SlideShare a Scribd company logo

5 Techniques to Achieve Functional Safety for Embedded Systems

A
Angela Hauber

Failures of safety-critical electronic systems can result in loss of life, substantial financial damage or severe harm to the environment. Safe computer systems are typically used in avionics or railway applications requiring particularly high reliability. This also goes for the medical market, while industrial automation environments demand more and more functional safety as technology becomes readily available.

Technology
1 of 10
Download to read offline
Textmasterformat bearbeiten ▪ Second Level ▪ Third Level ▪ Fourth Level Fifth Level August 24, 2017 5 Techniques to Achieve Functional Safety for Embedded Systems
2 The Need for Safe Computing Failures of safety-critical electronic systems can result in loss of life, substantial financial damage or severe harm to the environment. Safe computer systems are typically used in avionics or railway applications requiring particularly high reliability. This also goes for the medical market, while industrial automation environments demand more and more functional safety as technology becomes readily available. One of the key design elements of a safety-critical system is redundancy. Other techniques are diversity in components, determinism and predictable behavior, clustering to increase availability and supervisor and event logging features. Considerations about mission-critical computer architectures are complex and include safety-critical characteristics, reliability questions, error behavior modes, Safety Integrity Levels (up to SIL 3 or SIL 4) and the major IEC and EN standards, e.g., EN 50128 / EN 50129 for railways or DO-254 for avionics (up to DAL-A).
3 Proven Techniques in Functional Safety 1. Redundancy 2. Diversity 3. Determinism 4. Clustering 5. Supervisors, Event Logging
4 Redundancy Redundancy. Multiplying critical components, such as the CPU, increases the function's reliability. The most important strategy to make a system less vulnerable to risk is to multiply significant components. A component that by failing brings the entire system to a halt is called a "Single Point of Failure" (SPOF). If critical components, such as the CPU, are redundant, the availability and/or reliability of the functions increase. Depending on what you want to achieve, you can use different redundancy configurations. To do this, you name the number of functions that must be in working order in case of a failure (M) compared to the total number of redundant functions (N). This results in “M out of N”, abbreviated as MooN.
5 Redundancy - MooN Constellations With safe redundant functions, all components must also deliver the same computing results, to allow for the detection of errors, in the simplest case in a 2oo2 system. This reduces availability (fail-safe) Inputs Controller Outputs M Inputs Controller Outputs Inputs Controller Outputs M Inputs Controller Outputs Inputs Controller Outputs Inputs Controller Outputs Inputs Controller Outputs 2oo3 Voter M A 1oo2 constellation increases availability of the system and, by consequence, the Mean Time Between Failures (MTBF). If one of two processors fails, a 1oo2 system can still go on operating (fail-operational). The 2oo3 set-up is used frequently, because it increases both safety and availability. With such a level of complexity, a voting mechanism, or voter, is an inherent part of the system. It permanently compares and analyzes computing results.
6 Diversity Diversity. If redundant components are identical, a common cause can make them fail. This is why a system must support dissimilarities both in hardware and in software. For instance, you can run different, independently designed software applications on the subsystems. On the hardware side you could use different I/O interfaces. Identical functions are implemented in varying ways. In the end the two dissimilar set-ups must lead to the same result, so that the system can act in a defined way. Diversity is even possible on one single board: memory management of the processors allows to partition the resources, which is in turn supported by real-time operating systems like PikeOS. Safe Application Safe Application Linux Windows Linux Drivers Windows Drivers x86 Architecture RISC Architecture
7 Clustering Clustering. This does not increase a subsystem's safety, but it raises availability. Backing up a system is using redundancy on a higher level with the aim of keeping your system up even in case of a failure. It is possible to combine two assemblies to form a highly available computer cluster. In a set-up like this, every channel – being redundant itself – works independently, but only one channel is active. If the active channel fails, the system automatically switches to the second channel. The boards can be connected using dedicated serial interfaces: Sensors 1 2 3 Cluster Active Computer Stand-By Computer Stand-By Output Active Output Actor UARTs (DEX) make for communication between the two channels. A direct connection between the Board Management Controllers (BMCX) controls the switch-over from the active to the inactive channel.
8 Determinism Determinism. The need for predictable behavior forbids a number of mechanisms, like interrupts, common in non-critical applications. Design engineers need particular expertise in this respect. Next to failure safety, mission-critical environments also demand calculable execution times. The system must react to an external event within a defined time, even under worst case conditions. Engineers need to consider possible behavior and its consequences in detail at an early stage, in preparation for their actual design. In terms of hardware and firmware, BITE components are used here – Built-In Test Equipment. Errors handling techniques such as ECC (Error Correcting Code) or the monitoring of internal voltages play an important role, here, too. When it comes to software, system integrators in need of deterministic behavior select a real-time system like VxWorks or PikeOS.
9 Supervisors, Event Logging Supervisors. Board management and supervision in safe computers need to go beyond the usual CPU functions. A reliable CPU should have a dedicated monitor at its side rather than supervise itself. Event Logging. While this is not a necessary safety function, it can help track back faults in critical systems in case of an incident. Chances are higher to avoid the error cause in the future by taking precautions.
www.men.de/competencies/safe-computing/ www.menmicro.com/competencies/safe-computing/ www.men-france.fr/competencies/safe-computing/

Recommended

5 Things to Know about Safety and Security of Embedded Systems
5 Things to Know about Safety and Security of Embedded Systems5 Things to Know about Safety and Security of Embedded Systems
5 Things to Know about Safety and Security of Embedded SystemsMEN Mikro Elektronik GmbH
 
5 Application Examples Using Wireless Communication in Harsh IoT Environments
5 Application Examples Using Wireless Communication in Harsh IoT Environments5 Application Examples Using Wireless Communication in Harsh IoT Environments
5 Application Examples Using Wireless Communication in Harsh IoT EnvironmentsMEN Mikro Elektronik GmbH
 
Fault avoidance and fault tolerance
Fault avoidance and fault toleranceFault avoidance and fault tolerance
Fault avoidance and fault toleranceJabez Winston
 
RAM_Commander_Brochure
RAM_Commander_BrochureRAM_Commander_Brochure
RAM_Commander_BrochureAlon Shchori
 
Quality attributes of Embedded Systems
Quality attributes of Embedded Systems Quality attributes of Embedded Systems
Quality attributes of Embedded Systems VijayKumar5738
 
Purpose of Embedded Systems
Purpose of Embedded Systems Purpose of Embedded Systems
Purpose of Embedded Systems VijayKumar5738
 
Fault tolerant real-time scheduling
Fault tolerant real-time schedulingFault tolerant real-time scheduling
Fault tolerant real-time schedulingReza Ramezani
 
ATS @Station
ATS @StationATS @Station
ATS @StationHoang Le Van
 

Recommended

5 Things to Know about Safety and Security of Embedded Systems
5 Things to Know about Safety and Security of Embedded Systems5 Things to Know about Safety and Security of Embedded Systems
5 Things to Know about Safety and Security of Embedded SystemsMEN Mikro Elektronik GmbH
 
5 Application Examples Using Wireless Communication in Harsh IoT Environments
5 Application Examples Using Wireless Communication in Harsh IoT Environments5 Application Examples Using Wireless Communication in Harsh IoT Environments
5 Application Examples Using Wireless Communication in Harsh IoT EnvironmentsMEN Mikro Elektronik GmbH
 
Fault avoidance and fault tolerance
Fault avoidance and fault toleranceFault avoidance and fault tolerance
Fault avoidance and fault toleranceJabez Winston
 
RAM_Commander_Brochure
RAM_Commander_BrochureRAM_Commander_Brochure
RAM_Commander_BrochureAlon Shchori
 
Quality attributes of Embedded Systems
Quality attributes of Embedded Systems Quality attributes of Embedded Systems
Quality attributes of Embedded Systems VijayKumar5738
 
Purpose of Embedded Systems
Purpose of Embedded Systems Purpose of Embedded Systems
Purpose of Embedded Systems VijayKumar5738
 
Fault tolerant real-time scheduling
Fault tolerant real-time schedulingFault tolerant real-time scheduling
Fault tolerant real-time schedulingReza Ramezani
 
ATS @Station
ATS @StationATS @Station
ATS @StationHoang Le Van
 
Lect02
Lect02Lect02
Lect02Abhishek Gupta
 
Microcontroller 8051 timer 274 P$
Microcontroller 8051 timer 274 P$Microcontroller 8051 timer 274 P$
Microcontroller 8051 timer 274 P$PusHkar SaIni
 
F33 book-depend-pres-pt6
F33 book-depend-pres-pt6F33 book-depend-pres-pt6
F33 book-depend-pres-pt6NAVEENKUMARR18EC016
 
DISTRIBUTED CONTROL SYSTEMS
DISTRIBUTED CONTROL SYSTEMSDISTRIBUTED CONTROL SYSTEMS
DISTRIBUTED CONTROL SYSTEMSAshok Kumar Barla
 
Brochure triconex emergency_shutdownsystemssolutions_03-10
Brochure triconex emergency_shutdownsystemssolutions_03-10Brochure triconex emergency_shutdownsystemssolutions_03-10
Brochure triconex emergency_shutdownsystemssolutions_03-10Risman BizNet
 
IT6701 Information Management - Unit II
IT6701 Information Management - Unit II IT6701 Information Management - Unit II
IT6701 Information Management - Unit II pkaviya
 
Embedded system
Embedded systemEmbedded system
Embedded systemAnum Naz
 
Fault tolerance
Fault toleranceFault tolerance
Fault toleranceGaurav Rawat
 
basic of embedded system
basic of embedded systembasic of embedded system
basic of embedded systemDinesh35833
 
IJSRED-V2I3P91
IJSRED-V2I3P91IJSRED-V2I3P91
IJSRED-V2I3P91IJSRED
 
Embedded System
Embedded SystemEmbedded System
Embedded SystemSmile Hossain
 
Reliability Assessment of Induction Motor Drive using Failure Mode Effects An...
Reliability Assessment of Induction Motor Drive using Failure Mode Effects An...Reliability Assessment of Induction Motor Drive using Failure Mode Effects An...
Reliability Assessment of Induction Motor Drive using Failure Mode Effects An...IOSR Journals
 
Wallace moreira bessa breakfast coffee with a professor 21052021
Wallace moreira bessa breakfast coffee with a professor 21052021Wallace moreira bessa breakfast coffee with a professor 21052021
Wallace moreira bessa breakfast coffee with a professor 21052021Business Turku
 
Sensors and Actuators Integration in Embedded Systems
Sensors and Actuators Integration in Embedded SystemsSensors and Actuators Integration in Embedded Systems
Sensors and Actuators Integration in Embedded SystemsIDES Editor
 
Vector Supercomputers and Scientific Array Processors
Vector Supercomputers and Scientific Array ProcessorsVector Supercomputers and Scientific Array Processors
Vector Supercomputers and Scientific Array ProcessorsHsuvas Borkakoty
 
Yokogawa UGS Solution for System Integration with Third Party
Yokogawa UGS Solution for System Integration with Third PartyYokogawa UGS Solution for System Integration with Third Party
Yokogawa UGS Solution for System Integration with Third PartyAmit Sharma
 
Embedded system
Embedded systemEmbedded system
Embedded systemNitish kumar
 
Embedded Basics
Embedded Basics Embedded Basics
Embedded Basics Electro 8
 
Jonny doin safe io t- lt_spice failsafe
Jonny doin safe io t- lt_spice failsafeJonny doin safe io t- lt_spice failsafe
Jonny doin safe io t- lt_spice failsafeJonny Doin
 
DSDConference07
DSDConference07DSDConference07
DSDConference07Adam Taylor CEng FIET
 
IRJET- Analysis of Micro Inversion to Improve Fault Tolerance in High Spe...
IRJET- Analysis of Micro Inversion to Improve Fault Tolerance in High Spe...IRJET- Analysis of Micro Inversion to Improve Fault Tolerance in High Spe...
IRJET- Analysis of Micro Inversion to Improve Fault Tolerance in High Spe...IRJET Journal
 
FAULT DETECTION AND DIAGNOSIS OF INDUCTION MACHINE WITH ON-LINE PARAMETER PR...
FAULT DETECTION AND DIAGNOSIS OF INDUCTION MACHINE WITH ON-LINE PARAMETER PR...FAULT DETECTION AND DIAGNOSIS OF INDUCTION MACHINE WITH ON-LINE PARAMETER PR...
FAULT DETECTION AND DIAGNOSIS OF INDUCTION MACHINE WITH ON-LINE PARAMETER PR...Sheikh R Manihar Ahmed
 

More Related Content

What's hot

Microcontroller 8051 timer 274 P$
Microcontroller 8051 timer 274 P$Microcontroller 8051 timer 274 P$
Microcontroller 8051 timer 274 P$PusHkar SaIni
 
Brochure triconex emergency_shutdownsystemssolutions_03-10
Brochure triconex emergency_shutdownsystemssolutions_03-10Brochure triconex emergency_shutdownsystemssolutions_03-10
Brochure triconex emergency_shutdownsystemssolutions_03-10Risman BizNet
 
IT6701 Information Management - Unit II
IT6701 Information Management - Unit II IT6701 Information Management - Unit II
IT6701 Information Management - Unit II pkaviya
 
Embedded system
Embedded systemEmbedded system
Embedded systemAnum Naz
 
basic of embedded system
basic of embedded systembasic of embedded system
basic of embedded systemDinesh35833
 
IJSRED-V2I3P91
IJSRED-V2I3P91IJSRED-V2I3P91
IJSRED-V2I3P91IJSRED
 
Reliability Assessment of Induction Motor Drive using Failure Mode Effects An...
Reliability Assessment of Induction Motor Drive using Failure Mode Effects An...Reliability Assessment of Induction Motor Drive using Failure Mode Effects An...
Reliability Assessment of Induction Motor Drive using Failure Mode Effects An...IOSR Journals
 
Wallace moreira bessa breakfast coffee with a professor 21052021
Wallace moreira bessa breakfast coffee with a professor 21052021Wallace moreira bessa breakfast coffee with a professor 21052021
Wallace moreira bessa breakfast coffee with a professor 21052021Business Turku
 
Sensors and Actuators Integration in Embedded Systems
Sensors and Actuators Integration in Embedded SystemsSensors and Actuators Integration in Embedded Systems
Sensors and Actuators Integration in Embedded SystemsIDES Editor
 
Vector Supercomputers and Scientific Array Processors
Vector Supercomputers and Scientific Array ProcessorsVector Supercomputers and Scientific Array Processors
Vector Supercomputers and Scientific Array ProcessorsHsuvas Borkakoty
 
Yokogawa UGS Solution for System Integration with Third Party
Yokogawa UGS Solution for System Integration with Third PartyYokogawa UGS Solution for System Integration with Third Party
Yokogawa UGS Solution for System Integration with Third PartyAmit Sharma
 
Embedded Basics
Embedded Basics Embedded Basics
Embedded Basics Electro 8
 

What's hot (18)

Lect02
Lect02Lect02
Lect02
 
Microcontroller 8051 timer 274 P$
Microcontroller 8051 timer 274 P$Microcontroller 8051 timer 274 P$
Microcontroller 8051 timer 274 P$
 
F33 book-depend-pres-pt6
F33 book-depend-pres-pt6F33 book-depend-pres-pt6
F33 book-depend-pres-pt6
 
DISTRIBUTED CONTROL SYSTEMS
DISTRIBUTED CONTROL SYSTEMSDISTRIBUTED CONTROL SYSTEMS
DISTRIBUTED CONTROL SYSTEMS
 
Brochure triconex emergency_shutdownsystemssolutions_03-10
Brochure triconex emergency_shutdownsystemssolutions_03-10Brochure triconex emergency_shutdownsystemssolutions_03-10
Brochure triconex emergency_shutdownsystemssolutions_03-10
 
IT6701 Information Management - Unit II
IT6701 Information Management - Unit II IT6701 Information Management - Unit II
IT6701 Information Management - Unit II
 
Embedded system
Embedded systemEmbedded system
Embedded system
 
Fault tolerance
Fault toleranceFault tolerance
Fault tolerance
 
basic of embedded system
basic of embedded systembasic of embedded system
basic of embedded system
 
IJSRED-V2I3P91
IJSRED-V2I3P91IJSRED-V2I3P91
IJSRED-V2I3P91
 
Embedded System
Embedded SystemEmbedded System
Embedded System
 
Reliability Assessment of Induction Motor Drive using Failure Mode Effects An...
Reliability Assessment of Induction Motor Drive using Failure Mode Effects An...Reliability Assessment of Induction Motor Drive using Failure Mode Effects An...
Reliability Assessment of Induction Motor Drive using Failure Mode Effects An...
 
Wallace moreira bessa breakfast coffee with a professor 21052021
Wallace moreira bessa breakfast coffee with a professor 21052021Wallace moreira bessa breakfast coffee with a professor 21052021
Wallace moreira bessa breakfast coffee with a professor 21052021
 
Sensors and Actuators Integration in Embedded Systems
Sensors and Actuators Integration in Embedded SystemsSensors and Actuators Integration in Embedded Systems
Sensors and Actuators Integration in Embedded Systems
 
Vector Supercomputers and Scientific Array Processors
Vector Supercomputers and Scientific Array ProcessorsVector Supercomputers and Scientific Array Processors
Vector Supercomputers and Scientific Array Processors
 
Yokogawa UGS Solution for System Integration with Third Party
Yokogawa UGS Solution for System Integration with Third PartyYokogawa UGS Solution for System Integration with Third Party
Yokogawa UGS Solution for System Integration with Third Party
 
Embedded system
Embedded systemEmbedded system
Embedded system
 
Embedded Basics
Embedded Basics Embedded Basics
Embedded Basics
 

Similar to 5 Techniques to Achieve Functional Safety for Embedded Systems

Jonny doin safe io t- lt_spice failsafe
Jonny doin safe io t- lt_spice failsafeJonny doin safe io t- lt_spice failsafe
Jonny doin safe io t- lt_spice failsafeJonny Doin
 
IRJET- Analysis of Micro Inversion to Improve Fault Tolerance in High Spe...
IRJET- Analysis of Micro Inversion to Improve Fault Tolerance in High Spe...IRJET- Analysis of Micro Inversion to Improve Fault Tolerance in High Spe...
IRJET- Analysis of Micro Inversion to Improve Fault Tolerance in High Spe...IRJET Journal
 
FAULT DETECTION AND DIAGNOSIS OF INDUCTION MACHINE WITH ON-LINE PARAMETER PR...
FAULT DETECTION AND DIAGNOSIS OF INDUCTION MACHINE WITH ON-LINE PARAMETER PR...FAULT DETECTION AND DIAGNOSIS OF INDUCTION MACHINE WITH ON-LINE PARAMETER PR...
FAULT DETECTION AND DIAGNOSIS OF INDUCTION MACHINE WITH ON-LINE PARAMETER PR...Sheikh R Manihar Ahmed
 
CS304PC:Computer Organization and Architecture Session 15 program control.pptx
CS304PC:Computer Organization and Architecture Session 15 program control.pptxCS304PC:Computer Organization and Architecture Session 15 program control.pptx
CS304PC:Computer Organization and Architecture Session 15 program control.pptxAsst.prof M.Gokilavani
 
An Efficient Approach Towards Mitigating Soft Errors Risks
An Efficient Approach Towards Mitigating Soft Errors RisksAn Efficient Approach Towards Mitigating Soft Errors Risks
An Efficient Approach Towards Mitigating Soft Errors Riskssipij
 
Troubleshooting & Tools
Troubleshooting & ToolsTroubleshooting & Tools
Troubleshooting & ToolsPrabu U
 
IRJET- Secure Scheme For Cloud-Based Multimedia Content Storage
IRJET- Secure Scheme For Cloud-Based Multimedia Content StorageIRJET- Secure Scheme For Cloud-Based Multimedia Content Storage
IRJET- Secure Scheme For Cloud-Based Multimedia Content StorageIRJET Journal
 
Proposed Algorithm for Surveillance Applications
Proposed Algorithm for Surveillance ApplicationsProposed Algorithm for Surveillance Applications
Proposed Algorithm for Surveillance ApplicationsEditor IJCATR
 
[White paper] detecting problems in industrial networks though continuous mon...
[White paper] detecting problems in industrial networks though continuous mon...[White paper] detecting problems in industrial networks though continuous mon...
[White paper] detecting problems in industrial networks though continuous mon...TI Safe
 
Evolution of protective systems in petro chem
Evolution of protective systems in petro chemEvolution of protective systems in petro chem
Evolution of protective systems in petro chemGlen Alleman
 
2012A8PS309P_AbhishekKumar_FinalReport
2012A8PS309P_AbhishekKumar_FinalReport2012A8PS309P_AbhishekKumar_FinalReport
2012A8PS309P_AbhishekKumar_FinalReportabhishekroushan
 
Electranix_Advanced_Simulation_Lab_July_2021.pdf
Electranix_Advanced_Simulation_Lab_July_2021.pdfElectranix_Advanced_Simulation_Lab_July_2021.pdf
Electranix_Advanced_Simulation_Lab_July_2021.pdfsmrasteg12
 
introduction to #OT cybersecurity for O&M teams.pdf
introduction to #OT cybersecurity for O&M teams.pdfintroduction to #OT cybersecurity for O&M teams.pdf
introduction to #OT cybersecurity for O&M teams.pdfPrabaKaran649935
 
Automatic Analyzing System for Packet Testing and Fault Mapping
Automatic Analyzing System for Packet Testing and Fault MappingAutomatic Analyzing System for Packet Testing and Fault Mapping
Automatic Analyzing System for Packet Testing and Fault MappingIRJET Journal
 
Report on Enviorment Panel Monitoring
Report on Enviorment Panel MonitoringReport on Enviorment Panel Monitoring
Report on Enviorment Panel MonitoringMohammed Irshad S K
 
Implementation of T-Junction Traffic Light Control System Using Simatic S7-20...
Implementation of T-Junction Traffic Light Control System Using Simatic S7-20...Implementation of T-Junction Traffic Light Control System Using Simatic S7-20...
Implementation of T-Junction Traffic Light Control System Using Simatic S7-20...IJERA Editor
 
9Tuts.Com New CCNA 200-120 New CCNA New Questions 2
9Tuts.Com New CCNA 200-120 New CCNA New Questions 29Tuts.Com New CCNA 200-120 New CCNA New Questions 2
9Tuts.Com New CCNA 200-120 New CCNA New Questions 2Lori Head
 

Similar to 5 Techniques to Achieve Functional Safety for Embedded Systems (20)

Jonny doin safe io t- lt_spice failsafe
Jonny doin safe io t- lt_spice failsafeJonny doin safe io t- lt_spice failsafe
Jonny doin safe io t- lt_spice failsafe
 
DSDConference07
DSDConference07DSDConference07
DSDConference07
 
IRJET- Analysis of Micro Inversion to Improve Fault Tolerance in High Spe...
IRJET- Analysis of Micro Inversion to Improve Fault Tolerance in High Spe...IRJET- Analysis of Micro Inversion to Improve Fault Tolerance in High Spe...
IRJET- Analysis of Micro Inversion to Improve Fault Tolerance in High Spe...
 
FAULT DETECTION AND DIAGNOSIS OF INDUCTION MACHINE WITH ON-LINE PARAMETER PR...
FAULT DETECTION AND DIAGNOSIS OF INDUCTION MACHINE WITH ON-LINE PARAMETER PR...FAULT DETECTION AND DIAGNOSIS OF INDUCTION MACHINE WITH ON-LINE PARAMETER PR...
FAULT DETECTION AND DIAGNOSIS OF INDUCTION MACHINE WITH ON-LINE PARAMETER PR...
 
CS304PC:Computer Organization and Architecture Session 15 program control.pptx
CS304PC:Computer Organization and Architecture Session 15 program control.pptxCS304PC:Computer Organization and Architecture Session 15 program control.pptx
CS304PC:Computer Organization and Architecture Session 15 program control.pptx
 
Unit 1 - Introduction
Unit 1 - IntroductionUnit 1 - Introduction
Unit 1 - Introduction
 
An Efficient Approach Towards Mitigating Soft Errors Risks
An Efficient Approach Towards Mitigating Soft Errors RisksAn Efficient Approach Towards Mitigating Soft Errors Risks
An Efficient Approach Towards Mitigating Soft Errors Risks
 
Troubleshooting & Tools
Troubleshooting & ToolsTroubleshooting & Tools
Troubleshooting & Tools
 
IRJET- Secure Scheme For Cloud-Based Multimedia Content Storage
IRJET- Secure Scheme For Cloud-Based Multimedia Content StorageIRJET- Secure Scheme For Cloud-Based Multimedia Content Storage
IRJET- Secure Scheme For Cloud-Based Multimedia Content Storage
 
Proposed Algorithm for Surveillance Applications
Proposed Algorithm for Surveillance ApplicationsProposed Algorithm for Surveillance Applications
Proposed Algorithm for Surveillance Applications
 
[White paper] detecting problems in industrial networks though continuous mon...
[White paper] detecting problems in industrial networks though continuous mon...[White paper] detecting problems in industrial networks though continuous mon...
[White paper] detecting problems in industrial networks though continuous mon...
 
Evolution of protective systems in petro chem
Evolution of protective systems in petro chemEvolution of protective systems in petro chem
Evolution of protective systems in petro chem
 
2012A8PS309P_AbhishekKumar_FinalReport
2012A8PS309P_AbhishekKumar_FinalReport2012A8PS309P_AbhishekKumar_FinalReport
2012A8PS309P_AbhishekKumar_FinalReport
 
Electranix_Advanced_Simulation_Lab_July_2021.pdf
Electranix_Advanced_Simulation_Lab_July_2021.pdfElectranix_Advanced_Simulation_Lab_July_2021.pdf
Electranix_Advanced_Simulation_Lab_July_2021.pdf
 
introduction to #OT cybersecurity for O&M teams.pdf
introduction to #OT cybersecurity for O&M teams.pdfintroduction to #OT cybersecurity for O&M teams.pdf
introduction to #OT cybersecurity for O&M teams.pdf
 
Ig3514391443
Ig3514391443Ig3514391443
Ig3514391443
 
Automatic Analyzing System for Packet Testing and Fault Mapping
Automatic Analyzing System for Packet Testing and Fault MappingAutomatic Analyzing System for Packet Testing and Fault Mapping
Automatic Analyzing System for Packet Testing and Fault Mapping
 
Report on Enviorment Panel Monitoring
Report on Enviorment Panel MonitoringReport on Enviorment Panel Monitoring
Report on Enviorment Panel Monitoring
 
Implementation of T-Junction Traffic Light Control System Using Simatic S7-20...
Implementation of T-Junction Traffic Light Control System Using Simatic S7-20...Implementation of T-Junction Traffic Light Control System Using Simatic S7-20...
Implementation of T-Junction Traffic Light Control System Using Simatic S7-20...
 
9Tuts.Com New CCNA 200-120 New CCNA New Questions 2
9Tuts.Com New CCNA 200-120 New CCNA New Questions 29Tuts.Com New CCNA 200-120 New CCNA New Questions 2
9Tuts.Com New CCNA 200-120 New CCNA New Questions 2
 

Recently uploaded

SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentationphoebematthew05
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 

Recently uploaded (20)

SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentation
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 

5 Techniques to Achieve Functional Safety for Embedded Systems

  • 1. Textmasterformat bearbeiten ▪ Second Level ▪ Third Level ▪ Fourth Level Fifth Level August 24, 2017 5 Techniques to Achieve Functional Safety for Embedded Systems
  • 2. 2 The Need for Safe Computing Failures of safety-critical electronic systems can result in loss of life, substantial financial damage or severe harm to the environment. Safe computer systems are typically used in avionics or railway applications requiring particularly high reliability. This also goes for the medical market, while industrial automation environments demand more and more functional safety as technology becomes readily available. One of the key design elements of a safety-critical system is redundancy. Other techniques are diversity in components, determinism and predictable behavior, clustering to increase availability and supervisor and event logging features. Considerations about mission-critical computer architectures are complex and include safety-critical characteristics, reliability questions, error behavior modes, Safety Integrity Levels (up to SIL 3 or SIL 4) and the major IEC and EN standards, e.g., EN 50128 / EN 50129 for railways or DO-254 for avionics (up to DAL-A).
  • 3. 3 Proven Techniques in Functional Safety 1. Redundancy 2. Diversity 3. Determinism 4. Clustering 5. Supervisors, Event Logging
  • 4. 4 Redundancy Redundancy. Multiplying critical components, such as the CPU, increases the function's reliability. The most important strategy to make a system less vulnerable to risk is to multiply significant components. A component that by failing brings the entire system to a halt is called a "Single Point of Failure" (SPOF). If critical components, such as the CPU, are redundant, the availability and/or reliability of the functions increase. Depending on what you want to achieve, you can use different redundancy configurations. To do this, you name the number of functions that must be in working order in case of a failure (M) compared to the total number of redundant functions (N). This results in “M out of N”, abbreviated as MooN.
  • 5. 5 Redundancy - MooN Constellations With safe redundant functions, all components must also deliver the same computing results, to allow for the detection of errors, in the simplest case in a 2oo2 system. This reduces availability (fail-safe) Inputs Controller Outputs M Inputs Controller Outputs Inputs Controller Outputs M Inputs Controller Outputs Inputs Controller Outputs Inputs Controller Outputs Inputs Controller Outputs 2oo3 Voter M A 1oo2 constellation increases availability of the system and, by consequence, the Mean Time Between Failures (MTBF). If one of two processors fails, a 1oo2 system can still go on operating (fail-operational). The 2oo3 set-up is used frequently, because it increases both safety and availability. With such a level of complexity, a voting mechanism, or voter, is an inherent part of the system. It permanently compares and analyzes computing results.
  • 6. 6 Diversity Diversity. If redundant components are identical, a common cause can make them fail. This is why a system must support dissimilarities both in hardware and in software. For instance, you can run different, independently designed software applications on the subsystems. On the hardware side you could use different I/O interfaces. Identical functions are implemented in varying ways. In the end the two dissimilar set-ups must lead to the same result, so that the system can act in a defined way. Diversity is even possible on one single board: memory management of the processors allows to partition the resources, which is in turn supported by real-time operating systems like PikeOS. Safe Application Safe Application Linux Windows Linux Drivers Windows Drivers x86 Architecture RISC Architecture
  • 7. 7 Clustering Clustering. This does not increase a subsystem's safety, but it raises availability. Backing up a system is using redundancy on a higher level with the aim of keeping your system up even in case of a failure. It is possible to combine two assemblies to form a highly available computer cluster. In a set-up like this, every channel – being redundant itself – works independently, but only one channel is active. If the active channel fails, the system automatically switches to the second channel. The boards can be connected using dedicated serial interfaces: Sensors 1 2 3 Cluster Active Computer Stand-By Computer Stand-By Output Active Output Actor UARTs (DEX) make for communication between the two channels. A direct connection between the Board Management Controllers (BMCX) controls the switch-over from the active to the inactive channel.
  • 8. 8 Determinism Determinism. The need for predictable behavior forbids a number of mechanisms, like interrupts, common in non-critical applications. Design engineers need particular expertise in this respect. Next to failure safety, mission-critical environments also demand calculable execution times. The system must react to an external event within a defined time, even under worst case conditions. Engineers need to consider possible behavior and its consequences in detail at an early stage, in preparation for their actual design. In terms of hardware and firmware, BITE components are used here – Built-In Test Equipment. Errors handling techniques such as ECC (Error Correcting Code) or the monitoring of internal voltages play an important role, here, too. When it comes to software, system integrators in need of deterministic behavior select a real-time system like VxWorks or PikeOS.
  • 9. 9 Supervisors, Event Logging Supervisors. Board management and supervision in safe computers need to go beyond the usual CPU functions. A reliable CPU should have a dedicated monitor at its side rather than supervise itself. Event Logging. While this is not a necessary safety function, it can help track back faults in critical systems in case of an incident. Chances are higher to avoid the error cause in the future by taking precautions.