The prevention of common mode failures in complex redundant architectures is an essential design step that is well known to system specialists. Common mode failures are events affecting a certain number of elements in an architecture that are identical or similar to one another, and that are considered as being independent. The use of dissimilar technologies in order to make architectures with asymmetrical redundant systems makes it possible to minimize the risks of common mode failures.
In hydraulic braking architectures, it is well known to make massive use of the dissimilarity principle. The example is given of a hydraulic braking architecture in which:                braking is provided in normal mode by means of a normal brake control unit (BCU) and servovalves (SV) for converting a braking setpoint value generated by the BCU into hydraulic power for the brakes. The normal brake control unit receives braking orders via the pedals, while the servovalves are powered by a normal hydraulic power network;        braking is provided in emergency mode by means of an emergency brake control unit (EBCU), and by direct drive servovalves (DDV); and        ultimate braking may be provided by means of a reserve store of hydraulic power and by a braking command coming from the parking control lever.        
In that type of architecture, the same functional elements (control units, command/power converters) are kept for the emergency channel as for the normal channel, with the functional elements using different technologies. The asymmetry of technology extends as far as the braking actuator, specifically the brake itself. Said brake may include a double cavity so that one cavity is connected to the corresponding servovalve SV of the normal circuit and the other cavity is connected to the corresponding servovalve DDV of the emergency circuit. Alternatively, the brake may have only a single cavity that is associated with a shuttle valve for receiving hydraulic power from one or the other of the channels, with said two channels being segregated.
In the field of electric braking provided by means of electro-mechanical actuators, dissimilarity generally does not extend as far as the braking actuator. The dissimilarity ends before reaching the device for switching off the motor of the actuator (typically the electric inverter contained in the electro-mechanical actuator controller (EMAC) that powers the electro-mechanical brake actuators (EBAs)).
If it is desired to make such an architecture less sensitive to common mode failures, it is essential to attempt to make the normal circuit redundant in a manner that is asymmetrical, i.e. by duplicating all of its functional elements (BCU, EMACs) by using different technologies so as to obtain a dissimilar emergency mode. Nevertheless, that solution presents the drawback of being very costly, in terms both of size and of cost.