The provision of integrated modeling, simulation and optimization tools to effectively support all stages of aircraft design remains a critical challenge in the aerospace industry. While several breakthroughs have been achieved in this area, costly iterations are still often necessary to successfully design, develop, integrate, validate and verify the components and subsystems of modern aircraft. The high level of system integration that is characteristic of new aircraft designs is dramatically increasing the complexity of both design and verification – in particular for fault condition analysis and the implementation of defect-free software (Figure 1).

Simultaneously, the multi-physics interactions between structural, electrical, thermal, and hydraulic components have become more significant as the systems become increasingly interconnected (e.g. the interaction among thermal load due to increased cabin electrical power usage, an electrically-powered environmental control system, and electrically powered flight control actuation).

This complex interaction between subsystems is difficult to capture through a traditional “document-based systems engineering” requirements-driven design approach, which often prevents the discovery of novel subsystem architectures that may achieve multi-objective optimization across subsystems. This occurs due to the “one-way” hierarchical requirements derivation from the whole aircraft down to individual components, and leads to over-costing and suboptimal solutions that often require substantial rework to address performance shortfalls where top-level decisions cannot be modified. New methodologies and tools are therefore required to enable better coordination between different design disciplines, so that appropriate requirements are specified at different design phases, and design trades and potential problems are identified before physical prototypes are built and tested through expensive test campaigns.

Figure 1. Increase in electrical power and software complexity on aircraft.

In order to address such needs, Model-Based Systems Engineering (MBSE) has emerged as an alternative design approach. MBSE can be defined as the “formalized application of modelling to support system requirements, design, analysis, verification and validation activities, beginning in the conceptual design phase and continuing throughout development and later life cycle phases.” Despite the significant advances in modeling, simulation, design and virtual testing that have been achieved, there is still a lack of integrated frameworks enabling multi-physics modeling and simulation, multi-objective optimization, model-based design of algorithms, and virtual testing, which can support all of the different design and development phases. It has been demonstrated that a lack of integration in the toolset can be a major cause for delays in the case of complex new designs.

A new integrated modeling, simulation and optimization framework is therefore required by Aerospace industry to incorporate effectively MBSE in all stages of aircraft design and development. Standardized multi-domain modeling languages (e.g. Modelica) and interfacing with other common tools used in Aerospace industry, e.g. via the Functional Mockup Interface (FMI), are key aspects to reach those goals.

Goals

The aim of the MISSION (Modelling and Simulation Tools for Systems Integration on Aircraft) project is to develop and demonstrate an integrated modeling, simulation, design and optimization framework based on MBSE and oriented to the Aerospace industry. This framework will holistically support the entire design, development and validation process of an aircraft, starting from conceptual aircraft-level design, toward capture of key requirements, system design, integration, validation and verification. In the development of this tool, the following objectives are pursued:

Objective 1: Improve integrated design capabilities at aircraft- and system-level through integrated multi-physics modelling and multi-objective optimization, and to trade multiple design metrics including emissions (CO2, NOx), fuel burn, weight, and cost.

Objective 2: Achieve significant reductions in development time, cost and rework throughout the design, development and validation process through the extensive use of model-based-design techniques for controls and algorithms, and advanced virtual testing capabilities.

Objective 3: Support technology integration and demonstration within Clean Sky 2 through a common, open and neutral environment for integration of various technologies developed in ITD Systems.

Objective 4: Achieve wide dissemination of the developed framework to strengthen its exploitation plan. The MISSION project will regularly seek feedback and commitment from groups of stakeholders including ITD partners, scientific aerospace and technological communities/academia, regulation and standardization bodies, as well as, industrial end-users.

Overview of MISSION Platform

The platform envisioned in MISSION project is depicted in Figure 2. It is composed of the following elements:

An integrated modeling and simulation environment: A common, neutral and open environment based on the Modelica multi-domain modeling language containing the platforms and common tools of the MISSION framework.

An aircraft-level optimization platform: A platform for computer-aided design of aircraft architecture, enabling trade-offs of design metrics from a multi-objective perspective, including metrics such as CO2, NOX emissions, fuel consumption, weight, and cost.

System-level optimization platforms: Dedicated platforms for system-level design and optimization of electrical architecture, thermal architecture, landing gear, actuation systems, wings and cockpit. It will support integration of technologies being developed in Clean Sky 2.

Model-based-design tools for control and prognostics & health management algorithms: Model-based design tools for systems controls and health monitoring algorithms supporting “robust design and strong verification” of safety critical systems.

Virtual testing platforms: Platforms enabling validation and verification of designs at multiple levels of abstraction, including partial virtual certification of aircraft components, including computation and communication architectures. The platforms will support PC-based testing in early development phases and lab-based real-time testing of simulated control units and real control units.

Modeling and Simulation Environment

The open modeling and simulation environment provided in MISSION requires a number of functionalities ranging from model development and validation, analysis functions with optimization capabilities to efficient data management, and the capability for virtual testing. Furthermore, since the framework is required to be based on open standards offering links to other modeling tools and design environments, it will be built upon the standardized multi-domain modeling language Modelica, while using FMI to provide the interconnections with common industry-standard tools.

Figure 2. Overview of MISSION platform

With this respect, SimulationX framework from ITI will be utilized since it supports key features such as the multi-domain modeling language Modelica and FMI for Model Exchange and Co-Simulation. Furthermore, DESYRE from ALES, a tool for simulation of distributed embedded systems, will be integrated with SimulationX, since it supports FMI for plant and control modeling, and C++/TLM for software/hardware and communication functional and performance modeling (Figure 3).

SimulationX will be customized and extended in terms of various functionalities to meet the requirements of aerospace industries. Through its open interfaces, the tool can be seamlessly integrated with data-management solutions, which enables safe and traceable engineering processes. Workflows will be automated either by connection to workflow definition and optimization tools or by utilizing the SimulationX scripting capabilities. Other functionalities of the SimulationX framework include, but are not limited to, evaluation of model fidelity against physical results, verification of the input & output behavior in the time domain, and assertion-based verification techniques.

Ongoing initiatives for optimization platforms embedded in Modelica will also be taken into consideration, as well as optimization engines coming from the Operations Research and Constraint Programming communities that are suitable for embedding in a number of software environments. Moreover, state-of-the-art techniques for data analytics and model reduction capabilities will also be incorporated in the tool. In addition, a functionality to define and manage work processes will be incorporated. This will enclose a scripting facility and a user friendly graphical user interface for management of the different processes.

Specific data management functionality and IP protection will provide easy to use storage and organization of data and will facilitate the interaction of different users of the framework. Since modern aircraft systems are composed of thousands of components, the management of large amounts of documentation with different requirement specifications is demanded. In line with MBSE approach, functionalities for automatic documentation of requirements and version control for different subsystems and systems will be incorporated in the framework.

Finally, MISSION environment will incorporate a requirements modeling and executable specifications functionality. To this end, MISSION aims to develop interfaces between the framework and requirements management tools that are well established and widely used by Aerospace industry.

On the other hand, MISSION will provide a platform for SiL simulation that enables the evaluation of the impact of the communication network and software middleware on the embedded controls and will support virtual testing. The implementation of the SiL proposal will be based on the DESYRE simulation environment, developed by ALES. DESYRE will be integrated with the core environment through the FMI standard interface. Besides these technical developments, MISSION will also work towards the establishment of modeling standards to ensure harmonization of modeling activities by different partners and successful implementation of the virtual testing functionalities. Physical modeling often requires the introduction and resolution of Differential Algebraic Equations (DAE). MISSION will propose extensions to the FMI 2.0 standard to fully support model exchange for simulation of physical models.

Aircraft Level and System-Level Design and Optimization Platforms

At the top-level of the design chain, the aircraft-design will enable optimization of the aircraft architecture starting from high-level requirements defined by the expected aircraft operations, linking with the so-called “conceptual design’ phase. Embedded multi-objective optimization capabilities will allow trading multiple aircraft-level design metrics such as emissions, fuel consumption and lifecycle cost. Outcomes of the design serve as requirements for the system design platform.

The use of standard multidisciplinary design optimization tools can be prohibitive in terms of complexity and cost. In order to enable the evaluation of aircraft-level architecture designs from a multi-domain perspective, taking into account interactions between systems, an aircraft-level modeling library will be developed. The level of granularity and fidelity used will ensure accurate evaluation of power flows relevant for aircraft-level design studies applied over entire aircraft operations.

At the next hierarchical level, a system-level design platform will incorporate a comprehensive multi-domain library of subsystems and components, as well as tools for design and optimization of electrical architecture, thermal architecture, wing architecture, landing gear, actuation systems and cockpit. In regard to the modeling library, a Modelica based hierarchical “building-block” library structure will be developed. MISSION will be based on existing Modelica environments and available libraries and incorporate all relevant parts of the aircraft, including the means to model multi-domain interactions between components (e.g. thermal dissipation of electrical components).

Model Based Design of Algorithms and Controls

Figure 3. Multi-domain modeling and simulation platform SimulationX, and multi-level software-in-the-loop simulation environment DESYRE.

MISSION will deliver an integrated development framework, a set of functionalities and generic library models for controls and management, health monitoring and fault detection functions for aircraft systems and subsystems.

The MISSION framework will allow development of specifications and models for algorithms and controls across different abstraction layers throughout the aircraft design process. Specifications and standard library models will support the design of the following functions:

Controls and management functions: generic models to develop and test controls and management functions of systems such as the electrical system, air management system or flight control system for the aircraft-level and system-level platforms.

Fault detection functions: functionalities to detect faults in the aircraft systems. MISSION framework will enable the simulation of such scenarios and therefore it will enable the possibility of evaluating system resilience and fault tolerance, as well as system reconfiguration capabilities.

Health monitoring functions: these are a matter of development in the aerospace industry in order to improve maintenance processes, targeting to evolve from existing preventive maintenance approaches toward predictive maintenance.

The design supported by standard libraries will enable the system manufacturer to deliver functions according to the specifications and will ensure both horizontal consistency across modeling environments and vertical consistency across multiple layers of abstraction.

The design of control systems will benefit from a number of analysis tools supported by Matlab/Simulink and steady state control verification will be supported by off-the-shelf solutions in SimulationX environment.

The interactions of the algorithms for system management, health monitoring and fault detections with the system controls will be analyzed up to the level of the impact of the embedded HS/SW platform, with the goal of improving the overall robustness of the system during the design phase.

Additionally, the efficiency of the design-to-implementation flow will be increased by:

Automatic Code Generation (ACG): to guarantee the maximal exploitation of the potential benefits of the models, MISSION will enable ACG from the developed models through the deployment of the commercially available tools.

Automatic Test Generation (ATG): ATG techniques consist on the elaboration of models for the automatic synthesis of test vectors. In MISSION, last advances on ATG techniques will be used providing a framework for the automatic generation of test cases for the verification of design models and generated source code.

Certification & qualification of code. Regulatory organizations in avionics recently recognized model-based approaches as first class citizens for the development of avionics SW. The DO-178C and DO-331 annex provide direct guidance on the role and the usage of models and model-based technologies for certification of Airborne Software. MISSION model-based process & methods will be developed and designed to leverage the opportunities given by the recent standards such as ARP 4754A, DO-178C/DO-331 with the objective of reducing certification costs & time.

Virtual Testing

For virtual testing, the controller (ECU or just the control algorithm) is connected to a real-time or non-real-time simulation system simulating the plant (relevant parts of the vehicle) or even the whole vehicle. With the use of models for the verification of the system under test and maybe even models for the controller, the verification tasks can also profit from the already developed models or the generated code from the early development phases.

Another benefit of simulation based verification methods is the possibility of test automation. Automated tests increase test coverage and shorten testing times by running complete test suites and overnight tests. HIL systems for example testing 24 hours, 7 days per week independent from work periods or personal resources. Another measure taken by the OEMs is to transfer testing responsibility to the suppliers. Nowadays suppliers are more and more forced to perform early HIL tests far ahead of system integration. With the simulation based methods the share of components, models, scripts, test cases etc. is more efficient to manage and plan. This not only includes function tests during function design but also complete integration and acceptance tests. The need for suppliers and OEMs to exchange tests, test results, models, etc., is important in this context.

In addition to these measures it is important to optimize and streamline test processes in combination with appropriate non-real time test tools, HIL technology, and software tools required to manage and operate these, to manage all test artefacts and to enable simple traceability of test results to requirements by including test management and data management to get a centralized monitoring and planning of the overall process.

MISSION will put efforts on promoting the testing and conformance checks of the developed prototype towards certification. To achieve that purpose, it is important to define requirements using system agnostic specification languages that will enable a good predictability and reliability of the developed models throughout the system's design. Such a fact will provide the foundation of the virtual testing capabilities to be implemented within the MISSION platform providing evidence about whether requirements are respected at the end of each coding phase till the prototyping.

Part of the strategy of MISSION is to enable virtual testing relying on model qualification for certification. MISSION will engage with regulatory organizations such as EASA to investigate routes towards the certifiability of systems that have been partially virtually tested and show validation of critical regulatory properties of the developed models, in order to build a case for systems partial certification and discussions with regulatory organizations.

To this end, a hierarchical Modelica modeling library for virtual validation will be available following a similar approach as in previous Clean Sky activities. However, further developments will be required. To ensure that models can be used as substitutes of the physical world for testing purposes it is necessary to quantify the uncertainties and the validity domain of the models with respect to their physical, hardware or software counterpart. Moreover, interactions with regulatory organizations such as EASA will be conducted to identify and define, where appropriate, the regulatory requirements to enable model qualification for certification.

The following developments will be required:

Physical components: For virtual testing, the models of the physical components will be required to include the definition of its validity domain, e.g. in terms of ranges of variables and parameters, and the quantification of the model uncertainties with respect to the physical world, e.g. in terms of variability distribution of the model parameters. Validity domain and uncertainties will be required to be validated against physical data.

Software middleware: For virtual testing purposes, the models of software middleware will be required to include the quantification of the uncertainties with respect to the counterpart software middleware. The required uncertainties will be identified by the project and may include variability distribution of scheduling latencies and jitter, average and worst execution time, memory limitations, etc. A strategy for the validation of the software middleware models and their uncertainty quantification with respect to their actual implementation will be developed and specifications will be provided.

Communication network: As for the software middleware, the models of the communication network will be required to include the quantification with respect to the counterpart physical communication network. The required uncertainties will be identified by the project and may include variability distribution of message latencies, message loss probabilities, etc. A strategy for the validation of the communication network models and their uncertainty quantification with respect to their physical counterpart will be developed and specifications will be provided.

Interactions between software, communication and physical components: The interactions between the software middleware, communication network and physical components represent another important factor that has significant impact in the system correct operations. For virtual testing purposes, it is therefore necessary to model such interactions and quantify uncertainties with respect to their physical counterpart.

Other areas that will require developments are the following:

MISSION will enable the use of FMI in the virtual testing platform. However, despite the benefits of a standard like FMI there may be also a need to run models on different operating systems running at the same time on an integration and test platform. To address this, MISSION make use of such a multi OS capability when if required.

Another requirement is to emulate very early in the development phase control units including parts of the basic software component of a control unit. The aim of MISSION is to develop this capability for the virtual testing platform. As part of this effort, MISSION will define requirements for such models in order to prepare their use as models on real-time test platforms. Another aim is to enable the reuse of tools required for testing (e.g. test automation tools) seamlessly from running tests with emulated control units up to integration tests on HIL systems.

Another key task of MISSION is the optimization of testing processes in the overall verification process of OEMs and Suppliers in the aerospace domain by providing a framework which is suitable and qualified for these workflows and processes. By identifying the actual processes which are currently used in this domain like cooperation of suppliers and OEMs, the use of tool chains, models, interfaces and of course testing systems including the demanded work packages and stakeholders the MISSION framework will be optimized for this tasks, e.g. providing open interfaces and automatic test system configurations to increasing the share of automation and with that make the processes more efficient.

This article was adapted from SAE Technical Paper 2016-01-2052. To obtain the full technical paper and access more than 200,000 resources for the aerospace, automotive, and commercial vehicle industries, visit the SAE MOBILUS site at: here .


Aerospace & Defense Technology Magazine

This article first appeared in the June, 2017 issue of Aerospace & Defense Technology Magazine.

Read more articles from this issue here.

Read more articles from the archives here.