This text is from the 2024 Technical Replace
Autonomous flight termination methods (AFTS) are being progressively employed onboard launch automobiles to interchange floor personnel and infrastructure wanted to terminate flight or destruct the automobile ought to an anomaly happen. This automation makes use of on-board real-time knowledge and encoded logic to find out if the flight needs to be self-terminated. For uncrewed launch automobiles, FTS methods are required to guard the general public and ruled by the US House Drive (USSF). For crewed missions, NASA should increase vary AFTS necessities for crew security and certify every flight in response to human score requirements, thus including distinctive necessities for reuse of software program initially supposed for uncrewed missions. This bulletin summarizes new info regarding AFTS to lift consciousness of key distinctions, summarize concerns and description finest practices for incorporating AFTS into human-rated methods.
Key Distinctions – Crewed v. Uncrewed
There are inherent behavioral variations between uncrewed and crewed AFTS associated to design philosophy and fault tolerance. Uncrewed AFTS usually favor fault tolerance towards failure-to-destruct over failing silent
within the presence of faults. This tenet permeates the design, even downto the software program unit degree. Uncrewed AFTS change into zero-fault-to-destruct tolerant to many unrecoverable AFTS errors, whereas common single fault
tolerance towards automobile destruct is required for crewed missions. Moreover, distinctive must delay destruction for crew escape, present abort choices and particular guidelines, and assess human-in-the-loop perception, command, and/or override all through a launch sequence have to be thought of and introduces extra necessities and integration complexities.
AFTS Software program Structure Parts and Finest-Apply Use Tips
An in depth research of the only real AFTS presently accredited by USSF and utilized/deliberate for a number of launch automobiles was performed to know its traits, and any distinctive danger and mitigation methods for efficient human-rating reuse. Whereas alternate software program methods could also be designed sooner or later, this abstract focuses on an structure using the Core Autonomous Security Software program (CASS). Issues herein are supposed for extrapolation to future methods. Parts of the AFTS software program structure are proven, consisting of the CASS, “Wrapper”, and Mission Knowledge Load (MDL) together with key traits and use tips. A extra complete description of every and proposals for developmental use is present in Ref. 1.
Finest Practices Certifying AFTS Software program
Beneath are non-exhaustive tips to assist obtain a human-rating
certification for an AFTS.
References
- NASA/TP-20240009981: Finest Practices and Issues for Utilizing
Autonomous Flight Termination Software program In Crewed Launch Autos
https://ntrs.nasa.gov/citations/20240009981 - “Launch Security,” 14 C.F.R., § 417 (2024).
- NPR 8705.2C, Human-Score Necessities for House Techniques, Jul 2017,
nodis3.gsfc.nasa.gov/ - NASA Software program Engineering Necessities, NPR 7150.2D, Mar 2022,
nodis3.gsfc.nasa.gov/ - RCC 319-19 Flight Termination Techniques Commonality Commonplace, White
Sands, NM, June 2019. - “Issues for Software program Fault Prevention and Tolerance”, NESC
Technical Bulletin No. 23-06 https://ntrs.nasa.gov/citations/20230013383 - “Security Issues when Repurposing Commercially Out there Flight
Termination Techniques from Uncrewed to Crewed Launch Autos”, NESC
Technical Bulletin No. 23-02 https://ntrs.nasa.gov/citations/20230001890
………………………….
Sourcing information and pictures from nasa.gov/information
Subscribe for updates!