Showing papers on "Control reconfiguration published in 1983"

Fault detection and redundancy management system

Abstract: A fault detection and redundancy management system for a dual redundancy based network architecture in which the principal control components (master units) are configured and programmed to repetitively carry out intra- and inter-unit performance tests as an a priori requirement for network command capability. These performance tests are carried out in a prescribed sequence to define the fault detection and reconfiguration procedure. The procedure is designed to preclude the cascading of faults. As a first step in this procedure, each processor in a master unit performs a thorough self-test of its own functional capability. Secondly, if a processor has determined that it has passed all of these internal procedures, it must then successfully inform a designated "chief" processor via an interprocessor handshake. This interprocessor handshake is effected by causing each processor in the master unit to set a flag in a shared memory during a prescribed time interval. These flags are read by the chief processor to determine whether to enable an associated bus controller for the next succeeding time interval, and once these flags have been read they are reset by the chief processor, as each processor is required to refresh the handshake flag during successive repetitive time intervals. If the chief processor determines that all units (including itself) are functional, it executes a handshake with a bus interface unit, so as to enable the bus interface unit to conduct I/O operations on the network bus. Failure to complete any portion of this procedure will cause the affected master unit to "off-line" with the result that the redundant master unit will take command of the network bus.

Reconfigurable architectures for VLSI processing arrays

Abstract: Definition of architectures capable of fault tolerance and reconfiguration, suitable for very large scale integration (VLSI) implementation, is an important problem with regard to both production yield and run-time availability of VLSI devices. The case considered in the present paper concerns regular arrays of processing elements, such as the ones found in signal processing and other dedicated structures. It is proposed to achieve fault tolerance through the introduction of spare elements and reconfiguration algorithms implemented by suitable dedicated circuits and signals. A number of reconfigurable structures are presented, with different numbers and patterns of spare elements and with varying degrees of fault tolerance. Underlying fault assumptions are discussed and performances are analyzed; while architectures examined in detail consist of combinatorial elements with fairly simple interconnection schemes, extension to a wider class of structures is also considered. Implementation of diagnosis and reconfiguration is carried out at gate level: the resulting complexity is seen to be minor, as compared to the overall architecture complexity.

Spacecraft autonomous redundancy control

Abstract: The spacecraft system has automatic fault detection and autonomous reconfiguration of redundant hardware and software to correct that fault without ground station intervention. The spacecraft has redundant processors, sensors, control systems and buses. When a unit is believed to have failed as detected by the satellite processor unit, it switches to a backup unit. If the symptom persists after the unit is switched, the processor unit switches to a different bus. If the fault still exists, a new processor unit is switched in and the entire checking and switching repeats.

Reconfiguration control method for a loop-type data network

Abstract: This invention discloses a loop-back control method for loop-type data transmission systems in which, when a trouble occurs on both transmission lines of two systems (3, 4), two stations (2) adjacent to the trouble region return signals toward a control station (1) in response to a command from the control station, thereby to separate the trouble region and continue the operation. According to this invention, when the control station detects the occurrence of a trouble on the transmission lines of the two systems, it sends out a broadcast command for searching the trouble point to the transmission lins of both systems and thereafter a loop-back command so that the stations adjacent to the trouble point can take the loop-back constitution.

Synchronization and fault-masking in redundant real-time systems

Abstract: A real time computer may fail because of massive component failures or not responding quickly enough to satisfy real time requirements An increase in redundancy - a conventional means of improving reliability - can improve the former but can - in some cases - degrade the latter considerably due to the overhead associated with redundancy management, namely the time delay resulting from synchronization and voting/interactive consistency techniques The implications of synchronization and voting/interactive consistency algorithms in N-modular clusters on reliability are considered All these studies were carried out in the context of real time applications As a demonstrative example, we have analyzed results from experiments conducted at the NASA Airlab on the Software Implemented Fault Tolerance (SIFT) computer This analysis has indeed indicated that in most real time applications, it is better to employ hardware synchronization instead of software synchronization and not allow reconfiguration

Development and evaluation of a fault-tolerant multiprocessor (FTMP) computer. Volume 1: FTMP principles of operation

Abstract: The basic organization of the fault tolerant multiprocessor, (FTMP) is that of a general purpose homogeneous multiprocessor Three processors operate on a shared system (memory and I/O) bus Replication and tight synchronization of all elements and hardware voting is employed to detect and correct any single fault Reconfiguration is then employed to repair a fault Multiple faults may be tolerated as a sequence of single faults with repair between fault occurrences

A fault-tolerant system architecture for navy applications

Abstract: This paper describes the architecture of a computer system, being designed and built for the U.S. Navy, that is expected to be the standard Navy shipboard computer for the next twenty years or so. It has a requirement for very high system reliability, which is addressed by a multiprocessor system configuration that can recover dynamically from hardware faults and support on-line repair of failed hardware elements. Successfully accomplishing this requires various types of redundant hardware elements and special system architecture features, as well as intelligent fault-recovery software. This also requires that the application programs be designed to participate fully in the recovery and reconfiguration process. This paper presents the overall system architecture and discusses a number of significant new features designed to support fault-tolerant operation, including a duplex control bus, a computer interconnection system, a technique for remote diagnostics, a single-button maintenance procedure, and special fault-handling software.

Robust Reconfiguration for High Reliability and Survivability for Advanced Aircraft

Abstract: Flight control system (FCS) reliability is discussed in terms of sensors, computers and actuators. The servo/actuation bottleneck is discussed. FCS survivability is considered. Preliminary survivability issues. A Grumman study vehicle, R-14, and YF-16 aircraft configurations are studied. Goals of control are reviewed.

Experimental evaluation of digital control schemes for nuclear reactors

Abstract: Experiments have been conducted on the 5 MWt fission reactor, MITR-II, in which fault-tolerant control schemes were tested and evaluated under both transient and steady-state conditions. These control systems incorporated on-line detection, isolation and reconfiguration of faulty equipment, sensor calibration, measurement estimation, and information display in given controller structures [1, 2]. Among the techniques studied were ones simulating operator instructions, heuristic programing including both adaptive and learning theory routines, and predictive methods. Each method studied resulted in digital control of reactor power via analysis of a validated estimate of plant conditions (power, temperature, flow) obtained from the plant's sensors. The control schemes also used estimates of reactivity obtained via either balances or an analytic measurement employing inverse kinetics [1, 3].

A Self-Test Hardwired Control Section

Abstract: A fault detect mechanism is described for hardwired control logic. The mechanism takes advantage of inherent redundancy in the control logic design style which assigns a unique flip-flop to each machine state. The mechanism is capable of detecting all single stuck-at faults, as well as many multiple faults and intermittents within the control section.

Reconfigurable fault-tolerant multicomputer network

Abstract: This paper discusses fault-tolerant reconfigurations of a multicomputer network organized as a binary tree. The paper shows how to reconfigure a binary tree with faulty nonleaves with lost connectivity into a binary tree in which all faulty nodes become leaves or form more complex end-tree structures of higher dimension.In both cases the faulty nodes are disconnected from a reconfigured fault-tolerant tree, which continues to function as a gracefully degraded tree made completely out of fault-free nodes.The reconfiguration techniques developed are based on fine mathematical ideas of shift-register theory; they can be performed with only a single reconfiguration code (called a bias) that is sent concurrently to all fault-free nodes of a tree.The techniques for finding this reconfiguration code are also very simple. For the case in which all faulty nodes become leaves, the required reconfiguration code can be found during the time of one mod-2 addition (one clock period). For the case in which all faulty nodes form an i-dimensional end-tree, the necessary reconfiguration code can be found following a simple process that includes (i-1) mod-2 additions performed sequentially.Once the reconfiguration code is found, it is sent to all fault-free nodes of a binary tree. A fault-tolerant reconfiguration into a gracefully degraded tree with disconnected faulty nodes can be performed during the time of one clock period, since it includes the time of a one-bit shift and mod-2 addition.

A self-reconfiguring communications ring for distributed computer control schemes

Abstract: A communications system for use in distributed computer control schemes is described. The requirements of such a system include data integrity, computer and data highway fault tolerance and the ability to insert or remove computers on-line. The performance of other communications systems in these respects is considered. The present scheme employs a broadcast serial double ring structure with equal access for all computers. Data are transmitted asynchronously in blocks with cyclic redundancy checking. Automatic reconfiguration takes place in the event of link failures, and the system recovers to the full double ring structure when links are repaired. The ring may be deliberately broken and computers inserted or removed on-line. The system has been developed and tested using S100-Bus microcomputers and the software has been written mainly in Fortran

On Restructurable Control System Theory

Abstract: The state of stochastic system and control theory as it impacts restructurable control issues is addressed. The multivariable characteristics of the control problem are addressed. The failure detection/identification problem is discussed as a multi-hypothesis testing problem. Control strategy reconfiguration, static multivariable controls, static failure hypothesis testing, dynamic multivariable controls, fault-tolerant control theory, dynamic hypothesis testing, generalized likelihood ratio (GLR) methods, and adaptive control are discussed.

Experimental Experience at Calspan

Abstract: A partial list of controllers; multiple means of generating forces and moments available; control power requirements; new aircraft design vs existing configuration; critical technology areas; parameter identification; and types of failure or emergency for reconfiguration are considered.

EMMA-an industrial experience on large multiprocessing architectures

Abstract: EMMA (1) is a multiprocessor system designed and built by ELSAG of Genoa, Italy, to solve problems of pattern recognition arising in automatic mail sorting. The resulting architecture is modular, organizable around several levels, and offers a theoretically unlimited possibility of increasing the processor power. EMMA runs under a simple distributed operating system, supplying process communication, synchronization primitives and some diagnostic functions that complement analysis and reconfiguration modules residing in the supervisor.

Reconfigurable vlsi arrays for pattern analysis and image processing.

Abstract: Orthogonally connected, reconfigurable square arrays are proposed for pattern analysis and image processing. In this paper reconfiguration means change of configuration and structure of the array and/or change of data flow patterns by routing data streams through different paths. With reconfiguration, a special-purpose array can perform several related but distinct tasks. It is shown that the pattern analysis array can compute linear and quadratic discriminant functions, and generate covariance matrices from sample vectors. The image processing array is capable of performing frequency domain and spatial domain operations. 18 references.

SIFT - A preliminary evaluation

Abstract: This paper presents the results of a performance evaluation of the SIFT computer system conducted in the NASA AIRLAB facility. The essential system functions are described and compared to both earlier design proposals and subsequent design improvements. The functions supporting fault tolerance are found to consume significant computing resources. With SIFT's specimen task load, scheduled at a 30-Hz rate, the executive tasks such as reconfiguration, clock synchronization and interactive consistency, require 55 percent of the available task slots. Other system overhead (e.g., voting and scheduling) use an average of 50 percent of each remaining task slot.

Fault Tolerant Computing Research.

Abstract: : This report provides a synopsis of research performed in fault- tolerant computing, for the first year of grant AFOSR-84-0052. Also included is a list of publications that have resulted from the research supported by this grant. Additionally, this report reviews the future direction for the continuing research under this grant. In the past year, this effort has focussed on the following problems: (1) Investigation of novel fault-tolerant processor array architectures with the potential of a high degree of defect tolerance, but having low processor and interconnect overhead associated with the fault tolerance mechanisms; (2) Development of realistic models to evaluate the yield, redundancy and performance tradeoffs for the designs. Such models would help establish the viability of these architectures, also enabling them to be compared with other designs in the literature; (3) Development of new and efficient testing strategies, and reconfiguration schemes for their structures; (4) Testable design of large size VLSI memory; and (5) Development of novel sorting networks that can be implemented on a single chip or wafer. Three journal articles were supported during the grant period: 'Synthesis of Directed Multicommodity Flow Networks,' Vol. 14, pp. 213-224 (with A. Stai); 'Fault- Tolerant Multiprocessor Link and Bus Network Architectures, IEEE Transactions on Computers, Vol. C-34, No. 1, January 1985, pp. 33-46; and 'Dynamically Restructurable Fault-Tolerant Processor Network Architectures,' IEEE transactions on Computers (to appear).

On Why It Is Impossible to Prove that the BDX90 Dispatcher Implements a Time-sharing System

Abstract: The Software Implemented Fault Tolerance SIFT system, is written in PASCAL except for about a page of machine code. The SIFT system implements a small time sharing system in which PASCAL programs for separate application tasks are executed according to a schedule with real time constraints. The PASCAL language has no provision for handling the notion of an interrupt such as the B930 clock interrupt. The PASCAL language also lacks the notion of running a PASCAL subroutine for a given amount of time, suspending it, saving away the suspension, and later activating the suspension. Machine code was used to overcome these inadequacies of PASCAL. Code which handles clock interrupts and suspends processes is called a dispatcher. The time sharing/virtual machine idea is completely destroyed by the reconfiguration task. After termination of the reconfiguration task, the tasks run by the dispatcher have no relation to those run before reconfiguration. It is impossible to view the dispatcher as a time-sharing system implementing virtual BDX930s running concurrently when one process can wipe out the others.

Chordal Fault-Tolerance Techniques in Ring-Connected Parallel Pipeline Systems

Abstract: Signal processing systems 3ften use parallel pipeline type architectures to increase system throughpu~ . Although these systems are computationally efficient, they are unreliable from a fault-tolerance point of view. This paper presents a cost-efficient method of improving the reliability of ringconnected high-level data flow pipelines and linear computational pipelines through the use of single or multiple element bypass paths and the addition of one or more spare elements to the pipelines. Two configurations using this bypass technique are presented, the chordal ring and the linear bypass pipeline. Suggested reconfiguration techniques are explained and the terminology assoclzted with these architectures is defined. A reliability model that applies to both the ring and linear configurations is developed and studied. The bypass technique is compared with several other redundancy techniques, using reliability and a reliability performance factor. It is shown that the bypass technique provides a cost-efficient method of obtaining substantially improved reliability performance.

Organizing Space Shuttle parametric data for maintainability

Abstract: A model of organization and management of Space Shuttle data is proposed. Shuttle avionics software is parametrically altered by a reconfiguration process for each flight. As the flight rate approaches an operational level, current methods of data management would become increasingly complex. An alternative method is introduced, using modularized standard data, and its implications for data collection, integration, validation, and reconfiguration processes are explored. Information modules are cataloged for later use, and may be combined in several levels for maintenance. For each flight, information modules can then be selected from the catalog at a high level. These concepts take advantage of the reusability of Space Shuttle information to reduce the cost of reconfiguration as flight experience increases.

Control Law for Aircraft Applications

Abstract: An Optimal Proportional-plus-IntegraVTracking control law is formulated. The control law has a Command Augmenta- tion System configuration suitable for implementation on a digital computer on-bmrd an aircraft. The proposed configu- ration offers the flexibility for choosing a feedforward matrix incorporating a set of additional control elements and for shaping the transient response without affecting the steady state tracking property. Assuming the system is open loop stable, then in the presence of a "Jam" the disengaged system will maintain the steady state tracking property which is desirable for aircraft continuing their mission. INTRODUCTION AND BACKGROUND With the proven record for implementation of the Command Augmentation Systems (CAS), the exploitation of the Digital- Fly-By-Wire (DFBW)/Software Redundancy Management (SRM) concepts, and the innovations in aerodynamic structure and control element designs, the need for reconfiguration of the Flight Control System (FCS) of a tactical fighter aircraft in the presence of battle damage has become an important issue in future designs. The reconfiguration of FCS increases the survivability and recoverability of battle damaged air- craft and lends itself to self-repairing FCS concepts (7), The CAS configuration proved its superiority over the con- ventional Stability Augmentation System (SAS) (I) in the early 70's. With the advent of state-of-the-art digital elec- tronics, the DFBW systems have become realities. Coupled with the SRM schemes, the DFBW systems have allowed the introduction of new aerodynamic control devices (2) (e.?, Chin Fin, Variable Incidence Wing Panels, etc. as shown In Figure I) and innovative control elements (2)(e.g., Integrated Manueuvering Nozzles as shown in Figure 2) for the Advanced Fighter Technology Integrator (AFTI) aircraft. The flexibility offered by DFBWISRM systems has provided new avenues through which the generic problems associated with fighter aircraft; i.e., survivability and recoverability in the presence of battle damage resulting in the loss of control surfaces, actuators, sensors, etc. can be addressed. Various approaches have been used to investigate the recon- figuration of flight control systems (3, 5, 61. Case studies were conducted (3) using the Entire Eigenstructure tech- niques (4) to develop control laws that would compensate for the loss of the right aileron or the left horizontal stabilizer, for example, using the A-7D DlGlTAC II aircraft data. Parallel to this effort, analytical redundancy through the

Computer Applications in Medical Care. Computers in Medical Education: Design of a Computerized Medical School Admissions Process

Abstract: A Computerized Admissions Process (CAP) was developed for the St. Louis University School of Medicine. This system is written in MUMPS and currently runs on a Tandem Computer System located at the Medical School. The system was designed to achieve several important goals. First, the system must be interactive, providing full integration of various clerical, word processing and administrative functions that comprise the admissions process. Second, there must be a capability for user-defined screening criteria. Third, data entry must be minimized. Fourth, the system must be designed to allow reconfiguration in order to reflect possible future changes in the overall admissions process. A discussion of the present admissions system as a single “state” of a more Generalized Action System (GAS) is presented.

Dynamics and control of a Shuttle attached antenna experiment

Abstract: Study results obtained to date identify the requirements for a large space system flight experiment. This paper considers the dynamics and control of an offset feed wrap-rib antenna attached to the Shuttle for such an experiment. Results reported in this paper are primarily based on the analysis and simulation of the combined Shuttle and antenna flexible dynamics model, and the Shuttle Vernier Reaction Control Subsystem. These results establish the technical feasibility of the Shuttle attached antenna flight experiment. Static and dynamic disturbances examined do not cause significant dynamic interactions to the experiment. Shuttle Vernier jets can be used for control purpose or as controlled excitation sources for experiment. Interface between the Shuttle and the antenna can be rigid or actively decoupled depending on the experiment objective. Key large space systems control technologies such as distributed sensing and actuation, system identification, figure estimation and control, and control for slew or reconfiguration can be validated with the experiment configuration described in this paper.