Skip to main content

State Transitions

The state transition subprotocols allows the GCS to receive (or initiate) state transitions to the orthogonal states of the UAV.

Activity State Transition/Failed

The activity state transition and activity state failed transition subprotocols allow the UAV to report activity state changes (initiated by the Pilot using the Remote Controller) to the GCS while a connection exists.

Messages

  1. ACTIVITY_STATE_TRANSITION
  2. ACTIVITY_STATE_TRANSITION_ACK
  3. ACTIVITY_STATE_TRANSITION_FAIL
  4. ACTIVITY_STATE_TRANSITION_FAIL_ACK

Sequence

sequenceDiagram
    participant GCS
    participant UAV

    loop n
        UAV->>GCS: ACTIVITY_STATE_TRANSITION<br /> / ACTIVITY_STATE_TRANSITION_FAIL
        UAV->>UAV: Start timeout
        alt success
            GCS-->>UAV: ACTIVITY_STATE_TRANSITION_ACK<br /> / ACTIVITY_STATE_TRANSITION_FAIL_ACK
        else failure
            UAV-->>UAV: Timeout expires
        end
    end
  1. When the UAV's activity state transitions, the UAV sends a ACTIVITY_STATE_TRANSITION message to the GCS with information about the transition. In case an activity state transition was requested but failed, the UAV sends a ACTIVITY_STATE_TRANSITION_FAIL message to the GCS.
  2. The UAV starts a timeout of a fixed duration.
  3. If the GCS responds with an ACTIVITY_STATE_TRANSITION_ACK or ACTIVITY_STATE_TRANSITION_FAIL_ACK message before the timeout expires, the operation is successful.
  4. If the timeout expires, the UAV retries the operation upto n times before the operation is considered a failure. If before retrying, the activity state transitions again then the operation is cancelled. In case of a faillure/cancellation, the error is logged and the UAV continues operations with the new activity state.

Notes

  • If an activity state transition occurs/fails (initiated by the Pilot using the RC) and is not received by the GCS even after multiple attempts, the Pilot implicitly becomes aware of the issue and can land the UAV. A failure does not cause an immediate catastrophe.
  • If the GCS's acknowledgment is not received by the UAV, it logs the error and continues operations. The operation requested by the Pilot still occurs (or gracefully fails) and is reported by the GCS. The error is not irrecoverable or catastrophic and the logs can be checked later to find the error.

Flight Control Mode Transition/Failed

The flight control mode transition and flight control mode failed transition subprotocols allow the GCS to update the UAV's flight control mode and receive whether the transition was a success or not. It also allows automatic changes to the flight control mode (initiated by failsafe) to be sent to the GCS while a connection exists.

Messages

  1. FC_MODE_TRANSITION_REQUEST
  2. FC_MODE_TRANSITION
  3. FC_MODE_TRANSITION_ACK
  4. FC_MODE_TRANSITION_FAIL
  5. FC_MODE_TRANSITION_FAIL_ACK

Sequence

sequenceDiagram
    participant GCS
    participant UAV

    loop n
        GCS->>UAV: FC_MODE_TRANSITION_REQUEST
        GCS->>GCS: Start timeout
        alt success
            loop n
                UAV-->>GCS: FC_MODE_TRANSITION
                UAV->>UAV: Start timeout
                alt success
                    GCS-->>UAV: FC_MODE_TRANSITION_ACK
                else failure
                    UAV->>UAV: Timeout expires
                end
            end
        else cancelled
            loop n
                UAV-->>GCS: FC_MODE_TRANSITION_FAIL
                UAV->>UAV: Start timeout
                alt success
                    GCS-->>UAV: FC_MODE_TRANSITION_FAIL_ACK
                else failure
                    UAV->>UAV: Timeout expires
                end
            end
        else failure
            GCS->>GCS: Timeout expires
        end
    end
  1. When the GCS wants to update the state of the UAV, it sends an FC_MODE_TRANSITION_REQUEST message to the UAV with information about the transition.
  2. The GCS starts a timeout of a fixed duration.
  3. If the UAV responds with an FC_MODE_TRANSITION_FAIL before the timeout expires, the operation is considered cancelled, and the GCS responds with an FC_MODE_TRANSITION_FAIL_ACK message.
  4. If the UAV responds with an FC_MODE_TRANSITION before the timeout expires, the operation is considered successful, and the GCS responds with an FC_MODE_TRANSITION_ACK message.
  5. After sending an FC_MODE_TRANSITION or FC_MODE_TRANSITION_FAIL message, the UAV starts a timeout of a fixed duration.
  6. If the GCS responds with an FC_MODE_TRANSITION_ACK or FC_MODE_TRANSITION_FAIL_ACK message before the timeout expires, the operation is considered successful.
  7. If the timeout expires before the GCS can send a response, the operation is considered a failure, the error is logged and the UAV continues operations with the new flight control mode.

Notes

  • Since flight control mode transitions can be initiated by the operator using the GCS or by error situations, the FC_MODE_TRANSITION message can be sent on its own by the UAV or as a response to the FC_MODE_TRANSITION_REQUEST message from the GCS.
  • If a request was sent by the GCS and the timeout expires before the UAV's response could be received, the request is sent once more and the UAV reports that the transition has failed the second time through an FC_MODE_TRANSITION_FAIL message. This will still contain the reason and allow the GCS to update the displayed flight control mode.
  • If the GCS does not receieve the FC_MODE_TRANSITION / FC_MODE_TRANSITION_FAIL message, it continues to display the old flight control mode while the UAV starts using the new mode. This can potentially cause accidents as the UAV can switch to an autonomous flight mode while the operator still thinks it is in manual mode.

Error State/Flags Update

The error state/flags update subprotocol allows the UAV to inform the GCS of error state transitions and flag changes, including if a failsafe was activated.

Messages

  1. ERROR_STATE_TRANSITION
  2. ERROR_STATE_TRANSITION_ACK
  3. ERROR_FLAGS_CHANGE
  4. ERROR_FLAGS_CHANGE_ACK

Sequence

sequenceDiagram
    participant GCS
    participant UAV

    loop n
        UAV->>GCS: ERROR_STATE_TRANSITION<br />/ERROR_FLAGS_CHANGE
        UAV->>UAV: Start timeout
        alt success
            GCS-->>UAV: ERROR_STATE_TRANSITION_ACK<br />ERROR_FLAGS_CHANGE_ACK
        else failure
            UAV->>UAV: Timeout expires
        end
    end
  1. When the UAV's error state transitions or error flags change, an ERROR_STATE_TRANSITION or ERROR_FLAGS_CHANGE message to the GCS.
  2. The UAV starts a timeout of a fixed duration.
  3. If the GCS responds with an ERROR_STATE_TRANSITION_ACK or ERROR_FLAGS_CHANGE_ACK before the timeout expires, the operation is considered successful.
  4. If the timeout expires, the UAV retries the operation upto n times before the operation is considered a failure, the error is logged and the UAV continues operations with the new error state/error flags.

Notes

  • If the GCS's acknowledgment is not received by the UAV, it logs the error and continues operations. The new error state/flags are still displayed by the GCS and followed by the UAV. The UAV logs can be checked later to discover the error, and it is not catastrophic.
  • If the error state transition caused a failsafe to be activated (such as updating the flight control mode), it is indicated in the ERROR_STATE_TRANSITION message as well as the message corresponding to the side-effect. This allows the GCS to easily manage and display the events.