ESA GNC Conference Papers Repository

Fault tolerant control for a cluster of engines in launchers has re-gained attention in recent times thanks to the development of capabilities of new reusable launchers such as SpaceX Falcon 9 and Starship. Most mission failures in the last quarter of the century were caused by propulsion or TVC failures. The former involve an off-nominal thrust delivery by the propulsion system that causes insufficient launch delta-V, leading to a failure to reach orbit or an off-nominal orbital injection performance. Moreover, in the case of a thrust-vectored control (TVC), a reduction in thrust also leads to a reduction in control authority. However, the redundancy provided by the cluster of engines can be intelligently exploited to mitigate failures that affect propulsion or thrust vectoring. The project entitled “Fault-Tolerant Control of Clusters of Rocket Engines (FTC-CRE)” is an activity supported by the European Space Agency aimed at the demonstration of guidance and control (G&C) laws for launch vehicles with cluster of engines, with focusing on reconfiguration capabilities in case of propulsion and TVC failures. The main outcome of the activity is the definition of the most suitable set of requirements and methodologies for a G&C architecture with embedded fault tolerant capabilities, and the increase of the readiness level for recovery strategies which ensure stability and performance in the presence of failures in the engines. Here we provide an overview of the activity, aims and objectives, followed by the description of a test case of a launcher with a cluster of 5 thrusters during ascent, subjected to engine and TVC failures. A launcher simulator modelling the nonlinear dynamics, environment, the failures, including a detailed model of the TVC electro-mechanical actuator has been developed. On this basis, a recovery decision logic is proposed relying on fault tolerant control and trajectory reconfiguration, and the recovery actions are analyzed with the simulator. The work considers realistic, total and partial, failures in one of the cluster’s engines as well as thrust vectoring failures. Since the goal of the present activity is to develop fault-tolerant G&C algorithms, the considered failures are those that decrease the performance of the launcher but that are not considered catastrophic. The modelled failures simulated and analyzed are 1 - Partial and total loss of thrust in one engine 2 - For the cases where the loss of thrust is in a fixed central engine or a gimballed outer engine in the cluster: 2a - A thrust vector actuator fixed at non-zero deflection (loss of communication, avionic failure or any jamming-like behavior) 2b - Loss of power of the thrust vector actuator in an outer engine The loss of thrust is modelled by introducing failures in oxidizer and fuel injection valves, while actuator failures are simulated in a detailed multi-physics Simscape-based model of the TVC actuators. The investigated recovery strategies rely on control reconfiguration and trajectory re-planning based on the detected failure. At the control level, the considered reconfiguration actions are two-fold: 1 - Use an allocation algorithm to optimize thrust levels and deflections within the cluster to compensate for the loss of thrust and any induced parasitic torque 2 - Switch to a controller with less performance but robust to the failure up to a certain tolerance level These actions might not suffice to recover the requirements and it might be necessary to mitigate the failure at guidance level by performing a trajectory re-planning accounting for the available capability of the vehicle. The guidance trajectory generation problem encompasses nonlinear dynamics and several nonconvex state and control constraints. One approach that has been explored in recent literature for handling both nominal and reconfiguration launcher guidance is successive convexification. This approach can address the nonconvex and nonlinear nature of the problem while making it amenable for closed-loop online implementation. However, the challenge of finding an optimal solution under the assumption of clustered actuation with throttleable and gimbaled thrusters and with adaptability in response to actuation faults is yet to be tackled in the literature. In this work, successive convexification is employed to find a solution to the launcher guidance problem. The guidance considers a 6-degrees-of-freedom model, incorporating unstable dynamics and a complex actuation model for the cluster of rocket engines with throttleable thrust and TVC actuators. Additionally, the guidance problem formulation includes a novel approach for robustness against the considered engine fault scenarios and for reconfiguration of the nominal trajectory. The failure scenarios are triggered to evaluate the effectiveness of the different recovery fault-tolerant G&C strategies, in isolation or combined, with respect to the nominal operation. The analysis of the results provides the level of system degradation up to which control reconfiguration can be applied, and from which a trajectory re-planning/re-targeting needs to be performed. The provided testcase is used to show how much the fault tolerant control approaches can successfully recover and mitigate for failures in the thrust vector actuators and a partial loss of thrust. It is also demonstrated the use of closed-loop trajectory reconfiguration to exploit the redundancy in the cluster of engines, and the suitability of successive convexification for the optimal guidance problem.