Email: Password: Remember Me | Create Account (Free)

Back to Subject List

Old thread has been locked -- no new posts accepted in this thread
???
05/28/08 14:48
Read: times


 		 #155225 - Backup controllers
Responding to: ???'s previous message
If you have a backup controller, how do you know that it's still working when you need it? It could have failed ages ago, but without giving any signs. It could suffer from the same design flaw as the primary controller, so it could stop at the same time!

Designing a fault tolerant system is much harder than designing a reliable system. For critical systems, a common solution is to use three controllers, all running at the same time. A majority voting system chooses the correct output and ignores a faulty output. To eliminate coding errors, each controller should be coded up by a separate software team.

Is your system that critical?

List of 32 messages in thread
TopicAuthorDate
stanby controller for emergency            01/01/70 00:00      
   ALE pulse            01/01/70 00:00      
   What are the expected problems?            01/01/70 00:00      
   The problem here is...            01/01/70 00:00      
      What about processing speed            01/01/70 00:00      
         processing speed should not be an issue            01/01/70 00:00      
   How do you know if it has failed?            01/01/70 00:00      
      my querry            01/01/70 00:00      
         Use a watchdog            01/01/70 00:00      
            I think watchdog not suitable            01/01/70 00:00      
               watchdog            01/01/70 00:00      
                  if it is critical system            01/01/70 00:00      
               Backup controllers            01/01/70 00:00      
         does that going to help            01/01/70 00:00      
            Where are erik and Andy            01/01/70 00:00      
               Irrespective....            01/01/70 00:00      
                  What you say is correct            01/01/70 00:00      
                     engineering procedure            01/01/70 00:00      
               Where are erik and Andy - asleep            01/01/70 00:00      
   much simpler            01/01/70 00:00      
   always operating or failsafe            01/01/70 00:00      
   Have you considered this ...            01/01/70 00:00      
      there is always a gotcha            01/01/70 00:00      
         Yes, but it always depends ...            01/01/70 00:00      
            hardware description is needed            01/01/70 00:00      
               Is this feasible            01/01/70 00:00      
                  No,            01/01/70 00:00      
                  You have reinvented a watchdog            01/01/70 00:00      
                     this is running in circles because ....            01/01/70 00:00      
                        Nothing's perfect            01/01/70 00:00      
                           not if you are only concerned with hardware failur            01/01/70 00:00      
                              it's all about testing            01/01/70 00:00      

Back to Subject List