Chapter 23. Failure Modes and Fault Tolerance

If you start thinking about all the ways a failure can bring your drone down, it can get a little depressing. Any one prop coming loose, any one of the dozen solder joints running the motors coming loose, any one of the 24 FETs in the ESCs failing..., and that’s just the power system. And everything goes back to a single battery connection. We call each one of these items a single point of failure, and we can do better.

Engineers will sometimes talk about having “no single point of failure,” but we almost never really reach this level of reliability, even in just the control system. The trouble comes in the transition. If a component fails, its backup must not only be present but be up and running ...