Fault-tolerant hardware designs and their reliability analysis

This thesis was submitted for the degree of Doctor of Philosophy and awarded by Brunel University.Fault-tolerance, which is a complement to fault prevention, is an effective method of achieving ultra-high reliability. By taking this approach fault free computation can be achieved despite the presence of fault in the system. In this thesis three new fault tolerant techniques are presented and their advantages over well known fault-tolerant strategies are shown. One of these new techniques achieves higher reliability than any other similar techniques presented in the literature. Generally fault-tolerant structures consist of four major blocks: the replicated modules, the disagreement and detection circuit, the switching circuit, and the voting mechanism. The most critical component in a fault-tolerant system is the voter because the final output of the system is computed by this component. This dissertation presents a new implementation for voters which reduces both the complexity and the occupied area on the chip. The structures of the three techniques developed in this work are such that the complexity of their switching mechanisms grows only linearly with the number of modules but the voting mechanism complexity increases significantly. This is a better approach than those schemes in which the switching complexity increases significantly and the voter's complexity remains constant or grows linearly with the number of modules because it is easier to implement a complex voter than a complex switch (voters have more regular structures). Extensive comparisons are made between different fault-tolerant techniques. A new reliability model is also developed for system reliability evaluation of the new designs. The results of these analyses are plotted, and the advantages of the new techniques are demonstrated. In the final part of the work an expert system is described which uses the knowledge acquired by these comparisons. This expert system is meant as a prototype of a component of a CAD tool which will act as an advisor on fault-tolerant techniques

Advanced flight control system study

The architecture, requirements, and system elements of an ultrareliable, advanced flight control system are described. The basic criteria are functional reliability of 10 to the minus 10 power/hour of flight and only 6 month scheduled maintenance. A distributed system architecture is described, including a multiplexed communication system, reliable bus controller, the use of skewed sensor arrays, and actuator interfaces. Test bed and flight evaluation program are proposed

Advanced Launch System Multi-Path Redundant Avionics Architecture Analysis and Characterization

The objective of the Multi-Path Redundant Avionics Suite (MPRAS) program is the development of a set of avionic architectural modules which will be applicable to the family of launch vehicles required to support the Advanced Launch System (ALS). To enable ALS cost/performance requirements to be met, the MPRAS must support autonomy, maintenance, and testability capabilities which exceed those present in conventional launch vehicles. The multi-path redundant or fault tolerance characteristics of the MPRAS are necessary to offset a reduction in avionics reliability due to the increased complexity needed to support these new cost reduction and performance capabilities and to meet avionics reliability requirements which will provide cost-effective reductions in overall ALS recurring costs. A complex, real-time distributed computing system is needed to meet the ALS avionics system requirements. General Dynamics, Boeing Aerospace, and C.S. Draper Laboratory have proposed system architectures as candidates for the ALS MPRAS. The purpose of this document is to report the results of independent performance and reliability characterization and assessment analyses of each proposed candidate architecture and qualitative assessments of testability, maintainability, and fault tolerance mechanisms. These independent analyses were conducted as part of the MPRAS Part 2 program and were carried under NASA Langley Research Contract NAS1-17964, Task Assignment 28

Supervisory Control System Architecture for Advanced Small Modular Reactors

This technical report was generated as a product of the Supervisory Control for Multi-Modular SMR Plants project within the Instrumentation, Control and Human-Machine Interface technology area under the Advanced Small Modular Reactor (SMR) Research and Development Program of the U.S. Department of Energy. The report documents the definition of strategies, functional elements, and the structural architecture of a supervisory control system for multi-modular advanced SMR (AdvSMR) plants. This research activity advances the state-of-the art by incorporating decision making into the supervisory control system architectural layers through the introduction of a tiered-plant system approach. The report provides a brief history of hierarchical functional architectures and the current state-of-the-art, describes a reference AdvSMR to show the dependencies between systems, presents a hierarchical structure for supervisory control, indicates the importance of understanding trip setpoints, applies a new theoretic approach for comparing architectures, identifies cyber security controls that should be addressed early in system design, and describes ongoing work to develop system requirements and hardware/software configurations

Mathematical maintenance models of vehicles’ equipment

Dissertation for obtaining a scientific degree of Doctor of Philosophy within the specialty 05.22.20 «Maintenance and repair of vehicles». – National Aviation University, Kyiv, 2018.The thesis addresses the critical scientific problem of creating the appropriate maintenance models for digital avionics systems and degrading equipment of vehicles, which increases the operational effectiveness of such systems significantly. The thesis research includes the analysis of the current state and models of digital avionics maintenance. The study describes the necessity for developing the mathematical maintenance models for redundant digital avionics systems, considering the discontinuous nature of their operation, continuous nature of in-flight testing, possibility of both permanent and intermittent failures and organization of several maintenance levels using various diagnostic tools for detecting both failure types. Another focus of the thesis is the analysis of modern trends and mathematical models of condition-based maintenance (CBM) of vehicles’ equipment. The necessity of developing new CBM mathematical models for degrading equipment of vehicles, considering the probabilities of correct and incorrect decisions when checking system suitability for use in the upcoming operation interval, and the possibility of joint determination of the optimum inspection schedule and replacement thresholds for systems that affect and do not affect safety have been substantiated. The scientific novelty of the primary results obtained in the course of the thesis research is as follows: 1. For the first time, mathematical models to evaluate the operational reliability indicators of continuously monitored line replaceable units/line replaceable modules (LRUs/LRMs) and redundant avionics systems over both finite and infinite time interval, which, unlike known models, consider the characteristics of both permanent and intermittent 2failures, have been developed. These models allow evaluating the impact of intermittent failures on the availability and mean time between unscheduled removals (MTBUR) of LRU/LRM. 2. For the first time, generalized expressions to calculate the average maintenance costs of redundant avionics systems, considering the impact of permanent and intermittent failures, have been developed for alternative maintenance options that differ by the number of maintenance levels (one, two or three), which allows choosing the optimal maintenance option during warranty and post-warranty periods. 3. For the first time, a mathematical model of CBM, based on condition monitoring at scheduled times has been developed, which, unlike the known models, considers the probabilities of correct and incorrect decisions made when checking system suitability. This model allows formulating the criteria of determining the optimal replacement threshold for each inspection time and substantially reduce the likelihood of system failure in the forthcoming interval of operation. 4. For the first time, generalized mathematical expressions to calculate the effectiveness indicators of CBM over a finite time interval, as well as the criteria of joint optimization of the inspection schedule and replacement thresholds for systems that affect or do not affect the safety, have been developed. These results allow significantly improve the availability, reduce average maintenance costs and reduce the number of inspections. The practical value of the results obtained in the thesis is as follows: 1. The techniques to calculate probabilistic and time-related indicators of maintenance effectiveness for digital avionics LRUs/LRMs over finite and infinite operating intervals have been developed. The proposed procedures allow to estimate the availability, operational reliability function (ORF), and mean time between unscheduled removals (MTBUR) of LRUs/LRMs during warranty and post-warranty maintenance periods for both federated avionics (FA) and integrated modular avionics (IMA) architectures; 2. A technique for minimizing the warranty maintenance cost of the redundant digital avionics systems has been developed, demonstrating (through the example of the ADIRS system of the Airbus A380 aircraft) that in the case of the optimal option of warranty maintenance, the average maintenance cost per aircraft decreases by 28 %; 33. A technique for minimizing the post-warranty maintenance cost of the redundant digital avionics systems has been developed. It demonstrates (through the example of the ADIRS system of the Airbus A380 aircraft) that a three-level maintenance option with an intermittent fault detector (IFD) at I and D levels, is optimal as it reduces the total expected maintenance costs by 11 times compared to a one-level option, and by over 8.5 times compared to a two-level option without IFD; 4. A technique for determining the optimal replacement thresholds when monitoring the condition of the degrading system at scheduled times has been developed, which allows to significantly reduce the system failure probability in the forthcoming interval of operation. 5. A technique for joint determination of the optimal replacement threshold and periodicity of suitability checking when monitoring the system condition has been developed, which allows to substantially increase the availability of systems while significantly reducing the number of inspections. The results of the thesis research may be used in the development and maintenance of FA and IMA systems, as well as degrading equipment of vehicles

Software Reliability Issues Concerning Large and Safety Critical Software Systems

This research was undertaken to provide NASA with a survey of state-of-the-art techniques using in industrial and academia to provide safe, reliable, and maintainable software to drive large systems. Such systems must match the complexity and strict safety requirements of NASA's shuttle system. In particular, the Launch Processing System (LPS) is being considered for replacement. The LPS is responsible for monitoring and commanding the shuttle during test, repair, and launch phases. NASA built this system in the 1970's using mostly hardware techniques to provide for increased reliability, but it did so often using custom-built equipment, which has not been able to keep up with current technologies. This report surveys the major techniques used in industry and academia to ensure reliability in large and critical computer systems

Fault-tolerant computer study

A set of building block circuits is described which can be used with commercially available microprocessors and memories to implement fault tolerant distributed computer systems. Each building block circuit is intended for VLSI implementation as a single chip. Several building blocks and associated processor and memory chips form a self checking computer module with self contained input output and interfaces to redundant communications buses. Fault tolerance is achieved by connecting self checking computer modules into a redundant network in which backup buses and computer modules are provided to circumvent failures. The requirements and design methodology which led to the definition of the building block circuits are discussed

Early aspects: aspect-oriented requirements engineering and architecture design

This paper reports on the third Early Aspects: Aspect-Oriented Requirements Engineering and Architecture Design Workshop, which has been held in Lancaster, UK, on March 21, 2004. The workshop included a presentation session and working sessions in which the particular topics on early aspects were discussed. The primary goal of the workshop was to focus on challenges to defining methodical software development processes for aspects from early on in the software life cycle and explore the potential of proposed methods and techniques to scale up to industrial applications

The 1990 Johnson Space Center bibliography of scientific and technical papers

Abstracts are presented of scientific and technical papers written and/or presented by L. B. Johnson Space Center (JSC) authors, including civil servants, contractors, and grantees, during the calendar year of 1990. Citations include conference and symposium presentations, papers published in proceedings or other collective works, seminars, and workshop results, NASA formal report series (including contractually required final reports), and articles published in professional journals