The Special Challenges of Mission-Critical Electronics
Failures of safety-critical electronic systems can result in loss of life, substantial financial damage or can severely harm the environment. Such systems are used for example in medical equipment, in airplanes, in trains, or in nuclear power stations. In applications like these, no margin of error is tolerable. There is no opportunity to "tweak" improvements on the fly or to allow for unanticipated problems.
Different Safety Requirements in Different Markets
Computer architectures with safety-critical requirements are very complex. Considerations about such systems include safety-critical characteristics, reliability questions, error behavior modes, Safety Integrity Levels (up to SIL 3 or SIL 4) and the major IEC and EN standards, e.g., EN 50129 for railways or DO-254 for avionics (up to DAL-A or DAL-B).
A safety-critical system is affected by safe hardware boards and systems, a safe operating system and application software, even the tools that are used must be safe. And last but not least there is a dedicated development and validation, production and qualification process.
While the architecture concepts for different markets are rather similar, the way of thinking and developing a computer system for a safety-critical application is rather diverse between railways, avionics, medical engineering or car manufacturing - to name just a few.
Tools and Methods to Achieve Safety
The measures to achieve safe hardware include powerful planning tools with version management, the V-Model as one of the most popular development models, safety-management tools like risk management, requirement tracing, obsolescence management, product qualification, HASS and HALT.
Risk analysis methods describe how safety can be evaluated. The tools that can be used to calculate safety range from the well-known MTBF and MTBR values to Lambda, FMEA and BITE identification.
Consequently, a safe system architecture, both in hardware and in software, can have different structures of redundant sub-units, enhanced by diversity, and considering the relation between safety and availability.
Safe Computer Architectures
MEN has gathered vast experience with various architectures used to implement mission-critical systems. In the meantime we can offer standard COTS boards with different redundancy implementations on 3U and 6U CompactPCI® and 6U VMEbus along with certification packages for SIL 4.
More information on MEN's safe computer designs