The ubiquitous presence of computers in modern life has created such a dependence on these machines that a computer malfunction can cause disruptions in such diverse areas as airline travel, payroll disbursements, and banking transactions. Accordingly, a significant engineering effort has been expended to design fault tolerant computers. A fault tolerant computer contains subsystems that continuously perform their intended function in spite of a single subsystem component failure.
Further, it is a design goal to make machines field serviceable so that repairs and modifications can be made by on site personnel. Often, these personnel are not highly trained and regulatory agencies require that areas accessible to untrained personnel be protected by energy limit systems to prevent injury if a person accidentally creates a short circuit to ground. In a system having a fixed voltage supply, the energy limit system takes the form of current must be failsafe so that no single component failure in the system will result in an unsafe condition or a hazard to personnel. Thus, the concurrent requirements or reliability and safety impose different design constraints on the current limit system.
Typically, overcurrent limit circuits are included with the power supply itself. In some situations, the power supply provides power to a number of load circuits where some of the load circuits require overcurrent protection and others do not. An internal limit system monitors the sum of all the load currents and shuts off the power supply when this sum exceeds a predetermined limit. However, the power supply might be shut down when in fact the overcurrent condition was due to excessive current being drawn in a load circuit that did not require overcurrent protection and did not result in a hazard to personnel or unsafe condition. In this case, the power supply shut-off would have been unncessary. Conversely, an overcurrent could exist in a load current may not be detected because the sum of the load currents in all load circuits did not exceed the predetermined limit required to shut off the power supply.
Accordingly, a need exists for a current limit system that is fault tolerant and failsafe for all component failure modes and that can selectively bypass load circuits not requiring overcurrnt protection.