In numerous industrial applications, actuating or drive processes are executed by regulated electric motors. The failure of such a motor or of its regulation, which entails the immediate standstill of the motor, is often not tolerable due to safety considerations. For example, the abrupt failure of a coolant pump may induce strong local heating of a device to be cooled, so that there is a fire hazard. Among other things, this hazard is increased by the fact that at an abrupt failure of the coolant pump there is no time available to take potential countermeasures, i.e. suspend machining in the case of heat-generating machining of a material piece.
Modern steering assistance means or power steerings in motor vehicles are based on torque assistance made available by a regulated electric motor. In the current EPS (electrical power steering) systems, the steering assistance is turned off suddenly (in the range of a few milliseconds) in the event of an error (e.g. the failure of a component). Such a sudden failure of the steering assistance is extraordinarily dangerous, because the driver is surprised and cannot adjust to the changed situation any more, whereby life-threatening driving situations may arise.
The above-mentioned problems are usually countered by redundantly embodying the regulation or motor systems. In the case of maximum redundancy, every individual system member, i.e. the electric motor itself and the regulation, which may include several sensor or computing elements cross-linked with each other, has to be embodied twice. In a power steering, it is the aim to maintain the steering assistance active as long as possible and additionally compensate for the failure of one or more components.
Apart from the obvious disadvantage of an increase in costs and the overall weight caused by the system, an extremely relevant factor in the automobile industry, the system complexity, is significantly increased by the redundant design. The hand-over of a faulty system function from a main system to a redundantly available backup system is an extremely complex process, because this transition has to take place in the running system without compromising the stability and functioning of the system. In order to make this possible, it is often even necessary to integrate new, additional components or sensors into the system, so that the transition from the main to the backup system can be ensured by means of additional locked loops or hand-over algorithms.