文档详细内容(约19页)
Spacecraft Autonomy Seung H Chung Massachusetts 16.851 Institute of Satellite Engineering Technology Fd‖2003
16.851 Satellite Engineering Fall 2003 Massachusetts Institute of Technology Spacecraft Autonomy Seung H. Chung
hy autonomy Failures Anomalies Communication Coordination New horizons Europ/Robe courtesY Apollo 13 Quintuple fault (three shorts, tank- line and pressure jacket burst, panel es o ofi) Mars polar ander Mars Outpost Massachusetts Institute of Technology
2 Massachusetts Institute of Technology Why Autonomy? • Failures • Anomalies • Communication • Coordination courtesy of NASA JPL New Horizons Europa Probe Courtesy of the Johns Hopkins University courtesy of NASA Apollo 13 Quintuple fault (three shorts, tankline and pressure jacket burst, panel flies off). Mars Polar Lander courtesy of NASA JPL Mars Outpost courtesy of NASA JPL Applied Physics Laboratory. Used with permission
Autonomy Technologies Fault Detection, Isolation and Recovery Planning Scheduling Intelligent Data Understanding Path Planning Gradient method Mixed integer linear programming(Prof John How) Graph search(Prof Brian Williams) Localization Mapping Concurrent mapping and localization(Prof John Leonard) Massachusetts Institute of Technology
3 Massachusetts Institute of Technology Autonomy Technologies • Fault Detection, Isolation and Recovery • Planning & Scheduling • Intelligent Data Understanding • Path Planning – Gradient method – Mixed integer linear programming (Prof John How) – Graph search (Prof Brian Williams) • Localization & Mapping – Concurrent mapping and localization (Prof John Leonard)
Why Fault Detection Isolation Recovery (FDIR)? Improve the likelihood of mission success by minimizing the downtime Increase productivity Prevent loss of opportunities Reduce safety risk For manned missions, longer system downtime implies higher risk to the astronauts Massachusetts Institute of Technology
4 Massachusetts Institute of Technology Why Fault Detection Isolation & Recovery (FDIR)? • Improve the likelihood of mission success by minimizing the downtime. – Increase productivity – Prevent loss of opportunities – Reduce safety risk • For manned missions, longer system downtime implies higher risk to the astronauts
FDIR Techniques If-then-else Hard coded set of fdir statements Rule-based Set of rules written by the engineers Fires a rule (i.e. executes a rule) when the rule is satisfied EXample #24(D>1A)And(Shunt D> 6A)for 10 sec, then Try Sec Bus Reg_ Off #27 (Red Battery Charger is ON) for 5 sec, then rule(28, 29 )stop The core software is reusable Engineers must enumerate all possible faults and combinations thereof along with the corresponding recovery methods Verifying the validity of the rules is difficult Massachusetts Institute of Technology
5 Massachusetts Institute of Technology FDIR Techniques • If-then-else – Hard coded set of FDIR statements • Rule-based – Set of rules written by the engineers – Fires a rule (i.e. executes a rule) when the rule is satisfied – Example • #24 (ID > 1A) And (Ishunt_D > 6A) for 10 sec, then Try_Sec_Bus_Reg_Off. • #27 (Red Battery Charger is ON) for 5 sec, then rule (28,29) stop. – The core software is reusable. – Engineers must enumerate all possible faults and combinations thereof along with the corresponding recovery methods. – Verifying the validity of the rules is difficult
