Map Fault Conditions to Actions by Using Truth Tables
You can use truth tables to map fault conditions of a system directly to their
consequent actions. For example, the model sf_aircraft
maps the fault conditions and actions using a truth table. For details on this model,
see Detect Faults in Aircraft Elevator Control System.
Truth tables are only supported in Simulink®. For more information, see Use Truth Tables to Model Combinatorial Logic.
Detect Faults in a System
Type sf_aircraft at the command line to open the example. In
the Mode Logic chart, there are two truth tables, R_switch and L-switch, that
describe the fault detection system for the aircraft elevator control system.
The fault detection system for the aircraft elevator control system has these requirements.
| Condition | Action |
|---|---|
Hydraulic pressure 1 failure | While there are no other failures, turn off the left outer actuator. |
Hydraulic pressure 2 failure | While there are no other failures, turn off the left inner actuator and the right inner actuator. |
Hydraulic pressure 3 failure | While there are no other failures, turn off the right outer actuator. |
Actuator position failure | While there are no other failures, isolate that specific actuator. |
Hydraulic pressure 1 and left outer actuator failures | While there are no other failures, turn off the left outer actuator |
Hydraulic pressure 2 and left inner actuator failures | While there are no other failures, turn off the left inner actuator. |
Hydraulic pressure 3 and right outer actuator failures | While there are no other failures, turn off the right outer actuator |
Multiple failures on left hydraulics and actuators | Isolate the left outer actuator and the left inner actuator. |
Multiple failures on right hydraulics and actuators | Isolate the right outer actuator and the right inner actuator. |
Intermittent actuator failures | If an actuator has been switched on and off five times during operation, isolate that specific actuator. |
The logic to satisfy these requirements is constructed using two truth tables in
the chart Mode Logic; one for the right elevator
(R_switch), and one for the left elevator
(L_switch). This truth table is for the left elevator.
The first requirement indicates that if a failure is only detected in the
hydraulic pressure 1 system, turn off the left outer actuator. This requirement is
represented in the decision D1 in the truth table. If there is
low pressure in the hydraulic system 1, then D1 specifies that
action 2 is performed. Action 2 sends an event
go_off to the left actuator, Actuators.LO.
Similarly, the other requirements are mapped to the appropriate actions in the
truth table. For example, if the left outer actuator fails, D3
causes action 3. Action 3 sends the event
go_isolated to Actuators.LO to isolate the
left actuator.
The truth tables are called at entry(en) and
during(du) actions for the chart so that fault checks execute
at each time step.