Fault tolerance design diversity

Previous research on software component failure dependencies seems to have been done primarily for parallel components, typically related to diverse and redrmdant components in fault tolerant designs such as N-version programming. These situations are characterised by components that are subject to the same input. We argue that failure dependencies must be viewed more generally, and that possible causes of dependent failure behaviour are more complex than current methods consider. 

Design diversity This approach is rather costly. It combines hardware and software fault tolerance in different sets of computing channels. Each channel is developed in different hardware and software in redundant mode to provide the same function. This method is deployed to identify deviation of a channel from the others. The goal is to tolerate both hardware and software design faults [7]. After developing a fault tolerant design it is necessary to validate it from a reliability point of view, discussed later. 

Safety integrity level 1 equates to a simple non-redundant single path designed to fail safe with a typical availability of 0.99. Level 2 involves a partially redundant logic structure, with redundant independent paths for elements with lower availability. Overall availability is in the range of 0.999. Level 3 is composed of a totally redundant logic structure. Redundant independent circuits are used for the total interlock system. Diversity is considered an important factor and is used where appropriate. Fault tolerance is enhanced since a single fault of an ESD system component is unlikely to result in a loss of process protection. 

The comparably low reliability and availability of wireless data transfer was treated in several work packages of COOPERS. A parallel use of two diverse wireless channels was discussed but considered too expensive. Therefore, the services were designed fault-tolerant against temporary unavailability of wireless connections. 

Incorporate DSFs. Utilize special DSFs, such as redundancy, interlocks, SISs, backup systems, fault detection, fault tolerance, partitions, and design diversity. 

Safety assurance can also be achieved by the use of fault tolerance techniques [1], [14] like design diversity [22] that mitigates failures from individual software components. Software design diversity can reduce the dangerous failure rate of the composite system as the same failure has to occur in more than one software component before it becomes dangerous. These techniques have been used in a range of safety-critical systems [3, 15]. 

---