[AR] FTS (was Re: $1M prize for a student rocket reaching 100 km)
- From: Henry Spencer <hspencer@xxxxxxxxxxxxx>
- To: Arocket List <arocket@xxxxxxxxxxxxx>
- Date: Sun, 16 Sep 2018 00:35:02 -0400 (EDT)
On Sat, 15 Sep 2018, Ben Brockert wrote:
By law you are not even required to have independent FTS for an orbital
rocket. SpaceX is flying AFTS, which is a separate system but doesn't
have a radio terminate link. From conversations with FAA people I'm
convinced that they could be convinced that even that is unnecessary...
Indeed, they have already been convinced of it once, although for
well-proven professionally-built hardware in favorable circumstances:
Sea Launch's Zenits had no separate FTS at all. Per standard Russian
practice, they had a triple-redundant guidance system, which in the event
of unresolvable disagreement, shuts down the engines -- it has happened to
a couple of Zenits. No bomb on board, no radio link. And yes, Sea Launch
being a US-registered company, they needed FAA launch licenses. However,
getting this past the FAA was undoubtedly *greatly* eased by the fact that
they were launching from very empty ocean.
The modern rocket can't fly a trajectory without the GPS, which means it
can't fly without knowing where it is, which means it can't fly to the
wrong place without knowing that it's in the wrong place.
Agreed but with one major caveat: you have to assume that if the GPS is
telling you position, it's telling the truth. There were some disturbing
tests -- admittedly quite a while ago, it's not something I keep up on --
indicating that modest levels of GPS-band interference could make some
non-military receivers lose accuracy badly *without* getting upset enough
to declare the data bad, give up, and shut down. GPS receivers which will
be relied on for flight safety should have had stress testing to verify
that they don't do this. (Merely being assured by the manufacturer that
such a failure mode is impossible is not sufficient; reputable avionics
suppliers have been known to be wrong about such things.)
It's likely that the AFTS is the system optimum for low flight rates
or large rockets; it costs you another GPS systems and a computer, but
means that the FAA only has to be interested in that tiny codebase...
Remember that there's a not-at-all-tiny firmware codebase inside the GPS
system, which needs to be considered too. (Can high-end non-consumer GPS
systems have firmware bugs? Why yes, actually, they can -- although the
only such bug I have personal experience with was nothing so dire.)
...For a low cost expendable or
a high performance smaller reusable I think the trade likely goes to
having the abort system as a core part of the normal control system.
If that means it would be getting its position data from the same GPS
system the control system is using, that would worry me. For safety, you
ought to have dissimilar data sources -- ideally, one GPS and one non-GPS
source, but at the very least, two separate GPS receivers from two
different manufacturers.
Henry
Other related posts: