Safety Critical Computer Control Systems - PowerPoint PPT Presentation

Loading...

PPT – Safety Critical Computer Control Systems PowerPoint presentation | free to view - id: 17f5ae-ZDc1Z



Loading


The Adobe Flash plugin is needed to view this content

Get the plugin now

View by Category
About This Presentation
Title:

Safety Critical Computer Control Systems

Description:

Flight Control Systems, FCS, evolution 1945 1990 ... DARES. Outcomes. 9 Scientific Publications. 2 Journal. 7 Conf proceedings. 1 Licentiate Thesis ... – PowerPoint PPT presentation

Number of Views:56
Avg rating:3.0/5.0
Slides: 38
Provided by: marielouis
Category:

less

Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: Safety Critical Computer Control Systems


1
Safety Critical Computer Control Systems
  • Architecture and Safety in a Future Flight
    Control System
  • A JAS 39 Gripen Case Study
  • 2002-10-03
  • Jan Torin Chalmers

2
Outline
  • Flight Control Systems, FCS, evolution 1945
    1990
  • Requirements and conceptual FCS for JAS 39 Gripen
  • Next generation architecture of flight control
    systems
  • Future Technology for Flight Control Systems
  • Distributed Architecture Analysis
  • Present conclusions

3
Next generation architecture of flight control
systems
4
Project Starting point
Study how the Flight Control System of JAS 39
Gripen should be designed with technology of year
2010 and distributed control.
Sub Projects
5
(No Transcript)
6
CENTRALISERAT SYSTEM (DAGENS GRIPEN)
S
Dator
Ställdon
S
Dator
Sensorer
Dator
Ställdon
S
Styrautomat
DISTRIBUERAT SYSTEM
S
Dator
Dator
Ställdon
Sensorer
Dator
Ställdon
S
Dator
7
FÖRDELAR MED DISTRIBUERAD ARKITEKTUR
  • Lägre utvecklingskostnad
  • - Generiska byggblock som produceras i större
    serier
  • - Digitala gränsnitt medger att en stor del av
    utprovningen
  • kan ske hos underleverantören
  • - Enklare systemintegration/systemtest
  • Lägre underhållskostnad
  • - Säkrare felutpekning
  • Minskat antal utbytesenheter då samma nod
  • passar på fler ställen

8
FÖRDELAR FORTSÄTTNING
  • Flexibel design
  • Systemet kan uppgraderas efter hand med fler
    noder utan att hårdvaran behöver omkonstrueras
  • Säkrare system
  • Då ingen kritisk nod finns ökar systemets
    skadetålighet
  • Den fysiska separationen mellan noder gör att fel
    inte lika lätt fortplantar sig i systemet
  • Tillförlitligheten hos noden ökar då redundans
    och felhantering kan byggas in
  • Färre felmoder i systemet vilket minskar
    systemets komplexitet

9
Future Technologyfor Flight Control Systems
  • OUTLINE
  • Evolution of microelectronics
  • Computer Architecture
  • MicroElectroMecanical Systems
  • Node Technology
  • Inter Node Communication
  • Conclusions

10
Forecasting
  • I think there are a world market for about five
    computers, Thomas J Watson Sr, IBM, 1943
  • There are no reasons for any individuals to
    have a computer in their home, Ken Olson, Dig.
    Equip., 1977
  • The current rate of progress cannot continue
    much longer, various computer technologists,
    1950
  • The increase in performance of microelectronics
    is doubled every 18th month, and each function is
    getting cheaper Gordon Moore, Intel, 1965
  • International Technology Roadmap for
    Semiconductors
  • ITRS99

11
Evolution of Commercial Microelectronics
12
Special requirements in avionics
  • MATURE NOT IN TECHNOLOGY FRONT AND EXPENSIVE
  • High Quality Production
  • Reviews
  • Life time tests
  • Long procure time
  • Radiation
  • Reviews
  • Tests
  • Knowledge
  • Single Event Effects, SEE
  • Environmental Stress
  • Increased temperature range (250 Mhz
    switching speed)
  • EMC (difficult to control the level of
    interference)
  • Mechanical stress

For design 2010 US 3000 250 MHz 100 times more
expensive 10 times slower
13
Computer Architecture Trends
Present proposals for future billion-transistor
computers Future embedded system computers
Desktop uniprocessors for technical
applications Multiprocessor servers for
transaction processing Large continuous
data-processing capability
  • Harsh environment tolerance
  • Low power dissipation
  • Large temperature tolerance (no cooling)
  • Fast task switching

14
Computer on a Chip
  • Custom designed high performance chip
  • Super PowerPC (90 M transistors, 250 MHz) I/O
  • 2 MB SRAM (12 ns), 30 MB Flash

ASIC designed special purpose chip PowerPC (130
MHz), 1 Mgates logic, 1 MB SRAM, 10 MB flash
FPGA designed special purpose chip Real-time
processor (100MHz), 50 kgates, 250 kB SRAM, 2 MB
flash
15
MicroElectroMechanical Systems
  • Mechanical structures, fabricated using micro
    fabrication techniques developed by semiconductor
    industry.

PERFORMS Sensing, actuating, regulation,
switching etc.
DISTINCTIONS FROM SEMICONDUCTOR FABRICATION
- Process MEMS in µm micro electronic in
nm MEMS wafers non-planar MEMS removing
material from both sides - Design
simulation tools - End-stage
production MEMS packaging allows interaction
with environment. µ-electronic packaging
sealing from environment.
16
Intelligent sensor node
17
Smart actuator node
18
Inter node communication
Q1 LOWEST FAILURE RATE Q2 LOWEST COST
-Electrical connection better than optical
connection (RF connection?)
Q3 MINIMUM NUMBER OF PATHS Q4 MINIMUM
NUMBER OF CONNECTORS
-Physical broadcast-bus superior point to point
connections
Q5 CAPACITY SUFFICIENT Q6 EMC
  • -Time triggered protocol superior to event
    triggered
  • Small number of continuous signals
  • Deterministic
  • No jitter, known delay

19
(No Transcript)
20
Conclusions
  • More computing to lower price, weight and power
  • Distributed control with data processing in
    sensors and actuators integrating MEMS in
    distributed nodes
  • Permanent faults decrease, transient faults
    increase, less hardware redundancy, more
    sophisticated fault tolerance
  • Distributed nodes with periodic communication
    over simple electrical buses
  • Highlighting Distribution, Dependability,
    Maintainability, and Determinism

21
Distributed Architecture Analysis
  • OUTLINE
  • Design method
  • Functional layout of a Distributed FCS
  • System architecture
  • Fault handling
  • Bus scheduling
  • Results

22
(No Transcript)
23
(No Transcript)
24
Control task graph
25
Task graph with different bus allocations
Actuator nodes
sensors
Primary control surfaces
26
Functional layout
27
Redundant ConfigurationsCritical Failure,
Probability 1 h mission
28
System Architecture
29
Fault handling
30
System Architecture
31
Bus scheduling
32
Structure of an Actuator node
33
Recovery principles
Replica deterministic
Eventual Replica deterministic
  • Forward recovery
  • Updated actuator states from a non faulty node.
  • Synchronous communication
  • Synchronous tasks processing in actuator nodes

Double execution Each node has allocated memory
for two sets of states. Synchronous
communication Synchronous tasks processing in
actuator nodes
Inherent recovery Continue execution of tasks
and the faulty values will eventually converge to
the correct values. Synchronous
communication Asynchronous tasks processing in
actuator nodes
34
PRESENT CONCLUSIONS
35
Results
  • Technology Pred. Method
  • Conceptual Design Method
  • Top-Down, Holistic view
  • Dependability oriented
  • Cost optimized
  • Distributed Architecture
  • Identical actuatornodes
  • Multi-control
  • Time triggered communication
  • Semi-Synch. Fault Handling
  • Synch. Communication
  • Asynch. Actuator nodes
  • Eventual replica determinism
  • DARES

36
Outcomes
  • 9 Scientific Publications
  • 2 Journal
  • 7 Conf proceedings
  • 1 Licentiate Thesis
  • 7 Technical Reports
  • 2 Patent Applications (swedish
    international)

37
Future
  • Detailed Fault Handling of Sensor and Actuator
    Nodes
  • Trade-off transient fault handling alt.
  • Detail permanent reconfiguration
  • Formally proof fault handling
  • Define Time-Triggered Bus for Safety Critical
    Appl.
  • Specify requirements
  • Investigate commercial alt.
  • Case Study for Conceptual Design Method
  • Avionic system for JAS 39 Gripen
About PowerShow.com