Research Papers: Gas Turbines: Controls, Diagnostics, and Instrumentation

Derivation of Diagnostic Requirements for a Distributed UAV Turbofan Engine Control System

[+] Author and Article Information
Olof Hannius

Performance and Control Systems, Volvo Aero Corporation, 461 81 Trollhättan, Swedenolof.hannius@volvo.com

Dan Ring

Performance and Control Systems, Volvo Aero Corporation, 461 81 Trollhättan, Swedendan.ring@volvo.com

Johan Karlsson

Department of Computer Science and Engineering, Chalmers University of Technology, 412 96 Göteborg, Swedenjohan@ce.chalmers.se

J. Eng. Gas Turbines Power 130(2), 021602 (Jan 22, 2008) (11 pages) doi:10.1115/1.2795776 History: Received July 14, 2006; Revised July 06, 2007; Published January 22, 2008

This paper presents a method for deriving requirements for the efficiency of diagnostic functions in distributed electronic turbofan engine control systems. Distributed engine control systems consist of sensor, actuator, and control unit nodes that exchange data over a communication network. The method is applicable to engine control systems that are partially redundant. Traditionally, turbofan engine control systems use dual channel solutions in which all units are duplicated. Our method is intended for analyzing the diagnostic requirements for systems in which a subset of the sensors and the actuators is nonredundant. Such systems rely on intelligent monitoring and analytical redundancy to detect and tolerate failures in the nonredundant units. These techniques cannot provide perfect diagnostic coverage and, hence, our method focuses on analyzing the impact of nonperfect diagnostic coverage on the reliability and safety of distributed engine control systems. The method is based on a probabilistic analysis that combines fault trees and Markov chains. The input parameters for these models include failure rates as well as several coverage factors that characterize the performance of the diagnostic functions. Since the use of intelligent monitoring can cause false alarms, i.e., an error is falsely indicated by a diagnostic function, the parameters also include a false alarm rate. The method was used to derive the diagnostic requirements for a hypothetical unmanned aerial vehicle engine control system. Given the requirement that an engine failure due to the control system is not allowed to occur more than ten times per million hours, the diagnostic functions in a node must achieve 99% error coverage for transient faults and 90–99% error coverage for permanent faults. The system-level diagnosis must achieve 90–95% detection coverage for node failures, which are not detected by the nodes themselves. These results are based on the assumption that transient faults are 100 times more frequent than permanent faults. It is important to have a method for deriving probabilistic requirements on diagnostic functions for engine control systems that rely on analytical redundancy as a means to reduce the hardware redundancy. The proposed method allows us to do this using an existing tool (FAULTTREE+ ) for safety and reliability analysis.

Copyright © 2008 by American Society of Mechanical Engineers
Your Session has timed out. Please sign back in to continue.



Grahic Jump Location
Figure 1

Proposed turbofan UAV engine

Grahic Jump Location
Figure 2

A traditional FADEC system

Grahic Jump Location
Figure 3

A distributed FADEC system

Grahic Jump Location
Figure 4

Hardware architecture

Grahic Jump Location
Figure 5

Iterative process of diagnostic requirement derivation

Grahic Jump Location
Figure 6

Markov chain model of a node

Grahic Jump Location
Figure 7

Top of fault tree

Grahic Jump Location
Figure 8

Failure of simplex nodes

Grahic Jump Location
Figure 9

Malicious failure of simplex nodes

Grahic Jump Location
Figure 10

Covered failure of duplex nodes

Grahic Jump Location
Figure 11

Mission abort top event




Some tools below are only available to our subscribers or users with an online account.

Related Content

Customize your page view by dragging and repositioning the boxes below.

Related Journal Articles
Related eBook Content
Topic Collections

Sorry! You do not have access to this content. For assistance or to subscribe, please contact us:

  • TELEPHONE: 1-800-843-2763 (Toll-free in the USA)
  • EMAIL: asmedigitalcollection@asme.org
Sign In