|
|
|
|
James E. Tomayko |
Preface One hundred years after the Wright brothers, first powered flight, airplane designers are unshackled from the constraints that they lived with for the first seven decades of flight because of the emergence of digital fly-by-wire (DFBW) technology. New designers seek incredible maneuverability, survivability, efficiency, or special performance through configurations which rely on a DFBW system for stability and controllability. DFBW systems have contributed to major advances in human space flight, advanced fighters and bombers, and safe, modern civil transportation. The story of digital fly-by-wire is a story of people, of successes, and of overcoming enormous obstacles and problems. The fundamental concept is relatively simple, but the realization of the concept in hardware and software safe enough for human use confronted the NASA-industry team with enormous challenges. But the team was victorious, and Dr. Tomayko tells the story extremely well. The F-8 DFBW program, and the technology it spawned, was an outgrowth of the Apollo program and of the genius of the Charles Stark Draper Laboratory staff. The DFBW program was the high point of my own career, and it was one of the most difficult undertakings of the NASA Dryden Flight Research Center. It was not easy to do the first time in the F-8 and it will not be easy to do in the next new airplane. I hope the history of this program is helpful to the designers of the DFBW systems that will enable new and wonderful aerospace vehicles of the future. Kenneth J. Szalai, F-8 DFBW Principal Investigator Former Director, NASA Dryden Flight Research Center, 5 October 1999 |
| VHDL
Modelling Guidelines
european space research and technology centre
ASIC/001, Issue 1 |
Abstract This document defines requirements on VHDL models and testbenches, and is intended to be used as an applicable document for ESA developments involving VHDL modelling. It is mainly focused on digital models; specific requirements for analog modelling have not been covered. The requirements concern simulation and documentation aspects of VHDL models delivered to ESA; specific rules and guidelines for logic synthesis from VHDL have not been included. Nevertheless, the requirements of this document are compatible with the use of logic synthesis. The requirements are not applicable for the case when a design database is transferred in VHDL format. The purpose of these requirements is to ensure a high quality of the developed VHDL models, so they can be efficiently used and maintained with a low effort throughout the full life-cycle of the modelled hardware. The requirements are based on the VHDL-93 standard, to minimise future maintenance efforts for updating models. However, in an initial stage the models shall be backward compatible with VHDL-87 as far as possible, since some tools will not be updated immediately. The requirements have been structured in a general part applicable to all VHDL models, and additional requirements applicable to different kinds of models. In addition, VHDL code examples and a list of common problems encountered have been included in order to provide some guidance to the VHDL developer. If not stated which kind of model is to be developed, the default kind is a model for Component simulation. (Added March 20, 2001) |
MIL-STD 490-A SPECIFICATION PRACTICES MIL-STD-490A |
This Military Standard sets forth practices for the preparation,
interpretation, change, and revision of program-peculiar specifications prepared by or for
the Departments and Agencies of the Department of Defense. This Military Standard was prepared to establish uniform specification practices in response to the need for a document comparable to DOD-STD-100 covering engineering drawing practices and in recognition of the configuration identification concepts of the DOD Configuration Management Program established by DOD Directive 5010.19 and DOD Instruction 5010.21. This Military Standard is arranged in six sections and 15 appendixes. Section 1 states the scope of the standard. Section 2 lists the referenced documents. Section 3 states broad requirements, concepts, and practices applicable to specifications in general. Section 4 states general requirements for each of the six sections of a specification. The second digit of the paragraph numbering of Section 4 corresponds with the numbering of the six specification sections. Section 5 invokes the detailed requirements of the appendixes which are outlines for various types of specifications. Section 6 contains a list of Data Item Descriptions (DIDs) applicable to this standard. (Added March 21, 2001) |
| Reliability Papers: Software | Software papers that are reliability-oriented. Topics include n-version programming, diverse design, etc. |
ESA Software Initiative May 7, 2003 |
Why the ESA Software Initiative
|
Raymond T. LeBon and Thomas L. Fagan Paper 69-962 |
Abstract The use of computer software in spacecraft technology is increasing. A major difficulty plaguing other technologies is to keep abreast of this software growth. This is especially critical for system safety when involved in manned aerospace efforts. The concepts of system safety must now be employed in the major areas of aerospace software development. These areas include ground checkout software, command and control software, and on-board programs. Each has its own specific safety problems which must be recognized, interpreted and solved. The complexities associated with each area must be understood fully before the Safety Engineer is in a position to make recommendations. Software design reviews and configuration control are also explored in the light of their applicability to astronaut safety and mission success. |
Ted Keller1, Norman F. Schneidewind2, and Patti A. Thornton1 Paper AIAA-95-0951-CP |
Abstract We show how software reliability predictions can increase confidence in the reliability of the NASA Space Shuttle Primary Avionics Software. These predictions, along with other methods of reliability assurance, such as inspections and fault tracking, provide a quantitative basis for achieving reliability objectives. Without a quantitative reliability assessment, software managers have no objective basis for deciding whether the software has been tested sufficiently to be ready for a flight or whether a serious failure during flight is likely. Our prediction methodology provides bounds on test time, remaining failures, program quality, and time to next failure that are necessary to meet Shuttle software reliability requirements. We also show that there is a pronounced asymptotic characteristic to the test time and program quality curves that indicate the possibility of big gains in reliability as testing continues; eventually the gains become marginal as testing continues. We conclude that the prediction methodology is feasible for the Shuttle and other safety critical applications. |
Home - NASA
Office of Logic Design
Last Revised: February 03, 2010
Digital Engineering Institute
Web Grunt: Richard
Katz
