1
Download VEX design report - TOC
Transcript
Ref : VEX-T.ASTR-TCN.00349 Issue : 2 Date Rev. : 0 : 06/02/2004 Page : 12.1 12 RELIABILITY AND REDUNDANCY ARCHITECTURE The Venus Express S/C architecture is recurring from Mars Express S/C with very few exceptions (addition of HGA2 X-band only antenna with its associated Diplexer and wave guides). Thus, the redundancy scheme provides the same Mars Express hardware resources to handle on-board failures through an autonomous failure management. The redundancy concept is mainly derived from autonomy requirements, failure tolerance requirements, reuse of Mars Express avionics architecture and reliability figure. This concept allows Venus Express spacecraft to be fully one-failure tolerant. 12.1 REDUNDANCY REQUIREMENTS Autonomy As Venus Express is required to be autonomously one-failure tolerant (decision taking function without ground intervention on failure/event occurrence), all failures which endanger the Spacecraft integrity need to be managed on-board. The FDIR function is in charge of failures management using redundancy resources. Most functions are supported by stand-by redundancies. Hot redundancy and majority voting are used for critical functions (main bus regulation, reconfiguration module, WD...). To improve availability (waiting for powering on) hot stand-by redundancies can be programmed for critical mission phases (Venus orbit insertion manoeuvre). Failure tolerance The Venus Express spacecraft is designed to be one-failure tolerant which means that each EEE function is redunded as a minimum. Specific design rules (segregation, thermal dissipation control, parts redundancy, etc.) is implemented to avoid failure propagation. Reuse of Mars Express Avionics architecture The redundancy architecture has been kept as is because of the numerous existing similarities between Mars Express and Venus Express in terms of mission, autonomy and failure tolerance constraints. Reliability figure Cross-strappings are implemented so as to improve significantly the spacecraft reliability figure or the operational flexibility, but shall not bring additional risks by increased design complexity.
