Fault Tolerance of the Global Navigation Satellite System using System-Level Diagnosis

Similar documents
Challenges and Solutions for GPS Receiver Test

Principal Investigator Co-Principal Investigator Co-Principal Investigator Prof. Talat Ahmad Vice-Chancellor Jamia Millia Islamia Delhi

GLOBAL POSITIONING SYSTEMS. Knowing where and when

Global Navigation Satellite Systems (GNSS)

ASSEMBLY 37TH SESSION

Status of the European EGNOS and Galileo Programmes. Frank Udnaes Galileo policy and Infrastructure group EC DG-TREN. June 2008

GBAS FOR ATCO. June 2017

Nigerian Communications Satellite Ltd. (NIGCOMSAT)

ELEVENTH AIR NAVIGATION CONFERENCE. Montreal, 22 September to 3 October 2003 TOOLS AND FUNCTIONS FOR GNSS RAIM/FDE AVAILABILITY DETERMINATION

Satellite-Based Augmentation System (SBAS) Integrity Services

Lecture-1 CHAPTER 2 INTRODUCTION TO GPS

Prototyping Advanced RAIM for Vertical Guidance

European GNSS Evolution

The Wide Area Augmentation System

Galileo - European Global Navigation Satellite System

DEFINING THE FUTURE OF SATELLITE SURVEYING WITH TRIMBLE R-TRACK TECHNOLOGY

GLOBAL NAVIGATION SATELLITE SYSTEMS (GNSS) ECE 2526E Tuesday, 24 April 2018

A Review of Vulnerabilities of ADS-B

SATELLITE BASED AUGMENTATION SYSTEM (SBAS) FOR AUSTRALIA

Update of BeiDou Navigation Satellite System

FieldGenius Technical Notes GPS Terminology

Geoscience & Positioning, Navigation and Timing Services for Canadians

GNSS Spectrum Issues and New GPS L5

Lecture 19 - Partial Derivatives and Extrema of Functions of Two Variables

Technical Specifications Document. for. Satellite-Based Augmentation System (SBAS) Testbed

Inputs. Outputs. Outputs. Inputs. Outputs. Inputs

CONSIDERATIONS FOR GNSS MEASUREMENTS

ORBITAL NAVIGATION SYSTEMS PRESENT AND FUTURE TENDS

Indian GNSS Industry Overview Challenges and future prospects

Radio Navigation Aids Flight Test Seminar

Aviation Benefits of GNSS Augmentation

King AbdulAziz University. Faculty of Environmental Design. Geomatics Department. Mobile GIS GEOM 427. Lecture 3

Global Positioning Systems Directorate

Modern Navigation. Thomas Herring

The last 25 years - GPS to multi-gnss: from a military tool to the most widely used civilian positioning solution

New Tools for Network RTK Integrity Monitoring

each pair of constellation points. The binary symbol error that corresponds to an edge is its edge label. For a constellation with 2 n points, each bi

Broadcast in Radio Networks in the presence of Byzantine Adversaries

GLOBAL POSITIONING SYSTEMS

European Geostationary Navigation Overlay Service (EGNOS) Capability on Sirius 5 Satellite for SES

Travel time uncertainty and network models

GNSS Solutions: Do GNSS augmentation systems certified for aviation use,

Proceedings of Al-Azhar Engineering 7 th International Conference Cairo, April 7-10, 2003.

DEGRADED broadcast channels were first studied by

Integrity of Satellite Navigation in the Arctic

GPS/WAAS Program Update

An Optimal (d 1)-Fault-Tolerant All-to-All Broadcasting Scheme for d-dimensional Hypercubes

Emergency Locator Signal Detection and Geolocation Small Satellite Constellation Feasibility Study

Figure 2: Maximum Ionosphere-Induced Vertical Errors at Memphis

Dimov Stojče Ilčev. CNS Systems

p-percent Coverage in Wireless Sensor Networks

2 INTRODUCTION TO GNSS REFLECTOMERY

Future Concepts for Galileo SAR & Ground Segment. Executive summary

One Source for Positioning Success

Real-Time Data Flow and Product Generation for GNSS. Jet Propulsion Laboratory. California Institute of Technology. Natural Resources Canada

Evaluating EGNOS technology in an ITS driving assistance application

The topic we are going to see in this unit, the global positioning system, is not directly related with the computer networks we use everyday, but it

1. Introduction. Quick Start Guide for GPS150 V1.02 TEL

GPS: The Basics. Darrell R. Dean, Jr. Civil and Environmental Engineering West Virginia University. Expected Learning Outcomes for GPS

Lossy Compression of Permutations

Fast convergence of Trimble CenterPoint RTX by regional augmentation

GNSS Programme. Overview and Status in Europe

Rearrangement task realization by multiple mobile robots with efficient calculation of task constraints

THE CREATION OF DIFFERENTIAL CORRECTION SYSTEMS AND THE SYSTEMS OF GLOBAL NAVIGATION SATELLITE SYSTEM MONITORING

Comprehensive Study of GNSS Systems

ICG 9 PRAGUE 10 November 2014

GPS SIGNAL INTEGRITY DEPENDENCIES ON ATOMIC CLOCKS *

Demonstrations of Multi-Constellation Advanced RAIM for Vertical Guidance using GPS and GLONASS Signals

Mario Caporale, Alessandro Neri, Alberto Tuozzi ICG 10 Boulder

AIREON SPACE-BASED ADS-B

INTRODUCTION The validity of dissertation Object of investigation Subject of investigation The purpose: of the tasks The novelty:

Interoperation and Integration of Satellite Based Augmentation Systems

Basics of Satellite Navigation an Elementary Introduction Prof. Dr. Bernhard Hofmann-Wellenhof Graz, University of Technology, Austria

An Introduction to Airline Communication Types

Global Navigation Satellite System (GLONASS): Status and Development

Versatile, Stationary/Mobile Low-Cost Telecommunication System

Lecture 04. Elements of Global Positioning Systems

GPS Adjacent Band Compatibility Assessment

RESOLUTION MSC.401(95) (Adopted on 8 June 2015) PERFORMANCE STANDARDS FOR MULTI-SYSTEM SHIPBORNE RADIONAVIGATION RECEIVERS

Where Next for GNSS?

GLObal Navigation Satellite System (GLONASS)

Prospects for Status and Development of GLONASS System Space Complex

Galileo Aktueller Stand der Entwicklung

31st Annual Precise Time and Time Interval (PTTI) Meeting

Introduction to the Global Positioning System

Space and Missile Systems Center

GLONASS: Current status and perspectives

Een GPS naderingshulpmiddel voor de kleine luchtvaart

GLONASS PROGRAMME UPDATE

GNSS Technology Update

PRELIMINARY PROGRAMME

How is GPS Used in Farming? Equipment Guidance Systems

Introduction to Geographic Information Science. Last Lecture. Today s Outline. Geography 4103 / GNSS/GPS Technology

The experimental evaluation of the EGNOS safety-of-life services for railway signalling

The Role of F.I.G. in Leading the Development of International Real-Time Positioning Guidelines

Development of BeiDou Navigation Satellite System

GSS8000. Highlights of the GSS8000 series. Multiple Signals Combined. Comprehensive Modelling. Unmatched Pedigree and Support

GPS Errors. Figure 1. Four satellites are required to determine a GPS position.

TEPZZ 8 5ZA_T EP A1 (19) (11) EP A1 (12) EUROPEAN PATENT APPLICATION

Special Committee SC-159 Navigation Equipment Using the Global Navigation Satellite System (GNSS) (Version 13)

Transcription:

Fault Tolerance of the Global Navigation Satellite System using System-Level Diagnosis Chad C. Lamb Anindya Das Ralph Sexton Linda S. DeBrunner K. Thulasiraman Satellite Navigation Division John Fagan Dept. of Computer Science Innovative Solutions Dept. of ECE University of Oklahoma International, Inc. University of Oklahoma Norman, Oklahoma 73019 Vienna, VA 22182 Norman, Oklahoma 73019 (405) 325-4042 (703) 883-8088 (405) 325-4721 FAX: (405) 325-7066 Abstract The Global Navigation Satellite System (GNSS} is a space-based positioning system that can track aircraji, to within a few feet, anywhere in the United States of America. With augmentations based in other countries, the GNSS becomes a truly global positioning system, able to track aircraji anywhere on the globe with accuracies on the order of a few feet. We investigate the application of System-Level Diagnosis (SLD) to the GNSS to assess the diagnosability and fault tolerance of the system. We show, in a deterministic manner, the number of faulty elements that can exist in the system and still allow for the accurate diagnosis of the system. Our deterministic approach is in contrast to other known probabilistic approach. Introduction The Global Positioning System (GPS) is a spacebased positioning, velocity, and time system that has three major segments: space, control, and the user. The GPS Space Segment is composed of 24 space vehicles (SVs), i.e., satellites in six orbital planes. The SVs operate in circular 10,900 nautical mile orbits with a 12-hour period. The GPS Control Segment has five ground-based monitor stations, three of which have uplink capabilities, and a Control Station operated by the Department of Defense. The monitor stations use a GPS receiver to passively track all satellites in view and thus accumulate ranging data from the satellite signals. The information from the monitor stations is processed by the Control Station to determine satellite orbits and to update the navigation message of each satellite. The GPS User Segment consists of receivers that provide positioning, velocity, and precise timing to the user. The Global Navigation Satellite System (GNSS), as defined here, is composed of GPS SVs and other augmentations which are added to provide the required accuracy, integrity, and availability for aircraft navigation. We use System-Level Diagnosis (SLD) [ 1,2] to determine the diagnosability and evaluate the availability of the GNSS. The Department of Transportation (DOT) and the Federal Aviation Administration (FAA) in the United States, along with similar agencies in other countries, have a vested interest in the GNSS and how well it performs for both civil and military applications. The Global Navigation Satellite System The GNSS, as shown in figure 1, is composed of the following components: GPS SVs, the Wide Area Augmentation System (WAAS), Air Traffic Control, and the aircraft. Each block in figure 1 represents a subsystem of the GNSS. The system is modeled using nodes to represent individual components and directed edges to represent the flow of information. Figure 1 Block Diagram ofthe GNSS 1058-6393/98 $10.00 0 1998 IEEE s97

A graph G = (U, E) represents the entire GNSS, which includes the elements in figure 1 and their subsystems, where U is the set of nodes in G and E is the set of edges of G. A subgraph of G, G,,cG, represents the GNSS as seen by the aircraft at some time t and some position p. Gt,p # G since at any given time or place, the aircraft cannot see all the GPS SVs, or some SVs may not be in service (e.g., for scheduled maintenance). We are interested in the diagnosability of for any t, p. After generating GI,, we create the test graph for G4,, called GI,,. Then, we perform our diagnosis and determine the diagnosability of the GNSS. In this paper, we investigate the worst case scenario for G,,, which is the situation where the aircraft can see the minimum number of GNSS elements. Further investigations will look at the other situations, and provide an overall assessment of the system, e.g., moving averages or standard deviations. Generating the Test Graph Gt,p Another issue in modeling the GNSS is to identify the failure modes for each node. There are several differences between the graph considered here and the graphs in traditional multiprocessor systems, for which SLD is traditionally applied. All nodes are identical in graphs using traditional SLD, whereas they are not in this application. Furthermore, the edges of G may be faulty, whereas in traditional SLD the edges are generally assumed to be fault-free. Figure 2 shows the different types of nodes, and their associated edges, for the GNSS subsystems. In this paper, we model a link failure in the GNSS as a failure of the sending node, to simplify our model. In the GNSS, there are several different types of links: coaxial cabling, fiber optic cabling, and atmospheric transmissions. We use the comparison model, described later, to perform the diagnosis. This model requires bi-directional edges in the graph to perform the tests. Therefore, the GNSS must be modeled with bi-directional edges connecting the nodes to take advantage of this. In figure 2a, the GPS SV is monitored by the Reference Station. The Reference Station is connected to the Master Station (shown in figure 2d), and the Master Station can determine the status of the GPS SV. Therefore, we can model this as a bi-directional edge in the test graph GSP to connect the GPS SV nodes and the Reference Station nodes. (In figure 2, the direction of the edges are consistent with the graph GI,,, not the test graph GI.,.) In figure 2b, the Master Station sends information to the WAAS SV, the WAAS SV sends information to the Reference Station (shown in figure 2c), which then sends information back to the Master Station (figure 2d). Therefore, we can model this as a bi-directional edge in the test graph GI,, to connect the Master Station nodes and the WAAS SV nodes, and similarly the WAAS SV nodes and the Reference Station nodes can share a bi-directional edge in the test graph GI,,. In figure 2d, the Master Station and the Reference Station are connected by a bidirectional edge since they can send information back and forth. Figure 3 shows the test graph Gt,, for the node pairs in Gr,,. We use the comparison model [6] in the test graph GLp, since all nodes are joined by bi-directional edges (Bidirectional edges are necessary to use the comparison model). Station (J WAAS h a Reference Figure 3 Components of Test Graph Gt,, (6, Figure 2 Components of Graph G,, However, we can simplify the test graph GI,, by removing the Master Station node since it is inherently redundant and assumed not to fail. We combine the WAAS SV node in figure 3 with the Master Station node, and refer to this combined node as the WAAS node. 898

At this point, we can introduce the aircraft node into the graph G,,p. The goal of this research is to determine the diagnosability of the GNSS with respect to an aircraft using the system for navigation. Therefore, the aircraft node is the central node. The resulting components of the test graph G,,p are shown in figure 4. Aircraft Figure 4 Components of the Modified Gt,p S ystem-level Diagnosis To determine the diagnosability of the GNSS, we use the t-in-l, diagnosis theory developed in [6]. In this theory, a graph is uniquely diagnosable provided: (1) there are no more than LFC faulty nodes in the local neighborhood set of node x in the graph, and (2) there are no more than ELFC faulty nodes in the extended-local neighborhood set of node x in the graph. The local neighborhood set of node x is composed of the set of nodes whose distance from x is equal to one, while the extended-local neighborhood set of node x is composed of the nodes whose distance from x is less than or equal to two (see [7] for details on graph theory). t-in-l, Diagnosis The GNSS is diagnosable, that is, every node in the graph Glp can be uniquely labeled as faulty or fault-free, provided there are no more than LFC faulty nodes in the Iocal neighborhood set of any node x and no more than ELFC faulty nodes in the extended-local neighborhood set of any node x. While the t-in-l, diagnosis theory is applicable to any node in the graph, we are only interested in x = aircraft node. We must determine the values for LFC and ELFC, since in [6], the t-in-l, diagnosis theory is applicable to regular graphs, where a graph is called regular with degree b, if all nodes have the same degree, i.e. degree(x$ = b, VX,E U. The GNSS is not a regular graph. To simplify the model of the GNSS, we treat each node in the GNSS as identical nodes in the test graph G,,p. Then, two adjacent nodes are assigned identical tasks, and if their outputs match, then a test result of 0 is generated (a O-link joins the two nodes). If the outputs do not match then a test result of 1 is generated (a l-link joins the two nodes). So if two nodes are working properly, then they should produce the same output (and thus generate a 0- link). The collection of all such test outcomes is called a syndrome. Now, after determining the syndrome, it must be interpreted it so we can label the nodes as faulty or faultfree. We chose the comparison model for this interpretation [ 11. Using the comparison model to decode the syndrome, we must determine if x is faulty or faultfree, VXE U. If, for example, x,y~ U are joined by a 0- link, then all we know is the output of x matched that of y. For the comparison model, a O-link signifies that the output of node x and node y matched, so either both x and y are fault-free or both are faulty. x and y could both be faulty in the same way so they produce the same output. Figure 5 shows the comparison model. When two nodes are faulty, the test result is unreliable (WO) since two faulty nodes may have matched outputs, resulting in a 0- link, or unmatched outputs, resulting in a l-link... 0 0 Fault-Free Faulty Figure 5 Comparison Model Next we need to examine the test graph G,,p. We know from [5] that there are at least six GPS SV nodes and from [4] there is at least one WAAS node, Vt,p. From [4] there are at least three Reference Station nodes for each GPS SV node, with some of those being shared. Thus, we have the graph in figure 6. This is a worst case scenario. The assignment of Reference Station nodes to GPS SV nodes was made somewhat arbitrarily, however, the specifics of this connection assignment have little or no impact on the diagnosability of the graph, provided there are at least three Reference Station nodes per GPS SV. We have not shown the connections between the WAAS node and the Reference Station nodes to simplify 899

the figure, however, these connections exist in the analysis. Ldegree(x)/2J I t 5 degree(x) - 1 and F is the set of faulty nodes in G, then 1. 2. If IN1 > t, then XE F If IN1 < degree(x) - t + 1, then XE U - F. Lemma 2 Given a regular graph G, with a local fault constraint (LFC) of no more than t faults in L(x)u{ x}, VXE U, and let F be the set of faulty nodes in G, then 1. If 3, IN(NJ1 2 t, and if IN1 2 degree(x) - t + 2 and for i = [degree(x) - t + 2. 21 to INI, IN(N$I = degree(x) - 1, then XE U - F. If Eli, IN(N,)I < [degree(x) - t], then XE F. Diagnosis of GNSS GPS, I Aircraft WAAS 0 Reference Station Note: connections between the WAAS node and the Reference Station nodes omitted for clarity Figure 6 Worst Case Gt,p Let N be the set of nodes in L(x) that share a 0-link with x and N be theset of nodes in L(x) that share a 1-link with x. Similarly, N(N)Ls the set of nodes that share a 0-link - with the nodes in N (not including the nodes in N), N(N) is the set of nodes that share a 0-link with the nodes in N (not including the nodes in N), N( N ) is the set of nodes that share a 1-link with the nodes (not including the nodes in E), and N(N) is the set of nodes that share a 1-link with the nodes in N (not including the nodes in N). Let N, be the node Z,E N that shares a 1-link with x and N(NJ be the set of nodes that share a 1-link with z,, not including the node zl. Similarly N(N,) is the set of nodes that share a 0-link with zi. In the following arguments, the local fault constraint (LFC) is the maximum number of faulty nodes in the local neighborhood set of x, and the extended-local fault constraint (ELFC) is the number of faulty nodes in the extended-local neighborhood set of x, that can be tolerated and still correctly label the faulty and fault-free nodes. We use the notation L(x) to represent the set of nodes whose distance from x is one. We let t denote the maximum number of faults in the local neighborhood set of x and let t(m) denote the maximum number of faults in the extended local neighborhood set of x. The following lemmas are stated here for completeness. The proofs are given in [6]. Lemma 1 Given a graph G with a local fault constraint (LFC) of no more than t faults in L(x)u{x}, VXG U, where Lemma 3 Given a graph G and syndrome S, let F be an allowable fault set for S such that F # U. Let C (or C ) be the set of nodes that have multiple paths of length 2 with x and are counted twice in the computation of F(x) (or F (x)). Then, the number of faulty nodes in the extendedlocal neighborhood set of x, VXE U is: 1. IF(~)I 2 INI 11 - ICI, if XE U - F + I E (N)I -- + IN(N 2. IF (XI 2 1 + IN I + IN( N)I + Id min[ IN(NJ deg(x) - IN(N$I ] - IC I, if XE F. t=1 Theorem 1 Given a graph G and syndrome S, let F be an allowable fault set for S such that F # U. If there are no more than t = 6 faults in the local neighborhood set of x, where x = aircraft node, and no more than t(m) = 10 faults in the extended-local neighborhood set of x, then G is t- in-lz diagnosable. Proof Outline In proving the theorem, consider the following conditions: 1. INl>t 2. 3, IN(NJI < [degree(x) - t] 3. IF(x)l - IC1 > t(m), where F(x) = N U (N) U N( E). We show that the node x is faulty if and only if at least one of these conditions is true. We use Lemmas 1, 2, and 3 to show this. The sufficiency of these conditions is shown by directly using lemma 1 (2,3) for condition 1 (2,3). To prove the necessity, we assume x is faulty and none of the conditions are true, and we arrive at a contradiction. From the t-in-l, diagnosis theory, we find that the LFC = degree(aircraft node) - 1 = 6, and the ELFC = 10. Therefore, the GNSS can have six faulty nodes in the local neighborhood set of the aircraft (which includes the aircraft node) and at most ten faulty nodes in the extended-local neighborhood set of x (which includes the six faulty nodes in the local neighborhood set of x), and 900

the system can still diagnosis correctly the faulty and fault-free nodes in the graph. Conclusions In summary, the GNSS is the future of aircraft navigation throughout the world. Augmentation systems for GPS are being designed in the United States, Australia, Canada, Europe, Japan, Russia, and other countries. Therefore, there is an immediate need for an evaluation of their performance. To date, there have been very few studies on the performance of the entire system, only subsystem performance evaluations [3,4]. This research evaluates the combined GNSS [5], rather than evaluating the parts individually, using a deterministic approach in system-level diagnosis. We have shown the GNSS, for the worst case scenario, can have up to 6 faults in the local neighborhood set of x, and up to 10 faults in the extended-local neighborhood set of x, and still accurately label all nodes as faulty or fault-free. Since there are only 7 nodes adjacent to x, an LFC = 6 is a significant percentage of those nodes. If we consider other cases where there are more than 7 nodes adjacent to x, the t-in-l, diagnosis theory allows us to have degree(x) - 1 faulty nodes, so the benefit is not lost as the degree of x increases. Additional research is needed to evaluate the GNSS with additional elements, like GLONASS (the Russian Global Navigation Satellite System) and EGNOS (the European system). Using the approach shown here, the addition of other augmentations requires little more than adding nodes to the test graph. References F. P. Preparata, G. Matze, R. T. Chien, On the Connection Assignment Problem of Diagnosable Systems, IEEE Trans. Electr. Compt., Vol. EC-16, pp. 848-854, 1967. A. Das, K. Thulasiraman, V. K. Agarwal, K. B. Lakshmanan, Multiprocessor Fault Diagnosis Under Local Constraints, IEEE Trans. on Computers, vol. 42, pp. 984-988, Aug. 1993. V. Ashkenazi, et al., Design of a GNSS: Coverage, Accuracy and Integrity, Proceedings of ION GPS-95, ip. 463-472.1995. W. Poor, T. Albertson, P. Yen, A Wide Area Augmentation System (WAAS) Service Volume Model and Its Use in Evaluating WAAS Architecture and Design Sensitivities, Proceedings of ION GPS-95, pp. 629-637, 1995. M. Sams, et al., Optimum Satellite Constellations for Civil Navigation Use, Proceedings of ION GPS-96, pp. 1151-1160, 1996. C. Lamb, Graph Models and System Diagnosis, Ph.D. Dissertation, U. of Oklahoma, to appear Dec. 1997. Frank Harary, Graph Theory, Addison-Wesley Publishing, Reading, MA, 1969. 90 1

2024 © hobbydocbox.com Privacy Policy | Terms of Service | Feedback