Robust error handling is vital to achieve sustainability and survivability of the vehicle. A conservative approach is to make the vehicle perform an emergency ascent when encountering any severe error or abnormal situation. This will ensure that the vehicle can be recovered, even though the result is mission failure.
For under-ice or covert missions, an emergency ascent procedure will not be possible. Ensuring survival of the vehicle in emergency situations thus becomes significantly harder. In covert or clandestine operations, preventing discovery may be much more important than recovering the vehicle. In many scenarios, one option may be to perform an emergency descent, allowing the vehicle to rest at the sea floor until a recovery operation may be possible.
Clearly, a more intelligent error handling will be needed for long endurance and complex missions. This will increase survival capabilities in dangerous situations as described above, and also enable the vehicle to complete the mission to the best degree possible. A challenge with error handling algorithms is that the error may be in the algorithm itself. This makes redundancy important, and necessitates a bottom-line error handling procedure with emergency ascent/descent.
Intelligent error handling requires the vehicle to perceive both its external environment and internal status. By measuring sensor performance it is possible to alter the mission plan to optimize performance, as described under path planning. The vehicle should also be able to estimate the remaining time of operation before it runs out of energy, ensuring that it always has enough energy for the return journey.
The error handling can be divided in three layers. The topmost layer is concerned with achieving the mission goals as best it can under the circumstances. This layer will be mission-dependent, and a different software module may be needed for each kind of mission. The middle layer is mission-independent and is concerned with getting the vehicle to the specified rendezvous position. The mission will not be a success, but the vehicle will at least be recovered at a safe location. The bottom layer is the last line of defence, and will attempt to ensure survivability of the vehicle. It is this layer that will perform emergency ascent/descent. The importance of the bottom layer makes it advantageous if this is implemented both in software and in hardware (e.g., if the power system suddenly fails, the hardware solution will ensure that an ascent procedure is initiated).
Was this article helpful?