Fault-tolerant design strategies for high reliability and safety

Several fundamental results related to reliability and safety are analyzed. Modular redundant systems consisting of multiple identical modules and an arbiter are considered. It is shown that for a given level of redundancy, a large number of implementation alternatives exist with varying degree of reliability and safety. Strategies are formulated that achieve a maximal combination of reliability and safety. The effect of increasing the number of modules on system reliability and safety is analyzed. It is shown that when one considers safety in addition to reliability, it does not necessarily help to simply add modules to the system. Specifically, increasing the number of modules by just one does not always improve both reliability and safety. To improve reliability and safety simultaneously, at least two additional modules are required when the outputs of the individual modules do not have any redundant information (e.g., coding for error detection). However, it is shown that if the modules themselves have built-in error detection capability, addition of just one module may be sufficient to improve both reliability and safety