Why Fail-Safe-Architectures are not sufficient for Tanks
The German Puma infantry tank experienced serious technical problems in military combat trainings. Following the background articles in the German media, these problems were mainly caused due to electronic components and wiring harness defects. You can find some backgrounds about the issue in the following article: Technical problems plague Germany's Puma armored vehicles
For us, there's at least one additional background: If vehicles are failing because of a single fault, they use a fail-safe-architecture. But for systems, that need availability as an essential asset, fail-safe-architectures are not sufficient.
Sophisticated systems always come with distributed architectures. If one component fails, the complete system fails, if the system only incorporates a fail-safe-architecture.
Siliconally can help you in building fail-operational systems. We deliver communication IP and support you in the development of the right architecture.