How "CAN" you make safe circuits safer? Redundancy!

Other Parts Discussed in Post: SN65HVD257

Any accident reported in the news makes me we wonder about safety – not just in planes, trains and automobiles but everywhere around us. What if the train ride I enjoyed had a problem with the sensor network that causes a malfunction? Or the elevator gets stuck due to some issue with the network? What if my manufacturing line or production robots fail catastrophically? In such times, I hope that the engineers designing these applications thought thoroughly about safety and redundancy. Economically, redundancy is also great practice. What if a system critical to your business fails? The lost output is financially important. 

Redundancy – having two or three of everything so that if one fails the others work – can add margin to functional safety of these networks and systems. You might ask, does redundancy mean a higher price because there are two of everything? I understand that we live in a world where everyone wants “everything for nothing,”give me all the features at the lowest price. But there are instances, especially when it affects my life or someone else’s that I am more than willing to pay for redundancy.

So how does this relate to CAN? CAN has its advantages with cost, error handling, prioritization and arbitration. Therefore, CAN networks are widely used in these and other applications for data communications. CAN serves as a fundamental networking technology.

Our team has taken the redundancy concept and applied it to a CAN transceiver (SN65HVD257) allowing for easy implementation of a redundant CAN physical layer (network). Take a look at Figure 1. Each microprocessor along with the CAN transceivers is one physically redundant node. Traditionally, you would have one CAN controller (microprocessor) and one CAN transceiver per node. But for redundant CAN networks we have two CAN transceivers and two bus connections per node. These transceivers and buses work in parallel, sending the same message on two separate buses. If one of the buses fails, the other is still functional. This system also detects which of the two buses failed and to which CAN state it failed: dominant or recessive, aiding in system debug and repair.

 Figure 1. Typical redundant physical layer CAN network using the SN65HVD257

As one of our industrial automation customers said “if our logistical system fails, we are dead in the water.” Through the use of redundant networks, we ensure continuity of process so there is no loss of revenue. When a network issue occurs, we don't have a line-down event because there is a second redundant network already in place.  Who wouldn't want some extra dough in their pockets especially in this economy?

So even if the safety reasons don’t motivate you to add redundancy to your systems, think of the financial reasons. And don’t forget to invite me for a drink to celebrate the success of your new redundant, efficient system. Cheers!

For more information:

-          SN65HVD257 product information

-          SN65HVD257 evaluation module

-          User’s guide

Anonymous