Fault-tolerant and resilient design of potentially dangerous systems

Abstract

Increasing customer expectations, global competition and sustainability considerations have led to more and more complex technical systems. The performance, efficiency and quality are increasing, but also the possibility for faults. Designers need to develop technical systems, which will not fail as a consequence of these faults but will be resilient, i.e. they are capable to behave in an acceptable manner in the presence of faults. In recent years, strategies, methods and tools were proposed which may assist designers in this endeavor, both in the field of systematic fault-tolerant design and in the field of resilience engineering. Similar goals are pursued by strategies, methods and tools which aim to increase the safety and reliability of technical systems; these are even formulated in several international standards. This paper proposes a sensible structure to combine and integrate these strategies, methods and tools and is explaining this structure and concrete design aspects based on the development of three potentially dangerous systems - a lifting mast for an agricultural tractor, a power lift for an agricultural vehicle and a log splitting device.