cnrs nov 2003 - laaswebhost.laas.fr/tsf/rtp21-sdf/documents/03-11-05/05-traverse.pdf ·...
TRANSCRIPT
RTP CNRS-STIC 21 15 Nov 03 - Paris
Pascal Traverse
1. Principes2. Architecture
RTP CNRS-STIC 21 25 Nov 03 - Paris
1. Principes
2. Architecture avionique A380
Commandes de vol électriques
- disponibilité
- mouvement intempestif de gouvernes
RTP CNRS-STIC 21 35 Nov 03 - Paris
man-machine interface•flight envelope protection
•maintenability
•challenges & trends
system failures•control and monitoring computers
•components redundancy
•challenges & trends
particular risks•segregation
•ultimate back-up
•challenges & trends
design and manufacturing errors•error avoidance
•error tolerance
•challenges & trends
RTP CNRS-STIC 21 45 Nov 03 - Paris
(BULKHEAD)WATCHDOG
RAMROMPROCESSOR
WATCHDOG
POWER SUPPLY
INPUT / OUTPUT
RAMROMPROCESSOR
POWER SUPPLY
INPUT / OUTPUT
MONITORING
CONTROL
28 VDC
Lightning strike protectionsACTUATORS
relays
relays
system failures
•control and monitoring computers
RTP CNRS-STIC 21 55 Nov 03 - Paris
Servo valve
Command
computer
Monitoring
Solenoid valve
system failures
•control and monitoring computers
RTP CNRS-STIC 21 65 Nov 03 - Paris
A340- 500/600 EFCS architecturesystem failures
•components redundancySpeedbrakes/ground spoilers
YB
ELEVATOR
THS
M
ELEVATOR
1 2 3P1 P2 P3
GB G YP1P2
S2 S1
P1 P2
S2S1
AILERONS
BGP1 P2
S2S1
AILERONS
Y GS2 P3
B G
G Y
SLATS
FLAPS
roll surfacesroll surfaces
GYP3 S1
outboard inboard outboardinboardG B
P1 P2
S2S1
SPOILERS(1 ->6)SPOILERS(6 -> 1)
YP2
BP3
YS1
GP1 P3
GBS2
G B B Y G YP3 P3 S2 P2 P1 S1
RUDDER
Y
B
TRIMS2S1 G
P2
P1 S1
P3
BCM
BPS YBPS B
Speedbrakes/ground spoilers
RTP CNRS-STIC 21 75 Nov 03 - Paris
Hydraulicsystem(power)
AccumulatorServovalve
Modeselectordevice
Ram
Hydraulic block
Electronics
Modeselectordevice
Ram
Hydraulic block
Motor
PumpAccumulator
ELECTRO-HYDROSTATIC ACTUATOR
HYDRAULIC SERVOCONTROL
system failures
•components redundancy
Electro-Hydrostatic Actuator
Electricalsystem(power)
RTP CNRS-STIC 21 85 Nov 03 - Paris
Avionics
Avionics Flight Controls Actuators
ELECTRICAL GENERATION HYDRAULIC GENERATION
HYDRAULIC GENERATIONELECTRICAL GENERATION
EMERGEN
GEN1
GEN2
APUGEN
EMERGEN
GEN1
GEN2
APUGEN
GREENPUMP
YELLOWPUMP
BLUEPUMP
GREENPUMP
YELLOWPUMP
• A320 ... A340
• A380 A400M
system failures
•components redundancy
A380 A400M - Four power sources
Flight Controls Actuators
RTP CNRS-STIC 21 95 Nov 03 - Paris
system failures
•challenges & trends
EHA are a great opportunity (weight, dissimilarity, segregation)and a challenge with new failure modes
RTP CNRS-STIC 21 105 Nov 03 - Paris
Airbus Fly-by-Wire:system is developed to ARP 4754 level AComputers to DO178B & DO254 level A
Two types of dissimilar computers are usedPRIM ≠ SEC
Error avoidance
Error tolerance
design and manufacturing errors
RTP CNRS-STIC 21 115 Nov 03 - Paris
design and manufacturing errors
•error avoidance
- formalised specification(SAO/SCADE)
- automatic programming
RTP CNRS-STIC 21 125 Nov 03 - Paris
Iron Bird
Simulator•full cockpit•desktop
Bench for system
integration
SAO/SCADEautomatic programming
design and manufacturing errors
•error avoidance
Testing Facilities
RTP CNRS-STIC 21 135 Nov 03 - Paris
design and manufacturing errors
•error tolerance
ELAC ≠ SECPRIM ≠ SEC
COM ≠ MON
with EHA � electrical power AND hydraulic power
� 4 different softwares
data diversity
RTP CNRS-STIC 21 145 Nov 03 - Paris
design and manufacturing errors
•challenges & trends
PRIM / SEC dissimilarity: from random to managed dissimilarity
in-service experience: dissimilarity for system availability is essential
RTP CNRS-STIC 21 155 Nov 03 - Paris
particular risks
•segregation
Computers separation
avoidance of a common failure point- loose luggages- spilling liquid- ...
RTP CNRS-STIC 21 165 Nov 03 - Paris
particular risks
•segregation
Power sources separation
A380, A400M: increased segregation thanks to EHA
RTP CNRS-STIC 21 175 Nov 03 - Paris
particular risks
•ultimate back-up
goal of Airbus ultimate back-up: continued safe flight while crew restore primary flight controls
•reset PRIM and SEC•reset electrical generation
use of ultimate back-up designed to be Extremely Improbable
no credit in certification
goal of Airbus ultimate back-up
RTP CNRS-STIC 21 185 Nov 03 - Paris
particular risks
•ultimate back-up A320: mechanical linkage to THS & rudder
A340: ditto, plus Back-up Yaw DampingA340-600: mechanical linkage to THSautonomous, electrical back-up from pedals to rudder
A380 A400M: electrical back-up on rudder, elevator, aileron
solution for Airbus ultimate back-up
yawrategyro
hydr → elec servoloop
pedalsposition
RTP CNRS-STIC 21 195 Nov 03 - Paris
particular risks
•challenges & trends
•military environment on A400M
•A340-600 Taxi Aid Camera System: open the way to affordable, maintainable flight-by-light
RTP CNRS-STIC 21 205 Nov 03 - Paris
Stick released :Aircraft will fly inside normal
Flight Envelope
Stick on the stops :Aircraft will fly
at the maximum safe limit
Peripheral flight envelopePositive static stability
Normal flight envelopeNeutral static stability
• Pilot reaction immediate and instinctive in case of an emergency situation
• Full authority available to consistently achieve the maximum available performance on the A/C
• Potential of over-control and overstress reduced
A/C protected against: • stall• excessive attitude (pitch, bank)• over-speed• excessive load factor
man-machine interface
•flight envelope protection
RTP CNRS-STIC 21 215 Nov 03 - Paris
Pitch attitude 30°
Angle of attack
Bankangle 67°
Pitch attitude - 15°
- 1.0 g
+ 2.5 g
LoadFactor
Excessive speed(VMO + 6 Kt)
man-machine interface
•flight envelope protection
RTP CNRS-STIC 21 225 Nov 03 - Paris
man-machine interface
•maintenability
•challenges and trends
•extensive fool-proofing
•precise trouble shooting
(800 different failure diagnostic)
•maturity at entry into service
RTP CNRS-STIC 21 235 Nov 03 - Paris
A380 Aircraft Data Communication Network
• dual redundant network
• Switched Ethernet type
COM
MON
network
RTP CNRS-STIC 21 245 Nov 03 - Paris
A380 Aircraft Data Communication Network
FCGU1A FCGU1BPRIM1
SEC1SFCC1
ADIRU1
FCGU2AFCGU2BPRIM2
SEC2 SFCC2
ADIRU2
FCGU3AFCGU3BPRIM3
SEC3
OSCU
SPDB5
SW-16
SW-6
IOM 1
IOM 3
FM1
EEC2 A
B
EEC4 A
B
CDSL1
CDSL2
SW-11
SW-1
IOM 2
IOM 4
FM2
EEC1A
B
EEC3A
B
CDSR2
CDSR1
CDSC1
CDSC2
CDSR3
CDSL3
FM3 ADIRU3 CMV
CPIOM-C1
CPIOM-D1
AESU 1
IOM 5
IOM 7
CPIOM-C2
AESU 2
IOM6
IOM 8
CPIOM-F2
CPIOM-F4
CPIOM-G2
CPIOM-G4
CPIOM-E2
SPDB 2
SPDB 4
CPIOM-F1
CPIOM-F3
CPIOM-G1
CPIOM-G3
CPIOM-E1
SPDB 1
SPDB 3
ECB
SPDB7
CIDS1SDS1
CPIOM-A1CPIOM-A3 CPIOM-B1CPIOM-B3
SPDB 6
SPDB 8
CIDS2SDS2
CPIOM-A2 CPIOM-A4CPIOM-B2 CPIOM-B4
SW-12
SW-2
CDAM
SW-19
SW-9
SEPDC1 SEPDC2
SCI
18+2FT 18+2FT
12+1FT
16+2FT 15+2FT
14+2FT 12+2FT
15+2FT 14+2FT
SW-14
SW-4
SW-13
SW-3
DSMS
SW-17
SW-7
SW-15
SW-5
SW-18
SW-8
CPIOM-D3
Usual electrical separation of blocks of computers
loss of ADCN /mutated dataon network: not critical
RTP CNRS-STIC 21 255 Nov 03 - Paris
A380 ADCN & SHARED RESSOURCES
LRM
CONFIGUREDMODULE
Hardware + resident software
FWC
1
FCD
C 1
WB
BC
1
Application Programming Interface (API)
FCU
Bac
k-up
1
Operating System (O/S)+ other functions
Hardware + resident software
FWC
2
FCD
C 2
WB
BC
2
Application Programming Interface (API)
FCU
Bac
k-up
2
Operating System (O/S)+ other functions
CPIOM-C 1 CPIOM-C 2
ADCN
Arinc 429
PRIM 1 SEC 1 PRIM 2 SEC 2 PRIM 3 SEC 3
non essential functions (warning, maintenance, …) located on shared ressources
Essential data network-old technology-Separated from ADCN
RTP CNRS-STIC 21 265 Nov 03 - Paris