Presentation is loading. Please wait.

Presentation is loading. Please wait.

Distributed and Reconfigurable Architecture for Flight Control System EEL 6935 - Embedded Systems Dept. of Electrical and Computer Engineering University.

Published byMacey Bardwell Modified over 9 years ago

Similar presentations

Presentation on theme: "Distributed and Reconfigurable Architecture for Flight Control System EEL 6935 - Embedded Systems Dept. of Electrical and Computer Engineering University."— Presentation transcript:

1 Distributed and Reconfigurable Architecture for Flight Control System EEL 6935 - Embedded Systems Dept. of Electrical and Computer Engineering University of Florida Liza Rodriguez Aurelio Morales

2 2 of 23 Outline Introduction Introduction State of the Art: Airbus FCS State of the Art: Airbus FCS Massive Voting Architecture Massive Voting Architecture Modeling and Simulation Modeling and Simulation Conclusions Conclusions

3 3 of 23 Outline Introduction Introduction State of the Art: Airbus FCS State of the Art: Airbus FCS Massive Voting Architecture Massive Voting Architecture Modeling and Simulation Modeling and Simulation Conclusions Conclusions

4 4 of 23 Flight Control Systems Initially : Mechanical Heavy, uses systems of pulleys, cranks, tension cables and pipes Now: Fly-by-Wire replaces manual control of the aircraft with an electronic interface movements of flight controls are converted to electronic signals flight control computers determine how to move the actuators at each control surface to provide the expected response

5 5 of 23 System Requirements General Aviation Safety Operational reliability, high performance, energy efficiency, low cost Dependability Integrity – must not output erroneous signals, should not send incorrect information to actuators Availability – system must always be available to process requests Radiation Can cause over voltages and under voltages Electromagnetic radiation should not affect data communication Indirect effects of lightning is a possible source

6 6 of 23 Outline Introduction Introduction State of the Art: Airbus FCS State of the Art: Airbus FCS Massive Voting Architecture Massive Voting Architecture Modeling and Simulation Modeling and Simulation Conclusions Conclusions

7 7 of 23 State of the Art: Airbus FCS FCS is based on self checking flight control computers System functions are divided between computers so that only 1 FCC is active at a time and the others are standby Computers control each actuator with priority order, thus loss of a single computer does not mean loss of a particular function System can run using only 1 FCC if necessary Error checking is performed by 2 units of FCC Command & Monitoring - both units have the same inputs and calculate the same outputs If outputs are different, system control switches to another FCC Actuator nodes are simple Perform according to command No processing, no communication feedback

8 8 of 23 State of the Art: Airbus FCS Architecture Initially : Mechanical

9 9 of 23 State of the Art: Airbus FCCs System functions are divided between computers so that only 1 FCC is active at a time and the others are standby Computers control each actuator with priority order, thus loss of a single computer does not mean loss of a function TE FLAPLE FLAPAE FLAPRUDDERELEVTR FCC 1FCC 2FCC 3FCC 4FCC 5 Pilot Control

10 10 of 23 State of the Art: Airbus FCCs Control and monitoring units can be thought of as two identical computers placed side by side Comparator detects errors and performs the final action: Same – control order is sent to actuator Different – computer cuts connection to actuator, prevents error from propagating Processor Power Supply Memory Watchdog Processor Power Supply Memory Watchdog Control Monitoring Input / Output Pilot Control Comparator

11 11 of 23 Redundancy Multiple flight control computers FCCs are often the only control path between the pilot and the actuators. If FCCs fail, the pilot will not be able to control the aircraft. Duplex flight control computers Error checking is handled by control and monitoring units of FCCs Result: A lot of extra hardware

12 12 of 23 Outline Introduction Introduction State of the Art: Airbus FCS State of the Art: Airbus FCS Massive Voting Architecture Massive Voting Architecture Modeling and Simulation Modeling and Simulation Conclusions Conclusions

13 13 of 23 Massive Voting Architecture Enabled by “Smart” actuators Includes processing elements implemented on ASIC or FPGA Data processing and control functionality is distributed into subsystems making them more and more intelligent Redundancy management is allocated to actuators FCCs still maintain system authority Overall critical function and control remains in the primary computers Simplex FCCs generate commands but are not excluded if erroneous Error checking is performed by flight control remote modules (FCRM) Each FCRM contains 1 voter Voters compare received commands and select the most reliable one

14 14 of 23 TE FLAPLE FLAPAE FLAPRUDDERELEVTR FCC 1FCC 2FCC 3FCC 4FCC 5 ADCN Network FCRM 1 Actuator V FCRM 4 Actuator V FCRM 3 Actuator V FCRM 2 Actuator V Pilot Control

15 15 of 23 Voting Example Error checking is performed by FCRM FCRM 1 Actuator Voter FCRM 2 Actuator V FCRM 3 Actuator V FCRM 4 Actuator V FFC 1 – LE FLAP 20 FFC 2 – LE FLAP 20 FFC 3 – LE FLAP 31 FFC 4 – LE FLAP 20 FFC 5 – LE FLAP 20 FCC1

16 16 of 23 Hardware Minimization Simplex FCCs are half the size of previous FCCs Distributed System Previously, when an FCC produced an erroneous message, it would be marked as unreliable and all communication to the actuator would be cut By moving error detection and logic to actuator nodes, the non-faulty parts of all computers can still contribute Thus, fewer FCCs are required to implement a system with the same amount of reliability Voting Algorithms Most do not demand high processing capabilities thus hardware size is not a limitation at FCRM nodes

17 17 of 23 Outline Introduction Introduction State of the Art: Airbus FCS State of the Art: Airbus FCS Massive Voting Architecture Massive Voting Architecture Modeling and Simulation Modeling and Simulation Conclusions Conclusions

18 18 of 23 Modeling Model Construction ALTARICA – modeling language for safety critical systems Part 1: A textual description to describe both functional and dysfunctional behaviors of each component (FCC, Voters, etc.) Part 2: A graphical representation to reflect the flow of information for each state Simulation Test case: FCC1 sends a fault command to actuator nodes Result: FCC1 failure has no influence in the surface control since the vote masks the faulty value and delivers the correct one. A negative acknowledgement was sent to faulty FCC.

19 19 of 23 Data Results Aviation Safety Requirement Failure rate for “Loss of both elevator control” must be less than 10 -9 per flight hour Results exceeded requirement!

20 20 of 23 Outline Introduction Introduction State of the Art: Airbus FCS State of the Art: Airbus FCS Massive Voting Architecture Massive Voting Architecture Modeling and Simulation Modeling and Simulation Conclusions Conclusions

21 21 of 23 Conclusions Design of flight control systems is complex due to the strict requirements for aviation safety Most flight control systems rely on a lot of redundancy to account for system failures at the cost of additional hardware The massive voting architecture is a new way to incorporate redundancy into a flight control system while minimizing the amount of hardware required Simulation of the massive voting architecture proved that it is just as reliable as other FCS implementations

22 22 of 23 References http://en.wikipedia.org/wiki/Aircraft_flight_control_system http://en.wikipedia.org/wiki/Aircraft_flight_control_systemhttp://en.wikipedia.org/wiki/Aircraft_flight_control_system Traverse, P., I. Lacaze and J. Souyris, 2004, Airbus Fly-By-Wire: A Total Approach to Dependability, in Proceedings of the 18th IFIP World Computer Congress (WCC 2004), Building the Information Society, Kluwer Academic Publishers, Toulouse, France, August 22-27, pp. 191-212. Traverse, P., I. Lacaze and J. Souyris, 2004, Airbus Fly-By-Wire: A Total Approach to Dependability, in Proceedings of the 18th IFIP World Computer Congress (WCC 2004), Building the Information Society, Kluwer Academic Publishers, Toulouse, France, August 22-27, pp. 191-212. Traverse, P., I. Lacaze and J. Souyris, 2004, Airbus Fly-By-Wire: A Total Approach to Dependability, in Proceedings of the 18th IFIP World Computer Congress (WCC 2004), Building the Information Society, Kluwer Academic Publishers, Toulouse, France, August 22-27, pp. 191-212. Traverse, P., I. Lacaze and J. Souyris, 2004, Airbus Fly-By-Wire: A Total Approach to Dependability, in Proceedings of the 18th IFIP World Computer Congress (WCC 2004), Building the Information Society, Kluwer Academic Publishers, Toulouse, France, August 22-27, pp. 191-212. Brière, D. and P. Traverse, 1993, Airbus A320/A330/A340 Electrical Flight Controls – A Family of Fault-Tolerant Systems, in Proceedings of the 23rd IEEE International Symposium on Fault-Tolerant Computing TCS-23), Toulouse, France, June 22-24, pp. 616-623. Brière, D. and P. Traverse, 1993, Airbus A320/A330/A340 Electrical Flight Controls – A Family of Fault-Tolerant Systems, in Proceedings of the 23rd IEEE International Symposium on Fault-Tolerant Computing TCS-23), Toulouse, France, June 22-24, pp. 616-623. Brière, D. and P. Traverse, 1993, Airbus A320/A330/A340 Electrical Flight Controls – A Family of Fault-Tolerant Systems, in Proceedings of the 23rd IEEE International Symposium on Fault-Tolerant Computing TCS-23), Toulouse, France, June 22-24, pp. 616-623. Brière, D. and P. Traverse, 1993, Airbus A320/A330/A340 Electrical Flight Controls – A Family of Fault-Tolerant Systems, in Proceedings of the 23rd IEEE International Symposium on Fault-Tolerant Computing TCS-23), Toulouse, France, June 22-24, pp. 616-623. Yeh, Y.C., 1996, Triple-Triple Redundant 777 Primary Flight Computer, in Proceedings of the IEEE Aerospace Applications Conference, Aspen, CO,Yeh, Y.C., 1996, Triple-Triple Redundant 777 Primary Flight Computer, in Proceedings of the IEEE Aerospace Applications Conference, Aspen, CO,Yeh, Y.C., 1996, Triple-Triple Redundant 777 Primary Flight Computer, in Proceedings of the IEEE Aerospace Applications Conference, Aspen, CO,Yeh, Y.C., 1996, Triple-Triple Redundant 777 Primary Flight Computer, in Proceedings of the IEEE Aerospace Applications Conference, Aspen, CO, USA, February 3-10, pp. 293-307. USA, February 3-10, pp. 293-307.

23 23 of 23 Questions?

Download ppt "Distributed and Reconfigurable Architecture for Flight Control System EEL 6935 - Embedded Systems Dept. of Electrical and Computer Engineering University."

Similar presentations

An advanced weapon and space systems company 1 23 rd ISSC/NWSSS Conference 23 rd ISSC/NWSSS Conference C. Forni, B. Blake – 08-23-2005 Remote Controlled.

An advanced weapon and space systems company 1 23 rd ISSC/NWSSS Conference 23 rd ISSC/NWSSS Conference C. Forni, B. Blake – Remote Controlled.
System Integration and Performance

System Integration and Performance
HYDRAULICS & PNEUMATICS

HYDRAULICS & PNEUMATICS
Chapter 19: Network Management Business Data Communications, 5e.

Chapter 19: Network Management Business Data Communications, 5e.
EECE499 Computers and Nuclear Energy Electrical and Computer Eng Howard University Dr. Charles Kim Fall 2013 Webpage: www.mwftr.com/CNE.html.

EECE499 Computers and Nuclear Energy Electrical and Computer Eng Howard University Dr. Charles Kim Fall 2013 Webpage:
3. Hardware Redundancy Reliable System Design 2010 by: Amir M. Rahmani.

3. Hardware Redundancy Reliable System Design 2010 by: Amir M. Rahmani.
Fault Detection in a HW/SW CoDesign Environment Prepared by A. Gaye Soykök.

Fault Detection in a HW/SW CoDesign Environment Prepared by A. Gaye Soykök.
Making Services Fault Tolerant

Making Services Fault Tolerant
CS 582 / CMPE 481 Distributed Systems Fault Tolerance.

CS 582 / CMPE 481 Distributed Systems Fault Tolerance.
Brent Dingle Marco A. Morales Texas A&M University, Spring 2002

Brent Dingle Marco A. Morales Texas A&M University, Spring 2002
1 ITC242 – Introduction to Data Communications Week 12 Topic 18 Chapter 19 Network Management.

1 ITC242 – Introduction to Data Communications Week 12 Topic 18 Chapter 19 Network Management.
Department of Electrical and Computer Engineering Texas A&M University College Station, TX 77843-3128 Abstract 4-Level Elevator Controller Lessons Learned.

Department of Electrical and Computer Engineering Texas A&M University College Station, TX Abstract 4-Level Elevator Controller Lessons Learned.
2/23/2009CS50901 Implementing Fault-Tolerant Services Using the State Machine Approach: A Tutorial Fred B. Schneider Presenter: Aly Farahat.

2/23/2009CS50901 Implementing Fault-Tolerant Services Using the State Machine Approach: A Tutorial Fred B. Schneider Presenter: Aly Farahat.
REAL-TIME SOFTWARE SYSTEMS DEVELOPMENT Instructor: Dr. Hany H. Ammar Dept. of Computer Science and Electrical Engineering, WVU.

REAL-TIME SOFTWARE SYSTEMS DEVELOPMENT Instructor: Dr. Hany H. Ammar Dept. of Computer Science and Electrical Engineering, WVU.
Design of Fault Tolerant Data Flow in Ptolemy II Mark McKelvin EE290 N, Fall 2004 Final Project.

Design of Fault Tolerant Data Flow in Ptolemy II Mark McKelvin EE290 N, Fall 2004 Final Project.
7. Fault Tolerance Through Dynamic or Standby Redundancy 7.5 Forward Recovery Systems Upon the detection of a failure, the system discards the current.

7. Fault Tolerance Through Dynamic or Standby Redundancy 7.5 Forward Recovery Systems Upon the detection of a failure, the system discards the current.
©Ian Sommerville 2006Critical Systems Slide 1 Critical Systems Engineering l Processes and techniques for developing critical systems.

©Ian Sommerville 2006Critical Systems Slide 1 Critical Systems Engineering l Processes and techniques for developing critical systems.
Copyright Arshi Khan1 System Programming Instructor Arshi Khan.

Copyright Arshi Khan1 System Programming Instructor Arshi Khan.
Issues on Software Testing for Safety-Critical Real-Time Automation Systems Shahdat Hossain Troy Mockenhaupt.

Issues on Software Testing for Safety-Critical Real-Time Automation Systems Shahdat Hossain Troy Mockenhaupt.
EMBEDDED SOFTWARE Team victorious Team Victorious.

EMBEDDED SOFTWARE Team victorious Team Victorious.

Similar presentations

Ads by Google