In large systems it is important to ensure that control is not lost due to failure of a system component. A common approach is to provide redundancy by duplication and comparison.
Failure tolerance in fly-by-wire aircraft control systems for example is normally achieved by means of multiple lanes of identical hardware, including sensors, actuators and computers. Two disadvantages of this approach are the weight penalty paid and the possibility of a common-mode (design) failure of the system. The latter is particularly relevant in the context of the current trend towards digital implementation of control laws, in which the possibility of software-design errors arises. A tool that is relevant to the alleviation of both these problems is `analytical redundancy`, an expression denoting the use of additional on-board computing to monitor system health in terms of the mutual consistency of dissimilar signals. This technique makes use of analytical relationships among signals, such as outputs from pitch-rate and acceleration sensors, or a sensor output and a computer output (eg an actuator-demand signal), derived from theoretical models of system behaviour.
In prior art suggestions for the implementation of analytical redundancy extensive use has been made of the technique of Kalman filtering and associated state-space models of systems, together with Gaussian models of external disturbances and minimum-mean-square criteria. A useful review of prior art techniques was presented in AGARD lecture series No. 109 (1980) entitled, "Fault tolerance design and reduncancy management techniques."
In order to realize a practical system based on Kalman filtering, sharpness of response to significant transient inputs (for example pilot demands, or sudden wind gusts) is sacrificed in order to provide noise suppression. The present invention arose out of studies aimed at placing less emphasis on noise suppression and more on good resolution of the transient effects of inputs occurring during normal system operation. An additional consideration was the desirability of on-line monitoring, where normal system inputs provide the test, without recourse to special test procedures, or running testing software.