Big Chemical Encyclopedia

Chemical substances, components, reactions, process design ...

Articles Figures Tables About

Hardware and functional redundancy

Both sets of information thus calculated via the two microcontrollers can then be compared. If they are different, then the transmission on the network can be interrupted by the two microcontrollers. [Pg.359]

The time intervals and coverage rate of self-tests of the two processing units are then less binding because they remain mainly to cover latent or hidden faults in the system. [Pg.359]

Of course, the optimization process of redundancy solutions does not always go all the way through when it is not necessary considering the simplicity of the features associated with component production volumes. [Pg.360]

Moreover, this optimization will inevitably reduce the overall level of safety that the system can aspire to (common mode hardware and code coverage) but maintains a generally satisfactory level. [Pg.360]

It includes the redundant and diversified acquisition of information, such as stepping down on the accelerator pedal, which is processed in a safe calculator in order to control the motorized throttle monitored by redundant and diversified signals. [Pg.362]


Finally, in order to achieve high levels of safety, the principles of diversified hardware and functional redundancy will be used on a larger scale and will be optimized (see Figures 9.19 to 9.24). [Pg.358]

The concept of hardware and functional redundancy can be optimized. Let us start off from the basic safety principle, which is to make the function fiiUy redundant and to compare the results of these functions in order to determine their proper implementation. The optimization process is described in the context of Figure 9.20 taken from PUF 05]. [Pg.359]

Of course, there are two possibilities for implementing these architectures based on hardware and functional redundancy (see Figures 9.23 and 9.24) ... [Pg.362]

In view of the conflict between the reliability and the cost of adding more hardware, it is sensible to attempt to use the dissimilar measured values together to cross check each other, rather than replicating each hardware individually. This is the concept of analytical i.e. functional) redundancy which uses redundant analytical (or functional) relationships between various measured variables of the monitored process e.g., inputs/outputs, out-puts/outputs and inputs/inputs). Figure 3 illustrates the hardware and analytical redundancy concepts. [Pg.205]

Redundancy is a term often confused with resilience. In effect, redundancy is a strategy one may choose to implement in pursuit of a resilient system. It can be defined as the Provision of multiple components or mechanisms to achieve the same function such that failure of one or more of the components or mechanisms does not prevent the performance of the function [3]. In other words redundancy represents the inclusion of additional hardware or functionality which might not be critically required during normal operation but is seamlessly available should it be called upon in situations of failure. For example, one might choose to operate a system with not one but two databases hosted in different geographical locations and synchronised in real time. Should one fail the system can be designed to automatically revert to the alternative without any obvious impact on the user. [Pg.104]

The trend is for devices to be smaller and more functional than their predecessors. Modular redundancy, the use of extra copies of failure-prone hardware that can mask, or take the place of its damaged counterparts, has costs in both size and functionality. If this trend continues, the price of modular redundancy will become greater and an alternative will need to be considered. [Pg.161]

In instrumentation and control, triple modular redundancy is very important for fail safe operation. Fig. 1/6.1.2-1 shows the same. Here, each of the three elements are voted thrice in each stage to get the output. In network communications, especially for remote communication, there are a few other problems known as Two Army problem, Byzantine general problem, etc. The issues discussed so far basically belong to fault masking to get away with hardware fault. There is another term called dynamic recovery, in which case there shall be a special mechanism to detect hardware fault and isolate the faulty hardware and replace the same with a good one. This wiU be clear from an example. Say in a process control, there are two processors one working and the other standby. If there is another processor whose main function is to act a diagnostic processor to check health of other processors, when it finds fault with... [Pg.60]

Design diversity This approach is rather costly. It combines hardware and software fault tolerance in different sets of computing channels. Each channel is developed in different hardware and software in redundant mode to provide the same function. This method is deployed to identify deviation of a channel from the others. The goal is to tolerate both hardware and software design faults [7]. After developing a fault tolerant design it is necessary to validate it from a reliability point of view, discussed later. [Pg.820]

Defects or faults in any component of the loop can develop into malfunctions. Faults are not always visible to the operator immediately, but may appear in such a way that they give rise to complete loop failure. In safety-critical applications, no failure can be tolerated [3]. Redundancies in hardware and software facilitate fault recovery. So, for increased dependability fault tolerant control (PTC) is an ideal solution. In critical controls it may be disastrous to tolerate any failure of control systems. In PTC the system continues to operate with single failure in components and/or subsystems. Also in cases of critical controls, FTC will make a controlled shutdown to a safe state in a critical situation. FTC systems use the help of redundancies in hardware and software, discussed earlier, and fault diagnostics and intelligent software to monitor health and behavior of components and function blocks and take remedial action. With these tools the faults are isolated and suitable... [Pg.820]

Testing schemes generally affect complete subsystems hence, consideration of each hardware element is unnecessary. Tests of redundant portions of a system are particularly important, and may be constrained by the technical specifications which must be reflected in the fault tree. Testing may require the reconfiguration of systems for the test, which may prevent the performance of their designed function. In this case, other members of the redundancy must be available, but may fail. Failure to restore a system after test significantly increases the risk. [Pg.107]

CPU with speoial hardware features for functional safety, a special operating system and embedded functions for control of failures (for application programming and software integration the integrated redundancy is covered by the development system. The programmer sees only one CPU) ... [Pg.81]

ANSl/lSA-84.00.01-2004 (lEC 61511 Mod) has a requirement for nainimum levels of "hardware fault tolerance" as a function of SIL level. This means that redundancy for purposes of achieving the safety function must be done depending on the SIL level target of the SIF. For field instruments and non-programmable logic solvers, the chart is shown in Figure 7-6. [Pg.103]

What is the significance of HFT HFT is an indicator safety function quality. HFT = 0 single-channel use and HFT = 1 redundant version a minimum of two hardware faults need to occur to cause a safety loss, etc. These were discussed right at the beginning of the chapter. [Pg.567]

Common cause Diversity means that the safety function is to be carried out in a redundant manner with different hardware/design principles/even completely different technologies (e.g., one a mechanical system, the other an electronic system so that in the former system the EMC effect will not exist). In practice a real common cause is dif cult to find because the failures of a multichannel system must by definition of a common cause occur at exactly the same time. The same hardware will always have different strengths and thus fail at a slightly different time. A well-designed safety system can take advantage of this gap in time and detect one failure before the other failure occurs. [Pg.700]


See other pages where Hardware and functional redundancy is mentioned: [Pg.358]    [Pg.375]    [Pg.358]    [Pg.375]    [Pg.155]    [Pg.73]    [Pg.73]    [Pg.948]    [Pg.953]    [Pg.466]    [Pg.758]    [Pg.55]    [Pg.134]    [Pg.595]    [Pg.672]    [Pg.905]    [Pg.57]    [Pg.103]    [Pg.158]    [Pg.26]    [Pg.27]    [Pg.148]    [Pg.213]    [Pg.83]    [Pg.12]    [Pg.272]    [Pg.104]    [Pg.1540]    [Pg.6]    [Pg.282]    [Pg.817]    [Pg.817]    [Pg.178]    [Pg.655]    [Pg.60]    [Pg.103]    [Pg.132]   


SEARCH



Hardware

Hardware redundancy

Redundancy

Redundancy function

Redundant

© 2024 chempedia.info