Towards a Metric for the Assessment of Safety Critical Control Systems

There is a need for better integration of the fault tolerant and the control designs for safety critical systems such as aircraft. The dependability of current designs is assessed primarily with measures of the interconnection of fault tolerant components: the reliability function and the mean time to failure. These measures do not directly take into account the interaction of the fault tolerant components with the dynamics of the aircraft. In this paper, a first step to better integrate these designs is made. It is based on the observation that unstable systems are intrinsically unreliable and that a necessary condition for reliability is the existence of a stabilizing control law that depends on the interconnection of the working fault tolerant components. Since operation of a fault tolerant interconnection of digital computers in a harsh environment can result in transient errors, a methodology to analyze the mean square stability of the fault tolerant closed-loop system is presented. A definition for mean square stabilizability is then used to introduce the new dynamical system reliability concept. An example illustrates the effect on mean square stability of several fault tolerant design choices and illustrates possible dynamical system reliability plots.