The Impact of Risk Management: An Analysis of the Apollo and cev guidance, Navigation and Control Systems



Download 163.24 Kb.
Page1/7
Date conversion29.07.2017
Size163.24 Kb.
  1   2   3   4   5   6   7
The Impact of Risk Management:

An Analysis of the Apollo and CEV Guidance, Navigation and Control Systems

Katherine H. Allen

Robbie C. Allen

Ilana Davidi

Elwin C. Ong


May 9th 2005

16.895J/STS.471J/ESD.30J - Engineering Apollo

Table of Contents


An Analysis of the Apollo and CEV Guidance, Navigation and Control Systems 1

Introduction 5

Apollo GNC System 6

Apollo GNC Computer Hardware 8



Lunar Module Landing System Architecture 8

PGNCS Architecture 9

Apollo Guidance Computer Hardware Architecture 10



Apollo Guidance Computer Processor 11

Apollo Guidance Computer Memory 13

Apollo Guidance Computer Software 16



AGC Software Architecture 16

Digital Autopilot 17

Software Development and Testing 19

Human Interface Design 21

DSKY Design 22

Manual Control Hardware and Software 23

Anthropometry, Displays, and Lighting 26

Manual Control vs. Autonomous Control vs. Automatic Control 28

System Level Risk Management Decisions 31



In-Flight Maintenance 31

Abort Guidance System 33

CEV 38

CEV Computing Hardware 38

CEV Mission Software 39

CEV Automation 39

CEV Risk Management Techniques 40

Culture of Safety 42



Conclusion 44

Appendix A - Word Length and Arithmetic Precision 45

Appendix B – DSKY Commands 45

Bibliography 49

An Analysis of the Apollo and CEV Guidance, Navigation and Control Systems 1

Introduction 5

Apollo GNC System 6

Apollo GNC Computer Hardware 8



Lunar Module Landing System Architecture 8

PGNCS Architecture 9

Apollo Guidance Computer Hardware Architecture 10



Apollo Guidance Computer Processor 11

Apollo Guidance Computer Memory 13

Apollo Guidance Computer Software 16



AGC Software Architecture 16

Digital Autopilot 17

Software Development and Testing 19

Human Interface Design 21

DSKY Design 22

Manual Control Hardware and Software 23

Anthropometry, Displays, and Lighting 26

Manual Control vs. Autonomous Control vs. Automatic Control 28

System Level Risk Management Decisions 31



In-Flight Maintenance 31

Abort Guidance System 33

CEV 38

CEV Computing Hardware 38

CEV Mission Software 39

CEV Automation 39

CEV Risk Management Techniques 40

Culture of Safety 42



Conclusion 44

Appendix A - Word Length and Arithmetic Precision 45

Appendix B – DSKY Commands 45

Bibliography 49



Introduction

When President Kennedy challenged the nation in 1961 to put a man on the moon by the end of the decade, it was directive that held unique political, social, and technical implications. The political and social atmosphere of the time, and in particular, the cold war and technological competition with the Soviet Union, provided a unique opportunity for engineers to live out their wildest dreams. With moral and financial backing from the entire country, the engineers of Apollo were given the chance to design a system that still held significant unknown challenges. These technical challenges were the most substantial risks in the program. It was a level of risk afforded to the Apollo program due to the unique political and social atmosphere of the era, a risk not afforded to any space program since.


The Apollo Guidance, Navigation and Control System (GNC) was one among the most significant challenges and risky for the program. The digital computer along with its complex software and novel human interfaces were on the leading edges of engineering discovery at the time, yet the system proved to be one of the most successful. This success is often attributed to the highly motivated individuals who designed the system and their characteristic attention to detail, but these reasons do not allay the fact that the Apollo GNC system had a higher level of risk associated with it when compared to today’s standards. The system contained many potential single point failures and relied heavily on unproven technologies and techniques from integrated circuits to high-level interpretive languages and one-of-a-kind human computer interfaces.
Perhaps, paradoxically, the Apollo guidance and navigation system was successful because it was risky. Because it was such a challenge, the engineers were forced to design the simplest system that could satisfy the requirements. The simplicity of the system allowed the engineers to fully understand the system and this understanding then provided the means for the engineers to discover as much of the unknown technical risks as possible. Perhaps even more important, the engineers knew that the system was risky, and this awareness provided the motivation to ensure that the system would work.
Space vehicle design has evolved tremendously since Apollo and while the systems today can carry out more complex requirements, these complexities have had severe consequences for the safety and reliability of today’s space systems. Looking forward to the next generation spacecraft referred to as Crew Exploratory Vehicle (CEV), the vehicle would surely be able to accomplish much more than Apollo using time-tested technologies, but it would also have a lot more complex requirements for fault tolerance, automation, and human-computer interactions. Further more, the environment in which CEV is being built is considerably different and more demanding. Today’s political and social atmosphere is drastically different than Apollo’s, and due to the recent Columbia disaster, NASA is being scrutinized even more closely than ever. For the sake of safety, CEV may end up being so redundant and fault tolerant that it will be too complex to manage effectively, and hence, there will be a failure because nobody will understand the system well enough to predict how it will work.
While the term risk management was not used during the Apollo program, the engineers were performing risk management during the design of the system. Understandably, the unique nature of the program meant that the risk management was very different and more liberal than today’s standards. This report will examine some of the most challenging and risk consequential decisions made during the design of the Apollo GNC System. Specifically, the report will focus on the Lunar Module (LM) Landing System and its associated GNC systems including particular aspects of the hardware, software, and human factors design. These systems will be described along with discussions of the risks involved with particular design decisions made. System level risk management decisions will also be examined, including the decisions for in-flight maintenance and backup for the primary system. Following this discussion, the risk management techniques of Apollo will be compared to today’s techniques. The discussion will be illustrated by an example on how the CEV landing system might be designed, using the technologies and techniques available today.

  1   2   3   4   5   6   7


The database is protected by copyright ©ininet.org 2016
send message

    Main page