As multifaceted as the potential of active safety and driver assistance functions is, they still represent a great safety risk — this applies above all to electronic systems with electronic interfaces to the chassis. Just one fault or failure of individual system components can have serious consequences. To be able to guarantee the safety of by-wire systems, efforts are being made to avoid errors from the outset by perfecting the system components.

If, despite these efforts, errors still occur, the supplemental concept of fault tolerance is applied to preserve the specified functionality of the overall system. Fault tolerance requires supplemental means for tolerating errors that occur. Here a distinction is made between informational redundancy and structural redundancy. In the context of assuring reliable data communication both principles are assigned great importance.

Informational redundancy occurs by adding useful information as meta-information, e.g. for error detection and error correction. To maintain failure-free application functions defined by the system specification — even if errors occur in communication-related components such as bus nodes in the form of faulty information — a communication system is extended by adding components unnecessary for basic operation (structural redundancy).

A fundamental distinction is made between two types of redundancy activation: static redundancy, which is continually active and dynamic redundancy, which is not activated until errors occur. Due to the very stringent requirements for real-time capability of distributed safety-critical systems, only the principle of static redundancy comes into consideration for communication systems implemented in this area.

To minimize safety risk, particularly in the context of by-wire systems, a redundant layout of the communication channel is also provided, with the additional requirement that the same information must be transmitted on both communication channels. That is the only way to tolerate the failure of one channel. The figure “Structural Redundancy” shows a redundant layout of the bus nodes and communication channel of a communication system based on a physical line topology.

The choice of a certain physical topology also affects the fault tolerance of a communication system. If the system designer decides on an active star topology, for example, then it is possible to avoid propagation of errors by disconnecting faulty communication branches from the active star coupler.