REDUNDANCY

Concept and Forms of RedundancyHardware Redundancy

Comparison of the Passive and the Active Redundancy

Application ExamplesLecture 3

19/02/2018 Redundancy 46

Methods to Increase the Reliability

• simple system design with few parts vs. complex systems,

• using parts with small failure rate – high production cost,

• using parts with the same failure rates,

• redundant structure – to increase the reliability of a „weak” system,

• life ageing,

• tolerance analysis – Worst-Case Analysis, Mionte Carlo Simulation,

• Fault Tree Analysis,

• short operating time/small switching number,

• derating (reduced load),

• protection against the overload,

• maintenance strategies, preventive maintenance,

• diagnostics systems.

19/02/2018 Redundancy 47

Redundancy

19/02/2018 Redundancy 48

Concept of the Redundancy

• redundancy: use of some additional elements within the system which would not be

reqiured in a system that was free from all faults:

• the system is more complex than that needed simply to perform the required task,

• redundancy is required to increase the:

• reliability of the total system,

• intrinsic safety – (effects of a fault),

• increasing the reliability increases the intrinsic safety, but the redundancy that just

increases the intrinsic safety itself, decreases the reliability.

19/02/2018 Redundancy 49

Forms of the Redundancy

• main forms of the redundancy:

• structural:

• hardware,

• software,

• informal,

• functional,

• temporal (time),

• derating,

• eneregy,

• combnations of the above.

19/02/2018 Redundancy 50

Forms of the Redundancy

• the suttle is entirely dependent on its on-

board computers for many flight-critical

functions,

• failure of the computer systems could risk

not only the lives of the astronauts, but

also a vehicle costing several billion dollars

• combinations of the redundancy:

• HW, SW, fault detection, design diversity, fault

masking

• HW voting to provide fault masking, and each

processor also compares its result with those

reproduced by its neighbours

19/02/2018 Redundancy 51

Forms of the Redundancy

• hardware redundancy: the use of HW in addition to that which would be required to

implement the system in the abscence of faults, with the aim of detecting or tolerating

faults.

19/02/2018 Redundancy 52

Forms of the Redundancy

• software redundancy: the use of SW in addition to that which would be required to

implement the system in the abscence of faults, with the aim of detecting or tolerating

faults.

19/02/2018 Redundancy 53

Forms of the Redundancy

• information redundancy: the use of information in addition to that required to

implement a given function, with the aim of detecting or tolerating faults.

• parity bits,

• error detecting or correcting codes,

• checksum.

19/02/2018 Redundancy 54

Forms of the Redundancy

• temporal (time) redundancy: the use of time in addition to that required to implement

a given function, with the aim of detecting or tolerating faults.

• repeating calculations and comparing the results obtained,

• detect transient faults,

HARDWARE REDUNDANCY

19/02/2018 Redundancy 56

Hardware Redundancy

• in order to increase the reliability:

• component (part),

• unit,

• device (appliance),

• entire system

• with the same parts: protection against the random failures

• with different parts: protection against the common-cause failures

19/02/2018 Redundancy 57

Hardware Redundancy

• in a redundant structure, the entire system remain operational in a case of a failure,

depending on the degree of the redundancy of components, units, devices and system,

• it is possible to construct a system with high reliability with components whose reliability

is low:

• if n=6, and 𝑅1=𝑅2 = ⋯ = 𝑅𝑛 = 0.3

• 𝑅𝑠𝑦𝑠 𝑡 = 1 − 1 − 𝑅 𝑡𝑛= 1 − 0.76 = 0.88 ≫ 0.3

• important to note: it must to check the existence of the redundancy continously, or

with appropriate frequency

E1

E2

En

1

2

n

R1(t)

R2(t)

Rn(t)

19/02/2018 Redundancy 58

Forms of the Hardware Redundancy

• Passive Redundancy/ Cold Standby

• switched („1 out of n” or 1oo n),

• N-modular („k out of n),

E1

E2

E3

E1 E2

E3

E1 E2

E3 E2

E1 E3

V

B

V

19/02/2018 Redundancy 59

Passive Redundancy

• In the case of the passive redundancy, the spare parts (components, units, devices) will

take over workflow, if the basic parts fail. Under normal operational conditions, the

spare parts are switched off.

• advatage: the using of spare parts starts later, it means significantly longer lifetime,

• disadvantage: a switching process is needed, from seconds to several minutes (hours). Durning the

switching process, the system is out of operation.

• the passive redundancy can be realized by:

• bulit-in units,

• spare (replaceable) units.

19/02/2018 Redundancy 60

Ideal and Real Switch

• ideal switch:• switching time ts=0,

• lifetime Ts=∞,

• real switch:• switching time (ts>0), it has to maximalize based on the process controlled, lifetime (Ts<∞), it has to be much

more, than the lifetime of the switched units, due not to reduce the lifeteime substantially of the entiresystem,

• the switching process depends on the switching time and the starting process (initialization) ofthe standby system,

• the switching process can be ralized by:• manually,

• automatically.

19/02/2018 Redundancy 61

Forms of the Hardware Redundancy

• Active Redundancy / Hot Standby

• not switched (parallel, „1 out of n”)

• switched („1 out of n”)

E1

E2

E3

E1

E2

E3

19/02/2018 Redundancy 62

Forms of the Hardware Redundancy

• Active Redundancy / Hot Standby

• N-modular („k out of n”),

• N modular with voting logic („k out of n with voter”), E1

E2

E3

V

E1 E2

E3

19/02/2018 Redundancy 63

Active Redundancy

• In the case of the active redundancy, the spare parts (components, units, devices) are

working together with the basic parts.

• advantage: switching process is not needed (or it takes very short time), thus the spare parts are

ready immediately to continue the operation,

• disadvantage: the spare parts are working together with the basic parts, thus the increasing of the

lifetime is lower than in the case of the passive redundancy

• Warm Standby:

• the spare system runs in the background of the primary system,

• data is mirrored to the spare element at regular intervals - fastest switching process

COMPARISON OF THE PASSIVE AND

THE ACTIVE REDUNDANCY

19/02/2018 Redundancy 65

Expected Lifetime

0

1

2

3

4

5

6

7

8

1 2 3 4 5 6 7 8

Active

Passive

T

n

19/02/2018 Redundancy 66

Reliability

0

0,25

0,5

0,75

1

Active, n=2

Passive, n=2

Without Redundancy

tRs

t

19/02/2018 Redundancy 67

Failure rate

Active, n=2

Passive, n=2

ts

t

1

19/02/2018 Redundancy 68

Redundancy with Real Switch

0,8

0,9

1

Passive, r=100%

Passive, r=90%

Passive, r=80%

Active (paralell)

r=R(t) of the switch

tRs

t

n = 2

APPLICATION EXAMPLES

19/02/2018 Redundancy 70

Parallel Redundancy – Serial Electronic Connection

• Target: one failure do not cause a hazardous situation!

K1 K2

UT

+U

λsw≈ λshort circuit

two-tier separation

λdiode≈ λshort circuit

λ≈ λshort circuit + λinterruption

λinterruption λshort circuit

19/02/2018 Redundancy 71

Parallel Redundancy – Serial Electronic Connection

• Target: the unit operates continously in a case of a failure:

~

+U

λ≈ λinterruption

λ≈ λinterruption

λshort circuit = λinterruption

19/02/2018 Redundancy 72

Uninterruptible Power Supply (UPS)

~

=

=

~

=

=

Direct Current

Uninterruptible Alternate Current

Residental

Network 2. network, diesel

Battery Bank

2x

2x

19/02/2018 Redundancy 73

Uninterruptible Power Supply (UPS)

~

=

=

~

=

=

Direct

Consumers

Uninterruptible

Direct Current

Uninterruptible

Alternate Current

Residental

network 2. network, diesel

Battery Bank

2x2x

2x

End of Lecture 3.

Thank you for your attention!