Docstoc

Presentation - CASDE_ IIT Bombay Web

Document Sample
Presentation - CASDE_ IIT Bombay Web Powered By Docstoc
					    REAL TIME
AIRBORNE SYSTEMS
Design Considerations
                  BY
           MINI CHERIAN
             Scientist ‘E’
Defence Avionics Research Establishment
               AGENDA
•   EMBEDDED SYSTEMS
•   REAL TIME EMBEDDED SYSTEMS
•   REAL TIME SOFTWARE DESIGN
•   AIRBORNE SOFTWARE
    – CASE STUDY
      • KAVERI DIGITAL ENGINE CONTROL UNIT
EMBEDDED SYSTEMS
  What is an Embedded System?
• An embedded system performs a well defined
  task.-: Can be considered as one consisting of a
  processor, associated peripherals, and software
  used for a specific purpose.
   – A combination of Hardware and software.
   – Generally custom-built for the system’s specific
     purpose.
FUNDAMENTAL CHARACTERISTICS

•   RELIABILITY
•   COST EFFECTIVE
•   LOW POWER CONSUMPTION
•   EFFICIENT USE OF PROCESSOR
•   EFFICIENT USE OF MEMORY
•   EXECUTION TIME
       COMMON ISSUES

•   CO-DESIGN
•   OPERATING SYSTEM
•   CODE OPTIMIZATION
•   TESTING AND DEBUGGING
REAL TIME SYSTEMS
  REAL TIME EMBEDDED SYSTEMS

• Responds in a Correct and Timely way to Events.
• Events are occurrences that cause a non sequential
  change in the software flow of control
• Hard Real Time
   – Critical deadlines, catastrophic
• Soft Real Time
   – Non critical, non catastrophic
REAL TIME SYSTEM REQUIREMENTS


• Deterministic
  – For each possible state and each set of inputs, a
    unique set of outputs and next state of the
    system can be determined
     • Logically – correct output and next state
     • Temporally – meeting timing constraints
REAL TIME SYSTEM REQUIREMENTS

• Concurrent Processing
 –Processing more than one event
  “Simultaneously” to meet deadlines
• Reliable
 –Fulfill the above under loaded conditions
• Cost Efficient
THEREFORE…

 “Real Time Design is a balance
  of hardware and software that
  achieves the best performance
     within a particular cost”
    REAL TIME SCHEDULING

• Foreground/Background Scheduling
• Events
   – Synchronous
     • Occurs at predictable times in the software flow of
       control
  – Asynchronous (interrupts)
     • Occurs at unpredictable times in the software flow
       of control
   FOREGROUND/BACKGROUND
         SCHEDULING
• Scheduling via Hardware Interrupts
  – Fast response
  – Foreground
     • Pre-emptive/Non Pre-emptive interrupts
     • Interrupt Service Routines
  – Background
     • A type of scheduler
     • Pre-emptive/Non Pre-emptive
OPTIONS FOR SCHEDULING EVENTS
• Hardware Interrupt System
  – Non Pre-emptive
     • Order of execution is based on priority, however,
       currently running interrupt runs to completion
         – No Nesting
  – Pre-emptive
     • Higher priority interrupts asynchronously preempt
       lower priority running interrupt
         – Nested Interrupts
AIRBORNE SOFTWARE
AIRBORNE SYSTEMS ARE…

• Real Time Systems
• Highly Reliable Systems
• Mission Critical/Flight Critical
KAVERI DIGITAL ENGINE
   CONTROL UNIT
      [KADECU]
KADECU- System Development
         Process
•   Determine the requirement of the system
•   Design the system architecture
•   Operating System/Not
•   Choose the processor
•   Choose the development platform
•   Code the application and optimization
•   Hardware/Software Integration and testing tools
        SYSTEM OVERVIEW
• KADECS (Digital Engine Control System) is a
  comprehensive system to control the KAVERI engine
• KADECS comprises of the following subsystems:
   – Engine mounted sensors
   – Hydro-mechanical system for Main Engine Fuel
     (MEF)Control
   – Compressor Variable Geometry actuation system (CVG)
   – Nozzle actuation system
   – Reheat System
   – Digital Electronic Control Units (DECU)
• DECU is an integral part of the engine control system
    KADECU - KAVERI DIGITAL
     ENGINE CONTROL UNIT

• Digital Engine Control System
  – Flight Critical System
  – On the LCA it is the Full Authority Engine
    Control Unit
  – Dual Lane control
  – PLA is the only Manual Input
  – Mounted On Engine (Temperature, Vibration)
  – Fuel Cooled System
        DECU DESIGN FEATURES

• Dual redundant configuration with two identical control units –
  Lane1 & Lane 2
• Redundancy Management
• Extensive built-in tests to report failures
• Sensor data validation
• Automatic lane changeover to standby lane
• Enables Fail freeze capability in case of both lane failure
• Supports Manual mode of control
     DECU DESIGN FEATURES
• Real-time embedded software
• Control loop functions for the following:
   – Main engine fuel flow
   – Spill Over Valve (SOV)
   – Compressor Variable Geometry actuating system
   – Nozzle actuating system
   – Reheat Control System
• Interfaces to
   – Engine sensors
   – Hydro-mechanical systems
   – VG & Nozzle actuating systems
            INPUTS AND OUTPUTS

• Inputs
   – Speed, temperature, pressure, PLA, LVDT feedbacks
   – Hardware inputs, other lane inputs, state inputs
   – Data bus inputs

• Outputs
   – Drive currents, isolation solenoids
   – Hardware outputs, outputs to other lane, state outputs
   – Data bus outputs
Factors considered in DECU SW Design

– Reliability
   • Simple Design, Maximum Error Handling,
   • Since Dual Lane, Can tolerate one fault.
   • Watchdog Timer
– Well defined DECU interface.
– Simple Data Structure and algorithm used
– A Test Setup and Testing Environment Planned
  and Designed well ahead of DECU
  development.
 Factors considered in DECU SW Design


• Important Factors
  – Simple Data Structure
  – Simple Design
• Software is very simple
  – Highly Modular
  – Readable, self documented, well maintainable
  – No loops
 Factors considered in DECU SW Design

• Maximum Error Handling
  – Capability to locate, classify and act based on
    seriousness of the fault
  – Extensive Power On Self Test (POST) and
    required Continuous Built In Test (CBIT) to
    monitor the health of the system.
  – All inputs are validated before fed to CLAW
  – Capability to hand over control if fault is found.
DIGITAL ENGINE CONTROL SYSTEM
          SOFTWARE

 • Deterministic
    – Single Interrupt (1ms Timer Interrupt)
    – System state is Highly predictable
 • Concurrent Processing
    – Response for a set of input within 30 milliseconds
    – Input Acquisition, Processing, Control Law, Health
      Monitoring, Cbit, Output Processing in same
      iteration
DIGITAL ENGINE CONTROL SYSTEM
          SOFTWARE

 • Background Task
   – Input Data Processing
       – Conversion to Engineering values
       – Error Handling
   – Control Law
   – Output
   – Health Monitoring
   – CBIT
       SOFTWARE DATA FLOW (CONTROL TASK)


From        Acquire             Input        Input        Control                     To
                                                                             Output
hardware     Inputs           Conversion   Validation    Algorithms                   hardware




                                                              Classify and
                                                                Confirm
                                           Global Data           faults




           Conceptual data
           flow
                                             1553B
           Actual data flow                                   Lane change
                                             comm.

                                                                                      To
                                                                                      hardware
                    BUILT-IN TESTS

• Initialization Phase
   –   RAM/ROM
   –   Power supply
   –   Analog I/O
   –   Frequency interface
   –   Drives and solenoid checks
   –   Watchdog
• Operational Phase
   – Digital I/O
   – Watchdog
              FAULTS AND ERRORS

• Errors occur due to validation failure and hardware
  problems
• Errors can result in a fault
• Fault categories
   – Fatal       – Fails DECU immediately
   – Serious     – Fails DECU if it persists for 3 iterations
   – Non-serious – Degrades DECU if it persists for 3 iterations
• Fatal and Serious faults lead to HARDFAIL state
• Non-serious faults lead to SOFTFAIL state
           HOW ERRORS OCCUR?

• Validation Checks on Sensor data
   – Range check
   – Rate check (over a span of 3 iterations)
   – Comparison check
• Built-in tests
  - RAM, ROM etc.
          FAULT CLASSIFICATION

• Faults classified into Fatal, Serious and Non-serious
  categories
• Fatal faults
   – Critical errors including hardware errors
   – All errors during initialization
• Serious faults
   – Signal validation failures
       • NH, MEF, CVG, Nozzle, ESV, PLA, CJT, T2, T6
       • P3, OLS, OLBS, power supplies
• Non-serious faults
       • Drive feedbacks
THANK YOU

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:8
posted:7/28/2012
language:Latin
pages:34