A Design of Approximate Voting Schemes for Fail-Operational Systems

In safety critical systems, e.g., automotive systems, the concept of fail-operational is very important. In this paper we focus on an approximate voting scheme called IDMR (Inexact Double Modular Redundancy), which can detect an error of the output of the duplicated system and correct the error approximately if the significance of the error is within a certain limit; The systems with IDMR can operate continuously even if a fault occurs in the system, i.e., the systems are failoperational. To enhance the ability of IDMR scheme, we propose an extended architecture for IDMR scheme, which is called EIDMR (Extended IDMR). The proposed E-IDMR can correct large errors that cannot be corrected by IDMR, so that the systems with E-IDMR achieve higher fail-operational ability than those with IDMR. Application to automotive ABS and LKAS shows that the proposed E-IDMR is more effective for implementation of these fail-operational systems.