Fault Tolerant Electronic System Design

Due to technology scaling, which means reduced transistor size, higher density, lower voltage and more aggressive clock frequency, VLSI devices may become more sensitive against soft errors. Especially for those devices used in safety- and mission-critical applications, dependability and reliability are becoming increasingly important constraints during the development of system on/around them. Other phenomena (e.g., aging and wear-out effects) also have negative impacts on reliability of modern circuits. Recent researches show that even at sea level, radiation particles can still induce soft errors in electronic systems. On one hand, processor-based system are commonly used in a wide variety of applications, including safety-critical and high availability missions, e.g., in the automotive, biomedical and aerospace domains. In these fields, an error may produce catastrophic consequences. Thus, dependability is a primary target that must be achieved taking into account tight constraints in terms of cost, performance, power and time to market. With standards and regulations (e.g., ISO-26262, DO-254, IEC-61508) clearly specify the targets to be achieved and the methods to prove their achievement, techniques working at system level are particularly attracting. On the other hand, Field Programmable Gate Array (FPGA) devices are becoming more and more attractive, also in safety- and mission-critical applications due to the high performance, low power consumption and the flexibility for reconfiguration they provide. Two types of FPGAs are commonly used, based on their configuration memory cell technology, i.e., SRAM-based and Flash-based FPGA. For SRAM-based FPGAs, the SRAM cells of the configuration memory highly susceptible to radiation induced effects which can leads to system failure; and for Flash-based FPGAs, even though their non-volatile configuration memory cells are almost immune to Single Event Upsets induced by energetic particles, the floating gate switches and the logic cells in the configuration tiles can still suffer from Single Event Effects when hit by an highly charged particle. So analysis and mitigation techniques for Single Event Effects on FPGAs are becoming increasingly important in the design flow especially when reliability is one of the main requirements

Problems related to the integration of fault tolerant aircraft electronic systems

Problems related to the design of the hardware for an integrated aircraft electronic system are considered. Taxonomies of concurrent systems are reviewed and a new taxonomy is proposed. An informal methodology intended to identify feasible regions of the taxonomic design space is described. Specific tools are recommended for use in the methodology. Based on the methodology, a preliminary strawman integrated fault tolerant aircraft electronic system is proposed. Next, problems related to the programming and control of inegrated aircraft electronic systems are discussed. Issues of system resource management, including the scheduling and allocation of real time periodic tasks in a multiprocessor environment, are treated in detail. The role of software design in integrated fault tolerant aircraft electronic systems is discussed. Conclusions and recommendations for further work are included

Modeling and Verification of Dependable Electronic Power System Architecture

AbstractThe electronic power system can be viewed as a system composed of a set of concurrently interacting subsystems to generate, transmit, and distribute electric power. The complex interaction among sub-systems makes the design of electronic power system complicated. Furthermore, in order to guarantee the safe generation and distribution of electronic power, the fault tolerant mechanisms are incorporated in the system design to satisfy high reliability requirements. As a result, the incorporation makes the design of such system more complicated. We propose a dependable electronic power system architecture, which can provide a generic framework to guide the development of electronic power system to ease the development complexity. In order to provide common idioms and patterns to the system *designers, we formally model the electronic power system architecture by using the PVS formal language. Based on the PVS model of this system architecture, we formally verify the fault tolerant properties of the system architecture by using the PVS theorem prover, which can guarantee that the system architecture can satisfy high reliability requirements

Fault-tolerant multilevel converter to feed a switched reluctance machine

The switched reluctance machine (SRM) is one of the most interesting machines, being adopted for many applications. However, this machine requires a power electronic converter that usually is the most fragile element of the system. Thus, in order to ensure high reliability for this system, it is fundamental to design a power electronic converter with fault-tolerant capability. In this context, a new solution is proposed to give this capability to the system. This converter was designed with the purpose to ensure fault-tolerant capability to two types of switch faults, namely open- and short-circuit. Moreover, apart from this feature, the proposed topology is characterized by a multilevel operation that allows improvement of the performance of the SRM, taking into consideration a wide speed range. Although the proposed solution is presented for an 8/6 SRM, it can be used for other configurations. The operation of the proposed topology will be described for the two modes, fault-tolerant and normal operation. Another aspect that is addressed in this paper is the proposal of fault detection and diagnosis method for this fault-tolerant inverter. It was specifically developed for a multilevel SRM drive. The theoretical assumptions will be verified through two different types of tests, firstly by simulation and secondly by experiments with a laboratory prototype.info:eu-repo/semantics/publishedVersio

Development of an interface for an ultrareliable fault-tolerant control system and an electronic servo-control unit

The NASA Ames Research Center sponsors a research program for the investigation of Intelligent Flight Control Actuation systems. The use of artificial intelligence techniques in conjunction with algorithmic techniques for autonomous, decentralized fault management of flight-control actuation systems is explored under this program. The design, development, and operation of the interface for laboratory investigation of this program is documented. The interface, architecturally based on the Intel 8751 microcontroller, is an interrupt-driven system designed to receive a digital message from an ultrareliable fault-tolerant control system (UFTCS). The interface links the UFTCS to an electronic servo-control unit, which controls a set of hydraulic actuators. It was necessary to build a UFTCS emulator (also based on the Intel 8751) to provide signal sources for testing the equipment

SABRE: A bio-inspired fault-tolerant electronic architecture

As electronic devices become increasingly complex, ensuring their reliable, fault-free operation is becoming correspondingly more challenging. It can be observed that, in spite of their complexity, biological systems are highly reliable and fault tolerant. Hence, we are motivated to take inspiration for biological systems in the design of electronic ones. In SABRE (self-healing cellular architectures for biologically inspired highly reliable electronic systems), we have designed a bio-inspired fault-tolerant hierarchical architecture for this purpose. As in biology, the foundation for the whole system is cellular in nature, with each cell able to detect faults in its operation and trigger intra-cellular or extra-cellular repair as required. At the next level in the hierarchy, arrays of cells are configured and controlled as function units in a transport triggered architecture (TTA), which is able to perform partial-dynamic reconfiguration to rectify problems that cannot be solved at the cellular level. Each TTA is, in turn, part of a larger multi-processor system which employs coarser grain reconfiguration to tolerate faults that cause a processor to fail. In this paper, we describe the details of operation of each layer of the SABRE hierarchy, and how these layers interact to provide a high systemic level of fault tolerance. © 2013 IOP Publishing Ltd

Fault-tolerant fpga for mission-critical applications.

One of the devices that play a great role in electronic circuits design, specifically safety-critical design applications, is Field programmable Gate Arrays (FPGAs). This is because of its high performance, re-configurability and low development cost. FPGAs are used in many applications such as data processing, networks, automotive, space and industrial applications. Negative impacts on the reliability of such applications result from moving to smaller feature sizes in the latest FPGA architectures. This increases the need for fault-tolerant techniques to improve reliability and extend system lifetime of FPGA-based applications. In this thesis, two fault-tolerant techniques for FPGA-based applications are proposed with a built-in fault detection region. A low cost fault detection scheme is proposed for detecting faults using the fault detection region used in both schemes. The fault detection scheme primarily detects open faults in the programmable interconnect resources in the FPGAs. In addition, Stuck-At faults and Single Event Upsets (SEUs) fault can be detected. For fault recovery, each scheme has its own fault recovery approach. The first approach uses a spare module and a 2-to-1 multiplexer to recover from any fault detected. On the other hand, the second approach recovers from any fault detected using the property of Partial Reconfiguration (PR) in the FPGAs. It relies on identifying a Partially Reconfigurable block (P_b) in the FPGA that is used in the recovery process after the first faulty module is identified in the system. This technique uses only one location to recover from faults in any of the FPGA’s modules and the FPGA interconnects. Simulation results show that both techniques can detect and recover from open faults. In addition, Stuck-At faults and Single Event Upsets (SEUs) fault can also be detected. Finally, both techniques require low area overhead

A Scalable System Architecture for High-Performance Fault Tolerant Machine Drives

When targeting mission critical applications, the design of the electronic actuation systems needs to consider many requirements and constraints not typical in standard industrial applications. One of these is tolerance to faults, as the unplanned shutdown of a critical subsystem, if not handled correctly, could lead to financial harm, environmental disaster, or even loss of life. One way this can be avoided is through the design of an electric drive systems based on multi-phase machines that can keep operating, albeit with degraded performance, in a partial configuration under fault conditions. Distributed architectures are uniquely suited to meet these challenges, by providing a large degree of isolation between the various components. This paper presents a system architecture suitable for scalable and high-performance fault tolerant machine drive systems. the effectiveness of this system is demonstrated through theoretical analysis and experimental verification on a six-phase machine

Adaptive Signal Processing Strategy for a Wind Farm System Fault Accommodation

In order to improve the availability of offshore wind farms, thus avoiding unplanned operation and maintenance costs, which can be high for offshore installations, the accommodation of faults in their earlier occurrence is fundamental. This paper addresses the design of an active fault tolerant control scheme that is applied to a wind park benchmark of nine wind turbines, based on their nonlinear models, as well as the wind and interactions between the wind turbines in the wind farm. Note that, due to the structure of the system and its control strategy, it can be considered as a fault tolerant cooperative control problem of an autonomous plant. The controller accommodation scheme provides the on-line estimate of the fault signals generated by nonlinear filters exploiting the nonlinear geometric approach to obtain estimates decoupled from both model uncertainty and the interactions among the turbines. This paper proposes also a data-driven approach to provide these disturbance terms in analytical forms, which are subsequently used for designing the nonlinear filters for fault estimation. This feature of the work, followed by the simpler solution relying on a data-driven approach, can represent the key point when on-line implementations are considered for a viable application of the proposed scheme