Scenario:
The management committee at an organization has need of a critical electronic system. The system which is of extreme importance to the company’s operations is to receive power from three distinct power supplies, each of which would feed power to the system. The organization’s technician have concerns and would like the designers of the system to present versions of the design that would address each of their concerns so that the most efficient and fault-tolerant design would eventually be implemented.
The major concerns from the technicians are as follows:
1. Power should flow one way; from the power supply to the system only and should there be a short-circuiting of any of the power supplies, there must be some way of preventing the others from being affected.
2. There should be some way of alerting the technician if up to two of the power supplies fail so as to prevent a total loss of power to the system
3. In the event that any one power supply had to be shut down for maintenance, there should be no ‘false alarms’.
Management was in total agreement with the first two of the technicians concern but felt that the alarm system must be activated as long as one of the power supplies was down but that there should be some way of disabling the alarm during the maintenance period so as not to cause a ‘false-alarm’.
After some deliberations, the technicians had another concern: - what would happen if the alarm switch was accidentally left off after maintenance?