Design Principles of Fly-By-Wire Architectures
Doktorsavhandling, 2003
Development of embedded real-time systems is highly specialized and time consuming. For instance, Control-By-Wire Systems will continue to face increased requirements on flexibility, scalability, low weight, predictability and testability, at reduced complexity and maintenance costs. Further, these control systems are safety critical and require fault tolerance. Expectations and increased requirements on future embedded control systems necessitate methods and guidelines for how to progress in dependable system design.
In this research, design parameters and trade-offs in designing future fault-tolerant control systems are analyzed and elaborated upon for fly-by-wire architectures. Intelligent sensors and smart actuators will constitute the main building blocks of future flight control systems. The control should be distributed among these sensor and actuator nodes to make best use of the system capacity. The study shows that there is no need for a specialized dedicated control computer.
Various design issues regarding distributed architectures are theoretically analyzed, including control and computing allocation between nodes, physical distribution, hardware redundancy, communication scheduling and fault handling. On the basis of these findings, a robust fault-tolerant distributed architecture that could be designed ten years from now is defined. The study is based on control laws and known characteristics of the present Flight Control System, FCS, of JAS 39 Gripen. Further, real time performance and dependability features of the distributed FCS are simulated and findings are validated using a computerized model developed at Saab.
The structure and lessons learned during the process of how to design next generation FCS are presented and assembled into a top-down method for the conceptual design phase of general architectures for control-by-wire systems. Our cost efficient design philosophy includes an application oriented design process to utilize intrinsic redundancy, hardware redundancy only to tolerate physical permanent faults, and distribute functions so that the inter node communication is minimized.
replica consistency
redundancy management
fault tolerance
flight control systems
reliable inter-node communication
distributed control
systems design