ATST Safety Review High-Level Software Overview

This document provides an overview of the high-level software components involved in the ATST Safety Review conducted on 26th January 2011. It includes details on the Telescope Software Control Systems, Observatory Software Control Systems, and Instrument Software Control Systems, along with responsibilities assigned to engineers, contractors, and partners. The work packages cover areas such as telescope, instruments, software, and enclosure, outlining the different control systems and their operations. Specific focus is given to the Telescope Software managed by Goodrich, detailing operations of various systems like Mount Control, M1 Assembly, Top-end Optical Assembly, Feed Optics, Wavefront Correction, and more.

• ATST
• Safety Review
• Software
• Control Systems
• Overview

keelan Follow

Uploaded on Aug 30, 2024 | 13 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

Presentation Transcript

1. ATST Safety Review High-Level Software 26 January 2011

2. Work Package Overview Telescope Software Control Systems (MCS, M1CS, TEOACS, FOCS, ACS, WCCS, PACCS, ECS) Observatory Software Control Systems (OCS, DHS, TCS, ICS) Instrument Software Control Systems

3. Work Package Overview WBS Area(s): 1.0 Telescope, 2.0 WFC, 3.0 Instruments, 4.0 Software, 5.0 Enclosure Responsible Engineer: Berst (3.6), Cowan (4.3), Goodrich (1.0, 4.4), Hubbard (4.1), Johanssen (3.1 - 3.5), Wampler (4.2) Group Manager: Bret Goodrich Contractor(s): TCS (4.4), Observatory Control Ltd, Cambridge, UK; MCS (1.1), IMT/MT Mechatronics, Rockford, IL/Mainz, Germany; ECS (5.6); AEC/Idom, Minneapolis, MN/Bilbao, Spain; M1CS (1.2), TEOACS (1.3): TBD Partners(s): VBI (3.2), WCCS (2.3), PACCS (3.1.1), ATST, Sunspot; ViSP (3.3), High Altitude Observatory, Boulder; NIRSP (3.4), Institute for Astronomy, Manoa; VTF (3.5), Kiepenheuer-Institut f r Sonnenphysik, Freiburg, Germany

4. Work Package Overview Telescope Software (Goodrich) 1.1: TMA, Mount Control System operation of the altitude, azimuth, rotator mechanical systems slew and track across the entire ranges of motion 1.2: M1 Assembly, M1 Control System operation of the 120 axial and 24 lateral mirror actuators support and figure control of the M1 mirror 1.3: Top-end Optical Assembly, TEOA Control System operation of the hexapod, fast tip-tilt position and correction of the M2 mirror

5. Work Package Overview Telescope Software (Goodrich) 1.5: Feed Optics, Feed Optics Control System operation of the M3 and M6 tip-tilt 1.8: Acquisition Control System operation of the acquisition camera 2.3: Wavefront Correction Control System (Sunspot) operation of the high-order and low-order wavefront correction 3.1.1: Polarization Analysis and Calibration (Sunspot) operation of the calibration optics at the Gregorian Optical Station 5.6: Enclosure, Enclosure Control System operation of the carousel, shutter, entrance aperture slew and track across entire range of motion

6. Work Package Overview Instrument Software 3.1.4: Instrument Control System (Johanssen) operation and coordination of the instruments 3.6.2: Camera Software System (Berst) operation of instrument cameras 3.2: Visible Broadband Imager 3.3: Visible Infrared Spectropolarimeter 3.4: Near-Infrared Spectropolarimeter 3.5: Visible Tunable Filter each operates the mechanisms of the instrument

7. Work Package Overview Observatory Software 4.1: Common Services Framework (Hubbard) infrastructure for all software systems 4.2: Observatory Control System (Wampler) execution of observing programs 4.3: Data Handling System (Cowan) data transfer, processing, storage, and archiving 4.4: Telescope Control System (OSL) coordination of telescope systems

8. Schedule Overview Telescope Control System: FDR Feb 2011; Beta Release Feb 2012; Delivered Feb 2013 Observatory Control System: Beta Release June 2012; Delivered June 2014 Data Handling System: Beta Release July 2012; Delivered Dec 2015 Instrument Control System: Beta Release August 2012; Delivered Nov 2015 Camera Software System: FDR Jun 2011; Beta Release 2014; Delivered Dec 2015

9. Reference Design Preliminary Hazard Analysis Software is not a safety system All safety mechanisms (GIS) are wired in parallel with the control systems Software may detect, report, and correct errors These errors may or may not affect safety Safety mechanisms must detect the safety-related errors Software has an independent interlock network That takes GIS interlocks and broadcasts them to the relevant software systems

10. Reference Design Preliminary Hazard Analysis Personnel Safety Hazards (unanticipated motion): Movement on boot-up or start-up Control system energizes motors and begins indexing operation Prevention: Manual lock-out mechanism All software systems use a lifecycle mechanism. Init state does not allow connection of software to hardware Requirement to have a default, unpowered state and use it The default state of any equipment shall be an inert, non-moving, non-powered condition. Equipment shall take this state on an interlock condition, initialization, shutdown, or when commanded through the software interface. Tested on acceptance ATST standard motion controller enforces behavior Three-step process: power-up, index, move

11. Motion Control States Operational startup shutdown manual Off Manual Halted Jogging manual park jog manual manual idle idle park idle park home [done] follow Lost Homing do/find index Idling Following [fail] home idle move or offset idle or [done] Moving do/motion

12. Reference Design Preliminary Hazard Analysis Personnel Safety Hazards (unanticipated motion): Movement after interlock release Control system was moving when interlock occurred Control system now receives interlock release and resumes moving Prevention: Manual lockout mechanism Interlocks force software systems to cancel all actions Interlocks force software systems into default, unpowered state Resumption now follows boot-up/start-up process

13. Software Interlocks Operator can monitor the current GIS status GIS sends regular status information Operator Display status GIS OCS register A controller registers for a specific interlock event An interlock will cause an interlock event to be sent interlock event The registered interlock event name The registered interlock signal Controller event=atst.gis attr=tma Controller event=atst.gis attr=ecs Controller event=atst.gis attr=m1 Controller raiseInterlock() reject commands cancel actions doRaiseInterlock() local operations lowerInterlock() accept commands doLowerInterlock() local operations interlock:event(string) interlock:attribute(string[])

14. Software Interlocks Interlock of top-level software system on hand paddle enable GIS OCS GIS OCS Cancel all actions Cancel all actions ecs mcs ecs.alt ecs.az mcs.alt mcs.az Enc hand paddle Mnt hand paddle EMCS Mnt Az Mnt Alt az alt alt az Enclosure Mount

15. Software Interlocks Interlock of low-level software system on hardware fault GIS OCS GIS OCS Cancel all actions Power off motors Cancel all actions Power off motors ecs mcs ecs.alt ecs.az mcs.alt mcs.az EMCS Mnt Az Mnt Alt az fault az fault az alt alt az Enclosure Mount