Achieving 10-9 Dependability with Drive-by-Wire Systems 2003-01-1290
The automotive industry is moving ahead to introduce drive-by-wire (DBW) electronic systems to replace mechanical controls and linkages that have changed little since cars were first introduced. Electronic drive-by-wire systems offer enormous potential to improve vehicle performance and safety, but matching the dependability of simple mechanical components with electronics will be a challenge. Highly dependable electronic controls require a fault-tolerant approach with both a primary and a backup system as a minimum. Aircraft fly-by-wire systems go beyond this, using triple and quadruple redundant electronics to tolerate more than one failure during the same flight. Automobile drive-by-wire must also provide some capability to allow the car to be driven safely to a repair facility after a failure occurs.
This paper examines some possible drive-by-wire systems architectures, presents a mathematical analysis of the predicted dependability (expressed as the probability the system will fail in a given time period) of these alternatives and investigates the impact of how the vehicle is operated and maintained on its dependability. Architectural alternatives considered include both dual and triple redundant systems. The mathematical analysis builds on techniques developed to analyze aircraft systems using Markov reliability modeling. The uncertainty associated with such predictions will be discussed along with comparisons to acceptable risk levels for other established technologies.