|Sommario:||Recent studies focused on the achievement of autonomy of exploration spacecrafts, such as Mars rovers. The traditional approach for on-board FDIR (Fault Detection, Identiﬁcation and Recovery) is based on the run-time observation of the system operational status in order to detect faults, while the initiation of the corresponding recovery actions uses static pre-compiled look-up tables. This approach is a purely reactive approach, lacking of preventive recovery capabilities, and puts the spacecraft into a known safe conﬁguration and transfers control to the ground operations. In the VeriFIM study, we developed ARPHA, an on-board FDIR reasoning engine based on probabilistic graphical models.
The approach followed in ARPHA provides a uniﬁed modeling and operational framework that integrates a high level modeling formalism (Dynamic Fault Tree (DFT)), a low level modeling formalism (Dynamic
BayesianNetwork (DBN)) and an inference oriented formalism (Junction Tree (JT)). The off-board process of ARPHA consists of the construction of the DFT by reliability engineers, the automatic transformation into DBN, the manual enrichment of the DBN to model the features that DFT can not represent, and then the JT automatic generation. The JT is the actual on-board model undergoing analysis conditioned by sensor data and plan data. The goal is the on-board evaluation of the system
current state (diagnosis) and future state (prognosis), in order to detect (in a probabilistic way) current or imminent anomalies or failures, and choosing the most suitable recovery policies taking into account their effect on the system in the near future. All of this is performed in automatic way, without the assistance of the ground control. In this paper, we present the application of this approach to a case study concerning the power supply subsystem of a Mars rover.|