An array-based study of increased system lifetime probability by Nesgaard, Carsten
  
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
  
General rights 
Copyright and moral rights for the publications made accessible in the public portal are retained by the authors and/or other copyright owners 
and it is a condition of accessing publications that users recognise and abide by the legal requirements associated with these rights. 
 
• Users may download and print one copy of any publication from the public portal for the purpose of private study or research. 
• You may not further distribute the material or use it for any profit-making activity or commercial gain 
• You may freely distribute the URL identifying the publication in the public portal  
 
If you believe that this document breaches copyright please contact us providing details, and we will remove access to the work immediately 
and investigate your claim. 
   
 
Downloaded from orbit.dtu.dk on: Dec 17, 2017
An array-based study of increased system lifetime probability
Nesgaard, Carsten
Published in:
APEC 2003: Eighteenth Annual IEEE Applied Power Electronics Conference and Exposition
Publication date:
2003
Document Version
Publisher's PDF, also known as Version of record
Link back to DTU Orbit
Citation (APA):
Nesgaard, C. (2003). An array-based study of increased system lifetime probability. In APEC 2003: Eighteenth
Annual IEEE Applied Power Electronics Conference and Exposition (Vol. 1-2, pp. 476-482). IEEE.  (I E E E
Applied Power Electronics Conference and Exposition. Conference Proceedings).
 An array-based study of increased  
system lifetime probability 
 
 
Carsten Nesgaard, Member IEEE 
Department of Electrical Power Engineering 
Technical University of Denmark 
2800  Kongens Lyngby 
Email: carsten@nesgaard.com 
 
 
 Abstract: Society’s increased dependence on electronic systems 
calls for highly reliable power supplies comprised of multiple 
converters working in parallel. This paper describes a 
redundancy control scheme, based on the array technology that 
increases the overall reliability quite considerably and thereby 
ensures a stable supply voltage. 
 
I.  INTRODUCTION 
 
 With the ever-increasing dependence on reliable electronic 
systems, the area of highly reliable power systems is rapidly 
expanding. When considering highly reliable fault tolerant 
power systems the word ‘redundancy’ comes to mind. Indeed, 
a true fault tolerant power system is comprised of several 
converters working in parallel. This paper describes part of an 
ongoing project of building a prototype of a fault tolerant 
power system with N + 2 redundancy. The paper gives a short 
description of the mathematics used, the power system in 
question and the choice of control scheme. Since each of these 
short descriptions can form the basis for an entire paper, the 
focal point in this presentation is the redundancy control within 
the overall power system.  
 
II.  ARRAY-BASED LOGIC 
 
 Originated at the Department of Electric Power Engineering, 
the Technical University of Denmark in 1978 with the paper 
”Group Representations of Finite Polyvalent Logic – a Case 
Study Using APL Notation” by associate professor Ole I. 
Franksen [4], the array-based logic has evolved into an 
effective tool when dealing with combinatorial and/or 
configuration applications. The foundation of the technology is 
a geometrical representation of logic in terms of nested arrays. 
In other words, the array-based concept deals with data objects 
regarded as arrays [7]. Consequently, all calculations are 
performed on arrays which implies that systems comprised of 
large amounts of data often can be systematically simplified by 
the use of array theoretical operations. In general, the array-
based logic can be considered to consist of the following three 
steps: 
 Step one is the establishment of a discrete n-dimensional 
configuration space using the Cartesian product, which ensures 
completeness. This is accomplished by the use of the tensor 
product OUTER and [8], which combines the system 
propositions and unites them to form one conjunctive 
proposition. 
 Step two is the inference by colligation, which is the 
operation of establishing the interconnections of the system. In 
other words this step finds the solutions that comply with the 
system constraints.  
 Step three is the determination of states by elimination of 
variables through an or-reduction.  
 Having introduced the concept of constraints, it is obvious 
that prior to completion of the above-mentioned steps, the 
constraints of the physical system must be translated into array 
theoretical terms. This is achieved through the use of 
propositional logic that transforms the system constraints into 
logic operations suitable for array theoretical implementation. 
An example of this translation and implementation is shown in 
section ‘V. ARRAY-BASED CONTROL SCHEME’. 
 Summarizing the above description the basic idea of array-
based logic can be expressed, according to Franksen, as: 
 Array-based logic explores the consequences of considering 
truth-values as physical measurements. The aim is to formalize 
logic in accordance with the theoretical structure of discrete 
systems and express this formalization algebraically in array-
theoretic terms. 
 
III.  REDUNDANCY AS RELIABILITY ENHANCEMENT  
 
 Increasing the reliability of a power system can be achieved 
in a number of ways, some more successful than others. A 
simple way of increasing the overall system reliability is using 
high quality components with low failure rates. Although, the 
overall circuit complexity remains the same the cost for high 
quality components is considerably higher than that of an 
implementation using commercial components. Also, the 
reliability gain using these high quality components is only 
moderate compared to other reliability enhancement 
techniques.  
0-7803-7768-0/03/$17.00 (C) 2003 IEEE 476
Authorized licensed use limited to: Danmarks Tekniske Informationscenter. Downloaded on March 03,2010 at 07:52:13 EST from IEEE Xplore.  Restrictions apply. 
  
 For the reasons mentioned above, by far the most common 
way of increasing the reliability is the use of redundancy. Once 
the choice of redundancy has been made the level of 
redundancy needed must be identified. Ranging from the 
component level all the way to the system level, the level of 
redundancy used in the power system in this presentation is 
what can be characterized as block level redundancy. 
 As with any system, a redundant power system has both 
advantages and drawbacks. Among the advantages is the 
possibility of a dramatic increase in reliability at the expense of 
an increase in system dependent parameters such as cost, mass, 
volume and circuit complexity. Although the increase in 
reliability can be quite high, added cost, mass, volume, and 
complexity are drawbacks that must be considered when 
deciding which approach to take during the design phase of the 
power system. However, the drawbacks tend to be less 
important nowadays, since system downtime in case of power 
failure often results in greater losses in sales, customer services 
etc. 
 When implementing system level redundancy in power 
systems, each converter board within the overall power system 
must be equipped with a front switch that allows for controlled 
shutdown of faulty converter boards, since this is the only way 
the power system integrity can be maintained. In other words 
the power system must exhibit failure free operation at the 
input as well as at the output. Due to this fact, most approaches 
in designing high reliable power systems originates from the 
ability of the overall power system to shutdown faulty units 
whether these consists of converter boards, power distribution 
units etc. Focusing on the reliability of redundant systems it is 
noteworthy that making a single path system redundant 
generally increases the overall reliability with a factor of the 
reciprocal of the initial failure rate for the single path system, 
assuming the exponential distribution is valid and that the 
working conditions in both cases remain unchanged.  
 Now, suppose the redundant power system had the ability to 
reconfigure itself during operation. Such a system would 
further increase the reliability of the overall power system and 
at the same time reduce the maintenance requirements, since 
faulty units could be ‘replaced’ automatically. Due to the 
dynamic process of continuous measurement of the system 
integrity and configuration at any given time the simple 
exponential distribution for reliability calculations does not 
justify the true reliability potential in a reconfigurable system. 
To obtain a more truthful measure for the system reliability, 
one has to adopt the use of Markov modeling techniques, 
which is a commonly used modeling technique dealing with 
dynamic systems. Although Markov modeling often includes 
random noise errors within the sensor feedback system, it is for 
simplicity assumed that such errors do not occur within the 
power system at hand. The justification for making this 
simplification is that the focal point in this presentation is the 
redundancy control scheme. Furthermore, since the sensor 
feedback system is discrete with logic truth-values, the noise 
margin is quite large and random noise errors would be 
extremely rare in any case. The detailed description of Markov 
modeling uses can be found in the literature [6] and will not be 
dealt with in this presentation. 
 
IV.  THE POWER SYSTEM 
 
 It has been chosen to investigate a power system comprised 
of 5 identical converter boards connected in parallel. As 
indicated in the introduction this is 2 converter boards more 
than needed. Thus, the system is N + 2 redundant. On a board 
level each converter is designed to shutdown in case of a single 
point failure whereas the overall power system can tolerate 2 
failures and still provide the needed power. From a traditional 
power system point of view two failures reduces the overall 
power system from a system comprised of 5 parallel-connected 
converter boards into a system comprised of the 3 converter 
boards needed to supply the required power to the load.  
 The proposed power system approaches the parallel 
connection of the individual converter boards in a way that 
differs significantly from what have just been described, by 
splitting the individual converter boards into 5 main blocks. 
Aligning these main blocks as shown in Figure 1 (ignoring the 
block ‘PWM controller’), each block connects to the previous 
block on the same converter boards as well as to the previous 
blocks on the parallel-connected converter boards. This 
arrangement of multiple inter-connection of individual blocks 
allows for intelligently control of combining blocks for 
maximum number of working converter boards at any given 
time. It should be noted that it is not an allowable state to have 
a block deliver power to more that one subsequent block. Thus, 
the first system constraint is the limitation of blocks being 
connected to one and only one subsequent block. 
 
Inrush control
On/Off switch Filter Power-switch Transformer
Rectifier
S/C protection
Current sharing
Input Output
PWM controller
Feedback
Switch 1A Switch 1B Switch 1C Switch 1D
Switch 1E
 
Figure 1. Block diagram for converter 1 
 
 The connecting devices are chosen to be electronically 
controlled switches but could in theory also be mechanically 
operated relays. The reason for choosing electronically 
controlled switches (hereafter referred to as switches) is the 
fact that activation of the individual interconnecting devices 
would occur during power system operation, which for long 
switching periods would require substantial amounts of 
capacitors at the output of the power system in order to comply 
with ripple voltage specification. Thus, the timing of the 
switching is of importance although not critical. A transition 
477
Authorized licensed use limited to: Danmarks Tekniske Informationscenter. Downloaded on March 03,2010 at 07:52:13 EST from IEEE Xplore.  Restrictions apply. 
  
time of 0.1 ms is estimated to be reasonable. Compared to the 
140 kHz, which has been chosen as the switching frequency for 
the individual converter boards, it is apparent that the transition 
times of the interconnecting switches are far from critical. 
 Even though the interconnecting switches are operated 
rarely, due to the rather low failure rate of the electronic 
components used and the transition time from one state to 
another is fairly quick, the price paid for using extra switches 
as connecting devices between the different blocks within the 
overall power system is an increased failure rate for the 
individual converter boards and an increase in total conduction 
losses. Furthermore, the overall cost and complexity of the 
power system is increased due to the use of extra switches. 
However, if these drawbacks at the board level imply a better 
probability of continuous operation at a system level, the added 
cost, complexity and losses might be negligible compared to 
the gain in reliability. Also, it should be noted that obtaining a 
similar reliability for a power system comprised of individual 
converter boards without the interconnecting capability would 
require more converter boards, which adds to system 
parameters such as volume and mass.  
 As mentioned in section ‘III. REDUNDANCY AS RELIABILITY 
ENHANCEMENT’ the statistical description of the reliability of 
the power system should be carried out using the Markov 
modeling approach. However, from a system point of view it 
should be obvious that the process of combining two defective 
converter boards to form one working converter board 
increases the overall system performance concerning both 
reliability and efficiency. In Figure 2 it can be seen that by 
combining two converter boards, which have failed in different 
locations on the board level, an alternative path for the power 
throughput can be established. This lowers the stress on the 
original 3 converter boards, since the load current now is 
shared among 4 converter boards. As a consequence the power 
system operating point on the efficiency curve tends to move 
towards the optimum operating point as shown in Figure 3. 
Also and most importantly, the overall power system reliability 
increases as a result of the newly configured power system 
comprised of 3 + 1 working converter boards. 
 
Failure Failure Failure
Failure Failure
Block A Block B Block C Block D Block E
Converter 1
Converter 2
Converter 3
Converter 4
Converter 5
Input
Input
Input
Input
Output
Output
Output
Output
Switch 1A Switch 1B Switch 1C Switch 1D
 
Figure 2. The 5 parallel connected converter boards 
 
 Referring to Figure 1 and Figure 2 this paragraph describes 
the abbreviations used to identify the individual blocks and 
switches within the power system. Starting with the blocks it 
can be seen from Figure 2 that these can be addressed using the 
converter number as a row identification and the block letter as 
column identification. Thus, the first faulty location in the 
power system shown in Figure 2 can be identified as: 
Converter 1, Block B.  
 Identification of the interconnection switches is 
accomplished through the adoption of the following notation: 
SXYZ  
Where S is the notation used in the software to identify a 
switch. X represents the converter number, Y represents the 
block prior to the switch in question and Z represents the 
switch position. Hence, the switch between block 1A and block 
1B set in position 1 gets the identification S1A1. 
 
Preferable operating point
Operating point after two failures
Output current
Efficiency
50%
100%
Imax
 
Figure 3. Example of operating point movement 
 
 In order to provide feedback to the redundancy control 
system, each block in the overall power system can take on two 
different logic values - logic 1 for a working block and logic 0 
for a faulty block. Since a faulty block is switched off and the 
redundancy control system continues to check the status of the 
overall power system, the logic state of any faulty block is 
latched. This ensures that the redundancy control system 
always gets the correct logic values from each block, even 
though the block in question has failed. Having retrieved all 
truth-values from the blocks within the power system an array 
containing the retrieved truth-values is generated. As will 
become apparent in section ‘V. ARRAY-BASED CONTROL 
SCHEME’ this array forms the basis for the calculation process 
as well as for the representation of the results. 
 Turning the attention towards the operation of the power 
system the following description represents the actions taken 
by the redundancy control in case of fault occurrence. 
Assuming a well functioning structure as the starting point, the 
power system consists of 5 inputs and 5 outputs. After a failure 
within the power system, the redundancy control shuts down 
the blocks associated with the faulty block and leaves the 
power system comprised of 4 inputs and 4 outputs. Except for 
the faulty block the rest of the inactive blocks now serve as 
cold spares for the power system in case of further failures. 
Now suppose a second fault occurs, for instance due to the 
increased stress on the remaining active converter boards. 
Since two faults have occurred it might now be possible to 
establish an alternative path through the power system and thus 
increase the number of active converter boards from 3 to 4. The 
only constraint that makes the establishment of an alternative 
path impossible is in case the two faults have occurred within 
the same block. In this case the power system would consist of 
478
Authorized licensed use limited to: Danmarks Tekniske Informationscenter. Downloaded on March 03,2010 at 07:52:13 EST from IEEE Xplore.  Restrictions apply. 
  
only 3 converter boards, which is the minimum number 
possible in order to sustain power delivery to the load.  
 Depending on the failure rate of the individual blocks it 
would be a rare situation that two successive faults occur in the 
same block, hence the probability of successful system 
reconfiguration is quite high. This indicates that the overall 
system reliability has increased compared to the situation with 
5 separate converter boards. 
 Based on this short description of the power system and its 
operation, the mathematical task of the redundancy control can 
be thought of as a method of finding alternative paths through 
the power system in case of fault occurrence. 
 
V. ARRAY-BASED CONTROL SCHEME 
 
 As described in section ‘II. ARRAY-BASED LOGIC’ the 
mathematical foundation is a consideration of truth-values as 
physical measurements. The truth-values in the application at 
hand are the discrete values obtained from each block in the 
power system, upon which the alternative path from input to 
output is calculated. With reference to Figure 2 it can be seen 
that the discrete values obtained from the individual blocks can 
be considered as an array of 5 rows and 5 columns. This array 
is a measurement of the condition of the overall power system 
and can therefore be used to identify problems within the 
system. Based on this identification of problems, the array-
based analysis suggests possible alternative paths through the 
power system. It should be noted that similar results could have 
been obtained by using standard digital logic. The reason for 
not implementing the redundancy control using this type of 
logic is due to the powerful array concept and operations in 
array theory, which makes it easy to expand the redundancy 
control scheme to include an arbitrary number of converter 
boards and switches. Thus, a formal description of a redundant 
power system comprised of any number of parallel-connected 
converter boards is straight forward, since the added system 
constraints are almost replicates of existing board level 
constraints. Similar implementation using standard digital logic 
would require considerable recalculations of the power 
system’s interconnections. 
 With reference to Figure 1 and Figure 2 it can be seen that 
the number of parameters needed to describe the power system 
in question is relatively large. For this reason most system 
constraints have been omitted in this presentation, although an 
example will be given on the following pages. 
 Having introduced the fundamentals of the power system, 
the array-based analysis can be carried out. The mathematical 
tool used in this project is based on the array theory developed 
by Dr. Trenchard More in the 1970’s and later (early 1980’s) 
implemented in the array-based software ‘Queens Nested 
Interactive Language (Q’Nial)’ by Professor Michael Jenkins. 
 Solving the problem at hand by establishing a generalized 
configuration space by the use of the Cartesian product of all 
system parameters would require a tremendous amount of 
computer memory, since the number of possible combinations 
exceeds 1030. A different approach has therefore been pursued.  
Using the allowable positions for each switch, an algorithm has 
been developed that in a successive way finds a feasible 
solution within a given amount of time.  
 Looking at the power system and the tasks of the redundancy 
control from a topological point of view it should be noted that 
the system’s topological array has characteristics similar to that 
of the incidence matrix describing electric networks within the 
field of graph theory. The reason the topological array only has 
similar and not identical characteristics to the incidence matrix 
is due to the unidirectional flow of power through the system. 
The classical approach in electric network theory using arrays 
is the bi-directional power flow that uses the numbers 0, 1 and  
–1 to identify the flow direction. Since the power system at 
hand only allows power to flow in one direction the closest 
match to the incidence matrix is the use of unidirectional 
circuit elements such as semiconductor devices within the 
electric network itself. From a mathematical point of view this 
adds considerably to the complexity of the system when 
performing reliability calculations, since the system now 
includes multiple failure modes for each block. Also, it should 
be noted that the analysis assumes a constraint between the 
blocks ‘PWM controller’ and ‘Power-switch’. This constraint 
ensures a correct connection between the driving ‘PWM 
controller’ and the semiconductor device making up the 
switching element of the converter.  
 As mentioned above the starting point in the development of 
the software was a series of system constraints that would limit 
the number of allowable switch combinations. The 
implementation example used in this presentation is the 
constraint saying that a switch set in position 1 cannot be set in 
any other position. Describing this constraint with a ‘logic-
level’ explanation, one obtains: 
 
If   s1a1 = 1  Then  s1a2 & s1a3 & s1a4 & s1a5 = 0 
 
 This description must now be converted into Nial terms, 
which results in the following lines of source code: 
 
a2:= OUTER <=s1a1 (not s1a2);   
a3:= OUTER <=s1a1 (not s1a3); 
a4:= OUTER <=s1a1 (not s1a4);   
a5:= OUTER <=s1a1 (not s1a5); 
 
 Noting the replication of parameter s1a1, the proposition 
must be united through the operation of colligation: 
 
(0 2 4 6) (1) (3) (5) (7) fuse (OUTER and a2 a3 a4 a5) 
  
 Following the above procedure, the remaining system 
constraints can be added to the source code. After a few 
transformations a list of allowable switch positions based on 
the system constraints can be obtained. Keeping in mind that 
the initial 25 combinatorial switch positions for any given 
switch now has been reduced to 6 allowable switch positions 
that comply with the system constraints: 
 
479
Authorized licensed use limited to: Danmarks Tekniske Informationscenter. Downloaded on March 03,2010 at 07:52:13 EST from IEEE Xplore.  Restrictions apply. 
  
+-----+-----+-----+-----+-----+-----+  
|ooooo|ooool|ooolo|ooloo|olooo|loooo| 
+-----+-----+-----+-----+-----+-----+   
 
 The first entry from the left in (1) is the NULL solution 
where the block subsequent to the switch in question is 
disconnected from all blocks within the power system. The 
entry to the right in (1) is the notation used for switch position 
1. The second entry from the right is the notation used for 
switch position 2 and so forth. As an example the entry to the 
right in (1) indicates that the left-hand side of the switch in 
question is connected to Converter 1 regardless to which 
converter board the right-hand side of switch is connected. 
Thus, a ‘0’ in any entry in (1) indicates a disconnection 
whereas a ‘1’ indicates a connection between two blocks. 
 Since the software program decides which blocks to 
interconnect at all times the power system would under normal 
circumstances interconnect the individual block in a way that 
enables power throughput within the physical boundaries of 
each converter board as shown in Figure 2. In case of multiple 
failures the algorithm would find a way through the system that 
ensures a maximum number of working converter boards. In 
other words, allowing the algorithm to decide which blocks to 
interconnect, the overall power system is no longer comprised 
of 5 individual converter boards with interconnecting switches, 
but 5 times 5 blocks that can be interconnected in an enormous 
number ways. This gives rise to the previously mentioned 
increase in reliability. As a consequence, a high reliable power 
system can be built with lower volume and mass than 
conventional power systems, but at the cost of increased circuit 
complexity and considerably higher cost price. 
 As an example of the capabilities of the algorithm, let the 
power system suffer from 8 faults located in different places 
throughout the power system. A condition from which a power 
system comprised of standard parallel-connected converter 
boards could not recover. As seen from Figure 4 each row in 
the power system has suffered at least one failure. 
 
  
 
Figure 4. 8 faults distributed among all 5 converters 
 
 The array to the right in Figure 4 is the system truth-values 
as they are entered into the system array for calculation 
purposes. The software program now performs the following 
tasks in order to establish a path between the first two blocks.  
The starting point is the answer to the following question:  
 Does the combination of 1 1 occur in the first two columns in 
the matrix shown to the right in Figure 4? In Nial terms this 
can be expressed in a very compact form: 
 
Q:= ((0 pick (cols AA) EACHLEFT = ll) link o) 
 
lolloo 
 
 The result is shown as truth-values. It should be noted that 
due to the number of allowable switch positions a falsehood 
has been attached to the end of the result. 
 
 Assigning the correct switch positions to the entries that 
returned truth is completed through the operation ‘sublist’. 
 
Y:= Q sublist (reverse Res_1) 
 
+-----+-----+-----+                              
|loooo|ooloo|ooolo|                              
+-----+-----+-----+ 
 
 In order to insert the correct switch positions into the result 
array, the positions that returned truth must be identified in 
Index origin 0. 
 
Index:=  EACH first (Y EACHLEFT  
 sublist tell (first shape AA)) 
 
0 2 3 
 
 Finally, the assigned switch positions are inserted into the 
result array by using the operation ‘placeall’. 
 
Y (cart Index 0) placeall AA 
 
 Following a similar procedure the rest of the truth-values in 
the array shown to the right in Figure 4 are replaced by feasible 
switch positions. The resulting array for the case of 8 faults 
distributed among all 5 converters is shown in Figure 5. 
  
+-------+-------+-------+-------+ 
|+-----+|+-----+|+-----+|+-----+| 
||loooo|||ooooo|||ooooo|||ooloo|| 
|+-----+|+-----+|+-----+|+-----+| 
+-------+-------+-------+-------+ 
|+-----+|+-----+|+-----+|+-----+| 
||ooooo|||loooo|||ooooo|||ooolo|| 
|+-----+|+-----+|+-----+|+-----+| 
+-------+-------+-------+-------+ 
|+-----+|+-----+|+-----+|+-----+| 
||ooloo|||ooooo|||olooo|||ooool|| 
|+-----+|+-----+|+-----+|+-----+| 
+-------+-------+-------+-------+ 
|+-----+|+-----+|+-----+|+-----+| 
||ooolo|||ooloo|||ooolo|||ooooo|| 
|+-----+|+-----+|+-----+|+-----+| 
+-------+-------+-------+-------+ 
|+-----+|+-----+|+-----+|+-----+| 
||ooooo|||ooolo|||ooool|||ooooo|| 
|+-----+|+-----+|+-----+|+-----+| 
+-------+-------+-------+-------+ 
Figure 5. Result array 
 
 Comparing the array shown to the right in Figure 4 with the 
result array shown in Figure 5 it is obvious that the two arrays 
1 1 0 0 1 
0 0 1 0 1 
1 1 0 1 1 
1 1 1 1 0 
0 1 1 1 1 
  (1)
 (2)
480
Authorized licensed use limited to: Danmarks Tekniske Informationscenter. Downloaded on March 03,2010 at 07:52:13 EST from IEEE Xplore.  Restrictions apply. 
  
are linked through a transformation array. Considering the axes 
of the two arrays it can be seen that the transformation array is 
the previously mentioned incidence matrix for electric 
networks.  
 
VI. RELIABILITY ASSESSMENT 
 
 As indicated in section ‘III. REDUNDANCY AS RELIABILITY 
ENHANCEMENT’ the reliability of the power system at hand is 
best found using the Markov Modeling approach. However, 
due to the large number of states in which the power system 
can reside the calculations become extremely complicated 
resulting in loss of any insight into the relation between 
survivability of each block and the impact of the overall 
system. Changing the viewpoint from dynamic parts level 
redundancy to system level survivability makes it possible to 
express the overall system performance concerning reliability 
as a function of time. It should be noted that this approach does 
not provide any system information during transition from one 
state to another. However, in most cases the figure of merit 
relevant to most customers is the probability of system survival 
within the expected system lifetime. For this reason the 
proposed system level approach will be utilized. 
 When considering reliability assessment of systems several 
evaluation techniques are applicable. However, due to the 
complicated interconnection of the individual blocks within the 
power system a generalized approach focusing on a formal 
system description by means of block reliabilities is desirable. 
Two approaches comply with the latter desire - event trees and 
connection matrix techniques. Since the power system at hand 
is comprised of a rather large number of blocks the event tree 
approach quickly becomes too complex. In contrast the 
connection matrix technique establishes a matrix representing 
power flow between system nodes by means block reliabilities. 
Thus, the obvious approach is the connection matrix technique, 
which will be used throughout the remainder of this 
presentation. 
 Figure 6 shows a cross section of the power system found in 
Figure 2.  
BA
HF
2 3
Input
Input
1
G I
4
 
Figure 6. Cross section of Figure 2 
 
Representing both power flow and system nodes the green 
arrows (horizontal) in Figure 6 are the basis for the connection 
matrix technique. It should be noted that flow from one block 
to another is unidirectional whereas the flow to and from a 
switch is bidirectional. The blocks interconnecting the 
individual nodes are characterized by their probability of 
providing fault free operation for a specified period of time. 
The establishment of the connection matrix is now 
straightforward as the entries of the matrix are the probabilities 
for each block interconnecting two adjacent nodes. Figure 7 
shows the technique applied to the blocks and nodes found in 
Figure 6. 
 
1 2 3
1
2
3
4
4
1 A 0 0
0 1 B G
0 0 1 0
10 G 0
0
0
0 0 0
0 0
0
1
C
0
 
Figure 7. Connection matrix for  
 
 In Figure 7 the blue circles define the unidirectional flow 
between node 1 and 2 (block A) while the red circles define the 
bidirectional flow between node 2 and 4 (block G - a switch). 
 Having established the entire connection matrix the next step 
is either node removal through sequential reduction or matrix 
multiplication. The latter method being the easiest to apply, 
thus being the method preferred. Application of the matrix 
multiplication is straightforward as the basic connection matrix 
is multiplied by itself a number of times until the resulting 
matrix remains unchanged. The transmission from input to 
output is now derived from the matrix as the entry found in row 
‘1’ and the column containing the output node.  
 Based on the solution derived from the connection matrix 
and on the assumption that the block failure rates throughout 
the power system are identical the following system probability 
equation can be established:   
                                                                                                  
 
( ) t   -
based-Array
Switch5e  P ⋅+= λ
λ
 
 
 λSwitch is the failure rate of each switch and λ is the overall 
failure rate for each converter board. By means of the 
exponential distribution the probability of system survival of a 
traditional redundant power system can be found as: 
 
 t-lTraditiona e  P
⋅
=
λ  
 
 Comparing (3) and (4) it can be seen that the difference is the 
exponent. As will become apparent this difference is of great 
importance when considering redundant systems.  By means of 
the probabilities found in (3) and (4) the binomial coefficients 
for a N+2 redundant system can be established: 
  (3)
  (4)
481
Authorized licensed use limited to: Danmarks Tekniske Informationscenter. Downloaded on March 03,2010 at 07:52:13 EST from IEEE Xplore.  Restrictions apply. 
  
 
 λλλ ⋅⋅⋅⋅⋅⋅ ⋅+⋅⋅= t-5t-4t-3lTraditiona e6e15-e10  R  
 
 κκκ ⋅⋅⋅⋅⋅⋅ ⋅+⋅⋅= t-5t-4t-3based-Array e6e15-e10  R  
 
where κ is equal to: 
                                                                                                  
 ( ) t    Switch5 ⋅+= λκ λ  
 
 Plotting the two equations reveals the probability of system 
survival for a given period of time as a function of overall 
converter board failure rate.  
 
2.105 4.105 6.105 8.105 10.105 12.105
Failure rate (FIT)
Probability (P)
0.8
0.6
0.4
0.2
1.0
 
Figure 8. Probability of system survival  
 
 The red line in Figure 8 is the probability of system survival 
for the array-based approach while the green line shows the 
probability of system survival for a traditional redundant power 
system.  
 
The reliability of the array-based approach is worse at 
converter board failure rates below the switch failure rate plus 
one-fifth the converter board failure rate. The boundary 
between the two reliability scenarios can in mathematical terms 
be expressed as: 
                                                                                                  
 ( ) t- t   - Switch5 ⋅=⋅+ λλλ    ⇒   45 Switch  λλ ⋅=  
 
 Thus, at converter board failure rates below the value given 
in (8) the traditional approach would be preferable. However, 
the converter board failure rate for any power system would by 
far exceed the failure rate of a single switch. For this reason it 
can be concluded that the array-based approach indeed 
increases the overall reliability of the proposed power system 
configuration. 
 
VII.  CONCLUDING REMARKS 
 
 An alternative approach in the design of reliable power 
systems has been presented. Based on statistical calculations 
using among others the exponential distribution it has been 
show that redundancy is the tool to implement when 
considering high reliable power systems.  
 Also, a control scheme for the redundancy control of the 
power system has been presented. Using the array-based logic 
a well functioning system capable of establishing the maximum 
number of working converter boards possible has been 
implemented.  
 Finally, an assessment of the overall gain in power system 
reliability has been performed. This assessment showed that a 
considerable increase in system survivability is possible when 
the proposed array-based control and implementation technique 
is applied. 
 
ACKNOWLEDGMENT 
 
 The author would like to thank Associate Professor, Ph.D. 
Peter Falster, Department of Electric Power Engineering, 
Technical University of Denmark and Senior Designer Henrik 
Møller, Alcatel Space Denmark for their support during this 
work. 
 
REFERENCES 
 
[1] Military Handbook (MIL-HDBK-217): Reliability Prediction of 
Electronic Equipment. 
 
[2] Mike Jenkins and Peter Falster: “Array Theory and Nial”, report 1999, 
Department of Electric Power Engineering, Technical University of 
Denmark. 
 
[3] Gert L. Møller: “On the technology of array-based logic”, Ph.D. thesis 
1995, Department of Electric Power Engineering, Technical University of 
Denmark. 
 
[4] Ole Immanuel Franksen: ”Group Representations of Finite Polyvalent 
Logic – a Case Study Using APL Notation”, IFAC VII World Congress, 
Helsinki, June 1978. 
 
[5] Ole Immanuel Franksen and Peter Falster: “Colligation or, the logic 
inference of interconnection”, Mathematics and Computers in Simulation 
52 (2000) 1-9. 
 
[6] Bruce K. Walker: “Evaluating Performance and Reliability of 
Automatically Reconfigurable Aerospace Systems Using Markov 
Modeling Techniques”, Department of Aerospace Engineering & 
Engineering Mechanics, University of Cincinnati, OH, USA. 
 
[7] Trenchard More: “Notes on the Diagrams, Logic and Operations of Array 
Theory”, Structures and operations in Engineering and Management 
Systems, The second Lerchendal Book, Tapir Publishers. 
 
[8] Mike A. Jenkins: “Q’Nial Reference Manual”, Nial Systems Limited, 
Kingston, Ontario, Canada, 1985. http://www.nial.com 
  (5)
  (7)
  (6)
  (8)
482
Authorized licensed use limited to: Danmarks Tekniske Informationscenter. Downloaded on March 03,2010 at 07:52:13 EST from IEEE Xplore.  Restrictions apply. 
