1 / 37

Fighter Avionics Domains

Fighter Avionics Domains. Stick, Throttle…. Actuators. Vehicle Mgmt. Radar. Nav Sensors. Mission Computing. Data Links. Weapons. Weapon Mgmt. [from Dave Sharp, Boeing]. Mission Computing: Example Functionality. Update Steering Cues. Fuse Targets From Sensors.

olivia-hyde
Download Presentation

Fighter Avionics Domains

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Fighter Avionics Domains Stick, Throttle… Actuators Vehicle Mgmt Radar Nav Sensors Mission Computing Data Links Weapons Weapon Mgmt [from Dave Sharp, Boeing]

  2. Mission Computing: Example Functionality Update Steering Cues Fuse Targets From Sensors Fuse Targets From Data Links Perform Built-In-Test Mission Computing Activate Backup Mode Update Navigation State Release Weapons Select Weapons Update Displays Predict Selected Weapon Trajectories Modify Display Suite Via Pilot Pushbutton Aperiodic Periodic [Dave Sharp, Boeing, 2002]

  3. Vehicle Management: Example Functionality Compute Inner Loop Controls Compute Outer Loop Controls Perform Initiated Built-In-Test Vehicle Mgmt Manage Control Modes Perform Periodic Built-In-Test Update Navigation State Manage Redundancy Perform Input Signal Mgmt Perform Actuator Signal Mgmt Aperiodic Periodic [Dave Sharp, Boeing, 2002]

  4. <=20 Hz Update Rates Up To 10 CPUs ~1M Lines of Code O(103) Components Proprietary Hardware Slow CPU, small memory Fast I/O Test-Based Verification Mil-Std Assembly Language Highly Optimized For Throughput and Memory Functional Architectures Flowchart designs Frequently No Maintained Requirements or Design Ad-hoc models used by algorithm developers Hardcoded Hardware Specific Single System Designs Isolated Use Of Multi-processing Schedulability analysis Frequently overly pessimistic to be used Typical Mission Computing Legacy Characteristics [Dave Sharp, Boeing, 2002]

  5. 80/160 Hz Update Rates Single CPU System/ Quad Redundant Dual/Quad Redundant Sensors and Actuators <100K Lines of Code Extensive Built-In-Test >50% of code Extensive Testing Very conservative development culture >50% of effort Control System Models Carefully Developed And Used Home grown Matlab/MatrixX with auto code generation Typical Vehicle Management Legacy Characteristics Additional Characteristics [Dave Sharp, Boeing, 2002]

  6. Outline • Hybrid model of the physical system • Reachability • Reachable Set Toolkit • Collision Avoidance System • Dual aircraft demonstration • User interaction with hybrid systems • Autoland demonstration • Software?

  7. Objectives A Control design using hybrid system models B Embedded software design

  8. Hybrid Systems • Finite state machine with continuous dynamics in each mode • Transitions can be • User-controlled s • Disturbance d • Automatic g

  9. Verification through Reachability Verification A mathematical proof that the system satisfies a property Unsafe Initial • Reachable set States for which the property does not hold 2. Controller synthesis Design of control laws to guarantee that the system satisfies the property

  10. Verification through Reachability Verification A mathematical proof that the system satisfies a property Unsafe Initial • Reachable set States for which the property does not hold 2. Controller synthesis Design of control laws to guarantee that the system satisfies the property

  11. Verification through Reachability Verification A mathematical proof that the system satisfies a property Unsafe Initial • Reachable set States for which the property does not hold 2. Controller synthesis Design of control laws to guarantee that the system satisfies the property

  12. Unsafe Initial Verification through Reachability Verification A mathematical proof that the system satisfies a property • Reachable set States for which the property does not hold 2. Controller synthesis Design of control laws to guarantee that the system satisfies the property

  13. Unsafe Safe Reachable set g Unsafe Reachable set Safe V Reachable Set Interpretation • Always remain outsideUnsafeset • States in Reachable set will eventually reach Unsafe set • (despite any possible control effort) • Always remain insideInitial set • States in the Safeset will always remain in Initial set • provided a particular control is used on the boundary

  14. Hybrid System Reachability Tool • http://www.cs.ubc.ca/~mitchell/ToolboxLS/

  15. Outline • Hybrid model of the physical system • Reachability • Reachable Set Toolkit • Collision Avoidance System • Dual aircraft demonstration • User interaction with hybrid systems • Autoland demonstration • Software?

  16. Application: conflict detection • http://www.cs.ubc.ca/~mitchell/ToolboxLS/

  17. [with Chad Jennings] Blunder Zone is shown by the yellow contour Red Zone in the green tunnel is the intersection of the BZ with approach path. The Red Zone corresponds to an assumed 2 second pilot delay. The Yellow Zone corresponds to an 8 second pilot delay

  18. [with Chad Jennings] Map View showing a blunder The BZ calculations are performed in real time (40Hz) so that the contour is updated with each video frame.

  19. Stanford DragonFly UAV Embedded S/W

  20. East North Test set up Blunderer can commence anymaneuver constrained by Danger Zone Blunderer (D2) D3 Flight computer computes the Danger Zone and checks whether it touches boundaries Evader (D3) Minimal separation distance

  21. East North Test set up • The algorithm provides control commands (three canned maneuvers) to maintain a minimal separation distance: • EVADE_ACCEL_STRAI • EVADE_ACCEL_45DEG • EVADE_COAST_60DEG Danger Zone Blunderer (D2) Evader (D3)

  22. Flight Demo 1—June 2003 Accelerate and turn EEM DF 2, the evader, is the larger blob Evader, DF 2 (red and yellow aircraft) Put video here North (m) East (m) Separation distance (m) EEM alert Above threshold time (s)

  23. Flight Demo 2—June 2003 DF 2, the evader, is the larger blob Coast and turn EEM Evader, DF 2 (red and yellow aircraft) Put video here North (m) East (m) Separation distance (m) EEM alert Above threshold time (s)

  24. Edwards Air Force Base – June 2004 T-33 Cockpit [DARPA/Boeing SEC Final Demonstration: F-15 (blunderer), T-33 (evader)]

  25. hold avg. speed min. speed max. speed deviated aircraft detour intruder shortcut alt. change VFS Development of Predictive Models of Air Traffic

  26. 15 aircraft 6 aircraft CPU time (sec.) Polynomial time algorithm CPLEX …leading to new control strategies • Approximation algorithms for hybrid trajectory optimization • Applied to routing/scheduling aircraft in vicinities of airports • Results: • 5-approximation for minimum sum of arrival times • 3-approximation for makespan

  27. Outline • Hybrid model of the physical system • Reachability • Reachable Set Toolkit • Collision Avoidance System • Dual aircraft demonstration • User interaction with hybrid systems • Autoland demonstration • Writing the software

  28. User Interaction with Aerospace Systems • Interaction between • System’s dynamics • Mode logic • User’s actions • Interface is a reduced representation of a more complex system • Too much information overwhelms the user • Too little can cause confusion • Automation surprises • Nondeterminisim For complex, highly automated, safety-critical systems, in which provably safe operation is paramount, What information does the user need to safely interact with the automated system?

  29. Discrete Abstraction Switches are controlled or automatic

  30. TOGA TOGA flaps retracted maximum thrust flaps retracted maximum thrust flare flare flaps extended minimum thrust flaps extended minimum thrust rollout rollout flaps extended reverse thrust flaps extended reverse thrust slow TOGA flaps extended maximum thrust Application to Autoland Interface • Controllable flight envelopes for landing and Take Off / Go Around (TOGA) maneuvers may not be the same • Pilot’s cockpit display may not contain sufficient information to distinguish whether TOGA can be initiated existing interface controllable TOGA envelope intersection revised interface controllable flare envelope • http://www.cs.ubc.ca/~mitchell/ToolboxLS/

  31. Outline • Hybrid model of the physical system • Reachability • Reachable Set Toolkit • Collision Avoidance System • Dual aircraft demonstration • User interaction with hybrid systems • Autoland demonstration • Software?

  32. t 4 Worker Task CondVar t t Event( ) d 1 t t 2 3 CondWait CondWait CondWait CondWait IntrWait Task 1 Task 2 Task 3 Task 5 Task 4 t t t t t 1 2 3 4 5 t+nT t+ n T+D msec msec i A Decision Theoretic QoS Negotiation • Worst case execution of time of components is neither given nor guaranteed • Depending on the mode of flight, components (Nav, Control, Wireless) can • take on different levels of criticality and different execution times Each task is “tagged” with a cost – a measure of criticality

  33. 5 Task 3 f Task 2 1 f 1 2 1 Task 3 f 2 Task 1 6 Task 2 f 9 1 f Task 5 2 f 3 1 Task 3 f 3 7 Task 2 f 3 Task 3 4 f 4 8 QoS Negotiation …as a dynamic programming problem

  34. SCHEDULABILITY: Comparison with Simple Rate Monotonic Scheduling 88.5% 73.5% 1.0 ms 80.0 ms 18.5% 8.0% 3.5% 6.5% 0.4% 0.6% 1.5% Schedulability of Tasks using the proposed scheduling algorithm Schedulability of Tasks using a Simple RMS

  35. Summary • The development of a reach set toolkit for hybrid systems: • Software C++: http://www.cs.ubc.ca/~mitchell/ToolboxLS/ • The toolkit can be useful for determining when (not) to switch modes, which mode(s) to switch to, and provides a set-valued feedback control law to remain in safe set • A modern embedded control systems theory should include mathematical models of attributes of computational systems such as concurrency, hierarchy, heterogeneity, resource awareness, adaptability, quality of service (QoS), and controlled complexity of distributed systems.

  36. Collaborators Stanford Hybrid Systems Lab Ian Mitchell, Alex Bayen, Inseok Hwang, Meeko Oishi, Rodney Teo, Jung Soon Jang, Gökhan Inalhan, Ronojoy Ghosh, Hamsa Balakrishnan, Keith Amonlirdviman, Robin Raffard, Gabe Hoffmann, Kaushik Roy, Peter Brende, Steve Waslander, Duşan Stipanović, Sriram Shankaran, Jianghai Hu NASA George Meyer, Len Tobias Boeing David Corman, Jim Paunicka, Don Winter Honeywell Datta Godbole, Tariq Samad DARPA John Bay NSF Helen Gill, Kishan Baheti ONR Behzad Kamgar-Parsi

More Related