This paper sets out to present a non-specialist overview of what fault tolerant systems are intended to achieve, the various possible approaches (from simple to complex) which are followed, how well they meet the goals and the particular problems or advantages they possess. The source data for the paper and its background is aviation gas turbine controls but the principles are of general application.
Fault tolerance is aimed at obtaining greater system availability without compromising safety. Many different system configurations have been postulated or tried out. The paper considers 11 and deals in detail with several of them, covering a wide range of cost and complexity. The choice between these diverse systems depends upon application, installation, the powerplant/vehcile configuration and most importantly on the complexity of the control hardware. It involves choices of actuation system, monitoring methods, failure recovery and, in digital systems, software. The paper explains the rationale and the significance of each influence.
Each configuration can be applied more or less successfully to a range of control uses. The discussion indicates which special features are advantageous and which are disadvantageous in different regions of the applications spectrum.
Relative representative cost and reliability figures are given for each configuration and, for aviation types of design, relative sizes and weights.
There is no single, generally applicable “fault tolerant system”. The issues are basically simple but frequently confused. It is the aim of the paper to clearly present these issues and the merits of various configurations in general terms and to promote wider and better informed discussion of them.