Triple-Triple Redundant Reliable Onboard Computer Based on Multicore Microcontrollers

Document Type : Original Research Article

Author

Aerospace Research Institute, Tehran, IRAN

Abstract

The flight control system must meet extremely high levels of functional integrity and availability. The control algorithm is processed by onboard computer (OBC). To meet the reliability requirements for onboard computers, various type of redundancy must be employed. In this paper, we concerned with the triple modular redundancy (TMR) for an onboard computer with aerospace application. In the proposed architecture, control inputs and system states are measured using designated sensors. According to the acquired data, mission scenario and control algorithm are processed by the processing unit. Thereafter, the results are applied to the system by actuators.TMR technology in component level is used to improve the reliability of OBC according to the system requirements. All of the constituent modules of OBC, comprising processing unit, bus interface, sensor, actuators, and IO devices, benefits from triple redundancy. The case study shows that the similar architecture is used for high reliable flight computer of passenger airplanes except that our architecture is based on the available multicore microcontrollers. The reliability of the designed onboard computer is evaluated analytically, which indicates that the proposed OBC can meet the reliability requirements.

Keywords


[1] D. Siewiorek and R. Swarz, Reliable Computer Systems: Design and Evaluatuion, Digital Press, 2017.
[2] M. Rausand and H. Arnljot, System reliability theory: models, statistical methods, and applications, vol. 396, John Wiley & Sons, 2004.
[3] C. Zheng, P. Shukla, S. Wang and J. Hu, "Exploring hardware transaction processing for reliable computing in chip-multiprocessors against soft errors," in IEEE International Symposium on Defect and Fault Tolerance in VLSI and Nanotechnology Systems (DFT), Austin, TX, USA, 2012.
[4] G. Kahe, "Reliable flight computer for sounding rocket with dual redundancy: design and implementation based on COTS parts," International Journal of System Assurance Engineering and Management, vol. 8, no. 3, pp. 560-571, 2017.
[5] V. Technologies, "Radiation Hardened ARM® Cortex-M0 Microcontroller," VOGARO Tech., 2017.
[6] X. Iturbe, B. Venu, E. Ozer and S. Das, "A Triple Core Lock-Step (TCLS) ARM® Cortex®-R5 Processor for Safety-Critical and Ultra-Reliable Applications," in 46th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshop (DSN-W), Toulouse, France, 2016.
[7] K. LaBel, M. Gates, A. Moran, P. Marshall, J. Barth, E. Stassinopoulos, C. Seidleck and C. Dale, "Commercial microelectronics technologies for applications in the satellite radiation environment," in IEEE Aerospace Applications Conference, Aspen, CO, USA, 1998.
[8] J.-L. Poupat, B. Leroy and T. Helfers, "TCLS ARM for Space," in DASIA (DAta Systems in Aerospace), Estonia, 2016.
[9] D.-W. Lee, B.-Y. Kim, W.-J. Ko and J.-W. Na, "A Study on the Triple Module Redundancy ARM processor for the Avionic Embedded System," The Journal of Advanced Navigation Technology, vol. 14, no. 1, pp. 87-92, 2010.
[10] J. A. Wang and Z. S. Li, "Development of flight control system Using embedded computer PC-104," in 26th International Congress of the Aeronautical Sciences, 2008.
[11] M. M. Daffalla, A. TagElsir and A. S. Kajo, "Hardware selection for attitude determination and control subsystem of 1U cube satellite," in International Conference on Computing, Control, Networking, Electronics and Embedded Systems Engineering (ICCNEEE) , Khartoum, Sudan, 2015.
[12] E. Razzaghi, "Design and qualification of on-board computer for Aalto-1 CubeSat," MASTER'S THESIS, Luleå University of Technology, 2012.
[13] D. Sinclair and J. Dyer, "Radiation effects and COTS parts in SmallSats," in 27th Annual AIAA/USU Conference on Small Satellites, 2013.
[14] G. Dirks, "Producing a Low Cost, Space Qualified Computer by Ruggedizing Commercial Computer Cards," Southwest Research Institute, Texas, 1992.
[15] X. P. Guide, "MicroBlaze Triple Modular Redundancy (TMR) Subsystem," Xilin Corp., 2017.
[16] B. J. LaMeres, S. Harkness, M. Handley, P. Moholt, C. Julien, T. Kaiser, D. Klumpar, K. Mashburn, L. Springer and G. A. Crum, "RadSat - Radiation Tolerant SmallSat Computer System," in Small Satellite Conference, 2015.
[17] D. Ratter, "FPGAs on Mars, Xilinx xCell Journal," Xilinx xCell Journal, vol. 50, pp. 8-11, 2004.
[18] Á. B. d. Oliveira, G. S. Rodrigues and F. L. Kastensmidt, "Analyzing lockstep dual-core ARM cortex-A9 soft error mitigation in freeRTOS applications," in 30th Symposium on Integrated Circuits and Systems Design: Chip on the Sands (SBCCI '17), NY, USA, 2017.
[19] D. Oliveira, Á. Barros, L. A. Tambara and F. L. Kastensmidt, "Exploring performance overhead versus soft error detection in lockstep dual-core arm Cortex-A9 processor embedded into Xilinx Zynq APSOC," in International Symposium on Applied Reconfigurable Computing, Springer, Cham, 2017.
[20] G. Kahe and M. A. Rostami, "Design and Implementation of a Reliable Flight Computer for Sounding Rocket with Dual Redundancy Based on COTS Parts," in The 4th International Reliability Engineering Conference (IREC), Tabriz, IRAN, 2016.
[21] Y. Yeh, "Design considerations in Boeing 777 fly-by-wire computers," in Third IEEE International High-Assurance Systems Engineering Symposium (Cat. No.98EX231), Washington, DC, USA, 1998.
[22] J. Wensley, L. Lamport, J. Goldberg, M. Green, K. Levitt, P. Melliar-Smith, R. Shostak and C. Weinstock, "SIFT: Design and analysis of a fault-tolerant computer for aircraft control," Proceedings of the IEEE, vol. 66, no. 10, pp. 1240-1255, Oct 1978.
[23] A. Hopkins, T. Smith and J. Lala, "FTMP—A highly reliable fault-tolerant multiprocess for aircraft," Proceedings of the IEEE, vol. 66, no. 10, pp. 1221-1239, 1978.
[24] Y. Yeh, "Triple-triple redundant 777 primary flight computer," in IEEE Aerospace Applications Conference, Aspen, CO, USA, 1998.
[25] J.D.Aplin, "Primary flight computers for the Boeing 777," Microprocessors and Microsystems, vol. 20, no. 8, pp. 473-478, 1997.
[26] A. Avizienis, M. Lyu and W. Schutz, "In search of effective diversity: a six-language study of fault-tolerant flight control software," in The Eighteenth International Symposium on Fault-Tolerant Computing, Tokyo, Japan, 1988.
[27] J. SHAW, H. HERZOG and K. Okubo, "Digital autonomous terminal access communication (DATAC)," in 7th Digital Avionics Systems Conference, Fort Worth, TX, 1986.
[28] R. E. Lyons and W. Vanderkulk, "The use of triple-modular redundancy to improve computer reliability," IBM Journal of Research and Development, vol. 6, no. 2, pp. 200-209, 1962.
[29] X. Iturbe, B. Venu, E. Ozer and S. Das, "A Triple Core Lock-Step (TCLS) ARM® Cortex®-R5 Processor for Safety-Critical and Ultra-Reliable Applications," in 46th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshop (DSN-W) , Toulouse, France, 2016.