Search Results

We investigate and analyze the concept of “missed detection” and its application to the design of architectures that integrate multiple safety/mission critical functions. The analysis is based on considering different design alternatives with varying levels of missed fault detection of the components constituting the functions or subsystems. The overall system reliability and availability in a fault tolerant architecture relies as heavily on the ability to detect a fault as it does on being able to prevent a fault as one would attempt by having multiple levels of redundancy and/or improved reliability of the components in such an architecture. In short, the safety of a particular architecture depends not only on component reliability, and fault tolerance, expressed as redundancy, but also on fault detectability.

We investigate and analyze the concept of “shared redundancy” and its application to the design of architectures that integrate multiple safety/mission critical functions or subsystems. The analysis is based on considering different design alternatives with varying levels of physical redundancy of the components constituting the functions or subsystems. Under a set of assumptions, we show that the overall system reliability and availability in a shared redundancy based architecture can be improved without increasing the levels of physical redundancy for the components employed at the subsystem level. However, such an improvement will be limited by the component(s) with the minimal level of redundancy.

By-wire systems have the potential of augmenting the normal capabilities of human drivers as well as serving as enablers for emerging safety technologies. To achieve these features, these systems must be carefully designed, analyzed, and verified for safety because they are new, complex, and potentially exhibit new and different failure modes and effects. Duplication may be required to ensure that safety margins are met in the presence of faults. Full duplication of every system may not lead to a cost effective implementation, especially if multiple independent by-wire systems are placed on a single vehicle. Other architectural approaches for the integration of by-wire systems need to be considered and analyzed. These architectures should meet if not exceed the safety requirements while providing a more cost effective implementation than a fully duplicated architecture.

Architecture exploration could benefit from some early results of a safety analysis process. Typically, classical system safety analysis techniques such as Fault tree analysis (FTA) are performed after the design is completed. We propose an approach for an early safety assessment to improve the design and also shorten the design cycle time. A quick assessment to determine the safety figure of merit of the intended architecture expressed as a parametric expression can be used to determine the overall acceptability of the architecture. The result from a quick assessment of the system safety could be used as a means to explore system trade-offs in reliability and redundancy at the highest design levels.