REG NASA-LLIS-1743--2006 Lessons Learned Mitigating the Risk of Single String Spacecraft Architecture.pdf
《REG NASA-LLIS-1743--2006 Lessons Learned Mitigating the Risk of Single String Spacecraft Architecture.pdf》由会员分享,可在线阅读,更多相关《REG NASA-LLIS-1743--2006 Lessons Learned Mitigating the Risk of Single String Spacecraft Architecture.pdf(5页珍藏版)》请在麦多课文档分享上搜索。
1、Lessons Learned Entry: 1743Lesson Info:a71 Lesson Number: 1743a71 Lesson Date: 2006-04-7a71 Submitting Organization: JPLa71 Submitted by: David Oberhettingera71 POC Name: Jeffrey Nunesa71 POC Email: jeffery.nunesjpl.nasa.gova71 POC Phone: 818-354-8367Subject: Mitigating the Risk of Single String Spa
2、cecraft Architecture Abstract: Mars Exploration Rover met and exceeded mission requirements despite a largely single string spacecraft architecture. Balance the risk of a single string flight system with effective risk management, ample fault tolerance, flight system flexibility, access to experienc
3、ed designers, ample stress testing, use of proven designs, and a rigorous approach to fault protection.Description of Driving Event: The Mars Exploration Rover (MER) project was extremely successful despite the largely single string flight system, which included such single string elements as the fl
4、ight computer and the panoramic camera (Pancam). The lack of backups for many mission-critical system functions was largely due to spacecraft mass limitations. Constrained project resources were also responsible for other design tradeoffs (Reference 1) that increased the risk to mission success. The
5、 following 7 design features or program provisions (Reference 2) mitigated the risks posed by MERs design constraints: 1. Effective Risk Management. The MER risk management approach involved the identification of risks and failure modes at project inception and their continuous modeling throughout d
6、evelopment. For example: a72 MER probabilistic risk assessment (PRA) included development of high level fault trees for the entry, descent, and landing (EDL) event that were completed for the Project Mission, System Design, and Cost Review (PMSDCR). Subsequent Provided by IHSNot for ResaleNo reprodu
7、ction or networking permitted without license from IHS-,-,-preparation and refinement of event trees and lower level fault trees were performed, not to pass reviews, but rather to understand system vulnerabilities and threats to EDL success. Significant failure modes were checked against contingency
8、 plans and reported at mission readiness reviews. The Mars Polar Lander (MPL) 1999 mission failure encouraged MER project management to impose a healthy skepticism towards success. The project continuously demanded proof that the system would work, rather than assuming that risks were acceptable unl
9、ess shown to the contrary. 2. Ample Fault Tolerance. The MER design featured extensive fault tolerance to allow full or degraded operation in the presence of a fault. Examples of this approach include: a72 The MER design did not include a backup flight computer, but multiple EPROMs provided redundan
10、t copies of the boot code and of the flight software. a72 The MER flight system design was tolerant to nearly all transient errors (e.g., power-on-resets) during EDL or on the Martian surface. a72 The Heat Rejection System, which provided active cooling during the Cruise phase, featured a single coo
11、lant filter that could become clogged. However, a check valve permitted the coolant to bypass the filter if the coolant pressure reached a threshold value. a72 The Pancam cameras were effectively single string as both needed to be operational to permit stereoscopic imaging, and both the failure mode
12、s, effects and criticality analysis (FMECA) and the PRA identified failure of a camera as a major risk to rover mobility. JPL planned for a degraded operational mode that could acquire an image from a single working camera, shift the rover several centimeters, take a second picture with the camera,
13、and use ground software to combine the two images into a stereo image. a72 A software commanding error could power a warm-up heater during the Mars daytime when it was not normally powered, and cause overheating. Hence, thermostats were added for fault mitigation. 3. Flight System Flexibility. MER f
14、eatured a very flexible design that, though it resulted in a very complex vehicle, permitted flaws to be corrected after launch: a72 The MER PRA identified EDL as the most risky mission phase. Arguably, this held true for the Genesis and Stardust missions, which hard wired the EDL sequences such tha
15、t they could not be changed after launch. In contrast, MER retained an ability to update critical EDL parameters during the latter stages of encounter and EDL. (See Reference (3).) This included both a flight system capability to uplink software updates during entry, and the operational plan, proces
16、s, and tools for ground personnel to prepare the updates. a72 Rover egress from the lander required the removal of various launch locks by firing pyrotechnic cable cutters and pin pullers in a predetermined sequential order. The firing of the pyro to permit deployment of the rover robotic arm had be
17、en timed to mitigate the risk that the arm might encounter higher than expected dynamic forces during egress. After launch, extensive analysis of the sequence revealed a yet greater risk that another, earlier, pyro firing to cut the final rover-lander cable could enable a sneak circuit that could be
18、 triggered by any subsequent pyro events. (see Reference Provided by IHSNot for ResaleNo reproduction or networking permitted without license from IHS-,-,-(4). So a decision was made to reorder the deployment sequence to release the rover arm before the final rover-lander cable cut to prevent activa
- 1.请仔细阅读文档,确保文档完整性,对于不预览、不比对内容而直接下载带来的问题本站不予受理。
- 2.下载的文档,不会出现我们的网址水印。
- 3、该文档所得收入(下载+内容+预览)归上传者、原创作者;如果您是本文档原作者,请点此认领!既往收益都归您。
下载文档到电脑,查找使用更方便
10000 积分 0人已下载
下载 | 加入VIP,交流精品资源 |
- 配套讲稿:
如PPT文件的首页显示word图标,表示该PPT已包含配套word讲稿。双击word图标可打开word文档。
- 特殊限制:
部分文档作品中含有的国旗、国徽等图片,仅作为作品整体效果示例展示,禁止商用。设计者仅对作品中独创性部分享有著作权。
- 关 键 词:
- REGNASALLIS17432006LESSONSLEARNEDMITIGATINGTHERISKOFSINGLESTRINGSPACECRAFTARCHITECTUREPDF

链接地址:http://www.mydoc123.com/p-1019270.html