Electro-Mechanical Actuators for the More Electric Aircraft
Advances in Industrial Control
Mirko Mazzoleni · Gianpietro Di Rito · Fabio Previdi
1 Introduction . 1
1.1 Electrification of Onboard Power Systems: The “More Electric
Aircraft” Concept 1
1.1.1 Technological Issues 3
1.1.2 Environmental and Societal Issues 9
1.1.3 Market Issues . 11
1.2 Impacts of Research and Development of Electro-Mechanical
1.2.1 Electrically Powered Actuators . 15
188.8.131.52 Variable-Displacement Electro-Hydrostatic
184.108.40.206 Fixed-Displacement Electro-Hydrostatic
220.127.116.11 Electro-Backup-Hydrostatic Actuator 16
18.104.22.168 Electro-Mechanical Actuator 17
1.2.2 EMA Technology 18
22.214.171.124 Electric Motors . 18
126.96.36.199 Power and Control Electronics 20
188.8.131.52 Mechanical Transmission 23
184.108.40.206 Fail-Safe Devices 24
1.2.3 EMA Research 25
1.3 State of the Art of Aircraft EMA Technologies 27
1.3.1 Flight Controls 29
220.127.116.11 Simplex Fail-Safe EMA . 29
18.104.22.168 Redundant Fault-Tolerant EMA . 31
22.214.171.124 EMA Developments for the A320 Aileron 32
1.3.2 Landing Gears . 33
1.3.3 Nose-Wheel Steering 35
1.3.4 Brakes 36
xiii1.3.5 Thrust Vectoring Control . 37
1.3.6 Innovative Functions 38
126.96.36.199 Winglet Movables . 38
188.8.131.52 Wheel Control 39
1.4 Summary 41
References . 41
2 Reliability and Safety of Electro-Mechanical Actuators
for Aircraft Applications 45
2.1 Basic Reliability and Safety Concerns . 45
2.1.1 Fault Regimes of Airborne Components 46
2.1.2 Airworthiness Certification Requirements . 48
2.1.3 Hardware Redundancy . 51
2.1.4 Analytical Redundancy 53
2.2 Fault-Tolerant Electro-Mechanical Actuator Solutions 53
2.2.1 Fault-Tolerant Electronics . 54
2.2.2 Fault-Tolerant Motors . 55
2.2.3 Jamming-Tolerant Mechanical Transmissions 55
2.3 Approach to the System Safety Assessment . 56
2.3.1 Guidelines, Methods, and Procedures 56
2.3.2 Functional Hazard Assessment . 62
2.3.3 Fault-Tree Analysis . 62
2.3.4 Failure Mode, Effects, and Criticality Analysis . 65
2.3.5 Built-in Tests 68
2.3.6 Types and Terminology of EMA Faults 70
2.4 Preliminary System Safety Assessment of an Electro-Mechanical
Actuation System for Morphing Flaps . 72
2.4.1 System Description . 72
2.4.2 Operation Modes . 73
2.4.3 Definition and Allocation of the Functional
Requirements . 74
2.4.4 Functional Hazard Analysis . 74
184.108.40.206 Functional Hazard Analysis Table 74
220.127.116.11 Most Critical Failure Conditions . 76
2.4.5 Fault-Tree Analysis . 76
18.104.22.168 FTA of the Most Critical Failure Conditions 76
22.214.171.124 Failure Rate Requirements for Subsystems
and Components 78
2.5 Summary 78
References . 84
xiv Contents3 Fault Diagnosis and Condition Monitoring Approaches 87
3.1 Basic Concepts and Terminology 87
3.1.1 Fault, Failure, Malfunction, Disturbance, Model
Uncertainty . 87
3.1.2 Fault Diagnosis, Condition Monitoring, and Fault
3.1.3 Fault-Tolerant Systems . 94
3.2 Common Diagnostic Methodologies 95
3.2.1 Model-Based Approach 98
126.96.36.199 Deterministic Fault Diagnosis Methods 99
188.8.131.52 Stochastic Fault Diagnosis Methods 102
184.108.40.206 Data-Driven Design of Model-Based Fault
Diagnosis Methods . 103
220.127.116.11 Fault Diagnosis for Discrete Events and Hybrid
Systems . 103
18.104.22.168 Fault Diagnosis for Networked and Distributed
Systems . 104
3.2.2 Signal-Based Approach 105
22.214.171.124 Time-Domain Signal-Based Methods 105
126.96.36.199 Frequency-Domain Signal-Based Methods 106
188.8.131.52 Time-Frequency-Domain Signal-Based
3.2.3 Knowledge-Based Approach . 107
184.108.40.206 Qualitative Knowledge-Based Methods 108
220.127.116.11 Quantitative Knowledge-Based Methods . 108
3.2.4 Hybrid Approach . 109
3.2.5 Active Approach . 110
3.3 State-of-the-Art of Monitoring Approaches for Airborne
Electro-Mechanical Actuators and Systems 110
3.4 Summary 111
References . 112
4 Fault Diagnosis and Condition Monitoring of Aircraft
Electro-Mechanical Actuators 119
4.1 Considerations and Challenges 120
4.2 Relevant Recent Aerospace Projects 123
4.2.1 FP7 HOLMES Project . 123
18.104.22.168 Identification of the Most Critical Failures 124
22.214.171.124 Experimental Setup 124
4.2.2 H2020 REPRISE Project: Phase 1 128
126.96.36.199 Critical Failures Selection 129
188.8.131.52 Experimental Setup 132
Contents xv4.2.3 H2020 REPRISE Project: Phase 2 135
184.108.40.206 Electro-Mechanical Actuator Description . 137
220.127.116.11 Fault Diagnosis and Condition Monitoring
System . 138
18.104.22.168 Motion Monitor . 140
22.214.171.124 Currents Voting/Monitor . 141
4.2.4 Primary Flight Control Electro-Mechanical Actuator
for Medium Altitude Long Endurance Unmanned Aerial
126.96.36.199 Flight Control System Description 143
188.8.131.52 Electro-Mechanical Actuator Description . 145
184.108.40.206 Fault Diagnosis System . 146
4.3 Model-Based Approaches 146
4.3.1 Fault Diagnosis via Real-Time Executable Models 147
220.127.116.11 Fault Detection Logic . 147
18.104.22.168 Real-Time Modeling . 148
22.214.171.124 Definition of the PTMs’ Parameters 151
126.96.36.199 Testing Method and Failure Modes Definition . 152
188.8.131.52 Fault Diagnosis Performances . 153
4.3.2 Fault Prognosis via High-Fidelity Dynamic Models 154
184.108.40.206 High-Fidelity Model Features . 160
220.127.116.11 Model of the Three-Phase Brushless
AC Motor . 160
18.104.22.168 Reduced-Order Brushless AC Motor Models 165
22.214.171.124 Model of the Mechanical Transmission with
126.96.36.199 Fault Prognosis Algorithm . 167
4.3.3 Fault Diagnosis via High-Fidelity Dynamic Models 171
188.8.131.52 Jamming-Tolerant Transmission Kinematics . 172
184.108.40.206 Operation Modes and Fault-Tolerant Control 173
220.127.116.11 High-Fidelity Model Features . 174
18.104.22.168 Model of the Mechanical Transmission with
Dual Motors . 174
22.214.171.124 Jamming Monitoring Algorithms . 179
126.96.36.199 Failure Transients Characterization . 181
4.3.4 Final Considerations on Model-Based Approaches . 183
4.4 Signal-Based Approaches 188
4.4.1 Common Faults in Electro-Mechanical Actuators
Diagnosable by Signal-Based Approaches . 189
188.8.131.52 Bearing Faults 189
184.108.40.206 Screw and Nut Assembly 191
220.127.116.11 Stator or Armature Faults 192
18.104.22.168 Broken Rotor Bar Faults . 192
xvi Contents22.214.171.124 Eccentricity-Related Faults . 192
126.96.36.199 Electronics . 193
4.4.2 Example: Fault Detection and Isolation of Bearing
188.8.131.52 Symptoms of Localized Faults 193
184.108.40.206 A Bearing Diagnosis Flowchart . 195
4.4.3 Final Considerations on Signal-Based Approaches . 199
4.5 Knowledge-Based Approaches 200
4.5.1 Knowledge-Based Fault Detection and Isolation via
Machine Learning Techniques . 200
220.127.116.11 Supervised Machine Learning Fault Detection
Strategy . 201
18.104.22.168 Design and Evaluation of the Machine Learning
4.5.2 Knowledge-Based Condition Monitoring via Change
Detection Algorithms 203
22.214.171.124 Change Detection for Online Data 203
126.96.36.199 Feature Computation for EMA Condition
188.8.131.52 Batch Change Detection for EMA Condition
4.5.3 Knowledge-Based Condition Monitoring via Statistical
Process Monitoring Techniques 210
184.108.40.206 Motivation of the Approach 211
220.127.116.11 Introduction to Statistical Process Monitoring . 211
18.104.22.168 Condition Monitoring of EMAs Based on SPM
22.214.171.124 Results on the REPRISE Phase 1 EMA 215
126.96.36.199 Comparison with the Batch Change-Point
Detection Approach 218
4.5.4 Final Considerations on Knowledge-Based Approaches . 219
4.6 Summary 220
References . 220
5 Concluding Remarks 225
5.1 Fault Diagnosis for More Electric Actuation
Technologies . 225
5.2 Lessons Learned: Notes for Practitioners . 227
5.2.1 Problem Definition 227
5.2.2 Practical Considerations 229
5.3 Other Possible Fault Diagnosis Activities for Airborne EMAs 232
5.4 Future Perspectives . 233
References . 233
The terminology used in the diagnosis and fault-tolerant control literature has only
during the recent years approached a coherency in the published material. In this
book, we adhere to the terminology used in the current publications in the control
systems community, see Chap. 3.
Active fault-tolerant system A fault-tolerant control system where faults are
explicitly detected and accommodated. Opposite to a passive fault-tolerant system.
Analytical redundancy Use of two or more, but not necessarily identical ways
to determine a variable, where one way uses a mathematical process model in
Availability Likelihood that a system or an equipment will operate satisfactorily
and effectively at any given point in time. A = MTTF + MTTR MTTF , MTTR = Mean Time
To Repair = 1/μ, μ is the rate of repair.
Burn-in faults Faults related to design errors or materials’ imperfections. They
occur in the initial phases of components’ life.
Common Cause Analysis Analysis performed throughout the safety processes
to identify potential common-mode faults or single-point-of-failures, via Zonal
Safety Analysis, Particular Risk Analysis and Common Mode Analysis.
Condition monitoring A continuous task of determining the conditions of a physical system, by recording information, recognizing and indicate anomalies in the
system behavior. The output of a condition monitoring algorithm are continuous
indicators of the degree of the system health state, contrary to fault detection that
produces a dichotomous output.
Data voting The process of obtaining a unique consolidated value of a data from
multiple measurements or estimations of it.
Dependability Combination of reliability, availability and safety. It may also
include recoverability, maintainability, maintenance support performance, durability and security. A dependable system is a fail-safe system with high availability
Digital twin A mathematical model of the system considered for fault diagnosis
and monitoring. It may encompass also entire production lines, which behavior
can be simulated for optimization purposes.
Disconnection fault The actuator connection with the load is not obtained as
designed. Also known as free-play or free-floating.
Discrepancy An abnormal behavior of a physical value or inconsistency between
more physical values and the relationship between them.
Durability In database systems, durability is the property which guarantees that
transactions that have committed will survive permanently, even if the system
Error Deviation between a measured or computed value (of an output variable)
and the true, specified or theoretically correct value.
Fail-safe A system having the capability to respond to a failure by reverting to a
safe passivation/shutdown with no, or minimal, harm to other equipments, environment or persons.
Fail-operational The ability to sustain any single point failure.
Failure Permanent interruption of a system/component ability to perform arequired
function under specified operating conditions.
Failure effect The consequence of a failure mode on the operation, function, or
status of an item.
Failure mode Particular way in which a failure can occur.
Failure Mode and Effect Analysis A table where the failure modes of each system part are classified and qualitatively analyzed in terms of effects to higher-level
an lower-level parts.
Failure Mode, Effects, and Criticality Analysis A table where thefailuremodes
of each system part are both qualitatively analyzed in terms of effects to higherlevel an lower-level parts and quantitatively evaluated in terms of probability of
Failure Mode and Effect Summary A table where the major FMECA results
are reported, by highlighting the most relevant outcomes to be addressed for
airworthiness certification requirements.
Failure probability Probability that, at time t, the fault is occurred.
Fault Unpermitted deviation of at least one characteristic property or parameter of
a system from its acceptable/usual/standard condition. A fault is the occurrence
of a failure mode. Failures and malfunctions originate from a fault.
Fault accommodation The action of changing the control law in response to
faults, without switching off any system component. In fault accommodation,
faulty components are still kept in operation thanks to an adapted control law.
Fault compensation The process of actively intervening to modify the system
configuration after a fault, aiming to recover some level of system performance.
Contrary to Fault accomodation, where no component is turned off, here the
control law is changed and also the faulty component is deactivated.
Fault detection Determination if there are faults present in a system and time of
Fault detector An algorithm that performs fault detection and isolation.Glossary 237
Fault diagnosis Determination of kind, size, location, time of occurrence of a fault
and the fault signal. Fault diagnosis includes fault detection, isolation, estimation,
Fault estimation Reconstruct the time-varying behavior of the fault signal. Follows fault isolation.
Fault identification Determination of the size and time-varying behavior of a
fault. Follows fault isolation.
Fault isolation Determination of the location of a fault, i.e., of the component that
is faulty. Follows fault detection.
Fault prognosis Determination of the system future health state, given the current
estimate. It usually build upon condition monitoring. Thus, its nature is iterative,
and the prediction gets updated each time stamp as new data are available.
Fault recovery The result of a successful fault accommodation or system reconfiguration.
Fault-Tree Analysis Logical flowchart, which defines the dependence between
the faults to system parts and a specific failure case.
Fault-tolerant system A system where a fault is recovered with or without performance degradation, but a single fault does not develop into a failure on subsystem
or system level.
Feature Characteristic, attribute of a system that is influenced proportionally by
the size (entity) of a fault. It is a manifestation of the presence of a fault. It can be
measured and compared to its values in normal operation.
Free-play fault see Disconnection fault.
Free-floating fault see Disconnection fault.
Functional Hazard Assessment Qualitative analysis aiming to define the potential hazards related to the loss of functional requirements in specific mission
Hard-over fault see Runaway fault.
Hardware redundancy Use of more than one independent physical instrument
to accomplish a given function.
Hazard rate The increment of fault probability referred to the components survived at time t.
Incipient fault A fault where the effect develops slowly, e.g., clogging of a valve.
In opposite to an abrupt fault.
Jamming fault The actuator is stuck in a position and can no longer move.
Lock-in-place fault see Jamming fault.
Loss of effectiveness fault The actuator does not track well the control demand
with adequate performances.
Maintainability The ease with which a product or system can be maintained.
Maintenance support performance The ease with which a product or system
can be maintained.
Malfunction A malfunction is an intermittent irregularity in the fulfillment of a
system desired function. The only difference with a failure is that, in the malfunction case, the interruption of the system function is only temporary. The (stable)
degradation of the system performance can be considered as a malfunction.238 Glossary
Monitor Algorithm that performs diagnosis or monitoring actions.
Monitoring see Condition monitoring.
More Electric Aircraft The gradual replacement of on-board systems based on
mechanical or pneumatic power sources with electrically-powered systems.
More Electric Propulsion The gradual replacement of propulsion systems with
Oscillatory Failure Case fault The actuator output deviates from control demand
by exhibiting abnormal oscillations.
Perturbation An input acting on a system which results in a temporary departure
from stady state.
Preliminary System Safety Assessment Analysis that supports the system architecture design, in which diverse systems’ architectures, where diverse systems’
architectures are compared in terms of RAMS features.
Quantitative model A systemmodel describing the behaviorwithrelations among
system variables and parameters in analytical terms such as differential or difference equations.
Random faults Faults related to non-deterministic factors (e.g., overloads). They
occur throughout the components’ life.
Real-time model-based monitoring Use of models executable in real-time by the
EMA ECU, in order to permit the model outputs to be synchronized and available
together with the ones derived from hardware components.
Reconfigurability The possibility to recover a fault by using the reconfiguration
strategy: switching off the faulty components, and changing the control law so as
to achieve the specified objective by using only the healthy components.
Recoverability The property of system to being able to recover or being recovered.
Reliability Probability of a system to perform a required function under stated
conditions, within a given scope and during a given period of time. Measure:
MTTF = Mean Time To Failure. MTTF = 1/λ; λ is the constant rate of failure
[e.g., failures per hours].
Reliability Block Diagram A logical diagram which defines the dependence
between the reliability of system parts and the reliability of a specific system
Remedial action A correcting action (reconfiguration or a change in the operation
of a system) that prevents a certain fault to propagate into undesired end-effects.
Residual Signal that carries fault information, based on deviation between measurements and model-based computations.
Residual generator Typical of model-based fault diagnosis, it is the component
(often a dynamic system) which produces residuals based on measured values of
the inputs and outputs of the system.
Runaway fault The actuatormoveswithout control demand towards its endstroke.
Also known as hard-over fault.
Safety Ability of a system not to cause danger to persons or equipment or the
Securability The characteristic or degree of being securable, especially the ability
of a system to provide different levels of secure access.Glossary 239
Severity A measure on the seriousness of fault effects using verbal characterization. Severity considers the worst-case damage to equipment, damage to environment, or degradation of a system’s operation.
System Safety Assessment Analysis that supports the system design and implementation, in which the developed hardware and software are analyzed/verified
via FTA and FMECA.
Supervision Monitoring of a physical system and taking appropriate actions to
maintain the operation in the case of faults.
Survivability probability The probability that, at time t, the fault is not occurred.
Supervisor Algorithm that performs supervision.
Symptom A change of an observable quantity from normal behavior. Signal-based
diangostic approaches look for specific fault symptoms in predetermined signals.
Stall fault The actuator dynamics is characterized by cyclic to intermittent saturation phenomena.
Threshold Limit value of a residual deviation from zero, so if exceeded, a fault is
declared as detected.
Wear-out faults Faults related to materials’ aging. They occur in the final phases
of components’ life.
كلمة سر فك الضغط : books-world.net
The Unzip Password : books-world.net
Electro-Mechanical Actuators for the More Electric Aircraft