Global Sources
EE Times-India
Stay in touch with EE Times India
EE Times-India > Embedded

Embedded safety minimises system cost, size and devt time

Posted: 19 Apr 2012     Print Version  Bookmark and Share

Keywords:one-out-of-two system  industrial-control  microcontroller 

Some designers may find it daunting to integrate functional safety into a complex electronic system. Recent advances in embedded processor architecture, however, have made this task readily attainable at lower cost.

To understand why functional safety standards dictate numerous system aspects, it helps to know the types of failures to which embedded systems are susceptible. In general, failures fall into two main categories: systematic and random.

Systematic failures usually result from problems with the chip design, software bugs or the manufacturing process. Continuous process improvements often repair them. An example of a systematic failure in an electronic system is a suboptimal solder reflow profile used in printed-circuit board assembly that results in circuit-continuity failures.

Random failures may be more difficult to fix, because they often result from chance defects or events that are inherent to a process, a usage condition or the operating environment. An example of a random failure in an electronic system is an embedded-processor malfunction caused by an alpha or neutron particle bombarding a RAM bit, getting it to flip state. It is almost impossible to reduce the rate of random failures, but use of risk-mitigation measures can help detect them and respond appropriately when they occur.

At the design stage, safety-critical architectures have helped electronic systems to withstand both systematic and random failures. The three architectures now used most often are the one-out-of-two system (1oo2), the two-out-of-two system (2oo2) and the two-out-of-three system (2oo3).

The 1oo2 system is usually implemented using two embedded processors with independent input/output (I/O) in a configuration where both controllers must command an output for activation to occur. In this architecture, it takes a failure in both systems for an inadvertent activation to happen.

Like the 1oo2 system, the 2oo2 system has two embedded processors with independent I/O. In this configuration, however, the output circuit is configured in a manner in which a failure in both systems must occur for an inadvertent deactivation. Both of these systems are usually found in industrial-control environments, where inadvertent activation or deactivation of an actuator could be dangerous.

The 2oo3 system is designed with three embedded processors and a complex output voting circuit. When a fault occurs in one of the three controllers, the output of the other two is used to control the system. A 2oo3 system is usually used in fail-operation applications, where the system must continue functioning despite a failure—most often, flight-critical aircraft systems and life-support medical devices.

But using these safety-critical architectures takes a tremendous amount of development time and effort; not only does the entire embedded processor need to be duplicated, but sophisticated software-safety algorithms must be implemented. In addition, these architectures increase the systems' susceptibility to random failures. The amount of logic that is susceptible to alpha- and neutron-particle strikes increases significantly as the number of system processors grows.

1 • 2 Next Page Last Page

Comment on "Embedded safety minimises system cos..."
*  You can enter [0] more charecters.
*Verify code:


Visit Asia Webinars to learn about the latest in technology and get practical design tips.


Go to top             Connect on Facebook      Follow us on Twitter      Follow us on Orkut

Back to Top