Search Results

Since its introduction at INPE, in the late 1960s, Systems Engineering has passed through phases of greater and lesser importance. Three different phases are clearly recognized. The first two phases are closely associated with efforts to develop space systems. The third and present phase is associated to the recent growth in the importance of Systems Engineering to the development of the contemporary large and complex systems. This paper is a summary review of the history of Systems Engineering at INPE from its inception to the present.

Systems are becoming increasingly more complex. To follow this increasingly complexity, systems engineering must evolve rapidly with the introduction of new methodologies, processes, tools, etc. Due to this rapid evolution, little attention is dedicated to the study of the history of its evolution. Currently there is the initiative of installation of a chapter of INCOSE (International Council on Systems Engineering) in Brazil and from this initiative emerged the interest of recovering the history of systems engineering in the country. There are indications that the introduction of systems engineering into Brazil occurred in the late 1960's, directly from NASA and that its first applications in Brazil were in Space Systems Engineering. This paper recovers the origins of systems engineering, of its introduction into Brazil, and of its use in space systems engineering.

In this work we discuss the fault avoidance and the fault tolerance approaches for increasing the reliability of aerospace and automotive systems. This includes: the basic definitions/concepts (reliability, maintainability, availability, redundancy, etc.), and characteristics (a priori analysis, a posteriori analysis, physical/hardware redundancy, analytical/software redundancy, etc.) of both approaches, their mathematical background and models (exponential, Weilbull, etc.), their basic theory, their methods and techniques (fault trees, dependence diagrams, Markov chains, etc.), some of their standards (SAE-ARP4761, AC 25.1309, etc.) and simulation environments (Cafta, etc.), and their applications to the reliability analysis and reliability improvement of aerospace and automotive vehicles. This is illustrated by some examples driven from the aerospace and automotive industries.

This paper presents the preliminary results of an "a posteriori" exercise of application of a Requirements Traceability Automation Tool (RT tool) to a set of documents. The documents have been prepared according to established Space System Engineering methodologies and with attention to text quality, but without attention to requirements traceability because the processes and methodologies used during their preparation predates the emergence of the processes and methodologies developed by Requirements Engineering (RE). This study is intended to determine some of the benefits of using a RT tool when compared with the previously used processes and methodologies. The set of documents under scrutiny have been prepared in the frame of the development of the CBERS-3 satellite (China-Brazil Earth Resources Satellite) and is composed of system, subsystem and equipment specification and covering documents related to the Electrical Power Subsystem (EPS) of the satellite.

On several engineering applications high Reliability is one of the most wanted features. The aspects of Reliability play a key role in design projects of aircraft, spacecraft, automotive, medical, bank systems, and so, avoiding loss of life, property, or costly recalls. The highly reliable systems are designed to work continuously, even upon external threats and internal Failures. Very convenient is the fact that the term 'Failure' may have its meaning tailored to the context of interesting, as its general definition refers to it as "any deviation from the specified behavior of a system". The above-mentioned 'deviation' may refer to: performance degradation, operational misbehavior, deviation of environmental qualification levels, Safety hazards, etc. Nevertheless, Reliability is not the only requirement for a modern system. Other features as Availability, Integrity, Security and Safety are always part of the same technical specification, in a same level of importance.

In this work we discuss some types of simulators and simulations, their characteristics and applications to the simulation and control of aerospace vehicles. This includes: the basic definitions, types and characteristics of simulators and simulations (physical, computational, hybrid, etc.; discrete events, discrete time, continuous time, etc; deterministic, stochastic, etc.) their basic compromise (simplicity × fidelity), their man-machine interfaces and interactions (virtual, constructive, live, etc.), their evolution law (time, events, mixed, etc.), their architectures (“standalone”, PIL, HIL, MIL, DIS, HLA, etc.), their environments (discrete, continuous, hybrid, etc.) and their applications to the simulation and control of aerospace vehicles. This is illustrated by some examples driven from the aerospace industry

In this work we discuss some types of simulation environments and laboratories, their characteristics and applications to the simulation and control of aerospace vehicles. This includes: the basic definitions, types and characteristics of simulators and simulations (physical, computational, hybrid, etc.; discrete events, discrete time, continuous time, etc; deterministic, stochastic, etc.) their basic compromise (simplicity × fidelity), their man-machine interfaces and interactions (virtual, constructive, live, etc.), their evolution law (time, events, mixed, etc.), their architectures (“stand-alone”, PIL, HIL, MIL, DIS, HLA, etc.), and especially, their environments (discrete, continuous, hybrid, etc.) and laboratories (physical, computational, hybrid, etc.), and their applications to the simulation and control of aerospace vehicles. This is illustrated by some examples driven from the aerospace industry.

In this work we discuss some types of simulation architectures and standards, their characteristics and applications to the simulation and control of aerospace vehicles. This includes: the basic definitions, types and characteristics of simulators and simulations (physical, computational, hybrid, etc.; discrete events, discrete time, continuous time, etc; deterministic, stochastic, etc.) their basic compromise (simplicity x fidelity), their man-machine interfaces and interactions (virtual, constructive, live, etc.), their evolution law (time, events, mixed, etc.), their architectures (“stand-alone”, PIL, HIL, MIL, DIS, HLA, etc.), their standards (OMBA, SIMNET, ALSP, DIS, HLA 1.3, HLA 1516, ASIA, AP2633, etc.) and their applications to the simulation and control of aerospace vehicles. This is illustrated by some examples driven from the aerospace industry

Internet of Things (IoT) for real-time applications are demanding more and more high performance, precision, accuracy, modularity, integration, dependability and other attributes in a complex and/or highly integrated environment. Such systems need to provide coordination among the integrated components (e.g. sensors, computer, controller and networks) for enabling the application to take real-time measurements and to translate into controllable, observable and smart actions with strict timing requirements. Therefore, coordination and synchronization are required to ensure the controllable, observable and smart actions of real-time IoT systems. This paper shows the design issues about the coordination and synchronization in the internet of things applied to real-time applications. We also show the current coordination and synchronization techniques and their design issues when applied to IoT systems.

The aerospace and automotive electronic systems are getting more complex and/or highly integrated, as defined by ARP 4754A, making extensive use of microelectronics and digital memories which, in turn, operates in higher frequencies and lower voltages. In addition, the aircraft are flying in higher altitudes, and polar routes are getting more frequent. These factors raise the probability of occurrence of hazardous effects like the Single Event Upsets in their embedded electronic systems. These must be designed in a way to tolerate and assure the immunity to the Single Event Upsets, based upon criteria such as reliability, availability and criticality. This paper proposes an overview of an assurance process of immunity of embedded electronic systems to Single Event Upsets caused by ionizing particles by means of a review of literature and an analysis of standards as ECSS-E-ST-10-1, NASA Single Event Effects Criticality Analysis and IEC TS 62396-1.

Real-time critical systems are those whose failures may cause loss of transactions/data, missions/batches, vehicles/properties, or even people/human life. Accordingly, some regulations prescribe their maximum acceptable probability of failures to range from about 10−4 to 10−10 failures per hour. Examples of such systems are the ones involving nuclear plants, aircrafts, satellites, automobiles, or traffic controls. They are becoming increasingly complex and/or highly integrated as prescribed by the SAE-ARP-4754A Standard. Those systems include, most of the time, real time critical software that must be specified, designed, implemented, validated, verified and accredited (VVA). To do that, models, specially the V-Model, are frequently adopted, together with methods and tools which perform software VVA to ensure compliance (of correctness, reliability, robustness, etc.) of software to several specific standards such as DO178-B/DO-178C (aviation) or IEC 26262 (automotive) among others.

Current systems such as satellites, aircrafts, automobiles, turbines, power controls and traffic controls are becoming increasingly complex and/or highly integrated as prescribed by the SAE-ARP-4754a Standard. Such systems operate in a real time distributed environment which frequently requires a common knowledge of time among different devices, levels and granularities. So, temporal correctness is mostly needed, besides logical correctness. It can be achieved by hardware clocks and devices, software clocks and algorithms, or both, to avoid or tolerate, within appropriate margins, the time faults or failures that may occur in aerospace and automotive systems. This paper presents an overview of clock synchronization algorithms and their uses in aerospace and automotive systems. It is based on a review of the literature, discussion and comparison of some clock synchronization algorithms with different policies.

Current systems such as: satellites, aircrafts, automobiles, turbines, power controls and traffic controls are becoming increasingly complex and/or highly integrated as prescribed by the SAE-ARP-4754 Standard. Such systems and their control systems use many modes of operation and many forms of redundancy to achieve high levels of performance and high levels of reliability under changing environments and phases of their lifecycle. The environment disturbances, environment variability, plant non-linear dynamics, plant wear, plant faults, or the non-symmetric plant operation may cause de-synchronization in phase or time among: 1) simultaneous units in the same normal mode of operation; 2) successive units in successive normal modes of operation; 3) main and spare units from normal to faulty modes of operation. So, techniques to reduce those causes or their effects are becoming important aspects to consider in the design of such systems.

Nowadays, given the shrinking budgets and deadlines of the aerospace and automotive industries, the importance and need of the requirements engineering is becoming more and more evident. This means that progressively more users face a difficult task on the different environments of project development: 1) to write better requirements; and 2) to do it faster than ever. It would be nice if they had some tools to help them and abbreviate such a difficult task. This work summarizes the development of a new tool that does exactly that. Its wizard guides the user through the steps necessary to create good requirements when writting a requirements document, depending on the kind of requirements document desired. For example: there are significant differences between user requirements and system requirements documents. The wizard script is composed by a serie of questions related to the parts of the scheme to build a complete and effective requirement.

In this work we present a new procedure for customizing, in the desired format, requirements reports generated by a Requirements Engineering Environment. This environment includes tools for: 1- capturing textual and pictoric requirements; 2- templating requirements documents that can be adjustable to the formats required by the certification authorities or system engineering groups; 3- translating features from/to the main word processors used in the industry (Word, Excel, etc. formats); 4- managing requirements configuration. It provides gains of productivity, correctness, reusability, traceability, coverage, etc, improving the efficiency of the projects. The procedure emphasizes items 2 and 3, and is illustrated with some examples driven from the aerospace industry.

Switching controls are those that can switch between control or plant modes to perform their functions. They have the advantage of being simpler to design than an equivalent control system with a single mode. However, the transients between those modes can introduce steps or overshootings in the state variables, and this can degrade the performance or even damage the control or the plant. So, the smoothing of such transients is vital for their reliability and mantainability. This is can be of extreme importance in the aerospace and automotive fields, plenty of switchings between manual and autopilot modes via relays, or among gears via clutches, for example. In this work, we present a first strategy for smoothing transients in switching controls of aerospace and automotive systems.

Cyber-physical systems are joint instances of growing complexity and high integration of elements in the information and physical domains reaching high levels of difficulty to engineer an operate them. This happens with satellites, aircraft, automobiles, smart grids and others. Current technologies as computation, communication and control integrate those domains to communicate, synchronize and operate together. However, the integration of different domains brings new challenges and adds new issues, mainly in real time distributed control systems, beginning with time synchronization. In this paper, we present a discussion on time synchronization and their effects in distributed cyber-physical control systems. To do that, we review the literature, discuss some time synchronization techniques used in cyber-physical systems, and illustrate them via model and simulation of a system representative of the aerospace area.

The architecture is a concept very broad and important that is directly connected to the realization of a system. It defines what the system is capable of doing, how it accomplishes its mission and how the system is. Currently, the development of system architectures is considered a domain of knowledge where science meets art. In some specific areas, the methods on the development of system architectures are already well formalized. However, when analyzing the evaluation of system architectures such as those for multi-domain control systems, it is clear that there is still much room for rationalization. In these cases, the search for new methods for the evaluation of system architectures is currently in the state of art. In this work we discuss methods used in the verification and validation of control systems architectures of cyber-physical systems based on models and systems metrics.

In this work, the problem of fault detection, isolation, and reconfiguration (FDIR) for Networked-Control Systems (NCS) of aerospace vehicles is discussed. The concept of fault-tolerance is introduced from a generic structure, and a review on quantitative and qualitative methods (state estimation, parameter estimation, parity space, statistic testing, neural networks, etc.) for FDIR is then performed. Afterwards, the use of networks as loop-closing elements is introduced, followed by a discussion on advantages (flexibility, energy demand, etc.) and challenges (networks effects on performance, closed-loop fault-effects on safety, etc.) represented thereby. Finally, examples of applications on aerospace vehicles illustrate the importance of the discussion herein exposed.