Failure detection and identification for a reconfigurable flight control system

NASA Technical Reports Server (NTRS)

Dallery, Francois

1987-01-01

Failure detection and identification logic for a fault-tolerant longitudinal control system were investigated. Aircraft dynamics were based upon the cruise condition for a hypothetical transonic business jet transport configuration. The fault-tolerant control system consists of conventional control and estimation plus a new outer loop containing failure detection, identification, and reconfiguration (FDIR) logic. It is assumed that the additional logic has access to all measurements, as well as to the outputs of the control and estimation logic. The pilot may also command the FDIR logic to perform special tests.

Control system failure monitoring using generalized parity relations. M.S. Thesis Interim Technical Report

NASA Technical Reports Server (NTRS)

Vanschalkwyk, Christiaan Mauritz

1991-01-01

Many applications require that a control system must be tolerant to the failure of its components. This is especially true for large space-based systems that must work unattended and with long periods between maintenance. Fault tolerance can be obtained by detecting the failure of the control system component, determining which component has failed, and reconfiguring the system so that the failed component is isolated from the controller. Component failure detection experiments that were conducted on an experimental space structure, the NASA Langley Mini-Mast are presented. Two methodologies for failure detection and isolation (FDI) exist that do not require the specification of failure modes and are applicable to both actuators and sensors. These methods are known as the Failure Detection Filter and the method of Generalized Parity Relations. The latter method was applied to three different sensor types on the Mini-Mast. Failures were simulated in input-output data that were recorded during operation of the Mini-Mast. Both single and double sensor parity relations were tested and the effect of several design parameters on the performance of these relations is discussed. The detection of actuator failures is also treated. It is shown that in all the cases it is possible to identify the parity relations directly from input-output data. Frequency domain analysis is used to explain the behavior of the parity relations.

Independent Orbiter Assessment (IOA): Analysis of the purge, vent and drain subsystem

NASA Technical Reports Server (NTRS)

Bynum, M. C., III

1987-01-01

The results of the Independent Orbiter Assessment (IOA) of the Failure Modes and Effects Analysis (FMEA) and Critical Items List (CIL) are presented. The IOA approach features a top-down analysis of the hardware to determine failure modes, criticality, and potential critical items. To preserve independence, this analysis was accomplished without reliance upon the results contained within the NASA FMEA/CIL documentation. This report documents the independent analysis results corresponding to the Orbiter PV and D (Purge, Vent and Drain) Subsystem hardware. The PV and D Subsystem controls the environment of unpressurized compartments and window cavities, senses hazardous gases, and purges Orbiter/ET Disconnect. The subsystem is divided into six systems: Purge System (controls the environment of unpressurized structural compartments); Vent System (controls the pressure of unpressurized compartments); Drain System (removes water from unpressurized compartments); Hazardous Gas Detection System (HGDS) (monitors hazardous gas concentrations); Window Cavity Conditioning System (WCCS) (maintains clear windows and provides pressure control of the window cavities); and External Tank/Orbiter Disconnect Purge System (prevents cryo-pumping/icing of disconnect hardware). Each level of hardware was evaluated and analyzed for possible failure modes and effects. Criticality was assigned based upon the severity of the effect for each failure mode. Four of the sixty-two failure modes analyzed were determined as single failures which could result in the loss of crew or vehicle. A possible loss of mission could result if any of twelve single failures occurred. Two of the criticality 1/1 failures are in the Window Cavity Conditioning System (WCCS) outer window cavity, where leakage and/or restricted flow will cause failure to depressurize/repressurize the window cavity. Two criticality 1/1 failures represent leakage and/or restricted flow in the Orbiter/ET disconnect purge network which prevent cryopumping/icing of disconnect hardware. Each level of hardware was evaluated and analyzed for possible failure modes and effects. Criticality was assigned based upon the severity of the effect for each failure mode.

Reliability analysis of the F-8 digital fly-by-wire system

NASA Technical Reports Server (NTRS)

Brock, L. D.; Goodman, H. A.

1981-01-01

The F-8 Digital Fly-by-Wire (DFBW) flight test program intended to provide the technology for advanced control systems, giving aircraft enhanced performance and operational capability is addressed. A detailed analysis of the experimental system was performed to estimated the probabilities of two significant safety critical events: (1) loss of primary flight control function, causing reversion to the analog bypass system; and (2) loss of the aircraft due to failure of the electronic flight control system. The analysis covers appraisal of risks due to random equipment failure, generic faults in design of the system or its software, and induced failure due to external events. A unique diagrammatic technique was developed which details the combinatorial reliability equations for the entire system, promotes understanding of system failure characteristics, and identifies the most likely failure modes. The technique provides a systematic method of applying basic probability equations and is augmented by a computer program written in a modular fashion that duplicates the structure of these equations.

A failure effects simulation of a low authority flight control augmentation system on a UH-1H helicopter

NASA Technical Reports Server (NTRS)

Corliss, L. D.; Talbot, P. D.

1977-01-01

A two-pilot moving base simulator experiment was conducted to assess the effects of servo failures of a flight control system on the transient dynamics of a Bell UH-1H helicopter. The flight control hardware considered was part of the V/STOLAND system built with control authorities of from 20-40%. Servo hardover and oscillatory failures were simulated in each control axis. Measurements were made to determine the adequacy of the failure monitoring system time delay and the servo center and lock time constant, the pilot reaction times, and the altitude and attitude excursions of the helicopter at hover and 60 knots. Safe recoveries were made from all failures under VFR conditions. Pilot reaction times were from 0.5 to 0.75 sec. Reduction of monitor delay times below these values resulted in significantly reduced excursion envelopes. A subsequent flight test was conducted on a UH-1H helicopter with the V/STOLAND system installed. Series servo hardovers were introduced in hover and at 60 knots straight and level. Data from these tests are included for comparison.

Nonparametric method for failures diagnosis in the actuating subsystem of aircraft control system

NASA Astrophysics Data System (ADS)

Terentev, M. N.; Karpenko, S. S.; Zybin, E. Yu; Kosyanchuk, V. V.

2018-02-01

In this paper we design a nonparametric method for failures diagnosis in the aircraft control system that uses the measurements of the control signals and the aircraft states only. It doesn’t require a priori information of the aircraft model parameters, training or statistical calculations, and is based on analytical nonparametric one-step-ahead state prediction approach. This makes it possible to predict the behavior of unidentified and failure dynamic systems, to weaken the requirements to control signals, and to reduce the diagnostic time and problem complexity.

Accelerated Aging System for Prognostics of Power Semiconductor Devices

NASA Technical Reports Server (NTRS)

Celaya, Jose R.; Vashchenko, Vladislav; Wysocki, Philip; Saha, Sankalita

2010-01-01

Prognostics is an engineering discipline that focuses on estimation of the health state of a component and the prediction of its remaining useful life (RUL) before failure. Health state estimation is based on actual conditions and it is fundamental for the prediction of RUL under anticipated future usage. Failure of electronic devices is of great concern as future aircraft will see an increase of electronics to drive and control safety-critical equipment throughout the aircraft. Therefore, development of prognostics solutions for electronics is of key importance. This paper presents an accelerated aging system for gate-controlled power transistors. This system allows for the understanding of the effects of failure mechanisms, and the identification of leading indicators of failure which are essential in the development of physics-based degradation models and RUL prediction. In particular, this system isolates electrical overstress from thermal overstress. Also, this system allows for a precise control of internal temperatures, enabling the exploration of intrinsic failure mechanisms not related to the device packaging. By controlling the temperature within safe operation levels of the device, accelerated aging is induced by electrical overstress only, avoiding the generation of thermal cycles. The temperature is controlled by active thermal-electric units. Several electrical and thermal signals are measured in-situ and recorded for further analysis in the identification of leading indicators of failures. This system, therefore, provides a unique capability in the exploration of different failure mechanisms and the identification of precursors of failure that can be used to provide a health management solution for electronic devices.

The Need for Intelligent Control of Space Power Systems

NASA Technical Reports Server (NTRS)

May, Ryan David; Soeder, James F.; Beach, Raymond F.; McNelis, Nancy B.

2013-01-01

As manned spacecraft venture farther from Earth, the need for reliable, autonomous control of vehicle subsystems becomes critical. This is particularly true for the electrical power system which is critical to every other system. Autonomy can not be achieved by simple scripting techniques due to the communication latency times and the difficulty associated with failures (or combinations of failures) that need to be handled in as graceful a manner as possible to ensure system availability. Therefore an intelligent control system must be developed that can respond to disturbances and failures in a robust manner and ensure that critical system loads are served and all system constraints are respected.

Loss of control air at Browns Ferry Unit One: accident sequence analysis

DOE Office of Scientific and Technical Information (OSTI.GOV)

Harrington, R.M.; Hodge, S.A.

1986-04-01

This study describes the predicted response of the Browns Ferry Nuclear Plant to a postulated complete failure of plant control air. The failure of plant control air cascades to include the loss of drywell control air at Units 1 and 2. Nevertheless, this is a benign accident unless compounded by simultaneous failures in the turbine-driven high pressure injection systems. Accident sequence calculations are presented for Loss of Control Air sequences with assumed failure upon demand of the Reactor Core Isolation Cooling (RCIC) and the High Pressure Coolant Injection (HPCI) at Unit 1. Sequences with and without operator action are considered.more » Results show that the operators can prevent core uncovery if they take action to utilize the Control Rod Drive Hydraulic System as a backup high pressure injection system.« less

Abnormal/Emergency Situations. Impact of Unmanned Aircraft Systems Emergency and Abnormal Events on the National Airspace System

NASA Technical Reports Server (NTRS)

2006-01-01

Access 5 analyzed the differences between UAS and manned aircraft operations under five categories of abnormal or emergency situations: Link Failure, Lost Communications, Onboard System Failures, Control Station Failures and Abnormal Weather. These analyses were made from the vantage point of the impact that these operations have on the US air traffic control system, with recommendations for new policies and procedures included where appropriate.

Flight Test Comparison of Different Adaptive Augmentations for Fault Tolerant Control Laws for a Modified F-15 Aircraft

NASA Technical Reports Server (NTRS)

Burken, John J.; Hanson, Curtis E.; Lee, James A.; Kaneshige, John T.

2009-01-01

This report describes the improvements and enhancements to a neural network based approach for directly adapting to aerodynamic changes resulting from damage or failures. This research is a follow-on effort to flight tests performed on the NASA F-15 aircraft as part of the Intelligent Flight Control System research effort. Previous flight test results demonstrated the potential for performance improvement under destabilizing damage conditions. Little or no improvement was provided under simulated control surface failures, however, and the adaptive system was prone to pilot-induced oscillations. An improved controller was designed to reduce the occurrence of pilot-induced oscillations and increase robustness to failures in general. This report presents an analysis of the neural networks used in the previous flight test, the improved adaptive controller, and the baseline case with no adaptation. Flight test results demonstrate significant improvement in performance by using the new adaptive controller compared with the previous adaptive system and the baseline system for control surface failures.

Response analysis of curved bridge with unseating failure control system under near-fault ground motions

NASA Astrophysics Data System (ADS)

Zuo, Ye; Sun, Guangjun; Li, Hongjing

2018-01-01

Under the action of near-fault ground motions, curved bridges are prone to pounding, local damage of bridge components and even unseating. A multi-scale fine finite element model of a typical three-span curved bridge is established by considering the elastic-plastic behavior of piers and pounding effect of adjacent girders. The nonlinear time-history method is used to study the seismic response of the curved bridge equipped with unseating failure control system under the action of near-fault ground motion. An in-depth analysis is carried to evaluate the control effect of the proposed unseating failure control system. The research results indicate that under the near-fault ground motion, the seismic response of the curved bridge is strong. The unseating failure control system perform effectively to reduce the pounding force of the adjacent girders and the probability of deck unseating.

A demonstration of an intelligent control system for a reusable rocket engine

NASA Technical Reports Server (NTRS)

Musgrave, Jeffrey L.; Paxson, Daniel E.; Litt, Jonathan S.; Merrill, Walter C.

1992-01-01

An Intelligent Control System for reusable rocket engines is under development at NASA Lewis Research Center. The primary objective is to extend the useful life of a reusable rocket propulsion system while minimizing between flight maintenance and maximizing engine life and performance through improved control and monitoring algorithms and additional sensing and actuation. This paper describes current progress towards proof-of-concept of an Intelligent Control System for the Space Shuttle Main Engine. A subset of identifiable and accommodatable engine failure modes is selected for preliminary demonstration. Failure models are developed retaining only first order effects and included in a simplified nonlinear simulation of the rocket engine for analysis under closed loop control. The engine level coordinator acts as an interface between the diagnostic and control systems, and translates thrust and mixture ratio commands dictated by mission requirements, and engine status (health) into engine operational strategies carried out by a multivariable control. Control reconfiguration achieves fault tolerance if the nominal (healthy engine) control cannot. Each of the aforementioned functionalities is discussed in the context of an example to illustrate the operation of the system in the context of a representative failure. A graphical user interface allows the researcher to monitor the Intelligent Control System and engine performance under various failure modes selected for demonstration.

Predicting Time Series Outputs and Time-to-Failure for an Aircraft Controller Using Bayesian Modeling

NASA Technical Reports Server (NTRS)

He, Yuning

2015-01-01

Safety of unmanned aerial systems (UAS) is paramount, but the large number of dynamically changing controller parameters makes it hard to determine if the system is currently stable, and the time before loss of control if not. We propose a hierarchical statistical model using Treed Gaussian Processes to predict (i) whether a flight will be stable (success) or become unstable (failure), (ii) the time-to-failure if unstable, and (iii) time series outputs for flight variables. We first classify the current flight input into success or failure types, and then use separate models for each class to predict the time-to-failure and time series outputs. As different inputs may cause failures at different times, we have to model variable length output curves. We use a basis representation for curves and learn the mappings from input to basis coefficients. We demonstrate the effectiveness of our prediction methods on a NASA neuro-adaptive flight control system.

46 CFR 161.002-8 - Automatic fire detecting systems, general requirements.

Code of Federal Regulations, 2010 CFR

2010-10-01

... detecting system shall consist of a power supply; a control unit on which are located visible and audible... control unit. Power failure alarm devices may be separately housed from the control unit and may be combined with other power failure alarm systems when specifically approved. (b) [Reserved] [21 FR 9032, Nov...

46 CFR 161.002-8 - Automatic fire detecting systems, general requirements.

Code of Federal Regulations, 2011 CFR

2011-10-01

... detecting system shall consist of a power supply; a control unit on which are located visible and audible... control unit. Power failure alarm devices may be separately housed from the control unit and may be combined with other power failure alarm systems when specifically approved. (b) [Reserved] [21 FR 9032, Nov...

On Restructurable Control System Theory

NASA Technical Reports Server (NTRS)

Athans, M.

1983-01-01

The state of stochastic system and control theory as it impacts restructurable control issues is addressed. The multivariable characteristics of the control problem are addressed. The failure detection/identification problem is discussed as a multi-hypothesis testing problem. Control strategy reconfiguration, static multivariable controls, static failure hypothesis testing, dynamic multivariable controls, fault-tolerant control theory, dynamic hypothesis testing, generalized likelihood ratio (GLR) methods, and adaptive control are discussed.

Fuzzy Adaptive Compensation Control of Uncertain Stochastic Nonlinear Systems With Actuator Failures and Input Hysteresis.

PubMed

Wang, Jianhui; Liu, Zhi; Chen, C L Philip; Zhang, Yun

2017-10-12

Hysteresis exists ubiquitously in physical actuators. Besides, actuator failures/faults may also occur in practice. Both effects would deteriorate the transient tracking performance, and even trigger instability. In this paper, we consider the problem of compensating for actuator failures and input hysteresis by proposing a fuzzy control scheme for stochastic nonlinear systems. Compared with the existing research on stochastic nonlinear uncertain systems, it is found that how to guarantee a prescribed transient tracking performance when taking into account actuator failures and hysteresis simultaneously also remains to be answered. Our proposed control scheme is designed on the basis of the fuzzy logic system and backstepping techniques for this purpose. It is proven that all the signals remain bounded and the tracking error is ensured to be within a preestablished bound with the failures of hysteretic actuator. Finally, simulations are provided to illustrate the effectiveness of the obtained theoretical results.

14 CFR 417.309 - Flight safety system analysis.

Code of Federal Regulations, 2012 CFR

2012-01-01

... system anomaly occurring and all of its effects as determined by the single failure point analysis and... termination system. (c) Single failure point. A command control system must undergo an analysis that... fault tree analysis or a failure modes effects and criticality analysis; (2) Identify all possible...

14 CFR 417.309 - Flight safety system analysis.

Code of Federal Regulations, 2010 CFR

2010-01-01

... system anomaly occurring and all of its effects as determined by the single failure point analysis and... termination system. (c) Single failure point. A command control system must undergo an analysis that... fault tree analysis or a failure modes effects and criticality analysis; (2) Identify all possible...

14 CFR 417.309 - Flight safety system analysis.

Code of Federal Regulations, 2013 CFR

2013-01-01

... system anomaly occurring and all of its effects as determined by the single failure point analysis and... termination system. (c) Single failure point. A command control system must undergo an analysis that... fault tree analysis or a failure modes effects and criticality analysis; (2) Identify all possible...

14 CFR 417.309 - Flight safety system analysis.

Code of Federal Regulations, 2014 CFR

2014-01-01

... system anomaly occurring and all of its effects as determined by the single failure point analysis and... termination system. (c) Single failure point. A command control system must undergo an analysis that... fault tree analysis or a failure modes effects and criticality analysis; (2) Identify all possible...

14 CFR 417.309 - Flight safety system analysis.

Code of Federal Regulations, 2011 CFR

2011-01-01

... system anomaly occurring and all of its effects as determined by the single failure point analysis and... termination system. (c) Single failure point. A command control system must undergo an analysis that... fault tree analysis or a failure modes effects and criticality analysis; (2) Identify all possible...

A dual-mode generalized likelihood ratio approach to self-reorganizing digital flight control system design

NASA Technical Reports Server (NTRS)

Bueno, R.; Chow, E.; Gershwin, S. B.; Willsky, A. S.

1975-01-01

The research is reported on the problems of failure detection and reliable system design for digital aircraft control systems. Failure modes, cross detection probability, wrong time detection, application of performance tools, and the GLR computer package are discussed.

Fluidic emergency roll control system. [for emergency aircraft control following failure of primary roll control system

NASA Technical Reports Server (NTRS)

Haefner, K. B.; Honda, T. S.

1973-01-01

A fluidic emergency roll control system for aircraft stabilization in the event of primary flight control failure was evaluated. The fluidic roll control units were designed to provide roll torque proportional to an electrical command as operated by two diametrically opposed thrust nozzles located in the wing tips. The control package consists of a solid propellant gas generator, two diametrically opposed vortex valve modulated thrust nozzles, and an electromagnetic torque motor. The procedures for the design, development, and performance testing of the system are described.

An adaptive actuator failure compensation scheme for two linked 2WD mobile robots

NASA Astrophysics Data System (ADS)

Ma, Yajie; Al-Dujaili, Ayad; Cocquempot, Vincent; El Badaoui El Najjar, Maan

2017-01-01

This paper develops a new adaptive compensation control scheme for two linked mobile robots with actuator failurs. A configuration with two linked two-wheel drive (2WD) mobile robots is proposed, and the modelling of its kinematics and dynamics are given. An adaptive failure compensation scheme is developed to compensate actuator failures, consisting of a kinematic controller and a multi-design integration based dynamic controller. The kinematic controller is a virtual one, and based on which, multiple adaptive dynamic control signals are designed which covers all possible failure cases. By combing these dynamic control signals, the dynamic controller is designed, which ensures system stability and asymptotic tracking properties. Simulation results verify the effectiveness of the proposed adaptive failure compensation scheme.

14 CFR 21.3 - Reporting of failures, malfunctions, and defects.

Code of Federal Regulations, 2014 CFR

2014-01-01

... crew compartment or passenger cabin. (4) A malfunction, failure, or defect of a propeller control... structural or flight control system malfunction, defect, or failure which causes an interference with normal control of the aircraft for which derogates the flying qualities. (12) A complete loss of more than one...

14 CFR 21.3 - Reporting of failures, malfunctions, and defects.

Code of Federal Regulations, 2013 CFR

2013-01-01

... crew compartment or passenger cabin. (4) A malfunction, failure, or defect of a propeller control... structural or flight control system malfunction, defect, or failure which causes an interference with normal control of the aircraft for which derogates the flying qualities. (12) A complete loss of more than one...

14 CFR 21.3 - Reporting of failures, malfunctions, and defects.

Code of Federal Regulations, 2012 CFR

2012-01-01

... crew compartment or passenger cabin. (4) A malfunction, failure, or defect of a propeller control... structural or flight control system malfunction, defect, or failure which causes an interference with normal control of the aircraft for which derogates the flying qualities. (12) A complete loss of more than one...

Dynamic Considerations for Control of Closed Life Support Systems

NASA Technical Reports Server (NTRS)

Babcock, P. S.; Auslander, D. M.; Spear, R. C.

1985-01-01

Reliability of closed life support systems depend on their ability to continue supplying the crew's needs during perturbations and equipment failures. The dynamic considerations interact with the basic static design through the sizing of storages, the specification of excess capacities in processors, and the choice of system initial state. A very simple system flow model was used to examine the possibilities for system failures even when there is sufficient storage to buffer the immediate effects of the perturbation. Two control schemes are shown which have different dynamic consequences in response to component failures.

An intelligent control system for failure detection and controller reconfiguration

NASA Technical Reports Server (NTRS)

Biswas, Saroj K.

1994-01-01

We present an architecture of an intelligent restructurable control system to automatically detect failure of system components, assess its impact on system performance and safety, and reconfigure the controller for performance recovery. Fault detection is based on neural network associative memories and pattern classifiers, and is implemented using a multilayer feedforward network. Details of the fault detection network along with simulation results on health monitoring of a dc motor have been presented. Conceptual developments for fault assessment using an expert system and controller reconfiguration using a neural network are outlined.

40 CFR 49.4166 - Monitoring requirements.

Code of Federal Regulations, 2013 CFR

2013-07-01

... burning pilot flame, electronically controlled automatic igniters, and monitoring system failures, using a... failure, electronically controlled automatic igniter failure, or improper monitoring equipment operation... and natural gas emissions in the event that natural gas recovered for pipeline injection must be...

40 CFR 49.4166 - Monitoring requirements.

Code of Federal Regulations, 2014 CFR

2014-07-01

... burning pilot flame, electronically controlled automatic igniters, and monitoring system failures, using a... failure, electronically controlled automatic igniter failure, or improper monitoring equipment operation... and natural gas emissions in the event that natural gas recovered for pipeline injection must be...

Real-time diagnostics of the reusable rocket engine using on-line system identification

NASA Technical Reports Server (NTRS)

Guo, T.-H.; Merrill, W.; Duyar, A.

1990-01-01

A model-based failure diagnosis system has been proposed for real-time diagnosis of SSME failures. Actuation, sensor, and system degradation failure modes are all considered by the proposed system. In the case of SSME actuation failures, it was shown that real-time identification can effectively be used for failure diagnosis purposes. It is a direct approach since it reduces the detection, isolation, and the estimation of the extent of the failures to the comparison of parameter values before and after the failure. As with any model-based failure detection system, the proposed approach requires a fault model that embodies the essential characteristics of the failure process. The proposed diagnosis approach has the added advantage that it can be used as part of an intelligent control system for failure accommodation purposes.

Stability and performance of propulsion control systems with distributed control architectures and failures

NASA Astrophysics Data System (ADS)

Belapurkar, Rohit K.

Future aircraft engine control systems will be based on a distributed architecture, in which, the sensors and actuators will be connected to the Full Authority Digital Engine Control (FADEC) through an engine area network. Distributed engine control architecture will allow the implementation of advanced, active control techniques along with achieving weight reduction, improvement in performance and lower life cycle cost. The performance of a distributed engine control system is predominantly dependent on the performance of the communication network. Due to the serial data transmission policy, network-induced time delays and sampling jitter are introduced between the sensor/actuator nodes and the distributed FADEC. Communication network faults and transient node failures may result in data dropouts, which may not only degrade the control system performance but may even destabilize the engine control system. Three different architectures for a turbine engine control system based on a distributed framework are presented. A partially distributed control system for a turbo-shaft engine is designed based on ARINC 825 communication protocol. Stability conditions and control design methodology are developed for the proposed partially distributed turbo-shaft engine control system to guarantee the desired performance under the presence of network-induced time delay and random data loss due to transient sensor/actuator failures. A fault tolerant control design methodology is proposed to benefit from the availability of an additional system bandwidth and from the broadcast feature of the data network. It is shown that a reconfigurable fault tolerant control design can help to reduce the performance degradation in presence of node failures. A T-700 turbo-shaft engine model is used to validate the proposed control methodology based on both single input and multiple-input multiple-output control design techniques.

Inductive Learning Approaches for Improving Pilot Awareness of Aircraft Faults

NASA Technical Reports Server (NTRS)

Spikovska, Lilly; Iverson, David L.; Poll, Scott; Pryor, anna

2005-01-01

Neural network flight controllers are able to accommodate a variety of aircraft control surface faults without detectable degradation of aircraft handling qualities. Under some faults, however, the effective flight envelope is reduced; this can lead to unexpected behavior if a pilot performs an action that exceeds the remaining control authority of the damaged aircraft. The goal of our work is to increase the pilot s situational awareness by informing him of the type of damage and resulting reduction in flight envelope. Our methodology integrates two inductive learning systems with novel visualization techniques. One learning system, the Inductive Monitoring System (IMS), learns to detect when a simulation includes faulty controls, while two others, Inductive Classification System (INCLASS) and multiple binary decision tree system (utilizing C4.5), determine the type of fault. In off-line training using only non-failure data, IMS constructs a characterization of nominal flight control performance based on control signals issued by the neural net flight controller. This characterization can be used to determine the degree of control augmentation required in the pitch, roll, and yaw command channels to counteract control surface failures. This derived information is typically sufficient to distinguish between the various control surface failures and is used to train both INCLASS and C4.5. Using data from failed control surface flight simulations, INCLASS and C4.5 independently discover and amplify features in IMS results that can be used to differentiate each distinct control surface failure situation. In real-time flight simulations, distinguishing features learned during training are used to classify control surface failures. Knowledge about the type of failure can be used by an additional automated system to alter its approach for planning tactical and strategic maneuvers. The knowledge can also be used directly to increase the pilot s situational awareness and inform manual maneuver decisions. Our multi-modal display of this information provides speech output to issue control surface failure warnings to a lesser-used communication channel and provides graphical displays with pilot-selectable !eve!s of details to issues additional information about the failure. We also describe a potential presentation for flight envelope reduction that can be viewed separately or integrated with an existing attitude indicator instrument. Preliminary results suggest that the inductive approach is capable of detecting that a control surface has failed and determining the type of fault. Furthermore, preliminary evaluations suggest that the interface discloses a concise summary of this information to the pilot.

Sensor failure and multivariable control for airbreathing propulsion systems. Ph.D. Thesis - Dec. 1979 Final Report

NASA Technical Reports Server (NTRS)

Behbehani, K.

1980-01-01

A new sensor/actuator failure analysis technique for turbofan jet engines was developed. Three phases of failure analysis, namely detection, isolation, and accommodation are considered. Failure detection and isolation techniques are developed by utilizing the concept of Generalized Likelihood Ratio (GLR) tests. These techniques are applicable to both time varying and time invariant systems. Three GLR detectors are developed for: (1) hard-over sensor failure; (2) hard-over actuator failure; and (3) brief disturbances in the actuators. The probability distribution of the GLR detectors and the detectability of sensor/actuator failures are established. Failure type is determined by the maximum of the GLR detectors. Failure accommodation is accomplished by extending the Multivariable Nyquest Array (MNA) control design techniques to nonsquare system designs. The performance and effectiveness of the failure analysis technique are studied by applying the technique to a turbofan jet engine, namely the Quiet Clean Short Haul Experimental Engine (QCSEE). Single and multiple sensor/actuator failures in the QCSEE are simulated and analyzed and the effects of model degradation are studied.

Reliability analysis of airship remote sensing system

NASA Astrophysics Data System (ADS)

Qin, Jun

1998-08-01

Airship Remote Sensing System (ARSS) for obtain the dynamic or real time images in the remote sensing of the catastrophe and the environment, is a mixed complex system. Its sensor platform is a remote control airship. The achievement of a remote sensing mission depends on a series of factors. For this reason, it is very important for us to analyze reliability of ARSS. In first place, the system model was simplified form multi-stage system to two-state system on the basis of the result of the failure mode and effect analysis and the failure tree failure mode effect and criticality analysis. The failure tree was created after analyzing all factors and their interrelations. This failure tree includes four branches, e.g. engine subsystem, remote control subsystem, airship construction subsystem, flying metrology and climate subsystem. By way of failure tree analysis and basic-events classing, the weak links were discovered. The result of test running shown no difference in comparison with theory analysis. In accordance with the above conclusions, a plan of the reliability growth and reliability maintenance were posed. System's reliability are raised from 89 percent to 92 percent with the reformation of the man-machine interactive interface, the augmentation of the secondary better-groupie and the secondary remote control equipment.

Integrated Neural Flight and Propulsion Control System

NASA Technical Reports Server (NTRS)

Kaneshige, John; Gundy-Burlet, Karen; Norvig, Peter (Technical Monitor)

2001-01-01

This paper describes an integrated neural flight and propulsion control system. which uses a neural network based approach for applying alternate sources of control power in the presence of damage or failures. Under normal operating conditions, the system utilizes conventional flight control surfaces. Neural networks are used to provide consistent handling qualities across flight conditions and for different aircraft configurations. Under damage or failure conditions, the system may utilize unconventional flight control surface allocations, along with integrated propulsion control, when additional control power is necessary for achieving desired flight control performance. In this case, neural networks are used to adapt to changes in aircraft dynamics and control allocation schemes. Of significant importance here is the fact that this system can operate without emergency or backup flight control mode operations. An additional advantage is that this system can utilize, but does not require, fault detection and isolation information or explicit parameter identification. Piloted simulation studies were performed on a commercial transport aircraft simulator. Subjects included both NASA test pilots and commercial airline crews. Results demonstrate the potential for improving handing qualities and significantly increasing survivability rates under various simulated failure conditions.

Piloted simulation study of the effects of an automated trim system on flight characteristics of a light twin-engine airplane with one engine inoperative

NASA Technical Reports Server (NTRS)

Stewart, E. C.; Brown, P. W.; Yenni, K. R.

1986-01-01

A simulation study was conducted to investigate the piloting problems associated with failure of an engine on a generic light twin-engine airplane. A primary piloting problem for a light twin-engine airplane after an engine failure is maintaining precise control of the airplane in the presence of large steady control forces. To address this problem, a simulated automatic trim system which drives the trim tabs as an open-loop function of propeller slipstream measurements was developed. The simulated automatic trim system was found to greatly increase the controllability in asymmetric powered flight without having to resort to complex control laws or an irreversible control system. However, the trim-tab control rates needed to produce the dramatic increase in controllability may require special design consideration for automatic trim system failures. Limited measurements obtained in full-scale flight tests confirmed the fundamental validity of the proposed control law.

A dual-mode generalized likelihood ratio approach to self-reorganizing digital flight control system design

NASA Technical Reports Server (NTRS)

1976-01-01

Analytic techniques have been developed for detecting and identifying abrupt changes in dynamic systems. The GLR technique monitors the output of the Kalman filter and searches for the time that the failure occured, thus allowing it to be sensitive to new data and consequently increasing the chances for fast system recovery following detection of a failure. All failure detections are based on functional redundancy. Performance tests of the F-8 aircraft flight control system and computerized modelling of the technique are presented.

Evaluation of Fuzzy Rulemaking for Expert Systems for Failure Detection

NASA Technical Reports Server (NTRS)

Laritz, F.; Sheridan, T. B.

1984-01-01

Computer aids in expert systems were proposed to diagnose failures in complex systems. It is shown that the fuzzy set theory of Zadeh offers a new perspective for modeling for humans thinking and language use. It is assumed that real expert human operators of aircraft, power plants and other systems do not think of their control tasks or failure diagnosis tasks in terms of control laws in differential equation form, but rather keep in mind a set of rules of thumb in fuzzy form. Fuzzy set experiments are described.

In-Flight Validation of a Pilot Rating Scale for Evaluating Failure Transients in Electronic Flight Control Systems

NASA Technical Reports Server (NTRS)

Kalinowski, Kevin F.; Tucker, George E.; Moralez, Ernesto, III

2006-01-01

Engineering development and qualification of a Research Flight Control System (RFCS) for the Rotorcraft Aircrew Systems Concepts Airborne Laboratory (RASCAL) JUH-60A has motivated the development of a pilot rating scale for evaluating failure transients in fly-by-wire flight control systems. The RASCAL RFCS includes a highly-reliable, dual-channel Servo Control Unit (SCU) to command and monitor the performance of the fly-by-wire actuators and protect against the effects of erroneous commands from the flexible, but single-thread Flight Control Computer. During the design phase of the RFCS, two piloted simulations were conducted on the Ames Research Center Vertical Motion Simulator (VMS) to help define the required performance characteristics of the safety monitoring algorithms in the SCU. Simulated failures, including hard-over and slow-over commands, were injected into the command path, and the aircraft response and safety monitor performance were evaluated. A subjective Failure/Recovery Rating (F/RR) scale was developed as a means of quantifying the effects of the injected failures on the aircraft state and the degree of pilot effort required to safely recover the aircraft. A brief evaluation of the rating scale was also conducted on the Army/NASA CH-47B variable stability helicopter to confirm that the rating scale was likely to be equally applicable to in-flight evaluations. Following the initial research flight qualification of the RFCS in 2002, a flight test effort was begun to validate the performance of the safety monitors and to validate their design for the safe conduct of research flight testing. Simulated failures were injected into the SCU, and the F/RR scale was applied to assess the results. The results validate the performance of the monitors, and indicate that the Failure/Recovery Rating scale is a very useful tool for evaluating failure transients in fly-by-wire flight control systems.

Failure Mode, Effects, and Criticality Analysis (FMECA)

DTIC Science & Technology

1993-04-01

Preliminary Failure Modes, Effects and Criticality Analysis (FMECA) of the Brayton Isotope Power System Ground Demonstration System, Report No. TID 27301...No. TID/SNA - 3015, Aeroject Nuclear Systems Co., Sacramento, California: 1970. 95. Taylor , J.R. A Formalization of Failure Mode Analysis of Control...Roskilde, Denmark: 1973. 96. Taylor , J.R. A Semi-Automatic Method for Oualitative Failure Mode Analysis. Report No. RISO-M-1707. Available from a

Orbiter subsystem hardware/software interaction analysis. Volume 8: Forward reaction control system

NASA Technical Reports Server (NTRS)

Becker, D. D.

1980-01-01

The results of the orbiter hardware/software interaction analysis for the AFT reaction control system are presented. The interaction between hardware failure modes and software are examined in order to identify associated issues and risks. All orbiter subsystems and interfacing program elements which interact with the orbiter computer flight software are analyzed. The failure modes identified in the subsystem/element failure mode and effects analysis are discussed.

IRAC Full-Scale Flight Testbed Capabilities

NASA Technical Reports Server (NTRS)

Lee, James A.; Pahle, Joseph; Cogan, Bruce R.; Hanson, Curtis E.; Bosworth, John T.

2009-01-01

Overview: Provide validation of adaptive control law concepts through full scale flight evaluation in a representative avionics architecture. Develop an understanding of aircraft dynamics of current vehicles in damaged and upset conditions Real-world conditions include: a) Turbulence, sensor noise, feedback biases; and b) Coupling between pilot and adaptive system. Simulated damage includes 1) "B" matrix (surface) failures; and 2) "A" matrix failures. Evaluate robustness of control systems to anticipated and unanticipated failures.

Reconfigurable Control Design for the Full X-33 Flight Envelope

NASA Technical Reports Server (NTRS)

Cotting, M. Christopher; Burken, John J.

2001-01-01

A reconfigurable control law for the full X-33 flight envelope has been designed to accommodate a failed control surface and redistribute the control effort among the remaining working surfaces to retain satisfactory stability and performance. An offline nonlinear constrained optimization approach has been used for the X-33 reconfigurable control design method. Using a nonlinear, six-degree-of-freedom simulation, three example failures are evaluated: ascent with a left body flap jammed at maximum deflection; entry with a right inboard elevon jammed at maximum deflection; and landing with a left rudder jammed at maximum deflection. Failure detection and identification are accomplished in the actuator controller. Failure response comparisons between the nominal control mixer and the reconfigurable control subsystem (mixer) show the benefits of reconfiguration. Single aerosurface jamming failures are considered. The cases evaluated are representative of the study conducted to prove the adequate and safe performance of the reconfigurable control mixer throughout the full flight envelope. The X-33 flight control system incorporates reconfigurable flight control in the existing baseline system.

Design and performance of a no-single-failure control system for the mini-Brayton power conversion system. [for spacecraft power supplies

NASA Technical Reports Server (NTRS)

Brichenough, A. G.

1975-01-01

The control system consists of the ac-dc conversion, voltage regulation, speed regulation through parasitic load control, and overload control. A no-single-failure configuration was developed to attain the required reliability for a 10-year design life of unattended operation. The design principles, complete schematics, and performance are reported. Testing was performed on an alternator simulator pending construction of the actual Mini-Brayton alternator.

Space Shuttle Main Propulsion System Gaseous Hydrogen Flow Control Valve Poppet Failure

NASA Technical Reports Server (NTRS)

Zeitler, Rick

2010-01-01

The presentation provides background information pertinent to the MPS GH2 Flow Control Valve Poppet failure which occurred on the Space Shuttle Endeavour during STS-126 flight. The presentation provides general MPS system operating information which is pertinent to understanding the failure causes and affects. The presentation provides additional background information on the operating environment in which the FCV functions and basic design history of the flow control valve. The presentation provides an overview of the possible flight failure modes and a brief summary of the flight rationale which was developed for this failure event. This presentation is an introductory presentation to 3 other speakers at the conference who will be speaking on M&P aspects of the investigation, non destructive inspection techniques development, and particle impact testing.

Independent Orbiter Assessment (IOA): Analysis of the electrical power distribution and control subsystem, volume 1

NASA Technical Reports Server (NTRS)

Schmeckpeper, K. R.

1987-01-01

The results of the Independent Orbiter Assessment (IOA) of the Failure Modes and Effects Analysis (FMEA) and Critical Items List (CIL) are presented. The IOA approach features a top-down analysis of the hardware to determine failure modes, criticality, and potential critical items. To preserve independence, this analysis was accomplished without reliance upon the results contained within the NASA FMEA/CIL documentation. This report documents the independent analysis results corresponding to the Orbiter Electrical Power Distribution and Control (EPD and C) hardware. The EPD and C hardware performs the functions of distributing, sensing, and controlling 28 volt DC power and of inverting, distributing, sensing, and controlling 117 volt 400 Hz AC power to all Orbiter subsystems from the three fuel cells in the Electrical Power Generation (EPG) subsystem. Each level of hardware was evaluated and analyzed for possible failure modes and effects. Criticality was assigned based upon the severity of the effect for each failure mode. Of the 1671 failure modes analyzed, 9 single failures were determined to result in loss of crew or vehicle. Three single failures unique to intact abort were determined to result in possible loss of the crew or vehicle. A possible loss of mission could result if any of 136 single failures occurred. Six of the criticality 1/1 failures are in two rotary and two pushbutton switches that control External Tank and Solid Rocket Booster separation. The other 6 criticality 1/1 failures are fuses, one each per Aft Power Control Assembly (APCA) 4, 5, and 6 and one each per Forward Power Control Assembly (FPCA) 1, 2, and 3, that supply power to certain Main Propulsion System (MPS) valves and Forward Reaction Control System (RCS) circuits.

Critical fault patterns determination in fault-tolerant computer systems

NASA Technical Reports Server (NTRS)

Mccluskey, E. J.; Losq, J.

1978-01-01

The method proposed tries to enumerate all the critical fault-patterns (successive occurrences of failures) without analyzing every single possible fault. The conditions for the system to be operating in a given mode can be expressed in terms of the static states. Thus, one can find all the system states that correspond to a given critical mode of operation. The next step consists in analyzing the fault-detection mechanisms, the diagnosis algorithm and the process of switch control. From them, one can find all the possible system configurations that can result from a failure occurrence. Thus, one can list all the characteristics, with respect to detection, diagnosis, and switch control, that failures must have to constitute critical fault-patterns. Such an enumeration of the critical fault-patterns can be directly used to evaluate the overall system tolerance to failures. Present research is focused on how to efficiently make use of these system-level characteristics to enumerate all the failures that verify these characteristics.

Indirect adaptive fuzzy fault-tolerant tracking control for MIMO nonlinear systems with actuator and sensor failures.

PubMed

Bounemeur, Abdelhamid; Chemachema, Mohamed; Essounbouli, Najib

2018-05-10

In this paper, an active fuzzy fault tolerant tracking control (AFFTTC) scheme is developed for a class of multi-input multi-output (MIMO) unknown nonlinear systems in the presence of unknown actuator faults, sensor failures and external disturbance. The developed control scheme deals with four kinds of faults for both sensors and actuators. The bias, drift, and loss of accuracy additive faults are considered along with the loss of effectiveness multiplicative fault. A fuzzy adaptive controller based on back-stepping design is developed to deal with actuator failures and unknown system dynamics. However, an additional robust control term is added to deal with sensor faults, approximation errors, and external disturbances. Lyapunov theory is used to prove the stability of the closed loop system. Numerical simulations on a quadrotor are presented to show the effectiveness of the proposed approach. Copyright © 2018 ISA. Published by Elsevier Ltd. All rights reserved.

Adaptive backstepping fault-tolerant control for flexible spacecraft with unknown bounded disturbances and actuator failures.

PubMed

Jiang, Ye; Hu, Qinglei; Ma, Guangfu

2010-01-01

In this paper, a robust adaptive fault-tolerant control approach to attitude tracking of flexible spacecraft is proposed for use in situations when there are reaction wheel/actuator failures, persistent bounded disturbances and unknown inertia parameter uncertainties. The controller is designed based on an adaptive backstepping sliding mode control scheme, and a sufficient condition under which this control law can render the system semi-globally input-to-state stable is also provided such that the closed-loop system is robust with respect to any disturbance within a quantifiable restriction on the amplitude, as well as the set of initial conditions, if the control gains are designed appropriately. Moreover, in the design, the control law does not need a fault detection and isolation mechanism even if the failure time instants, patterns and values on actuator failures are also unknown for the designers, as motivated from a practical spacecraft control application. In addition to detailed derivations of the new controller design and a rigorous sketch of all the associated stability and attitude error convergence proofs, illustrative simulation results of an application to flexible spacecraft show that high precise attitude control and vibration suppression are successfully achieved using various scenarios of controlling effective failures. 2009. Published by Elsevier Ltd.

Advances in Thrust-Based Emergency Control of an Airplane

NASA Technical Reports Server (NTRS)

Creech, Gray; Burken, John J.; Burcham, Bill

2003-01-01

Engineers at NASA's Dryden Flight Research Center have received a patent on an emergency flight-control method implemented by a propulsion-controlled aircraft (PCA) system. Utilizing the preexisting auto-throttle and engine-pressure-ratio trim controls of the airplane, the PCA system provides pitch and roll control for landing an airplane safely without using aerodynamic control surfaces that have ceased to function because of a primary-flight-control-system failure. The installation of the PCA does not entail any changes in pre-existing engine hardware or software. [Aspects of the method and system at previous stages of development were reported in Thrust-Control System for Emergency Control of an Airplane (DRC-96-07), NASA Tech Briefs, Vol. 25, No. 3 (March 2001), page 68 and Emergency Landing Using Thrust Control and Shift of Weight (DRC-96-55), NASA Tech Briefs, Vol. 26, No. 5 (May 2002), page 58.]. Aircraft flight-control systems are designed with extensive redundancy to ensure low probabilities of failure. During recent years, however, several airplanes have exhibited major flight-control-system failures, leaving engine thrust as the last mode of flight control. In some of these emergency situations, engine thrusts were successfully modulated by the pilots to maintain flight paths or pitch angles, but in other situations, lateral control was also needed. In the majority of such control-system failures, crashes resulted and over 1,200 people died. The challenge lay in creating a means of sufficient degree of thrust-modulation control to safely fly and land a stricken airplane. A thrust-modulation control system designed for this purpose was flight-tested in a PCA an MD-11 airplane. The results of the flight test showed that without any operational control surfaces, a pilot can land a crippled airplane (U.S. Patent 5,330,131). The installation of the original PCA system entailed modifications not only of the flight-control computer (FCC) of the airplane but also of each engine-control computer. Inasmuch as engine-manufacturer warranties do not apply to modified engines, the challenge became one of creating a PCA system that does not entail modifications of the engine computers.

Integrated failure detection and management for the Space Station Freedom external active thermal control system

NASA Technical Reports Server (NTRS)

Mesloh, Nick; Hill, Tim; Kosyk, Kathy

1993-01-01

This paper presents the integrated approach toward failure detection, isolation, and recovery/reconfiguration to be used for the Space Station Freedom External Active Thermal Control System (EATCS). The on-board and on-ground diagnostic capabilities of the EATCS are discussed. Time and safety critical features, as well as noncritical failures, and the detection coverage for each provided by existing capabilities are reviewed. The allocation of responsibility between on-board software and ground-based systems, to be shown during ground testing at the Johnson Space Center, is described. Failure isolation capabilities allocated to the ground include some functionality originally found on orbit but moved to the ground to reduce on-board resource requirements. Complex failures requiring the analysis of multiple external variables, such as environmental conditions, heat loads, or station attitude, are also allocated to ground personnel.

A unified method for evaluating real-time computer controllers: A case study. [aircraft control

NASA Technical Reports Server (NTRS)

Shin, K. G.; Krishna, C. M.; Lee, Y. H.

1982-01-01

A real time control system consists of a synergistic pair, that is, a controlled process and a controller computer. Performance measures for real time controller computers are defined on the basis of the nature of this synergistic pair. A case study of a typical critical controlled process is presented in the context of new performance measures that express the performance of both controlled processes and real time controllers (taken as a unit) on the basis of a single variable: controller response time. Controller response time is a function of current system state, system failure rate, electrical and/or magnetic interference, etc., and is therefore a random variable. Control overhead is expressed as a monotonically nondecreasing function of the response time and the system suffers catastrophic failure, or dynamic failure, if the response time for a control task exceeds the corresponding system hard deadline, if any. A rigorous probabilistic approach is used to estimate the performance measures. The controlled process chosen for study is an aircraft in the final stages of descent, just prior to landing. First, the performance measures for the controller are presented. Secondly, control algorithms for solving the landing problem are discussed and finally the impact of the performance measures on the problem is analyzed.

Apparatus for sensor failure detection and correction in a gas turbine engine control system

NASA Technical Reports Server (NTRS)

Spang, H. A., III; Wanger, R. P. (Inventor)

1981-01-01

A gas turbine engine control system maintains a selected level of engine performance despite the failure or abnormal operation of one or more engine parameter sensors. The control system employs a continuously updated engine model which simulates engine performance and generates signals representing real time estimates of the engine parameter sensor signals. The estimate signals are transmitted to a control computational unit which utilizes them in lieu of the actual engine parameter sensor signals to control the operation of the engine. The estimate signals are also compared with the corresponding actual engine parameter sensor signals and the resulting difference signals are utilized to update the engine model. If a particular difference signal exceeds specific tolerance limits, the difference signal is inhibited from updating the model and a sensor failure indication is provided to the engine operator.

Therapeutic Opportunities for Self-Control Repair in Addiction and Related Disorders: Change and the Limits of Change in Trans-Disease Processes

PubMed Central

Bickel, Warren K.; Quisenberry, Amanda J.; Moody, Lara; Wilson, A. George

2014-01-01

Contemporary neuro-economic approaches hypothesize that self-control failure results from drugs annexing normal learning mechanisms that produce pathological reward processing and distort decision-making as a result from the dysregulation of two valuation systems. An emphasis on processes shared across different diseases and disorders is at odds with the contemporary approach that assumes unique disease etiologies and treatments. Studying trans-disease processes can identify mechanisms that operate in multiple disease states and ascertain if factors that influence processes in one disease state may be applicable to all disease states. In this paper we review the dual model of self-control failure, the Competing Neurobehavioral Decision Systems approach, the relationship of delay discounting to the relative control of these two systems, and evidence that the executive system can be strengthened. Future research that could result in more potent interventions for executive system improvement and potential constraints on the repair of self-control failure are discussed. PMID:25664226

Abnormalities of the QT interval in primary disorders of autonomic failure.

PubMed

Choy, A M; Lang, C C; Roden, D M; Robertson, D; Wood, A J; Robertson, R M; Biaggioni, I

1998-10-01

Experimental evidence shows that activation of the autonomic nervous system influences ventricular repolarization and, therefore, the QT interval on the ECG. To test the hypothesis that the QT interval is abnormal in autonomic dysfunction, we examined ECGs in patients with severe primary autonomic failure and in patients with congenital dopamine beta-hydroxylase (DbetaH) deficiency who are unable to synthesize norepinephrine and epinephrine. Maximal QT and rate-corrected QT (QTc) intervals and adjusted QTc dispersion [(maximal QTc - minimum QTc on 12 lead ECG)/square root of the number of leads measured] were determined in blinded fashion from ECGs of 67 patients with primary autonomic failure (36 patients with multiple system atrophy [MSA], and 31 patients with pure autonomic failure [PAF]) and 17 age- and sex-matched healthy controls. ECGs of 5 patients with congenital DbetaH deficiency and 6 age- and sex-matched controls were also analyzed. Patients with MSA and PAF had significantly prolonged maximum QTc intervals (492+/-58 ms(1/2) and 502+/-61 ms(1/2) [mean +/- SD]), respectively, compared with controls (450+/-18 ms(1/2), P < .05 and P < .01, respectively). A similar but not significant trend was observed for QT. QTc dispersion was also increased in MSA (40+/-20 ms(1/2), P < .05 vs controls) and PAF patients (32+/-19 ms(1/2), NS) compared with controls (21+/-5 ms(1/2)). In contrast, patients with congenital DbetaH deficiency did not have significantly different RR, QT, QTc intervals, or QTc dispersion when compared with controls. Patients with primary autonomic failure who have combined parasympathetic and sympathetic failure have abnormally prolonged QT interval and increased QT dispersion. However, QT interval in patients with congenital DbetaH deficiency was not significantly different from controls. It is possible, therefore, that QT abnormalities in patients with primary autonomic failure are not solely caused by lesions of the sympathetic nervous system, and that the parasympathetic nervous system is likely to have a modulatory role in ventricular repolarization.

46 CFR 62.35-50 - Tabulated monitoring and safety control requirements for specific systems.

Code of Federal Regulations, 2012 CFR

2012-10-01

... lubrication Pressure Low Main propulsion, controllable pitch propeller Hydraulic oil Pressure High, Low... ......ditto (3) Trial for ignition Status Failure ......ditto Control power Available (pressure) Failure (low... Activated Starting power Pressure (voltage) Low Limit (2) Location in control Status Override (6) Shaft...

46 CFR 62.35-50 - Tabulated monitoring and safety control requirements for specific systems.

Code of Federal Regulations, 2013 CFR

2013-10-01

... lubrication Pressure Low Main propulsion, controllable pitch propeller Hydraulic oil Pressure High, Low... ......ditto (3) Trial for ignition Status Failure ......ditto Control power Available (pressure) Failure (low... Activated Starting power Pressure (voltage) Low Limit (2) Location in control Status Override (6) Shaft...

46 CFR 62.35-50 - Tabulated monitoring and safety control requirements for specific systems.

Code of Federal Regulations, 2014 CFR

2014-10-01

... lubrication Pressure Low Main propulsion, controllable pitch propeller Hydraulic oil Pressure High, Low... ......ditto (3) Trial for ignition Status Failure ......ditto Control power Available (pressure) Failure (low... Activated Starting power Pressure (voltage) Low Limit (2) Location in control Status Override (6) Shaft...

Advanced detection, isolation and accommodation of sensor failures: Real-time evaluation

NASA Technical Reports Server (NTRS)

Merrill, Walter C.; Delaat, John C.; Bruton, William M.

1987-01-01

The objective of the Advanced Detection, Isolation, and Accommodation (ADIA) Program is to improve the overall demonstrated reliability of digital electronic control systems for turbine engines by using analytical redundacy to detect sensor failures. The results of a real time hybrid computer evaluation of the ADIA algorithm are presented. Minimum detectable levels of sensor failures for an F100 engine control system are determined. Also included are details about the microprocessor implementation of the algorithm as well as a description of the algorithm itself.

Adaptive Failure Compensation for Aircraft Flight Control Using Engine Differentials: Regulation

NASA Technical Reports Server (NTRS)

Yu, Liu; Xidong, Tang; Gang, Tao; Joshi, Suresh M.

2005-01-01

The problem of using engine thrust differentials to compensate for rudder and aileron failures in aircraft flight control is addressed in this paper in a new framework. A nonlinear aircraft model that incorporates engine di erentials in the dynamic equations is employed and linearized to describe the aircraft s longitudinal and lateral motion. In this model two engine thrusts of an aircraft can be adjusted independently so as to provide the control flexibility for rudder or aileron failure compensation. A direct adaptive compensation scheme for asymptotic regulation is developed to handle uncertain actuator failures in the linearized system. A design condition is specified to characterize the system redundancy needed for failure compensation. The adaptive regulation control scheme is applied to the linearized model of a large transport aircraft in which the longitudinal and lateral motions are coupled as the result of using engine thrust differentials. Simulation results are presented to demonstrate the effectiveness of the adaptive compensation scheme.

Reliability of Fault Tolerant Control Systems. Part 2

NASA Technical Reports Server (NTRS)

Wu, N. Eva

2000-01-01

This paper reports Part II of a two part effort that is intended to delineate the relationship between reliability and fault tolerant control in a quantitative manner. Reliability properties peculiar to fault-tolerant control systems are emphasized, such as the presence of analytic redundancy in high proportion, the dependence of failures on control performance, and high risks associated with decisions in redundancy management due to multiple sources of uncertainties and sometimes large processing requirements. As a consequence, coverage of failures through redundancy management can be severely limited. The paper proposes to formulate the fault tolerant control problem as an optimization problem that maximizes coverage of failures through redundancy management. Coverage modeling is attempted in a way that captures its dependence on the control performance and on the diagnostic resolution. Under the proposed redundancy management policy, it is shown that an enhanced overall system reliability can be achieved with a control law of a superior robustness, with an estimator of a higher resolution, and with a control performance requirement of a lesser stringency.

Hypertension as a risk factor for heart failure.

PubMed

Kannan, Arun; Janardhanan, Rajesh

2014-07-01

Hypertension remains a significant risk factor for development of congestive heart failure CHF), with various mechanisms contributing to both systolic and diastolic dysfunction. The pathogenesis of myocardial changes includes structural remodeling, left ventricular hypertrophy, and fibrosis. Activation of the sympathetic nervous system and renin-angiotensin system is a key contributing factor of hypertension, and thus interventions that antagonize these systems promote regression of hypertrophy and heart failure. Control of blood pressure is of paramount importance in improving the prognosis of patients with heart failure.

Design of LPV fault-tolerant controller for pitch system of wind turbine

NASA Astrophysics Data System (ADS)

Wu, Dinghui; Zhang, Xiaolin

2017-07-01

To address failures of wind turbine pitch-angle sensors, traditional wind turbine linear parameter varying (LPV) model is transformed into a double-layer convex polyhedron LPV model. On the basis of this model, when the plurality of the sensor undergoes failure and details of the failure are inconvenient to obtain, each sub-controller is designed using distributed thought and gain scheduling method. The final controller is obtained using all of the sub-controllers by a convex combination. The design method corrects the errors of the linear model, improves the linear degree of the system, and solves the problem of multiple pitch angle faults to ensure stable operation of the wind turbine.

Vapor Compression Distillation Subsystem (VCDS) Component Enhancement, Testing and Expert Fault Diagnostics Development, Volume 2

NASA Technical Reports Server (NTRS)

Mallinak, E. S.

1987-01-01

A wide variety of Space Station functions will be managed via computerized controls. Many of these functions are at the same time very complex and very critical to the operation of the Space Station. The Environmental Control and Life Support System is one group of very complex and critical subsystems which directly affects the ability of the crew to perform their mission. Failure of the Environmental Control and Life Support Subsystems are to be avoided and, in the event of failure, repair must be effected as rapidly as possible. Due to the complex and diverse nature of the subsystems, it is not possible to train the Space Station crew to be experts in the operation of all of the subsystems. By applying the concepts of computer-based expert systems, it may be possible to provide the necessary expertise for these subsystems in dedicated controllers. In this way, an expert system could avoid failures and extend the operating time of the subsystems even in the event of failure of some components, and could reduce the time to repair by being able to pinpoint the cause of a failure when one cannot be avoided.

An Evolutionary Algorithm for Feature Subset Selection in Hard Disk Drive Failure Prediction

ERIC Educational Resources Information Center

Bhasin, Harpreet

2011-01-01

Hard disk drives are used in everyday life to store critical data. Although they are reliable, failure of a hard disk drive can be catastrophic, especially in applications like medicine, banking, air traffic control systems, missile guidance systems, computer numerical controlled machines, and more. The use of Self-Monitoring, Analysis and…

Effect of system workload on operating system reliability - A study on IBM 3081

NASA Technical Reports Server (NTRS)

Iyer, R. K.; Rossetti, D. J.

1985-01-01

This paper presents an analysis of operating system failures on an IBM 3081 running VM/SP. Three broad categories of software failures are found: error handling, program control or logic, and hardware related; it is found that more than 25 percent of software failures occur in the hardware/software interface. Measurements show that results on software reliability cannot be considered representative unless the system workload is taken into account. The overall CPU execution rate, although measured to be close to 100 percent most of the time, is not found to correlate strongly with the occurrence of failures. Possible reasons for the observed workload failure dependency, based on detailed investigations of the failure data, are discussed.

Real-time failure control (SAFD)

NASA Technical Reports Server (NTRS)

Panossian, Hagop V.; Kemp, Victoria R.; Eckerling, Sherry J.

1990-01-01

The Real Time Failure Control program involves development of a failure detection algorithm, referred as System for Failure and Anomaly Detection (SAFD), for the Space Shuttle Main Engine (SSME). This failure detection approach is signal-based and it entails monitoring SSME measurement signals based on predetermined and computed mean values and standard deviations. Twenty four engine measurements are included in the algorithm and provisions are made to add more parameters if needed. Six major sections of research are presented: (1) SAFD algorithm development; (2) SAFD simulations; (3) Digital Transient Model failure simulation; (4) closed-loop simulation; (5) SAFD current limitations; and (6) enhancements planned for.

Fault Management Metrics

NASA Technical Reports Server (NTRS)

Johnson, Stephen B.; Ghoshal, Sudipto; Haste, Deepak; Moore, Craig

2017-01-01

This paper describes the theory and considerations in the application of metrics to measure the effectiveness of fault management. Fault management refers here to the operational aspect of system health management, and as such is considered as a meta-control loop that operates to preserve or maximize the system's ability to achieve its goals in the face of current or prospective failure. As a suite of control loops, the metrics to estimate and measure the effectiveness of fault management are similar to those of classical control loops in being divided into two major classes: state estimation, and state control. State estimation metrics can be classified into lower-level subdivisions for detection coverage, detection effectiveness, fault isolation and fault identification (diagnostics), and failure prognosis. State control metrics can be classified into response determination effectiveness and response effectiveness. These metrics are applied to each and every fault management control loop in the system, for each failure to which they apply, and probabilistically summed to determine the effectiveness of these fault management control loops to preserve the relevant system goals that they are intended to protect.

Detection of system failures in multi-axes tasks. [pilot monitored instrument approach

NASA Technical Reports Server (NTRS)

Ephrath, A. R.

1975-01-01

The effects of the pilot's participation mode in the control task on his workload level and failure detection performance were examined considering a low visibility landing approach. It is found that the participation mode had a strong effect on the pilot's workload, the induced workload being lowest when the pilot acted as a monitoring element during a coupled approach and highest when the pilot was an active element in the control loop. The effects of workload and participation mode on failure detection were separated. The participation mode was shown to have a dominant effect on the failure detection performance, with a failure in a monitored (coupled) axis being detected significantly faster than a comparable failure in a manually controlled axis.

Mitigation of commutation failures in LCC-HVDC systems based on superconducting fault current limiters

NASA Astrophysics Data System (ADS)

Lee, Jong-Geon; Khan, Umer Amir; Lee, Ho-Yun; Lim, Sung-Woo; Lee, Bang-Wook

2016-11-01

Commutation failure in line commutated converter based HVDC systems cause severe damages on the entire power grid system. For LCC-HVDC, thyristor valves are turned on by a firing signal but turn off control is governed by the external applied AC voltage from surrounding network. When the fault occurs in AC system, turn-off control of thyristor valves is unavailable due to the voltage collapse of point of common coupling (PCC), which causes the commutation failure in LCC-HVDC link. Due to the commutation failure, the power transfer interruption, dc voltage drop and severe voltage fluctuation in the AC system could be occurred. In a severe situation, it might cause the protection system to block the valves. In this paper, as a solution to prevent the voltage collapse on PCC and to limit the fault current, the application study of resistive superconducting fault current limiter (SFCL) on LCC-HVDC grid system was performed with mathematical and simulation analyses. The simulation model was designed by Matlab/Simulink considering Haenam-Jeju HVDC power grid in Korea which includes conventional AC system and onshore wind farm and resistive SFCL model. From the result, it was observed that the application of SFCL on LCC-HVDC system is an effective solution to mitigate the commutation failure. And then the process to determine optimum quench resistance of SFCL which enables the recovery of commutation failure was deeply investigated.

Risk assessment for Industrial Control Systems quantifying availability using mean failure cost (MFC)

DOE PAGES

Chen, Qian; Abercrombie, Robert K; Sheldon, Frederick T.

2015-09-23

Industrial Control Systems (ICS) are commonly used in industries such as oil and natural gas, transportation, electric, water and wastewater, chemical, pharmaceutical, pulp and paper, food and beverage, as well as discrete manufacturing (e.g., automotive, aerospace, and durable goods.) SCADA systems are generally used to control dispersed assets using centralized data acquisition and supervisory control.Originally, ICS implementations were susceptible primarily to local threats because most of their components were located in physically secure areas (i.e., ICS components were not connected to IT networks or systems). The trend toward integrating ICS systems with IT networks (e.g., efficiency and the Internet ofmore » Things) provides significantly less isolation for ICS from the outside world thus creating greater risk due to external threats. Albeit, the availability of ICS/SCADA systems is critical to assuring safety, security and profitability. Such systems form the backbone of our national cyber-physical infrastructure.Herein, we extend the concept of mean failure cost (MFC) to address quantifying availability to harmonize well with ICS security risk assessment. This new measure is based on the classic formulation of Availability combined with Mean Failure Cost (MFC). Finally, the metric offers a computational basis to estimate the availability of a system in terms of the loss that each stakeholder stands to sustain as a result of security violations or breakdowns (e.g., deliberate malicious failures).« less

Environmental control system transducer development study

NASA Technical Reports Server (NTRS)

Brudnicki, M. J.

1973-01-01

A failure evaluation of the transducers used in the environmental control systems of the Apollo command service module, lunar module, and portable life support system is presented in matrix form for several generic categories of transducers to enable identification of chronic failure modes. Transducer vendors were contacted and asked to supply detailed information. The evaluation data generated for each category of transducer were compiled and published in failure design evaluation reports. The evaluation reports also present a review of the failure and design data for the transducers and suggest both design criteria to improve reliability of the transducers and, where necessary, design concepts for required redesign of the transducers. Remedial designs were implemented on a family of pressure transducers and on the oxygen flow transducer. The design concepts were subjected to analysis, breadboard fabrication, and verification testing.

Flight Test Results from the NF-15B Intelligent Flight Control System (IFCS) Project with Adaptation to a Simulated Stabilator Failure

NASA Technical Reports Server (NTRS)

Bosworth, John T.; Williams-Hayes, Peggy S.

2007-01-01

Adaptive flight control systems have the potential to be more resilient to extreme changes in airplane behavior. Extreme changes could be a result of a system failure or of damage to the airplane. A direct adaptive neural-network-based flight control system was developed for the National Aeronautics and Space Administration NF-15B Intelligent Flight Control System airplane and subjected to an inflight simulation of a failed (frozen) (unmovable) stabilator. Formation flight handling qualities evaluations were performed with and without neural network adaptation. The results of these flight tests are presented. Comparison with simulation predictions and analysis of the performance of the adaptation system are discussed. The performance of the adaptation system is assessed in terms of its ability to decouple the roll and pitch response and reestablish good onboard model tracking. Flight evaluation with the simulated stabilator failure and adaptation engaged showed that there was generally improvement in the pitch response; however, a tendency for roll pilot-induced oscillation was experienced. A detailed discussion of the cause of the mixed results is presented.

Flight Test Results from the NF-15B Intelligent Flight Control System (IFCS) Project with Adaptation to a Simulated Stabilator Failure

NASA Technical Reports Server (NTRS)

Bosworth, John T.; Williams-Hayes, Peggy S.

2010-01-01

Adaptive flight control systems have the potential to be more resilient to extreme changes in airplane behavior. Extreme changes could be a result of a system failure or of damage to the airplane. A direct adaptive neural-network-based flight control system was developed for the National Aeronautics and Space Administration NF-15B Intelligent Flight Control System airplane and subjected to an inflight simulation of a failed (frozen) (unmovable) stabilator. Formation flight handling qualities evaluations were performed with and without neural network adaptation. The results of these flight tests are presented. Comparison with simulation predictions and analysis of the performance of the adaptation system are discussed. The performance of the adaptation system is assessed in terms of its ability to decouple the roll and pitch response and reestablish good onboard model tracking. Flight evaluation with the simulated stabilator failure and adaptation engaged showed that there was generally improvement in the pitch response; however, a tendency for roll pilot-induced oscillation was experienced. A detailed discussion of the cause of the mixed results is presented.

Reconfigurable Control with Neural Network Augmentation for a Modified F-15 Aircraft

NASA Technical Reports Server (NTRS)

Burken, John J.; Williams-Hayes, Peggy; Kaneshige, John T.; Stachowiak, Susan J.

2006-01-01

Description of the performance of a simplified dynamic inversion controller with neural network augmentation follows. Simulation studies focus on the results with and without neural network adaptation through the use of an F-15 aircraft simulator that has been modified to include canards. Simulated control law performance with a surface failure, in addition to an aerodynamic failure, is presented. The aircraft, with adaptation, attempts to minimize the inertial cross-coupling effect of the failure (a control derivative anomaly associated with a jammed control surface). The dynamic inversion controller calculates necessary surface commands to achieve desired rates. The dynamic inversion controller uses approximate short period and roll axis dynamics. The yaw axis controller is a sideslip rate command system. Methods are described to reduce the cross-coupling effect and maintain adequate tracking errors for control surface failures. The aerodynamic failure destabilizes the pitching moment due to angle of attack. The results show that control of the aircraft with the neural networks is easier (more damped) than without the neural networks. Simulation results show neural network augmentation of the controller improves performance with aerodynamic and control surface failures in terms of tracking error and cross-coupling reduction.

Adaptive Control Using Neural Network Augmentation for a Modified F-15 Aircraft

NASA Technical Reports Server (NTRS)

Burken, John J.; Williams-Hayes, Peggy; Karneshige, J. T.; Stachowiak, Susan J.

2006-01-01

Description of the performance of a simplified dynamic inversion controller with neural network augmentation follows. Simulation studies focus on the results with and without neural network adaptation through the use of an F-15 aircraft simulator that has been modified to include canards. Simulated control law performance with a surface failure, in addition to an aerodynamic failure, is presented. The aircraft, with adaptation, attempts to minimize the inertial cross-coupling effect of the failure (a control derivative anomaly associated with a jammed control surface). The dynamic inversion controller calculates necessary surface commands to achieve desired rates. The dynamic inversion controller uses approximate short period and roll axis dynamics. The yaw axis controller is a sideslip rate command system. Methods are described to reduce the cross-coupling effect and maintain adequate tracking errors for control surface failures. The aerodynamic failure destabilizes the pitching moment due to angle of attack. The results show that control of the aircraft with the neural networks is easier (more damped) than without the neural networks. Simulation results show neural network augmentation of the controller improves performance with aerodynamic and control surface failures in terms of tracking error and cross-coupling reduction.

An expert system to perform on-line controller restructuring for abrupt model changes

NASA Technical Reports Server (NTRS)

Litt, Jonathan S.

1990-01-01

Work in progress on an expert system used to reconfigure and tune airframe/engine control systems on-line in real time in response to battle damage or structural failures is presented. The closed loop system is monitored constantly for changes in structure and performance, the detection of which prompts the expert system to choose and apply a particular control restructuring algorithm based on the type and severity of the damage. Each algorithm is designed to handle specific types of failures and each is applicable only in certain situations. The expert system uses information about the system model to identify the failure and to select the technique best suited to compensate for it. A depth-first search is used to find a solution. Once a new controller is designed and implemented it must be tuned to recover the original closed-loop handling qualities and responsiveness from the degraded system. Ideally, the pilot should not be able to tell the difference between the original and redesigned systems. The key is that the system must have inherent redundancy so that degraded or missing capabilities can be restored by creative use of alternate functionalities. With enough redundancy in the control system, minor battle damage affecting individual control surfaces or actuators, compressor efficiency, etc., can be compensated for such that the closed-loop performance in not noticeably altered. The work is applied to a Black Hawk/T700 system.

76 FR 73481 - Airworthiness Directives; Bombardier, Inc. Airplanes

Federal Register 2010, 2011, 2012, 2013, 2014

2011-11-29

... gear from extending in the case of a failure of the normal MLG extension/retraction system... failure of the normal MLG extension/retraction system. This [Transport Canada Civil Aviation] directive is... MLG extension/retraction system. * * * * * The unsafe condition is loss of control during landing...

A decentralized approach to reducing the social costs of cascading failures

NASA Astrophysics Data System (ADS)

Hines, Paul

Large cascading failures in electrical power networks come with enormous social costs. These can be direct financial costs, such as the loss of refrigerated foods in grocery stores, or more indirect social costs, such as the traffic congestion that results from the failure of traffic signals. While engineers and policy makers have made numerous technical and organizational changes to reduce the frequency and impact of large cascading failures, the existing data, as described in Chapter 2 of this work, indicate that the overall frequency and impact of large electrical blackouts in the United States are not decreasing. Motivated by the cascading failure problem, this thesis describes a new method for Distributed Model Predictive Control and a power systems application. The central goal of the method, when applied to power systems, is to reduce the social costs of cascading failures by making small, targeted reductions in load and generation and changes to generator voltage set points. Unlike some existing schemes that operate from centrally located control centers, the method is operated by software agents located at substations distributed throughout the power network. The resulting multi-agent control system is a new approach to decentralized control, combining Distributed Model Predictive Control and Reciprocal Altruism. Experimental results indicate that this scheme can in fact decrease the average size, and thus social costs, of cascading failures. Over 100 randomly generated disturbances to a model of the IEEE 300 bus test network, the method resulted in nearly an order of magnitude decrease in average event size (measured in cost) relative to cascading failure simulations without remedial control actions. Additionally, the communication requirements for the method are measured, and found to be within the bandwidth capabilities of current communications technology (on the order of 100kB/second). Experiments on several resistor networks with varying structures, including a random graph, a scale-free network and a power grid indicate that the effectiveness of decentralized control schemes, like the method proposed here, is a function of the structure of the network that is to be controlled.

40 CFR 65.107 - Standards: Pumps in light liquid service.

Code of Federal Regulations, 2010 CFR

2010-07-01

... frequency of drips and to the sensor that indicates failure of the seal system, the barrier fluid system, or... or fuel gas system or connected by a closed vent system to a control device that complies with the... equipped with a sensor that will detect failure of the seal system, the barrier fluid system, or both. (v...

Comparison of plasma B-type natriuretic peptide levels in single ventricle patients with systemic ventricle heart failure versus isolated cavopulmonary failure.

PubMed

Law, Yuk Ming; Ettedgui, Jose; Beerman, Lee; Maisel, Alan; Tofovic, Stevan

2006-08-15

The measurement of plasma B-type natriuretic peptide (BNP) has emerged as a useful biomarker of heart failure in patients with cardiomyopathy. The pathophysiology of heart failure in single ventricle (SV) circulation may be distinct from that of cardiomyopathies. A distinct pattern of BNP elevation in heart failure in the SV population was hypothesized: it is elevated in heart failure secondary to ventricular dysfunction but not in isolated cavopulmonary failure. BNP was measured prospectively in SV patients at catheterization (n = 22) and when assessing for heart failure (n = 11) (7 normal controls). Of 33 SV subjects (median age 62 months), 13 had aortopulmonary connections and 20 had cavopulmonary connections. Median and mean +/- SD BNP levels by shunt type were 184 and 754 +/- 1,086 pg/ml in the patients with aortopulmonary connections, 38 and 169 +/- 251 pg/ml in the patients with cavopulmonary connections, and 10 and 11 +/- 5 pg/ml in normal controls, respectively (p = 0.004). Median systemic ventricular end-diastolic pressure (8mm Hg, R = 0.45), mean pulmonary artery pressure (14.5 mm Hg, R = 0.62), and mean right atrial pressure (6.5 mm Hg, R = 0.54) were correlated with plasma BNP. SV subjects with symptomatic heart failure from dysfunctional systemic ventricles had median and mean +/- SD BNP levels of 378 and 714 +/- 912 pg/ml (n = 18) compared with patients with isolated failed Glenn or Fontan connections (19 and 23 +/- 16 pg/ml [n = 7, p = 0.001]) and those with no heart failure (22 and 22 +/- 12 pg/ml [n = 8, p = 0.001]). Excluding the group with cavopulmonary failure, the severity of heart failure from systemic ventricular dysfunction was associated with plasma BNP. In conclusion, plasma BNP is elevated in SV patients with systemic ventricular or left-sided cardiac failure. BNP is not elevated in patients missing a pulmonary ventricle with isolated cavopulmonary failure.

Lunar Module ECS (Environmental Control System) - Design Considerations and Failure Modes. Part 1

NASA Technical Reports Server (NTRS)

Interbartolo, Michael

2009-01-01

Design considerations and failure modes for the Lunar Module (LM) Environmental Control System (ECS) are described. An overview of the the oxygen supply and cabin pressurization, atmosphere revitalization, water management and heat transport systems are provided. Design considerations including reliability, flight instrumentation, modularization and the change to the use of batteries instead of fuel cells are discussed. A summary is provided for the LM ECS general testing regime.

An Integrated Fault Tolerant Robotic Controller System for High Reliability and Safety

NASA Technical Reports Server (NTRS)

Marzwell, Neville I.; Tso, Kam S.; Hecht, Myron

1994-01-01

This paper describes the concepts and features of a fault-tolerant intelligent robotic control system being developed for applications that require high dependability (reliability, availability, and safety). The system consists of two major elements: a fault-tolerant controller and an operator workstation. The fault-tolerant controller uses a strategy which allows for detection and recovery of hardware, operating system, and application software failures.The fault-tolerant controller can be used by itself in a wide variety of applications in industry, process control, and communications. The controller in combination with the operator workstation can be applied to robotic applications such as spaceborne extravehicular activities, hazardous materials handling, inspection and maintenance of high value items (e.g., space vehicles, reactor internals, or aircraft), medicine, and other tasks where a robot system failure poses a significant risk to life or property.

Software Considerations for Subscale Flight Testing of Experimental Control Laws

NASA Technical Reports Server (NTRS)

Murch, Austin M.; Cox, David E.; Cunningham, Kevin

2009-01-01

The NASA AirSTAR system has been designed to address the challenges associated with safe and efficient subscale flight testing of research control laws in adverse flight conditions. In this paper, software elements of this system are described, with an emphasis on components which allow for rapid prototyping and deployment of aircraft control laws. Through model-based design and automatic coding a common code-base is used for desktop analysis, piloted simulation and real-time flight control. The flight control system provides the ability to rapidly integrate and test multiple research control laws and to emulate component or sensor failures. Integrated integrity monitoring systems provide aircraft structural load protection, isolate the system from control algorithm failures, and monitor the health of telemetry streams. Finally, issues associated with software configuration management and code modularity are briefly discussed.

Abnormalities of the QT interval in primary disorders of autonomic failure

NASA Technical Reports Server (NTRS)

Choy, A. M.; Lang, C. C.; Roden, D. M.; Robertson, D.; Wood, A. J.; Robertson, R. M.; Biaggioni, I.

1998-01-01

BACKGROUND: Experimental evidence shows that activation of the autonomic nervous system influences ventricular repolarization and, therefore, the QT interval on the ECG. To test the hypothesis that the QT interval is abnormal in autonomic dysfunction, we examined ECGs in patients with severe primary autonomic failure and in patients with congenital dopamine beta-hydroxylase (DbetaH) deficiency who are unable to synthesize norepinephrine and epinephrine. SUBJECTS AND METHODS: Maximal QT and rate-corrected QT (QTc) intervals and adjusted QTc dispersion [(maximal QTc - minimum QTc on 12 lead ECG)/square root of the number of leads measured] were determined in blinded fashion from ECGs of 67 patients with primary autonomic failure (36 patients with multiple system atrophy [MSA], and 31 patients with pure autonomic failure [PAF]) and 17 age- and sex-matched healthy controls. ECGs of 5 patients with congenital DbetaH deficiency and 6 age- and sex-matched controls were also analyzed. RESULTS: Patients with MSA and PAF had significantly prolonged maximum QTc intervals (492+/-58 ms(1/2) and 502+/-61 ms(1/2) [mean +/- SD]), respectively, compared with controls (450+/-18 ms(1/2), P < .05 and P < .01, respectively). A similar but not significant trend was observed for QT. QTc dispersion was also increased in MSA (40+/-20 ms(1/2), P < .05 vs controls) and PAF patients (32+/-19 ms(1/2), NS) compared with controls (21+/-5 ms(1/2)). In contrast, patients with congenital DbetaH deficiency did not have significantly different RR, QT, QTc intervals, or QTc dispersion when compared with controls. CONCLUSIONS: Patients with primary autonomic failure who have combined parasympathetic and sympathetic failure have abnormally prolonged QT interval and increased QT dispersion. However, QT interval in patients with congenital DbetaH deficiency was not significantly different from controls. It is possible, therefore, that QT abnormalities in patients with primary autonomic failure are not solely caused by lesions of the sympathetic nervous system, and that the parasympathetic nervous system is likely to have a modulatory role in ventricular repolarization.

LMI-based adaptive reliable H∞ static output feedback control against switched actuator failures

NASA Astrophysics Data System (ADS)

An, Liwei; Zhai, Ding; Dong, Jiuxiang; Zhang, Qingling

2017-08-01

This paper investigates the H∞ static output feedback (SOF) control problem for switched linear system under arbitrary switching, where the actuator failure models are considered to depend on switching signal. An active reliable control scheme is developed by combination of linear matrix inequality (LMI) method and adaptive mechanism. First, by exploiting variable substitution and Finsler's lemma, new LMI conditions are given for designing the SOF controller. Compared to the existing results, the proposed design conditions are more relaxed and can be applied to a wider class of no-fault linear systems. Then a novel adaptive mechanism is established, where the inverses of switched failure scaling factors are estimated online to accommodate the effects of actuator failure on systems. Two main difficulties arise: first is how to design the switched adaptive laws to prevent the missing of estimating information due to switching; second is how to construct a common Lyapunov function based on a switched estimate error term. It is shown that the new method can give less conservative results than that for the traditional control design with fixed gain matrices. Finally, simulation results on the HiMAT aircraft are given to show the effectiveness of the proposed approaches.

Study of an automatic trajectory following control system

NASA Technical Reports Server (NTRS)

Vanlandingham, H. F.; Moose, R. L.; Zwicke, P. E.; Lucas, W. H.; Brinkley, J. D.

1983-01-01

It is shown that the estimator part of the Modified Partitioned Adaptive Controller, (MPAC) developed for nonlinear aircraft dynamics of a small jet transport can adapt to sensor failures. In addition, an investigation is made into the potential usefulness of the configuration detection technique used in the MPAC and the failure detection filter is developed that determines how a noise plant output is associated with a line or plane characteristic of a failure. It is shown by computer simulation that the estimator part and the configuration detection part of the MPAC can readily adapt to actuator and sensor failures and that the failure detection filter technique cannot detect actuator or sensor failures accurately for this type of system because of the plant modeling errors. In addition, it is shown that the decision technique, developed for the failure detection filter, can accurately determine that the plant output is related to the characteristic line or plane in the presence of sensor noise.

Appetitive Motivation and Negative Emotion Reactivity among Remitted Depressed Youth

PubMed Central

Hankin, Benjamin L.; Wetter, Emily K.; Flory, Kate

2012-01-01

Depression has been characterized as involving altered appetitive motivation and emotional reactivity. Yet no study has examined objective indices of emotional reactivity when the appetitive/approach system is suppressed in response to failure to attain a self-relevant goal and desired reward. Three groups of youth (N = 98, ages 9–15; remitted depressed, n = 34; externalizing disordered without depression, n = 30, and healthy controls, n = 34) participated in a novel reward striving task designed to activate the appetitive/approach motivation system. Objective facial expressions of emotion were videotaped and coded throughout both failure (i.e., nonreward) and control (success and reward) conditions. Observational coding of facial expressions as well as youths’ subjective emotion reports showed that the remitted depressed youth specifically exhibited more negative emotional reactivity to failure in the reward striving task, but not the control condition. Neither externalizing disordered (i.e., ADHD, CD, and/ or ODD) nor control youth displayed greater negative emotional reactivity in either the failure or control condition. Findings suggest that depression among youth is related to dysregulated appetitive motivation and associated negative emotional reactivity after failing to achieve an important, self-relevant goal and not attaining reward. These deficits in reward processing appear to be specific to depression as externalizing disordered youth did not display negative emotional reactivity to failure after their appetitive motivation system was activated. PMID:22901275

Appetitive motivation and negative emotion reactivity among remitted depressed youth.

PubMed

Hankin, Benjamin L; Wetter, Emily K; Flory, Kate

2012-01-01

Depression has been characterized as involving altered appetitive motivation and emotional reactivity. Yet no study has examined objective indices of emotional reactivity when the appetitive/approach system is suppressed in response to failure to attain a self-relevant goal and desired reward. Three groups of youth (N = 98, ages 9-15; remitted depressed, n = 34; externalizing disordered without depression, n = 30; and healthy controls, n = 34) participated in a novel reward striving task designed to activate the appetitive/approach motivation system. Objective facial expressions of emotion were videotaped and coded throughout both failure (i.e., nonreward) and control (success and reward) conditions. Observational coding of facial expressions as well as youths' subjective emotion reports showed that the remitted depressed youth specifically exhibited more negative emotional reactivity to failure in the reward striving task, but not the control condition. Neither externalizing disordered (i.e., attention deficit hyperactivity disorder, conduct disorder, and/or oppositional defiant disorder) nor control youth displayed greater negative emotional reactivity in either the failure or control condition. Findings suggest that depression among youth is related to dysregulated appetitive motivation and associated negative emotional reactivity after failing to achieve an important, self-relevant goal and not attaining reward. These deficits in reward processing appear to be specific to depression as externalizing disordered youth did not display negative emotional reactivity to failure after their appetitive motivation system was activated.

Reliability analysis of forty-five strain-gage systems mounted on the first fan stage of a YF-100 engine

NASA Technical Reports Server (NTRS)

Holanda, R.; Frause, L. M.

1977-01-01

The reliability of 45 state-of-the-art strain gage systems under full scale engine testing was investigated. The flame spray process was used to install 23 systems on the first fan rotor of a YF-100 engine; the others were epoxy cemented. A total of 56 percent of the systems failed in 11 hours of engine operation. Flame spray system failures were primarily due to high gage resistance, probably caused by high stress levels. Epoxy system failures were principally erosion failures, but only on the concave side of the blade. Lead-wire failures between the blade-to-disk jump and the control room could not be analyzed.

Preliminary Study Using Forward Reaction Control System Jets During Space Shuttle Entry

NASA Technical Reports Server (NTRS)

Restrepo, Carolina; Valasek, John

2006-01-01

Failure or degradation of the flight control system, or hull damage, can lead to loss of vehicle control during entry. Possible failure scenarios are debris impact and wing damage that could result in a large aerodynamic asymmetry which cannot be trimmed out without additional yaw control. Currently the space shuttle uses aerodynamic control surfaces and Reaction Control System jets to control attitude. The forward jets are used for orbital maneuvering only, while the aft jets are used for yaw control during entry. This paper develops a controller for using the forward reaction control system jets as an additional control during entry, and assesses its value and feasibility during failure situations. Forward-aft jet blending logic is created, and implemented on a simplified model of the space shuttle entry flight control system. The model is validated and verified on the nonlinear, six degree-of-freedom Shuttle Engineering Simulator. A rudimentary human factors study was undertaken using the forward cockpit simulator at Johnson Space Center, to assess flying qualities of the new system and pilot workload. Results presented in the paper show that the combination of forward and aft jets provides useful additional yaw control, in addition to potential fuel savings and the ability to balance the use of the fuel in the forward and aft tanks to meet availability constraints of both forward and aft fuel tanks. Piloted simulation studies indicated that using both sets of jets while flying a damaged space shuttle reduces pilot workload, and makes the vehicle more responsive.

40 CFR 63.1007 - Pumps in light liquid service standards.

Code of Federal Regulations, 2011 CFR

2011-07-01

... sensor that indicates failure of the seal system, the barrier fluid system, or both. The owner or... reservoir that is routed to a process or fuel gas system or connected by a closed vent system to a control... liquid service. (iv) Each barrier fluid system is equipped with a sensor that will detect failure of the...

40 CFR 63.1007 - Pumps in light liquid service standards.

Code of Federal Regulations, 2010 CFR

2010-07-01

... sensor that indicates failure of the seal system, the barrier fluid system, or both. The owner or... reservoir that is routed to a process or fuel gas system or connected by a closed vent system to a control... liquid service. (iv) Each barrier fluid system is equipped with a sensor that will detect failure of the...

40 CFR 63.1026 - Pumps in light liquid service standards.

Code of Federal Regulations, 2010 CFR

2010-07-01

... presence and frequency of drips and to the sensor that indicates failure of the seal system, the barrier... or fuel gas system or connected by a closed-vent system to a control device that complies with the.... (iv) Each barrier fluid system is equipped with a sensor that will detect failure of the seal system...

Synthesis of the unmanned aerial vehicle remote control augmentation system

DOE Office of Scientific and Technical Information (OSTI.GOV)

Tomczyk, Andrzej, E-mail: A.Tomczyk@prz.edu.pl

Medium size Unmanned Aerial Vehicle (UAV) usually flies as an autonomous aircraft including automatic take-off and landing phases. However in the case of the on-board control system failure, the remote steering is using as an emergency procedure. In this reason, remote manual control of unmanned aerial vehicle is used more often during take-of and landing phases. Depends on UAV take-off mass and speed (total energy) the potential crash can be very danger for airplane and environment. So, handling qualities of UAV is important from pilot-operator point of view. In many cases the dynamic properties of remote controlling UAV are notmore » suitable for obtaining the desired properties of the handling qualities. In this case the control augmentation system (CAS) should be applied. Because the potential failure of the on-board control system, the better solution is that the CAS algorithms are placed on the ground station computers. The method of UAV handling qualities shaping in the case of basic control system failure is presented in this paper. The main idea of this method is that UAV reaction on the operator steering signals should be similar - almost the same - as reaction of the 'ideal' remote control aircraft. The model following method was used for controller parameters calculations. The numerical example concerns the medium size MP-02A UAV applied as an aerial observer system.« less

A solenoid failure detection system for cold gas attitude control jet valves

NASA Technical Reports Server (NTRS)

Johnston, P. A.

1970-01-01

The development of a solenoid valve failure detection system is described. The technique requires the addition of a radioactive gas to the propellant of a cold gas jet attitude control system. Solenoid failure is detected with an avalanche radiation detector located in the jet nozzle which senses the radiation emitted by the leaking radioactive gas. Measurements of carbon monoxide leakage rates through a Mariner type solenoid valve are presented as a function of gas activity and detector configuration. A cylindrical avalanche detector with a factor of 40 improvement in leak sensitivity is proposed for flight systems because it allows the quantity of radioactive gas that must be added to the propellant to be reduced to a practical level.

46 CFR 62.25-10 - Manual alternate control systems.

Code of Federal Regulations, 2011 CFR

2011-10-01

... automatic primary control system failure; (2) Be suitable for manual control for prolonged periods; (3) Be... 46 Shipping 2 2011-10-01 2011-10-01 false Manual alternate control systems. 62.25-10 Section 62.25... AUTOMATION General Requirements for All Automated Vital Systems § 62.25-10 Manual alternate control systems...

Performance-based maintenance of gas turbines for reliable control of degraded power systems

NASA Astrophysics Data System (ADS)

Mo, Huadong; Sansavini, Giovanni; Xie, Min

2018-03-01

Maintenance actions are necessary for ensuring proper operations of control systems under component degradation. However, current condition-based maintenance (CBM) models based on component health indices are not suitable for degraded control systems. Indeed, failures of control systems are only determined by the controller outputs, and the feedback mechanism compensates the control performance loss caused by the component deterioration. Thus, control systems may still operate normally even if the component health indices exceed failure thresholds. This work investigates the CBM model of control systems and employs the reduced control performance as a direct degradation measure for deciding maintenance activities. The reduced control performance depends on the underlying component degradation modelled as a Wiener process and the feedback mechanism. To this aim, the controller features are quantified by developing a dynamic and stochastic control block diagram-based simulation model, consisting of the degraded components and the control mechanism. At each inspection, the system receives a maintenance action if the control performance deterioration exceeds its preventive-maintenance or failure thresholds. Inspired by realistic cases, the component degradation model considers random start time and unit-to-unit variability. The cost analysis of maintenance model is conducted via Monte Carlo simulation. Optimal maintenance strategies are investigated to minimize the expected maintenance costs, which is a direct consequence of the control performance. The proposed framework is able to design preventive maintenance actions on a gas power plant, to ensuring required load frequency control performance against a sudden load increase. The optimization results identify the trade-off between system downtime and maintenance costs as a function of preventive maintenance thresholds and inspection frequency. Finally, the control performance-based maintenance model can reduce maintenance costs as compared to CBM and pre-scheduled maintenance.

Failure Scenarios and Mitigations for the BABAR Superconducting Solenoid

NASA Astrophysics Data System (ADS)

Thompson, EunJoo; Candia, A.; Craddock, W. W.; Racine, M.; Weisend, J. G.

2006-04-01

The cryogenic department at the Stanford Linear Accelerator Center is responsible for the operation, troubleshooting, and upgrade of the 1.5 Tesla superconducting solenoid detector for the BABAR B-factory experiment. Events that disable the detector are rare but significantly impact the availability of the detector for physics research. As a result, a number of systems and procedures have been developed over time to minimize the downtime of the detector, for example improved control systems, improved and automatic backup systems, and spares for all major components. Together they can prevent or mitigate many of the failures experienced by the utilities, mechanical systems, controls and instrumentation. In this paper we describe various failure scenarios, their effect on the detector, and the modifications made to mitigate the effects of the failure. As a result of these modifications the reliability of the detector has increased significantly with only 3 shutdowns of the detector due to cryogenics systems over the last 2 years.

Simulation results of automatic restructurable flight control system concepts

NASA Technical Reports Server (NTRS)

Weiss, J. L.; Looze, D. P.; Eterno, J. S.; Ostroff, A.

1986-01-01

The restructurable flight control system (RFCS) described by Weiss et al. (1986) is reviewed, and several results of an extensive six degrees of freedom nonlinear simulation of several aspects of this system are reported. It is concluded that the nontraditional use of standard control surfaces in a nominal feedback control system to spread control authority among many redundant control elements provides a significant amount of fault tolerance without any use of restructuring techniques. The use of new feedback gains alone following a failure can provide significantly improved recovery as long as the control elements remain within their travel limits and as long as uncertainty about the failure identity is properly handled. The use of the feed-forward trim solution in conjunction with redesigned feedback gains allows recovery to take place even when significant control saturation occurs.

Autonomous control system reconfiguration for spacecraft with non-redundant actuators

NASA Astrophysics Data System (ADS)

Grossman, Walter

1995-05-01

The Small Satellite Technology Initiative (SSTI) 'CLARK' spacecraft is required to be single-failure tolerant, i.e., no failure of any single component or subsystem shall result in complete mission loss. Fault tolerance is usually achieved by implementing redundant subsystems. Fault tolerant systems are therefore heavier and cost more to build and launch than non-redundent, non fault-tolerant spacecraft. The SSTI CLARK satellite Attitude Determination and Control System (ADACS) achieves single-fault tolerance without redundancy. The attitude determination system system uses a Kalman Filter which is inherently robust to loss of any single attitude sensor. The attitude control system uses three orthogonal reaction wheels for attitude control and three magnetic dipoles for momentum control. The nominal six-actuator control system functions by projecting the attitude correction torque onto the reaction wheels while a slower momentum management outer loop removes the excess momentum in the direction normal to the local B field. The actuators are not redundant so the nominal control law cannot be implemented in the event of a loss of a single actuator (dipole or reaction wheel). The spacecraft dynamical state (attitude, angular rate, and momentum) is controllable from any five-element subset of the six actuators. With loss of an actuator the instantaneous control authority may not span R(3) but the controllability gramian integral(limits between t,0) Phi(t, tau)B(tau )B(prime)(tau) Phi(prime)(t, tau)d tau retains full rank. Upon detection of an actuator failure the control torque is decomposed onto the remaining active axes. The attitude control torque is effected and the over-orbit momentum is controlled. The resulting control system performance approaches that of the nominal system.

Fault management for the Space Station Freedom control center

NASA Technical Reports Server (NTRS)

Clark, Colin; Jowers, Steven; Mcnenny, Robert; Culbert, Chris; Kirby, Sarah; Lauritsen, Janet

1992-01-01

This paper describes model based reasoning fault isolation in complex systems using automated digraph analysis. It discusses the use of the digraph representation as the paradigm for modeling physical systems and a method for executing these failure models to provide real-time failure analysis. It also discusses the generality, ease of development and maintenance, complexity management, and susceptibility to verification and validation of digraph failure models. It specifically describes how a NASA-developed digraph evaluation tool and an automated process working with that tool can identify failures in a monitored system when supplied with one or more fault indications. This approach is well suited to commercial applications of real-time failure analysis in complex systems because it is both powerful and cost effective.

Failure and recovery in dynamical networks.

PubMed

Böttcher, L; Luković, M; Nagler, J; Havlin, S; Herrmann, H J

2017-02-03

Failure, damage spread and recovery crucially underlie many spatially embedded networked systems ranging from transportation structures to the human body. Here we study the interplay between spontaneous damage, induced failure and recovery in both embedded and non-embedded networks. In our model the network's components follow three realistic processes that capture these features: (i) spontaneous failure of a component independent of the neighborhood (internal failure), (ii) failure induced by failed neighboring nodes (external failure) and (iii) spontaneous recovery of a component. We identify a metastable domain in the global network phase diagram spanned by the model's control parameters where dramatic hysteresis effects and random switching between two coexisting states are observed. This dynamics depends on the characteristic link length of the embedded system. For the Euclidean lattice in particular, hysteresis and switching only occur in an extremely narrow region of the parameter space compared to random networks. We develop a unifying theory which links the dynamics of our model to contact processes. Our unifying framework may help to better understand controllability in spatially embedded and random networks where spontaneous recovery of components can mitigate spontaneous failure and damage spread in dynamical networks.

Reliability of Fault Tolerant Control Systems. Part 1

NASA Technical Reports Server (NTRS)

Wu, N. Eva

2001-01-01

This paper reports Part I of a two part effort, that is intended to delineate the relationship between reliability and fault tolerant control in a quantitative manner. Reliability analysis of fault-tolerant control systems is performed using Markov models. Reliability properties, peculiar to fault-tolerant control systems are emphasized. As a consequence, coverage of failures through redundancy management can be severely limited. It is shown that in the early life of a syi1ein composed of highly reliable subsystems, the reliability of the overall system is affine with respect to coverage, and inadequate coverage induces dominant single point failures. The utility of some existing software tools for assessing the reliability of fault tolerant control systems is also discussed. Coverage modeling is attempted in Part II in a way that captures its dependence on the control performance and on the diagnostic resolution.

Independent Orbiter Assessment (IOA): Analysis of the active thermal control subsystem

NASA Technical Reports Server (NTRS)

Sinclair, S. K.; Parkman, W. E.

1987-01-01

The results of the Independent Orbiter Assessment (IOA) of the Failure Modes and Effects Analysis (FMEA) and Critical Items List (CIL) are presented. The IOA approach features a top-down analysis of the hardware to determine failure modes, criticality, and potential critical (PCIs) items. To preserve independence, this analysis was accomplished without reliance upon the results contained within the NASA FMEA/CIL documentation. The independent analysis results corresponding to the Orbiter Active Thermal Control Subsystem (ATCS) are documented. The major purpose of the ATCS is to remove the heat, generated during normal Shuttle operations from the Orbiter systems and subsystems. The four major components of the ATCS contributing to the heat removal are: Freon Coolant Loops; Radiator and Flow Control Assembly; Flash Evaporator System; and Ammonia Boiler System. In order to perform the analysis, the IOA process utilized available ATCS hardware drawings and schematics for defining hardware assemblies, components, and hardware items. Each level of hardware was evaluated and analyzed for possible failure modes and effects. Criticality was assigned based upon the severity of the effect for each failure mode. Of the 310 failure modes analyzed, 101 were determined to be PCIs.

A Convex Approach to Fault Tolerant Control

NASA Technical Reports Server (NTRS)

Maghami, Peiman G.; Cox, David E.; Bauer, Frank (Technical Monitor)

2002-01-01

The design of control laws for dynamic systems with the potential for actuator failures is considered in this work. The use of Linear Matrix Inequalities allows more freedom in controller design criteria than typically available with robust control. This work proposes an extension of fault-scheduled control design techniques that can find a fixed controller with provable performance over a set of plants. Through convexity of the objective function, performance bounds on this set of plants implies performance bounds on a range of systems defined by a convex hull. This is used to incorporate performance bounds for a variety of soft and hard failures into the control design problem.

Reusable rocket engine intelligent control system framework design, phase 2

NASA Technical Reports Server (NTRS)

Nemeth, ED; Anderson, Ron; Ols, Joe; Olsasky, Mark

1991-01-01

Elements of an advanced functional framework for reusable rocket engine propulsion system control are presented for the Space Shuttle Main Engine (SSME) demonstration case. Functional elements of the baseline functional framework are defined in detail. The SSME failure modes are evaluated and specific failure modes identified for inclusion in the advanced functional framework diagnostic system. Active control of the SSME start transient is investigated, leading to the identification of a promising approach to mitigating start transient excursions. Key elements of the functional framework are simulated and demonstration cases are provided. Finally, the advanced function framework for control of reusable rocket engines is presented.

Instrument Failures for the da Vinci Surgical System: a Food and Drug Administration MAUDE Database Study.

PubMed

Friedman, Diana C W; Lendvay, Thomas S; Hannaford, Blake

2013-05-01

Our goal was to analyze reported instances of the da Vinci robotic surgical system instrument failures using the FDA's MAUDE (Manufacturer and User Facility Device Experience) database. From these data we identified some root causes of failures as well as trends that may assist surgeons and users of the robotic technology. We conducted a survey of the MAUDE database and tallied robotic instrument failures that occurred between January 2009 and December 2010. We categorized failures into five main groups (cautery, shaft, wrist or tool tip, cable, and control housing) based on technical differences in instrument design and function. A total of 565 instrument failures were documented through 528 reports. The majority of failures (285) were of the instrument's wrist or tool tip. Cautery problems comprised 174 failures, 76 were shaft failures, 29 were cable failures, and 7 were control housing failures. Of the reports, 10 had no discernible failure mode and 49 exhibited multiple failures. The data show that a number of robotic instrument failures occurred in a short period of time. In reality, many instrument failures may go unreported, thus a true failure rate cannot be determined from these data. However, education of hospital administrators, operating room staff, surgeons, and patients should be incorporated into discussions regarding the introduction and utilization of robotic technology. We recommend institutions incorporate standard failure reporting policies so that the community of robotic surgery companies and surgeons can improve on existing technologies for optimal patient safety and outcomes.

The NASA F-15 Intelligent Flight Control Systems: Generation II

NASA Technical Reports Server (NTRS)

Buschbacher, Mark; Bosworth, John

2006-01-01

The Second Generation (Gen II) control system for the F-15 Intelligent Flight Control System (IFCS) program implements direct adaptive neural networks to demonstrate robust tolerance to faults and failures. The direct adaptive tracking controller integrates learning neural networks (NNs) with a dynamic inversion control law. The term direct adaptive is used because the error between the reference model and the aircraft response is being compensated or directly adapted to minimize error without regard to knowing the cause of the error. No parameter estimation is needed for this direct adaptive control system. In the Gen II design, the feedback errors are regulated with a proportional-plus-integral (PI) compensator. This basic compensator is augmented with an online NN that changes the system gains via an error-based adaptation law to improve aircraft performance at all times, including normal flight, system failures, mispredicted behavior, or changes in behavior resulting from damage.

A Sensor Failure Simulator for Control System Reliability Studies

NASA Technical Reports Server (NTRS)

Melcher, K. J.; Delaat, J. C.; Merrill, W. C.; Oberle, L. G.; Sadler, G. G.; Schaefer, J. H.

1986-01-01

A real-time Sensor Failure Simulator (SFS) was designed and assembled for the Advanced Detection, Isolation, and Accommodation (ADIA) program. Various designs were considered. The design chosen features an IBM-PC/XT. The PC is used to drive analog circuitry for simulating sensor failures in real-time. A user defined scenario describes the failure simulation for each of the five incoming sensor signals. Capabilities exist for editing, saving, and retrieving the failure scenarios. The SFS has been tested closed-loop with the Controls Interface and Monitoring (CIM) unit, the ADIA control, and a real-time F100 hybrid simulation. From a productivity viewpoint, the menu driven user interface has proven to be efficient and easy to use. From a real-time viewpoint, the software controlling the simulation loop executes at greater than 100 cycles/sec.

A sensor failure simulator for control system reliability studies

NASA Astrophysics Data System (ADS)

Melcher, K. J.; Delaat, J. C.; Merrill, W. C.; Oberle, L. G.; Sadler, G. G.; Schaefer, J. H.

A real-time Sensor Failure Simulator (SFS) was designed and assembled for the Advanced Detection, Isolation, and Accommodation (ADIA) program. Various designs were considered. The design chosen features an IBM-PC/XT. The PC is used to drive analog circuitry for simulating sensor failures in real-time. A user defined scenario describes the failure simulation for each of the five incoming sensor signals. Capabilities exist for editing, saving, and retrieving the failure scenarios. The SFS has been tested closed-loop with the Controls Interface and Monitoring (CIM) unit, the ADIA control, and a real-time F100 hybrid simulation. From a productivity viewpoint, the menu driven user interface has proven to be efficient and easy to use. From a real-time viewpoint, the software controlling the simulation loop executes at greater than 100 cycles/sec.

Recent Advances In Structural Vibration And Failure Mode Control In Mainland China: Theory, Experiments And Applications

NASA Astrophysics Data System (ADS)

Li, Hui; Ou, Jinping

2008-07-01

A number of researchers have been focused on structural vibration control in the past three decades over the world and fruit achievements have been made. This paper introduces the recent advances in structural vibration control including passive, active and semiactive control in mainland China. Additionally, the co-author extends the structural vibration control to failure mode control. The research on the failure mode control is also involved in this paper. For passive control, this paper introduces full scale tests of buckling-restrained braces conducted to investigate the performance of the dampers and the second-editor of the Code of Seismic Design for Buildings. For active control, this paper introduces the HMD system for wind-induced vibration control of the Guangzhou TV tower. For semiactive control, the smart damping devices, algorithms for semi-active control, design methods and applications of semi-active control for structures are introduced in this paper. The failure mode control for bridges is also introduced.

Management of redundancy in flight control systems using optimal decision theory

NASA Technical Reports Server (NTRS)

1981-01-01

The problem of using redundancy that exists between dissimilar systems in aircraft flight control is addressed. That is, using the redundancy that exists between a rate gyro and an accelerometer--devices that have dissimilar outputs which are related only through the dynamics of the aircraft motion. Management of this type of redundancy requires advanced logic so that the system can monitor failure status and can reconfigure itself in the event of one or more failures. An optimal decision theory was tutorially developed for the management of sensor redundancy and the theory is applied to two aircraft examples. The first example is the space shuttle and the second is a highly maneuvering high performance aircraft--the F8-C. The examples illustrate the redundancy management design process and the performance of the algorithms presented in failure detection and control law reconfiguration.

A Study of Energy Management Systems and its Failure Modes in Smart Grid Power Distribution

NASA Astrophysics Data System (ADS)

Musani, Aatif

The subject of this thesis is distribution level load management using a pricing signal in a smart grid infrastructure. The project relates to energy management in a spe-cialized distribution system known as the Future Renewable Electric Energy Delivery and Management (FREEDM) system. Energy management through demand response is one of the key applications of smart grid. Demand response today is envisioned as a method in which the price could be communicated to the consumers and they may shift their loads from high price periods to the low price periods. The development and deployment of the FREEDM system necessitates controls of energy and power at the point of end use. In this thesis, the main objective is to develop the control model of the Energy Management System (EMS). The energy and power management in the FREEDM system is digitally controlled therefore all signals containing system states are discrete. The EMS is modeled as a discrete closed loop transfer function in the z-domain. A breakdown of power and energy control devices such as EMS components may result in energy con-sumption error. This leads to one of the main focuses of the thesis which is to identify and study component failures of the designed control system. Moreover, H-infinity ro-bust control method is applied to ensure effectiveness of the control architecture. A focus of the study is cyber security attack, specifically bad data detection in price. Test cases are used to illustrate the performance of the EMS control design, the effect of failure modes and the application of robust control technique. The EMS was represented by a linear z-domain model. The transfer function be-tween the pricing signal and the demand response was designed and used as a test bed. EMS potential failure modes were identified and studied. Three bad data detection meth-odologies were implemented and a voting policy was used to declare bad data. The run-ning mean and standard deviation analysis method proves to be the best method to detect bad data. An H-infinity robust control technique was applied for the first time to design discrete EMS controller for the FREEDM system.

21 CFR 870.3535 - Intra-aortic balloon and control system.

Code of Federal Regulations, 2014 CFR

2014-04-01

... syndrome, cardiac and non-cardiac surgery, or complications of heart failure. The special controls for this... 21 Food and Drugs 8 2014-04-01 2014-04-01 false Intra-aortic balloon and control system. 870.3535... balloon and control system. (a) Identification. An intra-aortic balloon and control system is a...

Flight performance of Skylab attitude and pointing control system

NASA Technical Reports Server (NTRS)

Chubb, W. B.; Kennel, H. F.; Rupp, C. C.; Seltzer, S. M.

1975-01-01

The Skylab attitude and pointing control system (APCS) requirements are briefly reviewed and the way in which they became altered during the prelaunch phase of development is noted. The actual flight mission (including mission alterations during flight) is described. The serious hardware failures that occurred, beginning during ascent through the atmosphere, also are described. The APCS's ability to overcome these failures and meet mission changes are presented. The large around-the-clock support effort on the ground is discussed. Salient design points and software flexibility that should afford pertinent experience for future spacecraft attitude and pointing control system designs are included.

Independent Orbiter Assessment (IOA): Assessment of the reaction control system, volume 3

NASA Technical Reports Server (NTRS)

Prust, Chet D.; Hartman, Dan W.

1988-01-01

The results of the Independent Orbiter Assessment (IOA) of the Failure Modes and Effects Analysis (FMEA) and Critical Items List (CIL) are presented. The IOA effort first completed an analysis of the aft and forward Reaction Control System (RCS) hardware and Electrical Power Distribution and Control (EPD and C), generating draft failure modes and potential critical items. The IOA results were then compared to the proposed Post 51-L NASA FMEA/CIL baseline. This report documents the results of that comparison for the Orbiter RCS hardware and EPD and C systems. Volume 3 continues the presentation of IOA worksheets.

Independent Orbiter Assessment (IOA): Assessment of the reaction control system, volume 2

NASA Technical Reports Server (NTRS)

Prust, Chet D.; Hartman, Dan W.

1988-01-01

The results of the Independent Orbiter Assessment (IOA) of the Failure Modes and Effects Analysis (FMEA) and Critical Items List (CIL) are presented. The IOA effort first completed an analysis of the aft and forward Reaction Control System (RCS) hardware and Electrical Power Distribution and Control (EPD and C), generating draft failure modes and potential critical items. The IOA results were then compared to the proposed Post 51-L NASA FMEA/CIL baseline. This report documents the results of that comparison for the Orbiter RCS hardware and EPD and C systems. Volume 2 continues the presentation of IOA worksheets.

A servo-controlled canine model of stable severe ischemic left ventricular failure.

PubMed

Wagner, Richard L; Hood, William B; Howland, Peter A

2009-12-01

Reversible left ventricular failure was produced in conscious dogs by compromise of the coronary circulation. In animals with prior left anterior descending coronary artery occlusion, mean left atrial pressure (LAP) was incorporated into an automatic feedback control system used to inflate a balloon cuff on the circumflex (Cfx) coronary artery. The system could produce stable increases in LAP to 15-20 mm Hg. The dominating system transfer function was the ratio of LAP to balloon volume (BV), which was characterized by a fixed delay (5 s), with LAP/BV = (8e(-jomegatau ))/(0.02 + jomega). The system was stabilized by a phase lead network to reduce oscillations of LAP. A total of seven experiments were conducted in three dogs, and testing of inotropic agents was possible in three experiments under stable conditions with the pump off after an hour or more of operation. Problems encountered were 0.003-0.008 Hz oscillations in LAP in three experiments, which could usually be controlled by reducing the system gain. Late stage ventricular fibrillation occurred in all three animals, but defibrillation was easily accomplished after deflating the Cfx balloon. This system produces reversible left ventricular failure solely due to ischemia, thus closely simulating clinical heart failure due to coronary insufficiency.

Reliability issues in active control of large flexible space structures

NASA Technical Reports Server (NTRS)

Vandervelde, W. E.

1986-01-01

Efforts in this reporting period were centered on four research tasks: design of failure detection filters for robust performance in the presence of modeling errors, design of generalized parity relations for robust performance in the presence of modeling errors, design of failure sensitive observers using the geometric system theory of Wonham, and computational techniques for evaluation of the performance of control systems with fault tolerance and redundancy management

14 CFR 25.1329 - Flight guidance system.

Code of Federal Regulations, 2014 CFR

2014-01-01

... (or equivalent). The autothrust quick disengagement controls must be located on the thrust control... wheel (or equivalent) and thrust control levers. (b) The effects of a failure of the system to disengage... guidance system. (a) Quick disengagement controls for the autopilot and autothrust functions must be...

14 CFR 25.1329 - Flight guidance system.

Code of Federal Regulations, 2012 CFR

2012-01-01

... (or equivalent). The autothrust quick disengagement controls must be located on the thrust control... wheel (or equivalent) and thrust control levers. (b) The effects of a failure of the system to disengage... guidance system. (a) Quick disengagement controls for the autopilot and autothrust functions must be...

14 CFR 25.1329 - Flight guidance system.

Code of Federal Regulations, 2011 CFR

2011-01-01

... (or equivalent). The autothrust quick disengagement controls must be located on the thrust control... wheel (or equivalent) and thrust control levers. (b) The effects of a failure of the system to disengage... guidance system. (a) Quick disengagement controls for the autopilot and autothrust functions must be...

14 CFR 25.1329 - Flight guidance system.

Code of Federal Regulations, 2013 CFR

2013-01-01

... (or equivalent). The autothrust quick disengagement controls must be located on the thrust control... wheel (or equivalent) and thrust control levers. (b) The effects of a failure of the system to disengage... guidance system. (a) Quick disengagement controls for the autopilot and autothrust functions must be...

14 CFR 25.1329 - Flight guidance system.

Code of Federal Regulations, 2010 CFR

2010-01-01

... (or equivalent). The autothrust quick disengagement controls must be located on the thrust control... wheel (or equivalent) and thrust control levers. (b) The effects of a failure of the system to disengage... guidance system. (a) Quick disengagement controls for the autopilot and autothrust functions must be...

Flight Test Implementation of a Second Generation Intelligent Flight Control System

NASA Technical Reports Server (NTRS)

Williams-Hayes, Peggy S.

2005-01-01

The NASA F-15 Intelligent Flight Control System project team has developed a series of flight control concepts designed to demonstrate the benefits of a neural network-based adaptive controller. The objective of the team was to develop and flight-test control systems that use neural network technology, to optimize the performance of the aircraft under nominal conditions, and to stabilize the aircraft under failure conditions. Failure conditions include locked or failed control surfaces as well as unforeseen damage that might occur to the aircraft in flight. The Intelligent Flight Control System team is currently in the process of implementing a second generation control scheme, collectively known as Generation 2 or Gen 2, for flight testing on the NASA F-15 aircraft. This report describes the Gen 2 system as implemented by the team for flight test evaluation. Simulation results are shown which describe the experiment to be performed in flight and highlight the ways in which the Gen 2 system meets the defined objectives.

A Fault Tolerant System for an Integrated Avionics Sensor Configuration

NASA Technical Reports Server (NTRS)

Caglayan, A. K.; Lancraft, R. E.

1984-01-01

An aircraft sensor fault tolerant system methodology for the Transport Systems Research Vehicle in a Microwave Landing System (MLS) environment is described. The fault tolerant system provides reliable estimates in the presence of possible failures both in ground-based navigation aids, and in on-board flight control and inertial sensors. Sensor failures are identified by utilizing the analytic relationships between the various sensors arising from the aircraft point mass equations of motion. The estimation and failure detection performance of the software implementation (called FINDS) of the developed system was analyzed on a nonlinear digital simulation of the research aircraft. Simulation results showing the detection performance of FINDS, using a dual redundant sensor compliment, are presented for bias, hardover, null, ramp, increased noise and scale factor failures. In general, the results show that FINDS can distinguish between normal operating sensor errors and failures while providing an excellent detection speed for bias failures in the MLS, indicated airspeed, attitude and radar altimeter sensors.

Extracorporeal liver assist device to exchange albumin and remove endotoxin in acute liver failure: Results of a pivotal pre-clinical study.

PubMed

Lee, Karla C L; Baker, Luisa A; Stanzani, Giacomo; Alibhai, Hatim; Chang, Yu Mei; Jimenez Palacios, Carolina; Leckie, Pamela J; Giordano, Paola; Priestnall, Simon L; Antoine, Daniel J; Jenkins, Rosalind E; Goldring, Christopher E; Park, B Kevin; Andreola, Fausto; Agarwal, Banwari; Mookerjee, Rajeshwar P; Davies, Nathan A; Jalan, Rajiv

2015-09-01

In acute liver failure, severity of liver injury and clinical progression of disease are in part consequent upon activation of the innate immune system. Endotoxaemia contributes to innate immune system activation and the detoxifying function of albumin, critical to recovery from liver injury, is irreversibly destroyed in acute liver failure. University College London-Liver Dialysis Device is a novel artificial extracorporeal liver assist device, which is used with albumin infusion, to achieve removal and replacement of dysfunctional albumin and reduction in endotoxaemia. We aimed to test the effect of this device on survival in a pig model of acetaminophen-induced acute liver failure. Pigs were randomised to three groups: Acetaminophen plus University College London-Liver Dialysis Device (n=9); Acetaminophen plus Control Device (n=7); and Control plus Control Device (n=4). Device treatment was initiated two h after onset of irreversible acute liver failure. The Liver Dialysis Device resulted in 67% reduced risk of death in acetaminophen-induced acute liver failure compared to Control Device (hazard ratio=0.33, p=0.0439). This was associated with 27% decrease in circulating irreversibly oxidised human non-mercaptalbumin-2 throughout treatment (p=0.046); 54% reduction in overall severity of endotoxaemia (p=0.024); delay in development of vasoplegia and acute lung injury; and delay in systemic activation of the TLR4 signalling pathway. Liver Dialysis Device-associated adverse clinical effects were not seen. The survival benefit and lack of adverse effects would support clinical trials of University College London-Liver Dialysis Device in acute liver failure patients. Copyright © 2015 European Association for the Study of the Liver. Published by Elsevier B.V. All rights reserved.

Intelligent redundant actuation system requirements and preliminary system design

NASA Technical Reports Server (NTRS)

Defeo, P.; Geiger, L. J.; Harris, J.

1985-01-01

Several redundant actuation system configurations were designed and demonstrated to satisfy the stringent operational requirements of advanced flight control systems. However, this has been accomplished largely through brute force hardware redundancy, resulting in significantly increased computational requirements on the flight control computers which perform the failure analysis and reconfiguration management. Modern technology now provides powerful, low-cost microprocessors which are effective in performing failure isolation and configuration management at the local actuator level. One such concept, called an Intelligent Redundant Actuation System (IRAS), significantly reduces the flight control computer requirements and performs the local tasks more comprehensively than previously feasible. The requirements and preliminary design of an experimental laboratory system capable of demonstrating the concept and sufficiently flexible to explore a variety of configurations are discussed.

A Automated Tool for Supporting FMEAs of Digital Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Yue,M.; Chu, T.-L.; Martinez-Guridi, G.

2008-09-07

Although designs of digital systems can be very different from each other, they typically use many of the same types of generic digital components. Determining the impacts of the failure modes of these generic components on a digital system can be used to support development of a reliability model of the system. A novel approach was proposed for such a purpose by decomposing the system into a level of the generic digital components and propagating failure modes to the system level, which generally is time-consuming and difficult to implement. To overcome the associated issues of implementing the proposed FMEA approach,more » an automated tool for a digital feedwater control system (DFWCS) has been developed in this study. The automated FMEA tool is in nature a simulation platform developed by using or recreating the original source code of the different module software interfaced by input and output variables that represent physical signals exchanged between modules, the system, and the controlled process. For any given failure mode, its impacts on associated signals are determined first and the variables that correspond to these signals are modified accordingly by the simulation. Criteria are also developed, as part of the simulation platform, to determine whether the system has lost its automatic control function, which is defined as a system failure in this study. The conceptual development of the automated FMEA support tool can be generalized and applied to support FMEAs for reliability assessment of complex digital systems.« less

Restricted Complexity Framework for Nonlinear Adaptive Control in Complex Systems

NASA Astrophysics Data System (ADS)

Williams, Rube B.

2004-02-01

Control law adaptation that includes implicit or explicit adaptive state estimation, can be a fundamental underpinning for the success of intelligent control in complex systems, particularly during subsystem failures, where vital system states and parameters can be impractical or impossible to measure directly. A practical algorithm is proposed for adaptive state filtering and control in nonlinear dynamic systems when the state equations are unknown or are too complex to model analytically. The state equations and inverse plant model are approximated by using neural networks. A framework for a neural network based nonlinear dynamic inversion control law is proposed, as an extrapolation of prior developed restricted complexity methodology used to formulate the adaptive state filter. Examples of adaptive filter performance are presented for an SSME simulation with high pressure turbine failure to support extrapolations to adaptive control problems.

Failure probability under parameter uncertainty.

PubMed

Gerrard, R; Tsanakas, A

2011-05-01

In many problems of risk analysis, failure is equivalent to the event of a random risk factor exceeding a given threshold. Failure probabilities can be controlled if a decisionmaker is able to set the threshold at an appropriate level. This abstract situation applies, for example, to environmental risks with infrastructure controls; to supply chain risks with inventory controls; and to insurance solvency risks with capital controls. However, uncertainty around the distribution of the risk factor implies that parameter error will be present and the measures taken to control failure probabilities may not be effective. We show that parameter uncertainty increases the probability (understood as expected frequency) of failures. For a large class of loss distributions, arising from increasing transformations of location-scale families (including the log-normal, Weibull, and Pareto distributions), the article shows that failure probabilities can be exactly calculated, as they are independent of the true (but unknown) parameters. Hence it is possible to obtain an explicit measure of the effect of parameter uncertainty on failure probability. Failure probability can be controlled in two different ways: (1) by reducing the nominal required failure probability, depending on the size of the available data set, and (2) by modifying of the distribution itself that is used to calculate the risk control. Approach (1) corresponds to a frequentist/regulatory view of probability, while approach (2) is consistent with a Bayesian/personalistic view. We furthermore show that the two approaches are consistent in achieving the required failure probability. Finally, we briefly discuss the effects of data pooling and its systemic risk implications. © 2010 Society for Risk Analysis.

Addressing Production System Failures Using Multi-agent Control

NASA Astrophysics Data System (ADS)

Gautam, Rajesh; Miyashita, Kazuo

Output in high-volume production facilities is limited by bottleneck machines. We propose a control mechanism by modeling workstations as agents that pull jobs from other agents based on their current WIP level and requirements. During failures, when flows of some jobs are disrupted, the agents pull alternative jobs to maintain utilization of their capacity at a high level. In this paper, we empirically demonstrate that the proposed mechanism can react to failures more appropriately than other control mechanisms using a benchmark problem of a semiconductor manufacturing process.

Behavioral Economics of Self-Control Failure

PubMed Central

Heshmat, Shahram

2015-01-01

The main idea in this article is that addiction is a consequence of falling victim to decision failures that lead to preference for the addictive behaviors. Addiction is viewed as valuation disease, where the nervous system overvalues cues associated with drugs or drug-taking. Thus, addiction can be viewed as a diminished capacity to choose. Addicted individuals assign lower values to delayed rewards than to immediate ones. The preference for immediate gratification leads to self-control problems. This article highlights a number of motivational forces that can generate self-control failure. PMID:26339218

Asymmetrical booster guidance and control system design study. Volume 3: Space shuttle vehicle SRB actuator failure study. [space shuttle development

NASA Technical Reports Server (NTRS)

Williams, F. E.; Lemon, R. S.

1974-01-01

The investigation of single actuator failures on the space shuttle solid rocket booster required the analysis of both square pattern and diamond pattern actuator configurations. It was determined that for failures occuring near or prior to the region of maximum dynamic pressure, control gain adjustments can be used to achieve virtually nominal mid-boost vehicle behavior. A distinct worst case failure condition was established near staging that could significantly delay staging. It is recommended that the square pattern be retained as a viable alternative to the baseline diamond pattern because the staging transient is better controlled resulting in earlier staging.

Flight Results of the NF-15B Intelligent Flight Control System (IFCS) Aircraft with Adaptation to a Longitudinally Destabilized Plant

NASA Technical Reports Server (NTRS)

Bosworth, John T.

2008-01-01

Adaptive flight control systems have the potential to be resilient to extreme changes in airplane behavior. Extreme changes could be a result of a system failure or of damage to the airplane. The goal for the adaptive system is to provide an increase in survivability in the event that these extreme changes occur. A direct adaptive neural-network-based flight control system was developed for the National Aeronautics and Space Administration NF-15B Intelligent Flight Control System airplane. The adaptive element was incorporated into a dynamic inversion controller with explicit reference model-following. As a test the system was subjected to an abrupt change in plant stability simulating a destabilizing failure. Flight evaluations were performed with and without neural network adaptation. The results of these flight tests are presented. Comparison with simulation predictions and analysis of the performance of the adaptation system are discussed. The performance of the adaptation system is assessed in terms of its ability to stabilize the vehicle and reestablish good onboard reference model-following. Flight evaluation with the simulated destabilizing failure and adaptation engaged showed improvement in the vehicle stability margins. The convergent properties of this initial system warrant additional improvement since continued maneuvering caused continued adaptation change. Compared to the non-adaptive system the adaptive system provided better closed-loop behavior with improved matching of the onboard reference model. A detailed discussion of the flight results is presented.

Nonparametric method for failures detection and localization in the actuating subsystem of aircraft control system

NASA Astrophysics Data System (ADS)

Karpenko, S. S.; Zybin, E. Yu; Kosyanchuk, V. V.

2018-02-01

In this paper we design a nonparametric method for failures detection and localization in the aircraft control system that uses the measurements of the control signals and the aircraft states only. It doesn’t require a priori information of the aircraft model parameters, training or statistical calculations, and is based on algebraic solvability conditions for the aircraft model identification problem. This makes it possible to significantly increase the efficiency of detection and localization problem solution by completely eliminating errors, associated with aircraft model uncertainties.

F-15 IFCS: Intelligent Flight Control System

NASA Technical Reports Server (NTRS)

Bosworth, John

2007-01-01

This viewgraph presentation describes the F-15 Intelligent Flight Control System (IFCS). The goals of this project include: 1) Demonstrate revolutionary control approaches that can efficiently optimize aircraft performance in both normal and failure conditions; and 2) Demonstrate advance neural network-based flight control technology for new aerospace systems designs.

A variable-gain output feedback control design methodology

NASA Technical Reports Server (NTRS)

Halyo, Nesim; Moerder, Daniel D.; Broussard, John R.; Taylor, Deborah B.

1989-01-01

A digital control system design technique is developed in which the control system gain matrix varies with the plant operating point parameters. The design technique is obtained by formulating the problem as an optimal stochastic output feedback control law with variable gains. This approach provides a control theory framework within which the operating range of a control law can be significantly extended. Furthermore, the approach avoids the major shortcomings of the conventional gain-scheduling techniques. The optimal variable gain output feedback control problem is solved by embedding the Multi-Configuration Control (MCC) problem, previously solved at ICS. An algorithm to compute the optimal variable gain output feedback control gain matrices is developed. The algorithm is a modified version of the MCC algorithm improved so as to handle the large dimensionality which arises particularly in variable-gain control problems. The design methodology developed is applied to a reconfigurable aircraft control problem. A variable-gain output feedback control problem was formulated to design a flight control law for an AFTI F-16 aircraft which can automatically reconfigure its control strategy to accommodate failures in the horizontal tail control surface. Simulations of the closed-loop reconfigurable system show that the approach produces a control design which can accommodate such failures with relative ease. The technique can be applied to many other problems including sensor failure accommodation, mode switching control laws and super agility.

14 CFR 29.687 - Spring devices.

Code of Federal Regulations, 2013 CFR

2013-01-01

... STANDARDS: TRANSPORT CATEGORY ROTORCRAFT Design and Construction Control Systems § 29.687 Spring devices. (a) Each control system spring device whose failure could cause flutter or other unsafe characteristics...

14 CFR 27.687 - Spring devices.

Code of Federal Regulations, 2013 CFR

2013-01-01

... STANDARDS: NORMAL CATEGORY ROTORCRAFT Design and Construction Control Systems § 27.687 Spring devices. (a) Each control system spring device whose failure could cause flutter or other unsafe characteristics...

Independent Orbiter Assessment (IOA): Assessment of the reaction control system, volume 4

NASA Technical Reports Server (NTRS)

Prust, Chet D.; Hartman, Dan W.

1988-01-01

The results of the Independent Orbiter Assessment (IOA) of the Failure Modes and Effects Analysis (FMEA) and Critical Items List (CIL) are presented. The IOA effort first completed an analysis of the aft and forward Reaction Control System (RCS) hardware and Electrical Power Distribution and Control (EPD and C), generating draft failure modes and potential critical items. The IOA results were then compared to the proposed Post 51-L NASA FMEA/CIL baseline. This report documents the results of that comparison for the Orbiter RCS hardware and EPD and C systems. Volume 4 continues the presentation of IOA worksheets and contains the potential critical items list.

Intelligent systems for strategic power infrastructure defense

NASA Astrophysics Data System (ADS)

Jung, Ju-Hwan

A fault or disturbance in a power system can be severe due to the sources of vulnerability such as human errors, protection and control system failures, a failure of communication networks to deliver critical control signals, and market and load uncertainties. There have been several catastrophic failures resulting from disturbances involving the sources of vulnerability while power systems are designed to withstand disturbances or faults. To avoid catastrophic failures or minimize the impact of a disturbance(s), the state of the power system has to be analyzed correctly and preventive or corrective self-healing control actions have to be deployed. This dissertation addresses two aspects of power systems: Defense system and diagnosis, both concerned with the power system analysis and operation during events involving faults or disturbances. This study is intended to develop a defense system that is able to assess power system vulnerability and to perform self-healing control actions based on the system-wide analysis. In order to meet the requirements of the system-wide analysis, the defense system is designed with multi-agent system technologies. Since power systems are dynamic and uncertain the self-healing control actions need to be adaptive. This study applies the reinforcement learning technique to provide a theoretical basis for adaptation. One of the important issues in adaptation is the convergence of the learning algorithm. An appropriate convergence criterion is derived and an application with a load-shedding scheme is demonstrated in this study. This dissertation also demonstrates the feasibility of the defense system and self-healing control actions through multi-agent system technologies. The other subject of this research is to investigate the methodology for on-line fault diagnosis using the information from Sequence-of-Events Recorders (SER). The proposed multiple-hypothesis analysis generates one or more hypothetical fault scenarios to interpret the SER information. In order to avoid ambiguity of the hypotheses, this study proposes a new method to determine the credibility of each hypothesis. Even if there is not enough SER information, the proposed method is able to perform an accurate fault and malfunction analysis. To avoid exhaustive testing, a minimal set of test scenarios is derived, which is able to handle missing information and SERs. During extreme contingencies or cascading events, fault diagnosis is the first step in the operation of the power system. On-line fault diagnosis provides necessary and correct information for the defense system to make correct and efficient decisions on self-healing control actions. It has been shown in previous studies that incorrect fault diagnosis can lead to catastrophic failures in power systems. Fault diagnosis is an important issue for strategic power infrastructure defense.

Detecting Solenoid Valve Deterioration in In-Use Electronic Diesel Fuel Injection Control Systems

PubMed Central

Tsai, Hsun-Heng; Tseng, Chyuan-Yow

2010-01-01

The diesel engine is the main power source for most agricultural vehicles. The control of diesel engine emissions is an important global issue. Fuel injection control systems directly affect fuel efficiency and emissions of diesel engines. Deterioration faults, such as rack deformation, solenoid valve failure, and rack-travel sensor malfunction, are possibly in the fuel injection module of electronic diesel control (EDC) systems. Among these faults, solenoid valve failure is most likely to occur for in-use diesel engines. According to the previous studies, this failure is a result of the wear of the plunger and sleeve, based on a long period of usage, lubricant degradation, or engine overheating. Due to the difficulty in identifying solenoid valve deterioration, this study focuses on developing a sensor identification algorithm that can clearly classify the usability of the solenoid valve, without disassembling the fuel pump of an EDC system for in-use agricultural vehicles. A diagnostic algorithm is proposed, including a feedback controller, a parameter identifier, a linear variable differential transformer (LVDT) sensor, and a neural network classifier. Experimental results show that the proposed algorithm can accurately identify the usability of solenoid valves. PMID:22163597

Detecting solenoid valve deterioration in in-use electronic diesel fuel injection control systems.

PubMed

Tsai, Hsun-Heng; Tseng, Chyuan-Yow

2010-01-01

The diesel engine is the main power source for most agricultural vehicles. The control of diesel engine emissions is an important global issue. Fuel injection control systems directly affect fuel efficiency and emissions of diesel engines. Deterioration faults, such as rack deformation, solenoid valve failure, and rack-travel sensor malfunction, are possibly in the fuel injection module of electronic diesel control (EDC) systems. Among these faults, solenoid valve failure is most likely to occur for in-use diesel engines. According to the previous studies, this failure is a result of the wear of the plunger and sleeve, based on a long period of usage, lubricant degradation, or engine overheating. Due to the difficulty in identifying solenoid valve deterioration, this study focuses on developing a sensor identification algorithm that can clearly classify the usability of the solenoid valve, without disassembling the fuel pump of an EDC system for in-use agricultural vehicles. A diagnostic algorithm is proposed, including a feedback controller, a parameter identifier, a linear variable differential transformer (LVDT) sensor, and a neural network classifier. Experimental results show that the proposed algorithm can accurately identify the usability of solenoid valves.

Controlling the self-organizing dynamics in a sandpile model on complex networks by failure tolerance

DOE Office of Scientific and Technical Information (OSTI.GOV)

Qi, Junjian; Pfenninger, Stefan

In this paper, we propose a strategy to control the self-organizing dynamics of the Bak-Tang-Wiesenfeld (BTW) sandpile model on complex networks by allowing some degree of failure tolerance for the nodes and introducing additional active dissipation while taking the risk of possible node damage. We show that the probability for large cascades significantly increases or decreases respectively when the risk for node damage outweighs the active dissipation and when the active dissipation outweighs the risk for node damage. By considering the potential additional risk from node damage, a non-trivial optimal active dissipation control strategy which minimizes the total cost inmore » the system can be obtained. Under some conditions the introduced control strategy can decrease the total cost in the system compared to the uncontrolled model. Moreover, when the probability of damaging a node experiencing failure tolerance is greater than the critical value, then no matter how successful the active dissipation control is, the total cost of the system will have to increase. This critical damage probability can be used as an indicator of the robustness of a network or system. Copyright (C) EPLA, 2015« less

14 CFR 23.672 - Stability augmentation and automatic and power-operated systems.

Code of Federal Regulations, 2010 CFR

2010-01-01

... CATEGORY AIRPLANES Design and Construction Control Systems § 23.672 Stability augmentation and automatic... systems must not activate the control system. (b) The design of the stability augmentation system or of... thereof, or by overriding the failure by movement of the flight controls in the normal sense. (c) It must...

14 CFR 23.672 - Stability augmentation and automatic and power-operated systems.

Code of Federal Regulations, 2012 CFR

2012-01-01

... CATEGORY AIRPLANES Design and Construction Control Systems § 23.672 Stability augmentation and automatic... systems must not activate the control system. (b) The design of the stability augmentation system or of... thereof, or by overriding the failure by movement of the flight controls in the normal sense. (c) It must...

14 CFR 23.672 - Stability augmentation and automatic and power-operated systems.

Code of Federal Regulations, 2014 CFR

2014-01-01

... CATEGORY AIRPLANES Design and Construction Control Systems § 23.672 Stability augmentation and automatic... systems must not activate the control system. (b) The design of the stability augmentation system or of... thereof, or by overriding the failure by movement of the flight controls in the normal sense. (c) It must...

14 CFR 23.672 - Stability augmentation and automatic and power-operated systems.

Code of Federal Regulations, 2013 CFR

2013-01-01

... CATEGORY AIRPLANES Design and Construction Control Systems § 23.672 Stability augmentation and automatic... systems must not activate the control system. (b) The design of the stability augmentation system or of... thereof, or by overriding the failure by movement of the flight controls in the normal sense. (c) It must...

14 CFR 23.672 - Stability augmentation and automatic and power-operated systems.

Code of Federal Regulations, 2011 CFR

2011-01-01

... CATEGORY AIRPLANES Design and Construction Control Systems § 23.672 Stability augmentation and automatic... systems must not activate the control system. (b) The design of the stability augmentation system or of... thereof, or by overriding the failure by movement of the flight controls in the normal sense. (c) It must...

Spacecraft dynamics characterization and control system failure detection. Volume 3: Control system failure monitoring

NASA Technical Reports Server (NTRS)

Vanschalkwyk, Christiaan M.

1992-01-01

We discuss the application of Generalized Parity Relations to two experimental flexible space structures, the NASA Langley Mini-Mast and Marshall Space Flight Center ACES mast. We concentrate on the generation of residuals and make no attempt to implement the Decision Function. It should be clear from the examples that are presented whether it would be possible to detect the failure of a specific component. We derive the equations from Generalized Parity Relations. Two special cases are treated: namely, Single Sensor Parity Relations (SSPR) and Double Sensor Parity Relations (DSPR). Generalized Parity Relations for actuators are also derived. The NASA Langley Mini-Mast and the application of SSPR and DSPR to a set of displacement sensors located at the tip of the Mini-Mast are discussed. The performance of a reduced order model that includes the first five models of the mast is compared to a set of parity relations that was identified on a set of input-output data. Both time domain and frequency domain comparisons are made. The effect of the sampling period and model order on the performance of the Residual Generators are also discussed. Failure detection experiments where the sensor set consisted of two gyros and an accelerometer are presented. The effects of model order and sampling frequency are again illustrated. The detection of actuator failures is discussed. We use Generalized Parity Relations to monitor control system component failures on the ACES mast. An overview is given of the Failure Detection Filter and experimental results are discussed. Conclusions and directions for future research are given.

Mission Data System Java Edition Version 7

NASA Technical Reports Server (NTRS)

Reinholtz, William K.; Wagner, David A.

2013-01-01

The Mission Data System framework defines closed-loop control system abstractions from State Analysis including interfaces for state variables, goals, estimators, and controllers that can be adapted to implement a goal-oriented control system. The framework further provides an execution environment that includes a goal scheduler, execution engine, and fault monitor that support the expression of goal network activity plans. Using these frameworks, adapters can build a goal-oriented control system where activity coordination is verified before execution begins (plan time), and continually during execution. Plan failures including violations of safety constraints expressed in the plan can be handled through automatic re-planning. This version optimizes a number of key interfaces and features to minimize dependencies, performance overhead, and improve reliability. Fault diagnosis and real-time projection capabilities are incorporated. This version enhances earlier versions primarily through optimizations and quality improvements that raise the technology readiness level. Goals explicitly constrain system states over explicit time intervals to eliminate ambiguity about intent, as compared to command-oriented control that only implies persistent intent until another command is sent. A goal network scheduling and verification process ensures that all goals in the plan are achievable before starting execution. Goal failures at runtime can be detected (including predicted failures) and handled by adapted response logic. Responses can include plan repairs (try an alternate tactic to achieve the same goal), goal shedding, ignoring the fault, cancelling the plan, or safing the system.

Handling Qualities of Model Reference Adaptive Controllers with Varying Complexity for Pitch-Roll Coupled Failures

NASA Technical Reports Server (NTRS)

Schaefer, Jacob; Hanson, Curt; Johnson, Marcus A.; Nguyen, Nhan

2011-01-01

Three model reference adaptive controllers (MRAC) with varying levels of complexity were evaluated on a high performance jet aircraft and compared along with a baseline nonlinear dynamic inversion controller. The handling qualities and performance of the controllers were examined during failure conditions that induce coupling between the pitch and roll axes. Results from flight tests showed with a roll to pitch input coupling failure, the handling qualities went from Level 2 with the baseline controller to Level 1 with the most complex MRAC tested. A failure scenario with the left stabilator frozen also showed improvement with the MRAC. Improvement in performance and handling qualities was generally seen as complexity was incrementally added; however, added complexity usually corresponds to increased verification and validation effort required for certification. The tradeoff between complexity and performance is thus important to a controls system designer when implementing an adaptive controller on an aircraft. This paper investigates this relation through flight testing of several controllers of vary complexity.

Finite Energy and Bounded Attacks on Control System Sensor Signals

DOE Office of Scientific and Technical Information (OSTI.GOV)

Djouadi, Seddik M; Melin, Alexander M; Ferragut, Erik M

Control system networks are increasingly being connected to enterprise level networks. These connections leave critical industrial controls systems vulnerable to cyber-attacks. Most of the effort in protecting these cyber-physical systems (CPS) has been in securing the networks using information security techniques and protection and reliability concerns at the control system level against random hardware and software failures. However, besides these failures the inability of information security techniques to protect against all intrusions means that the control system must be resilient to various signal attacks for which new analysis and detection methods need to be developed. In this paper, sensor signalmore » attacks are analyzed for observer-based controlled systems. The threat surface for sensor signal attacks is subdivided into denial of service, finite energy, and bounded attacks. In particular, the error signals between states of attack free systems and systems subject to these attacks are quantified. Optimal sensor and actuator signal attacks for the finite and infinite horizon linear quadratic (LQ) control in terms of maximizing the corresponding cost functions are computed. The closed-loop system under optimal signal attacks are provided. Illustrative numerical examples are provided together with an application to a power network with distributed LQ controllers.« less

Distributed fault-tolerant time-varying formation control for high-order linear multi-agent systems with actuator failures.

PubMed

Hua, Yongzhao; Dong, Xiwang; Li, Qingdong; Ren, Zhang

2017-11-01

This paper investigates the fault-tolerant time-varying formation control problems for high-order linear multi-agent systems in the presence of actuator failures. Firstly, a fully distributed formation control protocol is presented to compensate for the influences of both bias fault and loss of effectiveness fault. Using the adaptive online updating strategies, no global knowledge about the communication topology is required and the bounds of actuator failures can be unknown. Then an algorithm is proposed to determine the control parameters of the fault-tolerant formation protocol, where the time-varying formation feasible conditions and an approach to expand the feasible formation set are given. Furthermore, the stability of the proposed algorithm is proven based on the Lyapunov-like theory. Finally, two simulation examples are given to demonstrate the effectiveness of the theoretical results. Copyright © 2017 ISA. Published by Elsevier Ltd. All rights reserved.

40 CFR 86.1803-01 - Definitions.

Code of Federal Regulations, 2011 CFR

2011-07-01

... operator prior to procurement. Auxiliary Emission Control Device (AECD) means any element of design which... components are those components which are designed primarily for emission control, or whose failure may... of design means any control system (i.e., computer software, electronic control system, emission...

40 CFR 86.1803-01 - Definitions.

Code of Federal Regulations, 2012 CFR

2012-07-01

... prior to procurement. Auxiliary Emission Control Device (AECD) means any element of design which senses... components are those components which are designed primarily for emission control, or whose failure may... of design means any control system (i.e., computer software, electronic control system, emission...

14 CFR 25.671 - General.

Code of Federal Regulations, 2013 CFR

2013-01-01

... electrical failure). (3) Any jam in a control position normally encountered during takeoff, climb, cruise... STANDARDS: TRANSPORT CATEGORY AIRPLANES Design and Construction Control Systems § 25.671 General. (a) Each control and control system must operate with the ease, smoothness, and positiveness appropriate to its...

Thermomechanical Controls on the Success and Failure of Continental Rift Systems

NASA Astrophysics Data System (ADS)

Brune, S.

2017-12-01

Studies of long-term continental rift evolution are often biased towards rifts that succeed in breaking the continent like the North Atlantic, South China Sea, or South Atlantic rifts. However there are many prominent rift systems on Earth where activity stopped before the formation of a new ocean basin such as the North Sea, the West and Central African Rifts, or the West Antarctic Rift System. The factors controlling the success and failure of rifts can be divided in two groups: (1) Intrinsic processes - for instance frictional weakening, lithospheric thinning, shear heating or the strain-dependent growth of rift strength by replacing weak crust with strong mantle. (2) External processes - such as a change of plate divergence rate, the waning of a far-field driving force, or the arrival of a mantle plume. Here I use numerical and analytical modeling to investigate the role of these processes for the success and failure of rift systems. These models show that a change of plate divergence rate under constant force extension is controlled by the non-linearity of lithospheric materials. For successful rifts, a strong increase in divergence velocity can be expected to take place within few million years, a prediction that agrees with independent plate tectonic reconstructions of major Mesozoic and Cenozoic ocean-forming rift systems. Another model prediction is that oblique rifting is mechanically favored over orthogonal rifting, which means that simultaneous deformation within neighboring rift systems of different obliquity and otherwise identical properties will lead to success and failure of the more and less oblique rift, respectively. This can be exemplified by the Cretaceous activity within the Equatorial Atlantic and the West African Rifts that lead to the formation of a highly oblique oceanic spreading center and the failure of the West African Rift System. While in nature the circumstances of rift success or failure may be manifold, simplified numerical and analytical models allow the isolated analysis of various contributing factors and to define a characteristic time scale for each process.

Fault tree applications within the safety program of Idaho Nuclear Corporation

NASA Technical Reports Server (NTRS)

Vesely, W. E.

1971-01-01

Computerized fault tree analyses are used to obtain both qualitative and quantitative information about the safety and reliability of an electrical control system that shuts the reactor down when certain safety criteria are exceeded, in the design of a nuclear plant protection system, and in an investigation of a backup emergency system for reactor shutdown. The fault tree yields the modes by which the system failure or accident will occur, the most critical failure or accident causing areas, detailed failure probabilities, and the response of safety or reliability to design modifications and maintenance schemes.

D0 General Support: The Use of Programmable Logic Controllers (PLCS) at D0

DOE Office of Scientific and Technical Information (OSTI.GOV)

Hance, R.; /Fermilab

With the exception of control of heating, ventilation, and air conditioning (HVAC) ventilation fans, and their shutdown in the case of smoke in the ducts, all implementations of Programmable Logic Controllers (PLCs) in Dzero have been made within the fundamental premise that no uncertified PLC apparatus shall be entrusted with the safety of equipment or personnel. Thus although PLCs are used to control and monitor all manner of intricate equipment, simple hardware interlocks and relief devices provide basic protection against component failure, control failure, or inappropriate control operation. Nevertheless, this report includes two observations as follows: (1) It may bemore » prudent to reconfigure the link between the Pyrotronics system and the HVAC system such that the Pyrotronics system provides interlocks to the ventilation fans instead of control inputs to the uncertified HVAC PLCs. Although the Pyrotronics system is certified and maintained to life safety standards, the HVAC system is not. A hardware or software failure of the HVAC system probably should not be allowed to result in the situation where the ventilation fans in a smoke filled duct continue to operate. Dan Markley is investigating this matter. (2) It may also be prudent to examine the network security of those systems connected to the Fermilab WAN (HVAC, Cryo, and Solenoid Controls). Even though the impact of a successful hack might only be to operations, it might nevertheless be disruptive and could be expensive. The risks should perhaps be analyzed. One of the most attractive features of these systems, from a user's viewpoint, is their unlimited networking. The unlimited networking that makes the systems so convenient to legitimate access also makes them vulnerable to illegitimate access.« less

X-framework: Space system failure analysis framework

NASA Astrophysics Data System (ADS)

Newman, John Steven

Space program and space systems failures result in financial losses in the multi-hundred million dollar range every year. In addition to financial loss, space system failures may also represent the loss of opportunity, loss of critical scientific, commercial and/or national defense capabilities, as well as loss of public confidence. The need exists to improve learning and expand the scope of lessons documented and offered to the space industry project team. One of the barriers to incorporating lessons learned include the way in which space system failures are documented. Multiple classes of space system failure information are identified, ranging from "sound bite" summaries in space insurance compendia, to articles in journals, lengthy data-oriented (what happened) reports, and in some rare cases, reports that treat not only the what, but also the why. In addition there are periodically published "corporate crisis" reports, typically issued after multiple or highly visible failures that explore management roles in the failure, often within a politically oriented context. Given the general lack of consistency, it is clear that a good multi-level space system/program failure framework with analytical and predictive capability is needed. This research effort set out to develop such a model. The X-Framework (x-fw) is proposed as an innovative forensic failure analysis approach, providing a multi-level understanding of the space system failure event beginning with the proximate cause, extending to the directly related work or operational processes and upward through successive management layers. The x-fw focus is on capability and control at the process level and examines: (1) management accountability and control, (2) resource and requirement allocation, and (3) planning, analysis, and risk management at each level of management. The x-fw model provides an innovative failure analysis approach for acquiring a multi-level perspective, direct and indirect causation of failures, and generating better and more consistent reports. Through this approach failures can be more fully understood, existing programs can be evaluated and future failures avoided. The x-fw development involved a review of the historical failure analysis and prevention literature, coupled with examination of numerous failure case studies. Analytical approaches included use of a relational failure "knowledge base" for classification and sorting of x-fw elements and attributes for each case. In addition a novel "management mapping" technique was developed as a means of displaying an integrated snapshot of indirect causes within the management chain. Further research opportunities will extend the depth of knowledge available for many of the component level cases. In addition, the x-fw has the potential to expand the scope of space sector lessons learned, and contribute to knowledge management and organizational learning.

Trends in modern system theory

NASA Technical Reports Server (NTRS)

Athans, M.

1976-01-01

The topics considered are related to linear control system design, adaptive control, failure detection, control under failure, system reliability, and large-scale systems and decentralized control. It is pointed out that the design of a linear feedback control system which regulates a process about a desirable set point or steady-state condition in the presence of disturbances is a very important problem. The linearized dynamics of the process are used for design purposes. The typical linear-quadratic design involving the solution of the optimal control problem of a linear time-invariant system with respect to a quadratic performance criterion is considered along with gain reduction theorems and the multivariable phase margin theorem. The stumbling block in many adaptive design methodologies is associated with the amount of real time computation which is necessary. Attention is also given to the desperate need to develop good theories for large-scale systems, the beginning of a microprocessor revolution, the translation of the Wiener-Hopf theory into the time domain, and advances made in dynamic team theory, dynamic stochastic games, and finite memory stochastic control.

14 CFR Appendix I to Part 25 - Installation of an Automatic Takeoff Thrust Control System (ATTCS)

Code of Federal Regulations, 2010 CFR

2010-01-01

...) This appendix specifies additional requirements for installation of an engine power control system that... crew to increase thrust or power. I25.2Definitions. (a) Automatic Takeoff Thrust Control System (ATTCS... mechanical and electrical, that sense engine failure, transmit signals, actuate fuel controls or power levers...

78 FR 79300 - Cardiovascular Devices; Reclassification of Intra-Aortic Balloon and Control Systems for Acute...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-12-30

... balloon and control system (IABP) devices when indicated for acute coronary syndrome, cardiac and non... and non-cardiac surgery, or complications of heart failure. The special controls for this device are.... FDA-2013-N-0581] Cardiovascular Devices; Reclassification of Intra-Aortic Balloon and Control Systems...

DOE Office of Scientific and Technical Information (OSTI.GOV)

Dobson, Ian; Hiskens, Ian; Linderoth, Jeffrey

Building on models of electrical power systems, and on powerful mathematical techniques including optimization, model predictive control, and simluation, this project investigated important issues related to the stable operation of power grids. A topic of particular focus was cascading failures of the power grid: simulation, quantification, mitigation, and control. We also analyzed the vulnerability of networks to component failures, and the design of networks that are responsive to and robust to such failures. Numerous other related topics were investigated, including energy hubs and cascading stall of induction machines

Fracture and failure: Analyses, mechanisms and applications; Proceedings of the Symposium, Los Angeles, CA, March 17-20, 1980

NASA Technical Reports Server (NTRS)

Tung, P. P. (Editor); Agrawal, S. P.; Kumar, A.; Katcher, M.

1981-01-01

Papers are presented on the application of fracture mechanics to spacecraft design, fracture control applications on the Space Shuttle reaction control thrusters, and an assessment of fatigue crack growth rate relationships for metallic airframe materials. Also considered are fracture mechanisms and microstructural relationships in Ni-base alloy systems, the use of surface deformation markings to determine crack propagation directions, case histories of metallurgical failures in the electronics industry, and a failure analysis of silica phenolic nozzle liners.

A multicenter randomized controlled evaluation of automated home monitoring and telephonic disease management in patients recently hospitalized for congestive heart failure: the SPAN-CHF II trial.

PubMed

Weintraub, Andrew; Gregory, Douglas; Patel, Ayan R; Levine, Daniel; Venesy, David; Perry, Kathleen; Delano, Christine; Konstam, Marvin A

2010-04-01

We performed a prospective, randomized investigation assessing the incremental effect of automated health monitoring (AHM) technology over and above that of a previously described nurse directed heart failure (HF) disease management program. The AHM system measured and transmitted body weight, blood pressure, and heart rate data as well as subjective patient self-assessments via a standard telephone line to a central server. A total of 188 consented and eligible patients were randomized between intervention and control groups in 1:1 ratio. Subjects randomized to the control arm received the Specialized Primary and Networked Care in Heart Failure (SPAN-CHF) heart failure disease management program. Subjects randomized to the intervention arm received the SPAN-CHF disease management program in conjunction with the AHM system. The primary end point was prespecified as the relative event rate of HF hospitalization between intervention and control groups at 90 days. The relative event rate of HF hospitalization for the intervention group compared with controls was 0.50 (95%CI [0.25-0.99], P = .05). Short-term reductions in the heart failure hospitalization rate were associated with the use of automated home monitoring equipment. Long-term benefits in this model remain to be studied. (c) 2010 Elsevier Inc. All rights reserved.

Shuttle Gaseous Hydrogen Venting Risk from Flow Control Valve Failure

NASA Technical Reports Server (NTRS)

Drummond, J. Philip; Baurle, Robert A.; Gafney, Richard L.; Norris, Andrew T.; Pellett, Gerald L.; Rock, Kenneth E.

2009-01-01

This paper describes a series of studies to assess the potential risk associated with the failure of one of three gaseous hydrogen flow control valves in the orbiter's main propulsion system during the launch of Shuttle Endeavour (STS-126) in November 2008. The studies focused on critical issues associated with the possibility of combustion resulting from release of gaseous hydrogen from the external tank into the atmosphere during assent. The Shuttle Program currently assumes hydrogen venting from the external tank will result in a critical failure. The current effort was conducted to increase understanding of the risk associated with venting hydrogen given the flow control valve failure scenarios being considered in the Integrated In-Flight Anomaly Investigation being conducted by NASA.

Fault tolerance in a supercomputer through dynamic repartitioning

DOEpatents

Chen, Dong; Coteus, Paul W.; Gara, Alan G.; Takken, Todd E.

2007-02-27

A multiprocessor, parallel computer is made tolerant to hardware failures by providing extra groups of redundant standby processors and by designing the system so that these extra groups of processors can be swapped with any group which experiences a hardware failure. This swapping can be under software control, thereby permitting the entire computer to sustain a hardware failure but, after swapping in the standby processors, to still appear to software as a pristine, fully functioning system.

Decentralized Adaptive Control of Systems with Uncertain Interconnections, Plant-Model Mismatch and Actuator Failures

NASA Technical Reports Server (NTRS)

Patre, Parag; Joshi, Suresh M.

2011-01-01

Decentralized adaptive control is considered for systems consisting of multiple interconnected subsystems. It is assumed that each subsystem s parameters are uncertain and the interconnection parameters are not known. In addition, mismatch can exist between each subsystem and its reference model. A strictly decentralized adaptive control scheme is developed, wherein each subsystem has access only to its own state but has the knowledge of all reference model states. The mismatch is estimated online for each subsystem and the mismatch estimates are used to adaptively modify the corresponding reference models. The adaptive control scheme is extended to the case with actuator failures in addition to mismatch.

Analysis of rural intersection accidents caused by stop sign violation and failure to yield the right-of-way

DOT National Transportation Integrated Search

2000-09-01

The objectives of this study were to (1) identify the factors that contribute to accidents caused by failure to stop and failure to yield the right-of-way at rural two-way stop-controlled intersections on the state highway system, and (2) determine w...

20 CFR 641.430 - What are the responsibility conditions that an applicant must meet?

Code of Federal Regulations, 2011 CFR

2011-04-01

... Government property as instructed by the Department. (j) Failure to have maintained effective cash management or cost controls resulting in excess cash on hand. (k) Failure to ensure that a sub-recipient... failure to maintain a financial management system as required by Federal regulations. (d) Willful...

46 CFR 62.30-5 - Independence.

Code of Federal Regulations, 2010 CFR

2010-10-01

... Reliability and Safety Criteria, All Automated Vital Systems § 62.30-5 Independence. (a) Single non-concurrent failures in control, alarm, or instrumentation systems, and their logical consequences, must not prevent...)(2) and (b)(3) of this section, primary control, alternate control, safety control, and alarm and...

46 CFR 62.30-5 - Independence.

Code of Federal Regulations, 2014 CFR

2014-10-01

... Reliability and Safety Criteria, All Automated Vital Systems § 62.30-5 Independence. (a) Single non-concurrent failures in control, alarm, or instrumentation systems, and their logical consequences, must not prevent...)(2) and (b)(3) of this section, primary control, alternate control, safety control, and alarm and...

46 CFR 62.30-5 - Independence.

Code of Federal Regulations, 2011 CFR

2011-10-01

... Reliability and Safety Criteria, All Automated Vital Systems § 62.30-5 Independence. (a) Single non-concurrent failures in control, alarm, or instrumentation systems, and their logical consequences, must not prevent...)(2) and (b)(3) of this section, primary control, alternate control, safety control, and alarm and...

46 CFR 62.30-5 - Independence.

Code of Federal Regulations, 2012 CFR

2012-10-01

... Reliability and Safety Criteria, All Automated Vital Systems § 62.30-5 Independence. (a) Single non-concurrent failures in control, alarm, or instrumentation systems, and their logical consequences, must not prevent...)(2) and (b)(3) of this section, primary control, alternate control, safety control, and alarm and...

46 CFR 62.30-5 - Independence.

Code of Federal Regulations, 2013 CFR

2013-10-01

... Reliability and Safety Criteria, All Automated Vital Systems § 62.30-5 Independence. (a) Single non-concurrent failures in control, alarm, or instrumentation systems, and their logical consequences, must not prevent...)(2) and (b)(3) of this section, primary control, alternate control, safety control, and alarm and...

Fault tolerant attitude control for small unmanned aircraft systems equipped with an airflow sensor array.

PubMed

Shen, H; Xu, Y; Dickinson, B T

2014-11-18

Inspired by sensing strategies observed in birds and bats, a new attitude control concept of directly using real-time pressure and shear stresses has recently been studied. It was shown that with an array of onboard airflow sensors, small unmanned aircraft systems can promptly respond to airflow changes and improve flight performances. In this paper, a mapping function is proposed to compute aerodynamic moments from the real-time pressure and shear data in a practical and computationally tractable formulation. Since many microscale airflow sensors are embedded on the small unmanned aircraft system surface, it is highly possible that certain sensors may fail. Here, an adaptive control system is developed that is robust to sensor failure as well as other numerical mismatches in calculating real-time aerodynamic moments. The advantages of the proposed method are shown in the following simulation cases: (i) feedback pressure and wall shear data from a distributed array of 45 airflow sensors; (ii) 50% failure of the symmetrically distributed airflow sensor array; and (iii) failure of all the airflow sensors on one wing. It is shown that even if 50% of the airflow sensors have failures, the aircraft is still stable and able to track the attitude commands.

Examining the Dynamics of Managing Information Systems Development Projects: A Control Loss Perspective

ERIC Educational Resources Information Center

Narayanaswamy, Ravi

2009-01-01

The failure rate of information systems development (ISD) projects continues to pose a big challenge for organizations. The success rate of ISD projects is less then forty percent. Factors such as disagreements and miscommunications among project manager and team members, poor monitoring and intermediary problems contribute to project failure.…

Reliable dual-redundant sensor failure detection and identification for the NASA F-8 DFBW aircraft

NASA Technical Reports Server (NTRS)

Deckert, J. C.; Desai, M. N.; Deyst, J. J., Jr.; Willsky, A. S.

1978-01-01

A technique was developed which provides reliable failure detection and identification (FDI) for a dual redundant subset of the flight control sensors onboard the NASA F-8 digital fly by wire (DFBW) aircraft. The technique was successfully applied to simulated sensor failures on the real time F-8 digital simulator and to sensor failures injected on telemetry data from a test flight of the F-8 DFBW aircraft. For failure identification the technique utilized the analytic redundancy which exists as functional and kinematic relationships among the various quantities being measured by the different control sensor types. The technique can be used not only in a dual redundant sensor system, but also in a more highly redundant system after FDI by conventional voting techniques reduced to two the number of unfailed sensors of a particular type. In addition the technique can be easily extended to the case in which only one sensor of a particular type is available.

Sliding mode based fault detection, reconstruction and fault tolerant control scheme for motor systems.

PubMed

Mekki, Hemza; Benzineb, Omar; Boukhetala, Djamel; Tadjine, Mohamed; Benbouzid, Mohamed

2015-07-01

The fault-tolerant control problem belongs to the domain of complex control systems in which inter-control-disciplinary information and expertise are required. This paper proposes an improved faults detection, reconstruction and fault-tolerant control (FTC) scheme for motor systems (MS) with typical faults. For this purpose, a sliding mode controller (SMC) with an integral sliding surface is adopted. This controller can make the output of system to track the desired position reference signal in finite-time and obtain a better dynamic response and anti-disturbance performance. But this controller cannot deal directly with total system failures. However an appropriate combination of the adopted SMC and sliding mode observer (SMO), later it is designed to on-line detect and reconstruct the faults and also to give a sensorless control strategy which can achieve tolerance to a wide class of total additive failures. The closed-loop stability is proved, using the Lyapunov stability theory. Simulation results in healthy and faulty conditions confirm the reliability of the suggested framework. Copyright © 2015 ISA. Published by Elsevier Ltd. All rights reserved.

46 CFR 62.25-1 - General.

Code of Federal Regulations, 2011 CFR

2011-10-01

... control system; (3) A safety control system, if required by § 62.25-15; (4) Instrumentation to monitor... if instrumentation is not continuously monitored or is inappropriate for detection of a failure or...

46 CFR 62.25-1 - General.

Code of Federal Regulations, 2012 CFR

2012-10-01

... control system; (3) A safety control system, if required by § 62.25-15; (4) Instrumentation to monitor... if instrumentation is not continuously monitored or is inappropriate for detection of a failure or...

46 CFR 62.25-1 - General.

Code of Federal Regulations, 2013 CFR

2013-10-01

... control system; (3) A safety control system, if required by § 62.25-15; (4) Instrumentation to monitor... if instrumentation is not continuously monitored or is inappropriate for detection of a failure or...

46 CFR 62.25-1 - General.

Code of Federal Regulations, 2014 CFR

2014-10-01

... control system; (3) A safety control system, if required by § 62.25-15; (4) Instrumentation to monitor... if instrumentation is not continuously monitored or is inappropriate for detection of a failure or...

Orbiter subsystem hardware/software interaction analysis. Volume 8: AFT reaction control system, part 2

NASA Technical Reports Server (NTRS)

Becker, D. D.

1980-01-01

The orbiter subsystems and interfacing program elements which interact with the orbiter computer flight software are analyzed. The failure modes identified in the subsystem/element failure mode and effects analysis are examined. Potential interaction with the software is examined through an evaluation of the software requirements. The analysis is restricted to flight software requirements and excludes utility/checkout software. The results of the hardware/software interaction analysis for the forward reaction control system are presented.

Independent Orbiter Assessment (IOA): Analysis of the electrical power distribution and control/remote manipulator system subsystem

NASA Technical Reports Server (NTRS)

Robinson, W. W.

1987-01-01

The results of the Independent Orbiter Assessment (IOA) of the Failure Modes and Effects Analysis (FMEA) and Critical Items List (CIL) are presented. The IOA approach features a top-down analysis of the Electrical Power Distribution and Control (EPD and C)/Remote Manipulator System (RMS) hardware to determine failure modes, criticality, and potential critical items. To preserve independence, this analysis was accomplished without reliance upon the results contained in the NASA FMEA/CIL documentation. This report documents the results of the independent analysis of the EPD and C/RMS (both port and starboard) hardware. The EPD and C/RMS subsystem hardware provides the electrical power and power control circuitry required to safely deploy, operate, control, and stow or guillotine and jettison two (one port and one starboard) RMSs. The EPD and C/RMS subsystem is subdivided into the four following functional divisions: Remote Manipulator Arm; Manipulator Deploy Control; Manipulator Latch Control; Manipulator Arm Shoulder Jettison; and Retention Arm Jettison. The IOA analysis process utilized available EPD and C/RMS hardware drawings and schematics for defining hardware assemblies, components, and hardware items. Each level of hardware was evaluated and analyzed for possible failure modes and effects. Criticality was assigned based on the severity of the effect for each failure mode.

46 CFR 58.05-10 - Automatic shut-off.

Code of Federal Regulations, 2010 CFR

2010-10-01

... AND RELATED SYSTEMS Main Propulsion Machinery § 58.05-10 Automatic shut-off. Main propulsion machinery... controls must shut down main propulsion machinery in case of a failure, such as failure of the lubricating...

46 CFR 58.05-10 - Automatic shut-off.

Code of Federal Regulations, 2011 CFR

2011-10-01

... AND RELATED SYSTEMS Main Propulsion Machinery § 58.05-10 Automatic shut-off. Main propulsion machinery... controls must shut down main propulsion machinery in case of a failure, such as failure of the lubricating...

46 CFR 58.05-10 - Automatic shut-off.

Code of Federal Regulations, 2014 CFR

2014-10-01

... AND RELATED SYSTEMS Main Propulsion Machinery § 58.05-10 Automatic shut-off. Main propulsion machinery... controls must shut down main propulsion machinery in case of a failure, such as failure of the lubricating...

46 CFR 58.05-10 - Automatic shut-off.

Code of Federal Regulations, 2012 CFR

2012-10-01

... AND RELATED SYSTEMS Main Propulsion Machinery § 58.05-10 Automatic shut-off. Main propulsion machinery... controls must shut down main propulsion machinery in case of a failure, such as failure of the lubricating...

46 CFR 58.05-10 - Automatic shut-off.

Code of Federal Regulations, 2013 CFR

2013-10-01

... AND RELATED SYSTEMS Main Propulsion Machinery § 58.05-10 Automatic shut-off. Main propulsion machinery... controls must shut down main propulsion machinery in case of a failure, such as failure of the lubricating...

Control of large flexible space structures

NASA Technical Reports Server (NTRS)

Vandervelde, W. E.

1986-01-01

Progress in robust design of generalized parity relations, design of failure sensitive observers using the geometric system theory of Wonham, computational techniques for evaluation of the performance of control systems with fault tolerance and redundancy management features, and the design and evaluation od control systems for structures having nonlinear joints are described.

Independent Orbiter Assessment (IOA): Analysis of the nose wheel steering subsystem

NASA Technical Reports Server (NTRS)

Mediavilla, Anthony Scott

1986-01-01

The results of the Independent Orbiter Assessment (IOA) of the Failure Modes and Effects Analysis (FMEA) and Critical Items List (CIL) are presented. The IOA approach features a top-down analysis of the hardware to determine failure modes, criticality, and potential critical items. To preserve independence, this analysis was accomplished without reliance upon the results contained within the NASA FMEA/CIL documentation. The independent analysis results for the Orbiter Nose Wheel Steering (NWS) hardware are documented. The NWS hardware provides primary directional control for the Orbiter vehicle during landing rollout. Each level of hardware was evaluated and analyzed for possible failure modes and effects. Criticality was assigned based upon the severity of the effect for each failure mode. The original NWS design was envisioned as a backup system to differential braking for directional control of the Orbiter during landing rollout. No real effort was made to design the NWS system as fail operational. The brakes have much redundancy built into their design but the poor brake/tire performance has forced the NSTS to upgrade NWS to the primary mode of directional control during rollout. As a result, a large percentage of the NWS system components have become Potential Critical Items (PCI).

SILHIL Replication of Electric Aircraft Powertrain Dynamics and Inner-Loop Control for V&V of System Health Management Routines

NASA Technical Reports Server (NTRS)

Bole, Brian; Teubert, Christopher Allen; Cuong Chi, Quach; Hogge, Edward; Vazquez, Sixto; Goebel, Kai; George, Vachtsevanos

2013-01-01

Software-in-the-loop and Hardware-in-the-loop testing of failure prognostics and decision making tools for aircraft systems will facilitate more comprehensive and cost-effective testing than what is practical to conduct with flight tests. A framework is described for the offline recreation of dynamic loads on simulated or physical aircraft powertrain components based on a real-time simulation of airframe dynamics running on a flight simulator, an inner-loop flight control policy executed by either an autopilot routine or a human pilot, and a supervisory fault management control policy. The creation of an offline framework for verifying and validating supervisory failure prognostics and decision making routines is described for the example of battery charge depletion failure scenarios onboard a prototype electric unmanned aerial vehicle.

Independent Orbiter Assessment (IOA): Assessment of the reaction control system, volume 5

NASA Technical Reports Server (NTRS)

Prust, Chet D.; Hartman, Dan W.

1988-01-01

The results of the Independent Orbiter Assessment (IOA) of the Failure Modes and Effects Analysis (FMEA) and Critical Items List (CIL) are presented. The IOA effort first completed an analysis of the aft and forward Reaction Control System (RCS) hardware and Electrical Power Distribution and Control (EPD and C), generating draft failure modes and potential critical items. The IOA results were then compared to the proposed Post 51-L NASA FMEA/CIL baseline. This report documents the results of that comparison for the Orbiter RCS hardware and EPD and C systems. Volume 5 contains detailed analysis and superseded analysis worksheets and the NASA FMEA to IOA worksheet cross reference and recommendations.

Investigation of the cross-ship comparison monitoring method of failure detection in the HIMAT RPRV. [digital control techniques using airborne microprocessors

NASA Technical Reports Server (NTRS)

Wolf, J. A.

1978-01-01

The Highly maneuverable aircraft technology (HIMAT) remotely piloted research vehicle (RPRV) uses cross-ship comparison monitoring of the actuator RAM positions to detect a failure in the aileron, canard, and elevator control surface servosystems. Some possible sources of nuisance trips for this failure detection technique are analyzed. A FORTRAN model of the simplex servosystems and the failure detection technique were utilized to provide a convenient means of changing parameters and introducing system noise. The sensitivity of the technique to differences between servosystems and operating conditions was determined. The cross-ship comparison monitoring method presently appears to be marginal in its capability to detect an actual failure and to withstand nuisance trips.

42 CFR 493.1256 - Standard: Control procedures.

Code of Federal Regulations, 2012 CFR

2012-10-01

... Systems § 493.1256 Standard: Control procedures. (a) For each test system, the laboratory is responsible... test system failure, adverse environmental conditions, and operator performance. (2) Monitor over time the accuracy and precision of test performance that may be influenced by changes in test system...

42 CFR 493.1256 - Standard: Control procedures.

Code of Federal Regulations, 2011 CFR

2011-10-01

... Systems § 493.1256 Standard: Control procedures. (a) For each test system, the laboratory is responsible... test system failure, adverse environmental conditions, and operator performance. (2) Monitor over time the accuracy and precision of test performance that may be influenced by changes in test system...

42 CFR 493.1256 - Standard: Control procedures.

Code of Federal Regulations, 2014 CFR

2014-10-01

... Systems § 493.1256 Standard: Control procedures. (a) For each test system, the laboratory is responsible... test system failure, adverse environmental conditions, and operator performance. (2) Monitor over time the accuracy and precision of test performance that may be influenced by changes in test system...

42 CFR 493.1256 - Standard: Control procedures.

Code of Federal Regulations, 2013 CFR

2013-10-01

... Systems § 493.1256 Standard: Control procedures. (a) For each test system, the laboratory is responsible... test system failure, adverse environmental conditions, and operator performance. (2) Monitor over time the accuracy and precision of test performance that may be influenced by changes in test system...

Revisiting control establishments for emerging energy hubs

NASA Astrophysics Data System (ADS)

Nasirian, Vahidreza

Emerging small-scale energy systems, i.e., microgrids and smartgrids, rely on centralized controllers for voltage regulation, load sharing, and economic dispatch. However, the central controller is a single-point-of-failure in such a design as either the controller or attached communication links failure can render the entire system inoperable. This work seeks for alternative distributed control structures to improve system reliability and help to the scalability of the system. A cooperative distributed controller is proposed that uses a noise-resilient voltage estimator and handles global voltage regulation and load sharing across a DC microgrid. Distributed adaptive droop control is also investigated as an alternative solution. A droop-free distributed control is offered to handle voltage/frequency regulation and load sharing in AC systems. This solution does not require frequency measurement and, thus, features a fast frequency regulation. Distributed economic dispatch is also studied, where a distributed protocol is designed that controls generation units to merge their incremental costs into a consensus and, thus, push the entire system to generate with the minimum cost. Experimental verifications and Hardware-in-the-Loop (HIL) simulations are used to study efficacy of the proposed control protocols.

Linear quadratic servo control of a reusable rocket engine

NASA Technical Reports Server (NTRS)

Musgrave, Jeffrey L.

1991-01-01

A design method for a servo compensator is developed in the frequency domain using singular values. The method is applied to a reusable rocket engine. An intelligent control system for reusable rocket engines was proposed which includes a diagnostic system, a control system, and an intelligent coordinator which determines engine control strategies based on the identified failure modes. The method provides a means of generating various linear multivariable controllers capable of meeting performance and robustness specifications and accommodating failure modes identified by the diagnostic system. Command following with set point control is necessary for engine operation. A Kalman filter reconstructs the state while loop transfer recovery recovers the required degree of robustness while maintaining satisfactory rejection of sensor noise from the command error. The approach is applied to the design of a controller for a rocket engine satisfying performance constraints in the frequency domain. Simulation results demonstrate the performance of the linear design on a nonlinear engine model over all power levels during mainstage operation.

Spacecraft Escape Capsule

NASA Technical Reports Server (NTRS)

Robertson, Edward A.; Charles, Dingell W.; Bufkin, Ann L.; Rodriggs, Liana M.; Peterson, Wayne; Cuthbert, Peter; Lee, David E.; Westhelle, Carlos

2006-01-01

A report discusses the Gumdrop capsule a conceptual spacecraft that would enable the crew to escape safely in the event of a major equipment failure at any time from launch through atmospheric re-entry. The scaleable Gumdrop capsule would comprise a command module (CM), a service module (SM), and a crew escape system (CES). The CM would contain a pressurized crew environment that would include avionic, life-support, thermal control, propulsive attitude control, and recovery systems. The SM would provide the primary propulsion and would also supply electrical power, life-support resources, and active thermal control to the CM. The CES would include a solid rocket motor, embedded within the SM, for pushing the CM away from the SM in the event of a critical thermal-protection-system failure or loss of control. The CM and SM would normally remain integrated with each other from launch through recovery, but could be separated using the CES, if necessary, to enable the safe recovery of the crew in the CM. The crew escape motor could be used, alternatively, as a redundant means of de-orbit propulsion for the CM in the event of a major system failure in the SM.

Distributed Evaluation Functions for Fault Tolerant Multi-Rover Systems

NASA Technical Reports Server (NTRS)

Agogino, Adrian; Turner, Kagan

2005-01-01

The ability to evolve fault tolerant control strategies for large collections of agents is critical to the successful application of evolutionary strategies to domains where failures are common. Furthermore, while evolutionary algorithms have been highly successful in discovering single-agent control strategies, extending such algorithms to multiagent domains has proven to be difficult. In this paper we present a method for shaping evaluation functions for agents that provide control strategies that both are tolerant to different types of failures and lead to coordinated behavior in a multi-agent setting. This method neither relies of a centralized strategy (susceptible to single point of failures) nor a distributed strategy where each agent uses a system wide evaluation function (severe credit assignment problem). In a multi-rover problem, we show that agents using our agent-specific evaluation perform up to 500% better than agents using the system evaluation. In addition we show that agents are still able to maintain a high level of performance when up to 60% of the agents fail due to actuator, communication or controller faults.

The effects of heart rate control in chronic heart failure with reduced ejection fraction.

PubMed

Grande, Dario; Iacoviello, Massimo; Aspromonte, Nadia

2018-07-01

Elevated heart rate has been associated with worse prognosis both in the general population and in patients with heart failure. Heart rate is finely modulated by neurohormonal signals and it reflects the balance between the sympathetic and the parasympathetic limbs of the autonomic nervous system. For this reason, elevated heart rate in heart failure has been considered an epiphenomenon of the sympathetic hyperactivation during heart failure. However, experimental and clinical evidence suggests that high heart rate could have a direct pathogenetic role. Consequently, heart rate might act as a pathophysiological mediator of heart failure as well as a marker of adverse outcome. This hypothesis has been supported by the observation that the positive effect of beta-blockade could be linked to the degree of heart rate reduction. In addition, the selective heart rate control with ivabradine has recently been demonstrated to be beneficial in patients with heart failure and left ventricular systolic dysfunction. The objective of this review is to examine the pathophysiological implications of elevated heart rate in chronic heart failure and explore the mechanisms underlying the effects of pharmacological heart rate control.

Automation Applications in an Advanced Air Traffic Management System : Volume 4A. Automation Requirements.

DOT National Transportation Integrated Search

1974-08-01

Volume 4 describes the automation requirements. A presentation of automation requirements is made for an advanced air traffic management system in terms of controller work force, computer resources, controller productivity, system manning, failure ef...

Controllability Analysis for Multirotor Helicopter Rotor Degradation and Failure

NASA Astrophysics Data System (ADS)

Du, Guang-Xun; Quan, Quan; Yang, Binxian; Cai, Kai-Yuan

2015-05-01

This paper considers the controllability analysis problem for a class of multirotor systems subject to rotor failure/wear. It is shown that classical controllability theories of linear systems are not sufficient to test the controllability of the considered multirotors. Owing to this, an easy-to-use measurement index is introduced to assess the available control authority. Based on it, a new necessary and sufficient condition for the controllability of multirotors is derived. Furthermore, a controllability test procedure is approached. The proposed controllability test method is applied to a class of hexacopters with different rotor configurations and different rotor efficiency parameters to show its effectiveness. The analysis results show that hexacopters with different rotor configurations have different fault-tolerant capabilities. It is therefore necessary to test the controllability of the multirotors before any fault-tolerant control strategies are employed.

14 CFR 25.672 - Stability augmentation and automatic and power-operated systems.

Code of Federal Regulations, 2012 CFR

2012-01-01

..., DEPARTMENT OF TRANSPORTATION AIRCRAFT AIRWORTHINESS STANDARDS: TRANSPORT CATEGORY AIRPLANES Design and Construction Control Systems § 25.672 Stability augmentation and automatic and power-operated systems. If the... the pilot were not aware of the failure. Warning systems must not activate the control systems. (b...

14 CFR 25.672 - Stability augmentation and automatic and power-operated systems.

Code of Federal Regulations, 2011 CFR

2011-01-01

..., DEPARTMENT OF TRANSPORTATION AIRCRAFT AIRWORTHINESS STANDARDS: TRANSPORT CATEGORY AIRPLANES Design and Construction Control Systems § 25.672 Stability augmentation and automatic and power-operated systems. If the... the pilot were not aware of the failure. Warning systems must not activate the control systems. (b...

14 CFR 25.672 - Stability augmentation and automatic and power-operated systems.

Code of Federal Regulations, 2014 CFR

2014-01-01

..., DEPARTMENT OF TRANSPORTATION AIRCRAFT AIRWORTHINESS STANDARDS: TRANSPORT CATEGORY AIRPLANES Design and Construction Control Systems § 25.672 Stability augmentation and automatic and power-operated systems. If the... the pilot were not aware of the failure. Warning systems must not activate the control systems. (b...

14 CFR 25.672 - Stability augmentation and automatic and power-operated systems.

Code of Federal Regulations, 2010 CFR

2010-01-01

..., DEPARTMENT OF TRANSPORTATION AIRCRAFT AIRWORTHINESS STANDARDS: TRANSPORT CATEGORY AIRPLANES Design and Construction Control Systems § 25.672 Stability augmentation and automatic and power-operated systems. If the... the pilot were not aware of the failure. Warning systems must not activate the control systems. (b...

Fault tree analysis of failure cause of crushing plant and mixing bed hall at Khoy cement factory in Iran☆

PubMed Central

Nouri.Gharahasanlou, Ali; Mokhtarei, Ashkan; Khodayarei, Aliasqar; Ataei, Mohammad

2014-01-01

Evaluating and analyzing the risk in the mining industry is a new approach for improving the machinery performance. Reliability, safety, and maintenance management based on the risk analysis can enhance the overall availability and utilization of the mining technological systems. This study investigates the failure occurrence probability of the crushing and mixing bed hall department at Azarabadegan Khoy cement plant by using fault tree analysis (FTA) method. The results of the analysis in 200 h operating interval show that the probability of failure occurrence for crushing, conveyor systems, crushing and mixing bed hall department is 73, 64, and 95 percent respectively and the conveyor belt subsystem found as the most probable system for failure. Finally, maintenance as a method of control and prevent the occurrence of failure is proposed. PMID:26779433

Fault tree analysis of failure cause of crushing plant and mixing bed hall at Khoy cement factory in Iran.

PubMed

Nouri Gharahasanlou, Ali; Mokhtarei, Ashkan; Khodayarei, Aliasqar; Ataei, Mohammad

2014-04-01

Evaluating and analyzing the risk in the mining industry is a new approach for improving the machinery performance. Reliability, safety, and maintenance management based on the risk analysis can enhance the overall availability and utilization of the mining technological systems. This study investigates the failure occurrence probability of the crushing and mixing bed hall department at Azarabadegan Khoy cement plant by using fault tree analysis (FTA) method. The results of the analysis in 200 h operating interval show that the probability of failure occurrence for crushing, conveyor systems, crushing and mixing bed hall department is 73, 64, and 95 percent respectively and the conveyor belt subsystem found as the most probable system for failure. Finally, maintenance as a method of control and prevent the occurrence of failure is proposed.

76 FR 30523 - Special Conditions: Boeing Model 747-8/-8F Airplanes, Interaction of Systems and Structures

Federal Register 2010, 2011, 2012, 2013, 2014

2011-05-26

...- wire (FBW) flight control system to reduce, but not eliminate, the amplitude of the sustained... failures. The regulations do not anticipate the use of systems that control flutter modes but do not... standards that permit the use of such active flutter control systems. Discussion of Comments Notice of...

14 CFR 27.695 - Power boost and power-operated control system.

Code of Federal Regulations, 2014 CFR

2014-01-01

... Systems § 27.695 Power boost and power-operated control system. (a) If a power boost or power-operated... failure of all engines. (b) Each alternate system may be a duplicate power portion or a manually operated... 14 Aeronautics and Space 1 2014-01-01 2014-01-01 false Power boost and power-operated control...

14 CFR 29.695 - Power boost and power-operated control system.

Code of Federal Regulations, 2012 CFR

2012-01-01

... Systems § 29.695 Power boost and power-operated control system. (a) If a power boost or power-operated... failure of all engines. (b) Each alternate system may be a duplicate power portion or a manually operated... 14 Aeronautics and Space 1 2012-01-01 2012-01-01 false Power boost and power-operated control...

14 CFR 29.695 - Power boost and power-operated control system.

Code of Federal Regulations, 2014 CFR

2014-01-01

... Systems § 29.695 Power boost and power-operated control system. (a) If a power boost or power-operated... failure of all engines. (b) Each alternate system may be a duplicate power portion or a manually operated... 14 Aeronautics and Space 1 2014-01-01 2014-01-01 false Power boost and power-operated control...

14 CFR 27.695 - Power boost and power-operated control system.

Code of Federal Regulations, 2011 CFR

2011-01-01

... Systems § 27.695 Power boost and power-operated control system. (a) If a power boost or power-operated... failure of all engines. (b) Each alternate system may be a duplicate power portion or a manually operated... 14 Aeronautics and Space 1 2011-01-01 2011-01-01 false Power boost and power-operated control...

14 CFR 29.695 - Power boost and power-operated control system.

Code of Federal Regulations, 2011 CFR

2011-01-01

... Systems § 29.695 Power boost and power-operated control system. (a) If a power boost or power-operated... failure of all engines. (b) Each alternate system may be a duplicate power portion or a manually operated... 14 Aeronautics and Space 1 2011-01-01 2011-01-01 false Power boost and power-operated control...

14 CFR 29.695 - Power boost and power-operated control system.

Code of Federal Regulations, 2010 CFR

2010-01-01

... Systems § 29.695 Power boost and power-operated control system. (a) If a power boost or power-operated... failure of all engines. (b) Each alternate system may be a duplicate power portion or a manually operated... 14 Aeronautics and Space 1 2010-01-01 2010-01-01 false Power boost and power-operated control...

14 CFR 27.695 - Power boost and power-operated control system.

Code of Federal Regulations, 2012 CFR

2012-01-01

... Systems § 27.695 Power boost and power-operated control system. (a) If a power boost or power-operated... failure of all engines. (b) Each alternate system may be a duplicate power portion or a manually operated... 14 Aeronautics and Space 1 2012-01-01 2012-01-01 false Power boost and power-operated control...

14 CFR 27.695 - Power boost and power-operated control system.

Code of Federal Regulations, 2010 CFR

2010-01-01

... Systems § 27.695 Power boost and power-operated control system. (a) If a power boost or power-operated... failure of all engines. (b) Each alternate system may be a duplicate power portion or a manually operated... 14 Aeronautics and Space 1 2010-01-01 2010-01-01 false Power boost and power-operated control...

Complex Failure Forewarning System - DHS Conference Proceedings

DOE Office of Scientific and Technical Information (OSTI.GOV)

Abercrombie, Robert K; Hively, Lee M; Prowell, Stacy J

2011-01-01

As the critical infrastructures of the United States have become more and more dependent on public and private networks, the potential for widespread national impact resulting from disruption or failure of these networks has also increased. Securing the nation s critical infrastructures requires protecting not only their physical systems but, just as important, the cyber portions of the systems on which they rely. A failure is inclusive of random events, design flaws, and instabilities caused by cyber (and/or physical) attack. One such domain, aging bridges, is used to explain the Complex Structure Failure Forewarning System. We discuss the workings ofmore » such a system in the context of the necessary sensors, command and control and data collection as well as the cyber security efforts that would support this system. Their application and the implications of this computing architecture are also discussed, with respect to our nation s aging infrastructure.« less

Active parallel redundancy for electronic integrator-type control circuits

NASA Technical Reports Server (NTRS)

Peterson, R. A.

1971-01-01

Circuit extends concept of redundant feedback control from type-0 to type-1 control systems. Inactive channels are slaves to the active channel, if latter fails, it is rejected and slave channel is activated. High reliability and elimination of single-component catastrophic failure are important in closed-loop control systems.

Aerospace Applications of Weibull and Monte Carlo Simulation with Importance Sampling

NASA Technical Reports Server (NTRS)

Bavuso, Salvatore J.

1998-01-01

Recent developments in reliability modeling and computer technology have made it practical to use the Weibull time to failure distribution to model the system reliability of complex fault-tolerant computer-based systems. These system models are becoming increasingly popular in space systems applications as a result of mounting data that support the decreasing Weibull failure distribution and the expectation of increased system reliability. This presentation introduces the new reliability modeling developments and demonstrates their application to a novel space system application. The application is a proposed guidance, navigation, and control (GN&C) system for use in a long duration manned spacecraft for a possible Mars mission. Comparisons to the constant failure rate model are presented and the ramifications of doing so are discussed.

Heterogeneity: The key to failure forecasting

PubMed Central

Vasseur, Jérémie; Wadsworth, Fabian B.; Lavallée, Yan; Bell, Andrew F.; Main, Ian G.; Dingwell, Donald B.

2015-01-01

Elastic waves are generated when brittle materials are subjected to increasing strain. Their number and energy increase non-linearly, ending in a system-sized catastrophic failure event. Accelerating rates of geophysical signals (e.g., seismicity and deformation) preceding large-scale dynamic failure can serve as proxies for damage accumulation in the Failure Forecast Method (FFM). Here we test the hypothesis that the style and mechanisms of deformation, and the accuracy of the FFM, are both tightly controlled by the degree of microstructural heterogeneity of the material under stress. We generate a suite of synthetic samples with variable heterogeneity, controlled by the gas volume fraction. We experimentally demonstrate that the accuracy of failure prediction increases drastically with the degree of material heterogeneity. These results have significant implications in a broad range of material-based disciplines for which failure forecasting is of central importance. In particular, the FFM has been used with only variable success to forecast failure scenarios both in the field (volcanic eruptions and landslides) and in the laboratory (rock and magma failure). Our results show that this variability may be explained, and the reliability and accuracy of forecast quantified significantly improved, by accounting for material heterogeneity as a first-order control on forecasting power. PMID:26307196

Heterogeneity: The key to failure forecasting.

PubMed

Vasseur, Jérémie; Wadsworth, Fabian B; Lavallée, Yan; Bell, Andrew F; Main, Ian G; Dingwell, Donald B

2015-08-26

Elastic waves are generated when brittle materials are subjected to increasing strain. Their number and energy increase non-linearly, ending in a system-sized catastrophic failure event. Accelerating rates of geophysical signals (e.g., seismicity and deformation) preceding large-scale dynamic failure can serve as proxies for damage accumulation in the Failure Forecast Method (FFM). Here we test the hypothesis that the style and mechanisms of deformation, and the accuracy of the FFM, are both tightly controlled by the degree of microstructural heterogeneity of the material under stress. We generate a suite of synthetic samples with variable heterogeneity, controlled by the gas volume fraction. We experimentally demonstrate that the accuracy of failure prediction increases drastically with the degree of material heterogeneity. These results have significant implications in a broad range of material-based disciplines for which failure forecasting is of central importance. In particular, the FFM has been used with only variable success to forecast failure scenarios both in the field (volcanic eruptions and landslides) and in the laboratory (rock and magma failure). Our results show that this variability may be explained, and the reliability and accuracy of forecast quantified significantly improved, by accounting for material heterogeneity as a first-order control on forecasting power.

Heterogeneity: The key to failure forecasting

NASA Astrophysics Data System (ADS)

Vasseur, Jérémie; Wadsworth, Fabian B.; Lavallée, Yan; Bell, Andrew F.; Main, Ian G.; Dingwell, Donald B.

2015-08-01

Elastic waves are generated when brittle materials are subjected to increasing strain. Their number and energy increase non-linearly, ending in a system-sized catastrophic failure event. Accelerating rates of geophysical signals (e.g., seismicity and deformation) preceding large-scale dynamic failure can serve as proxies for damage accumulation in the Failure Forecast Method (FFM). Here we test the hypothesis that the style and mechanisms of deformation, and the accuracy of the FFM, are both tightly controlled by the degree of microstructural heterogeneity of the material under stress. We generate a suite of synthetic samples with variable heterogeneity, controlled by the gas volume fraction. We experimentally demonstrate that the accuracy of failure prediction increases drastically with the degree of material heterogeneity. These results have significant implications in a broad range of material-based disciplines for which failure forecasting is of central importance. In particular, the FFM has been used with only variable success to forecast failure scenarios both in the field (volcanic eruptions and landslides) and in the laboratory (rock and magma failure). Our results show that this variability may be explained, and the reliability and accuracy of forecast quantified significantly improved, by accounting for material heterogeneity as a first-order control on forecasting power.

ATS-6 engineering performance report. Volume 2: Orbit and attitude controls

NASA Technical Reports Server (NTRS)

Wales, R. O. (Editor)

1981-01-01

Attitude control is reviewed, encompassing the attitude control subsystem, spacecraft attitude precision pointing and slewing adaptive control experiment, and RF interferometer experiment. The spacecraft propulsion system (SPS) is discussed, including subsystem, SPS design description and validation, orbital operations and performance, in-orbit anomalies and contingency operations, and the cesium bombardment ion engine experiment. Thruster failure due to plugging of the propellant feed passages, a major cause for mission termination, are considered among the critical generic failures on the satellite.

Adaptive model-based control systems and methods for controlling a gas turbine

NASA Technical Reports Server (NTRS)

Brunell, Brent Jerome (Inventor); Mathews, Jr., Harry Kirk (Inventor); Kumar, Aditya (Inventor)

2004-01-01

Adaptive model-based control systems and methods are described so that performance and/or operability of a gas turbine in an aircraft engine, power plant, marine propulsion, or industrial application can be optimized under normal, deteriorated, faulted, failed and/or damaged operation. First, a model of each relevant system or component is created, and the model is adapted to the engine. Then, if/when deterioration, a fault, a failure or some kind of damage to an engine component or system is detected, that information is input to the model-based control as changes to the model, constraints, objective function, or other control parameters. With all the information about the engine condition, and state and directives on the control goals in terms of an objective function and constraints, the control then solves an optimization so the optimal control action can be determined and taken. This model and control may be updated in real-time to account for engine-to-engine variation, deterioration, damage, faults and/or failures using optimal corrective control action command(s).

14 CFR 29.672 - Stability augmentation, automatic, and power-operated systems.

Code of Federal Regulations, 2013 CFR

2013-01-01

..., DEPARTMENT OF TRANSPORTATION AIRCRAFT AIRWORTHINESS STANDARDS: TRANSPORT CATEGORY ROTORCRAFT Design and Construction Control Systems § 29.672 Stability augmentation, automatic, and power-operated systems. If the... unsafe condition if the pilot is unaware of the failure. Warning systems must not activate the control...

14 CFR 27.672 - Stability augmentation, automatic, and power-operated systems.

Code of Federal Regulations, 2013 CFR

2013-01-01

..., DEPARTMENT OF TRANSPORTATION AIRCRAFT AIRWORTHINESS STANDARDS: NORMAL CATEGORY ROTORCRAFT Design and Construction Control Systems § 27.672 Stability augmentation, automatic, and power-operated systems. If the... unsafe condition if the pilot is unaware of the failure. Warning systems must not activate the control...

Tree failures and accidents in recreation areas: a guide to data management for hazard control

Treesearch

Lee A. Paine; James W. Clarke

1978-01-01

A data management system has been developed for storage and retrieval of tree failure and hazard data, with provision for computer analyses and presentation of results in useful tables. This system emphasizes important relationships between tree characteristics, environmental factors, and the resulting hazard. The analysis programs permit easy selection of subsets of...

An approximation formula for a class of fault-tolerant computers

NASA Technical Reports Server (NTRS)

White, A. L.

1986-01-01

An approximation formula is derived for the probability of failure for fault-tolerant process-control computers. These computers use redundancy and reconfiguration to achieve high reliability. Finite-state Markov models capture the dynamic behavior of component failure and system recovery, and the approximation formula permits an estimation of system reliability by an easy examination of the model.

Closed-Loop Evaluation of an Integrated Failure Identification and Fault Tolerant Control System for a Transport Aircraft

NASA Technical Reports Server (NTRS)

Shin, Jong-Yeob; Belcastro, Christine; Khong, thuan

2006-01-01

Formal robustness analysis of aircraft control upset prevention and recovery systems could play an important role in their validation and ultimate certification. Such systems developed for failure detection, identification, and reconfiguration, as well as upset recovery, need to be evaluated over broad regions of the flight envelope or under extreme flight conditions, and should include various sources of uncertainty. To apply formal robustness analysis, formulation of linear fractional transformation (LFT) models of complex parameter-dependent systems is required, which represent system uncertainty due to parameter uncertainty and actuator faults. This paper describes a detailed LFT model formulation procedure from the nonlinear model of a transport aircraft by using a preliminary LFT modeling software tool developed at the NASA Langley Research Center, which utilizes a matrix-based computational approach. The closed-loop system is evaluated over the entire flight envelope based on the generated LFT model which can cover nonlinear dynamics. The robustness analysis results of the closed-loop fault tolerant control system of a transport aircraft are presented. A reliable flight envelope (safe flight regime) is also calculated from the robust performance analysis results, over which the closed-loop system can achieve the desired performance of command tracking and failure detection.

An Investigation of the Ability to Recover from Transients Following Failures for Single-Pilot Rotorcraft

NASA Technical Reports Server (NTRS)

Mansur, M. Hossein; Schroeder, Jeffery A.

1988-01-01

A moving-base simulation was conducted to investigate a pilot's ability to recover from transients following single-axis hard-over failures of the flight-control system. The investigation was performed in conjunction with a host simulation that examined the influence of control modes on a single pilot's ability to perform various mission elements under high-workload conditions. The NASA Ames large-amplitude-motion Vertical Motion Simulator (VMS) was utilized, and the experimental variables were the failure axis, the severity of the failure, and the airspeed at which the failure occurred. Other factors, such as pilot workload and terrain and obstacle proximity at the time of failure, were kept as constant as possible within the framework of the host simulation task scenarios. No explicit failure warnings were presented to the pilot. Data from the experiment are shown, and pilot ratings are compared with the proposed handling-qualities requirements for military rotorcraft. Results indicate that the current proposed failure transient requirements may need revision.

Automation Applications in an Advanced Air Traffic Management System : Volume 4B. Automation Requirements (Concluded)

DOT National Transportation Integrated Search

1974-08-01

Volume 4 describes the automation requirements. A presentation of automation requirements is made for an advanced air traffic management system in terms of controller work for-e, computer resources, controller productivity, system manning, failure ef...

Wave failure at strong coupling in intracellular C a2 + signaling system with clustered channels

NASA Astrophysics Data System (ADS)

Li, Xiang; Wu, Yuning; Gao, Xuejuan; Cai, Meichun; Shuai, Jianwei

2018-01-01

As an important intracellular signal, C a2 + ions control diverse cellular functions. In this paper, we discuss the C a2 + signaling with a two-dimensional model in which the inositol 1,4,5-trisphosphate (I P3 ) receptor channels are distributed in clusters on the endoplasmic reticulum membrane. The wave failure at large C a2 + diffusion coupling is discussed in detail in the model. We show that with varying model parameters the wave failure is a robust behavior with either deterministic or stochastic channel dynamics. We suggest that the wave failure should be a general behavior in inhomogeneous diffusing systems with clustered excitable regions and may occur in biological C a2 + signaling systems.

On reliable control system designs. Ph.D. Thesis; [actuators

NASA Technical Reports Server (NTRS)

Birdwell, J. D.

1978-01-01

A mathematical model for use in the design of reliable multivariable control systems is discussed with special emphasis on actuator failures and necessary actuator redundancy levels. The model consists of a linear time invariant discrete time dynamical system. Configuration changes in the system dynamics are governed by a Markov chain that includes transition probabilities from one configuration state to another. The performance index is a standard quadratic cost functional, over an infinite time interval. The actual system configuration can be deduced with a one step delay. The calculation of the optimal control law requires the solution of a set of highly coupled Riccati-like matrix difference equations. Results can be used for off-line studies relating the open loop dynamics, required performance, actuator mean time to failure, and functional or identical actuator redundancy, with and without feedback gain reconfiguration strategies.

40 CFR 86.1803-01 - Definitions.

Code of Federal Regulations, 2013 CFR

2013-07-01

... procurement. Auxiliary Emission Control Device (AECD) means any element of design which senses temperature... components are those components which are designed primarily for emission control, or whose failure may... system as a means of providing electrical energy. Element of design means any control system (i.e...

Data-based fault-tolerant control of high-speed trains with traction/braking notch nonlinearities and actuator failures.

PubMed

Song, Qi; Song, Yong-Duan

2011-12-01

This paper investigates the position and velocity tracking control problem of high-speed trains with multiple vehicles connected through couplers. A dynamic model reflecting nonlinear and elastic impacts between adjacent vehicles as well as traction/braking nonlinearities and actuation faults is derived. Neuroadaptive fault-tolerant control algorithms are developed to account for various factors such as input nonlinearities, actuator failures, and uncertain impacts of in-train forces in the system simultaneously. The resultant control scheme is essentially independent of system model and is primarily data-driven because with the appropriate input-output data, the proposed control algorithms are capable of automatically generating the intermediate control parameters, neuro-weights, and the compensation signals, literally producing the traction/braking force based upon input and response data only--the whole process does not require precise information on system model or system parameter, nor human intervention. The effectiveness of the proposed approach is also confirmed through numerical simulations.

Event-triggered decentralized adaptive fault-tolerant control of uncertain interconnected nonlinear systems with actuator failures.

PubMed

Choi, Yun Ho; Yoo, Sung Jin

2018-06-01

This paper investigates the event-triggered decentralized adaptive tracking problem of a class of uncertain interconnected nonlinear systems with unexpected actuator failures. It is assumed that local control signals are transmitted to local actuators with time-varying faults whenever predefined conditions for triggering events are satisfied. Compared with the existing control-input-based event-triggering strategy for adaptive control of uncertain nonlinear systems, the aim of this paper is to propose a tracking-error-based event-triggering strategy in the decentralized adaptive fault-tolerant tracking framework. The proposed approach can relax drastic changes in control inputs caused by actuator faults in the existing triggering strategy. The stability of the proposed event-triggering control system is analyzed in the Lyapunov sense. Finally, simulation comparisons of the proposed and existing approaches are provided to show the effectiveness of the proposed theoretical result in the presence of actuator faults. Copyright © 2018 ISA. Published by Elsevier Ltd. All rights reserved.

SCADA alarms processing for wind turbine component failure detection

NASA Astrophysics Data System (ADS)

Gonzalez, E.; Reder, M.; Melero, J. J.

2016-09-01

Wind turbine failure and downtime can often compromise the profitability of a wind farm due to their high impact on the operation and maintenance (O&M) costs. Early detection of failures can facilitate the changeover from corrective maintenance towards a predictive approach. This paper presents a cost-effective methodology to combine various alarm analysis techniques, using data from the Supervisory Control and Data Acquisition (SCADA) system, in order to detect component failures. The approach categorises the alarms according to a reviewed taxonomy, turning overwhelming data into valuable information to assess component status. Then, different alarms analysis techniques are applied for two purposes: the evaluation of the SCADA alarm system capability to detect failures, and the investigation of the relation between components faults being followed by failure occurrences in others. Various case studies are presented and discussed. The study highlights the relationship between faulty behaviour in different components and between failures and adverse environmental conditions.

Independent Orbiter Assessment (IOA): Analysis of the guidance, navigation, and control subsystem

NASA Technical Reports Server (NTRS)

Trahan, W. H.; Odonnell, R. A.; Pietz, K. C.; Hiott, J. M.

1986-01-01

The results of the Independent Orbiter Assessment (IOA) of the Failure Modes and Effects Analysis (FMEA) and Critical Items List (CIL) is presented. The IOA approach features a top-down analysis of the hardware to determine failure modes, criticality, and potential critical items. To preserve independence, this analysis was accomplished without reliance upon the results contained within the NASA FMEA/CIL documentation. The independent analysis results corresponding to the Orbiter Guidance, Navigation, and Control (GNC) Subsystem hardware are documented. The function of the GNC hardware is to respond to guidance, navigation, and control software commands to effect vehicle control and to provide sensor and controller data to GNC software. Some of the GNC hardware for which failure modes analysis was performed includes: hand controllers; Rudder Pedal Transducer Assembly (RPTA); Speed Brake Thrust Controller (SBTC); Inertial Measurement Unit (IMU); Star Tracker (ST); Crew Optical Alignment Site (COAS); Air Data Transducer Assembly (ADTA); Rate Gyro Assemblies; Accelerometer Assembly (AA); Aerosurface Servo Amplifier (ASA); and Ascent Thrust Vector Control (ATVC). The IOA analysis process utilized available GNC hardware drawings, workbooks, specifications, schematics, and systems briefs for defining hardware assemblies, components, and circuits. Each hardware item was evaluated and analyzed for possible failure modes and effects. Criticality was assigned based upon the severity of the effect for each failure mode.

New control design principles based on measured performance and energy analysis of HVAC (Heating, Ventilating, and Air-Conditioning) systems

NASA Astrophysics Data System (ADS)

Hittle, D. C.; Johnson, D. L.

1985-01-01

This report is one of a series on the development of heating, ventilating, and air-conditioning (HVAC) control systems that are simple, efficient, reliable, maintainable, and well-documented. This report identifies major problems associated with three currently used HVAC control systems. It also describes the development of a retrofit control system applicable to military buildings that will allow easy identification of component failures, facilitate repair, and minimize system failures. Evaluation of currently used controls showed that pneumatic temperature control equipment requires a very clean source of supply air and is also not very accurate. Pneumatic, rather than electronic, actuators should be used because they are cheaper and require less maintenance. Thermistor temperature detectors should not be used for HVAC applications because they require frequent calibration. It was found that enthalpy economy cycles cannot be used for control because the humidity sensors required for their use are prone to rapid drift, inaccurate, and hard to calibrate in the field. Performance of control systems greatly affects HVAC operating costs. Significant savings can be achieved if proportional-plus-integral control schemes are used. Use of the retrofit prototype control panel developed in this study on variable-air-volume systems should provide significant energy cost savings, improve comfort and reliability, and reduce maintenance costs.

Implementation of an Adaptive Controller System from Concept to Flight Test

NASA Technical Reports Server (NTRS)

Larson, Richard R.; Burken, John J.; Butler, Bradley S.; Yokum, Steve

2009-01-01

The National Aeronautics and Space Administration Dryden Flight Research Center (Edwards, California) is conducting ongoing flight research using adaptive controller algorithms. A highly modified McDonnell-Douglas NF-15B airplane called the F-15 Intelligent Flight Control System (IFCS) is used to test and develop these algorithms. Modifications to this airplane include adding canards and changing the flight control systems to interface a single-string research controller processor for neural network algorithms. Research goals include demonstration of revolutionary control approaches that can efficiently optimize aircraft performance in both normal and failure conditions and advancement of neural-network-based flight control technology for new aerospace system designs. This report presents an overview of the processes utilized to develop adaptive controller algorithms during a flight-test program, including a description of initial adaptive controller concepts and a discussion of modeling formulation and performance testing. Design finalization led to integration with the system interfaces, verification of the software, validation of the hardware to the requirements, design of failure detection, development of safety limiters to minimize the effect of erroneous neural network commands, and creation of flight test control room displays to maximize human situational awareness; these are also discussed.

Fault-tolerant nonlinear adaptive flight control using sliding mode online learning.

PubMed

Krüger, Thomas; Schnetter, Philipp; Placzek, Robin; Vörsmann, Peter

2012-08-01

An expanded nonlinear model inversion flight control strategy using sliding mode online learning for neural networks is presented. The proposed control strategy is implemented for a small unmanned aircraft system (UAS). This class of aircraft is very susceptible towards nonlinearities like atmospheric turbulence, model uncertainties and of course system failures. Therefore, these systems mark a sensible testbed to evaluate fault-tolerant, adaptive flight control strategies. Within this work the concept of feedback linearization is combined with feed forward neural networks to compensate for inversion errors and other nonlinear effects. Backpropagation-based adaption laws of the network weights are used for online training. Within these adaption laws the standard gradient descent backpropagation algorithm is augmented with the concept of sliding mode control (SMC). Implemented as a learning algorithm, this nonlinear control strategy treats the neural network as a controlled system and allows a stable, dynamic calculation of the learning rates. While considering the system's stability, this robust online learning method therefore offers a higher speed of convergence, especially in the presence of external disturbances. The SMC-based flight controller is tested and compared with the standard gradient descent backpropagation algorithm in the presence of system failures. Copyright © 2012 Elsevier Ltd. All rights reserved.

Initial design and evaluation of automatic restructurable flight control system concepts

NASA Technical Reports Server (NTRS)

Weiss, J. L.; Looze, D. P.; Eterno, J. S.; Grunberg, D. B.

1986-01-01

Results of efforts to develop automatic control design procedures for restructurable aircraft control systems is presented. The restructurable aircraft control problem involves designing a fault tolerance control system which can accommodate a wide variety of unanticipated aircraft failure. Under NASA sponsorship, many of the technologies which make such a system possible were developed and tested. Future work will focus on developing a methodology for integrating these technologies and demonstration of a complete system.

In search of a human self-regulation system.

PubMed

Kelley, William M; Wagner, Dylan D; Heatherton, Todd F

2015-07-08

The capacity for self-regulation allows people to control their thoughts, behaviors, emotions, and desires. In spite of this impressive ability, failures of self-regulation are common and contribute to numerous societal problems, from obesity to drug addiction. Such failures frequently occur following exposure to highly tempting cues, during negative moods, or after self-regulatory resources have been depleted. Here we review the available neuroscientific evidence regarding self-regulation and its failures. At its core, self-regulation involves a critical balance between the strength of an impulse and an individual's ability to inhibit the desired behavior. Although neuroimaging and patient studies provide consistent evidence regarding the reward aspects of impulses and desires, the neural mechanisms that underlie the capacity for control have eluded consensus, with various executive control regions implicated in different studies. We outline the necessary properties for a self-regulation control system and suggest that the use of resting-state functional connectivity analyses may be useful for understanding how people regulate their behavior and why they sometimes fail in their attempts.

Adaptive Control in the Presence of Simultaneous Sensor Bias and Actuator Failures

NASA Technical Reports Server (NTRS)

Joshi, Suresh M.

2012-01-01

The problem of simultaneously accommodating unknown sensor biases and unknown actuator failures in uncertain systems is considered in a direct model reference adaptive control (MRAC) setting for state tracking using state feedback. Sensor biases and actuator faults may be present at the outset or may occur at unknown instants of time during operation. A modified MRAC law is proposed, which combines sensor bias estimation with control gain adaptation for accommodation of sensor biases and actuator failures. This control law is shown to provide signal boundedness in the resulting system. For the case when an external asymptotically stable sensor bias estimator is available, an MRAC law is developed to accomplish asymptotic state tracking and signal boundedness. For a special case wherein biases are only present in the rate measurements and bias-free position measurements are available, an MRAC law is developed using a model-independent bias estimator, and is shown to provide asymptotic state tracking with signal boundedness.

An Indirect Adaptive Control Scheme in the Presence of Actuator and Sensor Failures

NASA Technical Reports Server (NTRS)

Sun, Joy Z.; Josh, Suresh M.

2009-01-01

The problem of controlling a system in the presence of unknown actuator and sensor faults is addressed. The system is assumed to have groups of actuators, and groups of sensors, with each group consisting of multiple redundant similar actuators or sensors. The types of actuator faults considered consist of unknown actuators stuck in unknown positions, as well as reduced actuator effectiveness. The sensor faults considered include unknown biases and outages. The approach employed for fault detection and estimation consists of a bank of Kalman filters based on multiple models, and subsequent control reconfiguration to mitigate the effect of biases caused by failed components as well as to obtain stability and satisfactory performance using the remaining actuators and sensors. Conditions for fault identifiability are presented, and the adaptive scheme is applied to an aircraft flight control example in the presence of actuator failures. Simulation results demonstrate that the method can rapidly and accurately detect faults and estimate the fault values, thus enabling safe operation and acceptable performance in spite of failures.

Application of Fault Management Theory to the Quantitative Selection of a Launch Vehicle Abort Trigger Suite

NASA Technical Reports Server (NTRS)

Lo, Yunnhon; Johnson, Stephen B.; Breckenridge, Jonathan T.

2014-01-01

The theory of System Health Management (SHM) and of its operational subset Fault Management (FM) states that FM is implemented as a "meta" control loop, known as an FM Control Loop (FMCL). The FMCL detects that all or part of a system is now failed, or in the future will fail (that is, cannot be controlled within acceptable limits to achieve its objectives), and takes a control action (a response) to return the system to a controllable state. In terms of control theory, the effectiveness of each FMCL is estimated based on its ability to correctly estimate the system state, and on the speed of its response to the current or impending failure effects. This paper describes how this theory has been successfully applied on the National Aeronautics and Space Administration's (NASA) Space Launch System (SLS) Program to quantitatively estimate the effectiveness of proposed abort triggers so as to select the most effective suite to protect the astronauts from catastrophic failure of the SLS. The premise behind this process is to be able to quantitatively provide the value versus risk trade-off for any given abort trigger, allowing decision makers to make more informed decisions. All current and planned crewed launch vehicles have some form of vehicle health management system integrated with an emergency launch abort system to ensure crew safety. While the design can vary, the underlying principle is the same: detect imminent catastrophic vehicle failure, initiate launch abort, and extract the crew to safety. Abort triggers are the detection mechanisms that identify that a catastrophic launch vehicle failure is occurring or is imminent and cause the initiation of a notification to the crew vehicle that the escape system must be activated. While ensuring that the abort triggers provide this function, designers must also ensure that the abort triggers do not signal that a catastrophic failure is imminent when in fact the launch vehicle can successfully achieve orbit. That is, the abort triggers must have low false negative rates to be sure that real crew-threatening failures are detected, and also low false positive rates to ensure that the crew does not abort from non-crew-threatening launch vehicle behaviors. The analysis process described in this paper is a compilation of over six years of lessons learned and refinements from experiences developing abort triggers for NASA's Constellation Program (Ares I Project) and the SLS Program, as well as the simultaneous development of SHM/FM theory. The paper will describe the abort analysis concepts and process, developed in conjunction with SLS Safety and Mission Assurance (S&MA) to define a common set of mission phase, failure scenario, and Loss of Mission Environment (LOME) combinations upon which the SLS Loss of Mission (LOM) Probabilistic Risk Assessment (PRA) models are built. This abort analysis also requires strong coordination with the Multi-Purpose Crew Vehicle (MPCV) and SLS Structures and Environments (STE) to formulate a series of abortability tables that encapsulate explosion dynamics over the ascent mission phase. The design and assessment of abort conditions and triggers to estimate their Loss of Crew (LOC) Benefits also requires in-depth integration with other groups, including Avionics, Guidance, Navigation and Control(GN&C), the Crew Office, Mission Operations, and Ground Systems. The outputs of this analysis are a critical input to SLS S&MA's LOC PRA models. The process described here may well be the first full quantitative application of SHM/FM theory to the selection of a sensor suite for any aerospace system.

RICIS Symposium 1992: Mission and Safety Critical Systems Research and Applications

NASA Technical Reports Server (NTRS)

1992-01-01

This conference deals with computer systems which control systems whose failure to operate correctly could produce the loss of life and or property, mission and safety critical systems. Topics covered are: the work of standards groups, computer systems design and architecture, software reliability, process control systems, knowledge based expert systems, and computer and telecommunication protocols.

Failure Diagnosis for the Holdup Tank System via ISFA

DOE Office of Scientific and Technical Information (OSTI.GOV)

Li, Huijuan; Bragg-Sitton, Shannon; Smidts, Carol

This paper discusses the use of the integrated system failure analysis (ISFA) technique for fault diagnosis for the holdup tank system. ISFA is a simulation-based, qualitative and integrated approach used to study fault propagation in systems containing both hardware and software subsystems. The holdup tank system consists of a tank containing a fluid whose level is controlled by an inlet valve and an outlet valve. We introduce the component and functional models of the system, quantify the main parameters and simulate possible failure-propagation paths based on the fault propagation approach, ISFA. The results show that most component failures in themore » holdup tank system can be identified clearly and that ISFA is viable as a technique for fault diagnosis. Since ISFA is a qualitative technique that can be used in the very early stages of system design, this case study provides indications that it can be used early to study design aspects that relate to robustness and fault tolerance.« less

Automation Applications in an Advanced Air Traffic Management System : Volume 5A. DELTA Simulation Model - User's Guide

DOT National Transportation Integrated Search

1974-08-01

Volume 4 describes the automation requirements. A presentation of automation requirements is made for an advanced air traffic management system in terms of controller work for-e, computer resources, controller productivity, system manning, failure ef...

Forewarning of Failure in Complex Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Abercrombie, Robert K; Hively, Lee M; Prowell, Stacy J

2011-01-01

As the critical infrastructures of the United States have become more and more dependent on public and private networks, the potential for widespread national impact resulting from disruption or failure of these networks has also increased. Securing the nation s critical infrastructures requires protecting not only their physical systems but, just as important, the cyber portions of the systems on which they rely. A failure is inclusive of random events, design flaws, and instabilities caused by cyber (and/or physical) attack. One such domain is failure in critical equipment. A second is aging bridges. We discuss the workings of such amore » system in the context of the necessary sensors, command and control and data collection as well as the cyber security efforts that would support this system. Their application and the implications of this computing architecture are also discussed, with respect to our nation s aging infrastructure.« less

Sensor failure detection for jet engines

NASA Technical Reports Server (NTRS)

Beattie, E. C.; Laprad, R. F.; Akhter, M. M.; Rock, S. M.

1983-01-01

Revisions to the advanced sensor failure detection, isolation, and accommodation (DIA) algorithm, developed under the sensor failure detection system program were studied to eliminate the steady state errors due to estimation filter biases. Three algorithm revisions were formulated and one revision for detailed evaluation was chosen. The selected version modifies the DIA algorithm to feedback the actual sensor outputs to the integral portion of the control for the nofailure case. In case of a failure, the estimates of the failed sensor output is fed back to the integral portion. The estimator outputs are fed back to the linear regulator portion of the control all the time. The revised algorithm is evaluated and compared to the baseline algorithm developed previously.

Piloted Simulation Tests of Propulsion Control as Backup to Loss of Primary Flight Controls for a B747-400 Jet Transport

NASA Technical Reports Server (NTRS)

Bull, John; Mah, Robert; Hardy, Gordon; Sullivan, Barry; Jones, Jerry; Williams, Diane; Soukup, Paul; Winters, Jose

1997-01-01

Partial failures of aircraft primary flight control systems and structural damages to aircraft during flight have led to catastrophic accidents with subsequent loss of lives (e.g. DC-10, B-747, C-5, B-52, and others). Following the DC-10 accident at Sioux City, Iowa in 1989, the National Transportation Safety Board recommended 'Encourage research and development of backup flight control systems for newly certified wide-body airplanes that utilize an alternate source of motive power separate from that source used for the conventional control system.' This report describes the concept of a propulsion controlled aircraft (PCA), discusses pilot controls, displays, and procedures; and presents the results of a PCA piloted simulation test and evaluation of the B747-400 airplane conducted at NASA Ames Research Center in December, 1996. The purpose of the test was to develop and evaluate propulsion control throughout the full flight envelope of the B747-400 including worst case scenarios of engine failures and out of trim moments. Pilot ratings of PCA performance ranged from adequate to satisfactory. PCA performed well in unusual attitude recoveries at 35,000 ft altitude, performed well in fully coupled ILS approaches, performed well in single engine failures, and performed well at aft cg. PCA performance was primarily limited by out-of-trim moments.

Flight Test of an Adaptive Controller and Simulated Failure/Damage on the NASA NF-15B

NASA Technical Reports Server (NTRS)

Buschbacher, Mark; Maliska, Heather

2006-01-01

The method of flight-testing the Intelligent Flight Control System (IFCS) Second Generation (Gen-2) project on the NASA NF-15B is herein described. The Gen-2 project objective includes flight-testing a dynamic inversion controller augmented by a direct adaptive neural network to demonstrate performance improvements in the presence of simulated failure/damage. The Gen-2 objectives as implemented on the NASA NF-15B created challenges for software design, structural loading limitations, and flight test operations. Simulated failure/damage is introduced by modifying control surface commands, therefore requiring structural loads measurements. Flight-testing began with the validation of a structural loads model. Flight-testing of the Gen-2 controller continued, using test maneuvers designed in a sequenced approach. Success would clear the new controller with respect to dynamic response, simulated failure/damage, and with adaptation on and off. A handling qualities evaluation was conducted on the capability of the Gen-2 controller to restore aircraft response in the presence of a simulated failure/damage. Control room monitoring of loads sensors, flight dynamics, and controller adaptation, in addition to postflight data comparison to the simulation, ensured a safe methodology of buildup testing. Flight-testing continued without major incident to accomplish the project objectives, successfully uncovering strengths and weaknesses of the Gen-2 control approach in flight.

Heart failure services in the United Kingdom: rethinking the machine bureaucracy.

PubMed

Hawkins, Nathaniel M; Wright, David J; Capewell, Simon

2013-01-20

Poor outcomes and poor uptake of evidence based therapies persist for patients with heart failure in the United Kingdom. We offer a strategic analysis of services, defining the context, organization and objectives of the service, before focusing on implementation and performance. Critical flaws in past service development and performance are apparent, a consequence of failed performance management, policy and political initiative. The barriers to change and potential solutions are common to many health care systems. Integration, information, financing, incentives, innovation and values: all must be challenged and improved if heart failure services are to succeed. Modern healthcare requires open adaptive systems, continually learning and improving. The system also needs controls. Performance indicators should be simple, clinically relevant, and outcome focused. Heart failure presents one of the greatest opportunities to improve symptoms and survival with existing technology. To do so, heart failure services require radical reorganization. Copyright © 2011 Elsevier Ireland Ltd. All rights reserved.

Modeling Finite-Time Failure Probabilities in Risk Analysis Applications.

PubMed

Dimitrova, Dimitrina S; Kaishev, Vladimir K; Zhao, Shouqi

2015-10-01

In this article, we introduce a framework for analyzing the risk of systems failure based on estimating the failure probability. The latter is defined as the probability that a certain risk process, characterizing the operations of a system, reaches a possibly time-dependent critical risk level within a finite-time interval. Under general assumptions, we define two dually connected models for the risk process and derive explicit expressions for the failure probability and also the joint probability of the time of the occurrence of failure and the excess of the risk process over the risk level. We illustrate how these probabilistic models and results can be successfully applied in several important areas of risk analysis, among which are systems reliability, inventory management, flood control via dam management, infectious disease spread, and financial insolvency. Numerical illustrations are also presented. © 2015 Society for Risk Analysis.

Turbofan engine demonstration of sensor failure detection

NASA Technical Reports Server (NTRS)

Merrill, Walter C.; Delaat, John C.; Abdelwahab, Mahmood

1991-01-01

In the paper, the results of a full-scale engine demonstration of a sensor failure detection algorithm are presented. The algorithm detects, isolates, and accommodates sensor failures using analytical redundancy. The experimental hardware, including the F100 engine, is described. Demonstration results were obtained over a large portion of a typical flight envelope for the F100 engine. They include both subsonic and supersonic conditions at both medium and full, nonafter burning, power. Estimated accuracy, minimum detectable levels of sensor failures, and failure accommodation performance for an F100 turbofan engine control system are discussed.

Wire Rope Failure on the Guppy Winch

NASA Technical Reports Server (NTRS)

Figert, John

2016-01-01

On January 6, 2016 at El Paso, the Guppy winch motor was changed. After completion of the operational checks, the load bar was being reinstalled on the cargo pallet when the motor control FORWARD relay failed in the energized position. The pallet was pinned at all locations (each pin has a load capacity of 16,000 lbs.) while the winch was running. The wire rope snapped before aircraft power could be removed. After disassembly, the fractured wire rope was shipped to ES4 lab for further characterization of the wire rope portion of the failure. The system was being operated without a clear understanding of the system capability and function. The proximate cause was the failure of the K48 -Forward Winch Control Relay in the energized position, which allowed the motor to continuously run without command from the hand controller, and operation of the winch system with both controllers connected to the system. This prevented the emergency stop feature on the hand controller from functioning as designed. An electrical checkout engineering work instruction was completed and identified the failed relay and confirmed the emergency stop only paused the system when the STOP button on both connected hand controllers were depressed simultaneously. The winch system incorporates a torque limiting clutch. It is suspected that the clutch did not slip and the motor did not stall or overload the current limiter. Aircraft Engineering is looking at how to change the procedures to provide a checkout of the clutch and set to a slip torque limit appropriate to support operations.

Full-Authority Fault-Tolerant Electronic Engine Control System for Variable Cycle Engines.

DTIC Science & Technology

1982-04-01

single internally self-checked VLSI micro - processor . The selected configuration is an externally checked pair of com- mercially available...Electronic Engine Control FPMH Failures per Million Hours FTMP Fault Tolerant Multi- Processor FTSC Fault Tolerant Spaceborn Computer GRAMP Generalized...Removal * MTBR Mean Time Between Repair MTTF Mean Time to Failure xiii List of Abbreviations (continued) - NH High Pressure Rotor Speed O&S Operating

Predictive factors for renal failure and a control and treatment algorithm

PubMed Central

Cerqueira, Denise de Paula; Tavares, José Roberto; Machado, Regimar Carla

2014-01-01

Objectives to evaluate the renal function of patients in an intensive care unit, to identify the predisposing factors for the development of renal failure, and to develop an algorithm to help in the control of the disease. Method exploratory, descriptive, prospective study with a quantitative approach. Results a total of 30 patients (75.0%) were diagnosed with kidney failure and the main factors associated with this disease were: advanced age, systemic arterial hypertension, diabetes mellitus, lung diseases, and antibiotic use. Of these, 23 patients (76.6%) showed a reduction in creatinine clearance in the first 24 hours of hospitalization. Conclusion a decline in renal function was observed in a significant number of subjects, therefore, an algorithm was developed with the aim of helping in the control of renal failure in a practical and functional way. PMID:26107827

Preliminary design-lift/cruise fan research and technology airplane flight control system

NASA Technical Reports Server (NTRS)

Gotlieb, P.; Lewis, G. E.; Little, L. J.

1976-01-01

This report presents the preliminary design of a stability augmentation system for a NASA V/STOL research and technology airplane. This stability augmentation system is postulated as the simplest system that meets handling qualities levels for research and technology missions flown by NASA test pilots. The airplane studied in this report is a T-39 fitted with tilting lift/cruise fan nacelles and a nose fan. The propulsion system features a shaft interconnecting the three variable pitch fans and three power plants. The mathematical modeling is based on pre-wind tunnel test estimated data. The selected stability augmentation system uses variable gains scheduled with airspeed. Failure analysis of the system illustrates the benign effect of engine failure. Airplane rate sensor failure must be solved with redundancy.

The preliminary design of a lift-cruise fan airplane flight control system

NASA Technical Reports Server (NTRS)

Gotlieb, P.

1977-01-01

This paper presents the preliminary design of a stability augmentation system for a NASA V/STOL research and technology airplane. This stability augmentation system is postulated as the simplest system that meets handling-quality levels for research and technology missions flown by NASA test pilots. The airplane studied in this report is a modified T-39 fitted with tilting lift/cruise fan nacelles and a nose fan. The propulsion system features a shaft that interconnects three variable-pitch fans and three powerplants. The mathematical modeling is based on pre-wind tunnel test estimated data. The selected stability augmentation system uses variable gains scheduled with airspeed. Failure analysis of the system illustrates the benign effect of engine failure. Airplane rate sensor failure must be solved with redundancy.

Expert systems for automated maintenance of a Mars oxygen production system

NASA Technical Reports Server (NTRS)

Ash, Robert L.; Huang, Jen-Kuang; Ho, Ming-Tsang

1989-01-01

A prototype expert system was developed for maintaining autonomous operation of a Mars oxygen production system. Normal operation conditions and failure modes according to certain desired criteria are tested and identified. Several schemes for failure detection and isolation using forward chaining, backward chaining, knowledge-based and rule-based are devised to perform several housekeeping functions. These functions include self-health checkout, an emergency shut down program, fault detection and conventional control activities. An effort was made to derive the dynamic model of the system using Bond-Graph technique in order to develop the model-based failure detection and isolation scheme by estimation method. Finally, computer simulations and experimental results demonstrated the feasibility of the expert system and a preliminary reliability analysis for the oxygen production system is also provided.

Preliminary system design study for a digital fly-by-wire flight control system for an F-8C aircraft

NASA Technical Reports Server (NTRS)

Seacord, C. L.; Vaughn, D. K.

1976-01-01

The design of a fly-by-wire control system having a mission failure probability of less than one millionth failures per flight hour is examined. Emphasis was placed on developing actuator configurations that would improve the system performance, and consideration of the practical aspects of sensor/computer and computer/actuator interface implementation. Five basic configurations were defined as appropriate candidates for the F-8C research aircraft. Options on the basic configurations were included to cover variations in flight sensors, redundancy levels, data transmission techniques, processor input/output methods, and servo actuator arrangements. The study results can be applied to fly by wire systems for transport aircraft in general and the space shuttle.

PACS quality control and automatic problem notifier

NASA Astrophysics Data System (ADS)

Honeyman-Buck, Janice C.; Jones, Douglas; Frost, Meryll M.; Staab, Edward V.

1997-05-01

One side effect of installing a clinical PACS Is that users become dependent upon the technology and in some cases it can be very difficult to revert back to a film based system if components fail. The nature of system failures range from slow deterioration of function as seen in the loss of monitor luminance through sudden catastrophic loss of the entire PACS networks. This paper describes the quality control procedures in place at the University of Florida and the automatic notification system that alerts PACS personnel when a failure has happened or is anticipated. The goal is to recover from a failure with a minimum of downtime and no data loss. Routine quality control is practiced on all aspects of PACS, from acquisition, through network routing, through display, and including archiving. Whenever possible, the system components perform self and between platform checks for active processes, file system status, errors in log files, and system uptime. When an error is detected or a exception occurs, an automatic page is sent to a pager with a diagnostic code. Documentation on each code, trouble shooting procedures, and repairs are kept on an intranet server accessible only to people involved in maintaining the PACS. In addition to the automatic paging system for error conditions, acquisition is assured by an automatic fax report sent on a daily basis to all technologists acquiring PACS images to be used as a cross check that all studies are archived prior to being removed from the acquisition systems. Daily quality control is preformed to assure that studies can be moved from each acquisition and contrast adjustment. The results of selected quality control reports will be presented. The intranet documentation server will be described with the automatic pager system. Monitor quality control reports will be described and the cost of quality control will be quantified. As PACS is accepted as a clinical tool, the same standards of quality control must be established as are expected on other equipment used in the diagnostic process.

Operating manual for the miniservo-control tester

USGS Publications Warehouse

Rapp, W.L.

1986-01-01

Ever since the implementation of servo-control units (regular and minimodels) with manometers at U. S. Geological Survey streamflow stations, the need for an effective and efficient servo-control unit tester has been paramount among field personnel. In numerous cases, servo-control unit failures were blamed on battery failures and vice versa. There was no valid instrument to definitively identify cause of failure, let alone properly diagnose the servo-control/manometer system. In 1983, two servo-control unit testers were developed and fabricated. One was mechanical in fabrication, operation, and serviceability; the other was electronic. The testers were extensively used and evaluated in Maine, Ohio, Kansas, and Louisiana under a wide range of environmental conditions. The consensus to integrate the best aspects of both testers into one instrument allowed the Survey to finally solve its long-time need for an effective, efficient servo-control unit tester. (USGS)

Independent Orbiter Assessment (IOA): Analysis of the reaction control system, volume 1

NASA Technical Reports Server (NTRS)

Burkemper, V. J.; Haufler, W. A.; Odonnell, R. A.; Paul, D. J.

1987-01-01

The results of the Independent Orbiter Assessment (IOA) of the Failure Modes and Effects Analysis (FMEA) and Critical Items List (CIL) are presented. The IOA approach features a top-down analysis of the hardware to determine failure modes, criticality, and potential critical items. To preserve independence, this analysis was accomplished without reliance upon the results contained within the NASA FMEA/CIL documentation. This report documents the independent analysis results for the Reaction Control System (RCS). The purpose of the RCS is to provide thrust in and about the X, Y, Z axes for External Tank (ET) separation; orbit insertion maneuvers; orbit translation maneuvers; on-orbit attitude control; rendezvous; proximity operations (payload deploy and capture); deorbit maneuvers; and abort attitude control. The RCS is situated in three independent modules, one forward in the orbiter nose and one in each OMS/RCS pod. Each RCS module consists of the following subsystems: Helium Pressurization Subsystem; Propellant Storage and Distribution Subsystem; Thruster Subsystem; and Electrical Power Distribution and Control Subsystem. Of the failure modes analyzed, 307 could potentially result in a loss of life and/or loss of vehicle.

14 CFR 35.23 - Propeller control system.

Code of Federal Regulations, 2013 CFR

2013-01-01

... between operating modes, performs the functions defined by the applicant throughout the declared operating... system imbedded software must be designed and implemented by a method approved by the Administrator that... software errors. (d) The propeller control system must be designed and constructed so that the failure or...

14 CFR 35.23 - Propeller control system.

Code of Federal Regulations, 2012 CFR

2012-01-01

... between operating modes, performs the functions defined by the applicant throughout the declared operating... system imbedded software must be designed and implemented by a method approved by the Administrator that... software errors. (d) The propeller control system must be designed and constructed so that the failure or...

14 CFR 35.23 - Propeller control system.

Code of Federal Regulations, 2014 CFR

2014-01-01

... between operating modes, performs the functions defined by the applicant throughout the declared operating... system imbedded software must be designed and implemented by a method approved by the Administrator that... software errors. (d) The propeller control system must be designed and constructed so that the failure or...

Performance evaluation of the croissant production line with reparable machines

NASA Astrophysics Data System (ADS)

Tsarouhas, Panagiotis H.

2015-03-01

In this study, the analytical probability models for an automated serial production system, bufferless that consists of n-machines in series with common transfer mechanism and control system was developed. Both time to failure and time to repair a failure are assumed to follow exponential distribution. Applying those models, the effect of system parameters on system performance in actual croissant production line was studied. The production line consists of six workstations with different numbers of reparable machines in series. Mathematical models of the croissant production line have been developed using Markov process. The strength of this study is in the classification of the whole system in states, representing failures of different machines. Failure and repair data from the actual production environment have been used to estimate reliability and maintainability for each machine, workstation, and the entire line is based on analytical models. The analysis provides a useful insight into the system's behaviour, helps to find design inherent faults and suggests optimal modifications to upgrade the system and improve its performance.

A fault-tolerant intelligent robotic control system

NASA Technical Reports Server (NTRS)

Marzwell, Neville I.; Tso, Kam Sing

1993-01-01

This paper describes the concept, design, and features of a fault-tolerant intelligent robotic control system being developed for space and commercial applications that require high dependability. The comprehensive strategy integrates system level hardware/software fault tolerance with task level handling of uncertainties and unexpected events for robotic control. The underlying architecture for system level fault tolerance is the distributed recovery block which protects against application software, system software, hardware, and network failures. Task level fault tolerance provisions are implemented in a knowledge-based system which utilizes advanced automation techniques such as rule-based and model-based reasoning to monitor, diagnose, and recover from unexpected events. The two level design provides tolerance of two or more faults occurring serially at any level of command, control, sensing, or actuation. The potential benefits of such a fault tolerant robotic control system include: (1) a minimized potential for damage to humans, the work site, and the robot itself; (2) continuous operation with a minimum of uncommanded motion in the presence of failures; and (3) more reliable autonomous operation providing increased efficiency in the execution of robotic tasks and decreased demand on human operators for controlling and monitoring the robotic servicing routines.

A Framework for the Development of Scalable Heterogeneous Robot Teams with Dynamically Distributed Processing

NASA Astrophysics Data System (ADS)

Martin, Adrian

As the applications of mobile robotics evolve it has become increasingly less practical for researchers to design custom hardware and control systems for each problem. This research presents a new approach to control system design that looks beyond end-of-lifecycle performance and considers control system structure, flexibility, and extensibility. Toward these ends the Control ad libitum philosophy is proposed, stating that to make significant progress in the real-world application of mobile robot teams the control system must be structured such that teams can be formed in real-time from diverse components. The Control ad libitum philosophy was applied to the design of the HAA (Host, Avatar, Agent) architecture: a modular hierarchical framework built with provably correct distributed algorithms. A control system for exploration and mapping, search and deploy, and foraging was developed to evaluate the architecture in three sets of hardware-in-the-loop experiments. First, the basic functionality of the HAA architecture was studied, specifically the ability to: a) dynamically form the control system, b) dynamically form the robot team, c) dynamically form the processing network, and d) handle heterogeneous teams. Secondly, the real-time performance of the distributed algorithms was tested, and proved effective for the moderate sized systems tested. Furthermore, the distributed Just-in-time Cooperative Simultaneous Localization and Mapping (JC-SLAM) algorithm demonstrated accuracy equal to or better than traditional approaches in resource starved scenarios, while reducing exploration time significantly. The JC-SLAM strategies are also suitable for integration into many existing particle filter SLAM approaches, complementing their unique optimizations. Thirdly, the control system was subjected to concurrent software and hardware failures in a series of increasingly complex experiments. Even with unrealistically high rates of failure the control system was able to successfully complete its tasks. The HAA implementation designed following the Control ad libitum philosophy proved to be capable of dynamic team formation and extremely robust against both hardware and software failure; and, due to the modularity of the system there is significant potential for reuse of assets and future extensibility. One future goal is to make the source code publically available and establish a forum for the development and exchange of new agents.

Materials testing of the IUS techroll seal material

NASA Technical Reports Server (NTRS)

Nichols, R. L.; Hall, W. B.

1984-01-01

As a part of the investigation of the control system failure Inertial Upper Stage on IUS-1 flight to position a Tracking and Data Relay Satellite (TDRS) in geosynchronous orbit, the materials utilized in the techroll seal are evaluated for possible failure models. Studies undertaken included effect of temperature on the strength of the system, effect of fatigue on the strength of the system, thermogravimetric analysis, thermomechanical analysis, differential scanning calorimeter analysis, dynamic mechanical analysis, and peel test. The most likely failure mode is excessive temperature in the seal. In addition, the seal material is susceptible to fatigue damage which could be a contributing factor.

Software-Implemented Fault Tolerance in Communications Systems

NASA Technical Reports Server (NTRS)

Gantenbein, Rex E.

1994-01-01

Software-implemented fault tolerance (SIFT) is used in many computer-based command, control, and communications (C(3)) systems to provide the nearly continuous availability that they require. In the communications subsystem of Space Station Alpha, SIFT algorithms are used to detect and recover from failures in the data and command link between the Station and its ground support. The paper presents a review of these algorithms and discusses how such techniques can be applied to similar systems found in applications such as manufacturing control, military communications, and programmable devices such as pacemakers. With support from the Tracking and Communication Division of NASA's Johnson Space Center, researchers at the University of Wyoming are developing a testbed for evaluating the effectiveness of these algorithms prior to their deployment. This testbed will be capable of simulating a variety of C(3) system failures and recording the response of the Space Station SIFT algorithms to these failures. The design of this testbed and the applicability of the approach in other environments is described.

Using Utility Functions to Control a Distributed Storage System

DTIC Science & Technology

2008-05-01

Pinheiro et al. [2007] suggest this is not an accurate assumption. Nicola and Goyal [1990] examined correlated failures across multiversion software...F. and Goyal, A. (1990). Modeling of correlated failures and community error recovery in multiversion software. IEEE Transactions on Software

[Low Fidelity Simulation of a Zero-Y Robot

NASA Technical Reports Server (NTRS)

Sweet, Adam

2001-01-01

The item to be cleared is a low-fidelity software simulation model of a hypothetical freeflying robot designed for use in zero gravity environments. This simulation model works with the HCC simulation system that was developed by Xerox PARC and NASA Ames Research Center. HCC has been previously cleared for distribution. When used with the HCC software, the model computes the location and orientation of the simulated robot over time. Failures (such as a broken motor) can be injected into the simulation to produce simulated behavior corresponding to the failure. Release of this simulation will allow researchers to test their software diagnosis systems by attempting to diagnose the simulated failure from the simulated behavior. This model does not contain any encryption software nor can it perform any control tasks that might be export controlled.

Failure Control Techniques for the SSME

NASA Technical Reports Server (NTRS)

Taniguchi, M. H.

1987-01-01

Since ground testing of the Space Shuttle Main Engine (SSME) began in 1975, the detection of engine anomalies and the prevention of major damage have been achieved by a multi-faceted detection/shutdown system. The system continues the monitoring task today and consists of the following: sensors, automatic redline and other limit logic, redundant sensors and controller voting logic, conditional decision logic, and human monitoring. Typically, on the order of 300 to 500 measurements are sensed and recorded for each test, while on the order of 100 are used for control and monitoring. Despite extensive monitoring by the current detection system, twenty-seven (27) major incidents have occurred. This number would appear insignificant compared with over 1200 hot-fire tests which have taken place since 1976. However, the number suggests the requirement for and future benefits of a more advanced failure detection system.

Real-time automated failure identification in the Control Center Complex (CCC)

NASA Technical Reports Server (NTRS)

Kirby, Sarah; Lauritsen, Janet; Pack, Ginger; Ha, Anhhoang; Jowers, Steven; Mcnenny, Robert; Truong, The; Dell, James

1993-01-01

A system which will provide real-time failure management support to the Space Station Freedom program is described. The system's use of a simplified form of model based reasoning qualifies it as an advanced automation system. However, it differs from most such systems in that it was designed from the outset to meet two sets of requirements. First, it must provide a useful increment to the fault management capabilities of the Johnson Space Center (JSC) Control Center Complex (CCC) Fault Detection Management system. Second, it must satisfy CCC operational environment constraints such as cost, computer resource requirements, verification, and validation, etc. The need to meet both requirement sets presents a much greater design challenge than would have been the case had functionality been the sole design consideration. The choice of technology, discussing aspects of that choice and the process for migrating it into the control center is overviewed.

Inductive System Monitors Tasks

NASA Technical Reports Server (NTRS)

2008-01-01

The Inductive Monitoring System (IMS) software developed at Ames Research Center uses artificial intelligence and data mining techniques to build system-monitoring knowledge bases from archived or simulated sensor data. This information is then used to detect unusual or anomalous behavior that may indicate an impending system failure. Currently helping analyze data from systems that help fly and maintain the space shuttle and the International Space Station (ISS), the IMS has also been employed by data classes are then used to build a monitoring knowledge base. In real time, IMS performs monitoring functions: determining and displaying the degree of deviation from nominal performance. IMS trend analyses can detect conditions that may indicate a failure or required system maintenance. The development of IMS was motivated by the difficulty of producing detailed diagnostic models of some system components due to complexity or unavailability of design information. Successful applications have ranged from real-time monitoring of aircraft engine and control systems to anomaly detection in space shuttle and ISS data. IMS was used on shuttle missions STS-121, STS-115, and STS-116 to search the Wing Leading Edge Impact Detection System (WLEIDS) data for signs of possible damaging impacts during launch. It independently verified findings of the WLEIDS Mission Evaluation Room (MER) analysts and indicated additional points of interest that were subsequently investigated by the MER team. In support of the Exploration Systems Mission Directorate, IMS is being deployed as an anomaly detection tool on ISS mission control consoles in the Johnson Space Center Mission Operations Directorate. IMS has been trained to detect faults in the ISS Control Moment Gyroscope (CMG) systems. In laboratory tests, it has already detected several minor anomalies in real-time CMG data. When tested on archived data, IMS was able to detect precursors of the CMG1 failure nearly 15 hours in advance of the actual failure event. In the Aeronautics Research Mission Directorate, IMS successfully performed real-time engine health analysis. IMS was able to detect simulated failures and actual engine anomalies in an F/A-18 aircraft during the course of 25 test flights. IMS is also being used in colla

Hemodynamic parameters in a surgical devascularization model of fulminant hepatic failure in the minipig.

PubMed

Kieslichová, E; Ryska, M; Pantoflícek, T; Ryska, O; Zazula, R; Skobová, J

2005-01-01

Animal models of fulminant hepatic failure (FHF) are important for studying the pathophysiology of this process and for evaluation of the efficacy of artificial and bioartificial liver support systems. In experiments, hemodynamic parameters were monitored in a group of minipigs with FHF induced by surgical devascularization, and compared with those in a control group. During the experiment, animals were analgosedated and were on mechanical lung ventilation. Crystalloid and colloidal solutions were administered and norepinephrine in continuous infusion was applied if mean arterial pressure (MAP) decreased below 60 mm Hg despite adequate intravascular volumes. An increase in heart rate, and decreases in MAP and systemic vascular resistance, compared with the baseline, occurred in the FHF group from 6 h after surgery. A comparison of FHF and control groups revealed no significant differences in systemic vascular resistance and MAP until after 12 h after surgery (systemic vascular resistance index: 953 FHF vs. 1658 controls; p < 0.05; MAP: 58.1 FHF vs. 76 controls; p < 0.05). No significant differences in CI were seen between the FHF group and controls. FHF animals survived for about 13 h after surgery, i.e. a period, which we consider long enough to test a support device. The parameters are believed to be quite adequate, as we were able to maintain satisfactory hemodynamic stability in all experimental animals with induced acute hepatic failure.

Control allocation for gimballed/fixed thrusters

NASA Astrophysics Data System (ADS)

Servidia, Pablo A.

2010-02-01

Some overactuated control systems use a control distribution law between the controller and the set of actuators, usually called control allocator. Beyond the control allocator, the configuration of actuators may be designed to be able to operate after a single point of failure, for system optimization and/or decentralization objectives. For some type of actuators, a control allocation is used even without redundancy, being a good example the design and operation of thruster configurations. In fact, as the thruster mass flow direction and magnitude only can be changed under certain limits, this must be considered in the feedback implementation. In this work, the thruster configuration design is considered in the fixed (F), single-gimbal (SG) and double-gimbal (DG) thruster cases. The minimum number of thrusters for each case is obtained and for the resulting configurations a specific control allocation is proposed using a nonlinear programming algorithm, under nominal and single-point of failure conditions.

From Diagnosis to Action: An Automated Failure Advisor for Human Deep Space Missions

NASA Technical Reports Server (NTRS)

Colombano, Silvano; Spirkovska, Lilly; Baskaran, Vijayakumar; Morris, Paul; Mcdermott, William; Ossenfort, John; Bajwa, Anupa

2015-01-01

The major goal of current space system development at NASA is to enable human travel to deep space locations such as Mars and asteroids. At that distance, round trip communication with ground operators may take close to an hour, thus it becomes unfeasible to seek ground operator advice for problems that require immediate attention, either for crew safety or for activities that need to be performed at specific times for the attainment of scientific results. To achieve this goal, major reliance will need to be placed on automation systems capable of aiding the crew in detecting and diagnosing failures, assessing consequences of these failures, and providing guidance in repair activities that may be required. We report here on the most current step in the continuing development of such a system, and that is the addition of a Failure Response Advisor. In simple terms, we have a system in place the Advanced Caution and Warning System (ACAWS) to tell us what happened (failure diagnosis) and what happened because that happened (failure effects). The Failure Response Advisor will tell us what to do about it, how long until something must be done and why its important that something be done and will begin to approach the complex reasoning that is generally required for an optimal approach to automated system health management. This advice is based on the criticality and various timing elements, such as durations of activities and of component repairs, failure effects delay, and other factors. The failure advice is provided to operators (crew and mission controllers) together with the diagnostic and effects information. The operators also have the option to drill down for more information about the failure and the reasons for any suggested priorities.

Investigation of pump and pump switch failures in rainwater harvesting systems

NASA Astrophysics Data System (ADS)

Moglia, Magnus; Gan, Kein; Delbridge, Nathan; Sharma, Ashok K.; Tjandraatmadja, Grace

2016-07-01

Rainwater harvesting is an important technology in cities that can contribute to a number of functions, such as sustainable water management in the face of demand growth and drought as well as the detention of rainwater to increase flood protection and reduce damage to waterways. The objective of this article is to investigate the integrity of residential rainwater harvesting systems, drawing on the results of the field inspection of 417 rainwater systems across Melbourne that was combined with a survey of householders' situation, maintenance behaviour and attitudes. Specifically, the study moves beyond the assumption that rainwater systems are always operational and functional and draws on the collected data to explore the various reasons and rates of failure associated with pumps and pump switches, leaving for later further exploration of the failure in other components such as the collection area, gutters, tank, and overflows. To the best of the authors' knowledge, there is no data like this in academic literature or in the water sector. Straightforward Bayesian Network models were constructed in order to analyse the factors contributing to various types of failures, including system age, type of use, the reason for installation, installer, and maintenance behaviour. Results show that a number of issues commonly exist, such as failure of pumps (5% of systems), automatic pump switches that mediate between the tank and reticulated water (9% of systems), and systems with inadequate setups (i.e. no pump) limiting their use. In conclusion, there appears to be a lack of enforcement or quality controls in both installation practices by sometimes unskilled contractors and lack of ongoing maintenance checks. Mechanisms for quality control and asset management are required, but difficult to promote or enforce. Further work is needed into how privately owned assets that have public benefits could be better managed.

A Voyager attitude control perspective on fault tolerant systems

NASA Technical Reports Server (NTRS)

Rasmussen, R. D.; Litty, E. C.

1981-01-01

In current spacecraft design, a trend can be observed to achieve greater fault tolerance through the application of on-board software dedicated to detecting and isolating failures. Whether fault tolerance through software can meet the desired objectives depends on very careful consideration and control of the system in which the software is imbedded. The considered investigation has the objective to provide some of the insight needed for the required analysis of the system. A description is given of the techniques which have been developed in this connection during the development of the Voyager spacecraft. The Voyager Galileo Attitude and Articulation Control Subsystem (AACS) fault tolerant design is discussed to emphasize basic lessons learned from this experience. The central driver of hardware redundancy implementation on Voyager was known as the 'single point failure criterion'.

Making real-time reactive systems reliable

NASA Technical Reports Server (NTRS)

Marzullo, Keith; Wood, Mark

1990-01-01

A reactive system is characterized by a control program that interacts with an environment (or controlled program). The control program monitors the environment and reacts to significant events by sending commands to the environment. This structure is quite general. Not only are most embedded real time systems reactive systems, but so are monitoring and debugging systems and distributed application management systems. Since reactive systems are usually long running and may control physical equipment, fault tolerance is vital. The research tries to understand the principal issues of fault tolerance in real time reactive systems and to build tools that allow a programmer to design reliable, real time reactive systems. In order to make real time reactive systems reliable, several issues must be addressed: (1) How can a control program be built to tolerate failures of sensors and actuators. To achieve this, a methodology was developed for transforming a control program that references physical value into one that tolerates sensors that can fail and can return inaccurate values; (2) How can the real time reactive system be built to tolerate failures of the control program. Towards this goal, whether the techniques presented can be extended to real time reactive systems is investigated; and (3) How can the environment be specified in a way that is useful for writing a control program. Towards this goal, whether a system with real time constraints can be expressed as an equivalent system without such constraints is also investigated.

Care management for low-risk patients with heart failure: a randomized, controlled trial.

PubMed

DeBusk, Robert Frank; Miller, Nancy Houston; Parker, Kathleen Marie; Bandura, Albert; Kraemer, Helena Chmura; Cher, Daniel Joseph; West, Jeffrey Alan; Fowler, Michael Bruce; Greenwald, George

2004-10-19

Nurse care management programs for patients with chronic illness have been shown to be safe and effective. To determine whether a telephone-mediated nurse care management program for heart failure reduced the rate of rehospitalization for heart failure and for all causes over a 1-year period. Randomized, controlled trial of usual care with nurse management versus usual care alone in patients hospitalized for heart failure from May 1998 through October 2001. 5 northern California hospitals in a large health maintenance organization. Of 2786 patients screened, 462 met clinical criteria for heart failure and were randomly assigned (228 to intervention and 234 to usual care). Nurse care management provided structured telephone surveillance and treatment for heart failure and coordination of patients' care with primary care physicians. Time to first rehospitalization for heart failure or for any cause and time to a combined end point of first rehospitalization, emergency department visit, or death. At 1 year, half of the patients had been rehospitalized at least once and 11% had died. Only one third of rehospitalizations were for heart failure. The rate of first rehospitalization for heart failure was similar in both groups (proportional hazard, 0.85 [95% CI, 0.46 to 1.57]). The rate of all-cause rehospitalization was similar (proportional hazard, 0.98 [CI, 0.76 to 1.27]). The findings of this study, conducted in a single health care system, may not be generalizable to other health care systems. The overall effect of the intervention was minor. Among patients with heart failure at low risk on the basis of sociodemographic and medical attributes, nurse care management did not statistically significantly reduce rehospitalizations for heart failure or for any cause. Such programs may be less effective for patients at low risk than those at high risk.

Expert system for UNIX system reliability and availability enhancement

NASA Astrophysics Data System (ADS)

Xu, Catherine Q.

1993-02-01

Highly reliable and available systems are critical to the airline industry. However, most off-the-shelf computer operating systems and hardware do not have built-in fault tolerant mechanisms, the UNIX workstation is one example. In this research effort, we have developed a rule-based Expert System (ES) to monitor, command, and control a UNIX workstation system with hot-standby redundancy. The ES on each workstation acts as an on-line system administrator to diagnose, report, correct, and prevent certain types of hardware and software failures. If a primary station is approaching failure, the ES coordinates the switch-over to a hot-standby secondary workstation. The goal is to discover and solve certain fatal problems early enough to prevent complete system failure from occurring and therefore to enhance system reliability and availability. Test results show that the ES can diagnose all targeted faulty scenarios and take desired actions in a consistent manner regardless of the sequence of the faults. The ES can perform designated system administration tasks about ten times faster than an experienced human operator. Compared with a single workstation system, our hot-standby redundancy system downtime is predicted to be reduced by more than 50 percent by using the ES to command and control the system.

Expert System for UNIX System Reliability and Availability Enhancement

NASA Technical Reports Server (NTRS)

Xu, Catherine Q.

1993-01-01

Highly reliable and available systems are critical to the airline industry. However, most off-the-shelf computer operating systems and hardware do not have built-in fault tolerant mechanisms, the UNIX workstation is one example. In this research effort, we have developed a rule-based Expert System (ES) to monitor, command, and control a UNIX workstation system with hot-standby redundancy. The ES on each workstation acts as an on-line system administrator to diagnose, report, correct, and prevent certain types of hardware and software failures. If a primary station is approaching failure, the ES coordinates the switch-over to a hot-standby secondary workstation. The goal is to discover and solve certain fatal problems early enough to prevent complete system failure from occurring and therefore to enhance system reliability and availability. Test results show that the ES can diagnose all targeted faulty scenarios and take desired actions in a consistent manner regardless of the sequence of the faults. The ES can perform designated system administration tasks about ten times faster than an experienced human operator. Compared with a single workstation system, our hot-standby redundancy system downtime is predicted to be reduced by more than 50 percent by using the ES to command and control the system.

Oxygen sensor signal validation for the safety of the rebreather diver.

PubMed

Sieber, Arne; L'abbate, Antonio; Bedini, Remo

2009-03-01

In electronically controlled, closed-circuit rebreather diving systems, the partial pressure of oxygen inside the breathing loop is controlled with three oxygen sensors, a microcontroller and a solenoid valve - critical components that may fail. State-of-the-art detection of sensor failure, based on a voting algorithm, may fail under circumstances where two or more sensors show the same but incorrect values. The present paper details a novel rebreather controller that offers true sensor-signal validation, thus allowing efficient and reliable detection of sensor failure. The core components of this validation system are two additional solenoids, which allow an injection of oxygen or diluent gas directly across the sensor membrane.

Robust Stability and Control of Multi-Body Ground Vehicles with Uncertain Dynamics and Failures

DTIC Science & Technology

2010-01-01

and N. Zhang, 2008. “Robust stability control of vehicle rollover subject to actuator time delay”. Proc. IMechE Part I: J. of systems and control ...Dynamic Systems and Control Conference, Boston, MA, Sept 2010 R.K. Yedavalli,”Robust Stability of Linear Interval Parameter Matrix Family Problem...for control coupled output regulation for a class of systems is presented. In section 2.1.7, the control design algorithm developed in section

Flight-deck automation - Promises and problems

NASA Technical Reports Server (NTRS)

Wiener, E. L.; Curry, R. E.

1980-01-01

The paper analyzes the role of human factors in flight-deck automation, identifies problem areas, and suggests design guidelines. Flight-deck automation using microprocessor technology and display systems improves performance and safety while leading to a decrease in size, cost, and power consumption. On the other hand negative factors such as failure of automatic equipment, automation-induced error compounded by crew error, crew error in equipment set-up, failure to heed automatic alarms, and loss of proficiency must also be taken into account. Among the problem areas discussed are automation of control tasks, monitoring of complex systems, psychosocial aspects of automation, and alerting and warning systems. Guidelines are suggested for designing, utilising, and improving control and monitoring systems. Investigation into flight-deck automation systems is important as the knowledge gained can be applied to other systems such as air traffic control and nuclear power generation, but the many problems encountered with automated systems need to be analyzed and overcome in future research.

Computer system design description for SY-101 hydrogen mitigation test project data acquisition and control system (DACS-1)

DOE Office of Scientific and Technical Information (OSTI.GOV)

Ermi, A.M.

1997-05-01

Description of the Proposed Activity/REPORTABLE OCCURRENCE or PIAB: This ECN changes the computer systems design description support document describing the computers system used to control, monitor and archive the processes and outputs associated with the Hydrogen Mitigation Test Pump installed in SY-101. There is no new activity or procedure associated with the updating of this reference document. The updating of this computer system design description maintains an agreed upon documentation program initiated within the test program and carried into operations at time of turnover to maintain configuration control as outlined by design authority practicing guidelines. There are no new crediblemore » failure modes associated with the updating of information in a support description document. The failure analysis of each change was reviewed at the time of implementation of the Systems Change Request for all the processes changed. This document simply provides a history of implementation and current system status.« less

Number and placement of control system components considering possible failures. [for large space structures

NASA Technical Reports Server (NTRS)

Vander Velde, W. E.; Carignan, C. R.

1984-01-01

One of the first questions facing the designer of the control system for a large space structure is how many components actuators and sensors - to specify and where to place them on the structure. This paper presents a methodology which is intended to assist the designer in making these choices. A measure of controllability is defined which is a quantitative indication of how well the system can be controlled with a given set of actuators. Similarly, a measure of observability is defined which is a quantitative indication of how well the system can be observed with a given set of sensors. Then the effect of component unreliability is introduced by computing the average expected degree of controllability (observability) over the operating lifetime of the system accounting for the likelihood of various combinations of component failures. The problem of component location is resolved by optimizing this performance measure over the admissible set of locations. The variation of this optimized performance measure with number of actuators (sensors) is helpful in deciding how many components to use.

Prescribed-performance fault-tolerant control for feedback linearisable systems with an aircraft application

NASA Astrophysics Data System (ADS)

Gao, Gang; Wang, Jinzhi; Wang, Xianghua

2017-05-01

This paper investigates fault-tolerant control (FTC) for feedback linearisable systems (FLSs) and its application to an aircraft. To ensure desired transient and steady-state behaviours of the tracking error under actuator faults, the dynamic effect caused by the actuator failures on the error dynamics of a transformed model is analysed, and three control strategies are designed. The first FTC strategy is proposed as a robust controller, which relies on the explicit information about several parameters of the actuator faults. To eliminate the need for these parameters and the input chattering phenomenon, the robust control law is later combined with the adaptive technique to generate the adaptive FTC law. Next, the adaptive control law is further improved to achieve the prescribed performance under more severe input disturbance. Finally, the proposed control laws are applied to an air-breathing hypersonic vehicle (AHV) subject to actuator failures, which confirms the effectiveness of the proposed strategies.

F-15 837 IFCS Intelligent Flight Control System Project

NASA Technical Reports Server (NTRS)

Bosworth, John T.

2007-01-01

This viewgraph presentation reviews the use of Intelligent Flight Control System (IFCS) for the F-15. The goals of the project are: (1) Demonstrate Revolutionary Control Approaches that can Efficiently Optimize Aircraft Performance in both Normal and Failure Conditions (2) Advance Neural Network-Based Flight Control Technology for New Aerospace Systems Designs. The motivation for the development are to reduce the chance and skill required for survival.

Stochastic availability analysis of operational data systems in the Deep Space Network

NASA Technical Reports Server (NTRS)

Issa, T. N.

1991-01-01

Existing availability models of standby redundant systems consider only an operator's performance and its interaction with the hardware performance. In the case of operational data systems in the Deep Space Network (DSN), in addition to an operator system interface, a controller reconfigures the system and links a standby unit into the network data path upon failure of the operating unit. A stochastic (Markovian) process technique is used to model and analyze the availability performance and occurrence of degradation due to partial failures are quantitatively incorporated into the model. Exact expressions of the steady state availability and proportion degraded performance measures are derived for the systems under study. The interaction among the hardware, operator, and controller performance parameters and that interaction's effect on data availability are evaluated and illustrated for an operational data processing system.

Reliability Assessment for Low-cost Unmanned Aerial Vehicles

NASA Astrophysics Data System (ADS)

Freeman, Paul Michael

Existing low-cost unmanned aerospace systems are unreliable, and engineers must blend reliability analysis with fault-tolerant control in novel ways. This dissertation introduces the University of Minnesota unmanned aerial vehicle flight research platform, a comprehensive simulation and flight test facility for reliability and fault-tolerance research. An industry-standard reliability assessment technique, the failure modes and effects analysis, is performed for an unmanned aircraft. Particular attention is afforded to the control surface and servo-actuation subsystem. Maintaining effector health is essential for safe flight; failures may lead to loss of control incidents. Failure likelihood, severity, and risk are qualitatively assessed for several effector failure modes. Design changes are recommended to improve aircraft reliability based on this analysis. Most notably, the control surfaces are split, providing independent actuation and dual-redundancy. The simulation models for control surface aerodynamic effects are updated to reflect the split surfaces using a first-principles geometric analysis. The failure modes and effects analysis is extended by using a high-fidelity nonlinear aircraft simulation. A trim state discovery is performed to identify the achievable steady, wings-level flight envelope of the healthy and damaged vehicle. Tolerance of elevator actuator failures is studied using familiar tools from linear systems analysis. This analysis reveals significant inherent performance limitations for candidate adaptive/reconfigurable control algorithms used for the vehicle. Moreover, it demonstrates how these tools can be applied in a design feedback loop to make safety-critical unmanned systems more reliable. Control surface impairments that do occur must be quickly and accurately detected. This dissertation also considers fault detection and identification for an unmanned aerial vehicle using model-based and model-free approaches and applies those algorithms to experimental faulted and unfaulted flight test data. Flight tests are conducted with actuator faults that affect the plant input and sensor faults that affect the vehicle state measurements. A model-based detection strategy is designed and uses robust linear filtering methods to reject exogenous disturbances, e.g. wind, while providing robustness to model variation. A data-driven algorithm is developed to operate exclusively on raw flight test data without physical model knowledge. The fault detection and identification performance of these complementary but different methods is compared. Together, enhanced reliability assessment and multi-pronged fault detection and identification techniques can help to bring about the next generation of reliable low-cost unmanned aircraft.

A geometric approach to failure detection and identification in linear systems

NASA Technical Reports Server (NTRS)

Massoumnia, M. A.

1986-01-01

Using concepts of (C,A)-invariant and unobservability (complementary observability) subspaces, a geometric formulation of the failure detection and identification filter problem is stated. Using these geometric concepts, it is shown that it is possible to design a causal linear time-invariant processor that can be used to detect and uniquely identify a component failure in a linear time-invariant system, assuming: (1) The components can fail simultaneously, and (2) The components can fail only one at a time. In addition, a geometric formulation of Beard's failure detection filter problem is stated. This new formulation completely clarifies of output separability and mutual detectability introduced by Beard and also exploits the dual relationship between a restricted version of the failure detection and identification problem and the control decoupling problem. Moreover, the frequency domain interpretation of the results is used to relate the concepts of failure sensitive observers with the generalized parity relations introduced by Chow. This interpretation unifies the various failure detection and identification concepts and design procedures.

Lessons Learned and Flight Results from the F15 Intelligent Flight Control System Project

NASA Technical Reports Server (NTRS)

Bosworth, John

2006-01-01

A viewgraph presentation on the lessons learned and flight results from the F15 Intelligent Flight Control System (IFCS) project is shown. The topics include: 1) F-15 IFCS Project Goals; 2) Motivation; 3) IFCS Approach; 4) NASA F-15 #837 Aircraft Description; 5) Flight Envelope; 6) Limited Authority System; 7) NN Floating Limiter; 8) Flight Experiment; 9) Adaptation Goals; 10) Handling Qualities Performance Metric; 11) Project Phases; 12) Indirect Adaptive Control Architecture; 13) Indirect Adaptive Experience and Lessons Learned; 14) Gen II Direct Adaptive Control Architecture; 15) Current Status; 16) Effect of Canard Multiplier; 17) Simulated Canard Failure Stab Open Loop; 18) Canard Multiplier Effect Closed Loop Freq. Resp.; 19) Simulated Canard Failure Stab Open Loop with Adaptation; 20) Canard Multiplier Effect Closed Loop with Adaptation; 21) Gen 2 NN Wts from Simulation; 22) Direct Adaptive Experience and Lessons Learned; and 23) Conclusions

Apollo 16 Mission: Oxidizer Deservicing Tank Failure. No. 1; Anomaly Report

NASA Technical Reports Server (NTRS)

1972-01-01

An explosive failure of a ground support equipment decontamination unit tank occurred during the postflight deactivation of the oxidizer (nitrogen tetroxide) portion of the Apollo 16 command module reaction control system. A discussion of the significant aspects of the incident and conclusions are included.

Fault detection and identification in missile system guidance and control: a filtering approach

NASA Astrophysics Data System (ADS)

Padgett, Mary Lou; Evers, Johnny; Karplus, Walter J.

1996-03-01

Real-world applications of computational intelligence can enhance the fault detection and identification capabilities of a missile guidance and control system. A simulation of a bank-to- turn missile demonstrates that actuator failure may cause the missile to roll and miss the target. Failure of one fin actuator can be detected using a filter and depicting the filter output as fuzzy numbers. The properties and limitations of artificial neural networks fed by these fuzzy numbers are explored. A suite of networks is constructed to (1) detect a fault and (2) determine which fin (if any) failed. Both the zero order moment term and the fin rate term show changes during actuator failure. Simulations address the following questions: (1) How bad does the actuator failure have to be for detection to occur, (2) How bad does the actuator failure have to be for fault detection and isolation to occur, (3) are both zero order moment and fine rate terms needed. A suite of target trajectories are simulated, and properties and limitations of the approach reported. In some cases, detection of the failed actuator occurs within 0.1 second, and isolation of the failure occurs 0.1 after that. Suggestions for further research are offered.

Autonomous power management and distribution

NASA Technical Reports Server (NTRS)

Dolce, Jim; Kish, Jim

1990-01-01

The goal of the Autonomous Power System program is to develop and apply intelligent problem solving and control to the Space Station Freedom's electric power testbed being developed at NASA's Lewis Research Center. Objectives are to establish artificial intelligence technology paths, craft knowledge-based tools and products for power systems, and integrate knowledge-based and conventional controllers. This program represents a joint effort between the Space Station and Office of Aeronautics and Space Technology to develop and demonstrate space electric power automation technology capable of: (1) detection and classification of system operating status, (2) diagnosis of failure causes, and (3) cooperative problem solving for power scheduling and failure recovery. Program details, status, and plans will be presented.

Adaptive Flight Control for Aircraft Safety Enhancements

NASA Technical Reports Server (NTRS)

Nguyen, Nhan T.; Gregory, Irene M.; Joshi, Suresh M.

2008-01-01

This poster presents the current adaptive control research being conducted at NASA ARC and LaRC in support of the Integrated Resilient Aircraft Control (IRAC) project. The technique "Approximate Stability Margin Analysis of Hybrid Direct-Indirect Adaptive Control" has been developed at NASA ARC to address the needs for stability margin metrics for adaptive control that potentially enables future V&V of adaptive systems. The technique "Direct Adaptive Control With Unknown Actuator Failures" is developed at NASA LaRC to deal with unknown actuator failures. The technique "Adaptive Control with Adaptive Pilot Element" is being researched at NASA LaRC to investigate the effects of pilot interactions with adaptive flight control that can have implications of stability and performance.

In Search of a Human Self-Regulation System

PubMed Central

Kelley, William M.; Wagner, Dylan D.; Heatherton, Todd F.

2015-01-01

The capacity for self-regulation allows people to control their thoughts, behaviors, emotions, and desires. In spite of this impressive ability, failures of self-regulation are common and contribute to numerous societal problems, from obesity to drug addiction. Such failures frequently occur following exposure to highly tempting cues, during negative moods, or after self-regulatory resources have been depleted. Here we review the available neuroscientific evidence regarding self-regulation and its failures. At its core, self-regulation involves a critical balance between the strength of an impulse and an individual’s ability to inhibit the desired behavior. Although neuroimaging and patient studies provide consistent evidence regarding the reward aspects of impulses and desires, the neural mechanisms that underlie the capacity for control have eluded consensus, with various executive control regions implicated in different studies. We outline the necessary properties for a self-regulation control system and suggest that the use of resting-state functional connectivity analyses may be useful for understanding how people regulate their behavior and why they sometimes fail in their attempts. PMID:25938728

Relation of systemic and local muscle exercise capacity to skeletal muscle characteristics in men with congestive heart failure

NASA Technical Reports Server (NTRS)

Massie, B. M.; Simonini, A.; Sahgal, P.; Wells, L.; Dudley, G. A.

1996-01-01

OBJECTIVES. The present study was undertaken to further characterize changes in skeletal muscle morphology and histochemistry in congestive heart failure and to determine the relation of these changes to abnormalities of systemic and local muscle exercise capacity. BACKGROUND. Abnormalities of skeletal muscle appear to play a role in the limitation of exercise capacity in congestive heart failure, but information on the changes in muscle morphology and biochemistry and their relation to alterations in muscle function is limited. METHODS. Eighteen men with predominantly mild to moderate congestive heart failure (mean +/- SEM New York Heart Association functional class 2.6 +/- 0.2, ejection fraction 24 +/- 2%) and eight age- and gender-matched sedentary control subjects underwent measurements of peak systemic oxygen consumption (VO2) during cycle ergometry, resistance to fatigue of the quadriceps femoris muscle group and biopsy of the vastus lateralis muscle. RESULTS. Peak VO2 and resistance to fatigue were lower in the patients with heart failure than in control subjects (15.7 +/- 1.2 vs. 25.1 +/- 1.5 ml/min-kg and 63 +/- 2% vs. 85 +/- 3%, respectively, both p < 0.001). Patients had a lower proportion of slow twitch, type I fibers than did control subjects (36 +/- 3% vs. 46 +/- 5%, p = 0.048) and a higher proportion of fast twitch, type IIab fibers (18 +/- 3% vs. 7 +/- 2%, p = 0.004). Fiber cross-sectional area was smaller, and single-fiber succinate dehydrogenase activity, a mitochondrial oxidative marker, was lower in patients (both p < or = 0.034). Likewise, the ratio of average fast twitch to slow twitch fiber cross-sectional area was lower in patients (0.780 +/- 0.06 vs. 1.05 +/- 0.08, p = 0.019). Peak VO2 was strongly related to integrated succinate dehydrogenase activity in patients (r = 0.896, p = 0.001). Peak VO2, resistance to fatigue and strength also correlated significantly with several measures of fiber size, especially of fast twitch fibers, in patients. None of the skeletal muscle characteristics examined correlated with exercise capacity in control subjects. CONCLUSIONS. These results indicate that congestive heart failure is associated with changes in the characteristics of skeletal muscle and local as well as systemic exercise performance. There are fewer slow twitch fibers, smaller fast twitch fibers and lower succinate dehydrogenase activity. The latter finding suggests that mitochondrial content of muscle is reduced in heart failure and that impaired aerobic-oxidative capacity may play a role in the limitation of systemic exercise capacity.

Implementation of an Adaptive Controller System from Concept to Flight Test

NASA Technical Reports Server (NTRS)

Larson, Richard R.; Burken, John J.; Butler, Bradley S.

2009-01-01

The National Aeronautics and Space Administration Dryden Flight Research Center (Edwards, California) is conducting ongoing flight research using adaptive controller algorithms. A highly modified McDonnell-Douglas NF-15B airplane called the F-15 Intelligent Flight Control System (IFCS) was used for these algorithms. This airplane has been modified by the addition of canards and by changing the flight control systems to interface a single-string research controller processor for neural network algorithms. Research goals included demonstration of revolutionary control approaches that can efficiently optimize aircraft performance for both normal and failure conditions, and to advance neural-network-based flight control technology for new aerospace systems designs. Before the NF-15B IFCS airplane was certified for flight test, however, certain processes needed to be completed. This paper presents an overview of these processes, including a description of the initial adaptive controller concepts followed by a discussion of modeling formulation and performance testing. Upon design finalization, the next steps are: integration with the system interfaces, verification of the software, validation of the hardware to the requirements, design of failure detection, development of safety limiters to minimize the effect of erroneous neural network commands, and creation of flight test control room displays to maximize human situational awareness.

Robot Position Sensor Fault Tolerance

NASA Technical Reports Server (NTRS)

Aldridge, Hal A.

1997-01-01

Robot systems in critical applications, such as those in space and nuclear environments, must be able to operate during component failure to complete important tasks. One failure mode that has received little attention is the failure of joint position sensors. Current fault tolerant designs require the addition of directly redundant position sensors which can affect joint design. A new method is proposed that utilizes analytical redundancy to allow for continued operation during joint position sensor failure. Joint torque sensors are used with a virtual passive torque controller to make the robot joint stable without position feedback and improve position tracking performance in the presence of unknown link dynamics and end-effector loading. Two Cartesian accelerometer based methods are proposed to determine the position of the joint. The joint specific position determination method utilizes two triaxial accelerometers attached to the link driven by the joint with the failed position sensor. The joint specific method is not computationally complex and the position error is bounded. The system wide position determination method utilizes accelerometers distributed on different robot links and the end-effector to determine the position of sets of multiple joints. The system wide method requires fewer accelerometers than the joint specific method to make all joint position sensors fault tolerant but is more computationally complex and has lower convergence properties. Experiments were conducted on a laboratory manipulator. Both position determination methods were shown to track the actual position satisfactorily. A controller using the position determination methods and the virtual passive torque controller was able to servo the joints to a desired position during position sensor failure.

Risk Factors for Asthma Exacerbation and Treatment Failure in Adults and Adolescents with Well-Controlled Asthma during Continuation and Step Down Therapy.

PubMed

DiMango, Emily; Rogers, Linda; Reibman, Joan; Gerald, Lynn B; Brown, Mark; Sugar, Elizabeth A; Henderson, Robert; Holbrook, Janet T

2018-06-04

Although national and international guidelines recommend reduction of asthma controller therapy or 'step-down" therapy in patients with well controlled asthma, it is expected that some individuals may experience worsening of asthma symptoms or asthma exacerbations during step-down. Characteristics associated with subsequent exacerbations during step-down therapy have not been well defined. The effect of environmental tobacco smoke (ETS) exposure on risk of treatment failure during asthma step down therapy has not been reported. To identify baseline characteristics associated with treatment failure and asthma exacerbation during maintenance and guideline-based step-down therapy. The present analysis uses data collected from a completed randomized controlled trial of optimal step-down therapy in patients with well controlled asthma taking moderate dose combination inhaled corticosteroids/long acting beta agonists. Participants were 12 years or older with physician diagnosed asthma and were enrolled between December 2011 and May 2014. An Emergency Room visit in the previous year was predictive of a subsequent treatment failure (HR 1.53 (1.06, 2.21 CI). For every 10% increase in baseline forced expiratory volume in one second percent predicted, the hazard for treatment failure was reduced by 14% (95% CI: 0.74-0.99). There was no difference in risk of treatment failure between adults and children, nor did duration of asthma increase risk of treatment failure. Age of asthma onset was not associated with increased risk of treatment failure. Unexpected emergency room visit in the previous year was the only risk factor significantly associated with subsequent asthma exacerbations requiring systemic corticosteroids. Time to treatment failure or exacerbation did not differ in participants with and without self-report of ETS exposure. The present findings can help clinicians identify patients more likely to develop treatment failures and exacerbations and who may therefore require closer monitoring during asthma step-down treatment. Individuals with reduced pulmonary function, a history of exacerbations, and early onset disease, even if otherwise well controlled, may require closer observation to prevent treatment failures and asthma exacerbations. Clinical trial registered with ClinicalTrials.gov (NCT01437995).

Microwave Ablation of Porcine Kidneys in vivo: Effect of two Different Ablation Modes ('Temperature Control' and 'Power Control') on Procedural Outcome

DOE Office of Scientific and Technical Information (OSTI.GOV)

Sommer, C. M., E-mail: christof.sommer@med.uni-heidelberg.de; Arnegger, F.; Koch, V.

2012-06-15

Purpose: This study was designed to analyze the effect of two different ablation modes ('temperature control' and 'power control') of a microwave system on procedural outcome in porcine kidneys in vivo. Methods: A commercially available microwave system (Avecure Microwave Generator; MedWaves, San Diego, CA) was used. The system offers the possibility to ablate with two different ablation modes: temperature control and power control. Thirty-two microwave ablations were performed in 16 kidneys of 8 pigs. In each animal, one kidney was ablated twice by applying temperature control (ablation duration set point at 60 s, ablation temperature set point at 96 Degree-Signmore » C, automatic power set point; group I). The other kidney was ablated twice by applying power control (ablation duration set point at 60 s, ablation temperature set point at 96 Degree-Sign C, ablation power set point at 24 W; group II). Procedural outcome was analyzed: (1) technical success (e.g., system failures, duration of the ablation cycle), and (2) ablation geometry (e.g., long axis diameter, short axis diameter, and circularity). Results: System failures occurred in 0% in group I and 13% in group II. Duration of the ablation cycle was 60 {+-} 0 s in group I and 102 {+-} 21 s in group II. Long axis diameter was 20.3 {+-} 4.6 mm in group I and 19.8 {+-} 3.5 mm in group II (not significant (NS)). Short axis diameter was 10.3 {+-} 2 mm in group I and 10.5 {+-} 2.4 mm in group II (NS). Circularity was 0.5 {+-} 0.1 in group I and 0.5 {+-} 0.1 in group II (NS). Conclusions: Microwave ablations performed with temperature control showed fewer system failures and were finished faster. Both ablation modes demonstrated no significant differences with respect to ablation geometry.« less

78 FR 10055 - Special Conditions: Tamarack Aerospace Group, Cirrus Model SR22; Active Technology Load...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-02-13

... with Tamarack Aerospace Group's modification. The design change will install winglets and an Active... not aware of the failure. Warning systems must not activate the control system. (b) The design of the... abrupt Tamarack Active Control Surface (TACS) operation. (b) The load alleviation system must be designed...

A.I.-based real-time support for high performance aircraft operations

NASA Technical Reports Server (NTRS)

Vidal, J. J.

1985-01-01

Artificial intelligence (AI) based software and hardware concepts are applied to the handling system malfunctions during flight tests. A representation of malfunction procedure logic using Boolean normal forms are presented. The representation facilitates the automation of malfunction procedures and provides easy testing for the embedded rules. It also forms a potential basis for a parallel implementation in logic hardware. The extraction of logic control rules, from dynamic simulation and their adaptive revision after partial failure are examined. It uses a simplified 2-dimensional aircraft model with a controller that adaptively extracts control rules for directional thrust that satisfies a navigational goal without exceeding pre-established position and velocity limits. Failure recovery (rule adjusting) is examined after partial actuator failure. While this experiment was performed with primitive aircraft and mission models, it illustrates an important paradigm and provided complexity extrapolations for the proposed extraction of expertise from simulation, as discussed. The use of relaxation and inexact reasoning in expert systems was also investigated.

Intelligent Case Based Decision Support System for Online Diagnosis of Automated Production System

NASA Astrophysics Data System (ADS)

Ben Rabah, N.; Saddem, R.; Ben Hmida, F.; Carre-Menetrier, V.; Tagina, M.

2017-01-01

Diagnosis of Automated Production System (APS) is a decision-making process designed to detect, locate and identify a particular failure caused by the control law. In the literature, there are three major types of reasoning for industrial diagnosis: the first is model-based, the second is rule-based and the third is case-based. The common and major limitation of the first and the second reasonings is that they do not have automated learning ability. This paper presents an interactive and effective Case Based Decision Support System for online Diagnosis (CB-DSSD) of an APS. It offers a synergy between the Case Based Reasoning (CBR) and the Decision Support System (DSS) in order to support and assist Human Operator of Supervision (HOS) in his/her decision process. Indeed, the experimental evaluation performed on an Interactive Training System for PLC (ITS PLC) that allows the control of a Programmable Logic Controller (PLC), simulating sensors or/and actuators failures and validating the control algorithm through a real time interactive experience, showed the efficiency of our approach.

System for Anomaly and Failure Detection (SAFD) system development

NASA Technical Reports Server (NTRS)

Oreilly, D.

1992-01-01

This task specified developing the hardware and software necessary to implement the System for Anomaly and Failure Detection (SAFD) algorithm, developed under Technology Test Bed (TTB) Task 21, on the TTB engine stand. This effort involved building two units; one unit to be installed in the Block II Space Shuttle Main Engine (SSME) Hardware Simulation Lab (HSL) at Marshall Space Flight Center (MSFC), and one unit to be installed at the TTB engine stand. Rocketdyne personnel from the HSL performed the task. The SAFD algorithm was developed as an improvement over the current redline system used in the Space Shuttle Main Engine Controller (SSMEC). Simulation tests and execution against previous hot fire tests demonstrated that the SAFD algorithm can detect engine failure as much as tens of seconds before the redline system recognized the failure. Although the current algorithm only operates during steady state conditions (engine not throttling), work is underway to expand the algorithm to work during transient condition.

URV Flight Test of an ADA Implemented Self-Repairing Flight Control System

DTIC Science & Technology

1992-08-01

USE ONLY(Leave blank) I2. REPORT DATE j3.REOTYPANDTSCVRD JAUG 1992 j FINAL 01/01/85--08/31/92 4. TITLE AND SUBTITLE URV FL GHT TEST OF AN ADA IMPLEMESNT...History of the XBQM-106 2 2.0 Self-Repairing Flight Control System 4 Introduction 2.1 Control System Reconfiguration 5 Strategy 2.2 Failure Detection...ji * Ill ’ha A GJ s.d I I I C S U L 3 2.0 Self-Repairing Flight Control System Introduction Self-Repairing Flight Control Systems (SRFCS) are an

Investigation of air transportation technology at Princeton University, 1990-1991

NASA Technical Reports Server (NTRS)

Stengel, Robert F.

1991-01-01

The Air Transportation Technology Program at Princeton University is a program that emphasizes graduate and undergraduate student research. The program proceeded along six avenues during the past year: microburst hazards to aircraft, intelligent failure tolerant control, computer-aided heuristics for piloted flight, stochastic robustness of flight control systems, neural networks for flight control, and computer-aided control system design.

Markov Chains For Testing Redundant Software

NASA Technical Reports Server (NTRS)

White, Allan L.; Sjogren, Jon A.

1990-01-01

Preliminary design developed for validation experiment that addresses problems unique to assuring extremely high quality of multiple-version programs in process-control software. Approach takes into account inertia of controlled system in sense it takes more than one failure of control program to cause controlled system to fail. Verification procedure consists of two steps: experimentation (numerical simulation) and computation, with Markov model for each step.

Reliability analysis for the smart grid : from cyber control and communication to physical manifestations of failure.

DOT National Transportation Integrated Search

2010-01-01

The Smart Grid is a cyber-physical system comprised of physical components, such as transmission lines and generators, and a : network of embedded systems deployed for their cyber control. Our objective is to qualitatively and quantitatively analyze ...

Organizational Context and the Success of Management Information Systems

ERIC Educational Resources Information Center

Ein-Dor, Phillip; Segev, Eli

1978-01-01

This paper identifies the organizational context variables affecting the success and failure of management information systems. The variables are categorized as uncontrollable, partially controllable, and controlled. Available from the Institue of Management Sciences, Circulation Dept., 345 Whitney Avenue, New Haven, Connecticut 06511; Single copy…

Development of a Design Methodology for Reconfigurable Flight Control Systems

NASA Technical Reports Server (NTRS)

Hess, Ronald A.; McLean, C.

2000-01-01

A methodology is presented for the design of flight control systems that exhibit stability and performance-robustness in the presence of actuator failures. The design is based upon two elements. The first element consists of a control law that will ensure at least stability in the presence of a class of actuator failures. This law is created by inner-loop, reduced-order, linear dynamic inversion, and outer-loop compensation based upon Quantitative Feedback Theory. The second element consists of adaptive compensators obtained from simple and approximate time-domain identification of the dynamics of the 'effective vehicle' with failed actuator(s). An example involving the lateral-directional control of a fighter aircraft is employed both to introduce the proposed methodology and to demonstrate its effectiveness and limitations.

An improved approach for flight readiness certification: Methodology for failure risk assessment and application examples. Volume 2: Software documentation

NASA Technical Reports Server (NTRS)

Moore, N. R.; Ebbeler, D. H.; Newlin, L. E.; Sutharshana, S.; Creager, M.

1992-01-01

An improved methodology for quantitatively evaluating failure risk of spaceflight systems to assess flight readiness and identify risk control measures is presented. This methodology, called Probabilistic Failure Assessment (PFA), combines operating experience from tests and flights with engineering analysis to estimate failure risk. The PFA methodology is of particular value when information on which to base an assessment of failure risk, including test experience and knowledge of parameters used in engineering analyses of failure phenomena, is expensive or difficult to acquire. The PFA methodology is a prescribed statistical structure in which engineering analysis models that characterize failure phenomena are used conjointly with uncertainties about analysis parameters and/or modeling accuracy to estimate failure probability distributions for specific failure modes, These distributions can then be modified, by means of statistical procedures of the PFA methodology, to reflect any test or flight experience. Conventional engineering analysis models currently employed for design of failure prediction are used in this methodology. The PFA methodology is described and examples of its application are presented. Conventional approaches to failure risk evaluation for spaceflight systems are discussed, and the rationale for the approach taken in the PFA methodology is presented. The statistical methods, engineering models, and computer software used in fatigue failure mode applications are thoroughly documented.

An improved approach for flight readiness certification: Methodology for failure risk assessment and application examples, volume 1

NASA Technical Reports Server (NTRS)

Moore, N. R.; Ebbeler, D. H.; Newlin, L. E.; Sutharshana, S.; Creager, M.

1992-01-01

An improved methodology for quantitatively evaluating failure risk of spaceflight systems to assess flight readiness and identify risk control measures is presented. This methodology, called Probabilistic Failure Assessment (PFA), combines operating experience from tests and flights with engineering analysis to estimate failure risk. The PFA methodology is of particular value when information on which to base an assessment of failure risk, including test experience and knowledge of parameters used in engineering analyses of failure phenomena, is expensive or difficult to acquire. The PFA methodology is a prescribed statistical structure in which engineering analysis models that characterize failure phenomena are used conjointly with uncertainties about analysis parameters and/or modeling accuracy to estimate failure probability distributions for specific failure modes. These distributions can then be modified, by means of statistical procedures of the PFA methodology, to reflect any test or flight experience. Conventional engineering analysis models currently employed for design of failure prediction are used in this methodology. The PFA methodology is described and examples of its application are presented. Conventional approaches to failure risk evaluation for spaceflight systems are discussed, and the rationale for the approach taken in the PFA methodology is presented. The statistical methods, engineering models, and computer software used in fatigue failure mode applications are thoroughly documented.

Ecological validity of the five digit test and the oral trails test.

PubMed

Paiva, Gabrielle Chequer de Castro; Fialho, Mariana Braga; Costa, Danielle de Souza; Paula, Jonas Jardim de

2016-01-01

Tests evaluating the attentional-executive system are widely used in clinical practice. However, proximity of an objective cognitive test with real-world situations (ecological validity) is not frequently investigated. The present study evaluate the association between measures of the Five Digit Test (FDT) and the Oral Trails Test (OTT) with self-reported cognitive failures in everyday life as measured by the Cognitive Failures Questionnaire (CFQ). Brazilian adults from 18-to-65 years old voluntarily performed the FDT and OTT tests and reported the frequency of cognitive failures in their everyday life through the CFQ. After controlling for the age effect, the measures of controlled attentional processes were associated with cognitive failures, yet the cognitive flexibility of both FDT and OTT accounted for by the majority of variance in most aspects of the CFQ factors. The FDT and the OTT measures were predictive of real-world problems such as cognitive failures in everyday activities/situations.

Reliability considerations in the placement of control system components

NASA Technical Reports Server (NTRS)

Montgomery, R. C.

1983-01-01

This paper presents a methodology, along with applications to a grid type structure, for incorporating reliability considerations in the decision for actuator placement on large space structures. The method involves the minimization of a criterion that considers mission life and the reliability of the system components. It is assumed that the actuator gains are to be readjusted following failures, but their locations cannot be changed. The goal of the design is to suppress vibrations of the grid and the integral square of the grid modal amplitudes is used as a measure of performance of the control system. When reliability of the actuators is considered, a more pertinent measure is the expected value of the integral; that is, the sum of the squares of the modal amplitudes for each possible failure state considered, multiplied by the probability that the failure state will occur. For a given set of actuator locations, the optimal criterion may be graphed as a function of the ratio of the mean time to failure of the components and the design mission life or reservicing interval. The best location of the actuators is typically different for a short mission life than for a long one.

10 CFR 55.41 - Written examination: Operators.

Code of Federal Regulations, 2013 CFR

2013-01-01

... elements, control rods, core instrumentation, and coolant flow. (3) Mechanical components and design..., and functions of reactivity control mechanisms and instrumentation. (7) Design, components, and functions of control and safety systems, including instrumentation, signals, interlocks, failure modes, and...

10 CFR 55.41 - Written examination: Operators.

Code of Federal Regulations, 2014 CFR

2014-01-01

... elements, control rods, core instrumentation, and coolant flow. (3) Mechanical components and design..., and functions of reactivity control mechanisms and instrumentation. (7) Design, components, and functions of control and safety systems, including instrumentation, signals, interlocks, failure modes, and...

Safety Verification of a Fault Tolerant Reconfigurable Autonomous Goal-Based Robotic Control System

NASA Technical Reports Server (NTRS)

Braman, Julia M. B.; Murray, Richard M; Wagner, David A.

2007-01-01

Fault tolerance and safety verification of control systems are essential for the success of autonomous robotic systems. A control architecture called Mission Data System (MDS), developed at the Jet Propulsion Laboratory, takes a goal-based control approach. In this paper, a method for converting goal network control programs into linear hybrid systems is developed. The linear hybrid system can then be verified for safety in the presence of failures using existing symbolic model checkers. An example task is simulated in MDS and successfully verified using HyTech, a symbolic model checking software for linear hybrid systems.

Orthogonal series generalized likelihood ratio test for failure detection and isolation. [for aircraft control

NASA Technical Reports Server (NTRS)

Hall, Steven R.; Walker, Bruce K.

1990-01-01

A new failure detection and isolation algorithm for linear dynamic systems is presented. This algorithm, the Orthogonal Series Generalized Likelihood Ratio (OSGLR) test, is based on the assumption that the failure modes of interest can be represented by truncated series expansions. This assumption leads to a failure detection algorithm with several desirable properties. Computer simulation results are presented for the detection of the failures of actuators and sensors of a C-130 aircraft. The results show that the OSGLR test generally performs as well as the GLR test in terms of time to detect a failure and is more robust to failure mode uncertainty. However, the OSGLR test is also somewhat more sensitive to modeling errors than the GLR test.

Independent Orbiter Assessment (IOA): Analysis of the hydraulics/water spray boiler subsystem

NASA Technical Reports Server (NTRS)

Duval, J. D.; Davidson, W. R.; Parkman, William E.

1986-01-01

The results of the Independent Orbiter Assessment (IOA) of the Failure Modes and Effects Analysis (FMEA) and Critical Items List (CIL) are presented. The IOA approach features a top-down analysis of the hardware to determine failure modes, criticality, and potential critical items (PCIs). To preserve independence, this analysis was accomplished without reliance upon the results contained within the NASA FMEA/CIL documentation. This report documents the independent analysis results for the Orbiter Hydraulics/Water Spray Boiler Subsystem. The hydraulic system provides hydraulic power to gimbal the main engines, actuate the main engine propellant control valves, move the aerodynamic flight control surfaces, lower the landing gear, apply wheel brakes, steer the nosewheel, and dampen the external tank (ET) separation. Each hydraulic system has an associated water spray boiler which is used to cool the hydraulic fluid and APU lubricating oil. The IOA analysis process utilized available HYD/WSB hardware drawings, schematics and documents for defining hardware assemblies, components, and hardware items. Each level of hardware was evaluated and analyzed for possible failure modes and effects. Criticality was assigned based upon the severity of the effect for each failure mode. Of the 430 failure modes analyzed, 166 were determined to be PCIs.

Independent Orbiter Assessment (IOA): Analysis of the remote manipulator system

NASA Technical Reports Server (NTRS)

Tangorra, F.; Grasmeder, R. F.; Montgomery, A. D.

1987-01-01

The results of the Independent Orbiter Assessment (IOA) of the Failure Modes and Effects Analysis (FMEA) and Critical Items List (CIL) are presented. The IOA approach features a top-down analysis of the hardware to determine failure modes, criticality, and potential critical items (PCIs). To preserve independence, this analysis was accomplished without reliance upon the results contained within the NASA FMEA/CIL documentation. The independent analysis results for the Orbiter Remote Manipulator System (RMS) are documented. The RMS hardware and software are primarily required for deploying and/or retrieving up to five payloads during a single mission, capture and retrieve free-flying payloads, and for performing Manipulator Foot Restraint operations. Specifically, the RMS hardware consists of the following components: end effector; displays and controls; manipulator controller interface unit; arm based electronics; and the arm. The IOA analysis process utilized available RMS hardware drawings, schematics and documents for defining hardware assemblies, components and hardware items. Each level of hardware was evaluated and analyzed for possible failure modes and effects. Criticality was assigned based upon the severity of the effect for each failure mode. Of the 574 failure modes analyzed, 413 were determined to be PCIs.

Restorations in abrasion/erosion cervical lesions: 8-year results of a triple blind randomized controlled trial.

PubMed

Dall'Orologio, Giovanni Dondi; Lorenzi, Roberta

2014-10-01

An equivalence randomized controlled trial within the subject was organized to evaluate the clinical long-term success of a new 2-step etch & rinse adhesive and a new nano-filled ormocer. 50 subjects, 21 males and 29 females aged between 21 and 65, were randomized to receive 150 restorations, 100 with the new restorative material, 50 with the composite as control, placed in non-carious cervical lesions with the same bonding system. The main outcome measure was the cause of failure at 8 years. Randomization was number table-generated, with allocation concealment by opaque sequentially numbered sealed and stapled envelopes. Subjects, examiner, and analyst were blinded to group assignment. Two interim analyses were performed. Data were analyzed by ANOVA and Cox test (P < 0.05). After 8 years, 40 subjects and 120 teeth were included in the analysis of the primary outcome. There were eight failures in the experimental group and four failures in the control group. The cumulative loss rate was 7% for both restorative materials, with the annual failure lower than 1%, without any statistically significant difference. There were two key elements of failure: the presence of sclerotic dentin and the relationship between lesion and gingival margin.

14 CFR 29.729 - Retracting mechanism.

Code of Federal Regulations, 2014 CFR

2014-01-01

... loads occurring during retraction and extension at any airspeed up to the design maximum landing gear... of— (1) Any reasonably probable failure in the normal retraction system; or (2) The failure of any... location and operation of the retraction control must meet the requirements of §§ 29.777 and 29.779. (g...

14 CFR 27.729 - Retracting mechanism.

Code of Federal Regulations, 2010 CFR

2010-01-01

... loads occurring during retraction and extension at any airspeed up to the design maximum landing gear... of— (1) Any reasonably probable failure in the normal retraction system; or (2) The failure of any... location and operation of the retraction control must meet the requirements of §§ 27.777 and 27.779. (g...

14 CFR 29.729 - Retracting mechanism.

Code of Federal Regulations, 2012 CFR

2012-01-01

... loads occurring during retraction and extension at any airspeed up to the design maximum landing gear... of— (1) Any reasonably probable failure in the normal retraction system; or (2) The failure of any... location and operation of the retraction control must meet the requirements of §§ 29.777 and 29.779. (g...

14 CFR 27.729 - Retracting mechanism.

Code of Federal Regulations, 2013 CFR

2013-01-01

... loads occurring during retraction and extension at any airspeed up to the design maximum landing gear... of— (1) Any reasonably probable failure in the normal retraction system; or (2) The failure of any... location and operation of the retraction control must meet the requirements of §§ 27.777 and 27.779. (g...

14 CFR 29.729 - Retracting mechanism.

Code of Federal Regulations, 2011 CFR

2011-01-01

... loads occurring during retraction and extension at any airspeed up to the design maximum landing gear... of— (1) Any reasonably probable failure in the normal retraction system; or (2) The failure of any... location and operation of the retraction control must meet the requirements of §§ 29.777 and 29.779. (g...

14 CFR 29.729 - Retracting mechanism.

Code of Federal Regulations, 2013 CFR

2013-01-01

... loads occurring during retraction and extension at any airspeed up to the design maximum landing gear... of— (1) Any reasonably probable failure in the normal retraction system; or (2) The failure of any... location and operation of the retraction control must meet the requirements of §§ 29.777 and 29.779. (g...

14 CFR 27.729 - Retracting mechanism.

Code of Federal Regulations, 2012 CFR

2012-01-01

... loads occurring during retraction and extension at any airspeed up to the design maximum landing gear... of— (1) Any reasonably probable failure in the normal retraction system; or (2) The failure of any... location and operation of the retraction control must meet the requirements of §§ 27.777 and 27.779. (g...

14 CFR 27.729 - Retracting mechanism.

Code of Federal Regulations, 2011 CFR

2011-01-01

... loads occurring during retraction and extension at any airspeed up to the design maximum landing gear... of— (1) Any reasonably probable failure in the normal retraction system; or (2) The failure of any... location and operation of the retraction control must meet the requirements of §§ 27.777 and 27.779. (g...

14 CFR 27.729 - Retracting mechanism.

Code of Federal Regulations, 2014 CFR

2014-01-01

... loads occurring during retraction and extension at any airspeed up to the design maximum landing gear... of— (1) Any reasonably probable failure in the normal retraction system; or (2) The failure of any... location and operation of the retraction control must meet the requirements of §§ 27.777 and 27.779. (g...

14 CFR 29.729 - Retracting mechanism.

Code of Federal Regulations, 2010 CFR

2010-01-01

... loads occurring during retraction and extension at any airspeed up to the design maximum landing gear... of— (1) Any reasonably probable failure in the normal retraction system; or (2) The failure of any... location and operation of the retraction control must meet the requirements of §§ 29.777 and 29.779. (g...

33 CFR 164.25 - Tests before entering or getting underway.

Code of Federal Regulations, 2014 CFR

2014-07-01

... emergency lighting and power systems in vessel control and propulsion machinery spaces. (5) Main propulsion...) The main steering gear from the alternative power supply, if installed. (iv) Each rudder angle... power failure alarm. (vi) Each remote steering gear power unit failure alarm. (vii) The full movement of...

33 CFR 164.25 - Tests before entering or getting underway.

Code of Federal Regulations, 2012 CFR

2012-07-01

... emergency lighting and power systems in vessel control and propulsion machinery spaces. (5) Main propulsion...) The main steering gear from the alternative power supply, if installed. (iv) Each rudder angle... power failure alarm. (vi) Each remote steering gear power unit failure alarm. (vii) The full movement of...

Quality control of inkjet technology for DNA microarray fabrication.

PubMed

Pierik, Anke; Dijksman, Frits; Raaijmakers, Adrie; Wismans, Ton; Stapert, Henk

2008-12-01

A robust manufacturing process is essential to make high-quality DNA microarrays, especially for use in diagnostic tests. We investigated different failure modes of the inkjet printing process used to manufacture low-density microarrays. A single nozzle inkjet spotter was provided with two optical imaging systems, monitoring in real time the flight path of every droplet. If a droplet emission failure is detected, the printing process is automatically stopped. We analyzed over 1.3 million droplets. This information was used to investigate the performance of the inkjet system and to obtain detailed insight into the frequency and causes of jetting failures. Of all the substrates investigated, 96.2% were produced without any system or jetting failures. In 1.6% of the substrates, droplet emission failed and was correctly identified. Appropriate measures could then be taken to get the process back on track. In 2.2%, the imaging systems failed while droplet emission occurred correctly. In 0.1% of the substrates, droplet emission failure that was not timely detected occurred. Thus, the overall yield of the microarray manufacturing process was 99.9%, which is highly acceptable for prototyping.

Man-rated flight software for the F-8 DFBW program

NASA Technical Reports Server (NTRS)

Bairnsfather, R. R.

1976-01-01

The design, implementation, and verification of the flight control software used in the F-8 DFBW program are discussed. Since the DFBW utilizes an Apollo computer and hardware, the procedures, controls, and basic management techniques employed are based on those developed for the Apollo software system. Program assembly control, simulator configuration control, erasable-memory load generation, change procedures and anomaly reporting are discussed. The primary verification tools are described, as well as the program test plans and their implementation on the various simulators. Failure effects analysis and the creation of special failure generating software for testing purposes are described.

Pilots Rate Augmented Generalized Predictive Control for Reconfiguration

NASA Technical Reports Server (NTRS)

Soloway, Don; Haley, Pam

2004-01-01

The objective of this paper is to report the results from the research being conducted in reconfigurable fight controls at NASA Ames. A study was conducted with three NASA Dryden test pilots to evaluate two approaches of reconfiguring an aircraft's control system when failures occur in the control surfaces and engine. NASA Ames is investigating both a Neural Generalized Predictive Control scheme and a Neural Network based Dynamic Inverse controller. This paper highlights the Predictive Control scheme where a simple augmentation to reduce zero steady-state error led to the neural network predictor model becoming redundant for the task. Instead of using a neural network predictor model, a nominal single point linear model was used and then augmented with an error corrector. This paper shows that the Generalized Predictive Controller and the Dynamic Inverse Neural Network controller perform equally well at reconfiguration, but with less rate requirements from the actuators. Also presented are the pilot ratings for each controller for various failure scenarios and two samples of the required control actuation during reconfiguration. Finally, the paper concludes by stepping through the Generalized Predictive Control's reconfiguration process for an elevator failure.

Adaptive Controller Effects on Pilot Behavior

NASA Technical Reports Server (NTRS)

Trujillo, Anna C.; Gregory, Irene M.; Hempley, Lucas E.

2014-01-01

Adaptive control provides robustness and resilience for highly uncertain, and potentially unpredictable, flight dynamics characteristic. Some of the recent flight experiences of pilot-in-the-loop with an adaptive controller have exhibited unpredicted interactions. In retrospect, this is not surprising once it is realized that there are now two adaptive controllers interacting, the software adaptive control system and the pilot. An experiment was conducted to categorize these interactions on the pilot with an adaptive controller during control surface failures. One of the objectives of this experiment was to determine how the adaptation time of the controller affects pilots. The pitch and roll errors, and stick input increased for increasing adaptation time and during the segment when the adaptive controller was adapting. Not surprisingly, altitude, cross track and angle deviations, and vertical velocity also increase during the failure and then slowly return to pre-failure levels. Subjects may change their behavior even as an adaptive controller is adapting with additional stick inputs. Therefore, the adaptive controller should adapt as fast as possible to minimize flight track errors. This will minimize undesirable interactions between the pilot and the adaptive controller and maintain maneuvering precision.

Hybrid neural intelligent system to predict business failure in small-to-medium-size enterprises.

PubMed

Borrajo, M Lourdes; Baruque, Bruno; Corchado, Emilio; Bajo, Javier; Corchado, Juan M

2011-08-01

During the last years there has been a growing need of developing innovative tools that can help small to medium sized enterprises to predict business failure as well as financial crisis. In this study we present a novel hybrid intelligent system aimed at monitoring the modus operandi of the companies and predicting possible failures. This system is implemented by means of a neural-based multi-agent system that models the different actors of the companies as agents. The core of the multi-agent system is a type of agent that incorporates a case-based reasoning system and automates the business control process and failure prediction. The stages of the case-based reasoning system are implemented by means of web services: the retrieval stage uses an innovative weighted voting summarization of self-organizing maps ensembles-based method and the reuse stage is implemented by means of a radial basis function neural network. An initial prototype was developed and the results obtained related to small and medium enterprises in a real scenario are presented.

Canonical failure modes of real-time control systems: insights from cognitive theory

NASA Astrophysics Data System (ADS)

Wallace, Rodrick

2016-04-01

Newly developed necessary conditions statistical models from cognitive theory are applied to generalisation of the data-rate theorem for real-time control systems. Rather than graceful degradation under stress, automatons and man/machine cockpits appear prone to characteristic sudden failure under demanding fog-of-war conditions. Critical dysfunctions span a spectrum of phase transition analogues, ranging from a ground state of 'all targets are enemies' to more standard data-rate instabilities. Insidious pathologies also appear possible, akin to inattentional blindness consequent on overfocus on an expected pattern. Via no-free-lunch constraints, different equivalence classes of systems, having structure and function determined by 'market pressures', in a large sense, will be inherently unreliable under different but characteristic canonical stress landscapes, suggesting that deliberate induction of failure may often be relatively straightforward. Focusing on two recent military case histories, these results provide a caveat emptor against blind faith in the current path-dependent evolutionary trajectory of automation for critical real-time processes.

FEMA and RAM Analysis for the Multi Canister Overpack (MCO) Handling Machine

DOE Office of Scientific and Technical Information (OSTI.GOV)

SWENSON, C.E.

2000-06-01

The Failure Modes and Effects Analysis and the Reliability, Availability, and Maintainability Analysis performed for the Multi-Canister Overpack Handling Machine (MHM) has shown that the current design provides for a safe system, but the reliability of the system (primarily due to the complexity of the interlocks and permissive controls) is relatively low. No specific failure modes were identified where significant consequences to the public occurred, or where significant impact to nearby workers should be expected. The overall reliability calculation for the MHM shows a 98.1 percent probability of operating for eight hours without failure, and an availability of the MHMmore » of 90 percent. The majority of the reliability issues are found in the interlocks and controls. The availability of appropriate spare parts and maintenance personnel, coupled with well written operating procedures, will play a more important role in successful mission completion for the MHM than other less complicated systems.« less

Emergency Flight Control Using Computer-Controlled Thrust

NASA Technical Reports Server (NTRS)

Burcham, Frank W., Jr.; Fullerton, C. Gordon; Stewart, James F.; Gilyard, Glenn B.; Conley, Joseph A.

1995-01-01

Propulsion Controlled Aircraft (PCA) systems are digital electronic control systems undergoing development to provide limited maneuvering ability through variations of individual engine thrusts in multiple-engine airplanes. Provide landing capability when control surfaces inoperable. Incorporated on existing and future airplanes that include digital engine controls, digital flight controls, and digital data buses, adding no weight for additional hardware to airplane. Possible to handle total failure of hydraulic system, depending on how surfaces respond to loss of hydraulic pressure, and broken control cables or linkages. Future airplanes incorporate data from Global Positioning System for guidance to any suitable emergency runway in world.

14 CFR 29.687 - Spring devices.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 14 Aeronautics and Space 1 2010-01-01 2010-01-01 false Spring devices. 29.687 Section 29.687... STANDARDS: TRANSPORT CATEGORY ROTORCRAFT Design and Construction Control Systems § 29.687 Spring devices. (a) Each control system spring device whose failure could cause flutter or other unsafe characteristics...

14 CFR 29.687 - Spring devices.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 14 Aeronautics and Space 1 2011-01-01 2011-01-01 false Spring devices. 29.687 Section 29.687... STANDARDS: TRANSPORT CATEGORY ROTORCRAFT Design and Construction Control Systems § 29.687 Spring devices. (a) Each control system spring device whose failure could cause flutter or other unsafe characteristics...

14 CFR 29.687 - Spring devices.

Code of Federal Regulations, 2012 CFR

2012-01-01

... 14 Aeronautics and Space 1 2012-01-01 2012-01-01 false Spring devices. 29.687 Section 29.687... STANDARDS: TRANSPORT CATEGORY ROTORCRAFT Design and Construction Control Systems § 29.687 Spring devices. (a) Each control system spring device whose failure could cause flutter or other unsafe characteristics...

14 CFR 27.687 - Spring devices.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 14 Aeronautics and Space 1 2010-01-01 2010-01-01 false Spring devices. 27.687 Section 27.687... STANDARDS: NORMAL CATEGORY ROTORCRAFT Design and Construction Control Systems § 27.687 Spring devices. (a) Each control system spring device whose failure could cause flutter or other unsafe characteristics...

14 CFR 27.687 - Spring devices.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 14 Aeronautics and Space 1 2011-01-01 2011-01-01 false Spring devices. 27.687 Section 27.687... STANDARDS: NORMAL CATEGORY ROTORCRAFT Design and Construction Control Systems § 27.687 Spring devices. (a) Each control system spring device whose failure could cause flutter or other unsafe characteristics...

14 CFR 27.687 - Spring devices.

Code of Federal Regulations, 2012 CFR

2012-01-01

... 14 Aeronautics and Space 1 2012-01-01 2012-01-01 false Spring devices. 27.687 Section 27.687... STANDARDS: NORMAL CATEGORY ROTORCRAFT Design and Construction Control Systems § 27.687 Spring devices. (a) Each control system spring device whose failure could cause flutter or other unsafe characteristics...

14 CFR 29.687 - Spring devices.

Code of Federal Regulations, 2014 CFR

2014-01-01

... 14 Aeronautics and Space 1 2014-01-01 2014-01-01 false Spring devices. 29.687 Section 29.687... STANDARDS: TRANSPORT CATEGORY ROTORCRAFT Design and Construction Control Systems § 29.687 Spring devices. (a) Each control system spring device whose failure could cause flutter or other unsafe characteristics...

14 CFR 27.687 - Spring devices.

Code of Federal Regulations, 2014 CFR

2014-01-01

... 14 Aeronautics and Space 1 2014-01-01 2014-01-01 false Spring devices. 27.687 Section 27.687... STANDARDS: NORMAL CATEGORY ROTORCRAFT Design and Construction Control Systems § 27.687 Spring devices. (a) Each control system spring device whose failure could cause flutter or other unsafe characteristics...

7 CFR 735.6 - Suspension, revocation and liquidation.

Code of Federal Regulations, 2011 CFR

2011-01-01

... control and begin an orderly liquidation of such warehouse inventory or provider system data as provided..., DEPARTMENT OF AGRICULTURE REGULATIONS FOR WAREHOUSES REGULATIONS FOR THE UNITED STATES WAREHOUSE ACT General... licensing or provider agreement. (4) Failure to maintain control of the warehouse or provider system. (5...

7 CFR 735.6 - Suspension, revocation and liquidation.

Code of Federal Regulations, 2010 CFR

2010-01-01

... control and begin an orderly liquidation of such warehouse inventory or provider system data as provided..., DEPARTMENT OF AGRICULTURE REGULATIONS FOR WAREHOUSES REGULATIONS FOR THE UNITED STATES WAREHOUSE ACT General... licensing or provider agreement. (4) Failure to maintain control of the warehouse or provider system. (5...

ISS Regenerative Life Support: Challenges and Success in the Quest for Long-Term Habitability in Space

NASA Technical Reports Server (NTRS)

Bazley, Jesse A.

2011-01-01

This presentation will discuss the International Space Station s (ISS) Regenerative Environmental Control and Life Support System (ECLSS) operations with discussion of the on-orbit lessons learned, specifically regarding the challenges that have been faced as the system has expanded with a growing ISS crew. Over the 10 year history of the ISS, there have been numerous challenges, failures, and triumphs in the quest to keep the crew alive and comfortable. Successful operation of the ECLSS not only requires maintenance of the hardware, but also management of the station resources in case of hardware failure or missed re-supply. This involves effective communication between the primary International Partners (NASA and Roskosmos) and the secondary partners (JAXA and ESA) in order to keep a reserve of the contingency consumables and allow for re-supply of failed hardware. The ISS ECLSS utilizes consumables storage for contingency usage as well as longer-term regenerative systems, which allow for conservation of the expensive resources brought up by re-supply vehicles. This long-term hardware, and the interactions with software, was a challenge for Systems Engineers when they were designed and require multiple operational workarounds in order to function continuously. On a day-to-day basis, the ECLSS provides big challenges to the on console controllers. Main challenges involve the utilization of the resources that have been brought up by the visiting vehicles prior to undocking, balance of contributions between the International Partners for both systems and resources, and maintaining balance between the many interdependent systems, which includes providing the resources they need when they need it. The current biggest challenge for ECLSS is the Regenerative ECLSS system, which continuously recycles urine and condensate water into drinking water and oxygen. These systems were brought to full functionality on STS-126 (ULF-2) mission. Through system failures and recovery, the ECLSS console has learned how to balance the water within the systems, store and use water for contingencies, and continue to work with the International Partners for short-term failures. Through these challenges and the system failures, the most important lesson learned has been the importance of redundancy and operational workarounds. It is only because of the flexibility of the hardware and the software that flight controllers have the opportunity to continue operating the system as a whole for mission success.

Compensation of significant parametric uncertainties using sliding mode online learning

NASA Astrophysics Data System (ADS)

Schnetter, Philipp; Kruger, Thomas

An augmented nonlinear inverse dynamics (NID) flight control strategy using sliding mode online learning for a small unmanned aircraft system (UAS) is presented. Because parameter identification for this class of aircraft often is not valid throughout the complete flight envelope, aerodynamic parameters used for model based control strategies may show significant deviations. For the concept of feedback linearization this leads to inversion errors that in combination with the distinctive susceptibility of small UAS towards atmospheric turbulence pose a demanding control task for these systems. In this work an adaptive flight control strategy using feedforward neural networks for counteracting such nonlinear effects is augmented with the concept of sliding mode control (SMC). SMC-learning is derived from variable structure theory. It considers a neural network and its training as a control problem. It is shown that by the dynamic calculation of the learning rates, stability can be guaranteed and thus increase the robustness against external disturbances and system failures. With the resulting higher speed of convergence a wide range of simultaneously occurring disturbances can be compensated. The SMC-based flight controller is tested and compared to the standard gradient descent (GD) backpropagation algorithm under the influence of significant model uncertainties and system failures.

Predicting the Lifetime of Dynamic Networks Experiencing Persistent Random Attacks.

PubMed

Podobnik, Boris; Lipic, Tomislav; Horvatic, Davor; Majdandzic, Antonio; Bishop, Steven R; Eugene Stanley, H

2015-09-21

Estimating the critical points at which complex systems abruptly flip from one state to another is one of the remaining challenges in network science. Due to lack of knowledge about the underlying stochastic processes controlling critical transitions, it is widely considered difficult to determine the location of critical points for real-world networks, and it is even more difficult to predict the time at which these potentially catastrophic failures occur. We analyse a class of decaying dynamic networks experiencing persistent failures in which the magnitude of the overall failure is quantified by the probability that a potentially permanent internal failure will occur. When the fraction of active neighbours is reduced to a critical threshold, cascading failures can trigger a total network failure. For this class of network we find that the time to network failure, which is equivalent to network lifetime, is inversely dependent upon the magnitude of the failure and logarithmically dependent on the threshold. We analyse how permanent failures affect network robustness using network lifetime as a measure. These findings provide new methodological insight into system dynamics and, in particular, of the dynamic processes of networks. We illustrate the network model by selected examples from biology, and social science.

Determination of UAV pre-flight Checklist for flight test purpose using qualitative failure analysis

NASA Astrophysics Data System (ADS)

Hendarko; Indriyanto, T.; Syardianto; Maulana, F. A.

2018-05-01

Safety aspects are of paramount importance in flight, especially in flight test phase. Before performing any flight tests of either manned or unmanned aircraft, one should include pre-flight checklists as a required safety document in the flight test plan. This paper reports on the development of a new approach for determination of pre-flight checklists for UAV flight test based on aircraft’s failure analysis. The Lapan’s LSA (Light Surveillance Aircraft) is used as a study case, assuming this aircraft has been transformed into the unmanned version. Failure analysis is performed on LSA using fault tree analysis (FTA) method. Analysis is focused on propulsion system and flight control system, which fail of these systems will lead to catastrophic events. Pre-flight checklist of the UAV is then constructed based on the basic causes obtained from failure analysis.

Predictive fault-tolerant control of an all-thruster satellite in 6-DOF motion via neural network model updating

NASA Astrophysics Data System (ADS)

Tavakoli, M. M.; Assadian, N.

2018-03-01

The problem of controlling an all-thruster spacecraft in the coupled translational-rotational motion in presence of actuators fault and/or failure is investigated in this paper. The nonlinear model predictive control approach is used because of its ability to predict the future behavior of the system. The fault/failure of the thrusters changes the mapping between the commanded forces to the thrusters and actual force/torque generated by the thruster system. Thus, the basic six degree-of-freedom kinetic equations are separated from this mapping and a set of neural networks are trained off-line to learn the kinetic equations. Then, two neural networks are attached to these trained networks in order to learn the thruster commands to force/torque mappings on-line. Different off-nominal conditions are modeled so that neural networks can detect any failure and fault, including scale factor and misalignment of thrusters. A simple model of the spacecraft relative motion is used in MPC to decrease the computational burden. However, a precise model by the means of orbit propagation including different types of perturbation is utilized to evaluate the usefulness of the proposed approach in actual conditions. The numerical simulation shows that this method can successfully control the all-thruster spacecraft with ON-OFF thrusters in different combinations of thruster fault and/or failure.

The Hamiltonian and Lagrangian approaches to the dynamics of nonholonomic systems

NASA Astrophysics Data System (ADS)

Koon, Wang Sang; Marsden, Jerrold E.

1997-08-01

This paper compares the Hamiltonian approach to systems with nonholonomic constraints (see [31, 2, 4, 29] and references therein) with the Lagrangian approach (see [16, 27, 9]). There are many differences in the approaches and each has its own advantages; some structures have been discovered on one side and their analogues on the other side are interesting to clarify. For example, the momentum equation and the reconstruction equation were first found on the Lagrangian side and are useful for the control theory of these systems, while the failure of the reduced two-form to be closed (i.e., the failure of the Poisson bracket to satisfy the Jacobi identity) was first noticed on the Hamiltonian side. Clarifying the relation between these approaches is important for the future development of the control theory and stability and bifurcation theory for such systems. In addition to this work, we treat, in this unified framework, a simplified model of the bicycle (see [12, 13]), which is an important underactuated (nonminimum phase) control system.

Conversion of Questionnaire Data

DOE Office of Scientific and Technical Information (OSTI.GOV)

Powell, Danny H; Elwood Jr, Robert H

During the survey, respondents are asked to provide qualitative answers (well, adequate, needs improvement) on how well material control and accountability (MC&A) functions are being performed. These responses can be used to develop failure probabilities for basic events performed during routine operation of the MC&A systems. The failure frequencies for individual events may be used to estimate total system effectiveness using a fault tree in a probabilistic risk analysis (PRA). Numeric risk values are required for the PRA fault tree calculations that are performed to evaluate system effectiveness. So, the performance ratings in the questionnaire must be converted to relativemore » risk values for all of the basic MC&A tasks performed in the facility. If a specific material protection, control, and accountability (MPC&A) task is being performed at the 'perfect' level, the task is considered to have a near zero risk of failure. If the task is performed at a less than perfect level, the deficiency in performance represents some risk of failure for the event. As the degree of deficiency in performance increases, the risk of failure increases. If a task that should be performed is not being performed, that task is in a state of failure. The failure probabilities of all basic events contribute to the total system risk. Conversion of questionnaire MPC&A system performance data to numeric values is a separate function from the process of completing the questionnaire. When specific questions in the questionnaire are answered, the focus is on correctly assessing and reporting, in an adjectival manner, the actual performance of the related MC&A function. Prior to conversion, consideration should not be given to the numeric value that will be assigned during the conversion process. In the conversion process, adjectival responses to questions on system performance are quantified based on a log normal scale typically used in human error analysis (see A.D. Swain and H.E. Guttmann, 'Handbook of Human Reliability Analysis with Emphasis on Nuclear Power Plant Applications,' NUREG/CR-1278). This conversion produces the basic event risk of failure values required for the fault tree calculations. The fault tree is a deductive logic structure that corresponds to the operational nuclear MC&A system at a nuclear facility. The conventional Delphi process is a time-honored approach commonly used in the risk assessment field to extract numerical values for the failure rates of actions or activities when statistically significant data is absent.« less

Character and temporal evolution of apoptosis in acetaminophen-induced acute liver failure*.

PubMed

Possamai, Lucia A; McPhail, Mark J W; Quaglia, Alberto; Zingarelli, Valentina; Abeles, R Daniel; Tidswell, Robert; Puthucheary, Zudin; Rawal, Jakirty; Karvellas, Constantine J; Leslie, Elaine M; Hughes, Robin D; Ma, Yun; Jassem, Wayel; Shawcross, Debbie L; Bernal, William; Dharwan, Anil; Heaton, Nigel D; Thursz, Mark; Wendon, Julia A; Mitry, Ragai R; Antoniades, Charalambos G

2013-11-01

To evaluate the role of hepatocellular and extrahepatic apoptosis during the evolution of acetaminophen-induced acute liver failure. A prospective observational study in two tertiary liver transplant units. Eighty-eight patients with acetaminophen-induced acute liver failure were recruited. Control groups included patients with nonacetaminophen-induced acute liver failure (n = 13), nonhepatic multiple organ failure (n = 28), chronic liver disease (n = 19), and healthy controls (n = 11). Total and caspase-cleaved cytokeratin-18 (M65 and M30) measured at admission and sequentially on days 3, 7, and 10 following admission. Levels were also determined from hepatic vein, portal vein, and systemic arterial blood in seven patients undergoing transplantation. Protein arrays of liver homogenates from patients with acetaminophen-induced acute liver failure were assessed for apoptosis-associated proteins, and histological assessment of liver tissue was performed. Admission M30 levels were significantly elevated in acetaminophen-induced acute liver failure and non-acetaminophen induced acute liver failure patients compared with multiple organ failure, chronic liver disease, and healthy controls. Admission M30 levels correlated with outcome with area under receiver operating characteristic of 0.755 (0.639-0.885, p < 0.001). Peak levels in patients with acute liver failure were seen at admission then fell significantly but did not normalize over 10 days. A negative gradient of M30 from the portal to hepatic vein was demonstrated in patients with acetaminophen-induced acute liver failure (p = 0.042) at the time of liver transplant. Analysis of protein array data demonstrated lower apoptosis-associated protein and higher catalase concentrations in acetaminophen-induced acute liver failure compared with controls (p < 0.05). Explant histological analysis revealed evidence of cellular proliferation with an absence of histological evidence of apoptosis. Hepatocellular apoptosis occurs in the early phases of human acetaminophen-induced acute liver failure, peaking on day 1 of hospital admission, and correlates strongly with poor outcome. Hepatic regenerative/tissue repair responses prevail during the later stages of acute liver failure where elevated levels of M30 are likely to reflect epithelial cell death in extrahepatic organs.

High Reliability Engine Control Demonstrated for Aircraft Engines

NASA Technical Reports Server (NTRS)

Guo, Ten-Huei

1999-01-01

For a dual redundant-control system, which is typical for short-haul aircraft, if a failure is detected in a control sensor, the engine control is transferred to a safety mode and an advisory is issued for immediate maintenance action to replace the failed sensor. The safety mode typically results in severely degraded engine performance. The goal of the High Reliability Engine Control (HREC) program was to demonstrate that the neural-network-based sensor validation technology can safely operate an engine by using the nominal closed-loop control during and after sensor failures. With this technology, engine performance could be maintained, and the sensor could be replaced as a conveniently scheduled maintenance action.

Preventing Spacecraft Failures Due to Tribological Problems

NASA Technical Reports Server (NTRS)

Fusaro, Robert L.

2001-01-01

Many mechanical failures that occur on spacecraft are caused by tribological problems. This publication presents a study that was conducted by the author on various preventatives, analyses, controls and tests (PACTs) that could be used to prevent spacecraft mechanical system failure. A matrix is presented in the paper that plots tribology failure modes versus various PACTs that should be performed before a spacecraft is launched in order to insure success. A strawman matrix was constructed by the author and then was sent out to industry and government spacecraft designers, scientists and builders of spacecraft for their input. The final matrix is the result of their input. In addition to the matrix, this publication describes the various PACTs that can be performed and some fundamental knowledge on the correct usage of lubricants for spacecraft applications. Even though the work was done specifically to prevent spacecraft failures the basic methodology can be applied to other mechanical system areas.

Increase of CD69, CD161 and CD94 on NK cells in women with recurrent spontaneous abortion and in vitro fertilization failure.

PubMed

Ghafourian, Mehri; Karami, Najmeh; Khodadadi, Ali; Nikbakht, Roshan

2014-06-01

Recurrent spontaneous abortion (RSA) and in vitro fertilization (IVF) failure with unknown causes are the controversial issues that are probably related to the immune system. To compare circulating NK cells expressing activation and inhibition surface markers between patients with RSA and IVF failure with those of healthy multiparous and successful IVF control women, respectively. In this case-control study peripheral blood samples were collected from 43 patients who included 23 women with RSA and 20 with IVF failure, plus 43 healthy control women comprising of 36 normal multiparous women and seven women with successful IVF. The expression of CD69, CD94 and CD161 surface markers on CD56+NK cells were assessed using specific monoclonal antibodies by flowcytometry. The percentage of NK cells increased significantly in patients with RSA and in women with IVF failure in comparison to healthy multiparous and successful IVF control groups (p<0.001). The overall expression of CD69, CD94, CD161 were also increased significantly on NK cells in both patient groups compared to control groups (p<0.001). Elevated expression of CD69 and CD161 on NK cells can be considered as immunological risk markers in RSA and IVF failure. However, it is not clear if high expression of CD94 on peripheral blood NK cells is related to abnormal activity of endometrial NK cells.

A remote monitoring and telephone nurse coaching intervention to reduce readmissions among patients with heart failure: study protocol for the Better Effectiveness After Transition - Heart Failure (BEAT-HF) randomized controlled trial.

PubMed

Black, Jeanne T; Romano, Patrick S; Sadeghi, Banafsheh; Auerbach, Andrew D; Ganiats, Theodore G; Greenfield, Sheldon; Kaplan, Sherrie H; Ong, Michael K

2014-04-13

Heart failure is a prevalent health problem associated with costly hospital readmissions. Transitional care programs have been shown to reduce readmissions but are costly to implement. Evidence regarding the effectiveness of telemonitoring in managing the care of this chronic condition is mixed. The objective of this randomized controlled comparative effectiveness study is to evaluate the effectiveness of a care transition intervention that includes pre-discharge education about heart failure and post-discharge telephone nurse coaching combined with home telemonitoring of weight, blood pressure, heart rate, and symptoms in reducing all-cause 180-day hospital readmissions for older adults hospitalized with heart failure. A multi-center, randomized controlled trial is being conducted at six academic health systems in California. A total of 1,500 patients aged 50 years and older will be enrolled during a hospitalization for treatment of heart failure. Patients in the intervention group will receive intensive patient education using the 'teach-back' method and receive instruction in using the telemonitoring equipment. Following hospital discharge, they will receive a series of nine scheduled health coaching telephone calls over 6 months from nurses located in a centralized call center. The nurses also will call patients and patients' physicians in response to alerts generated by the telemonitoring system, based on predetermined parameters. The primary outcome is readmission for any cause within 180 days. Secondary outcomes include 30-day readmission, mortality, hospital days, emergency department (ED) visits, hospital cost, and health-related quality of life. BEAT-HF is one of the largest randomized controlled trials of telemonitoring in patients with heart failure, and the first explicitly to adapt the care transition approach and combine it with remote telemonitoring. The study population also includes patients with a wide range of demographic and socioeconomic characteristics. Once completed, the study will be a rich resource of information on how best to use remote technology in the care management of patients with chronic heart failure. ClinicalTrials.gov # NCT01360203.

Risk management of key issues of FPSO

NASA Astrophysics Data System (ADS)

Sun, Liping; Sun, Hai

2012-12-01

Risk analysis of key systems have become a growing topic late of because of the development of offshore structures. Equipment failures of offloading system and fire accidents were analyzed based on the floating production, storage and offloading (FPSO) features. Fault tree analysis (FTA), and failure modes and effects analysis (FMEA) methods were examined based on information already researched on modules of relex reliability studio (RRS). Equipment failures were also analyzed qualitatively by establishing a fault tree and Boolean structure function based on the shortage of failure cases, statistical data, and risk control measures examined. Failure modes of fire accident were classified according to the different areas of fire occurrences during the FMEA process, using risk priority number (RPN) methods to evaluate their severity rank. The qualitative analysis of FTA gave the basic insight of forming the failure modes of FPSO offloading, and the fire FMEA gave the priorities and suggested processes. The research has practical importance for the security analysis problems of FPSO.

Determinants of performance failure in the nursing home industry☆

PubMed Central

Zinn, Jacqueline; Mor, Vincent; Feng, Zhanlian; Intrator, Orna

2013-01-01

This study investigates the determinants of performance failure in U.S. nursing homes. The sample consisted of 91,168 surveys from 10,901 facilities included in the Online Survey Certification and Reporting system from 1996 to 2005. Failed performance was defined as termination from the Medicare and Medicaid programs. Determinants of performance failure were identified as core structural change (ownership change), peripheral change (related diversification), prior financial and quality of care performance, size and environmental shock (Medicaid case mix reimbursement and prospective payment system introduction). Additional control variables that could contribute to the likelihood of performance failure were included in a cross-sectional time series generalized estimating equation logistic regression model. Our results support the contention, derived from structural inertia theory, that where in an organization’s structure change occurs determines whether it is adaptive or disruptive. In addition, while poor prior financial and quality performance and the introduction of case mix reimbursement increases the risk of failure, larger size is protective, decreasing the likelihood of performance failure. PMID:19128865

Determinants of performance failure in the nursing home industry.

PubMed

Zinn, Jacqueline; Mor, Vincent; Feng, Zhanlian; Intrator, Orna

2009-03-01

This study investigates the determinants of performance failure in U.S. nursing homes. The sample consisted of 91,168 surveys from 10,901 facilities included in the Online Survey Certification and Reporting system from 1996 to 2005. Failed performance was defined as termination from the Medicare and Medicaid programs. Determinants of performance failure were identified as core structural change (ownership change), peripheral change (related diversification), prior financial and quality of care performance, size and environmental shock (Medicaid case mix reimbursement and prospective payment system introduction). Additional control variables that could contribute to the likelihood of performance failure were included in a cross-sectional time series generalized estimating equation logistic regression model. Our results support the contention, derived from structural inertia theory, that where in an organization's structure change occurs determines whether it is adaptive or disruptive. In addition, while poor prior financial and quality performance and the introduction of case mix reimbursement increases the risk of failure, larger size is protective, decreasing the likelihood of performance failure.

Independent Orbiter Assessment (IOA): Assessment of the active thermal control system

NASA Technical Reports Server (NTRS)

Sinclair, S. K.

1988-01-01

The results of the Independent Orbiter Assessment (IOA) of the Failure Modes and Effects Analysis (FMEA) and Critical Items List (CIL) are presented. The IOA effort first completed an analysis of the Active Thermal Control System (ATCS) hardware, generating draft failure modes and potential critical items. To preserve independence, this analysis was accomplished without reliance upon the results contained within the NASA FMEA/CIL documentation. The IOA results were then compared to the available NASA FMEA/CIL data. Discrepancies from the comparison were documented, and where enough information was available, recommendations for resolution of the discrepancies were made. This report documents the results of that comparison for the Orbiter ATCS hardware. The IOA product for the ATCS independent analysis consisted of 310 failure mode worksheets that resulted in 101 potential critical items (PCI) being identified. A comparison was made to the available NASA data which consisted of 252 FMEAs and 109 CIL items.

Medium Fidelity Simulation of Oxygen Tank Venting

NASA Technical Reports Server (NTRS)

Sweet, Adam; Kurien, James; Lau, Sonie (Technical Monitor)

2001-01-01

The item to he cleared is a medium-fidelity software simulation model of a vented cryogenic tank. Such tanks are commonly used to transport cryogenic liquids such as liquid oxygen via truck, and have appeared on liquid-fueled rockets for decades. This simulation model works with the HCC simulation system that was developed by Xerox PARC and NASA Ames Research Center. HCC has been previously cleared for distribution. When used with the HCC software, the model generates simulated readings for the tank pressure and temperature as the simulated cryogenic liquid boils off and is vented. Failures (such as a broken vent valve) can be injected into the simulation to produce readings corresponding to the failure. Release of this simulation will allow researchers to test their software diagnosis systems by attempting to diagnose the simulated failure from the simulated readings. This model does not contain any encryption software nor can it perform any control tasks that might be export controlled.

ISS Ammonia Pump Failure, Recovery, and Lesson Learned A Hydrodynamic Bearing Perspective

NASA Technical Reports Server (NTRS)

Bruckner, Robert J.; Manco, Richard A., II

2014-01-01

The design, development, and operation of long duration spaceflight hardware has become an evolutionary process in which meticulous attention to details and lessons learned from previous experiences play a critical role. Invaluable to this process is the ability to retrieve and examine spaceflight hardware that has experienced a premature failure. While these situations are rare and unfortunate, the failure investigation and recovery from the event serve a valuable purpose in advancing future space mechanism development. Such a scenario began on July 31, 2010 with the premature failure of an ammonia pump on the external active thermal control system of the International Space Station. The ground-based inspections of the returned pump and ensuing failure investigation revealed five potential bearing forces that were un-accounted for in the design phase and qualification testing of the pump. These forces could combine in a number of random orientations to overload the pump bearings leading to solid-surface contact, wear, and premature failure. The recovery plan identified one of these five forces as being related to the square of the operating speed of the pump and this fact was used to recover design life through a change in flight rules for the operation of the pump module. Through the course of the failure investigation, recovery, and follow-on assessment of pump wear life, design guidance has been developed to improve the life of future mechanically pumped thermal control systems for both human and robotic exploration missions.

Development of Tailorable Electrically Conductive Thermal Control Material Systems

NASA Technical Reports Server (NTRS)

Deshpande, M. S.; Harada, Y.

1998-01-01

The optical characteristics of surfaces on spacecraft are fundamental parameters in controlling its temperature. Passive thermal control coatings with designed solar absorptance and infrared emittance properties have been developed and been in use for some time. In this total space environment, the coating must be stable and maintain its desired optical properties for the course of the mission lifetime. The mission lifetimes are increasing and in our quest to save weight, newer substrates are being integrated which limit electrical grounding schemes. All of this has already added to the existing concerns about spacecraft charging and related spacecraft failures or operational failures. The concern is even greater for thermal control surfaces that are very large. One way of alleviating such concerns is to design new thermal control material systems (TCMS) that can help to mitigate charging via providing charge leakage paths. The object of this program was to develop two types of passive electrically conductive TCMS.

Dedication of emergency diesel generators` control air subsystem

DOE Office of Scientific and Technical Information (OSTI.GOV)

Harrington, M.; Myers, G.; Palumbo, M.

1994-12-31

In the spring of 1993, the need to upgrade Seabrook Station`s emergency diesel generators` (EDGs`) control air system from nonsafety related to safety related was identified. This need was identified as a result of questions raised by the US Nuclear Regulatory Commission, which was conducting an Electrical Distribution Safety Functional Inspection at Seabrook at that time. The specific reason for the reassignment of safety classification was recognition that failure of the control air supply to the EDGs` jacket cooling water temperature control valves could cause overcooling of the EDGs, which potentially could result in EDG failure during long-term operation. Thismore » paper addresses how the installed control air system was upgraded to safety related using Seabrook`s Commercial Grade Dedication (CGD) Program and how, by using the dedication skills obtained over the past few years, it was done at minimal cost.« less

Development and Evaluation of Fault-Tolerant Flight Control Systems

NASA Technical Reports Server (NTRS)

Song, Yong D.; Gupta, Kajal (Technical Monitor)

2004-01-01

The research is concerned with developing a new approach to enhancing fault tolerance of flight control systems. The original motivation for fault-tolerant control comes from the need for safe operation of control elements (e.g. actuators) in the event of hardware failures in high reliability systems. One such example is modem space vehicle subjected to actuator/sensor impairments. A major task in flight control is to revise the control policy to balance impairment detectability and to achieve sufficient robustness. This involves careful selection of types and parameters of the controllers and the impairment detecting filters used. It also involves a decision, upon the identification of some failures, on whether and how a control reconfiguration should take place in order to maintain a certain system performance level. In this project new flight dynamic model under uncertain flight conditions is considered, in which the effects of both ramp and jump faults are reflected. Stabilization algorithms based on neural network and adaptive method are derived. The control algorithms are shown to be effective in dealing with uncertain dynamics due to external disturbances and unpredictable faults. The overall strategy is easy to set up and the computation involved is much less as compared with other strategies. Computer simulation software is developed. A serious of simulation studies have been conducted with varying flight conditions.

Failure detection and identification

NASA Technical Reports Server (NTRS)

Massoumnia, Mohammad-Ali; Verghese, George C.; Willsky, Alan S.

1989-01-01

Using the geometric concept of an unobservability subspace, a solution is given to the problem of detecting and identifying control system component failures in linear, time-invariant systems. Conditions are developed for the existence of a causal, linear, time-invariant processor that can detect and uniquely identify a component failure, first for the case where components can fail simultaneously, and then for the case where they fail only one at a time. Explicit design algorithms are provided when these conditions are satisfied. In addition to time-domain solvability conditions, frequency-domain interpretations of the results are given, and connections are drawn with results already available in the literature.

Syndromic surveillance for health information system failures: a feasibility study.

PubMed

Ong, Mei-Sing; Magrabi, Farah; Coiera, Enrico

2013-05-01

To explore the applicability of a syndromic surveillance method to the early detection of health information technology (HIT) system failures. A syndromic surveillance system was developed to monitor a laboratory information system at a tertiary hospital. Four indices were monitored: (1) total laboratory records being created; (2) total records with missing results; (3) average serum potassium results; and (4) total duplicated tests on a patient. The goal was to detect HIT system failures causing: data loss at the record level; data loss at the field level; erroneous data; and unintended duplication of data. Time-series models of the indices were constructed, and statistical process control charts were used to detect unexpected behaviors. The ability of the models to detect HIT system failures was evaluated using simulated failures, each lasting for 24 h, with error rates ranging from 1% to 35%. In detecting data loss at the record level, the model achieved a sensitivity of 0.26 when the simulated error rate was 1%, while maintaining a specificity of 0.98. Detection performance improved with increasing error rates, achieving a perfect sensitivity when the error rate was 35%. In the detection of missing results, erroneous serum potassium results and unintended repetition of tests, perfect sensitivity was attained when the error rate was as small as 5%. Decreasing the error rate to 1% resulted in a drop in sensitivity to 0.65-0.85. Syndromic surveillance methods can potentially be applied to monitor HIT systems, to facilitate the early detection of failures.

On the design of fault-tolerant robotic manipulator systems

NASA Technical Reports Server (NTRS)

Tesar, Delbert

1993-01-01

Robotic systems are finding increasing use in space applications. Many of these devices are going to be operational on board the Space Station Freedom. Fault tolerance has been deemed necessary because of the criticality of the tasks and the inaccessibility of the systems to maintenance and repair. Design for fault tolerance in manipulator systems is an area within robotics that is without precedence in the literature. In this paper, we will attempt to lay down the foundations for such a technology. Design for fault tolerance demands new and special approaches to design, often at considerable variance from established design practices. These design aspects, together with reliability evaluation and modeling tools, are presented. Mechanical architectures that employ protective redundancies at many levels and have a modular architecture are then studied in detail. Once a mechanical architecture for fault tolerance has been derived, the chronological stages of operational fault tolerance are investigated. Failure detection, isolation, and estimation methods are surveyed, and such methods for robot sensors and actuators are derived. Failure recovery methods are also presented for each of the protective layers of redundancy. Failure recovery tactics often span all of the layers of a control hierarchy. Thus, a unified framework for decision-making and control, which orchestrates both the nominal redundancy management tasks and the failure management tasks, has been derived. The well-developed field of fault-tolerant computers is studied next, and some design principles relevant to the design of fault-tolerant robot controllers are abstracted. Conclusions are drawn, and a road map for the design of fault-tolerant manipulator systems is laid out with recommendations for a 10 DOF arm with dual actuators at each joint.

Effect of radiotherapy, adhesive systems and doxycycline on the bond strength of the dentin-composite interface.

PubMed

Freitas Soares, Eveline; Zago Naves, Lucas; Bertolazzo Correr, Américo; Costa, Ana Rosa; Consani, Simonides; Soares, Carlos José; Garcia-Godoy, Franklin; Correr-Sobrinho, Lourenço

2016-12-01

To investigate the effect of radiotherapy, doxycycline and adhesive systems on the microtensile bond strength (μTBS) of the dentin-composite interface. 60 human third molars were sectioned to expose middle dentin surface and distributed according to: (1) adhesive system (Adper Scotchbond MP and Clearfil SE Bond) applied, (2) application or not of doxycycline, and (3) submission to 60 Gy total radiation (2 Gy daily doses, 5 days/week for 6 weeks) before restoration procedure (RtRes); after restoration procedure (ResRt) or not submitted to radiotherapy (Control group). Specimens were tested for μTBS and mode of failure were evaluated under optical microscopy. The bonding interface was evaluated with a scanning electron microscope (SEM). Data was submitted to three-way ANOVA and Tukey's test (α= 0.05). There was no significant difference between the μTBS (MPa) of Adper Scotchbond MP (25.5±11.1) and Clearfil SE (27.6±9.1). Control (30.5±10.9) and ResRt (29.2±10.4) presented μTBS significantly higher than RtRes (23.1±7.2). Doxycycline (21.7±7.6) significantly reduced μTBS compared to groups without doxycycline application (33.6±8.6). Dentin cohesive failure mode was predominant for RtRes and mixed failure mode for ResRt. Mixed and adhesive failures were frequently observed in control groups. SEM showed adhesive penetration in dentin tubules in all groups, regardless of the radiotherapy and the application of doxycycline. The radiotherapy before composite restoration procedure decreased the μTBS. No statistical difference was observed between the adhesive systems. The doxycycline reduced μTBS regardless of the other conditions. Composite restoration procedure should be done before radiotherapy, regardless of the adhesive system used.

On-clip high frequency reliability and failure test structures

DOEpatents

Snyder, Eric S.; Campbell, David V.

1997-01-01

Self-stressing test structures for realistic high frequency reliability characterizations. An on-chip high frequency oscillator, controlled by DC signals from off-chip, provides a range of high frequency pulses to test structures. The test structures provide information with regard to a variety of reliability failure mechanisms, including hot-carriers, electromigration, and oxide breakdown. The system is normally integrated at the wafer level to predict the failure mechanisms of the production integrated circuits on the same wafer.

Robust dynamic inversion controller design and analysis (using the X-38 vehicle as a case study)

NASA Astrophysics Data System (ADS)

Ito, Daigoro

A new way to approach robust Dynamic Inversion controller synthesis is addressed in this paper. A Linear Quadratic Gaussian outer-loop controller improves the robustness of a Dynamic Inversion inner-loop controller in the presence of uncertainties. Desired dynamics are given by the dynamic compensator, which shapes the loop. The selected dynamics are based on both performance and stability robustness requirements. These requirements are straightforwardly formulated as frequency-dependent singular value bounds during synthesis of the controller. Performance and robustness of the designed controller is tested using a worst case time domain quadratic index, which is a simple but effective way to measure robustness due to parameter variation. Using this approach, a lateral-directional controller for the X-38 vehicle is designed and its robustness to parameter variations and disturbances is analyzed. It is found that if full state measurements are available, the performance of the designed lateral-directional control system, measured by the chosen cost function, improves by approximately a factor of four. Also, it is found that the designed system is stable up to a parametric variation of 1.65 standard deviation with the set of uncertainty considered. The system robustness is determined to be highly sensitive to the dihedral derivative and the roll damping coefficients. The controller analysis is extended to the nonlinear system where both control input displacements and rates are bounded. In this case, the considered nonlinear system is stable up to 48.1° in bank angle and 1.59° in sideslip angle variations, indicating it is more sensitive to variations in sideslip angle than in bank angle. This nonlinear approach is further extended for the actuator failure mode analysis. The results suggest that the designed system maintains a high level of stability in the event of aileron failure. However, only 35% or less of the original stability range is maintained for the rudder failure case. Overall, this combination of controller synthesis and robustness criteria compares well with the mu-synthesis technique. It also is readily accessible to the practicing engineer, in terms of understanding and use.

14 CFR 33.28 - Engine control systems.

Code of Federal Regulations, 2010 CFR

2010-01-01

...) Applicability. These requirements are applicable to any system or device that is part of engine type design...) Aircraft-supplied data. Single failures leading to loss, interruption or corruption of aircraft-supplied...

14 CFR 33.28 - Engine control systems.

Code of Federal Regulations, 2012 CFR

2012-01-01

...) Applicability. These requirements are applicable to any system or device that is part of engine type design...) Aircraft-supplied data. Single failures leading to loss, interruption or corruption of aircraft-supplied...

14 CFR 33.28 - Engine control systems.

Code of Federal Regulations, 2011 CFR

2011-01-01

...) Applicability. These requirements are applicable to any system or device that is part of engine type design...) Aircraft-supplied data. Single failures leading to loss, interruption or corruption of aircraft-supplied...

14 CFR 33.28 - Engine control systems.

Code of Federal Regulations, 2013 CFR

2013-01-01

...) Applicability. These requirements are applicable to any system or device that is part of engine type design...) Aircraft-supplied data. Single failures leading to loss, interruption or corruption of aircraft-supplied...

14 CFR 33.28 - Engine control systems.

Code of Federal Regulations, 2014 CFR

2014-01-01

...) Applicability. These requirements are applicable to any system or device that is part of engine type design...) Aircraft-supplied data. Single failures leading to loss, interruption or corruption of aircraft-supplied...

Fatigue damage accumulation in various metal matrix composites

NASA Technical Reports Server (NTRS)

Johnson, W. S.

1987-01-01

The purpose of this paper is to review some of the latest understanding of the fatigue behavior of continuous fiber reinforced metal matrix composites. The emphasis is on the development of an understanding of different fatigue damage mechanisms and why and how they occur. The fatigue failure modes in continuous fiber reinforced metal matrix composites are controlled by the three constituents of the system: fiber, matrix, and fiber/matrix interface. The relative strains to fatigue failure of the fiber and matrix will determine the failure mode. Several examples of matrix, fiber, and self-similar damage growth dominated fatigue damage are given for several metal matrix composite systems. Composite analysis, failure modes, and damage modeling are discussed. Boron/aluminum, silicon-carbide/aluminum, FP/aluminum, and borsic/titanium metal matrix composites are discussed.

Impact of lightning strikes on hospital functions.

PubMed

Mortelmans, Luc J M; Van Springel, Gert L J; Van Boxstael, Sam; Herrijgers, Jan; Hoflacks, Stefaan

2009-01-01

Two regional hospitals were struck by lightning during a one-month period. The first hospital, which had 236 beds, suffered a direct strike to the building. This resulted in a direct spread of the power peak and temporary failure of the standard power supply. The principle problems, after restoring standard power supply, were with the fire alarm system and peripheral network connections in the digital radiology systems. No direct impact on the hardware could be found. Restarting the servers resolved all problems. The second hospital, which had 436 beds, had a lightning strike on the premises and mainly experienced problems due to induction. All affected installations had a cable connection from outside in one way or another. The power supplies never were endangered. The main problem was the failure of different communication systems (telephone, radio, intercom, fire alarm system). Also, the electronic entrance control went out. During the days after the lightening strike, multiple software problems became apparent, as well as failures of the network connections controlling the technical support systems. There are very few ways to prepare for induction problems. The use of fiber-optic networks can limit damage. To the knowledge of the authors, these are the first cases of lightning striking hospitals in medical literature.

A balance of activity in brain control and reward systems predicts self-regulatory outcomes

PubMed Central

Chen, Pin-Hao A.; Huckins, Jeremy F.; Hofmann, Wilhelm; Kelley, William M.; Heatherton, Todd F.

2017-01-01

Abstract Previous neuroimaging work has shown that increased reward-related activity following exposure to food cues is predictive of self-control failure. The balance model suggests that self-regulation failures result from an imbalance in reward and executive control mechanisms. However, an open question is whether the relative balance of activity in brain systems associated with executive control (vs reward) supports self-regulatory outcomes when people encounter tempting cues in daily life. Sixty-nine chronic dieters, a population known for frequent lapses in self-control, completed a food cue-reactivity task during an fMRI scanning session, followed by a weeklong sampling of daily eating behaviors via ecological momentary assessment. We related participants’ food cue activity in brain systems associated with executive control and reward to real-world eating patterns. Specifically, a balance score representing the amount of activity in brain regions associated with self-regulatory control, relative to automatic reward-related activity, predicted dieters’ control over their eating behavior during the following week. This balance measure may reflect individual self-control capacity and be useful for examining self-regulation success in other domains and populations. PMID:28158874

A balance of activity in brain control and reward systems predicts self-regulatory outcomes.

PubMed

Lopez, Richard B; Chen, Pin-Hao A; Huckins, Jeremy F; Hofmann, Wilhelm; Kelley, William M; Heatherton, Todd F

2017-05-01

Previous neuroimaging work has shown that increased reward-related activity following exposure to food cues is predictive of self-control failure. The balance model suggests that self-regulation failures result from an imbalance in reward and executive control mechanisms. However, an open question is whether the relative balance of activity in brain systems associated with executive control (vs reward) supports self-regulatory outcomes when people encounter tempting cues in daily life. Sixty-nine chronic dieters, a population known for frequent lapses in self-control, completed a food cue-reactivity task during an fMRI scanning session, followed by a weeklong sampling of daily eating behaviors via ecological momentary assessment. We related participants' food cue activity in brain systems associated with executive control and reward to real-world eating patterns. Specifically, a balance score representing the amount of activity in brain regions associated with self-regulatory control, relative to automatic reward-related activity, predicted dieters' control over their eating behavior during the following week. This balance measure may reflect individual self-control capacity and be useful for examining self-regulation success in other domains and populations. © The Author (2017). Published by Oxford University Press.

An improved approach for flight readiness certification: Methodology for failure risk assessment and application examples. Volume 3: Structure and listing of programs

NASA Technical Reports Server (NTRS)

Moore, N. R.; Ebbeler, D. H.; Newlin, L. E.; Sutharshana, S.; Creager, M.

1992-01-01

An improved methodology for quantitatively evaluating failure risk of spaceflight systems to assess flight readiness and identify risk control measures is presented. This methodology, called Probabilistic Failure Assessment (PFA), combines operating experience from tests and flights with engineering analysis to estimate failure risk. The PFA methodology is of particular value when information on which to base an assessment of failure risk, including test experience and knowledge of parameters used in engineering analyses of failure phenomena, is expensive or difficult to acquire. The PFA methodology is a prescribed statistical structure in which engineering analysis models that characterize failure phenomena are used conjointly with uncertainties about analysis parameters and/or modeling accuracy to estimate failure probability distributions for specific failure modes. These distributions can then be modified, by means of statistical procedures of the PFA methodology, to reflect any test or flight experience. Conventional engineering analysis models currently employed for design of failure prediction are used in this methodology. The PFA methodology is described and examples of its application are presented. Conventional approaches to failure risk evaluation for spaceflight systems are discussed, and the rationale for the approach taken in the PFA methodology is presented. The statistical methods, engineering models, and computer software used in fatigue failure mode applications are thoroughly documented.

Man-rated flight software for the F-8 DFBW program

NASA Technical Reports Server (NTRS)

Bairnsfather, R. R.

1975-01-01

The design, implementation, and verification of the flight control software used in the F-8 DFBW program are discussed. Since the DFBW utilizes an Apollo computer and hardware, the procedures, controls, and basic management techniques employed are based on those developed for the Apollo software system. Program Assembly Control, simulator configuration control, erasable-memory load generation, change procedures and anomaly reporting are discussed. The primary verification tools--the all-digital simulator, the hybrid simulator, and the Iron Bird simulator--are described, as well as the program test plans and their implementation on the various simulators. Failure-effects analysis and the creation of special failure-generating software for testing purposes are described. The quality of the end product is evidenced by the F-8 DFBW flight test program in which 42 flights, totaling 58 hours of flight time, were successfully made without any DFCS inflight software, or hardware, failures.

77 FR 44110 - Special Conditions: Agusta S.p.A. Model AW139 and AB139 Helicopter, Installation of a Search and...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-07-27

... must comply with the following: (i) The hoist operator control must be designed and located to provide... failures affecting the control system must be evaluated. (ii) The AFCS must be designed so that it cannot... Helicopter, Installation of a Search and Rescue (SAR) Automatic Flight Control System (AFCS) AGENCY: Federal...

Reliability/safety analysis of a fly-by-wire system

NASA Technical Reports Server (NTRS)

Brock, L. D.; Goddman, H. A.

1980-01-01

An analysis technique has been developed to estimate the reliability of a very complex, safety-critical system by constructing a diagram of the reliability equations for the total system. This diagram has many of the characteristics of a fault-tree or success-path diagram, but is much easier to construct for complex redundant systems. The diagram provides insight into system failure characteristics and identifies the most likely failure modes. A computer program aids in the construction of the diagram and the computation of reliability. Analysis of the NASA F-8 Digital Fly-by-Wire Flight Control System is used to illustrate the technique.

Pilot simulation tests of propulsion control as backup to loss of primary flight controls for a mid-size jet transport

DOT National Transportation Integrated Search

1995-12-01

Partial failures of aircraft primary flight-control systems and structural : damages to aircraft during flight have led to catastrophic accidents with : subsequent loss of life. These accidents can be prevented if sufficient : alternate control autho...

Insulin receptor substrate signaling controls cardiac energy metabolism and heart failure.

PubMed

Guo, Cathy A; Guo, Shaodong

2017-06-01

The heart is an insulin-dependent and energy-consuming organ in which insulin and nutritional signaling integrates to the regulation of cardiac metabolism, growth and survival. Heart failure is highly associated with insulin resistance, and heart failure patients suffer from the cardiac energy deficiency and structural and functional dysfunction. Chronic pathological conditions, such as obesity and type 2 diabetes mellitus, involve various mechanisms in promoting heart failure by remodeling metabolic pathways, modulating cardiac energetics and impairing cardiac contractility. Recent studies demonstrated that insulin receptor substrates 1 and 2 (IRS-1,-2) are major mediators of both insulin and insulin-like growth factor-1 (IGF-1) signaling responsible for myocardial energetics, structure, function and organismal survival. Importantly, the insulin receptor substrates (IRS) play an important role in the activation of the phosphatidylinositide-3-dependent kinase (PI-3K) that controls Akt and Foxo1 signaling cascade, regulating the mitochondrial function, cardiac energy metabolism and the renin-angiotensin system. Dysregulation of this branch in signaling cascades by insulin resistance in the heart through the endocrine system promotes heart failure, providing a novel mechanism for diabetic cardiomyopathy. Therefore, targeting this branch of IRS→PI-3K→Foxo1 signaling cascade and associated pathways may provide a fundamental strategy for the therapeutic and nutritional development in control of metabolic and cardiovascular diseases. In this review, we focus on insulin signaling and resistance in the heart and the role energetics play in cardiac metabolism, structure and function. © 2017 Society for Endocrinology.

Patient engagement with a mobile web-based telemonitoring system for heart failure self-management: a pilot study.

PubMed

Zan, Shiyi; Agboola, Stephen; Moore, Stephanie A; Parks, Kimberly A; Kvedar, Joseph C; Jethwani, Kamal

2015-04-01

Intensive remote monitoring programs for congestive heart failure have been successful in reducing costly readmissions, but may not be appropriate for all patients. There is an opportunity to leverage the increasing accessibility of mobile technologies and consumer-facing digital devices to empower patients in monitoring their own health outside of the hospital setting. The iGetBetter system, a secure Web- and telephone-based heart failure remote monitoring program, which leverages mobile technology and portable digital devices, offers a creative solution at lower cost. The objective of this pilot study was to evaluate the feasibility of using the iGetBetter system for disease self-management in patients with heart failure. This was a single-arm prospective study in which 21 ambulatory, adult heart failure patients used the intervention for heart failure self-management over a 90-day study period. Patients were instructed to take their weight, blood pressure, and heart rate measurements each morning using a WS-30 bluetooth weight scale, a self-inflating blood pressure cuff (Withings LLC, Issy les Moulineaux, France), and an iPad Mini tablet computer (Apple Inc, Cupertino, CA, USA) equipped with cellular Internet connectivity to view their measurements on the Internet. Outcomes assessed included usability and satisfaction, engagement with the intervention, hospital resource utilization, and heart failure-related quality of life. Descriptive statistics were used to summarize data, and matched controls identified from the electronic medical record were used as comparison for evaluating hospitalizations. There were 20 participants (mean age 53 years) that completed the study. Almost all participants (19/20, 95%) reported feeling more connected to their health care team and more confident in performing care plan activities, and 18/20 (90%) felt better prepared to start discussions about their health with their doctor. Although heart failure-related quality of life improved from baseline, it was not statistically significant (P=.55). Over half of the participants had greater than 80% (72/90 days) weekly and overall engagement with the program, and 15% (3/20) used the interactive voice response telephone system exclusively for managing their care plan. Hospital utilization did not differ in the intervention group compared to the control group (planned hospitalizations P=.23, and unplanned hospitalizations P=.99). Intervention participants recorded shorter average length of hospital stay, but no significant differences were observed between intervention and control groups (P=.30). This pilot study demonstrated the feasibility of a low-intensive remote monitoring program leveraging commonly used mobile and portable consumer devices in augmenting care for a fairly young population of ambulatory patients with heart failure. Further prospective studies with a larger sample size and within more diverse patient populations is necessary to determine the effect of mobile-based remote monitoring programs such as the iGetBetter system on clinical outcomes in heart failure.

Understanding and managing the effects of battery charger and inverter aging

NASA Astrophysics Data System (ADS)

Gunther, W.; Aggarwal, S.

An aging assessment of battery chargers and inverters was conducted under the auspices of the NRC's Nuclear Plant Aging Research (NPAR) Program. The intentions of this program are to resolve issues related to the aging and service wear of equipment and systems at operating reactor facilities and to assess their impact on safety. Inverters and battery chargers are used in nuclear power plants to perform significant functions related to plant safety and availability. The specific impact of a battery charger or inverter failure varies with plant configuration. Operating experience data have demonstrated that reactor trips, safety injection system actuations, and inoperable emergency core cooling systems have resulted from inverter failures; and dc bus degradation leading to diesel generator inoperability or loss of control room annunication and indication have resulted from battery and battery charger failures. For the battery charger and inverter, the aging and service wear of subcomponents have contributed significantly to equipment failures. This paper summarizes the data and then describes methods that can be used to detect battery charger and inverter degradation prior to failure, as well as methods to minimize the failure effects. In both cases, the managing of battery charger and inverter aging is emphasized.

SU-E-T-495: Neutron Induced Electronics Failure Rate Analysis for a Single Room Proton Accelerator

DOE Office of Scientific and Technical Information (OSTI.GOV)

Knutson, N; DeWees, T; Klein, E

2014-06-01

Purpose: To determine the failure rate as a function of neutron dose of the range modulator's servo motor controller system (SMCS) while shielded with Borated Polyethylene (BPE) and unshielded in a single room proton accelerator. Methods: Two experimental setups were constructed using two servo motor controllers and two motors. Each SMCS was then placed 30 cm from the end of the plugged proton accelerator applicator. The motor was then turned on and observed from outside of the vault while being irradiated to known neutron doses determined from bubble detector measurements. Anytime the motor deviated from the programmed motion a failuremore » was recorded along with the delivered dose. The experiment was repeated using 9 cm of BPE shielding surrounding the SMCS. Results: Ten SMCS failures were recorded in each experiment. The dose per monitor unit for the unshielded SMCS was 0.0211 mSv/MU and 0.0144 mSv/MU for the shielded SMCS. The mean dose to produce a failure for the unshielded SMCS was 63.5 ± 58.3 mSv versus 17.0 ±12.2 mSv for the shielded. The mean number of MUs between failures were 2297 ± 1891 MU for the unshielded SMCS and 2122 ± 1523 MU for the shielded. A Wilcoxon Signed Ranked test showed the dose between failures were significantly different (P value = 0.044) while the number of MUs between failures were not (P value = 1.000). Statistical analysis determined a SMCS neutron dose of 5.3 mSv produces a 5% chance of failure. Depending on the workload and location of the SMCS, this failure rate could impede clinical workflow. Conclusion: BPE shielding was shown to not reduce the average failure of the SMCS and relocation of the system outside of the accelerator vault was required to lower the failure rate enough to avoid impeding clinical work flow.« less

Experiences with Probabilistic Analysis Applied to Controlled Systems

NASA Technical Reports Server (NTRS)

Kenny, Sean P.; Giesy, Daniel P.

2004-01-01

This paper presents a semi-analytic method for computing frequency dependent means, variances, and failure probabilities for arbitrarily large-order closed-loop dynamical systems possessing a single uncertain parameter or with multiple highly correlated uncertain parameters. The approach will be shown to not suffer from the same computational challenges associated with computing failure probabilities using conventional FORM/SORM techniques. The approach is demonstrated by computing the probabilistic frequency domain performance of an optimal feed-forward disturbance rejection scheme.

The WorkPlace distributed processing environment

NASA Technical Reports Server (NTRS)

Ames, Troy; Henderson, Scott

1993-01-01

Real time control problems require robust, high performance solutions. Distributed computing can offer high performance through parallelism and robustness through redundancy. Unfortunately, implementing distributed systems with these characteristics places a significant burden on the applications programmers. Goddard Code 522 has developed WorkPlace to alleviate this burden. WorkPlace is a small, portable, embeddable network interface which automates message routing, failure detection, and re-configuration in response to failures in distributed systems. This paper describes the design and use of WorkPlace, and its application in the construction of a distributed blackboard system.

Proceedings of the IDA Workshop on Formal Specification and Verification of Ada (Trade Name) (3rd) Held in Research Triangle Park, North Carolina on 14-16 May 1986

DTIC Science & Technology

1986-08-01

sensitivity to software or hardware failures (bit transformation, register perversion, interface failures, etc .) which could cause the system to operate in a...of systems . She pointed to the need for 40 safety concerns in a continually growing number of computer applications (e.g., monitor and/or control of...informal, definition. Finally, the definition is based on the SMoLCS (Structured Monitored Linear Concurrent Systems ) methodology, an approach to the

Distributed adaptive neural network control for a class of heterogeneous nonlinear multi-agent systems subject to actuation failures

NASA Astrophysics Data System (ADS)

Cui, Bing; Zhao, Chunhui; Ma, Tiedong; Feng, Chi

2017-02-01

In this paper, the cooperative adaptive consensus tracking problem for heterogeneous nonlinear multi-agent systems on directed graph is addressed. Each follower is modelled as a general nonlinear system with the unknown and nonidentical nonlinear dynamics, disturbances and actuator failures. Cooperative fault tolerant neural network tracking controllers with online adaptive learning features are proposed to guarantee that all agents synchronise to the trajectory of one leader with bounded adjustable synchronisation errors. With the help of linear quadratic regulator-based optimal design, a graph-dependent Lyapunov proof provides error bounds that depend on the graph topology, one virtual matrix and some design parameters. Of particular interest is that if the control gain is selected appropriately, the proposed control scheme can be implemented in a unified framework no matter whether there are faults or not. Furthermore, the fault detection and isolation are not needed to implement. Finally, a simulation is given to verify the effectiveness of the proposed method.

Shuttle remote manipulator system mission preparation and operations

NASA Technical Reports Server (NTRS)

Smith, Ernest E., Jr.

1989-01-01

The preflight planning, analysis, procedures development, and operations support for the Space Transportation System payload deployment and retrieval missions utilizing the Shuttle Remote Manipulator System are summarized. Analysis of the normal operational loads and failure induced loads and motion are factored into all procedures. Both the astronaut flight crews and the Mission Control Center flight control teams receive considerable training for standard and mission specific operations. The real time flight control team activities are described.

Losartan corrects abnormal frequency response of renal vasculature in congestive heart failure.

PubMed

DiBona, Gerald F; Sawin, Linda L

2003-11-01

In congestive heart failure, renal blood flow is decreased and renal vascular resistance is increased in a setting of increased activity of both the sympathetic nervous and renin-angiotensin systems. The renal vasoconstrictor response to renal nerve stimulation is enhanced. This is associated with an abnormality in the low-pass filter function of the renal vasculature wherein higher frequencies (> or =0.01 Hz) within renal sympathetic nerve activity are not normally attenuated and are passed into the renal blood flow signal. This study tested the hypothesis that excess angiotensin II action mediates the abnormal frequency response characteristics of the renal vasculature in congestive heart failure. In anesthetized rats, the renal vasoconstrictor response to graded frequency renal nerve stimulation was significantly greater in congestive heart failure than in control rats. Losartan attenuated the renal vasoconstrictor response to a significantly greater degree in congestive heart failure than in control rats. In control rats, the frequency response of the renal vasculature was that of a first order (-20 dB/frequency decade) low-pass filter with a corner frequency (-3 dB, 30% attenuation) of 0.002 Hz and 97% attenuation (-30 dB) at > or =0.1 Hz. In congestive heart failure rats, attenuation did not exceed 45% (-5 dB) over the frequency range of 0.001-0.6 Hz. The frequency response of the renal vasculature was not affected by losartan treatment in control rats but was completely restored to normal by losartan treatment in congestive heart failure rats. The enhanced renal vasoconstrictor response to renal nerve stimulation and the associated abnormality in the frequency response characteristics of the renal vasculature seen in congestive heart failure are mediated by the action of angiotensin II on renal angiotensin II AT1 receptors.

Flight test of a full authority Digital Electronic Engine Control system in an F-15 aircraft

NASA Technical Reports Server (NTRS)

Barrett, W. J.; Rembold, J. P.; Burcham, F. W.; Myers, L.

1981-01-01

The Digital Electronic Engine Control (DEEC) system considered is a relatively low cost digital full authority control system containing selectively redundant components and fault detection logic with capability for accommodating faults to various levels of operational capability. The DEEC digital control system is built around a 16-bit, 1.2 microsecond cycle time, CMOS microprocessor, microcomputer system with approximately 14 K of available memory. Attention is given to the control mode, component bench testing, closed loop bench testing, a failure mode and effects analysis, sea-level engine testing, simulated altitude engine testing, flight testing, the data system, cockpit, and real time display.

A pilot rating scale for evaluating failure transients in electronic flight control systems

NASA Technical Reports Server (NTRS)

Hindson, William S.; Schroeder, Jeffery A.; Eshow, Michelle M.

1990-01-01

A pilot rating scale was developed to describe the effects of transients in helicopter flight-control systems on safety-of-flight and on pilot recovery action. The scale was applied to the evaluation of hardovers that could potentially occur in the digital flight-control system being designed for a variable-stability UH-60A research helicopter. Tests were conducted in a large moving-base simulator and in flight. The results of the investigation were combined with existing airworthiness criteria to determine quantitative reliability design goals for the control system.

Report of the Attitude Control and Attitude Determination Panel. [spacecraft instrumentation technology

NASA Technical Reports Server (NTRS)

1979-01-01

Failures and deficiencies in flight programs are reviewed and suggestions are made for avoiding them. The technology development problem areas considered are control configured vehicle design, gyros, solid state star sensors, control instrumentation, tolerant/accomodating control systems, large momentum exchange devices, and autonomous rendezvous and docking.

Apollo 15 main-parachute failure

NASA Technical Reports Server (NTRS)

Arabian, D. D.; Mechelay, J. E.

1972-01-01

In the investigation of the failure of one of the three main parachutes of the Apollo 15 spacecraft, which collapsed at approximately 1825 meters after operating properly from deployment at 3050 meters, three conditions considered to be possible causes of the failure were produced. The suspect conditions were the proximity of the forward heat shield that passed the spacecraft at approximately 1825 meters, the dumping of the reaction control system hypergolic propellants at approximately 1825 meters, and the failing of a riser link found on a recovered parachute. (The failed parachute was not recovered). The remaining two parachutes functioned as planned and averted a catastrophic failure. The conclusions concerning the cause of the failure are discussed.

The effects of type of knowledge upon human problem solving in a process control task

NASA Technical Reports Server (NTRS)

Morris, N. M.; Rouse, W. B.

1985-01-01

The question of what the operator of a dynamic system needs to know was investigated in an experiment using PLANT, a simulation of a generic dynamic production process. Knowledge of PLANT was manipulated via different types of instruction, so that four different groups were created: (1) minimal instructions only; (2) minimal instructions and guidelines for operation (procedures); (3) minimal instructions and dynamic relationships (principles); and (4) minimal instructions, and procedures, and principles. Subjects controlled PLANT in a variety of situations which required maintaining production while also diagnosing familiar and unfamiliar failures. Despite the fact that these manipulations resulted in differences in subjects' Knowledge, as assessed via a written test at the end of the experiment, instructions had no effect upon achievement of the primary goal of production, or upon subjects' ability to diagnose unfamiliar failures. However, those groups receiving procedures controlled the system in a more stable manner. Possible reasons for the failure to find an effect of principles are presented, and the implications of these results for operator training and aiding are discussed.

Solar power satellite system definition study. Volume 7, phase 1: SPS and rectenna systems analyses

NASA Technical Reports Server (NTRS)

1979-01-01

A systems definition study of the solar power satellite systems is presented. The design and power distribution of the rectenna system is discussed. The communication subsystem and thermal control characteristics are described and a failure analysis performed on the systems is reported.

77 FR 42949 - Special Conditions: Tamarack Aerospace Group, Cirrus Model SR22; Active Technology Load...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-07-23

... novel or unusual design feature(s) associated with Tamarack Aerospace Group's modification. The design... not aware of the failure. Warning systems must not activate the control system. (b) The design of the... Active Control Surface (TACS) must be designed and installed to prevent jamming, chafing, and...

Reliability, Safety and Error Recovery for Advanced Control Software

NASA Technical Reports Server (NTRS)

Malin, Jane T.

2003-01-01

For long-duration automated operation of regenerative life support systems in space environments, there is a need for advanced integration and control systems that are significantly more reliable and safe, and that support error recovery and minimization of operational failures. This presentation outlines some challenges of hazardous space environments and complex system interactions that can lead to system accidents. It discusses approaches to hazard analysis and error recovery for control software and challenges of supporting effective intervention by safety software and the crew.

The development of control and monitoring system on marine current renewable energy Case study: strait of Toyapakeh - Nusa Penida, Bali

NASA Astrophysics Data System (ADS)

Arief, I. S.; Suherman, I. H.; Wardani, A. Y.; Baidowi, A.

2017-05-01

Control and monitoring system is a continuous process of securing the asset in the Marine Current Renewable Energy. A control and monitoring system is existed each critical components which is embedded in Failure Mode Effect Analysis (FMEA) method. As the result, the process in this paper developed through a matrix sensor. The matrix correlated to critical components and monitoring system which supported by sensors to conduct decision-making.

How to avoid the ten most frequent EMS pitfalls

DOE Office of Scientific and Technical Information (OSTI.GOV)

Andrews, W.

1982-04-19

It pays to do your homework before investing in an energy management system if you want to avoid the 10 most common pitfalls listed by users, consultants, and manufacturers as: oversimplification, improper maintenance, failure to involve operating personnel, inaccurate savings estimates, failure to include monitoring capability, incompetent or fradulent firms, improper load control, not allowing for a de-bugging period, failure to include manual override, and software problems. The article describes how each of these pitfalls can lead to poor decisions and poor results. (DCK)

On-clip high frequency reliability and failure test structures

DOEpatents

Snyder, E.S.; Campbell, D.V.

1997-04-29

Self-stressing test structures for realistic high frequency reliability characterizations. An on-chip high frequency oscillator, controlled by DC signals from off-chip, provides a range of high frequency pulses to test structures. The test structures provide information with regard to a variety of reliability failure mechanisms, including hot-carriers, electromigration, and oxide breakdown. The system is normally integrated at the wafer level to predict the failure mechanisms of the production integrated circuits on the same wafer. 22 figs.

Reliability training

NASA Technical Reports Server (NTRS)

Lalli, Vincent R. (Editor); Malec, Henry A. (Editor); Dillard, Richard B.; Wong, Kam L.; Barber, Frank J.; Barina, Frank J.

1992-01-01

Discussed here is failure physics, the study of how products, hardware, software, and systems fail and what can be done about it. The intent is to impart useful information, to extend the limits of production capability, and to assist in achieving low cost reliable products. A review of reliability for the years 1940 to 2000 is given. Next, a review of mathematics is given as well as a description of what elements contribute to product failures. Basic reliability theory and the disciplines that allow us to control and eliminate failures are elucidated.

Failure and fatigue characteristics of adhesive athletic tape.

PubMed

Bragg, Richard W; Macmahon, John M; Overom, Erin K; Yerby, Scott A; Matheson, Gordon O; Carter, Dennis R; Andriacchi, Thomas P

2002-03-01

Athletic tape has been commonly reported to lose much of its structural support after 20 min of exercise. Although many studies have addressed the functional performance characteristics of athletic tape, its mechanical properties are poorly understood. This study examines the failure and fatigue properties of several commonly used athletic tapes. A Web-based survey of professional sports trainers was used to select the following three tapes for the study: Zonas (Johnson & Johnson), Leukotape (Beiersdorf), and Jaylastic (Jaybird & Mais). Using a hydraulic material testing system (MTS), eight samples of each tape were compared in three different mechanical tests: load-to-failure, fatigue testing under load control, and fatigue testing under displacement control. Differences in tape microstructure were used to interpret the results of the mechanical tests. Significant differences (P < 0.001) in failure load, elongation at failure, and stiffness were found from failure tests. Significant differences were also found (P < 0.001) in fatigue behavior under both modes of control. As a representative example, in one normalized displacement control fatigue test after 20 min of cycling, 21% (Zonas), 29% (Leukotape), and 57% (Jaylastic) of the mechanical support was lost. After cycling, all tapes loaded to failure showed increased stiffness (P < 0.001), indicating significant energy absorption during cycling. Observed differences in the tapes' microstructure were qualitatively consistent with the measured differences in their mechanical properties. In understanding the shortcomings of currently available tapes, the results of these tests can now be used as benchmarks with which to compare and develop future tape designs. Ultimately, these improved tapes should reduce ankle injuries among athletes.

Reliability analysis of a phaser measurement unit using a generalized fuzzy lambda-tau(GFLT) technique.

PubMed

Komal

2018-05-01

Nowadays power consumption is increasing day-by-day. To fulfill failure free power requirement, planning and implementation of an effective and reliable power management system is essential. Phasor measurement unit(PMU) is one of the key device in wide area measurement and control systems. The reliable performance of PMU assures failure free power supply for any power system. So, the purpose of the present study is to analyse the reliability of a PMU used for controllability and observability of power systems utilizing available uncertain data. In this paper, a generalized fuzzy lambda-tau (GFLT) technique has been proposed for this purpose. In GFLT, system components' uncertain failure and repair rates are fuzzified using fuzzy numbers having different shapes such as triangular, normal, cauchy, sharp gamma and trapezoidal. To select a suitable fuzzy number for quantifying data uncertainty, system experts' opinion have been considered. The GFLT technique applies fault tree, lambda-tau method, fuzzified data using different membership functions, alpha-cut based fuzzy arithmetic operations to compute some important reliability indices. Furthermore, in this study ranking of critical components of the system using RAM-Index and sensitivity analysis have also been performed. The developed technique may be helpful to improve system performance significantly and can be applied to analyse fuzzy reliability of other engineering systems. Copyright © 2018 ISA. Published by Elsevier Ltd. All rights reserved.

Interfacing LabVIEW With Instrumentation for Electronic Failure Analysis and Beyond

NASA Technical Reports Server (NTRS)

Buchanan, Randy K.; Bryan, Coleman; Ludwig, Larry

1996-01-01

The Laboratory Virtual Instrumentation Engineering Workstation (LabVIEW) software is designed such that equipment and processes related to control systems can be operationally lined and controlled by the use of a computer. Various processes within the failure analysis laboratories of NASA's Kennedy Space Center (KSC) demonstrate the need for modernization and, in some cases, automation, using LabVIEW. An examination of procedures and practices with the Failure Analaysis Laboratory resulted in the conclusion that some device was necessary to elevate the potential users of LabVIEW to an operational level in minimum time. This paper outlines the process involved in creating a tutorial application to enable personnel to apply LabVIEW to their specific projects. Suggestions for furthering the extent to which LabVIEW is used are provided in the areas of data acquisition and process control.

Power System Information Delivering System Based on Distributed Object

NASA Astrophysics Data System (ADS)

Tanaka, Tatsuji; Tsuchiya, Takehiko; Tamura, Setsuo; Seki, Tomomichi; Kubota, Kenji

In recent years, improvement in computer performance and development of computer network technology or the distributed information processing technology has a remarkable thing. Moreover, the deregulation is starting and will be spreading in the electric power industry in Japan. Consequently, power suppliers are required to supply low cost power with high quality services to customers. Corresponding to these movements the authors have been proposed SCOPE (System Configuration Of PowEr control system) architecture for distributed EMS/SCADA (Energy Management Systems / Supervisory Control and Data Acquisition) system based on distributed object technology, which offers the flexibility and expandability adapting those movements. In this paper, the authors introduce a prototype of the power system information delivering system, which was developed based on SCOPE architecture. This paper describes the architecture and the evaluation results of this prototype system. The power system information delivering system supplies useful power systems information such as electric power failures to the customers using Internet and distributed object technology. This system is new type of SCADA system which monitors failure of power transmission system and power distribution system with geographic information integrated way.

Value measurement in health care: a new perspective.

PubMed

Michelman, J E; Rausch, P E; Barton, T L

1999-08-01

Vital to the success of any healthcare organization is the ability to obtain useful information and feedback about its performance. In particular, healthcare organizations need to begin to understand how non-value-adding work activities detract from their bottom lines. Additionally, financial managers and information systems need to provide data and reports throughout the continuum of care. Overall, healthcare organizations must align the management information and control systems with the planning and decision-making processes. The horizontal information system is a tool to manage three common problems facing today's healthcare managers: (1) the use of existing information to focus on control rather than improve business, (2) failure to focus on satisfying the customer, and (3) failure to combine their efforts with those of the employees by developing trust and a common focus.

Immunity-Based Aircraft Fault Detection System

NASA Technical Reports Server (NTRS)

Dasgupta, D.; KrishnaKumar, K.; Wong, D.; Berry, M.

2004-01-01

In the study reported in this paper, we have developed and applied an Artificial Immune System (AIS) algorithm for aircraft fault detection, as an extension to a previous work on intelligent flight control (IFC). Though the prior studies had established the benefits of IFC, one area of weakness that needed to be strengthened was the control dead band induced by commanding a failed surface. Since the IFC approach uses fault accommodation with no detection, the dead band, although it reduces over time due to learning, is present and causes degradation in handling qualities. If the failure can be identified, this dead band can be further A ed to ensure rapid fault accommodation and better handling qualities. The paper describes the application of an immunity-based approach that can detect a broad spectrum of known and unforeseen failures. The approach incorporates the knowledge of the normal operational behavior of the aircraft from sensory data, and probabilistically generates a set of pattern detectors that can detect any abnormalities (including faults) in the behavior pattern indicating unsafe in-flight operation. We developed a tool called MILD (Multi-level Immune Learning Detection) based on a real-valued negative selection algorithm that can generate a small number of specialized detectors (as signatures of known failure conditions) and a larger set of generalized detectors for unknown (or possible) fault conditions. Once the fault is detected and identified, an adaptive control system would use this detection information to stabilize the aircraft by utilizing available resources (control surfaces). We experimented with data sets collected under normal and various simulated failure conditions using a piloted motion-base simulation facility. The reported results are from a collection of test cases that reflect the performance of the proposed immunity-based fault detection algorithm.

Practical Application of a Subscale Transport Aircraft for Flight Research in Control Upset and Failure Conditions

NASA Technical Reports Server (NTRS)

Cunningham, Kevin; Foster, John V.; Morelli, Eugene A.; Murch, Austin M.

2008-01-01

Over the past decade, the goal of reducing the fatal accident rate of large transport aircraft has resulted in research aimed at the problem of aircraft loss-of-control. Starting in 1999, the NASA Aviation Safety Program initiated research that included vehicle dynamics modeling, system health monitoring, and reconfigurable control systems focused on flight regimes beyond the normal flight envelope. In recent years, there has been an increased emphasis on adaptive control technologies for recovery from control upsets or failures including damage scenarios. As part of these efforts, NASA has developed the Airborne Subscale Transport Aircraft Research (AirSTAR) flight facility to allow flight research and validation, and system testing for flight regimes that are considered too risky for full-scale manned transport airplane testing. The AirSTAR facility utilizes dynamically-scaled vehicles that enable the application of subscale flight test results to full scale vehicles. This paper describes the modeling and simulation approach used for AirSTAR vehicles that supports the goals of efficient, low-cost and safe flight research in abnormal flight conditions. Modeling of aerodynamics, controls, and propulsion will be discussed as well as the application of simulation to flight control system development, test planning, risk mitigation, and flight research.

Distributed Interplanetary Delay/Disruption Tolerant Network (DTN) Monitor and Control System

NASA Technical Reports Server (NTRS)

Wang, Shin-Ywan

2012-01-01

The main purpose of Distributed interplanetary Delay Tolerant Network Monitor and Control System as a DTN system network management implementation in JPL is defined to provide methods and tools that can monitor the DTN operation status, detect and resolve DTN operation failures in some automated style while either space network or some heterogeneous network is infused with DTN capability. In this paper, "DTN Monitor and Control system in Deep Space Network (DSN)" exemplifies a case how DTN Monitor and Control system can be adapted into a space network as it is DTN enabled.

Implant failure and history of failed endodontic treatment: A retrospective case-control study.

PubMed

Chatzopoulos, Georgios S; Wolff, Larry F

2017-11-01

Residual bacterial biofilm and/or bacteria in planktonic form may be survived in the bone following an extraction of an infected tooth that was endodontically treated unsuccessfully Failed endodontic treatment may be associated with failure of implants to osseointegrate in the same sites. Therefore, the aim of this retrospective case-control study is to examine the risk of implant failure in previous failed endodontic sites. This retrospective case-control study is based on 94 dental records of implants placed at the University of Minnesota School of Dentistry. Dental records of patients who received an implant in sites with previously failed endodontic therapy in the dental school were identified from the electronic database, while control subjects were obtained from the same pool of patients with the requirement to have received an implant in a site that was not endodontically treated. The mean age of the population was 62.89±14.17 years with 57.4% of the sample being females and 42.6% of them being males. In regards to the socio-economic status and dental insurance, 84.0% of this population was classified as low socio-economic status and 68.1% had dental insurance. Tobacco use was self-reported by 9.6% and hypercholesterolemia was the most prevalent systemic medical condition. Dental implant failure was identified in two of the included records (2.1%), both of which were placed in sites with a history of failed endodontic treatment. Within the limitations of this retrospective case-control study, further investigation with a larger population group into implant failure of sites that previously had unsuccessful endodontic treatment would be warranted. Implant failure may be associated with a history of failed endodontic treatment. Key words: Implantology, endodontics, osseointegration, treatment outcome, case-control study.

Ethical questions must be considered for electronic health records.

PubMed

Spriggs, Merle; Arnold, Michael V; Pearce, Christopher M; Fry, Craig

2012-09-01

National electronic health record initiatives are in progress in many countries around the world but the debate about the ethical issues and how they are to be addressed remains overshadowed by other issues. The discourse to which all others are answerable is a technical discourse, even where matters of privacy and consent are concerned. Yet a focus on technical issues and a failure to think about ethics are cited as factors in the failure of the UK health record system. In this paper, while the prime concern is the Australian Personally Controlled Electronic Health Record (PCEHR), the discussion is relevant to and informed by the international context. The authors draw attention to ethical and conceptual issues that have implications for the success or failure of electronic health records systems. Important ethical issues to consider as Australia moves towards a PCEHR system include: issues of equity that arise in the context of personal control, who benefits and who should pay, what are the legitimate uses of PCEHRs, and how we should implement privacy. The authors identify specific questions that need addressing.

Modular space vehicle boards, control software, reprogramming, and failure recovery

DOE Office of Scientific and Technical Information (OSTI.GOV)

Judd, Stephen; Dallmann, Nicholas; McCabe, Kevin

A space vehicle may have a modular board configuration that commonly uses some or all components and a common operating system for at least some of the boards. Each modular board may have its own dedicated processing, and processing loads may be distributed. The space vehicle may be reprogrammable, and may be launched without code that enables all functionality and/or components. Code errors may be detected and the space vehicle may be reset to a working code version to prevent system failure.

Syndromic surveillance for health information system failures: a feasibility study

PubMed Central

Ong, Mei-Sing; Magrabi, Farah; Coiera, Enrico

2013-01-01

Objective To explore the applicability of a syndromic surveillance method to the early detection of health information technology (HIT) system failures. Methods A syndromic surveillance system was developed to monitor a laboratory information system at a tertiary hospital. Four indices were monitored: (1) total laboratory records being created; (2) total records with missing results; (3) average serum potassium results; and (4) total duplicated tests on a patient. The goal was to detect HIT system failures causing: data loss at the record level; data loss at the field level; erroneous data; and unintended duplication of data. Time-series models of the indices were constructed, and statistical process control charts were used to detect unexpected behaviors. The ability of the models to detect HIT system failures was evaluated using simulated failures, each lasting for 24 h, with error rates ranging from 1% to 35%. Results In detecting data loss at the record level, the model achieved a sensitivity of 0.26 when the simulated error rate was 1%, while maintaining a specificity of 0.98. Detection performance improved with increasing error rates, achieving a perfect sensitivity when the error rate was 35%. In the detection of missing results, erroneous serum potassium results and unintended repetition of tests, perfect sensitivity was attained when the error rate was as small as 5%. Decreasing the error rate to 1% resulted in a drop in sensitivity to 0.65–0.85. Conclusions Syndromic surveillance methods can potentially be applied to monitor HIT systems, to facilitate the early detection of failures. PMID:23184193

Comparative Evaluation of Periodontal Status of Chronic Renal Failure Patients and Systemically Healthy Individuals.

PubMed

Gupta, Radhika; Kumar, Uttam; Mallapragada, Siddharth; Agarwal, Pallavi

2018-03-01

Periodontitis, a chronic infectious disease, affects most of the population at one time or the other and its expression is a combination of hosts, microbial agents, and environmental factors. Extensive literature exists for the relationship between periodontal disease and diabetes mellitus, cardiovascular diseases, and adverse pregnancy outcomes. Only a few studies performed in a limited number of patients have reported peri-odontal health status in chronic renal failure patients. Hence, the aim of the present study is to assess and compare the periodontal status of patients with chronic renal failure undergoing dialysis, predialysis with systemically healthy individuals. A total of 90 patients were divided into three groups. Group I: 30 renal dialysis patients. Group II: 30 predialysis patients. Control group comprised 30 systemically healthy patients who formed group III. Periodontal examination was carried out using oral hygiene index-simplified (OHI-S), plaque index (PI), gingival index (GI), probing depth, and clinical attachment loss. The results of the study showed that the periodontal status of patients with chronic renal failure undergoing dialysis (dialysis group) and patients with chronic renal failure not undergoing renal dialysis (predialysis) when compared with systemically healthy subjects showed significantly higher mean scores of OHI-S, PI, and clinical attachment loss. Thus, patients with chronic renal failure showed poor oral hygiene and higher prevalence of periodontal disease. The dental community's awareness of implications of poor health within chronic renal failure patients should be elevated.

Control optimization, stabilization and computer algorithms for aircraft applications

NASA Technical Reports Server (NTRS)

1975-01-01

Research related to reliable aircraft design is summarized. Topics discussed include systems reliability optimization, failure detection algorithms, analysis of nonlinear filters, design of compensators incorporating time delays, digital compensator design, estimation for systems with echoes, low-order compensator design, descent-phase controller for 4-D navigation, infinite dimensional mathematical programming problems and optimal control problems with constraints, robust compensator design, numerical methods for the Lyapunov equations, and perturbation methods in linear filtering and control.

Clinical utility of sympathetic blockade in cardiovascular disease management.

PubMed

Park, Chan Soon; Lee, Hae-Young

2017-04-01

A dysregulated sympathetic nervous system is a major factor in the development and progression of cardiovascular disease; thus, understanding the mechanism and function of the sympathetic nervous system and appropriately regulating sympathetic activity to treat various cardiovascular diseases are crucial. Areas covered: This review focused on previous studies in managing hypertension, atrial fibrillation, coronary artery disease, heart failure, and perioperative management with sympathetic blockade. We reviewed both pharmacological and non-pharmacological management. Expert commentary: Chronic sympathetic nervous system activation is related to several cardiovascular diseases mediated by various pathways. Advancement in measuring sympathetic activity makes visualizing noninvasively and evaluating the activation level even in single fibers possible. Evidence suggests that sympathetic blockade still has a role in managing hypertension and controlling the heart rate in atrial fibrillation. For ischemic heart disease, beta-adrenergic receptor antagonists have been considered a milestone drug to control symptoms and prevent long-term adverse effects, although its clinical implication has become less potent in the era of successful revascularization. Owing to pathologic involvement of sympathetic nervous system activation in heart failure progression, sympathetic blockade has proved its value in improving the clinical course of patients with heart failure.

Vinogradov at TORU control system in Zvezda

NASA Image and Video Library

2006-06-26

ISS013-E-42209 (26 June 2006) --- Cosmonaut Pavel V. Vinogradov, Expedition 13 commander representing Russia's Federal Space Agency, practices docking procedures with the TORU teleoperated control system in the Zvezda Service Module of the International Space Station in preparation for the docking of the Progress 22 spacecraft. Vinogradov, using the Simvol-TS screen and hand controllers, could manually dock the Progress to the station in the event of a failure of the Kurs automated docking system.

Modeling and real time simulation of an HVDC inverter feeding a weak AC system based on commutation failure study.

PubMed

Mankour, Mohamed; Khiat, Mounir; Ghomri, Leila; Chaker, Abdelkader; Bessalah, Mourad

2018-06-01

This paper presents modeling and study of 12-pulse HVDC (High Voltage Direct Current) based on real time simulation where the HVDC inverter is connected to a weak AC system. In goal to study the dynamic performance of the HVDC link, two serious kind of disturbance are applied at HVDC converters where the first one is the single phase to ground AC fault and the second one is the DC link to ground fault. The study is based on two different mode of analysis, which the first is to test the performance of the DC control and the second is focalized to study the effect of the protection function on the system behavior. This real time simulation considers the strength of the AC system to witch is connected and his relativity with the capacity of the DC link. The results obtained are validated by means of RT-lab platform using digital Real time simulator Hypersim (OP-5600), the results carried out show the effect of the DC control and the influence of the protection function to reduce the probability of commutation failures and also for helping inverter to take out from commutation failure even while the DC control fails to eliminate them. Copyright © 2018 ISA. Published by Elsevier Ltd. All rights reserved.

Reliability Analysis of the Electrical Control System of Subsea Blowout Preventers Using Markov Models

PubMed Central

Liu, Zengkai; Liu, Yonghong; Cai, Baoping

2014-01-01

Reliability analysis of the electrical control system of a subsea blowout preventer (BOP) stack is carried out based on Markov method. For the subsea BOP electrical control system used in the current work, the 3-2-1-0 and 3-2-0 input voting schemes are available. The effects of the voting schemes on system performance are evaluated based on Markov models. In addition, the effects of failure rates of the modules and repair time on system reliability indices are also investigated. PMID:25409010

Use of failure modes and effects analysis in design of the tracker system for the HET wide-field upgrade

NASA Astrophysics Data System (ADS)

Hayes, Richard; Beets, Tim; Beno, Joseph; Booth, John; Cornell, Mark; Good, John; Heisler, James; Hill, Gary; Kriel, Herman; Penney, Charles; Rafal, Marc; Savage, Richard; Soukup, Ian; Worthington, Michael; Zierer, Joseph

2012-09-01

In support of the Hobby-Eberly Telescope Dark Energy Experiment (HETDEX), the Center for Electromechanics at The University of Texas at Austin was tasked with developing the new Tracker and control system to support the HETDEX Wide-Field Upgrade. The tracker carries the 3,100 kg Prime Focus Instrument Package and Wide Field Corrector approximately 13 m above the 10 m diameter primary mirror. Its safe and reliable operation by a sophisticated control system, over a 20 year life time is a paramount requirement for the project. To account for all potential failures and potential hazards, to both the equipment and personnel involved, an extensive Failure Modes and Effects Analysis (FMEA) was completed early in the project. This task required participation of all the stakeholders over a multi-day meeting with numerous follow up exchanges. The event drove a number of significant design decisions and requirements that might not have been identified this early in the project without this process. The result is a system that has multiple layers of active and passive safety systems to protect the tens of millions of dollars of hardware involved and the people who operate it. This paper will describe the background of the FMEA process, how it was utilized on HETDEX, the critical outcomes, how the required safety systems were implemented, and how they have worked in operation. It should be of interest to engineers, designers, and managers engaging in complex multi-disciplinary and parallel engineering projects that involve automated hardware and control systems with potentially hazardous operating scenarios.

Engine Icing Modeling and Simulation (Part 2): Performance Simulation of Engine Rollback Phenomena

NASA Technical Reports Server (NTRS)

May, Ryan D.; Guo, Ten-Huei; Veres, Joseph P.; Jorgenson, Philip C. E.

2011-01-01

Ice buildup in the compressor section of a commercial aircraft gas turbine engine can cause a number of engine failures. One of these failure modes is known as engine rollback: an uncommanded decrease in thrust accompanied by a decrease in fan speed and an increase in turbine temperature. This paper describes the development of a model which simulates the system level impact of engine icing using the Commercial Modular Aero-Propulsion System Simulation 40k (C-MAPSS40k). When an ice blockage is added to C-MAPSS40k, the control system responds in a manner similar to that of an actual engine, and, in cases with severe blockage, an engine rollback is observed. Using this capability to simulate engine rollback, a proof-of-concept detection scheme is developed and tested using only typical engine sensors. This paper concludes that the engine control system s limit protection is the proximate cause of iced engine rollback and that the controller can detect the buildup of ice particles in the compressor section. This work serves as a feasibility study for continued research into the detection and mitigation of engine rollback using the propulsion control system.

Direct modeling parameter signature analysis and failure mode prediction of physical systems using hybrid computer optimization

NASA Technical Reports Server (NTRS)

Drake, R. L.; Duvoisin, P. F.; Asthana, A.; Mather, T. W.

1971-01-01

High speed automated identification and design of dynamic systems, both linear and nonlinear, are discussed. Special emphasis is placed on developing hardware and techniques which are applicable to practical problems. The basic modeling experiment and new results are described. Using the improvements developed successful identification of several systems, including a physical example as well as simulated systems, was obtained. The advantages of parameter signature analysis over signal signature analysis in go-no go testing of operational systems were demonstrated. The feasibility of using these ideas in failure mode prediction in operating systems was also investigated. An improved digital controlled nonlinear function generator was developed, de-bugged, and completely documented.

40 CFR 86.1803-01 - Definitions.

Code of Federal Regulations, 2010 CFR

2010-07-01

... which are designed primarily for emission control, or whose failure may result in a significant increase... waiver of emission data submission requirements under § 86.1829-01. Element of design means any control... a motor vehicle or motor vehicle engine. Emission control system is a unique group of emission...

Sensor Fault Detection and Diagnosis Simulation of a Helicopter Engine in an Intelligent Control Framework

NASA Technical Reports Server (NTRS)

Litt, Jonathan; Kurtkaya, Mehmet; Duyar, Ahmet

1994-01-01

This paper presents an application of a fault detection and diagnosis scheme for the sensor faults of a helicopter engine. The scheme utilizes a model-based approach with real time identification and hypothesis testing which can provide early detection, isolation, and diagnosis of failures. It is an integral part of a proposed intelligent control system with health monitoring capabilities. The intelligent control system will allow for accommodation of faults, reduce maintenance cost, and increase system availability. The scheme compares the measured outputs of the engine with the expected outputs of an engine whose sensor suite is functioning normally. If the differences between the real and expected outputs exceed threshold values, a fault is detected. The isolation of sensor failures is accomplished through a fault parameter isolation technique where parameters which model the faulty process are calculated on-line with a real-time multivariable parameter estimation algorithm. The fault parameters and their patterns can then be analyzed for diagnostic and accommodation purposes. The scheme is applied to the detection and diagnosis of sensor faults of a T700 turboshaft engine. Sensor failures are induced in a T700 nonlinear performance simulation and data obtained are used with the scheme to detect, isolate, and estimate the magnitude of the faults.

Evaluation of a fault tolerant system for an integrated avionics sensor configuration with TSRV flight data

NASA Technical Reports Server (NTRS)

Caglayan, A. K.; Godiwala, P. M.

1985-01-01

The performance analysis results of a fault inferring nonlinear detection system (FINDS) using sensor flight data for the NASA ATOPS B-737 aircraft in a Microwave Landing System (MLS) environment is presented. First, a statistical analysis of the flight recorded sensor data was made in order to determine the characteristics of sensor inaccuracies. Next, modifications were made to the detection and decision functions in the FINDS algorithm in order to improve false alarm and failure detection performance under real modelling errors present in the flight data. Finally, the failure detection and false alarm performance of the FINDS algorithm were analyzed by injecting bias failures into fourteen sensor outputs over six repetitive runs of the five minute flight data. In general, the detection speed, failure level estimation, and false alarm performance showed a marked improvement over the previously reported simulation runs. In agreement with earlier results, detection speed was faster for filter measurement sensors soon as MLS than for filter input sensors such as flight control accelerometers.

Integrated Application of Active Controls (IAAC) technology to an advanced subsonic transport project: Test act system validation

NASA Technical Reports Server (NTRS)

1985-01-01

The primary objective of the Test Active Control Technology (ACT) System laboratory tests was to verify and validate the system concept, hardware, and software. The initial lab tests were open loop hardware tests of the Test ACT System as designed and built. During the course of the testing, minor problems were uncovered and corrected. Major software tests were run. The initial software testing was also open loop. These tests examined pitch control laws, wing load alleviation, signal selection/fault detection (SSFD), and output management. The Test ACT System was modified to interface with the direct drive valve (DDV) modules. The initial testing identified problem areas with DDV nonlinearities, valve friction induced limit cycling, DDV control loop instability, and channel command mismatch. The other DDV issue investigated was the ability to detect and isolate failures. Some simple schemes for failure detection were tested but were not completely satisfactory. The Test ACT System architecture continues to appear promising for ACT/FBW applications in systems that must be immune to worst case generic digital faults, and be able to tolerate two sequential nongeneric faults with no reduction in performance. The challenge in such an implementation would be to keep the analog element sufficiently simple to achieve the necessary reliability.

Launch Vehicle Abort Analysis for Failures Leading to Loss of Control

NASA Technical Reports Server (NTRS)

Hanson, John M.; Hill, Ashley D.; Beard, Bernard B.

2013-01-01

Launch vehicle ascent is a time of high risk for an onboard crew. There is a large fraction of possible failures for which time is of the essence and a successful abort is possible if the detection and action happens quickly enough. This paper focuses on abort determination based on data already available from the Guidance, Navigation, and Control system. This work is the result of failure analysis efforts performed during the Ares I launch vehicle development program. The two primary areas of focus are the derivation of abort triggers to ensure that abort occurs as quickly as possible when needed, but that false aborts are avoided, and evaluation of success in aborting off the failing launch vehicle.

Analysis of the STS-126 Flow Control Valve Structural-Acoustic Coupling Failure

NASA Technical Reports Server (NTRS)

Jones, Trevor M.; Larko, Jeffrey M.; McNelis, Mark E.

2010-01-01

During the Space Transportation System mission STS-126, one of the main engine's flow control valves incurred an unexpected failure. A section of the valve broke off during liftoff. It is theorized that an acoustic mode of the flowing fuel, coupled with a structural mode of the valve, causing a high cycle fatigue failure. This report documents the analysis efforts conducted in an attempt to verify this theory. Hand calculations, computational fluid dynamics, and finite element methods are all implemented and analyses are performed using steady-state methods in addition to transient analysis methods. The conclusion of the analyses is that there is a critical acoustic mode that aligns with a structural mode of the valve

Assessment Study of the State of the Art in Adaptive Control and its Applications to Aircraft Control

NASA Technical Reports Server (NTRS)

Kaufman, Howard

1998-01-01

Many papers relevant to reconfigurable flight control have appeared over the past fifteen years. In general these have consisted of theoretical issues, simulation experiments, and in some cases, actual flight tests. Results indicate that reconfiguration of flight controls is certainly feasible for a wide class of failures. However many of the proposed procedures although quite attractive, need further analytical and experimental studies for meaningful validation. Many procedures assume the availability of failure detection and identification logic that will supply adequately fast, the dynamics corresponding to the failed aircraft. This in general implies that the failure detection and fault identification logic must have access to all possible anticipated faults and the corresponding dynamical equations of motion. Unless some sort of explicit on line parameter identification is included, the computational demands could possibly be too excessive. This suggests the need for some form of adaptive control, either by itself as the prime procedure for control reconfiguration or in conjunction with the failure detection logic. If explicit or indirect adaptive control is used, then it is important that the identified models be such that the corresponding computed controls deliver adequate performance to the actual aircraft. Unknown changes in trim should be modelled, and parameter identification needs to be adequately insensitive to noise and at the same time capable of tracking abrupt changes. If however, both failure detection and system parameter identification turn out to be too time consuming in an emergency situation, then the concepts of direct adaptive control should be considered. If direct model reference adaptive control is to be used (on a linear model) with stability assurances, then a positive real or passivity condition needs to be satisfied for all possible configurations. This condition is often satisfied with a feedforward compensator around the plant. This compensator must be robustly designed such that the compensated plant satisfies the required positive real conditions over all expected parameter values. Furthermore, with the feedforward only around the plant, a nonzero (but bounded error) will exist in steady state between the plant and model outputs. This error can be removed by placing the compensator also in the reference model. Design of such a compensator should not be too difficult a problem since for flight control it is generally possible to feedback all the system states.

DCDS: A Real-time Data Capture and Personalized Decision Support System for Heart Failure Patients in Skilled Nursing Facilities.

PubMed

Zhu, Wei; Luo, Lingyun; Jain, Tarun; Boxer, Rebecca S; Cui, Licong; Zhang, Guo-Qiang

2016-01-01

Heart disease is the leading cause of death in the United States. Heart failure disease management can improve health outcomes for elderly community dwelling patients with heart failure. This paper describes DCDS, a real-time data capture and personalized decision support system for a Randomized Controlled Trial Investigating the Effect of a Heart Failure Disease Management Program (HF-DMP) in Skilled Nursing Facilities (SNF). SNF is a study funded by the NIH National Heart, Lung, and Blood Institute (NHLBI). The HF-DMP involves proactive weekly monitoring, evaluation, and management, following National HF Guidelines. DCDS collects a wide variety of data including 7 elements considered standard of care for patients with heart failure: documentation of left ventricular function, tracking of weight and symptoms, medication titration, discharge instructions, 7 day follow up appointment post SNF discharge and patient education. We present the design and implementation of DCDS and describe our preliminary testing results.

Digital flight control systems

NASA Technical Reports Server (NTRS)

Caglayan, A. K.; Vanlandingham, H. F.

1977-01-01

The design of stable feedback control laws for sampled-data systems with variable rate sampling was investigated. These types of sampled-data systems arise naturally in digital flight control systems which use digital actuators where it is desirable to decrease the number of control computer output commands in order to save wear and tear of the associated equipment. The design of aircraft control systems which are optimally tolerant of sensor and actuator failures was also studied. Detection of the failed sensor or actuator must be resolved and if the estimate of the state is used in the control law, then it is also desirable to have an estimator which will give the optimal state estimate even under the failed conditions.

Real-Time Smart Grids Control for Preventing Cascading Failures and Blackout using Neural Networks: Experimental Approach for N-1-1 Contingency

NASA Astrophysics Data System (ADS)

Zarrabian, Sina; Belkacemi, Rabie; Babalola, Adeniyi A.

2016-12-01

In this paper, a novel intelligent control is proposed based on Artificial Neural Networks (ANN) to mitigate cascading failure (CF) and prevent blackout in smart grid systems after N-1-1 contingency condition in real-time. The fundamental contribution of this research is to deploy the machine learning concept for preventing blackout at early stages of its occurrence and to make smart grids more resilient, reliable, and robust. The proposed method provides the best action selection strategy for adaptive adjustment of generators' output power through frequency control. This method is able to relieve congestion of transmission lines and prevent consecutive transmission line outage after N-1-1 contingency condition. The proposed ANN-based control approach is tested on an experimental 100 kW test system developed by the authors to test intelligent systems. Additionally, the proposed approach is validated on the large-scale IEEE 118-bus power system by simulation studies. Experimental results show that the ANN approach is very promising and provides accurate and robust control by preventing blackout. The technique is compared to a heuristic multi-agent system (MAS) approach based on communication interchanges. The ANN approach showed more accurate and robust response than the MAS algorithm.

A design support simulation of the augmentor wing jet STOL research aircraft

NASA Technical Reports Server (NTRS)

Rumsey, P. C.; Spitzer, R. E.; Glende, W. L. B.

1972-01-01

The modification of a C-8A (De Havilland Buffalo) aircraft to a STOL configuration is discussed. The modification consisted of the installation of an augmentor-wing jet flap system. System design requirements were investigated for the lateral and directional flight control systems, the lateral and directional axes stability augmentation systems, the engine and Pegasus nozzle control systems, and the hydraulic systems. Operational techniques for STOL landings, control of engine failures, and pilot techniques for improving engine-out go-around performance were examined. Design changes have been identified to correct deficiencies in areas of the airplane control sytems and to improve the airplane flying qualities.

76 FR 55293 - Special Conditions: Diamond Aircraft Industries, Model DA-40NG; Electronic Engine Control (EEC...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-09-07

... prior to the codification of Sec. 23.1308. There are several difficulties for propulsion systems... for Sec. 23.1309 and propulsion system capabilities and failure susceptibilities. The following figure...

Sensor failure detection for jet engines

NASA Technical Reports Server (NTRS)

Merrill, Walter C.

1988-01-01

The use of analytical redundancy to improve gas turbine engine control system reliability through sensor failure detection, isolation, and accommodation is surveyed. Both the theoretical and application papers that form the technology base of turbine engine analytical redundancy research are discussed. Also, several important application efforts are reviewed. An assessment of the state-of-the-art in analytical redundancy technology is given.

Independent Orbiter Assessment (IOA): Analysis of the reaction control system, volume 3

NASA Technical Reports Server (NTRS)

Burkemper, V. J.; Haufler, W. A.; Odonnell, R. A.; Paul, D. J.

1987-01-01

The results of the Independent Orbiter Assessment (IOA) of the Failure Modes and Effects Analysis (FMEA) and Critical Items List (CIL) are presented. The IOA approach features a top-down analysis of the hardware to determine failure modes, criticality, and potential critical items. To preserve independence, this analysis was accomplished without reliance upon the results contained within the NASA FMEA/CIL documentation. This report documents the independent analysis results for the Reaction Control System (RCS). The RCS is situated in three independent modules, one forward in the orbiter nose and one in each OMS/RCS pod. Each RCS module consists of the following subsystems: Helium Pressurization Subsystem; Propellant Storage and Distribution Subsystem; Thruster Subsystem; and Electrical Power Distribution and Control Subsystem. Volume 3 continues the presentation of IOA analysis worksheets and the potential critical items list.

Statistical modeling of software reliability

NASA Technical Reports Server (NTRS)

Miller, Douglas R.

1992-01-01

This working paper discusses the statistical simulation part of a controlled software development experiment being conducted under the direction of the System Validation Methods Branch, Information Systems Division, NASA Langley Research Center. The experiment uses guidance and control software (GCS) aboard a fictitious planetary landing spacecraft: real-time control software operating on a transient mission. Software execution is simulated to study the statistical aspects of reliability and other failure characteristics of the software during development, testing, and random usage. Quantification of software reliability is a major goal. Various reliability concepts are discussed. Experiments are described for performing simulations and collecting appropriate simulated software performance and failure data. This data is then used to make statistical inferences about the quality of the software development and verification processes as well as inferences about the reliability of software versions and reliability growth under random testing and debugging.

Independent Orbiter Assessment (IOA): Analysis of the electrical power distribution and control/electrical power generation subsystem

NASA Technical Reports Server (NTRS)

Patton, Jeff A.

1986-01-01

The results of the Independent Orbiter Assessment (IOA) of the Failure Modes and Effects Analysis (FMEA) and Critical Items List (CIL) are presented. The IOA approach features a top-down analysis of the hardware to determine failure modes, criticality, and potential critical items. To preserve independence, this analysis was accomplished without reliance upon the results contained within the NASA FMEA/CIL documentation. This report documents the independent analysis results corresponding to the Orbiter Electrical Power Distribution and Control (EPD and C)/Electrical Power Generation (EPG) hardware. The EPD and C/EPG hardware is required for performing critical functions of cryogenic reactant storage, electrical power generation and product water distribution in the Orbiter. Specifically, the EPD and C/EPG hardware consists of the following components: Power Section Assembly (PSA); Reactant Control Subsystem (RCS); Thermal Control Subsystem (TCS); Water Removal Subsystem (WRS); and Power Reactant Storage and Distribution System (PRSDS). The IOA analysis process utilized available EPD and C/EPG hardware drawings and schematics for defining hardware assemblies, components, and hardware items. Each level of hardware was evaluated and analyzed for possible failure modes and effects. Criticality was assigned based upon the severity of the effect for each failure mode.

Quiet Clean Short-haul Experimental Engine (QCSEE) over-the-wing control system design report

NASA Technical Reports Server (NTRS)

1977-01-01

A control system incorporating a digital electronic control was designed for the over-the-wing engine. The digital electronic control serves as the primary controlling element for engine fuel flow and core compressor stator position. It also includes data monitoring capability, a unique failure indication and corrective action feature, and optional provisions for operating with a new type of servovalve designed to operate in response to a digital-type signal and to fail with its output device hydraulically locked into position.

Tethered Satellite System Contingency Investigation Board

NASA Technical Reports Server (NTRS)

1992-01-01

The Tethered Satellite System (TSS-1) was launched aboard the Space Shuttle Atlantis (STS-46) on July 31, 1992. During the attempted on-orbit operations, the Tethered Satellite System failed to deploy successfully beyond 256 meters. The satellite was retrieved successfully and was returned on August 6, 1992. The National Aeronautics and Space Administration (NASA) Associate Administrator for Space Flight formed the Tethered Satellite System (TSS-1) Contingency Investigation Board on August 12, 1992. The TSS-1 Contingency Investigation Board was asked to review the anomalies which occurred, to determine the probable cause, and to recommend corrective measures to prevent recurrence. The board was supported by the TSS Systems Working group as identified in MSFC-TSS-11-90, 'Tethered Satellite System (TSS) Contingency Plan'. The board identified five anomalies for investigation: initial failure to retract the U2 umbilical; initial failure to flyaway; unplanned tether deployment stop at 179 meters; unplanned tether deployment stop at 256 meters; and failure to move tether in either direction at 224 meters. Initial observations of the returned flight hardware revealed evidence of mechanical interference by a bolt with the level wind mechanism travel as well as a helical shaped wrap of tether which indicated that the tether had been unwound from the reel beyond the travel by the level wind mechanism. Examination of the detailed mission events from flight data and mission logs related to the initial failure to flyaway and the failure to move in either direction at 224 meters, together with known preflight concerns regarding slack tether, focused the assessment of these anomalies on the upper tether control mechanism. After the second meeting, the board requested the working group to complete and validate a detailed integrated mission sequence to focus the fault tree analysis on a stuck U2 umbilical, level wind mechanical interference, and slack tether in upper tether control mechanism and to prepare a detailed plan for hardware inspection, test, and analysis including any appropriate hardware disassembly.

Tethered Satellite System Contingency Investigation Board

NASA Astrophysics Data System (ADS)

1992-11-01

The Tethered Satellite System (TSS-1) was launched aboard the Space Shuttle Atlantis (STS-46) on July 31, 1992. During the attempted on-orbit operations, the Tethered Satellite System failed to deploy successfully beyond 256 meters. The satellite was retrieved successfully and was returned on August 6, 1992. The National Aeronautics and Space Administration (NASA) Associate Administrator for Space Flight formed the Tethered Satellite System (TSS-1) Contingency Investigation Board on August 12, 1992. The TSS-1 Contingency Investigation Board was asked to review the anomalies which occurred, to determine the probable cause, and to recommend corrective measures to prevent recurrence. The board was supported by the TSS Systems Working group as identified in MSFC-TSS-11-90, 'Tethered Satellite System (TSS) Contingency Plan'. The board identified five anomalies for investigation: initial failure to retract the U2 umbilical; initial failure to flyaway; unplanned tether deployment stop at 179 meters; unplanned tether deployment stop at 256 meters; and failure to move tether in either direction at 224 meters. Initial observations of the returned flight hardware revealed evidence of mechanical interference by a bolt with the level wind mechanism travel as well as a helical shaped wrap of tether which indicated that the tether had been unwound from the reel beyond the travel by the level wind mechanism. Examination of the detailed mission events from flight data and mission logs related to the initial failure to flyaway and the failure to move in either direction at 224 meters, together with known preflight concerns regarding slack tether, focused the assessment of these anomalies on the upper tether control mechanism. After the second meeting, the board requested the working group to complete and validate a detailed integrated mission sequence to focus the fault tree analysis on a stuck U2 umbilical, level wind mechanical interference, and slack tether in upper tether control mechanism and to prepare a detailed plan for hardware inspection, test, and analysis including any appropriate hardware disassembly.

Roadside-based communication system and method

NASA Technical Reports Server (NTRS)

Bachelder, Aaron D. (Inventor)

2007-01-01

A roadside-based communication system providing backup communication between emergency mobile units and emergency command centers. In the event of failure of a primary communication, the mobile units transmit wireless messages to nearby roadside controllers that may take the form of intersection controllers. The intersection controllers receive the wireless messages, convert the messages into standard digital streams, and transmit the digital streams along a citywide network to a destination intersection or command center.

DOE Office of Scientific and Technical Information (OSTI.GOV)

March-Leuba, J.A.

Nuclear plants of the 21st century will employ higher levels of automation and fault tolerance to increase availability, reduce accident risk, and lower operating costs. Key developments in control algorithms, fault diagnostics, fault tolerance, and communication in a distributed system are needed to implement the fully automated plant. Equally challenging will be integrating developments in separate information and control fields into a cohesive system, which collectively achieves the overall goals of improved performance, safety, reliability, maintainability, and cost-effectiveness. Under the Nuclear Energy Research Initiative (NERI), the U. S. Department of Energy is sponsoring a project to address some of themore » technical issues involved in meeting the long-range goal of 21st century reactor control systems. This project, ''A New Paradigm for Automated Development Of Highly Reliable Control Architectures For Future Nuclear Plants,'' involves researchers from Oak Ridge National Laboratory, University of Tennessee, and North Carolina State University. This paper documents a research effort to develop methods for automated generation of control systems that can be traced directly to the design requirements. Our final goal is to allow the designer to specify only high-level requirements and stress factors that the control system must survive (e.g. a list of transients, or a requirement to withstand a single failure.) To this end, the ''control engine'' automatically selects and validates control algorithms and parameters that are optimized to the current state of the plant, and that have been tested under the prescribed stress factors. The control engine then automatically generates the control software from validated algorithms. Examples of stress factors that the control system must ''survive'' are: transient events (e.g., set-point changes, or expected occurrences such a load rejection,) and postulated component failures. These stress factors are specified by the designer and become a database of prescribed transients and component failures. The candidate control systems are tested, and their parameters optimized, for each of these stresses. Examples of high-level requirements are: response time less than xx seconds, or overshoot less than xx% ... etc. In mathematical terms, these types of requirements are defined as ''constraints,'' and there are standard mathematical methods to minimize an objective function subject to constraints. Since, in principle, any control design that satisfies all the above constraints is acceptable, the designer must also select an objective function that describes the ''goodness'' of the control design. Examples of objective functions are: minimize the number or amount of control motions, minimize an energy balance... etc.« less

Experimental Robot Position Sensor Fault Tolerance Using Accelerometers and Joint Torque Sensors

NASA Technical Reports Server (NTRS)

Aldridge, Hal A.; Juang, Jer-Nan

1997-01-01

Robot systems in critical applications, such as those in space and nuclear environments, must be able to operate during component failure to complete important tasks. One failure mode that has received little attention is the failure of joint position sensors. Current fault tolerant designs require the addition of directly redundant position sensors which can affect joint design. The proposed method uses joint torque sensors found in most existing advanced robot designs along with easily locatable, lightweight accelerometers to provide a joint position sensor fault recovery mode. This mode uses the torque sensors along with a virtual passive control law for stability and accelerometers for joint position information. Two methods for conversion from Cartesian acceleration to joint position based on robot kinematics, not integration, are presented. The fault tolerant control method was tested on several joints of a laboratory robot. The controllers performed well with noisy, biased data and a model with uncertain parameters.

Robust Modal Filtering and Control of the X-56A Model with Simulated Fiber Optic Sensor Failures

NASA Technical Reports Server (NTRS)

Suh, Peter M.; Chin, Alexander W.; Marvis, Dimitri N.

2014-01-01

The X-56A aircraft is a remotely-piloted aircraft with flutter modes intentionally designed into the flight envelope. The X-56A program must demonstrate flight control while suppressing all unstable modes. A previous X-56A model study demonstrated a distributed-sensing-based active shape and active flutter suppression controller. The controller relies on an estimator which is sensitive to bias. This estimator is improved herein, and a real-time robust estimator is derived and demonstrated on 1530 fiber optic sensors. It is shown in simulation that the estimator can simultaneously reject 230 worst-case fiber optic sensor failures automatically. These sensor failures include locations with high leverage (or importance). To reduce the impact of leverage outliers, concentration based on a Mahalanobis trim criterion is introduced. A redescending M-estimator with Tukey bisquare weights is used to improve location and dispersion estimates within each concentration step in the presence of asymmetry (or leverage). A dynamic simulation is used to compare the concentrated robust estimator to a state-of-the-art real-time robust multivariate estimator. The estimators support a previously-derived mu-optimal shape controller. It is found that during the failure scenario, the concentrated modal estimator keeps the system stable.