SAFER++ VDM++ and UML Thomas Christensen & Tommy Pedersen.
25
SAFER++ VDM++ and UML Thomas Christensen & Tommy Pedersen
-
Upload
sarai-fenney -
Category
Documents
-
view
213 -
download
0
Transcript of SAFER++ VDM++ and UML Thomas Christensen & Tommy Pedersen.
SAFER++
VDM++ and UMLThomas Christensen &
Tommy Pedersen
Agenda
Discussion VDM++ code Summary
Discussion
How to compensate for a defective thruster ?
Discussion
How to compensate for a defective thruster ? Cases:
Rotation around one axis only Translation along one axis only Multi-axis rotation Multi-axis translation
Discussion
Discussion
Case: Rotation around one axis only Example:
+pitch (Clockwise around y-axis) Thrusters B1 and F3 are fired (left side thrusters)
Discussion
Case: Rotation around one axis only Example:
+pitch (Clockwise around y-axis) Thrusters B1 and F3 are fired (left side thrusters)
Thruster B1 fails.. Compensate by:
Disabling B1 and F3 Firing equivalent right side thrusters, B2 and F4
Discussion
Case: Translation along one axis only Example:
Forward translation (along +X-axis) All forward thrusters are fired, F1, F2, F3, F4
Discussion
Case: Translation along one axis only Example:
Forward translation (along +X-axis) All forward thruster are fired, F1, F2, F3, F4
Thruster F3 fails... Compensate by:
Disabling diagonally opposite thruster F2 Keep firing F1 and F4 (½ power)
Discussion
Case: Multi-axis rotation Example:
-pitch, -yaw (CCW around z and y-axes) Thrusters B4 and F1 are fired
Discussion
Case: Multi-axis rotation Example:
-pitch, -yaw (CCW around z and y-axes) Thrusters B4 and F1 are fired
Thruster B4 fails... Problem....
No equivalent thruster combinations
Discussion
Case: Multi-axis rotation Possible solution 1:
Rotate backwards
Discussion
Case: Multi-axis rotation Possible solution 1:
Rotate backwards Fire opposite thrusters, F4, B1
SAFER rotates to same position (backwards) Problems:
Counter-intuitive movement. (Warning light ?) May use more GN2 for propulsion
Discussion
Case: Multi-axis rotation Possible solution 2:
Replace single multi-axis rotation by multiple single-axis rotations.
Single-axis rotations can always be performed by alternative thrusters.
”Step-wise” rotation Problems:
R(a+Δa,b+Δb,c+Δc) ≠ R(a,b,c)R(Δa,Δb,Δc)
Discussion
Case: Multi-axis rotation Possible solution 3:
Don’t compensate Example:
-pitch -yaw, (CCW around z and y-axes) Thrusters B4 and F1 are fired
Thruster B4 fails... Use F1 only
Discussion
Case: Multi-axis rotation Possible solution 3:
Don’t compensate Problems:
Wider turn radius. Thruster output constant, cannot boost to compensate
Discussion
Case: Multi-axis translation Not possible Translation prioritized
X > Y > Z Only one axis at a time
Discussion
Summary Cases:
Compensation possible Rotation around one axis only Translation along one axis only
Compensation not feasible Multi-axis rotation
Compensation not relevant Multi-axis translation
VDM++SelectThrusters() ==
...
if numberOfDefThr = 0
then selected := selected
else if numberOfDefThr = 1
then
if card (selected inter defThrusters) = 0
then selected := selected
else selected := CompensateSingle(selected, defThrusters)
else if numberOfDefThr > 1
then
if card (selected inter defThrusters) = 0
then selected := selected
else
if card (selected inter defThrusters) = 1
then selected := CompensateSingle(selected, defThrusters)
else if card (selected inter defThrusters) > 1
then selected := CompensateMultiple(selected, defThrusters)
VDM++CompensateSingle : set of ThrusterPosition * set of ThrusterPosition
==> set of ThrusterPosition
CompensateSingle(selected, defective) ==
let
transType : TransformationType = GetTransformationType(intcmd)
in
cases transType:
<ONE_AXIS_TRANSLATION> ->
alt_thrusters = (tran_single_axis(defective union DiagonalMap(defective)))
<ONE_AXIS_ROTATION> ->
alt_thrusters = (OppositeMap(defective) union OppositeMap(selected\defective)),
<NO_MOVEMENT> -> alt_thrusters = {},
others -> alt_thrusters = {}
return alt_thrusters;
VDM++TransformationType = <ONE_AXIS_TRANSLATION> |
<ONE_AXIS_ROTATION> |
<TWO_AXIS_ROTATION> |
<THREE_AXIS_ROTATION> |
<TRANSLATION_ROTATION_COMBO> |
<NO_MOVEMENT>;
public DiagonalMap : map ThrusterPosition to ThrusterPosition = {
-- Back Thruster positions
<B1> |-> <B4>,
<B2> |-> <B3>,
<B3> |-> <B2>,
<B4> |-> <B1>,
...
public OppositeMap : map ThrusterPosition to ThrusterPosition = {
-- Back Thruster positions
<B1> |-> <F4>,
<B2> |-> <F3>,
<B3> |-> <F2>,
<B4> |-> <F1>,
VDM++tran_single_axis : map set of ThrusterPosition to
set of ThrusterPosition = {
-- +X translation
{<F1>, <F4>} |-> {<F2>, <F3>},
{<F2>, <F3>} |-> {<F1>, <F4>},
-- -X translation
{<B1>, <B4>} |-> {<B2>, <B3>},
{<B2>, <B3>} |-> {<B1>, <B4>},
...
VDM++GetTransformationType : IntegratedCommand ==> TransformationType
GetTransformationType() ==
let
mk_(tran, rot) = intcmd.GetCommand()
in
if rot(Command`ROLL) = <Zero> and
rot(Command`PITCH) = <Zero> and
rot(Command`YAW) = <Zero> and
tran(Command`X) = <Zero> and
tran(Command`Y) = <Zero> and
tran(Command`Z) = <Zero>
then return <NO_MOVEMENT>
else
if rot(Command`ROLL) = <Zero> and
rot(Command`PITCH) = <Zero> and
rot(Command`YAW) = <Zero> and
(tran(Command`X) <> <Zero> or
tran(Command`Y) <> <Zero> or
tran(Command`Z) <> <Zero>)
then return <ONE_AXIS_TRANSLATION>
else
...
VDM++ public
CompensateMultiple : set of ThrusterPosition * set of ThrusterPosition
==> set of ThrusterPosition
CompensateMultiple(selected, defective) ==
return {};
Summary
Strategies for compensating for defective thrusters Single-axis translation and rotation can be
compensated for. Multi-axis translation is not possible. Multi-axis rotation cannot safely be compensated for.
VDM++ code
