A Unified Modelling and Operational Framework for Fault Detection, Identification, and Recovery in Autonomous Spacecrafts

A Unified Modelling and Operational Framework for Fault Detection, Identification, and Recovery in Autonomous Spacecrafts

Andrea Bobbio (University of Piemonte Orientale, Italy), Daniele Codetta-Raiteri (University of Piemonte Orientale, Italy), Luigi Portinale (University of Piemonte Orientale, Italy), Andrea Guiotto (Thales Alenia Space, Italy) and Yuri Yushtein (ESA-ESTEC, The Netherlands)
Copyright: © 2014 |Pages: 20
DOI: 10.4018/978-1-4666-4659-9.ch011

Abstract

Recent studies have focused on spacecraft autonomy. The traditional approach for FDIR (Fault Detection, Identification, Recovery) consists of the run-time observation of the operational status to detect faults; the initiation of recovery actions uses static pre-compiled tables. This approach is purely reactive, puts the spacecraft into a safe configuration, and transfers control to the ground. ARPHA is an FDIR engine based on probabilistic models. ARPHA integrates a high-level, a low-level, and an inference-oriented formalism (DFT, DBN, JT, respectively). The off-board process of ARPHA consists of the DFT construction by reliability engineers, the automatic transformation into DBN, the manual enrichment of the DBN, and the JT automatic generation. The JT is the on-board model undergoing analysis conditioned by sensor and plan data. The goal is the current and future state evaluation and the choice of the most suitable recovery policies according to their future effects without the assistance of the ground control.
Chapter Preview
Top

Background

Currently employed state-of-the-art of the FDIR is based on the design-time analysis of the faults and failure scenarios (e.g. Failure Mode Effect Analysis (FMEA), Fault Tree Analysis (FTA) (Schneeweiss, 1999)) and run-time observation of the system operational status (health monitoring). The goal is in general to detect faults in a timely manner and to start a predefined recovery procedure (by using look-up tables), having the goal of putting the spacecraft into a known safe configuration and transfer control to the ground operations for troubleshooting and planning actual recovery.

Standard FDIR approaches have multiple shortcomings which may significantly reduce effectiveness of the adopted procedures:

  • The system, as well as its environment, is only partially observable by monitoring procedures; this introduces uncertainty in the interpretation of observations in terms of the actual system status, which is often disregarded in choosing the possible recovery.

  • Recovery is essentially triggered following a reactive approach, a post-factum operation, not capable of preventive measures and that cannot provide and utilise prognosis for the imminent failures.

Purchase this chapter to continue reading all 20 pages >

Complete Chapter List

Search this Book:
Reset