Hardware-software co-design from day one
PCB layout, component selection, and firmware architecture were developed in parallel — not sequentially. Power delivery constraints shaped interrupt latency targets; sensor placement informed fusion algorithm design. The result is a system where hardware and software are optimized for each other, not adapted around each other.
Purpose-built RTOS control loop
No autopilot framework was adapted or retrofitted. Wezom implemented a deterministic FreeRTOS-based flight stack from scratch — giving full control over task scheduling, sensor fusion timing, and actuator output latency. Every microsecond of the control loop is accounted for.
Exhaustive fault coverage
Before any airframe testing, 35 defined fault scenarios — GPS loss, IMU dropout, link failure, battery undervoltage, motor failure — were each assigned a specific failsafe behavior and validated in Hardware-in-the-Loop simulation. Nothing reached the flight line without a documented, tested response.
Field-grade GCS
The Ground Control Station was designed for actual field conditions: direct sunlight readability, gloved-hand input, low-latency telemetry overlay, and one-handed manual override. Not a lab demo — a deployable operator tool.
Flight Controller (Onboard PCB)
- MCU: STM32H7 series (ARM Cortex-M7, 480MHz)
- RTOS: FreeRTOS with deterministic <1ms control loop execution
- IMU: redundant 6-DOF MEMS with Madgwick sensor fusion
- Actuator outputs: PWM / DSHOT for ESCs, servo PWM, CAN-based ESC support
- Peripheral interfaces: UART x6, SPI x3, I2C x2, CAN FD for payload integration
Communication Link
- Primary: 900MHz FHSS radio, AES-256 encrypted, 2+ mile range
- Telemetry: MAVLink v2 over encrypted proprietary radio link
- Redundancy: 4G LTE fallback with automatic switchover on link degradation
Ground Control Station
- Platform: Cross-platform desktop (Qt 6 / C++), Windows and Linux
- Mission planning: waypoint editor, geofence definition, automated survey patterns
- Live telemetry: attitude, position, battery, link quality, payload status
- Post-flight: ULog / CSV export for flight data analysis and incident review
Integration & Infrastructure
- OTA firmware update over encrypted link with rollback capability
- Payload bus: generic CAN / UART for camera, LiDAR, multispectral sensor integration
- Optional: cloud telemetry relay for remote monitoring and fleet management
Operational Readiness
The integrated platform replaced a stack of third-party components that had never been validated together. First field deployment proceeded without integration issues — a direct result of co-designed hardware and firmware.
Safety Validation
All 35 fault scenarios demonstrated consistent, predictable behavior in HIL simulation and subsequent flight testing. The documented test record satisfied the operator's internal safety review process without additional testing cycles.
Adaptability
The modular firmware architecture has already accommodated two new payload types and one additional flight mode since initial delivery — without changes to the core control loop. The GCS plugin system allows mission-specific UI extensions to be deployed independently.
