Because of their complexity and the unforgiving environment in which they operate, aerospace vehicles often require autonomous systems to respond to mission-critical failures. Fault Detection, Isolation, and Recovery (FDIR) systems are used to detect, identify the source of, and recover from faults. Typically, FDIR systems use a rule-based paradigm for fault detection, where telemetry values are monitored against specific logical statements such as static upper and lower limits. The model-based paradigm allows more complex decision logic to be used for FDIR. This study focuses on a state machine approach toward model-based FDIR. The state machine approach is increasingly utilized for FDIR of complex systems because it is intuitive, logic-based, and simple to interpret visually. In current practice, the detection of specific symptoms is directly mapped to the appropriate response for a pre-diagnosed fault, as determined by FDIR engineers at design time. This study advances the state-of-the-art in state machine fault protection by developing an on-board diagnostic system that will assess symptoms, isolate fault sources, and select corrective actions based on models of system behavior. This state machine architecture for FDIR is applicable for a broad range of aerospace vehicles and mission scenarios. To demonstrate the broad applicability of the FDIR approach, two case studies are evaluated for scenarios in very different domains. The first is a terrestrial application involving the use of multi-rotor unmanned aerial vehicles (UAVs). The second is a space-based scenario involving autonomous proximity operations for orbital capture of a Mars Sample Return capsule. The efficacy of the state machine FDIR system is demonstrated via flight testing for the UAV case study and through software-in-the-loop testing in a flight-like simulation environment for the Mars Sample Return case. In each case, the FDIR system is focused on the Guidance, Navigation and Control subsystem. This approach has been successfully shown to detect, diagnose, and respond to faults during testing. State machines allow the autonomous system to handle distinct faults with identical symptoms for initial detection. Each fault has a separate diagnosis and response procedure, and the proper procedure is selected by the state machine. This study demonstrates how a fault protection system may diagnose these faults on-board rather than relying upon a priori ground diagnosis.
|Title of host publication
|69th International Astronautical Congress: #InvolvingEveryone, IAC 2018
|International Astronautical Federation, IAF
|Published - Jan 1 2018