Definition:
Graceful Degradation refers to a system’s ability to continue partial operation when some components fail, avoiding complete shutdown. The system does not simply fail safe by shutting down, but instead maintains as much functionality is possible while still ensuring safety. This can be applied to hardware but also software if the code is modular.
More of a concept and not formerly defined by any of the IEC codes. In a way it is opposite to “fail-safe” (full shutdown).
Key Points:
- Increases availability without compromising safety.
- May involve reverting to manual operation modes.
- 2oo3 architecture is an example of the graceful degradation concept.
- Graded response may be automated via logic or require operator action.
Example:
In a 2oo3 sensor architecture, if one sensor fails, the system continues to function safely with the two remaining sensors. The system only shuts down if a second sensor fails, thus ‘degrading gracefully’ instead of .shutting down immediately at the first fault
See also: architecture
Cited Source:
- IEC 61508-1:2010.