Skip to Main Content
The Space Shuttle Flight Control System is required to be two-fault tolerant; i.e., the system must be capable of returning to a landing site even though two system failures occur. This is referred to as fail-operational/fail-safe performance. To achieve this fault tolerance, the avionics equipment is made redundant. A redundancy management (RM) system is required to detect failures and reconfigure the avionics accordingly. This paper describes the Flight Control System (FCS) rate gyro and accelerometer redundancy management design, analysis tools and analysis results.