Search Results

Companies are gradually developing: 1) complex and/or highly integrated systems including vehicles (as satellites, airplanes, cars, etc.) or equipment (as computers, cell phones, no breaks, etc.) to use under 2) increasingly varied or inhospitable environments, and to survive under 3) increasingly long life cycles and unavoidable changes in staff & facilities & technologies. The overall decision to use (by time, cost, quality, of functions, services, etc.) such end systems under 2 require 4) high Dependability (Reliability, Maintainability, Availability, Correction, Safety, Security, etc.) of them. The overall survival in use (by health monitoring, housekeeping, retrofit, upgrade, etc.) of such end systems under 3 require 5) high Suportability (Maintainability, Adaptability, Availability, Robustness, etc.) of them coupled with the support systems.

Complex and/ or highly integrated systems such as satellites, airplanes, air traffic controllers, cars, etc., require Dependability (Reliability, Maintainability, Availability, Safety, Security, etc.) assessments throughout their life cycle, especially in their development, where the time and cost to make changes are smaller. Such systems must achieve high levels of Dependability through a variety of approaches and processes. Among these, the processes of analysis and decision making from the conception phase to the final phase of the detailed project stand out, because in these phases the most important decisions are taken. Thus, the purpose of this article is to present a discussion on detailing processes for improving the Dependability of aerospace and automotive systems.

Currently, aerospace and automotive industries are developing complexand/or highly integrated systems, whose services require greater confidence to meet a set of specifications that are increasingly demanding, such as successfully operating a communications satellite, a commercial airplane, an automatic automobile, and so on. To meet these requirements and expectations, there is a growing need for fault treatment, up to predict faults and monitor the health of the components, equipment, subsystems or systems used. In the last decades, the approaches of 1) Fault Prevention, 2) Fault Detection/Tolerance and 3) Fault Detection/Correction have been widely studied and explored.

Complex and/or highly integrated systems require the evaluation of Dependability (Reliability, Maintainability, Availability, etc.) throughout their life cycle. The designs of these systems have three main sets of activities: managerial, technical and quality. The recent literature suggests that: 1) the growth of the committed project cost is much greater than the cost spent in the initial stages; and also, the cost to eliminate the defects is smaller in the initial stages of project; and 2) the functions, responsibilities, and authorities of Project Management and Systems Engineering are strongly coupled. Thus, based on the recent literature and the INPE´s (National Institute for Space Research) experience, this paper will show a discussion on the interaction between Project Management and Systems Engineering to improve the Dependability of space and automotive projects.

Systems such as satellites, airplanes, cars and air traffic controls are becoming more complex and/or highly integrated. These systems integrate several technologies inside themselves, and must be able to work in very demanding environments, sometimes with few or none maintenance services due to their severe conditions of work. To survive such severe work conditions, the systems must present high levels of reliability, which are achieved through different approaches, processes, etc. These unfold in many: levels of aggregation (systems, subsystems, equipments, components, etc.), phases of their lifecycles (conception, design, manufacturing, assembly, integration, tests, operation, etc.), environments (land, sea, air, space, etc.), types of components/applications/experiences/technological communities (nuclear, aerospace, military, automotive, medical, commercial, etc.), leaded by the widespread use of semiconductors.

Switching controls are those that can switch between control or plant modes to perform their functions. They have the advantage of being simpler to design than an equivalent control system with a single mode. However, the transients between those modes can introduce steps or overshootings in the state variables, and this can degrade the performance or even damage the control or the plant. So, the smoothing of such transients is vital for their reliability and mantainability. This is can be of extreme importance in the aerospace and automotive fields, plenty of switchings between manual and autopilot modes via relays, or among gears via clutches, for example. In this work, we present a first strategy for smoothing transients in switching controls of aerospace and automotive systems.

Systems such as satellites, airplanes, cars and air traffic controls are becoming more and more complex and/or highly integrated. These systems integrate several technologies inside themselves, and must be able to work in very demanding environments, sometimes with few, or none, maintenance services, because of their severe conditions of work. To survive to such severe work conditions, the systems must present high levels of reliability, which are achieved through different approaches and processes. Therefore, it is necessary that the processes of decision analysis and making are progressively improved, taking into account experiences collected before by several technological communities, and then propose efficient modifications in the local processes. These experiences influence the proposition and improvement of several Reliability Standards Series taken by four different approaches and several technological communities.

Control systems that can switch between control or plant modes have the advantage of being simpler to design than an equivalent system with a single mode. However, the transition between these modes can introduce steps or overshootings in the state variables, and this can degrade the performance or even damage the system. This is can be of extreme importance in fields such as aerospace and automobilistic, as the switching between manual and autopilot modes or the switching of gears In this work, we will use integral criteria in original ways, to determine a coefficient on the system which should optimize the trajectory of the control signal, during the switching between two modes. Effectively, each transition will be done by a subsystem specific for it, according to the selected criterion. The simulations will be made in MATRIXx, MatLab or both, using models chosen from aerospace or automobilistic fields.

With the growing complexity and integration of systems as satellites, automobiles, aircrafts, turbines, power controls and traffic controls, as prescribed by SAE-ARP-4754A Standard, the time de-synchronization can cause serious or even catastrophic failures. Time synchronization is a very important aspect to achieve high performance, reliability and determinism in networked control systems. Such systems operate in a real time distributed environment which frequently requires a consistent time view among different devices, levels and granularities. So, to guarantee high performance, reliability and determinism it is required a performance evaluation of time synchronization of the overall system. This time synchronization performance evaluation can be done in different ways, as experiments and/or model and simulation.

Current systems such as satellites, aircrafts, automobiles, turbines, power controls and traffic controls are becoming increasingly complex and/or highly integrated as prescribed by the SAE-ARP-4754a Standard. Such systems operate in a real time distributed environment which frequently requires a common knowledge of time among different devices, levels and granularities. So, temporal correctness is mostly needed, besides logical correctness. It can be achieved by hardware clocks and devices, software clocks and algorithms, or both, to avoid or tolerate, within appropriate margins, the time faults or failures that may occur in aerospace and automotive systems. This paper presents an overview of clock synchronization algorithms and their uses in aerospace and automotive systems. It is based on a review of the literature, discussion and comparison of some clock synchronization algorithms with different policies.

The aerospace and automotive electronic systems are getting more complex and/or highly integrated, as defined by ARP 4754A, making extensive use of microelectronics and digital memories which, in turn, operates in higher frequencies and lower voltages. In addition, the aircraft are flying in higher altitudes, and polar routes are getting more frequent. These factors raise the probability of occurrence of hazardous effects like the Single Event Upsets in their embedded electronic systems. These must be designed in a way to tolerate and assure the immunity to the Single Event Upsets, based upon criteria such as reliability, availability and criticality. This paper proposes an overview of an assurance process of immunity of embedded electronic systems to Single Event Upsets caused by ionizing particles by means of a review of literature and an analysis of standards as ECSS-E-ST-10-1, NASA Single Event Effects Criticality Analysis and IEC TS 62396-1.

The realization of modern systems subjected to automatic control, such as aircraft, automobiles, satellites, rocket launchers, cargo and military ships, and so forth; increasingly assume, within its very set of requirements, the task of providing better dependability, i.e.: safety, reliability, and availability altogether. Towards this demand, fault-tolerant control greatly meets such growing demand of dependability, by its ability of recognizing the occurrence of potentially hazardous/hazardous faults within the overall (closed-loop) system, and by taking remedial action whenever necessary/mandatory. The process of fault tolerance can be segregated into two fundamental steps: (1) that of fault diagnosis, comprising fault detection-isolation-identification, and, (2) control adjustment/reconfiguration. This paper focuses on the second step, of control adjustment/reconfiguration.

Modeling and Simulation (M&S) of dynamic systems based on computers is a multidisciplinary field that involves several knowledge areas and tools, and is broadly used in all development areas of space industry such as rocket and satellite design and construction. Once space systems are divided into several subsystems for ease of engineering, their models are divided the same way for the same reason. Such models may be done using different computational tools that are based on either physical flows, informational flows, or hybrid flows, depending on the subsystem nature. This is specially true for a satellite propulsion subsystem, and its physical (volume, mass, energy, enthalpy, entropy, linear momentum, etc.) flows. This paper presents the modeling and simulation of a satellite propulsion subsystem by physical and signal flows. To accomplish this task, two different computational tools were used: AMESim and MatLab.

Real-time critical systems are those whose failures may cause loss of transactions/data, missions/batches, vehicles/properties, or even people/human life. Accordingly, some regulations prescribe their maximum acceptable probability of failures to range from about 10−4 to 10−10 failures per hour. Examples of such systems are the ones involving nuclear plants, aircrafts, satellites, automobiles, or traffic controls. They are becoming increasingly complex and/or highly integrated as prescribed by the SAE-ARP-4754A Standard. Those systems include, most of the time, real time critical software that must be specified, designed, implemented, validated, verified and accredited (VVA). To do that, models, specially the V-Model, are frequently adopted, together with methods and tools which perform software VVA to ensure compliance (of correctness, reliability, robustness, etc.) of software to several specific standards such as DO178-B/DO-178C (aviation) or IEC 26262 (automotive) among others.

Current systems such as: satellites, aircrafts, automobiles, turbines, power controls and traffic controls are becoming increasingly complex and/or highly integrated as prescribed by the SAE-ARP-4754 Standard. Such systems and their control systems use many modes of operation and many forms of redundancy to achieve high levels of performance and high levels of reliability under changing environments and phases of their lifecycle. The environment disturbances, environment variability, plant non-linear dynamics, plant wear, plant faults, or the non-symmetric plant operation may cause de-synchronization in phase or time among: 1) simultaneous units in the same normal mode of operation; 2) successive units in successive normal modes of operation; 3) main and spare units from normal to faulty modes of operation. So, techniques to reduce those causes or their effects are becoming important aspects to consider in the design of such systems.

Avionics Systems are increasingly used to perform safety-critical functions at high altitudes. But their increasing capacity and concentration of memory and logics leads to more frequent occurrences of single event upsets, especially in high altitudes. In this work we discuss the process of eliciting and validating requirements to handle single events upsets in avionic systems. To do that we initially summarize and update the concepts of radiation environment of the atmosphere, radiation induced errors, single event upsets, etc. presented in a previous paper. Then, we discuss some of their effects on avionic systems and ways of mitigation, reported in the literature. Finally, we discuss provisions to demand the adoption of such mitigation measures, and their sufficiency by transforming them into requirements, according to recommendations of compliance described in standards as SAE ARP 4754A and RTCA DO-254.

Systems such as satellites, aircrafts, automobiles and air traffic controls are becoming increasingly complex and/or highly integrated, as prescribed by the standard SAE-ARP 4754A Standard. They integrate many technologies and they work in very demanding environments, sometimes with little or no maintenance, due to the severe conditions of operation. To survive such harsh operating conditions, they require very high levels of dependability, to be reached by a diversity of approaches, processes, components, etc. Some are suggested by the SAE-ARP-4754A as one of the highest level standards to be met. So, it is important to know it and its consequences for product and staff deeply. The aim of this paper is to present: a discussion on the standard SAE-ARP-4754A and a proposal for using it in product certification and qualification of staff.

In this work we discuss current trends driving the aerospace and automotive systems architectures. This includes trends as: 1) pos-globalization and regionalization; 2) the formation of knowledge oligopolies; 3) commonality, standardization and even synergy (of components, tools, development process, certification agents, standards); 4) reuse and scalability; 5) synergy of knowledge and tools convergence; 6) time, cost and quality pressures and innovation speed; 7) environmental and safety issues; and 8) abundance of new technologies versus scarcity of skilled manpower to apply them.

Many control systems switch between control modes according to necessity. That is often simpler than designing a full control to all situations. However, this creates new problems, as determining the composed system stability and the transient during switching. The latter, while temporary, may introduce overshooting that degrade performance and damage the plant. This is particularly true for the MultiMission Platform (MMP), a generic service module currently under design at INPE. Its control system can be switched among nine main Modes of Operation and other submodes, according to ground command or information coming from the control system, mainly alarms. It can acquire one and three axis stabilization in generic attitudes, with actuators including magnetotorquers, thrusters and reaction wheels.

Systems such as satellites, aircrafts, automobiles and air traffic controls are becoming increasingly complex and highly integrated, as prescribed by the SAE ARP 4754 Standard. They integrate many technologies and they work in very demanding environments, sometimes with little or no maintenance, due to the severe conditions of operation. To survive such harsh operating conditions, they require very high levels of reliability, to be reached by a diversity of approaches, processes, components, etc. By their turn, the processes of analysis and decision making shall be improved progressively, as experience accumulates and suggests modifications. Most of this can be translated in models. According to this philosophy, in this work, we discuss the use of Model Based Reliability for improving the results of the Reliability Analysis and FMEA/FMECA of a satellite program, as those conducted at the National Institute for Space Research-INPE, since 1979.