munk@cft.philips.nl (Harm Munk) (04/25/91)
The other nigth I was watching the "Strange Planes" series on Discovery. It was about parasite planes (nasty yterm), and one of the examples shown was the Space shuttle as a parasite on the Shuttle ferry aircraft. Also, some shots from the first glide tests were shown. When the Shuttle decoupled, or was launched, from the 747, apparently something went wrong with the computers: that was deducible from the the conversation between pilot and capcom, and from some shots of some instrument panel showing a light with "Computer Fail" and a computer display with a big X all across the screen. My question: what happened with the computers during that first (?) glide test. Along the same tracks: during the landing of one of the later tests, the shuttle made a rather bumpy landing. The commentator remarked that this was caused by the inexperience of the pilot, but I recall reading somewhere that is was caused by the computers being to busy with other things that they could not constantly attend to the bussiness of landing the ship, thereby inducing quite some roll. Is this true, or was the commentator right ? +----------------------------------------+------------------------------------+ | Harm Munk | | | Philips Centre for Software Technology | | | Knowledge Base Systems Group | #include <standard.disclaimer> | | Room HKJ-p833 | | | 5600 MD EINDHOVEN | | | The Netherlands | | +----------------------------------------+------------------------------------+
M.W.Hey@newcastle.ac.uk (William Hey) (04/26/91)
Greetings, munk@cft.philips.nl (Harm Munk) writes: >computers: that was deducible from the the conversation between pilot >and capcom, and from some shots of some instrument panel showing a >light with "Computer Fail" and a computer display with a big X all >across the screen. >My question: what happened with the computers during that first (?) >glide test. Last vacation I saw (by chance) an (old) Open University program concerned with software reliability, and their basic worked example was aspects of the Shuttle 5-tier GPC (General Purpose Computer) system. They interviewed one of the chiefs of software integration and simulation, and and he explained that a GPCs failed immediately upon release from the SCA. However the other computers noted the failure and shut it down. If I remember correctly, there are 4 GPCs, which process the flight data continually, and each one polls the others, and vote on what actions to take. The remaining GPC is a back-up, which is used only in the case of complete GPC failure, and it contains only the software for ascent, and de-orbit. Any NASA personel/buffs out there care to elaborate, for example how are 'Mexican stand-offs' avoided? He went on to say, that even though a GPC did fail, the fail-safe system worked accordingly, ie the others contained the failure, and continued the mission. He claimed that the integration simulations are taken as seriously as if they were real flights, and they've only had 2 failures at this level. Even Richard Feynman (Rogers Commission) was impressed by the software Quality Control. (Re "What do you care what other people think"). >Along the same tracks: during the landing of one of the later tests, the >shuttle made a rather bumpy landing. The commentator remarked that this >was caused by the inexperience of the pilot, but I recall reading It was pilot error, something to do with the pilot thinking the nose-down rate was too fast, and he over-corrected on pulling the nose up, so the Enterprise skipped as a result. (Disclaimer - speaking from vague memory here, I left all my books at home. For any British readers, I saw this on "John Cravens News Round", circa 1980) >somewhere that is was caused by the computers being to busy with other >things that they could not constantly attend to the bussiness of landing >the ship, thereby inducing quite some roll. Is this true, or was the >commentator right ? "Roll" ? Pitch more likely, maybe with a smaller resultant role in consequence. EXTREEMLY unlikely, and besides all shuttle landings are manual not automatic; infact the pilot/commander assumes control minutes away from landing...the idea being, should the GPC's fail suddenly at the last moment, the pilot would tend to over-react on the controls. However, the brakes are automated, but I'm not sure about nose-wheel stearing. (RE "Space-Flight News" - issue : March/April 1991) Even if the landing was automatic, can you imagine a GPC being programmed to land the Shuttle, but being 'too busy' at the time! Have any of you read Douglas Adams "Hitch Hikers Guide To the Galaxy", when Eddie the ship-board computer, is unable to defend the ship from an imminent missile attack, as he's figuring out how to make a decent cup of Tea? No flames for inaccuracies please, just the facts. Cheers, Bill -----------------------+-----------------------------+ | William Hey M.W.Hey@newcastle.uk.ac | | Astrophysics : Newcastle University, England. | -----------------------+-----------------------------+
kent@vf.jsc.nasa.gov (04/27/91)
In article <1593@philtis.cft.philips.nl>, munk@cft.philips.nl (Harm Munk) writes: > My question: what happened with the computers during that first (?) > glide test. I will give this one a shot, One General Purpose Computer (GPC) failed and the others quit listening to its inputs ( as they are programed to do). Three GPC's all run the same software and compare results to assure one is not sick. > Along the same tracks: during the landing of one of the later tests, the > shuttle made a rather bumpy landing. The commentator remarked that this > was caused by the inexperience of the pilot, but I recall reading > somewhere that is was caused by the computers being to busy with other > things that they could not constantly attend to the bussiness of landing > the ship, thereby inducing quite some roll. Is this true, or was the > commentator right ? It was not caused by the computer being too busy. It was most likely a pilot induced ocsolation. The computers sample the input from the pilot X times a second. The computer then chews on the input and sends commands to the control surfaces. There is a delay built into the command/action. If the pilot is not aware of the delay it can cause an oscolation. He commands down and does not see the resoponse so he commands down even more..... The computer, issues the down commands and the issues the larger command as well. the pilot see there is too much command down and commands up even more..... the cycles get larger and larger....... I believe some changes were made to the shuttle software to minmize the effect. Also the Pilots are trained extensively to be aware of the effect. -- Mike Kent - Lockheed Engineering and Sciences Company at NASA JSC 2400 NASA Rd One, Houston, TX 77058 (713) 483-3791 KENT@vf.jsc.nasa.gov
dbm@icarus.jsc.nasa.gov (Brad Mears) (04/27/91)
In article <1991Apr26.111139.1@vf.jsc.nasa.gov>, kent@vf.jsc.nasa.gov writes: |> In article <1593@philtis.cft.philips.nl>, munk@cft.philips.nl (Harm Munk) writes: |> > My question: what happened with the computers during that first (?) |> > glide test. |> |> I will give this one a shot, One General Purpose Computer (GPC) |> failed and the others quit listening to its inputs ( as they are programed to |> do). Three GPC's all run the same software and compare results to assure one |> is not sick. Actually, there are 5 GPCs installed and running on the shuttle (a sixth is available for on-orbit replacement). Of these 5, 4 of them are running identical software. These 4 share duties equally and monitor each other for disagreements. The 5th is running an entirely different piece of flight software. If the commander thinks the first 4 are completely fouled up, he can disable them and let the 5th one take over. -- Brad Mears dbm@icarus.jsc.nasa.gov ---------------------------------------------------------------------------- Opinions are expressly forbidden. | "It is better to die on your feet I speak for myself and no other. | than live on your knees" | - Dolores Ibarruri ----------------------------------------------------------------------------
isg7243@ritvax.isc.rit.edu (GEERTS, IS) (05/01/91)
In article <1991Apr26.111139.1@vf.jsc.nasa.gov>, kent@vf.jsc.nasa.gov writes... >In article <1593@philtis.cft.philips.nl>, munk@cft.philips.nl (Harm Munk) writes: >> Along the same tracks: during the landing of one of the later tests, the >> shuttle made a rather bumpy landing. The commentator remarked that this >> was caused by the inexperience of the pilot, but I recall reading >> somewhere that is was caused by the computers being to busy with other >> things that they could not constantly attend to the bussiness of landing >> the ship, thereby inducing quite some roll. Is this true, or was the >> commentator right ? > >It was not caused by the computer being too busy. It was most likely a pilot >induced ocsolation. The computers sample the input from the pilot X times a I thought I read in R. Feynmans' book thatthe only thing the pilot did during landing was press the button to lower the landing gear, and that only to give the idea that humans were really in charge. Anyone know for sure? > >Mike Kent - Lockheed Engineering and Sciences Company at NASA JSC > 2400 NASA Rd One, Houston, TX 77058 (713) 483-3791 > KENT@vf.jsc.nasa.gov -Indra
henry@zoo.toronto.edu (Henry Spencer) (05/01/91)
In article <1991Apr30.171707.27685@isc.rit.edu> isg7243@ritvax.isc.rit.edu writes: >I thought I read in R. Feynmans' book thatthe only thing the pilot did >during landing was press the button to lower the landing gear, and that >only to give the idea that humans were really in charge... You didn't read Feynman's book carefully enough. :-) He said that the shuttle is *theoretically* capable of handling the entire landing except for lowering the landing gear. This has never been tried. The reason why the landing gear are lowered only by human command, by the way, is that they cannot be raised again once lowered. So they'd better not get lowered prematurely. -- And the bean-counter replied, | Henry Spencer @ U of Toronto Zoology "beans are more important". | henry@zoo.toronto.edu utzoo!henry
shafer@skipper.dfrf.nasa.gov (Mary Shafer) (05/02/91)
In article <1991Apr30.171707.27685@isc.rit.edu> isg7243@ritvax.isc.rit.edu (GEERTS, IS) writes:
I thought I read in R. Feynmans' book thatthe only thing the pilot did
during landing was press the button to lower the landing gear, and that
only to give the idea that humans were really in charge. Anyone know
for sure?
Either you remember wrong or Feynman is in error. The Shuttle is flown
by the pilot from about Mach 2 downward. He definitely flies it through
the HAC, onto final, flares. and lands. The complete reentry was hand
flown for STS-2 through 5, too.
There is an autoland but nobody uses it. MSBLS, etc. The pilots really
like to fly it themselves.
--
Mary Shafer shafer@skipper.dfrf.nasa.gov ames!skipper.dfrf.nasa.gov!shafer
NASA Ames Dryden Flight Research Facility, Edwards, CA
Of course I don't speak for NASA
"Turn to kill, not to engage." CDR Willie Driscolldbm@icarus.jsc.nasa.gov (Brad Mears) (05/03/91)
In article <SHAFER.91May1133230@skipper.dfrf.nasa.gov>, shafer@skipper.dfrf.nasa.gov (Mary Shafer) writes: |> In article <1991Apr30.171707.27685@isc.rit.edu> isg7243@ritvax.isc.rit.edu (GEERTS, IS) writes: |> |> I thought I read in R. Feynmans' book thatthe only thing the pilot did |> during landing was press the button to lower the landing gear, and that |> only to give the idea that humans were really in charge. Anyone know |> for sure? |> |> Either you remember wrong or Feynman is in error. The Shuttle is flown |> by the pilot from about Mach 2 downward. He definitely flies it through |> the HAC, onto final, flares. and lands. The complete reentry was hand |> flown for STS-2 through 5, too. |> |> There is an autoland but nobody uses it. MSBLS, etc. The pilots really |> like to fly it themselves. The interesting point is that "nobody uses it". Other than a few activities which _must_ be performed by the crew, the flight software is capable of flying it all the way to the ground. Why? As far as I can tell, the autoland software is as trustworthy as the rest of it. -- Brad Mears dbm@icarus.jsc.nasa.gov ---------------------------------------------------------------------------- Opinions are expressly forbidden. | "It is better to die on your feet I speak for myself and no other. | than live on your knees" | - Dolores Ibarruri ----------------------------------------------------------------------------
kent@vf.jsc.nasa.gov (05/03/91)
In article <1991Apr30.171707.27685@isc.rit.edu>, isg7243@ritvax.isc.rit.edu > I thought I read in R. Feynmans' book thatthe only thing the pilot did > during landing was press the button to lower the landing gear, and that > only to give the idea that humans were really in charge. Anyone know > for sure? > -Indra The Commander and Pilot land the Shuttle, No if's and's or but's. I believe they take active control over the automatic systems several minutes before landing. -- Mike Kent - Lockheed Engineering and Sciences Company at NASA JSC 2400 NASA Rd One, Houston, TX 77058 (713) 483-3791 KENT@vf.jsc.nasa.gov
rivero@dev8a.mdcbbs.com (05/03/91)
In article <1991May2.200211.2157@aio.jsc.nasa.gov>, dbm@icarus.jsc.nasa.gov (Brad Mears) writes: > In article <SHAFER.91May1133230@skipper.dfrf.nasa.gov>, shafer@skipper.dfrf.nasa.gov (Mary Shafer) writes: > |> > |> There is an autoland but nobody uses it. MSBLS, etc. The pilots really > |> like to fly it themselves. > > The interesting point is that "nobody uses it". Other than a few activities > which _must_ be performed by the crew, the flight software is capable of flying > it all the way to the ground. Why? As far as I can tell, the autoland software > is as trustworthy as the rest of it. Pilots like to pilot, even if their craft is perfectly automated. Michael
stein-c@acsu.buffalo.edu (Craig Steinberger) (05/03/91)
In article <1991May2.200211.2157@aio.jsc.nasa.gov> dbm@icarus.jsc.nasa.gov (Brad Mears) writes: >The interesting point is that "nobody uses it". Other than a few activities >which _must_ be performed by the crew, the flight software is capable of flying >it all the way to the ground. Why? As far as I can tell, the autoland >software is as trustworthy as the rest of it. I remember reading that the autopilot/autoland was accurate to a tolerance of about 20 feet or so. This tolerance is acceptable in flight but a mistake of 20 feet while landing can put you underground. However, I do recall some tests of an autoland capability being tested on some airplane by NASA (LaRC?). That was in an AW&ST some time ago. -- Craig Steinberger stein-c@eng.buffalo.edu SUNY at Buffalo, Computational Fluid Dynamics Lab
stanfiel@testeng1.misemi (Chris Stanfield) (05/03/91)
In article <74602@eerie.acsu.Buffalo.EDU> stein-c@acsu.buffalo.edu (Craig Steinberger) writes: > >I remember reading that the autopilot/autoland was accurate to a >tolerance of about 20 feet or so. This tolerance is acceptable in flight >but a mistake of 20 feet while landing can put you underground. However, >I do recall some tests of an autoland capability being tested on some >airplane by NASA (LaRC?). That was in an AW&ST some time ago. There have been functioning autoland systems in existence for 20 years - I know because the first engineering job I had was working on a simulator for the first successful one, the Smiths Mk.Va autopilot system. This system was installed in the Hawker-Siddely(Sp?) Trident (a commercial passenger jet) and in the Short Bros. "Belfast" (an RAF transport). It was cleared to Cat 3b, which means basically a blind landing. This system took the aircraft right down onto the runway - the pilot took over after the wheels touched (braking, reverse thrust, rollout, etc.), although the pilot had to lower the landing gear and, if I remember correctly, set the flaps. For those who are interested, the entire system was analog (no computer!), and used a lot af magnetic amplifiers. The flight data computer was like awatch inside. The reference inputs came from the gyros and a radar altimeter for when you were getting close to the ground. The pitch and roll channels were fully triplexed and the yaw channel duplexed. The system worked well and was reliable, but it was HUGE by todays standards - there were about 40 boxes, 12 servo actuator/clutch units and miles of wire. The flight systems junction box (a giant terminal block affair) had about 1000 junctions (>>2500 connections). The modern systems are, of course, much smaller, are digital and the newest ones are an integral part of the digital flight control system. Chris Stanfield, Mitel Corporation: E-mail to:- uunet!mitel!testeng1!stanfiel (613) 592 2122 Ext.4960 We do not inherit the world from our parents - we borrow it from our children.
shafer@skipper.dfrf.nasa.gov (Mary Shafer) (05/05/91)
In article <7800@testeng1.misemi> stanfiel@testeng1.misemi (Chris Stanfield) writes: >In article <74602@eerie.acsu.Buffalo.EDU> stein-c@acsu.buffalo.edu (Craig Steinberger) writes: >> >>I remember reading that the autopilot/autoland was accurate to a >>tolerance of about 20 feet or so. This tolerance is acceptable in flight >>but a mistake of 20 feet while landing can put you underground. However, >>I do recall some tests of an autoland capability being tested on some >>airplane by NASA (LaRC?). That was in an AW&ST some time ago. This has been tested in various support aircraft, including Dryden's Jetstar, but has not been tested in the Shuttle. My understanding is that it will be used only in extreme emergency, like the commander and pilot both being incapcitated. After watching Steve Nagel fight the extremely gusty wind all the way around the HAC and on final (he landed short and slow because of it), I'm not convinced that autoland is all that red-hot, unless the system is extremely robust. Of course, if he'd used autoland and landed so short, some netters would be whinging about how he abdicated his responsibility by not flying it himself. >There have been functioning autoland systems in existence for 20 years >- I know because the first engineering job I had was working on a >simulator for the first successful one, the Smiths Mk.Va autopilot >system. This system was installed in the Hawker-Siddely(Sp?) Trident >(a commercial passenger jet) and in the Short Bros. "Belfast" (an RAF >transport). It was cleared to Cat 3b, which means basically a blind >landing. [Description omitted-MFS] One of Roger Bacon's "Nephews" recounted a story about an early autoland system, probably this one. It seems that a British airline was fitting autoland to its planes during the regular maintainence cycles, resulting in a mixed fleet. One of their captains let the autoland land the plane, resulting in a rough landing. He complained to the ground crew and wrote it up. When the plane and its piece of paperwork returned, the pilot's complaint, "Autoland lands very hard", was signed off with the comment, "Aircraft not fitted with autoland". -- Mary Shafer shafer@skipper.dfrf.nasa.gov ames!skipper.dfrf.nasa.gov!shafer NASA Ames Dryden Flight Research Facility, Edwards, CA Of course I don't speak for NASA "Turn to kill, not to engage." CDR Willie Driscoll -- Mary Shafer shafer@skipper.dfrf.nasa.gov ames!skipper.dfrf.nasa.gov!shafer NASA Ames Dryden Flight Research Facility, Edwards, CA Of course I don't speak for NASA "Turn to kill, not to engage." CDR Willie Driscoll
petej@phred.UUCP (Peter Jarvis) (05/07/91)
In article <1991Apr30.171707.27685@isc.rit.edu> isg7243@ritvax.isc.rit.edu writes: >I thought I read in R. Feynmans' book thatthe only thing the pilot did >during landing was press the button to lower the landing gear, and that >only to give the idea that humans were really in charge. Anyone know >for sure? >>Mike Kent - Lockheed Engineering and Sciences Company at NASA JSC > Not true. They did not want computer control of the landing gear as that would give one more path for possible malfunction at a critical moment. Direct switching by right-side Pilot was chosen the way to go. It's a 2-switch sequence; 1 to arm the pyro-techics; the other lowers the gear within 2 seconds or the pyro-techics blow them down. Peter Jarvis.........