Reliability & Safety Analysis of a Fault-Tolerant Controller

This paper analyzes a fault-tolerant, microprocessor-based controller for an electric wheelchair. Two candidate architectures are considered, including reconfigurable duplication and stand-by sparing. The difference in the reliability and safety of the two candidates is determined through the use of Markov models. Safety is paramount in the wheelchair application because of the need to protect the physically disabled wheelchair user;reliability by itself is insufficient for selecting an appropriate architecture in this application. The results show that reconfigurable duplication is safer than standby sparing even though standby sparing is more reliable. Because of the better safety, reconfigurable duplication is the preferred approach for the wheelchair application. Safety is extremely important in the selection of a fault-tolerant architecture for the electric wheelchair control system. Standby sparing provides a conceptually simple approach that achieves a higher reliability than reconfigurable duplication. However, reconfigurable duplication has a higher safety for a given fault coverage. Because of the need for safety in the electric wheelchair control system, reconfigurable duplication is the selected approach.