Cargo Load Control
The cargo load system on board the A400M freight plane is used for air dropping paratroops and equipment via parachute or gravity extraction. The mission-critical control computer of the system, called loadmaster workstation, is built with double Eurocard boards. It is designed, tested, verified and produced in accordance with DO-254 level B and DO-178 level B, based on the EN 9100 quality management system and the additional GRESS requirements from Airbus.
The CPU boards inside the system are designed as 2oo3 architecture for high operational safety. On-board triple redundancy includes the three PowerPC 750 processors, the dynamic working memory and the internal structure of the SEU-tolerant FPGA. Dual redundancy applies for the local PSUs and the Flash memory, whereas all memory types are ECC protected.
All critical I/O functions - including the voter for the 2oo3 architecture - are implemented in the FPGA. In addition, two PMC slots can accommodate further I/O functions.
To guarantee the level of safe operation as requested for this application, the electronics also feature extensive BITE (built-in test equipment) features, are designed to facilitate worst case execution time analysis, work without interrupts and DMA for strict deterministic behavior, and support a very fast boot time of less than 1 sec.
Each loadmaster workstation features two identical channels, is controlled by two of these triple-redundant 6U boards, completed by an AFDX (ARINC-664) and a graphics interface per CPU-board, and supported by a safe operating system. The system is specified for -15 to +40°C (up to 70°C for 15 minutes) operation temperature.
The loadmaster workstation is connected to a number of loadmaster control panels with their own electronics which are distributed across the aircraft.
Standard Components Used in this Example
The D602 is a fail-operational, fault-tolerant vital embedded computer, certifiable up to SIL 4 and DAL-A, with onboard triple redundancy for functional safety and availability. It targets safety-critical applications in embedded aircraft computer systems, railway and wayside computers and industrial automation.