Electronic architecture for the safety of machinery : study of the design conditions for Common Mode Failures

The safety of machine control systems has to be treated within the general framework of dependability and must relate to the tolerance, avoidance and forecasting of faults. After having described the particular context of the safety of machinery, some techniques are given to deal with these various aspects for independent faults.
Then, the common mode failures inherent to the redundant structures are dealt with. Following the recall of the main definitions and the process of "creation" of common mode failures, a bibliographic study makes an inventory of the principal methods to take into account these failures. A detailed attention is paid to the modelling of the hardware common mode failures. The comparison of various models shows that the ß factor is appropriate for the applications concerning the safety of machinery. The conditions for the use of this model are given.
Different architectures classically used to ensure the dependability of a control system were analysed in a qualitative (foreseeable behaviour in the presence of failures) and quantitative way (determination of the probability of dangerous failure PDF). The influence of the ß factor and the coverage rate of the diagnostic tests on the PDF were studied for the 1oo2D architecture. Finally, two conditions for the design of a type 1oo2 heterogeneous architecture were studied : synchronisation of the two channels and design of a comparator.
This work reveals the incapacity of the existing models to represent in a satisfactory way the common mode failures of two heterogeneous channels. It also shows the limits of the quantification by the calculation of the PDF, due to the difficulties of precisely evaluating the failure rates of the components, the coverage rates of the diagnostic tests or the ß factor.