/VCM, HDPE, GRE-GRP etc.)
•Manufacturing methods
•Heat treatment requirements
•Inspection and Testing requirements (Non Destructive Testing, Mechanical & Chemical testing)
•Dimensions & Markings requirements
•Code & Standard used in piping
Content and Overview
With 2 hours of content including 30 lectures & 8 Quizzes, this course cover every aspect of Pipe, Pipe fittings, flanges, gaskets, branch connections and bolting material used in Process Piping.
This Course is divided in three parts.
1st part of the course covers fundamental of process industries. In this Part, you will learn about fundamental process piping. You will also learn about Code, Standard & Specification used in process industries.
2nd part cover various types of material used in process industries. In this part, you will learn about Metallic and Non-Metallic material used to manufacture pipe and other piping components.
3rd parts covers in detail about pipe and piping components used in Process piping. In this part we will learn about Industry terminology of Piping components, types of industrial material grade used in manufacturing and entire manufacturing process of these components. You will learn about different manufacturing methods, Heat treatment requirements, Destructive and Non-destructive testing, Visual & Dimensional inspection and Product marking requirements.
Upon completion, you will be able to use this knowledge direct on your Job and you can easily answer any interview question on pipe & fittings.
Buckling Restrained Braces (BRBs) were developed in Japan in the 1980s to allow cyclic lateral loads and earthquake-induced loads on buildings. BRBs consist of a steel core encased in a concrete or mortar casing with a debonding agent between them. This prevents buckling of the core while allowing movement. BRBs provide high stiffness and ductility, yielding in both tension and compression. They are commonly used in seismic retrofitting and as an alternative to Concentrically Braced Frames due to their economical and seismic performance. BRBs are tested at both the component and sub-assembly level to validate their behavior under cyclic loading.
Pipe racks are structures designed to support pipes, cables, and equipment in industrial facilities. The document discusses various design loads that should be considered when designing pipe racks, including dead loads, live loads, thermal loads, earthquake loads, wind loads, and load combinations. It provides guidance from codes like the IBC and standards like ASCE 7, and also discusses recommendations from industry sources like the PIP for determining and applying the different types of loads to the structural design of pipe racks.
This document provides information about various braided compression packing and gasket materials. It describes the properties and applications of materials like compressed non-asbestos sheets, ASP brands, carbon and NBR materials, and a new nitrosamine-free GLD material. Maximum temperatures, pressures, densities and other specifications are provided for material selection.
This document is a project report on piping stress analysis submitted by three students - Adwait A. Joshi, Robin T. Cherian, and Girish R. Rao - to the University of Mumbai in partial fulfillment of their Bachelor of Mechanical Engineering degree requirements. It was completed under the guidance of their internal project guide Prof. Ms. R. R. Easow at Sardar Patel College of Engineering, with external guidance from Prof. A. S. Moharir of IIT Bombay's Piping Engineering Cell. The report introduces piping stress analysis, outlines the objectives and scope of analyzing stresses in piping systems, and describes how loads are classified and their effects on piping stresses
The document discusses the origins and development of standards and codes by the American Society of Mechanical Engineers (ASME) beginning in the late 19th century. It describes how early discussions around standardizing parts like bolts and pipes led to the establishment of formal standards committees at ASME. It also explains how ASME published its first widely-adopted standard, the Boiler and Pressure Vessel Code, in response to many boiler explosions resulting from a lack of uniform safety standards. The document outlines ASME's current standards development process and how manufacturers can become accredited to use product certification stamps indicating compliance with ASME codes and standards.
This document provides an overview of piping systems and components. It discusses that piping is used to convey liquids, gases, or materials through a tubular system. Key piping components include pipes, fittings, flanges, valves, and strainers. Common piping materials include carbon steel, alloy steels, and stainless steels. The document also discusses piping design considerations like material selection, insulation, supports, flexibility analysis, and piping and instrumentation diagrams (P&IDs). Piping stress analysis is conducted to ensure stresses from pressures, temperatures, and other loads do not exceed design limits.
The document discusses various types of non-functional testing including performance, reliability, maintainability, availability, recovery, usability, configuration, and security testing. It provides definitions and examples of how to test each type of non-functional requirement. Performance testing aims to evaluate how well a system performs under different loads, and involves measuring response times, throughput, and resource utilization. Non-functional requirements are as important as functional requirements in building quality software.
Testing software is conducted to ensure the system meets user needs and requirements. The primary objectives of testing are to verify that the right system was built according to specifications and that it was built correctly. Testing helps instill user confidence, ensures functionality and performance, and identifies any issues where the system does not meet specifications. Different types of testing include unit, integration, system, and user acceptance testing, which are done at various stages of the software development life cycle.
The document summarizes Ted Sherwood's presentation on fire protection design basics. It provides an overview of Ted's background and experience in fire protection engineering. It then outlines the goals and agenda items for the session, which include understanding the fire protection design process, applicable codes and standards, common fire protection systems, and how to determine required systems for a project. It also discusses evaluating water supplies, developing water demand calculations, required testing and records, and accessing free online codes.
Common Cause Analysis - Zonal Safety AnalysisTom Jacyszyn
This document provides a common cause analysis and zonal safety analysis for the main landing gear bay of an S18 aircraft. It describes the systems installed in the main landing gear bay, including hydraulic systems, braking components, landing gear components, and an auxiliary power unit bleed duct. Guidelines for equipment installation and separation of redundant systems are discussed. Failure modes are analyzed to determine their effects on other systems. The analysis provides evidence that failures assumed to be independent are truly independent and that hazards from the systems in this zone will not cause a catastrophic failure condition.
Dependable Systems -Fault Tolerance Patterns (4/16)Peter Tröger
The document discusses various patterns for achieving fault tolerance in dependable systems. It covers architectural patterns like units of mitigation and error containment barriers. It also discusses detection patterns such as fault correlation, system monitoring, acknowledgments, voting, and audits. Finally, it discusses error recovery patterns like quarantine, concentrated recovery, and checkpointing to avoid data loss during recovery. The patterns provide reusable solutions for commonly occurring problems in building fault tolerant systems.
XSLT 3.0 introduces new features for streaming XML transformations, including higher-order functions, maps, try/catch, and streaming instructions like xsl:iterate and xsl:accumulator. Streaming allows processing large XML documents without building an in-memory tree, instead using a constant memory model by avoiding rewinds. The standard defines rules for determining if a stylesheet is guaranteed streamable through static analysis. Saxon 9.5 implements streaming XSLT 3.0, with performance around 1GB per minute on a laptop.
The document summarizes a tutorial on requirements engineering for dependable systems. It discusses the nature of dependability and requirements, how to develop requirements, important quality factors for requirements, and common pitfalls. Dependability refers to the trustworthiness of a system to deliver its services and must be defined in the system specification. There are different types of requirements, including behavioral, quality, programmatic, and implementation requirements. Behavioral requirements specify the externally visible functions of a system. Quality requirements relate to attributes like maintainability. Programmatic requirements address contractual aspects of development. Implementation requirements constrain the design space.
The document was extensive and inconsistent, limiting comprehension. Analyzing tracking systems identified critical sections on current operations, future plans, and schools reservations. Mistake proofing through review processes and standardized templates can improve the document's organization and reduce content by 20% while maintaining purpose. The goal is to disseminate the most current data to subordinate units weekly in a simplified format.
The document discusses applying Failure Mode and Effects Criticality Analysis (FMECA) to software engineering. It describes FMECA as a structured method to anticipate failures and their causes. The document outlines how FMECA was originally used in industries like aerospace and nuclear engineering but has expanded to other domains. It then discusses applying FMECA at different levels of a software project, from requirements to architecture to design to code. The document advocates an "enlightened approach" to using FMECA across all representations and abstractions of software.
Software FMEA and Software FTA – An Effective Tool for Embedded Software Qual...Mahindra Satyam
The document discusses software FMEA (Failure Mode and Effects Analysis) and FTA (Fault Tree Analysis) as effective tools for embedded software quality assurance. Software FTA involves identifying potential failures and their causes by logically connecting software components to undesired events. Software FMEA examines failures at the functional and variable levels. The analyses help identify weaknesses, critical variables, and protections needed. The results provide inputs for testing and help reduce risks for safety-critical systems.
The document provides an overview of design and process Failure Mode and Effects Analysis (FMEA). It discusses FMEA as a systematic approach to prioritize risks associated with specific causes of failure. The document outlines the key steps in conducting a design FMEA, including defining potential failure modes and their effects, identifying potential causes, assigning severity, occurrence, and detection ratings, and calculating a risk priority number. It also provides a hypothetical example of a design FMEA for an email response process.
Space Systems & Space Subsystems Fundamentals Technical Training Course SamplerJim Jenkins
This four-day course in space systems and space subsystems is for technical and management personnel who wish to gain an understanding of the important technical concepts in the development of space instrumentation, subsystems, and systems. The goal is to assist students to achieve their professional potential by endowing them with an understanding of the subsystems and supporting disciplines important to developing space instrumentation, space subsystems, and space systems. It designed for participants who expect to plan, design, build, integrate, test, launch, operate or manage subsystems, space systems, launch vehicles, spacecraft, payloads, or ground systems. The objective is to expose each participant to the fundamentals of each subsystem and their inter-relations, to not necessarily make each student a systems engineer, but to give aerospace engineers and managers a technically based space systems perspective. The fundamental concepts are introduced and illustrated by state-of-the-art examples. This course differs from the typical space systems course in that the technical aspects of each important subsystem are addressed.
Déjeuner Conférence - La maintenance à l'ère du prédictifagileDSS
Depuis plusieurs années déjà, la maintenance d’équipements a souvent été une source de problèmes pour bien des entreprises. D’un côté, si vous ne faites pas assez de maintenance, vous aurez une perte de productivité et d’un autre côté, si vous le faites trop fréquemment, vous aurez une explosion de coûts. Comment trouver un juste milieu permettant de maximiser la longévité des équipements tout en diminuant les coûts d’entretien? La réponse se trouve plus près que vous ne le croyez!
"Maximiser la production tout en diminuant les coûts de maintenance; comment les données d’aujourd’hui permettent de prédire la maintenance de demain?"
C’est pour bien comprendre l’impact de la maintenance prédictive que nous vous invitons à ce déjeuner-conférence le 20 mai prochain. En plus d’échanger avec vos pairs vous aurez l’occasion d’assister à la conférence de Thierry Desjardins sur les différentes applications de la maintenance prédictive et comment vous pourriez l’intégrer au sein de votre entreprise.
Des sujets et thèmes à ne pas manquer!
- Internet of Thing, iBeacon, GPS… Comment les technologies impacteront la maintenance de vos équipements?
- Comment savoir quels appareils ont besoin de maintenance, à quel moment et quel en est la cause?
- Comment évolueront les processus de maintenance? Est-ce que la maintenance just in time est accessible?
- Comment certaines entreprises ont réussi à opérationnaliser efficacement un modèle de maintenance prédictive?
Message exchange patterns (MEPs) define the order and direction of message exchanges between distributed systems. The basic MEPs are request/response, where a consumer sends a request and waits for a response, and one-way, where a message is sent without an expected response. More complex patterns include request/callback for asynchronous responses, publish/subscribe for one-way notifications, and approaches for handling errors. MEPs can vary between layers, and event-driven architectures use events as asynchronous messages to decouple systems into process chains.
Building highly available architectures with WAS and MQMatthew White
Abstract:
'This talk will look at architectures in which IBM MQ can be configured with the IBM WebSphere Application Server (and Liberty profiles) to give a highly-available scenario.
The basis be some of the scenarios that are documented in the developerWorks series "A flexible and scalable WebSphere MQ topology pattern". '
Aims:
Outline some of the technologies and features that can be used for High Availability
Consider some of the implications of technology choices
Provide references for further study
Find out what scenarios and concerns are of most interest
i.e. what should be developing next!
Cibles potentielles de sabotages humains ou de vers informatiques sophistiqués comme Stuxnet, les systèmes de supervision et de contrôle (SCADA) propres aux infrastructures critiques ou vitales sont concernés par toute doctrine de cyberguerre.
Cette présentation a pour but d’analyser le coût d’opportunité pour un assaillant entre les différents types d’attaques : modes opératoires, dégâts potentiels, traces laissées, ressources nécessaires. Elle propose aussi des méthodes générales de mitigation (facteur humain, prévention, politiques de sécurité, contrôle d’intégrité des codes, double-source, …)
Application Security Forum 2011
27.10.2011 - Yverdon-les-Bains (Suisse)
Conférencier: Franck Franchin
Here is an example operations list for a medical enteral pump system:
1. Power on pump
2. Navigate main menu
1. Set patient details
2. Set feeding program
1. Select feeding mode (continuous, intermittent)
2. Set feeding rate
3. Set feeding duration
3. Start/stop feeding
4. View feeding history
5. Adjust alarm settings
3. Acknowledge/silence alarms
4. Power off pump
This list was developed by walking through the menu structure and identifying the key operations a user could perform with the pump system. The numbering indicates sub-operations under main operations.
This document provides an overview of design failure mode and effects analysis (DFMEA). It begins with an introduction to DFMEA, including its purpose and importance in identifying potential failures early in the design process. It then covers key aspects of conducting a DFMEA such as identifying failure modes and their causes and effects. It also discusses how to analyze and prioritize potential failures using a risk priority number based on severity, occurrence, and detection ratings. The document provides examples of how these aspects are evaluated in a DFMEA. It concludes with emphasizing the role of DFMEA in guiding necessary design changes to improve reliability, safety and quality.
The document provides information on failure mode and effects analysis (FMEA). It discusses the three main steps of FMEA: severity, occurrence, and detection. The risk priority number is calculated by multiplying ratings from each step. This identifies failure modes requiring corrective action. FMEA is used across industries to improve quality, reliability, and safety by anticipating potential failures during the design process.
This document provides an overview of failure mode and effects analysis (FMEA). It defines FMEA as a technique used to identify, analyze, and prevent potential failures. The document outlines the history and evolution of FMEA, describes the different types of FMEA (design, process, etc.), and explains the basic steps to develop an FMEA, including defining the system, identifying failures and their causes/effects, calculating risk priorities, and selecting actions. The overall purpose of FMEA is to reduce risks and improve reliability.
Unit v11 proactive maintenance analysisCharlton Inao
Unit VII discusses proactive maintenance analyses including liaising with operators, analyzing maintenance history data, and undertaking failure mode and effects analysis (FMEA). FMEA is introduced as a systematic approach to identify potential failures, their causes and effects. It involves defining the system or process, determining possible failure modes and their causes and effects, estimating the likelihood of occurrence, potential for detection and severity level. This allows for computation of a risk priority number to determine which failures require more urgent corrective actions. Condition monitoring is also discussed as a key component of predictive maintenance to detect developing faults before failure occurs.
The document provides an overview and agenda for a training on Failure Mode and Effects Analysis (FMEA). It discusses the history and purpose of FMEAs, how they are used to systematically identify and prevent potential failures in products and processes, and the benefits of conducting FMEAs. The training will cover both Design FMEAs (DFMEA) and Process FMEAs (PFMEA) and include exercises for participants to work through.
On the nature of FMECA... An introductionMartGerrand
Here's a presentation on Failure Modes, Effects and Criticality Analysis (FMECA) I did a few years ago, so the references may be truly historical. It's for educational use only - not for resale - so just enjoy!
Software engineering quality assurance and testingBipul Roy Bpl
The presentation discusses software quality assurance and testing. It covers topics such as the importance of software quality, types of software quality (functional and non-functional), software testing principles and processes. The testing process involves test planning, analysis and design, implementation and execution, evaluating results, and closure activities. The presentation emphasizes that testing is a critical part of the software development process to improve quality and find defects.
This document provides an overview and agenda for a Failure Mode Effects Analysis (FMEA) training session. The agenda includes introductions, discussions of Design FMEA (DFMEA) and Process FMEA (PFMEA), exercises, and a closing survey. The document also provides background information on FMEA including its history, purpose, benefits, and typical format/elements such as functions, potential failures, effects, severity, causes, detection, and actions. FMEA is presented as a systematic method to proactively identify and prevent potential product and process failures before they occur.
The document outlines an agenda for an FMEA training workshop. It discusses Failure Mode and Effects Analysis (FMEA), including its history, purpose, and process. FMEA is a methodology used to ensure potential problems are addressed in product and process development. The agenda includes explaining FMEA, its use as a design tool, the development process, management's role, team member responsibilities, and examples. It provides details on FMEA scope, functions, failure modes, effects, occurrence, detection, and criticality analysis. The workshop aims to train participants on effectively developing and applying FMEAs.
This document provides an overview of dependability and dependable systems. It defines dependability as an umbrella term that includes reliability, availability, maintainability, and other attributes that allow systems to be trusted. Dependability addresses how systems can continue operating correctly even when faults occur. Key topics covered include fault tolerance techniques, error processing, failure modes, and modeling approaches for analyzing dependability. The goal of the course is to understand how to design systems that can be relied upon to deliver their services as specified, even in the presence of faults or unexpected events.
FMEA is a systematic method for evaluating potential failures in a design, manufacturing or assembly process. It involves analyzing possible failures, identifying their causes and effects, and prioritizing issues based on severity, occurrence, and detection. The process results in a risk priority number to determine which failures should be addressed first. FMEA is widely used in industries like automotive, aerospace, healthcare to prevent failures and improve quality and safety.
Introduction of FMEA; Definition, Activities, important terms, factors, RPN; Process of FMEA; Steps of FMEA
Types of FMEA; FMEA Application; FMEA Related Tools:
Root Cause Analysis, Pareto Chart, Cause Effect Diagram
This document provides an overview of Failure Mode and Effects Analysis (FMEA). It discusses that FMEA is a systematic group activity to recognize and evaluate potential failures, identify actions to address failures, and document findings. The document outlines the different types of FMEAs, including Design FMEA and Process FMEA. It also describes the typical steps to conduct a Process FMEA, including developing a process flow, identifying failure modes and their causes and effects, and estimating the risk priority number. The FMEA is presented as a team tool to prevent failures.
The 5 core tools are recognized as standard quality tools for the automotive ...arvindsinghrathore6
The 5 core tools are recognized as standard quality tools for the automotive industry by AIAG, although they are also used in other manufacturing sectors such as aerospace, defense, medical, and pharmaceutical.
This document discusses approaches for managing risk in innovation projects through reliability engineering. It describes three methods: theoretical using standards and simulations, pragmatic with accelerated testing, and analytical using probability of failure calculations. The theoretical approach involves scoping subsystems and identifying reliability metrics from norms. Calculations include MTBF and FIT rates. Simulations validate designs through FEA, software, and system modeling. Pragmatic testing uses highly accelerated life testing to discover weaknesses early in design phases. The goal is to improve reliability and reduce costs from late-stage changes.
1) The document discusses applying Failure Mode Effects and Criticality Analysis (FMECA) to analyze failures in distribution logistics and improve the efficiency of the distribution process.
2) FMECA is a methodology used to identify potential failure modes, analyze their effects and criticality, and prioritize remedial actions. It was originally developed for the military and aerospace industries.
3) The document provides background on FMECA, including its origins and standards, and outlines the basic steps to perform an FMECA, such as defining the system, analyzing its structure, identifying failure modes and effects, and taking corrective actions.
The document discusses testing without formal requirements. It notes that testers often complain about a lack of adequate requirements, but still rely on requirements to base their tests. Even without defined requirements, testers can ask questions about the system, anticipate common risks, involve users in acceptance testing, and perform random testing. The document provides suggestions for growing a "system function tree" to understand and describe a system without formal requirements in order to develop a test strategy, approach, and cases. It emphasizes that testing can still be done effectively even without traditional requirements.
Root Cause Analysis (RCA) is a structured process that identifies the underlying causes of undesirable events. It can be used for both single and multidisciplinary cases. The RCA process involves data collection, identifying the immediate causes and basic causes of failures, and determining where lack of control contributed. Common investigation techniques include STEP, FMEA, and fault tree analysis. Laboratory analysis of failed parts is also important for identifying causes like material defects, corrosion, or overloading. Identifying root causes allows corrective actions to be implemented to prevent future recurrence.
Root Cause Analysis (RCA) is a structured process that identifies the underlying causes of undesirable events. It can be used for both single and multidisciplinary cases. The RCA process involves data collection, identifying the immediate causes and basic causes of failures, and determining the lack of controls that allowed the failure to occur. Conducting detailed analysis of failed parts through methods like STEP, FMEA, and FTA allows investigators to identify issues like material defects, improper operation, or inadequate maintenance as the root causes of failures. Addressing these root causes helps improve equipment reliability and availability while reducing maintenance costs and downtime.
PFMEA, Risk Reduction and Effectiveness – Advance (AIAG FMEA #4 Edition)
Is your FMEA performing for you?
This is advance level of PFMEA, Have basic understanding fo Core IATF Tools before refering to this presentation.
Similar to Dependable Systems - System Dependability Evaluation (8/16) (20)
Dr. Peter Tröger discusses cloud standards and virtualization. He outlines three basic cloud service models and describes challenges with cloud dependability from the customer and provider perspectives. The document also reviews several standards organizations and specifications relevant to cloud computing, including OVF, OCCI, CDMI, and the Cloud Security Alliance. It emphasizes that while infrastructure standards are maturing, more work remains regarding platforms, software, data models, and billing standards.
Distributed Resource Management Application API (DRMAA) Version 2Peter Tröger
The document describes the Distributed Resource Management Application API (DRMAA) version 2. It provides an overview of DRMAA and its goals of providing a standardized API for distributed resource management systems. It discusses the key components involved in DRMAA including distributed resource management systems, DRMAA implementations/libraries, submission hosts, and execution hosts. It also summarizes the success of DRMAA version 1 and outlines the status and design approach of the new DRMAA version 2 specification.
Design of Software for Embedded SystemsPeter Tröger
This document provides an overview of the Design of Software for Embedded Systems (SWES) course. It discusses the course organization, project requirements, and introduces some basic concepts and terminology related to embedded systems and real-time software. Specifically, it describes the challenges in embedded system design, different types of hardware platforms, characteristics of embedded software, issues related to timeliness and real-time scheduling, and how real-time operating systems address these issues. The document aims to equip students with foundational knowledge on embedded systems and real-time systems engineering.
Human users should not be forced to edit XML documents. Sometimes, they may want to read it.
The presentation persists some arguments I stated about this topic again and again in the past. Discussions and opinions are more than welcome.
What activates a bug? A refinement of the Laprie terminology model.Peter Tröger
The document proposes refinements to the Laprie terminology model for describing software bugs. It introduces concepts of a fault model describing faulty code, a fault condition model describing enabling system states, and an error model describing states where faults are activated and may lead to failures. A failure automaton is presented with states for disabled, dormant, and active faults, as well as detected errors and outages. Events are defined for when fault conditions are fulfilled or no longer fulfilled, faulty code is executed, and failures occur. The refinement aims to separately consider investigated software layers and their environment in order to better describe what activates bugs.
Dependable Systems - Hardware Dependability with Redundancy (14/16)Peter Tröger
1) The document discusses hardware dependability through the use of redundancy. It provides examples of static redundancy like voting and N-modular redundancy as well as dynamic redundancy using techniques like back-up sparing and duplex systems.
2) IBM's zSeries mainframe computers are highlighted as an example of a highly redundant system, using techniques like machine check handling, error correction codes, unit deletion for degradation, and fully redundant I/O subsystems.
3) Redundancy comes at a cost but can effectively improve reliability through techniques that either mask faults or allow systems to reconfigure around faults. The level of redundancy must be weighed against associated costs and design complexity.
Dependable Systems -Dependability Means (3/16)Peter Tröger
This document provides an overview of dependability and dependable systems. It defines dependability as the trustworthiness of a system such that reliance can be placed on the service it delivers. The key aspects of dependability discussed include fault prevention, fault tolerance, fault removal, and fault forecasting. Fault tolerance techniques aim to provide service even in the presence of faults through methods like redundancy, error detection, error processing through recovery, and fault treatment. Dependable system design involves assessing risks, adding redundancy, and designing error detection and recovery capabilities.
This document provides a summary of the history of operating systems from the earliest mechanical computers in the 1800s to modern desktop and server operating systems. It discusses the first programmable computers like the Analytical Engine and Z3 and the development of stored program architectures. It then covers the evolution of batch processing systems and time-sharing to allow for interactive use. Key developments discussed include the IBM 1401, CTSS, Multics, Unix, and early versions of Windows. The document also provides an overview of basic hardware concepts like SMP, multi-core processors, and parallelism that operating systems must account for.
Operating Systems 1 (8/12) - ConcurrencyPeter Tröger
This document provides an introduction to concurrency and parallel programming concepts using POSIX threads. It defines key concurrency terms like race conditions, deadlocks, livelocks and starvation. It discusses how to protect critical sections and shared resources using semaphores and mutexes. Examples like the dining philosophers problem illustrate how deadlocks can occur. The document also outlines POSIX thread functions for thread management, synchronization with mutexes and condition variables, and reading/writing locks and barriers.
Operating Systems 1 (9/12) - Memory Management ConceptsPeter Tröger
The document discusses memory management concepts in operating systems including:
- Memory is a critical resource that must be managed by the operating system to allow multiple processes to efficiently share the physical memory.
- The operating system implements virtual memory which maps process logical addresses to physical addresses to isolate processes.
- A memory management unit (MMU) hardware performs this address translation transparently.
- Memory is organized in a hierarchy from fast expensive cache/RAM to slower cheaper disk storage.
- The operating system uses paging, swapping and memory partitioning to manage this hierarchy and allocate memory to processes.
The document discusses processes and threads in operating systems. It describes how processes contain multiple threads that can run concurrently on multicore systems. Each thread has its own execution state and context stored in a thread control block. When a thread is not actively running, its context is saved so it can resume execution later. The document provides examples of how threads are implemented in Windows and Linux operating systems.
The document provides a history of early computers and operating systems, beginning with Charles Babbage's analytical engine in the 1820s. It discusses the earliest digital computers in the 1940s-1950s and their use of serial processing. Batch processing was introduced with the IBM 1401 in 1959 to improve resource utilization. Multi-programming was developed in the 1960s to further increase CPU usage by running multiple jobs simultaneously. Time-sharing systems in the 1960s allowed for interactive use by multiple users through fast context switching. Modern operating systems evolved from these early batch processing and time-sharing systems.
Exploiting Artificial Intelligence for Empowering Researchers and Faculty, In...Dr. Vinod Kumar Kanvaria
Exploiting Artificial Intelligence for Empowering Researchers and Faculty,
International FDP on Fundamentals of Research in Social Sciences
at Integral University, Lucknow, 06.06.2024
By Dr. Vinod Kumar Kanvaria
How to Manage Your Lost Opportunities in Odoo 17 CRMCeline George
Odoo 17 CRM allows us to track why we lose sales opportunities with "Lost Reasons." This helps analyze our sales process and identify areas for improvement. Here's how to configure lost reasons in Odoo 17 CRM
This presentation was provided by Steph Pollock of The American Psychological Association’s Journals Program, and Damita Snow, of The American Society of Civil Engineers (ASCE), for the initial session of NISO's 2024 Training Series "DEIA in the Scholarly Landscape." Session One: 'Setting Expectations: a DEIA Primer,' was held June 6, 2024.
A workshop hosted by the South African Journal of Science aimed at postgraduate students and early career researchers with little or no experience in writing and publishing journal articles.
How to Build a Module in Odoo 17 Using the Scaffold MethodCeline George
Odoo provides an option for creating a module by using a single line command. By using this command the user can make a whole structure of a module. It is very easy for a beginner to make a module. There is no need to make each file manually. This slide will show how to create a module using the scaffold method.
বাংলাদেশের অর্থনৈতিক সমীক্ষা ২০২৪ [Bangladesh Economic Review 2024 Bangla.pdf] কম্পিউটার , ট্যাব ও স্মার্ট ফোন ভার্সন সহ সম্পূর্ণ বাংলা ই-বুক বা pdf বই " সুচিপত্র ...বুকমার্ক মেনু 🔖 ও হাইপার লিংক মেনু 📝👆 যুক্ত ..
আমাদের সবার জন্য খুব খুব গুরুত্বপূর্ণ একটি বই ..বিসিএস, ব্যাংক, ইউনিভার্সিটি ভর্তি ও যে কোন প্রতিযোগিতা মূলক পরীক্ষার জন্য এর খুব ইম্পরট্যান্ট একটি বিষয় ...তাছাড়া বাংলাদেশের সাম্প্রতিক যে কোন ডাটা বা তথ্য এই বইতে পাবেন ...
তাই একজন নাগরিক হিসাবে এই তথ্য গুলো আপনার জানা প্রয়োজন ...।
বিসিএস ও ব্যাংক এর লিখিত পরীক্ষা ...+এছাড়া মাধ্যমিক ও উচ্চমাধ্যমিকের স্টুডেন্টদের জন্য অনেক কাজে আসবে ...
हिंदी वर्णमाला पीपीटी, hindi alphabet PPT presentation, hindi varnamala PPT, Hindi Varnamala pdf, हिंदी स्वर, हिंदी व्यंजन, sikhiye hindi varnmala, dr. mulla adam ali, hindi language and literature, hindi alphabet with drawing, hindi alphabet pdf, hindi varnamala for childrens, hindi language, hindi varnamala practice for kids, https://www.drmullaadamali.com
Main Java[All of the Base Concepts}.docxadhitya5119
This is part 1 of my Java Learning Journey. This Contains Custom methods, classes, constructors, packages, multithreading , try- catch block, finally block and more.
ISO/IEC 27001, ISO/IEC 42001, and GDPR: Best Practices for Implementation and...PECB
Denis is a dynamic and results-driven Chief Information Officer (CIO) with a distinguished career spanning information systems analysis and technical project management. With a proven track record of spearheading the design and delivery of cutting-edge Information Management solutions, he has consistently elevated business operations, streamlined reporting functions, and maximized process efficiency.
Certified as an ISO/IEC 27001: Information Security Management Systems (ISMS) Lead Implementer, Data Protection Officer, and Cyber Risks Analyst, Denis brings a heightened focus on data security, privacy, and cyber resilience to every endeavor.
His expertise extends across a diverse spectrum of reporting, database, and web development applications, underpinned by an exceptional grasp of data storage and virtualization technologies. His proficiency in application testing, database administration, and data cleansing ensures seamless execution of complex projects.
What sets Denis apart is his comprehensive understanding of Business and Systems Analysis technologies, honed through involvement in all phases of the Software Development Lifecycle (SDLC). From meticulous requirements gathering to precise analysis, innovative design, rigorous development, thorough testing, and successful implementation, he has consistently delivered exceptional results.
Throughout his career, he has taken on multifaceted roles, from leading technical project management teams to owning solutions that drive operational excellence. His conscientious and proactive approach is unwavering, whether he is working independently or collaboratively within a team. His ability to connect with colleagues on a personal level underscores his commitment to fostering a harmonious and productive workplace environment.
Date: May 29, 2024
Tags: Information Security, ISO/IEC 27001, ISO/IEC 42001, Artificial Intelligence, GDPR
-------------------------------------------------------------------------------
Find out more about ISO training and certification services
Training: ISO/IEC 27001 Information Security Management System - EN | PECB
ISO/IEC 42001 Artificial Intelligence Management System - EN | PECB
General Data Protection Regulation (GDPR) - Training Courses - EN | PECB
Webinars: https://pecb.com/webinars
Article: https://pecb.com/article
-------------------------------------------------------------------------------
For more information about PECB:
Website: https://pecb.com/
LinkedIn: https://www.linkedin.com/company/pecb/
Facebook: https://www.facebook.com/PECBInternational/
Slideshare: http://www.slideshare.net/PECBCERTIFICATION
How to Fix the Import Error in the Odoo 17Celine George
An import error occurs when a program fails to import a module or library, disrupting its execution. In languages like Python, this issue arises when the specified module cannot be found or accessed, hindering the program's functionality. Resolving import errors is crucial for maintaining smooth software operation and uninterrupted development processes.
Dependable Systems - System Dependability Evaluation (8/16)
1. Dependable Systems
!
System Dependability Evaluation
Dr. Peter Tröger
!
http://www.fmeainfocentre.com/handbooks/FMEA_Nasa_spacecraft.pdf
Alison Cartlidge et al.. An Introductory Overview of ITIL® V3. ISBN 0-9551245-8-1
Dr. Ralf Kneuer, Capability Maturity Model Integration (CMMI).
Carl. S. Carlson. Effective FMEAs. Wiley 2012
2. Dependable Systems Course PT 2014
Qualitative Dependability Investigation
• Different approaches that focus on structural (qualitative) system evaluation
• Root cause analysis
• Broad research / industrial topic targeting error diagnosis
• Specialized topic in quality methodologies
• Development process investigation
• Procedures for ensuring industry quality in production
• Software development process
• Organizational investigation
• Non-technical influence factors on system reliability
2
3. Dependable Systems Course PT 2014
FMEA
• Failure Mode and Effects Analysis
• Engineering quality method for early concept phase - identify and tackle weak points
• Introduced in the late 1940s for military usage (MIL-P-1629)
• Later also used for aerospace program, automotive industry,
semiconductor processing, software development, healthcare, ...
• Main goal is to identify and prevent critical failures
• Performed by cross-functional team of subject matter experts
• Most important task in many reliability programs
• Six Sigma certification, reliability-centered maintenance (RCM) approach
• Automotive industry (ISO16949, SAE J1739)
• Medical devices
3
4. Dependable Systems Course PT 2014
FMEA Goals
• Examples:
• Identify and prevent safety hazards
• Minimize loss of product performance
• Improve test and verification plans
• Improve process control plans
• Consider changes to product design or manufacturing process
• Identify significant product or process characteristics
• Develop preventive maintenance plans for machinery and equipment
• Develop online diagnosis techniques
4
5. Dependable Systems Course PT 2014
FMEA Types
• SFMEA (S: System)
• Improving the overall system design for avoiding complete failures
• Analysis on highest possible level of abstraction
• Targeting system-related deficiencies, such as safety or subsystem integration
• Focus on functions and relationships that are unique to the system as a whole
• Consider human interactions and services provided
• DFMEA (D: Design)
• Focus on failure modes reasoned by design deficiencies in subsystems
• Focus on parts that can be prototyped before high volume production
5
6. Dependable Systems Course PT 2014
FMEA Types
• PFMEA (P: Process)
• Analyze manufacturing and assembling processes
• Influence design of machinery, selection of tooling and component parts
• Built to design safely, with minimal downtime, scrap, or rework
• Includes shipping, incoming parts, transportation of material, storage, conveyors,
tool maintenance and labeling
• Typically assumes that the product design is finished
• Do not mix up design failures and causes („incorrect material specified“) with
process failures and causes („incorrect material used“)
6
7. Dependable Systems Course PT 2014
FMEA Types
• Other, less popular variants
• Concept FMEA: Short version of FMEA to select from system design alternatives,
results in prioritized list of concerns
• Reliability-Centered Maintenance (RCM): Analytical process to identify
preventive maintenance requirements
• FMEA on manufacturing or operational equipment as central part
• Software FMEA: Determine if software is fault-tolerant with respect to hardware
failures, identify missing requirements
• Hazard Analysis: Identify safety-related risks in system lifetime
• Human Factors FMEA: Type of system FMEA to pays attention to the interaction
between users (humans) and equipment
• Service FMEA: Focus on installation or service of equipment during operation
7
8. Dependable Systems Course PT 2014
FMEA Types
• Other, less popular variants
• Business Process FMEA: Minimize inefficiencies by improving workflows,
organizational management, and decision making
• Similar to PFMEA, but business process steps replace manufacturing steps
• Failure Mode, Mechanisms, and Effects Analysis (FMMEA): Extends FMEA by
identifying high priority failure mechanisms
• Determine operational stresses and environmental parameters
• Failure Mode, Effects, and Diagnosis Analysis (FMEDA): FMEA extension to
derive more details about the effects of failure modes
• Generates failure rates for safety-related effect categories
• Used to develop online diagnosis techniques, needed for IEC61509 compliance
8
9. Dependable Systems Course PT 2014
FMEA
• Main assumption: System is vulnerable to certain failure modes
• Examples: Electrical short-circuiting, corrosion, deformation
• Identify relevant failure mode candidates based on past experience
• Effect analysis for (specific) failure modes - what happens to the functionality
visible to the end user ?
• Examples: Degraded performance, noise, injury
• Top-Down FMEA: Start with one function failure and find according failure modes
• Typical for certification procedure, were the undesired functional problems are
specified by the requirement documents
• Bottom-Up FMEA: Find all the effects caused by all failure modes
• Failures are prioritized according to their consequences, how frequently they occur,
and how easily they can be detected
9
10. Dependable Systems Course PT 2014
FMEA Worksheet
10
Item Function
Potential
Failure Mode
Potential
Effect(s) of
Failure
Severity
(S)
Potential
Cause of
Failure
Current
Prevention
Controls
Probability of
Occurrence
(O)
Current
Detection
Controls
Probability
of
Detection (D)
RPN =
S*O*D
Criticality
= S*O
Recommended
Action
1:N 1:N 1:N
1:N
1:N
1:N
1:N
11. Dependable Systems Course PT 2014
FMEA Worksheet
11
• Focus only on main concerns in the expert team
• Starting point is typically some system hierarchy of components / process steps
• Functions need to have a given standard of performance or requirement,
so that failure modes can be clearly identified
• Analyze severe failure modes by other techniques (e.g. FTA)
• Focus only the most serious effect (system/end user consequence) of a failure
• Severity indicator ranks the effect, typically based on company standards
Item Function
Potential
Failure Mode
Potential
Effect(s) of
Failure
Severity
(S)
Potential
Cause of
Failure
Current
Prevention
Controls
Probability of
Occurrence
(O)
Current
Detection
Controls
Probability
of
Detection (D)
RPN =
S*O*D
Criticality
= S*O
Recommended
Action
12. Dependable Systems Course PT 2014
FMEA Worksheet
12
• Cause is the specific reason for the failure („why?“, „due to“)
• If the cause occurs, the corresponding failure mode occurs
• In maintenance analysis, cause is a ,maintenance-actionable‘ item
• Failure mechanism != cause
• Occurrence expresses the likelihood of cause + failure mode
• Relative meaning rather than absolute value, must be ok to say „never happens“
Item Function
Potential
Failure Mode
Potential
Effect(s) of
Failure
Severity
(S)
Potential
Cause of
Failure
Current
Prevention
Controls
Probability of
Occurrence
(O)
Current
Detection
Controls
Probability
of
Detection (D)
RPN =
S*O*D
Criticality
= S*O
Recommended
Action
13. Dependable Systems Course PT 2014
FMEA Worksheet
13
• High severity must always be considered, regardless of occurrence ranking
• Prevention controls are intended (!) to reduce the likelihood of occurrence
• Should only consider things that are already planned or in place -
do not put ,want-to‘ items or functions here
• Detection controls describe how the failure mode or cause is detected
• Example: In DFMEA, testing is a detection control
• Controls do not influence the severity of a failure mode
Item Function
Potential
Failure Mode
Potential
Effect(s) of
Failure
Severity
(S)
Potential
Cause of
Failure
Current
Prevention
Controls
Probability of
Occurrence
(O)
Current
Detection
Controls
Probability
of
Detection (D)
RPN =
S*O*D
Criticality
= S*O
Recommended
Action
14. Dependable Systems Course PT 2014
Starter Questions [Carlson]
• For functions in a system / design FMEA:
• „What are the primary purposes of this item?“
• „What is the item supposed to do? What must the item not do?“
• „What is the standard of performance?“
• „What functions occur at the interfaces?“
• „What safety-related functions are important for this item?“
• For functions in a process FMEA:
• „What is the operation? What is the part or assembly? What is the tool?“
• „What is the primary purpose of the operation?“
• „What is the standard of performance?“
14
15. Dependable Systems Course PT 2014
Starter Questions [Carlson]
• For failure modes in a system / design FMEA:
• „How can the item fail to perform the intended function?“
• „How could the item perform an unintended function?“
• „What could go wrong at the interfaces?“
• „What has gone wrong in the past?“
• „How could the item be abused?“
• „What are the team member concerns with this item?“
• For failure modes in a process FMEA:
• „Why would a part be rejected at this operation?“
• „What could go wrong with this operation?“
15
16. Dependable Systems Course PT 2014
Starter Questions [Carlson]
• For effects in a system / design FMEA:
• „What is the consequence of the failure?“
• „What will the customer experience?“
• „Will the failure cause potential harm to the end users?“
• „Will the failure cause potential violation of regulations?“
• „What would a failure mean to adjacent parts and subsystems?“
• For effects in a process FMEA:
• „Will the failure cause potential harm to equipment or operators?“
• „What will be the consequences on downstream processing or plant level?“
• „Will the failure cause potential violation of regulations?“
16
17. Dependable Systems Course PT 2014
Starter Questions [Carlson]
• For causes in a system / design FMEA:
• „How can the failure occur? What is the mechanism of failure?“
• „What circumstances could cause the item to not perform the intended function?“
• „Are there possible system interactions, degradations, operating environments,
customer usages, or assembly issues that could cause the failure?“
• For causes in a process FMEA:
• „What could cause the operation to fail in this manner?“
17
18. Dependable Systems Course PT 2014
Starter Questions [Carlson]
• For recommended actions in a system / design FMEA:
• „What can be done to reduce severity by modifying the design?“
• „If the product fails, how can the user be protected from potential harm or injury?“
• „How can the current design be made more robust?“
• „What tests or evaluation techniques needs to be added or modified to improve
detection capability?“
• „If the recommended actions are implemented, will that be sufficient to address all
high severity and high RPN risk?“
• For recommended actions in a process FMEA:
• Similarly for process / assembly / manufacturing
18
19. Dependable Systems Course PT 2014
Example: System FMEA of ATM [asq.org]
19
Function
Potential
Failure Mode
Potential Effect(s) of
Failure
S
Potential
Cause of
Failure
O Current Controls D RPN CRIT
Dispense
amount of
cash
requested
by
customer
Does not
dispense cash
• Customer angry
• Incorrect entry to
demand deposit
system
• Discrepancy in cash
balancing
8
Out of cash 5 Internal low-cash alert 5 200 40
Machine jams 3 Internal jam alert 10 240 24
Power failure
during
transaction
2 None 10 160 16
Dispenses too
much cash
• Bank loses money
• Incorrect entry to
demand deposit
system
6
Bills stuck
together
2 Loading procedure 7 84 12
Denomination
s in wrong
trays
3 Two-person visual verification 4 72 18
Takes too long
to dispense
cash
• Customer annoyed 3
Heavy
network traffic
7 None 10 210 21
Power failure
during
transaction
2 None 10 60 6
RPN prioritizes differently
from criticality
20. Dependable Systems Course PT 2014
Example: Design FMEA for disk brake [Carlson]
20
Item
Potential
Failure
Mode
Potential Cause of Failure
Current Prevention
Controls
Current Detection
Controls
Recommended
Action
Disk
Brake
System
Vehicle
does not
stop
Mechanical linkage break
due to corrosion
Designed per
material standard
MS-845
Environmental
stress test 03-9963
Change material to
stainless steel
Master cylinder vacuum
lock
Carry-over design
with same duty
cycle requirements
Pressure variability
testing on system
level
None
Loss of hydraulic fluid
due to back off of
connector
Designed per
torque
requirements -
3993
Vibration step-stress
test 18-1950
Modify connector
from crimp style to
quick connect.
Loss of hydraulic fluid
due to hydraulic lines
crimped or compressed
Designed per
material standard
MS-1178
DOE tube resiliency
test
Modify design from
MS-1178 to
MS-2025 to
increase strength.
21. Dependable Systems Course PT 2014
Example: Severity Ranking in Automotive Industry
• Example of Design FMEA severity scale for automotive industry [Carlson]
21
Effect Severity of effect on product Rank
System fails to meet
safety / regulatory
requirements
Failure mode affects safe operation or rules, without warning 10
Failure mode affects safe operation or rules, with warning 9
Loss or degradation
of primary function
Loss of primary function 8
Degradation of primary function 7
Loss or degradation
of secondary function
Loss of secondary function 6
Degradation of secondary function 5
Annoyance
Appearance or audible noise, noticed by >75% of customers 4
Appearance or audible noise, noticed by 50% of customers 3
Appearance or audible noise, noticed by <25% of customers 2
No effect No discernible effect 1
22. Dependable Systems Course PT 2014
Example: NASA Spacecraft Severity Ranking
• Category 1, Catastrophic - Failure modes that could result in serious injury or loss of
life, or damage to the launch vehicle.
• Category 1R, Catastrophic - Failure modes of identical or equivalent redundant
hardware items that, if all failed, could result in Category 1 effects.
• Category 2, Critical - Failure modes that could result in loss of one or more mission
objectives as defined by the GSFC project office.
• Category 2R, Critical - Failure modes of identical or equivalent redundant hardware
items that could result in Category 2 effects if all failed.
• Category 3, Significant - Failure modes that could cause degradation to mission
objectives.
• Category 4, Minor - Failure modes that could result in insignificant or no loss to
mission objectives.
22
23. Dependable Systems Course PT 2014
Example: Occurrence Ranking in Automotive
• Example of Design FMEA occurrence scale for automotive industry [Carlson]
23
Mode Likelihood Associated Cause Rank
Very high New technology / design with no history >= 1 in 10 10
High
Failure is inevitable with new design 1 in 20 9
Failure is likely with new design 1 in 50 8
Failure is uncertain with new design 1 in 100 7
Moderate
Frequent failures expected due to knowledge from similar designs /
experiment
1 in 500 6
Occasional failures expected due to knowledge from similar designs /
experiment
1 in 2000 5
Isolated failures expected due to knowledge from similar designs /
experiment
1 in 10.000 4
Low
Only isolated failures expected due to knowledge from similar designs
/ experiment
1 in 100.000 3
No failures expected due to knowledge from similar designs /
experiment
1 in 1.000.000 2
Very low Failure is eliminated through preventive control Failure eliminated 1
24. Dependable Systems Course PT 2014
Example: Detection Ranking in Automotive
• Example of Design FMEA occurrence scale for automotive industry [Carlson]
24
Opportunity for Detection Detection by Design Control Rank
No No current design control 10
Not likely to detect Controls have weak capabilities 9
Prior to launch
Pass / fail testing after design freeze 8
Test to failure testing after design freeze 7
Degradation testing after design freeze 6
Prior to design freeze
Pass / fail testing before design freeze 5
Test to failure testing before design freeze 4
Degradation testing before design freeze 3
From design controls Strong control capabilities 2
No applicable Failure mode cannot occur since it is prevented 1
25. 1.Identify FMEA scope in cross-functional team (design, quality, testing, support, ...)
2.Identify functions in the investigation scope (verb + noun)
3.Per function, identify all ways a failure could happen - potential failure modes
4.Identify consequences / effects per failure mode - on the system itself, related
systems, product, service, customers or regulations
5.Perform severity rating (S) per effect - From insignificant to catastrophic, add only
highest ranked effects to the further analysis
6.Identify root causes per failure mode, rank by probability of occurrence (O)
7.List tests / procedures (process controls) that are in place to keep the causes away
8.Determine detection rating (D) per control - from certain detection to no detection,
based on level of process control installed
9.Risk priority number (RPN) = S x O x D, Criticality (CRIT) = S x O
Dependable Systems Course PT 2014
FMEA Steps [asq.org]
25
26. Dependable Systems Course PT 2014
Risk Priority Number
• Numerical ranking of the risk of each potential failure mode
• Heated debate in the community about the proper utilization of this value
• Important: Always cover severity, regardless of RPN!
• Low RPN can be used to identify cost reduction candidates
• High risk factor should always lead to multiple recommended actions
• Approval by management is a strategic advantage
• If ,review‘ is part of the actions, make sure that there is a follow-up on results
26
27. Dependable Systems Course PT 2014
Risk Priority Number - Limitations
• Subjectivity: Helps in prioritizing recommended actions, no risk comparison across
FMEAs useful
• Lack of detection information: Some companies only compute RPN=SxO
• Holes in the scale: Although RPN is an integer scale, it is not continuous or
proportional
• Duplicate RPN numbers: Failures with widely differing severity can be evaluated as
having the same importance
• RPN Thresholds: Management loves RPN thresholds,leads to ,numbers game‘
• Teams lower numbers to avoid excessive consequences
• Most important aspect for a successful FMEA is to have a honest team
27
28. Dependable Systems Course PT 2014
Example: NASA Spacecraft FMEA
Ground Rules for Failure Mode Analysis
• Only one failure mode exists at a time.
• All inputs (including software commands) to the item being analyzed are present and
at nominal values.
• All consumables are present in sufficient quantities.
• Nominal power is available.
• All mission phases are considered in the analysis; mission phases that prove
inapplicable may be omitted.
• Connector failure modes are limited to connector disconnect.
• Special emphasis will be directed towards identification of single failures that could
cause loss of two or more redundant paths.
28
29. Dependable Systems Course PT 2014
Example: NASA Spacecraft FMEA
Flow Diagram of Overall System Analysis
29
30. Dependable Systems Course PT 2014
Software FMEA
• FMEA on system functional level, detailed design (logic) level, or code level
• Typically supported by data flow diagrams
• Typical objectives
• Identify missing software requirements
• Analyze output variables
• Analyze system response in reaction to different environmental input
• Analyze interfaces in addition to functions
• Identify software response to hardware anomalies
• Since software is a logical construct, hazards must be identified first [Goddard]
30
31. Dependable Systems Course PT 2014
Software FMEA - Failure Definition [Raheja]
• Failure to perform a function reliably
• Failure to perform a function safely
• Failure to perform a function when (not) needed
• Performing functions that are not in the specification
• Failure to stop a task at the right time
• Loss of input or output
• Corrupted performance by an operating environment
• Failure from an incorrect request
• Incomplete execution
• Inability to execute critical interruptions
31
32. Dependable Systems Course PT 2014
Software FMEA - Cause Definition [Raheja]
• Useful to define cause types
• Physical hardware effects
• Coding or logic errors
• Input / output error
• Data handling
• Definition of variables
• Interface failures
• Failed hardware / power outage /
loose wires or cables
• Communication failure
• Omissions in the specification
• Insufficient or corrupted memory
• Operational environment
• Inaccurate input, such as from sensors
32
33. Dependable Systems Course PT 2014
Prioritize FMEA Projects
• Amount of FMEAs typically limited by budget -> Preliminary risk assessment
• Rank component risks and multiply them
• Example for new bicycle product [Carlson]
33
Subsystem
Risk from
System FMEA
Safety
Concerns
New
Technology
New
Applications
Field
Problems
Regulatory
Risks
Supplier
Concerns
Other Total
Frame 3 2 2 3 1 1 1 1 36
Front Wheel 3 1 1 1 1 1 1 1 3
Rear Wheel 2 1 1 1 1 1 1 1 2
Sprocket 1 1 1 1 1 1 2 1 2
Chain 1 2 1 1 1 1 2 1 4
Seat 2 2 1 1 1 1 1 1 4
Handlebar 1 1 1 1 1 1 1 1 1
Hand brake 3 2 1 1 3 1 2 1 36
Suspension 3 2 2 2 1 1 1 1 8
34. Dependable Systems Course PT 2014
Most Common FMEA Mistakes [Carlson]
• Some FMEAs do not recommend any action at all
• Some FMEAs recommend mostly testing, other ineffective actions
• Some FMEAs fail to address all high-risk failure modes
• Some FMEA teams do not include representatives from test or analysis department
• Some companies focus on part or subsystem failures and miss the interfaces
• Failure to link between FMEA and field information
• „Missing the forrest for the trees“ -
Too much detail makes it difficult to identify areas of higher risk
• Late FMEAs are less effective
• Team meeting attendance and right choice of people is crucial
• FMEA in itself as procedure must be evaluated, many ways for doing it wrong
34
35. Dependable Systems Course PT 2014
FMEA Success Factors [Carlson]
• Avoid ,lost in space‘ issues
• Clear definition of the scope of the FMEA project
• Get team consensus on boundaries
• Gather relevant information and documentation before the meeting
• Collect subject matter experts, typically group of 4-8 people
• One participants must act as FMEA facilitator - brainstorming guidance,
encouragement, discussion control, decision making, conflict and time management
• Past FMEA‘s and field data must be re-used to save time
• Goal is to improve the system design, not to understand it
• Take causes to the level of root cause (e.g. by FTA), not controls
• Avoid voting, prefer consensus
35
36. Dependable Systems Course PT 2014
Failure Mode Effects and Criticality Analysis (FMECA)
• Similar to FMEA, but relies on a different set of scales, including criticality
• Standards: MIL-STD 1629A and SAE ARP5580, originally developed by NASA
• Qualitative FMECA
• Rate the severity of potential effects
(catastrophic, critical, marginal, minor)
• Rate the likelihood of occurrence per mode
(frequent, reasonably probable, occasional,
remote, extremely unlikely)
• Compare the failure modes using
the criticality matrix
• Quantitative FMECA
• Series of calculations to rank items and failure modes
36
Severity Category
Failure
Mode B
Failure
Mode C
Failure
Mode A
OccurrenceLevel
37. Dependable Systems Course PT 2014
Qualitative FMECA Example [Carlson]
37
Items Functions
Failures
and
Causes
Local
Failure
Effects
Next
Higher
Level
Effects
End
Effects
Severity
Class
Failure
Detection
Method
Compen-
sation
Bicycle
Brake Pad
Primary
means of
friction
between
the brake
caliper
against the
wheel
Excessive
wear of
pad due to
wrong
material
No
controlled
friction to
the wheel
Wheel
does not
slow down
when
break lever
pulled
Bicycle
does not
stop,
causing
accident
Catas-
trophic
Brake
testing
procedure
#1234
Select new
material
with better
durability
Pad
material
cracks
(cured too
hot)
Erratic
friction
against
wheel
Wheel
motion
chugs
during
maneuver
Bicycle
operator
dissatisfied
Marginal
No
detection,
only by
owner
Revise
curing
procedure
38. Dependable Systems Course PT 2014
Quantitative FMECA
• Calculate expected failures for each item (from reliability data)
• Identify the mode ratio of unreliability for each potential failure mode
• Percentage of all item failures that will be due to the investigated failure mode
• Can be derived from reliability prediction data (see last course unit)
• Rate the probability of loss resulting from each failure mode
• Probability that the failure mode leads to a system failure
• Mode criticality [item, failure mode] =
Expected failures x mode ratio x probability of loss
• Item criticality [item] = Sum(mode criticalities)
• Output: Critical item list, single failure points list, failure mode list
38
39. Dependable Systems Course PT 2014
Quantitative FMECA Example [Carlson]
39
Items
Operating
Time (h)
Expected
Failures
Functions
Failures
and
Causes
Ratio of
Unreliability
Probability
of Loss
Mode
Criticality
Item
Criticality
Bicycle
Brake Pad
5475 0,548
Primary
means of
friction
between
the brake
caliper and
the wheel
Excessive
wear of
pad due to
wrong
material
0,85 0,75 0,349
0,361
Pad
material
cracks
(cured too
hot)
0,15 0,15 0,012
40. Dependable Systems Course PT 2014
Hazard & Operability Studies (HAZOPS)
• Process for identification of potential hazard & operability problems,
caused by deviations from the design intend
• Difference between deviation (failure) and its cause (fault)
• Conduct intended functionality in the safest and most effective manner
• Initially developed to investigate chemical production processes,
meanwhile for petroleum, food, and water industries
• Extended for complex (software) systems
• Qualitative technique
• Take full description of process and systematically question every part of it
• Assess possible deviations and their consequences
• Based on guide-words and multi-disciplinary meetings
40
41. Dependable Systems Course PT 2014
HAZOPS
• First identify system entities and their attributes (e.g. state diagrams)
• Use of keywords to focus the attention
• Primary keywords - Focus attention on a particular aspect of the
design intent / process condition / investigated parameter
• Examples for plants:
flow, pressure, react, corrode, temperature, level, mix, absorb, erode, ... isolate,
vent, inspect, start-up, shutdown, purge, maintain, ...
• Examples for Java Language Definition analysis:
Type default value, type value range, name scope, class modifier, class name,
field modifier, field type, method modifier, method name, formal parameter, ...
• Secondary keywords - When combined with a primary keyword,
suggest possible deviations of the system from the design intent
• Standardized list, not all combinations are appropriate
41
42. Dependable Systems Course PT 2014
Plant Example - Secondary Keywords
42
Word Meaning
No
The design intent does not occur (e.g. Flow/No),
or the operational aspect is not achievable (Isolate/No)
Less A quantitative decrease in the design intent occurs (e.g. Pressure/Less)
More A quantitative increase in the design intent occurs (e.g. Temperature/More)
Reverse The opposite of the design intent occurs (e.g. Flow/Reverse)
Also
The design intent is completely fulfilled, but in addition some other related activity
occurs (e.g. Flow/Also indicating contamination in a product stream)
Other
The activity occurs, but not in the way intended (e.g. Flow/Other could indicate a leak or
product flowing where it should not)
Fluctuation
The design intention is achieved only part of the time (e.g. an air-lock in a pipeline might
result in Flow/Fluctuation)
Early
Usually used when studying sequential operations, this would indicate that a step is
started at the wrong time or done out of sequence
Late
44. Dependable Systems Course PT 2014
HAZOPS for Java Language Specification
[Kim, Clark, McDermid] - Secondary Keywords
44
Word Meaning
No No part of the intention is achieved. No use of syntactic components
More A quantitative increase, the data value is too high (within or out of bounds)
Less A quantitative decrease, the data value is too low (within or out of bounds)
As Well As Specific design intent is achieved but with additional results
Part Of Only some of the intention is achieved, incomplete
Reverse
Reverse flow - flow of information in wrong direction, iteration count modified in wrong
direction, logical negation of condition
Other Than A result other than the original intention is achieved, complete but incorrect
Narrowing Scope or accessibility is narrower than intended.
Widening Scope or accessibility is enlarged
Equivalent The same design intent is achieved in a different way (without any side effect)
46. Dependable Systems Course PT 2014
HAZOPS Documentation
• Apply in a systematic way all relevant keyword combinations to the design
• Per combination, record
• Deviation (keyword combination)
• Cause (potential causes for the deviation)
• Consequence (from both the deviation and the cause)
• Should not take credit for protective systems or instruments in the design,
since not all operational conditions are clarified at this point
• Safeguards (which prevents the cause or safeguards the system against it)
• Can be hardware, software, or procedures
• Actions (which either remove the cause or mitigate the consequences)
46
47. Dependable Systems Course PT 2014
HAZOPS for Java Language Specification
[Kim, Clark, McDermid] - Deviants Example
47
48. Dependable Systems Course PT 2014
Root Cause Analysis
• What caused the fault ? - Starting point of dependability chain
• Peeling back the layers
• Must be performed systematically as an investigation
• Establish sequence of events / timeline
48
(C) Avizienis
49. Dependable Systems Course PT 2014
Root Cause Analysis
• Class of approaches and algorithms for identifying the root cause of a problem
• Iterative process of continuous improvement
• Can be performed in reactive or pro-active fashion
• Applied in different fields, competing definitions and understandings
• Accident analysis in safety-critical systems, e.g. aviation industry
• Quality control in industrial manufacturing
• Investigation of formally described business processes
• Hardware failure analysis
• Risk management for huge hardware / software projects
• Assumes broken process or alterable cause (e.g. no physical faults)
49
50. Dependable Systems Course PT 2014
RCA: 5 Whys
• Originally developed by Sakichi Toyoda for car manufacturing process
• Limit number of dive-in‘s to avoid tracing the chain of causality
• Example: The Washington Monument was disintegrating.
• Why? Use of harsh chemicals.
• Why? To clean pigeon poop.
• Why so many pigeons?
They eat spiders and there are a lot of spiders at monument.
• Why so many spiders? They eat gnats and lots of gnats at monument.
• Why so many gnats? They are attracted to the light at dusk.
• Solution: Turn on the lights at a later time.
50
51. Dependable Systems Course PT 2014
5 Whys
• Limited steps ensure that investigator moves through layers
• Has danger of stopping too early at symptoms
• Results are not reproducible
• Investigators cannot consider reasons behind their own information - need teams
• Recommendation to use observation instead of deduction
• Deduction does not allow proper ranking of answers
• Depends on completely honest answers and complete problem statement
• Only good for low risk problems
51
52. Dependable Systems Course PT 2014
RCA: Why-Because Analysis
• Mainly intended for accident analysis (train, bus, airplane, security, industry)
• Central notion of a causal factor
• Output is directed acyclic Why-Because graph (WBG)
• Showing causal connections between all events and states of behavior
• Nodes express causal factors, arcs express cause-effect relationship
• Different subgraphs can be tested, results are combinable
• Causal sufficiency test -
Will an effect always happen if all parent causes happen ?
• Counterfactual test (Dawid Lewis 1975, philosophical logician) -
If the cause would not have existed, could the effect still have happened ?
• If „no“ for two effects, then the cause is a necessary causal factor (NCF)
52
53. Dependable Systems Course PT 201453
Example [Peter B. Ladkin]
0
Indian Pacific
delayed at end of
block
7
Indian Pacific does
not use radio
comms
9
Phone comms
failure
10
Required
communications
procedures
16
Phone comms
time-consuming
1
Interurban train
collides with Indian
Pacific at end of
block
11
Interurban train
proceeds into block
12
Interurban train fails
to halt upon driver
sighting Indian
Pacific
2
Interurban train
driver proceeded at
up to 50 kph,
omitting to exercise
extreme caution
3
Interurban train
driver believed that
block clear
5
Rule 245 did not
guide operations as
intended
4
Signaller issues
permission to enter
block
6
Signal failure
8
Lack of train
indicator board
13
Signaller believes
block clear
15
Phone technology
unreliable
14
Signaller fails to
determine location
of previous train to
have passed
signal, the Indian
Pacific
17
Inappropriate phone
technology
54. Dependable Systems Course PT 2014
RCA: Ishikawa / Fishbone Diagram
• Invented by Japanese quality control statistician for failure prevention
• Identify (categorized) sources for variation
• Analysis tool for systematic cause-and-effect analysis
• List problem to be studied in the ,head of the fish‘
• Label main ,fish bones‘
• 4 M‘s: Methods (process), machines (technology),
materials (raw, consumables), manpower (physical and brain work)
• 4 P‘s: Place, procedure, people, policies
• 4 S‘s: Surroundings, suppliers, systems, skills
• Identify factors per category that may affecting the problem / issue
• Repeat with sub-factors
54
57. Dependable Systems Course PT 2014
Reliability Models for IT Infrastructures
• System reliability in a commercial environment is determined by many factors:
• Software and hardware reliability
• Training of maintenance personnel
• „Business processes“ how maintenance is handled
• The way the IT department is organized
• ...
• Impact of management organization on reliability is an emerging research field
• Standards for IT organization, based on best practices
• Describe which processes have to be established in an IT department
• Provide reference models for organization of IT department
57
58. Dependable Systems Course PT 2014
Standards
• ISO/IEC 20000: IT Service Management
• ISO/IEC 27001: Information Security Management
• Capability Maturity Model Integration (CMMI®)
• Control Objectives for Information and related Technology (COBIT®)
• Projects in Controlled Environments (PRINCE2®)
• Project Management Body of Knowledge (PMBOK®)
• Management of Risk (M_o_R®)
• eSourcing Capability Model for Service Providers (eSCM-SPTM)
• Telecom Operations Map (eTOM®)
• Six SigmaTM.
58
59. Dependable Systems Course PT 2014
Software Process Evaluation and Improvement
• Software reliability can be derived from level of trust into the development process
• Relevant for software supplier evaluation in public bidding
• Most famous approach is the Capability Maturity Model (CMM)
by CMU Software Engineering Institute (SEI), extended to CMMI
• Customer wants: Completion in time, budget, and functionality with high quality
• Management wants: High customer satisfaction and productivity, control
• Application areas for CMMI
• System engineering
• Software engineering
• Integrated product and process development
• Supplier sourcing
59
61. Dependable Systems Course PT 2014
Capability Maturity Model Integration -
Structural Overview
61
Maturity Level N
Process Area 1 Process Area 2 Process Area 3
Specific Goals
Specific Practices Commitment
to Perform
Ability to
Perform
Directing
Implementation
Verifying
Implementation
Generic Practices
Generic Goals
CMMI for Acquisition
CMMI for Development
CMMI for Services
success in
62. Dependable Systems Course PT 2014
Capability Maturity Model Integration
• Maturity level consists of the results in multiple process areas
• Version 1.3 contains 22 process areas
62
(C)Dr.RalfKneuper
Process Area
63. Dependable Systems Course PT 2014
Example: Specific Goals in Project Planning
(Project Management Area, Level 2)
63
(C)Dr.RalfKneuper
Specific Practice
SpecificGoal
64. Dependable Systems Course PT 2014
Example: Specific Goals in Requirements
Management (Engineering Area, Level 2)
64
(C)Dr.RalfKneuper
65. Dependable Systems Course PT 2014
Example: Specific Goals in Measurement and
Analysis (Support Area, Level 2)
65
(C)Dr.RalfKneuper
66. Dependable Systems Course PT 2014
Six Sigma
• Coined by Motorola engineer (1986), meanwhile Motorola trademark
• Started as simple statistical technique to reduce defects in manufacturing
• Intended to improve quality by improving manufacturing processes
• Meanwhile common quality improvement strategy (Sony, Honda, TI, Canon, ...)
• Measured process quality level and its standard deviation is set in relation to target
value and its range of tolerance
• Target value and mean should be close together
• Range of tolerance shouldn‘t be much smaller than the standard deviation
• Next tolerance threshold should be at least six standard deviations away from the
mean, so that the specified limit is never reached
• In practice, mean is typically shifted by 1.5 standard deviations from target value
• Translates to 99.99966% defect-free produced units
66
67. Dependable Systems Course PT 2014
Six Sigma
• Management framework for processes, techniques, and training
• Data-driven systematic evaluation approach
• Asks tougher and tougher questions until quantifiable answers are received
• Measure of process capability, related to defect rate and complexity of a product
• Defect: Any process output that does not meet customer expectation
• Advantage: Well defined targets by specification of statistical metrics
• Popular among manufacturing and service organizations
• Quality improvement does not automatically lead to financial benefit
• Mathematical models for choosing an optimal improvement strategy
• Might demand process tweaking or replacement
67
68. • Yield (Y): Measure of process capability
• Ratio of defect free units vs. units produced (,opportunities‘)
!
!
• Defects per Million Opportunities (DPMO)
• Typically estimated from a sample of units - defects per unit (DPO)
!
!
• Sigma Quality Level: Measure of quality for the output produced by an organization
• Level directly related to DPMO metric
Dependable Systems Course PT 2014
Six Sigma Metrics
68
Y =
Defect free units
Number of opportunities
⇥ 100%
DPMO = DPU ⇥ 106
=
Number of defects
Number of opportunities
⇥ 106
69. Dependable Systems Course PT 2014
Six Sigma Levels
• Level 6 allows less that four (3.4) defects per million opportunities (DPMO)
• Practice: Mean expected to move up to 1.5 standard deviations over time
• Experience that processes
get worser in the long term
• Assumption that initial
6-sigma process will
degrade to 4.5-sigma
• Designed to prevent under-
estimation of defect levels
• Does not reflect product
specifics (pace maker vs.
mass mail advertiser)
69
Level DPMO Defective Yield
1 691462 69 % 31 %
2 308538 31 % 69 %
3 66807 6,7 % 93,3 %
4 6210 0,62 % 99,38 %
5 233 0,023 % 99,977 %
6 3,4 0,00034 % 99,99966 %
7 0,019 0,0000019 % 99,9999981 %
70. Dependable Systems Course PT 2014
Six Sigma Project Selection
• Each process improvement opportunity is treated as project
• Criteria's for choice [Pande]
• Business benefits: Impact on customers, business strategy, finances; urgency
• Feasibility: Resources needed, expertise available, complexity, success probability
• Organization impact: Learning and cross-functional benefits
• Also: Top management commitment
• Project selection itself should follow a strategy
• Once project is chosen, walk through methodology for improvement
70
71. Dependable Systems Course PT 2014
Six Sigma Project Selection
• Analytic hierarchy process (AHP) project selection strategy [Kumar]
• Assign weights to projects according to criterias:
• Duration for completion
• Costs of project
• Probability of success
• Strategic fit of the project
• Increase in customer satisfaction
• Increase in Six Sigma quality level
• Reduction of cost of poor quality (CoPQ)
• Manpower requirement (green belts and black belts)
71
AHP Explained [Wikipedia]
72. Dependable Systems Course PT 2014
DMAIC Methodology
• Aimed at improving existing process by using Six Sigma (,project‘)
• 5 stages in a cycle
• Define: Identify the problem in terms of deficiencies in the
critical to quality (CTQ) parameter
• Measure: Define and use metrics to rank process capability, get gap to target
• Analyze: Determine cause-effect relationship between process performance gaps
(measured in CTQ) and process inputs
• Examples: 5 Whys, data mining, experiment design, FMEA, ...
• Improve: Implement solution for identified problem from ,define‘ stage
• Control: Sustain the improvement
• Strength in tool box due to mathematical foundation
72
74. Dependable Systems Course PT 2014
Six Sigma Roles
• Executive leadership: Empowers the other role holders with freedom and resources
• Responsible to drive new ideas for improvement
• Champions: Drawn from upper management, responsible for Six Sigma deployment
• Act as mentors for black belts
• Master black belts: Full-time in-house experts
• Coach and trainer for the cross-department implementation of Six Sigma
• Black belts: Apply Six Sigma methodology full-time to specific projects
• Rule of thumb: One black belt per 100 employees (1% rule)
• Green belts: Common employees helping the black belts along with their normal job
• Rising number of participating employees is expected to increase profitability
74
75. Dependable Systems Course PT 2014
Six Sigma Trends
• Design for Six Sigma (DFSS / DMADV) approach
• Optimize both customer needs and organizational objectives in engineering work
• Aims at early design phase, not at improving existing process
• 5 stages in a cycle
• Define: Develop new product development (NPD) strategy
• Measure: Understand customer requirements
• Analyze: Develop conceptual design after analyzing design options
• Design: Develop product or process design
• Verify: Develop prototype, evaluate effectivness of the design
• Design process or service „with the end in mind“
75
76. Dependable Systems Course PT 2014
ITIL
• Information Technology Infrastructure Library (ITIL), latest version v3
• Started as set of recommendations by the UK Government
• Concepts and guides for IT service management
• Supports to deliver business-oriented
quality IT services
• Core publications: Service Strategy,
Service Design, Service Transition,
Service Operation,
Continual Service Improvement
• Broad tool support from vendors
• High costs for certification and training
• Methodology sometimes over-respected at
the expense of pragmatism
76
77. Dependable Systems Course PT 2014
ITIL
• Replaces technology-oriented view on IT service management with an
„end-to-end“ approach
• Get rid of „technology silos“ and „islands of excellence“
• Management system, expected to be ...
• ... more focused on business needs and related to business processes
• ... less dependent on specific technology due to service thinking
• ... more integrated with other management approaches and tools
• ITIL cycle is typically initiated by a change demand in business requirements
77
78. Dependable Systems Course PT 2014
ITIL v3 - Service
• „A service is a means of delivering value to customers by facilitating outcomes customers
want to achieve without the ownership of specific costs and risks.“
• Supports the customer / user in achieving his defined goals
• Service value for the customer = utility (what) and warranty (how)
• Service level, the service quantity and quality demands, should be measurable
• Current and future demands on service level are specified in a service-level agreement
• Service assets (resources, capabilities to control them) support business assets
• Service providers:
• Type 1 (internally for one business unit)
• Type 2 (for multiple business units in the same organization)
• Type 3 (serving multiple external customers)
78
79. Dependable Systems Course PT 2014
ITIL v3 - Service Lifecycle
79
Service
Level
Package
Service
Design
Package
80. Dependable Systems Course PT 2014
ITIL v3 - Service Strategy
• Service strategy has to rely on acknowledgment that customer buys satisfaction of
needs, not a physical product
• What customers ? What needs ? When and why do they occur ? Current and
potential market places ? Competitors ? How to achieve differentiation ?
• The four Ps of strategy
• Perspective: Distinct vision and direction (e.g. what services to provide)
• Position: The basis on which the provider will compete (e.g. market check)
• Plan: How the provider will achieve the vision
• Pattern: Distinct fundamental patterns in decisions and actions of time
80
81. Dependable Systems Course PT 2014
ITIL v3 - Service Strategy
• Service Provisioning Models
• Selected by customers, used by providers
• Managed Service: Business unit requiring a service fully funds the service
provision for itself
• Shared Service: Provisioning of multiple services through shared resources and
infrastructure, targeting one ore more business units
• Utility: Provisioning based on customer requirements
(how much, how often, what time)
• Organization Design and Development
• Development stages of the organization itself, interfaces to services, service
analytics, strategies for service sources (internal, shared, outsourcing, ...)
81
82. Dependable Systems Course PT 2014
ITIL v3 - Service Strategy
• Service strategy process also contains side activities
• Financial management for quantification of the money value of services -
budgeting, accounting, charging
• Service portfolio management (SPM) as continuous process for controlling
investment across the service lifecycle
• Planned services, live services, retired services
• Define, Analyze, Approve, Charter the portfolio
• Demand management
• Example: Excess capacity generates costs without generating value
• Based on utility and warranty terms for service value
82
83. Dependable Systems Course PT 2014
ITIL v3 - Service Strategy
• Roles and responsibilities
• Business Relationship Manager (BRM) - Close contact to customer
• Product Manager (PM) - Development and management of service lifecycle
• Chief Sourcing Officer (CS) - Leading sourcing strategy development
83
84. Dependable Systems Course PT 2014
ITIL v3 - Service Design
• Design IT services to meet current and future agreed business outcomes
• Service design has to consider ...
• Agreed business outcomes
• Support for service lifecycle, risk management, security, resiliency
• Definition of measurement methods and metrics, skill development
• The four Ps of design
• People: Peoples, skill and competencies involved in the provisioning
• Products: Technology and management systems used in service delivery
• Processes: Processes, roles and activities involved in service provisioning
• Partners: Vendors, manufacturers, and suppliers used to assist the provisioning
84
85. Dependable Systems Course PT 2014
ITIL v3 - Service Design
• Service Design Package (SDP): Defines all aspects and requirements of the service
• Produced for each new IT service, major change, or IT service retirement
• Service Catalogue Management (SCM): Maintaining the central source of service
information for business areas, describing available IT services
• Service Level Management (SLM): Negotiates, agrees and documents IT service
targets with the business (e.g. SLA)
• Capacity Management: Management of capacity and performance-related issues
for services and resources, to match IT to business demands
• Capacity Management Information System (CMIS)
• Availability Management: Reactive activities (monitoring, measuring, analysis, event
management, incident management) vs. proactive activities (planning, design,
recommendations)
• Availability Management Information System (AMIS)
85
86. Dependable Systems Course PT 2014
ITIL v3 - Service Design
• IT Service Continuity Management (ITSCM)
• Maintain appropriate risk reduction measures and recovery options
• Information Security Management (ISM)
• Considered within the corporate governance framework
• Align IT security with business security, ensure information security
• Information availability - should be usable when required
• Information confidentiality - observed or disclosed to only those who have a
right to know
• Information integrity - Completeness, accuracy, no unauthorized modification
• Information authenticity and non-repudiation - Business transactions and
information exchange can be trusted
86
87. Dependable Systems Course PT 2014
ITIL v3 - Service Design
• Supplier Management
• Obtain value for money from suppliers, while meeting the business targets
• Supplier and Contract Database (SCD)
• Roles and responsibilities
• Service Design Manager - Coordination and deployment of quality solution
designs for services and processes
• IT Designer / Architect - Coordination and design of required technologies,
architectures, strategies, designs, plans
• Service Catalogue Manager, Service Level Manager, Availability Manager, IT
Service Continuity Manager, Capacity Manager, Security Manager, Supplier
Manager ...
87
88. Dependable Systems Course PT 2014
ITIL v3 - Service Transition
• Deliver services into operational use
• Receive SDP‘s from design stage,
deliver into operational stage every
element required for ongoing operation and support
• Needs to ensure that service can
operate in foreseeable extreme or
abnormal circumstances
• Change management
• Can apply to different scopes of change and release management
• Ensures that service changes are recorded, evaluated, authorized, prioritized,
planned, tested, implemented, documented, reviewed
• Optimize business risk of changes
88
89. Dependable Systems Course PT 2014
ITIL v3 - Service Transition
• Service Asset and Configuration Management (SACM)
• Identify, control and account for service assets and configuration items (CI)
• Support by Configuration Management System (CMS)
• Knowledge Management
• Data-Information-Knowledge-Wisdom structure
• Make information available to the right person at the right point in time
• Transition Planning and Support
• Identify, manage, and control risks of failure across transition activities
• Improves ability to handle high volume of change and releases
89
90. Dependable Systems Course PT 2014
ITIL v3 - Service Transition
• Release and Deployment Management
• Covers whole assembly and implementation of new/changed services for
operational use
• From release planning to early life support
• Deliver changes at optimized speed, risk and cost
• Service Validation and Testing, Evaluation
• Provide objective evidence that the new / changes service supports the business
requirements, including agreed SLAs
• Roles and responsibilities
• Not anticipated as separate group of people, ,flow of experience and skills‘
90
91. Dependable Systems Course PT 2014
ITIL v3 - Service Operation
• Deliver agreed levels of service to customers, manage applications and infrastructure
that support the service delivery
• Only in this stage, services actually deliver business value
• Balancing of conflicting goals
• Internal IT view vs. external business view
• Stability vs. responsiveness
• Quality of service vs. cost of service
• Reactive vs. proactive activities
• Operational health of services summarizes relevant indicators relevant for execution
of vital business functions
91
92. Dependable Systems Course PT 2014
ITIL v3 - Service Operation
• Event Management Process
• Handle change of state that has significance for the management of a
configuration item or IT service
• May indicate correct or incorrect functioning
(tape change vs. hardware outage incident)
• Depends on monitoring, but always generates / consumes notifications
• Response to an event can be automated or may require manual intervention
• Incident Management Process
• Handle unplanned service interruption, quality reduction, or configuration item
error state not impacting the service
• Restore normal service as quickly as possible
• Functional vs. hierarchical escalation
92
93. Dependable Systems Course PT 2014
ITIL v3 - Service Operation
• Request Fulfillment Process
• Source and deliver services
• Provide information about services and procedures for obtaining them
• Access Management Process
• Manage confidentiality, availability and integrity of data and intellectual property
• Manage service access rights and user identity
• Problem Management Process
• Problem is a cause of one or more incidents
• Responsible for investigation of incidents for identification of the problem
• Understand causes, document workarounds and request changes to permanently
resolve the problems
93
94. Dependable Systems Course PT 2014
ITIL v3 - Service Operation
• Service Desk Function
• Single central point of contact for all users of the IT
• Logs and manages all incidents, service requests and access requests
• First-line investigation and diagnosis, keeping users informed
• Different organization approaches:
• Local service desk (close to the user)
• Centralized service desk (higher volume with fewer stuff)
• Virtual service desk (staff in many locations, appear as one team)
• Follow the sun (24h coverage, automated call passing)
94
95. Dependable Systems Course PT 2014
ITIL v3 - Service Operation
• Technical Management Function
• People providing technical expertise and management of IT infrastructure
• Mainly assistance function
• Application Management Function
• Focus on software rather than infrastructure
• Applications treated as one component of service
• IT Operations Management Function
• Operations control - routine tasks, centralized monitoring from cockpit
• Facilities management - data centers, computer rooms, recovery sites
95
96. Dependable Systems Course PT 2014
ITIL v3 - Continual Service Improvement
• Continual Service Improvement (CSI) maintains value for customers
• Should be embedded in organization, instead of ad-hoc approaches after failure
• CSI model - Contrast current position with long-term goals and objectives
96
97. Dependable Systems Course PT 2014
ITIL v3 - Continual Service Improvement
• 7-Step Improvement Process
97
98. Dependable Systems Course PT 2014
ITIL v3 - Continual Service Improvement
• Service Measurement
• Metric types:
• Technology metrics - components, applications; performance, availability
• Process metrics - critical success factors (CSFs),
key performance indicators (KPIs)
• Service metrics - results of service, computed from technology metrics
• Validate earlier decisions, help in deciding for corrective actions
• Service Reporting
• Summarize historical development of data collected
• Dedicated CSI manager role recommended, all other activities as part of the other
lifecycle stages
98
101. Dependable Systems Course PT 2014
CoBiT
• Control Objectives for Information and related Technology (COBIT)
• International model for defining control and audit goals for IT, started in 1996
• Maintained by Information Systems Audit and Control Association (ISACA)
• Association of auditors, reaction on business impact of IT
• Collection of best practices for auditing in IT, no standardization on its own
• Considers:
• Technical standards (EDIFACT, ISO, ...)
• Codes of conduct for business (EU, OECD, ...)
• Qualification criteria for IT systems and processes (ISO 9000, common criteria, ...)
• Professional standards from the domain
• Documented industry practices
101
102. Dependable Systems Course PT 2014
CoBiT
• Describes how to rate the maturity level of IT processes
• Considers IT quality (efficiency, robustness), IT security (integrity, trustability),
and IT fiduciary (compliance to financial and lawful rules)
• Processes are defined to rely on IT resources, structured into:
• Data - structured and non-structures information elements
• Application systems - collection of manual and programmed processes
• Technologies - Hardware, operating systems, databases, networks, ...
• Facilities - Resources for housing and operation of IT systems
• People - Human part in IT system operation
• All these factors must be planned, developed, implemented, operated and
monitored in a coordinated fashion - meta framework for compliance checks
102
103. Dependable Systems Course PT 2014
CoBiT
• Metrics: Key Goal Indicators (KGI), Critical Success Factors (CSF),
Key Performance Indicators (KPI)
• KGI ranks resulting output, KPI ranks performance of producing these outputs
• Example: Change Management Process
• KGI‘s: Number of successful changes, reduction of service interruptions due to
changes (goals of the process itself)
• CSF‘s: Useful software and hardware inventory (rating of applied improvements)
• KPI‘s: Number of changes leading to failures, number of delayed changes
(rating of applied improvements)
• Using COBIT in an organization
• Auditing of IT processes according to COBIT
• Using COBIT as internal evaluation tool
103
104. Dependable Systems Course PT 2014
CoBiT
• ITIL covers one part of COBIT scope
(IT service management processes)
• Maturity of IT processes can be
ranked with COBIT
• Becomes relevant for BASEL II or
Sarbanes-Oxley rating of
organizations
• Top-down approach in CoBiT analysis
• Derive IT architecture (resources)
from IT goals (processes) from
business goals (requirements)
104