2024-05-15: Failsafe Procedure Under Different Situations

Summary

Date

2024-05-15

Status

 

Change Requestee

@Yuchen Lin

Reviewers!

Mech: < list names >

EE: < list names >

EFS: < list names >

Auto: < list names >

Directors: < list names >

Technical Details/Changelog

 

 

The flight readiness review requires the following:

All UAVs must be equipped with a safety flight termination system that can be activated either automatically or remotely (kill switch). […] For rotary wing, a quick vertical descent of a minimum of 2 m/s and touchdown must be performed. The flight termination mechanism must be operational at all times. If the flight termination method is not working, the aircraft must terminate the flight itself automatically and rapidly. [...] Aircraft must be in termination mode within 10 seconds of the termination function being activated

That is:

  • A disarm switch

  • Lost link failsafe, triggering within 10 seconds

  • Immediate landing at a minimum speed of 2m/s when triggered

 

The landing mode can be configured to meet the landing speed with the parameter WPNAV_SPEED_DN=200(cm/s). It is likely sufficient that the LAND_SPEED stays at the default of 50cm/s (below 10m the aircraft uses LAND_SPEED instead of WPNAV_SPEED_DN).

The failsafe should be triggered when GCS and Radio are both disconnected.

It appears that there is no way to trigger after BOTH gcs and radio disconnect. To handle this the FS_OPTIONS parameter can be used to only trigger failsafe in specific conditions, as described below

Normal Flight Test: (See Failsafe — Copter documentation )

Radio Failsafe:

  • FS_THR_ENABLE = 3 - Enabled Always Land

  • FS_OPTIONS = 17 - Continue if in auto mode on Radio Failsafe & Continue in pilot control on Ground Control Station Failsafe

  • RC_FS_TIMEOUT = 10 seconds

Battery Failsafe:

  • BATT_LOW_VOLT = 40.8V - (3.4v/cell)

  • BATT_LOW_MAH = 0 (only voltage is used)

  • BATT_FS_LOW_ACT = 2 (RTL)

  • BATT_CRT_VOLT = 37.2V - (3.1V/cell)

  • BATT_CRT_MAH = 0 - (only voltage is used

  • BATT_FS_CRT_ACT = 1 (LAND)

  • BATT_FS_VOLTSRC = 0 - Do not use sag-compensated voltage

  • BATT_LOW_TIMER = 10 seconds

Groundstation Failsafe:

  • FS_GCS_TIMEOUT = 10 seconds

  • FS_GCS_ENABLE = 5 - Enabled Always Land

  • FS_OPTIONS = 17 - Continue if in auto mode on Radio Failsafe & Continue in pilot control on Ground Control Station Failsafe

EKF Failsafe:

  • FS_EKF_ACTION = 1 (Land)

Remaining failsafes can use default parameters

Dead Reckoning:

Vibration:

Terrain Data Loss Failsafe:

Crash Check:

Parachute:

Independent Watchdog:

The listed parameters above are as follows in this .param file:

FS_OPTIONS,17 FS_THR_ENABLE,3 RC_FS_TIMEOUT,10 BATT_LOW_VOLT,40.8 BATT_LOW_MAH,0 BATT_FS_LOW_ACT,2 BATT_CRT_VOLT,37.2 BATT_CRT_MAH,0 BATT_FS_CRT_ACT,1 BATT_FS_VOLTSRC,0 BATT_LOW_TIMER,10 FS_GCS_TIMEOUT,10 FS_GCS_ENABLE,5 FS_EKF_ACTION,1 WPNAV_SPEED_DN,200 LAND_SPEED,50

Competition:

A TODO before the comp: Save the configuration profile to the ground station so we have a backup before any big modification to flight profile.

 

Task 1:

 

Task 2:

EKF Source switching for GPS denied environments needs to be configured as well:
EKF Source Selection and Switching — Copter documentation

GPS / Non-GPS Transitions — Copter documentation

Arch doc implementation Info

 

Approvals & Reviews

< space for reviewers to leave thoughts / approvals? >

Name

Approve/Deny?

Reason

Name

Approve/Deny?

Reason