Failsafe Flight Safety Device - available Q3 2017
Millswood Engineering Failsafe FSD
The Millswood Engineering Failsafe FSD makes unmanned aircraft systems simpler and safer.
Once installed into an unmanned aircraft, the Failsafe FSD monitors a diverse range of on-board systems and provides a simple go/no-go visual indication of the health of these various systems. In the event of a fault in any of the monitored systems, the Failsafe FSD can take actions ranging from simply logging the event, through to redirecting the autopilot, all the way up to flight termination.
The Failsafe FSD includes a flight data recorder (FDR) which regularly logs the status of all monitored systems, as well as any actions taken by the Failsafe FSD.
Benefits of fitting a Failsafe FSD to your aircraft
- Fault detection and management - minimising the possibility of loss, damage or injury whilst maximising the probability of mission completion.
- Simple visual go/no-go status indicators for faster and more accurate pre-flight checks and system verification.
- Black box flight data recorder for post-incident analysis.
The on-board systems that the Failsafe FSD can monitor include:
- Analog voltage (typically battery voltage)
- Engine RPM
- Airspace volume (2 independent polygonal geofences with up to 50 vertices each)
- Autopilot (via a hardware heartbeat signal)
- GNSS receiver / FLARM device (for 3D position fix)
- Uplink integrity
- CANbus integrity
- Servo signal integrity (up to 8 channels)
- RC Control Channel (includes 8-channel multiplexer for switching between pilot and autopilot control)
Actions that the Failsafe FSD can perform autonomously include:
- Sending user-defined commands to the autopilot
- Deploying a parachute
- Moving an auxiliary servo
- Cutting the engine's ignition
- Terminating flight
The Failsafe FSD can perform single actions, combinations of actions, it can perform immediate as well as delayed actions, it can reverse previous actions if fault resolution occurs, and it can also perform actions when arbitrary combinations of faults occur. All of these actions are user-configurable.
The Failsafe FSD is 4.275 x 2.200 x 0.430" (108.6 x 55.9 x 10.9mm) and weighs 3.5oz (100g).
Contact us for further technical information or to register your interest. The Failsafe FSD will be available in the 3rd quarter of 2017.
Configuration utility - fault management page
A configuration utility is provided to allow all of the Failsafe's parameters to be read and written. Downloading and exploring the configuration utility is the best way of gaining an insight into what the Failsafe can do, and how it can interact with your aircraft. The configuration utility is a Windows app that requires no particular setup or installation procedure - just copy the executable to a directory and run it.
The screenshot on the right shows the "Fault Management" page. This is probably the most important page in the configuration utility; it is where all the fault management is set up. The other tabbed pages configure more mundane aspects of the Failsafe's behaviour.
The systems that can be monitored are listed on the left, and if enabled, the normal operating limits are defined by clicking the "Fault detection..." button. The responses to be performed when a fault is detected are defined by clicking the "Response..." button.
Apart from reading and writing to the Failsafe FSD, it also allows a full set of parameters to be saved and retrieved from disk. The on-disk file format is plain XML, allowing inspection and verification of the data using any browser or text editor.
Download the Failsafe FSD configuration utility and explore the capabilities of the Failsafe FSD.
Configuration utility - geofence designer window
The configuration utility includes a geofence designer, which greatly simplifies the creation of complex polygonal geofences. Geofences are created and edited by simply clicking and dragging points on a map.
The map on the right shows 2 geofences: Geofence 1 (in blue), and geofence 2 (in green). There are two exclusion zones within the geofences. The user is currently editing geofence 2, and has right-clicked to show the geofence coordinates and other vital statistics.
Geofence 2 was created by copying geofence 1 and then shrinking it. These sorts of operations are built-in to the geofence editor, and are accessed by right-clicking to open the context-sensitive menu.
In this particular scenario, geofence 2 is being used as an inner boundary, and will be configured to trigger the Failsafe to issue a command to the autopilot, in an effort to prevent the aircraft from reaching geofence 1.
Geofence 1 is an outer boundary, and will be used to trigger flight termination.
As well as displaying geofences, the map on the right is also showing some airspace overlay data. Ground overlay data is also available and will appear when the map is sufficiently zoomed in. Overlay data is only available when a Failsafe FSD is physically connected to the PC running the configuration utility app.
Millswood Engineering has a long-standing interest in UAV safety. The Failsafe FSD is the latest iteration of our flagship safety product.
Failsafe Device (2009)
Failsafe v2 (2013)
Failsafe FTD (2015)
Failsafe FSD (2017)