It’s true that attitude is no longer measured by sensors but is instead a
computed state. If the attitude error comes from a computational error,
recomputing attitude from a known prior position plus subsequent historical
data is possible. If the error comes from corrupted data, attitude is as you
said unrecoverable.
At amateur rocket altitudes, cameras have sufficient resolution and speed to
provide verification and partial reconstruction of attitude (at the cost of an
enormous amount of computing power).
That’s mostly on the “can we recover from a reboot” angle. You do bring up the
“should we recover from a reboot” question, and I tend to agree with you that
building this capability is unnecessary.
Every flight control or flight software system I have used has the exact same
response to a computer failure - switch to the backup, isolate the failed
computer / system, and secure it. Attempting to resurrect a corrupted system
in flight is generally not attempted.
On Jan 12, 2016, at 12:05 PM, Ben Brockert <wikkit@xxxxxxxxx> wrote:
Back in the day, attitude was a physical state of an actual mechanical
gyroscope that could be measured at any point. In a modern
MEMS/FOG/RLG strapdown system, attitude is just a filtered integration
of data against a starting state. If something goes wrong that
corrupts that attitude information, or a reboot wipes that data, it's
not possible to continue.
You could add a bunch of new and mostly useless sensors that can
derive attitude from scratch, or you can proceed with the reasonable
plan that the flight computer can run for a few minutes without
rebooting, like every modern computer in the world.
Or you can go with Henry's flight controller LARPing.
