Manually Trigger Faults in an Aircraft Elevator Control System
Learn how to use Simulink Fault Analyzer™ to manually trigger faults in a simulated model of an aircraft elevator control system.
The tutorial begins with a discussion of why engineers would want to manually trigger faults in a simulation. The introduction sets the stage for this feature’s importance in the engineering design lifecycle.
Then proceed to the practical application of these concepts through an example model of an aircraft elevator control system. This section includes a step-by-step setup of the model in Simulink®, detailing the function of each component and its relevance to the overall system. The choice of an aircraft elevator control system as an example serves to illustrate the application of fault analysis in a real-world context, given its critical role in aircraft operation.
The main section of the tutorial is dedicated to demonstrating how to configure faults to be manually triggered in the simulation of the control system. Two fault configuration scenarios are covered: one in which a new fault is created from scratch, and another in which a previously configured fault is repurposed to be manually triggered. After the faults are configured, you’ll learn how to analyze the results of a simulation in which those faults are used.
This tutorial is intended for an audience that includes engineering professionals seeking to deepen their knowledge of fault analysis, as well as students in system design and engineering disciplines. It aims to educate the viewers on how to properly use Simulink Fault Analyzer in their design process, taking advantage of the features available for rapid exploration of design choices and their implications.
Published: 19 Jun 2024
Hi, everyone. This is Arthur from MathWorks. In this video, I will show you how to use Simulink File Analyzer to manually trigger faults in a simulation of an aircraft elevator control system while it's running to test how the system responds to failures. Throughout this video, I'll be making modifications to one of our built-in examples, titled Verify Fault Detection Logic in an Aircraft Elevator Control System. The example is linked below so you can open it and follow along if you'd like.
Before we get started, let's first discuss why we would want to manually trigger faults in a simulation. Suppose we are designing the elevator control system for a new aircraft. As we design the fault handling subsystem, we want to quickly and iteratively subject it to faults to verify if it works as intended without adding intrusive elements to our model that might need to be removed later.
That's where manual fault triggers come in handy. This feature allows us to use our engineering intuition to inject faults to our design in an ad hoc manner, quickly testing how the system responds without heavily modifying our model.
Now let's jump to our exercise. Let's open the model and inspect our control system design. The first subsystem block on the left is responsible for processing the sensor signals coming from the plant. After that, the signal conditioning and failure subsystem and the mode logic state flowchart are responsible for detecting and mitigating potential failures. Lastly, the controller and plant blocks respectively contain the control laws and model dynamics for the aircraft.
For this exercise, we will walk through creating a new fault as well as repurposing a previously configured fault to be manually triggered. The new fault will be introduced in the hydraulic system for the elevator. You can find more information on the elevator layout by referring to the online documentation page for this example. Let's create the new fault and configure it for manual triggering.
In the Model Canvas, navigate to the subsystem for measured pressures on the hydraulic system 1. Select the signal line coming from the pump pressure block and add a fault by clicking on the Add Fault button under the Fault Analyzer tab on the Simulink toolstrip. Name the fault and set its behavior as stuck at ground.
Next, set the trigger type parameter as manual. Now let's say we want to trigger a second fault during simulation to completely fail the loft elevator. We can do this by failing the left inner actuator. We already have a fault for this component, but let's play around with the trigger timing by converting it to a manually triggered fault. Open the fault table to list all configured faults. Expose the left inner actuator fault and right-click on it.
Select the Properties option from the menu to open the Property inspector on the right hand side of the screen. . On the trigger box within the fault section, change the trigger type parameter to manual in the dropdown menu. The next step is to enable the two faults. Notice that the hydraulic system fault that we created coexists with the previously created fault under the same model element in the fault table. So once we enable the fault by clicking on the checkbox on the left hand side, make sure to change the selected active fault to the one we just created. After that, enable the left inner actuator fault.
Now that our many triggers are configured, let's open the Fault dashboard. On the Simulink toolstrip, navigate to the Fault Analyzer tab and click on Fault Dashboard. Here we see our two active faults. Both the status is set to off. Clicking on these buttons in the Status column will trigger the faults and turn them on during the simulation.
We are almost ready to run our fault simulation. Before we kick it off, let's first make sure that the fault simulation is set to on in the Simulink toolstrip, and that we are running a paste simulation.
Now let's run the simulation. Remember, we will manually trigger the two faults using the Fault dashboard while the simulation is being executed. So let's keep it open on the screen. I will trigger the first fall at around T equals 5 seconds and the second fall at around T equals 10 seconds.
But for now, I'm not interested in exact timing. Click on the Run button in the Simulink toolstrip to start the simulation. While the simulation runs, click on the Status buttons to trigger the faults at the desired times.
Now that the simulation is finished, let's evaluate the results. First, on the Fault dashboard, we see that two out of two faults were assimilated and that the triggered faults under the dropdown were the faults were manually triggered. Next, let's look at the Simulation Data Inspector to evaluate how the model behaved. On the Simulink toolstrip, click on the Data Inspector button.
The top plot shows the two triggered faults. The middle and bottom plots show the left outer and left inner actuator mode behaviors during the simulation. The plots show expected behavior of the fault mitigation logic. In the event of a fault in the outer actuator, the inner becomes active. And when the second fault occurs, both actuators become isolated. As you can see, this quick analysis was made possible by rapidly adding faults to the model and manually triggering them during the simulation without us having to worry about more advanced fault simulation settings.
In summary, this video covered how to use manual triggers to quickly evaluate how a design fault mitigation system responds to failures. I showed you how to add a fault with a manager to a model, how to change a fault trigger to manual, how to trigger those faults during the simulation and how to verify analyze the results. Check out the additional resources below for more information.