Author Topic: RPi reliability: suitable for Heart/Lung machine? Elon Rocket? Airbag system?  (Read 1709 times)

0 Members and 1 Guest are viewing this topic.

Offline frogblenderTopic starter

  • Regular Contributor
  • *
  • Posts: 124
I'm trying to gauge the long-term reliability of the Raspberry pi 4 Compute module.
Despite my clickbait post title, it will not be used in life-critical applications. 
However, I do want to use it, embedded, in datacenter product, with reliability in one of the lower (lousier) reliability tiers (which of course is still far above any weekend-warrior or consumer-grade stuff).   

So, for starters, the SDcard has to be scrapped in favor of eMMC.

If anyone has experience with rPi's being used in a datacenter-like environment, and the long-term reliability/success thereof, please chime in.

(and for those who wish to post about how their rpi ver 1.00 behind their television has been running nonstop 24x7x365 since 2004... congratulations.  But please resist the urge to post.   I need hard data from datacenters and commercial environments).

 

Offline fchk

  • Regular Contributor
  • *
  • Posts: 240
  • Country: de
Not RPi, but NVidia Jetson: They have their roots in the automotive sector, and the requirements there are very strict. Think of dashboard displays that replace mechanical speed/rpm/... instruments. Or the large touchscreen in Teslas - also driven by an NVidia ARM/GPU chip.

The Jetson Nano/xavier NX/Xavier AGX modules are descendants of these chips for industrial use. We use then since 2017 for various products and projects, and they just work.

Frank-Christian

PS: There are industrial versions with extened temperature range, ECC protected memory etc. And all modules support Secure Boot etc.
« Last Edit: July 28, 2021, 06:57:03 am by fchk »
 

Offline harerod

  • Frequent Contributor
  • **
  • Posts: 449
  • Country: de
  • ee - digital & analog
    • My services:
fchk, out of curiosity: which OS and compiler suite would you use for those devices to get past regulatory?
 

Offline fchk

  • Regular Contributor
  • *
  • Posts: 240
  • Country: de
fchk, out of curiosity: which OS and compiler suite would you use for those devices to get past regulatory?

We don't do automotive projects. The boards NVidia sells to the OEMs use the bare chips and not the Jetson modules. Jetson uses Ubuntu 18.04 LTS plus closed-source drivers (just like in the PC world). What they use for their automotive products is unknown to me.

These are the automotive boards:
https://developer.nvidia.com/drive

Frank-Christian
 
The following users thanked this post: harerod

Offline janoc

  • Super Contributor
  • ***
  • Posts: 3780
  • Country: de
fchk, out of curiosity: which OS and compiler suite would you use for those devices to get past regulatory?

I would say Linux and GCC are just fine even in automotive applications unless used for safety-critical functions. That's what Tesla is using, for example but also many European car manufacturers for their touchscreens and infotainment.

 

Offline ejeffrey

  • Super Contributor
  • ***
  • Posts: 3669
  • Country: us
A datacenter environment usually means no physical extremes.  The pi itself is pretty much fine, especially an eMMC version.  They really benefit from active cooling and the tiny fans that bundle with the typical kits do not look particularly trustworthy.  Since you are using the compute module it's up to you to get the integration and enclosure right.  Same goes with the power supply.

Those caveats aside, software is often a much bigger concern for reliability than hardware.
 

Offline Gyro

  • Super Contributor
  • ***
  • Posts: 9392
  • Country: gb
They're used in Hypervolt Electric Vehicle Charging Points, I don't know if that counts as high reliability safety critical.
Best Regards, Chris

"Victor Meldrew, the Crimson Avenger!"
 

Offline Siwastaja

  • Super Contributor
  • ***
  • Posts: 8089
  • Country: fi
Electric Vehicle Charging Points, I don't know if that counts as high reliability safety critical.

No, it's neither "high reliability" nor "safety critical". (I'm sure the Raspi isn't used to implement the 6mA DC RCD, for example; but for billing, and enabling the charger.)

 

Offline nfmax

  • Super Contributor
  • ***
  • Posts: 1554
  • Country: gb
A datacenter environment usually means no physical extremes.
Except, perhaps for acoustic noise levels...
 

Offline frogblenderTopic starter

  • Regular Contributor
  • *
  • Posts: 124
A datacenter environment usually means no physical extremes.
Except, perhaps for acoustic noise levels...
To date I have been unable to crash a Pi, no matter how loudly I scream obscenities at it.
 

Offline fchk

  • Regular Contributor
  • *
  • Posts: 240
  • Country: de
Note: The CM4 has only a single Gen2 lane. Since PCIe is always point-to-point it is only good for a single device unless you use packet switches, which add cost and latency.

Jetson Xavier NX has a 4 lane Gen 2 PCIe and a 1 lane Gen2 PCIe. Jetson Nano only hast the 4 lane interface. Plenty of bandwidth.

fchk
 

Offline snarkysparky

  • Frequent Contributor
  • **
  • Posts: 414
  • Country: us
I believe they can have serious trouble if powered down with shutdown.  That is my main concern with using a pi in commercial application.

Flash corruption
 

Online SiliconWizard

  • Super Contributor
  • ***
  • Posts: 14230
  • Country: fr
Anyway, I guess it all depends on what you call "reliability". What are your criterions? Any specific standard or guideline you may be referring to?

If I were to design a product which reliability/safety was important or even criticial, I would do as with any other components that I select: depending on its criticity in the system, I would ask for documentation and reports from the vendor asserting that some design steps have been taken and that some tests have been issued to ensure reliability according to some criterions. If the vendor is unable to provide this, then I won't be able to trust the component. That's as simple as that. So either I will look elsewhere, or, if I have no choice/really want to use this particular component, I will have its design analyzed and will have it tested properly so that I can have confidence and that I can myself prove it.

And, apart from the hardware, there's also the software. The "official" OS distributions for the RPi are OK, but I wouldn't know how fit they'd be for any critical application, and I guess no one, neither at RPi, or outside, would be able to guarantee that they are.

Of course this is all a matter of criticity. If you're mainly using an RPi as part of some "intelligent" display with no associated risk if it ever fails, then it's a whole different story. As others have said, you'll still have to consider the SD card issues (but doesn't the CM4 module embed Flash instead?)

And, of course, what I said potentially applies to any other SBC out there, except those that are specifically designed for industrial use AND are compliant with some relevant standards.
 

Offline janoc

  • Super Contributor
  • ***
  • Posts: 3780
  • Country: de
I believe they can have serious trouble if powered down with shutdown.  That is my main concern with using a pi in commercial application.

Flash corruption

Use an "UPS" to automatically shut it down (multiple off-the-shelf solutions exist) or mount the flash read-only. I have used both approaches and no problems whatsoever. It is no different than using any other Linux (or Windows) computer.

As long as you realize this and don't treat an RPi (or pretty much any other similar SBC with a writeable flash) as a microcontroller where you don't need to care about power, you will be fine.
 


Share me

Digg  Facebook  SlashDot  Delicious  Technorati  Twitter  Google  Yahoo
Smf