Catastrophic Failure Modes Limit Redundancy Effectiveness

This paper shows that it is essential to know the failure rates of the failure modes in order to decide effectively about employing redundancy. In general, all redundancy decisions fall into one of two regions: 1) additional redundancy is effective, and 2) additional redundancy is not effective. This paper quantifies the boundary between these two regions. There will always be a point at which the reliability is decreased with further redundancy due to the diminishing returns caused by the catastrophic failure modes. Any design using redundant components must examine the trade-off criteria before choosing to use redundancy or the manner in which redundant components are interfaced. MIL-HDBK-217 is deficient in that the composite failure rate is not broken down into the relative failure rates of various failure modes.