Transcript Survivable Computing Environment

Survivable Computing
Environment
to
Support Distributed Autonomic
Automation
Dr. Andrés Lebaudy, Mr. Brian Callahan,
CDR Joseph B. Famme USN (ret)
ASNE Controls Symposium
Biloxi, MS
December 10-11, 2007
1
Damage Control Requirements

Naval studies show that ships are seldom lost to
primary damage (direct blast effects) but the result of
secondary damage: the progressive spreading of fire
and flooding into surrounding areas

Key Challenge is to Increase Control System
Survivability & Decrease Casualty Response Time


Past experience has demonstrated that when engineering
casualties or damage occurs a human is too slow and
vulnerable, and requires enormous logistical and medical
support
Distributed, Survivable Autonomic Processing
Contributes to Reduced Response Time
2
2
Learning from Experience
3
3
ONR Multi-level Control Integration
Defining the Requirements for Survivable Computing
Mission Control Layer
Situational Awareness
Operator Interfaces
WAN
System Coordination Layer
Situational Awareness
Decision Aids ---- Systems Interactions
WAN
Autonomous System Layer
Survivability
Engineering
Propulsion
HM & DC
Electrical
Signatures
4
What is a Smart Valve?

Electric Actuator
Smart Valves sense or infer valve
and fluid parameters



Manual Operator


Embedded, programmable
microprocessor-based controller


Embedded Controller
(Networkable)



Upstream
Pressure Tap
Downstream
Pressure Tap

controls valve actuator
filters sensor data
estimates flow rate
perform valve actuator diagnostics
can be programmed to be “intelligent”
Communication interface



Courtesy of Tyco International Ltd.
valve (actuator) position
fluid flow rate
upstream and downstream fluid pressure
fluid temperature*
interface with device- or field-level
network
send/receive information to/from other
devices on the network
send/receive information and commands
to/from next highest control system tier
5
Smart Valve Applications
Method 1: Hydraulic Resistance

Requires only pre-hit communication

Each valve independently determines
whether it lies along the rupture path

A/C Plant
riser/return
CWS-V1
(closed)
CWS-V2
M
M
M
Valves initiate a closure sequence
after pre-configured time delay

CWS-V3
pipe rupture
CWR-V1
(closed)
Activates only when pressure and
rupture
path
M
flow conditions are abnormal
rupture
path
CWR-V2
CWR-V3
M
M
Method 2: Flow Inventory

Requires full or partial communication
supply to
dead-end vital
branch
between adjacent smart valves

Neighboring smart valves calculate flow
balance

CWS-V1
CWS-V2
Q1
Q3
M
Rupture detected when flow into the zone is
M
not equal to flow out of the zone

Valves operate to isolate zone

Allows for estimating rupture or leak size

Number of branches and uncertainties in
CWR-V1
CWR-V2
M
M
Q2
Q4
individual flow estimates determines “size”
of rupture that can be reliably detected
zone
boundary
6
DDG 1000 Fire Suppression
7
Live Fire Test of “SmartValve” Technology &
Autonomic Fire Suppression System
• AFSS EDM successfully responded to all of the livefire test scenarios (Shadwell 2002)
• Follow-up testing of an AFSS prototype was
demonstrated successfully during a Weapons Effects
Test (WET) on ex-USS Peterson (Peterson 2003).
8
PAC Component Modular Design
•Multi-domain
functionalityincluding logic,
motion, and process
control-on a single
very flexible and
highly configurable
platform.
Half-Size Cover
and Active Board
Cover Mounting
Screws
Full-Size Cover
and Active Board
Half-Size
Connection Board
End Cap
End Cap
O-Ring
Inter-Module
O-Ring
Full-Size
Connection Board
End Cap
O-Ring
Water-Tight
Cable Glands
Half-Size Module
Enclosure
End Cap
•Mil Qualified Shock,
Moisture …
Full-Size Module
Enclosure
Shock Mounting
Foot
9
Multi-level Mil-spec Control Modules
•Computational and storage resources that grow with
application demands
• Resistant to component failures by distributing the
processing load
10
Next Generation Control Software
• Survivable,
reconfigurable
third-generation
graphical design
tool
•Windows-based
software package
that relies on
intuitive drag-anddrop, undo-redo,
and cut-copy-paste
functionality
11
Next Generation Graphical Design Environment
• Comprehensive set
of field-proven
function blocks
•state-diagramming
features allow design
engineers to define
operational states
12
Field-proven function blocks
Examples:
1. Controller Blocks (e.g., PID controller, lead-lag controller)
2. Signal Conditioning Functions (e.g., characterizer, rate limiter, track
& hold)
3. Signal Comparator Blocks (e.g., high/low alarm, equality,
thresholding)
4. Mathematical Operators (e.g., addition, natural log, exponent, sine)
5. Logic Functions (e.g., NAND gate, XOR gate, RS flip flop)
6. General Purpose Operators (e.g., timer, ramp profile, multiplexer, A/B
switch)
7. Hardware Access (e.g., analog input, barograph display, pushbutton)
8. Networking Operators (e.g., broadcast, receiver, parameter
synchronization)
9. Diagnostic Operators (e.g., data recorder, hardware status monitor)
10.Text Manipulation (e.g. string constants, concatenation, left, right,
etc.)
13
Fleet Modernization INSTALLATION EXAMPLES

Naval Surface Warfare Center (NSWC) in Philadelphia to
accomplish Ship Alteration 480D for the following ships:
USS Boone, USS McInerny (FFG 8), USS Gary (FFG 51),
and USS Vandergrift (FFG 48).



To regulate the cooling of the four SSDGs, as well as the SSDG
waste heat temperature,
the fuel temperature in two sets of oil service and transfer heaters,
the hot water tank temperature, and the start-air-mixer air
temperature.
The PACs also control the main engine lube oil purifier, cooler, and
service pressure loops.
14
Weight and Cost Savings - Table
Design Element for
20,000 Point
Engineering Control
System
Conventional Data
Acquisition Unit Design
(DAU)
Survivable
Distributed Design:
Process Closest to
Machinery
Enclosure Size
including mounts
24”x24”x14”
24”x11”x6.5” small or
“mini” PACs
Points Density
160 max. Assume 100
36 max. Assume 25
Enclosure WT w/
mounts
140 lbs
16 lbs
No. I/O Drops
200
800
Volume per Drop
1,067 ft
Weight / Drop
18,000 lbs
12,800 lbs
Cable WT
53,800 lbs
17,000 lbs
Cost Est./Drop
$25,000
$4,500
Total Cost
$5.0 M
$3.6M
Est. Weight Savings
CVN-21
42,000 lbs
3
571 ft
> 18 tons, or
3
1.4 times the weight of
one F/A-18F
15
Distributed I/O Processing Saves Cable Cost
Chameleon PAC Can Interface
With Any Control System
Machinery Control System
HMI & Processors
•
•
TSCE Network
1451.4
1451.4
RTD
PWM
4-20mA
Secure Bluetooth
or 802.11 a/b/g
Pressure
1451.4
RPM
1451.5 /
ZigBee
Temperature
•
•
LonTalk
Vibration
Copper/Fiber 10/100MBps
Ethernet Ring with DDS
Communications
ProfiBUS
Ethernet/IP
0-5V
4-20mA
RTD
•
•
•
•
•
Enclosureless Mini-RTU/DAU
Highly distributed, located in close
proximity to machinery - Reduced
Cable Cost
Wired or secure wireless
communications
Topologies supported: Ring, Bus,
Star, Mesh
Interface to smart sensors 1451.4
and 1451.5
DDS Publish / Subscribe
Industrial Communications
Network Gateways
Legacy I/O
16
TSCE Network
Compare Conventional Wiring to Distributed Process Wiring
TSCE
Conventional
Compartment
I/O Drop
Distributed
Compartment
I/O Drop
Distributed
Compartment
I/O Drop
Distributed
Savings:
• Installation Costs
• Weight
Ethernet etc.
MIL-SPEC
RTUs
Machinery
Machinery
17
CONCLUSIONS





New Shp Classes will be able to employ Decentralized Ship
System Architectures with Distribute Control Systems in order
to Improve Rapid System Recovery / Ship Survivability and
Fight Through Capability
Survivability is Achieved through Computational and Process
Electronics Protection Provided by Hardware, Hardware
Architectures / Control Software that is Mil-Spec and Locally
Reconfigurable
Using Control Hardware that has been Tested to Highest Level
of Survivability to Reduce Vulnerability to Damage and Ensure
No Critical Single Points of Vital System Failure
This solution Supports Reduced Crew Size, Lowers the Weight
of Wire, and the Cost to Install Control Systems thus Improving
Ship Production.
Proposed solutions are Technical Readiness Levels 7, 8 & 9.
18