失速告警系统应用异构双核处理器的安全性分析研究
2023,31(6):137-142
摘要:飞机失速会影响飞机的飞行安全。失速告警计算机作为失速告警系统的核心控制部件,在失速发生前通过灯光告警、语音告警、振杆器抖动等方式为飞行员提供告警,提醒驾驶员进行操作,避免飞机进入失速状态。按照SAE ARP4754A中研制保证等级的分类,将失速告警计算机某些功能确定为灾难级,确定其研制保证等级定级为A类。本文采用异构双核处理器进行失速告警计算机的设计,由于ARP4761中的分析方法对相似性设计有着复杂性和难以模拟仿真的问题,故本设计参照了IEC61508参考标准,对采用异构双核处理器的失速告警计算机的安全性能进行了梳理和分析。分析研究结果表明,相比于采用传统的单核处理器或同构双核处理器设计的失速告警计算机,选择异构双核处理器进行失速告警计算机的设计有其独有的优势,其优势在于异构双核处理器所具备的“1oo2D”结构,通过计算分析满足失速告警计算机对于高安全性、高可靠性的要求。依照IEC 61508相关标准,结合失速告警计算机的高性能要求,选择正确的分析设计路径,可以确保失速告警计算机的功能安全完整性等级有效达成,为其他航空产品的设计开发提供参考。
关键词:飞机失速;失速告警系统;失速告警计算机;异构双核处理器;IEC 61508;ARP 4761;安全性分析
Design of stall warning system based on heterogeneous dual-core processors
Abstract:Aircraft stall will affect the flight safety of aircraft. The stall warning computer, as the core control component of the stall warning system, provides a warning to the flight crew by means of light alerts, aural alerts and stick shaker before the stall occurs to remind the flight crew to operate and avoid the aircraft from entering the stall state. According to the classification of development assurance level in SAE ARP4754A, certain functions of stall warning computer are determined as catastrophic level, and its development assurance level is determined as Class A. This paper uses heterogeneous dual-core processor for stall warning computer design. Due to the complexity analog simulation of analysis support for similarity design in the analysis method of ARP4761, this design also refers to the IEC61508 reference standard, the safety performance of stall warning computer using heterogeneous dual-core processor is combed and analyzed. The analysis results show that, compared with the traditional single-core processor or homogeneous dual-core processor, the design of the stall warning computer with heterogeneous dual-core processor has its unique advantages. The advantage lies in the "1oo2D" structure of the heterogeneous dual-core processor, which can meet the requirements of the stall warning computer for high safety and high reliability through calculation and analysis. In accordance with relevant IEC 61508 standards and combined with the high performance requirements of stall warning computers, the correct analysis and design path can ensure that the functional safety integrity level of stall warning computers can be effectively achieved, providing a reference for the design and development of other aviation products.
Key words:Aircraft stall; Stall warning system; Stall warning computer; Heterogeneous dual-core processor; IEC 61508; ARP 4761; Safety analysis
收稿日期:2022-08-02
基金项目:山西省关键核心技术和共性技术研发攻关专项项目(2020XXX019)
