Future missions of deep-space exploration will require an on-board computational capability that can support autonomy and enhanced science processing. The integration of emerging commodity multi-core technology into space-borne systems can provide the required performance; however, protecting such systems against faults has become a critical research issue. In this paper we present an approach to fault tolerance based on a newly developed introspection framework that supports runtime monitoring of program execution and feedback-oriented recovery. We discuss the relationship of this approach to traditional Verification and Validation (V&V) and propose methods for the automatic generation of assertions from static and dynamic analysis.
{"title":"Introspection-Based Verification and Validation","authors":"H. Zima, M. James","doi":"10.1109/SMC-IT.2009.23","DOIUrl":"https://doi.org/10.1109/SMC-IT.2009.23","url":null,"abstract":"Future missions of deep-space exploration will require an on-board computational capability that can support autonomy and enhanced science processing. The integration of emerging commodity multi-core technology into space-borne systems can provide the required performance; however, protecting such systems against faults has become a critical research issue. In this paper we present an approach to fault tolerance based on a newly developed introspection framework that supports runtime monitoring of program execution and feedback-oriented recovery. We discuss the relationship of this approach to traditional Verification and Validation (V&V) and propose methods for the automatic generation of assertions from static and dynamic analysis.","PeriodicalId":422009,"journal":{"name":"2009 Third IEEE International Conference on Space Mission Challenges for Information Technology","volume":"15 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-07-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128266564","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The FAILSAFE project is developing concepts and prototype implementations for software health management in mission-critical real-time embedded systems. The project unites features of the industry standard ARINC 653 Avionics Application Software Standard Interface and JPL's Mission Data System (MDS) technology. The ARINC 653 standard establishes requirements for the services provided by partitioned real-time operating systems. The MDS technology provides a state analysis method, canonical architecture, and software framework that facilitates the design and implementation of software-intensive complex systems. We use the MDS technology to provide the health management function for an ARINC 653 application implementation. In particular, we focus on showing how this combination enables reasoning about and recovering from application software problems. Our prototype application software mimics the Space Shuttle orbiter's abort control sequencer software task, which provides safety-related functions to manage vehicle performance during launch aborts. We turned this task into a goal-based function that, when working in concert with the software health manager, aims to work around software and hardware problems in order to maximize abort performance results. In order to make it a compelling demonstration for current aerospace initiatives, we additionally imposed on our prototype a number of requirements derived from NASA's Constellation Program. Lastly, the ARINC 653 standard imposes a number of requirements on the system integrator for developing the requisite error handler process. Under ARINC 653, the health monitoring (HM) service is invoked by an application calling the application error service or by the operating system or hardware detecting a fault. It is these HM and error process details that we implement with the MDS technology, showing how a state-analytic approach is appropriate for identifying fault determination details, and showing how the framework supports acting upon state estimation and control features in order to achieve safety-related goals. We describe herein the requirements, design, and implementation of our software health manager and the software under control. We provide details of the analysis and design for the Phase II prototype, and describe future directions for the remainder of Phase II and the new topics we plan to address in Phase III.
{"title":"Prototype Implementation of a Goal-Based Software Health Management Service","authors":"M. Barry, G. Horvath","doi":"10.1109/SMC-IT.2009.21","DOIUrl":"https://doi.org/10.1109/SMC-IT.2009.21","url":null,"abstract":"The FAILSAFE project is developing concepts and prototype implementations for software health management in mission-critical real-time embedded systems. The project unites features of the industry standard ARINC 653 Avionics Application Software Standard Interface and JPL's Mission Data System (MDS) technology. The ARINC 653 standard establishes requirements for the services provided by partitioned real-time operating systems. The MDS technology provides a state analysis method, canonical architecture, and software framework that facilitates the design and implementation of software-intensive complex systems. We use the MDS technology to provide the health management function for an ARINC 653 application implementation. In particular, we focus on showing how this combination enables reasoning about and recovering from application software problems. Our prototype application software mimics the Space Shuttle orbiter's abort control sequencer software task, which provides safety-related functions to manage vehicle performance during launch aborts. We turned this task into a goal-based function that, when working in concert with the software health manager, aims to work around software and hardware problems in order to maximize abort performance results. In order to make it a compelling demonstration for current aerospace initiatives, we additionally imposed on our prototype a number of requirements derived from NASA's Constellation Program. Lastly, the ARINC 653 standard imposes a number of requirements on the system integrator for developing the requisite error handler process. Under ARINC 653, the health monitoring (HM) service is invoked by an application calling the application error service or by the operating system or hardware detecting a fault. It is these HM and error process details that we implement with the MDS technology, showing how a state-analytic approach is appropriate for identifying fault determination details, and showing how the framework supports acting upon state estimation and control features in order to achieve safety-related goals. We describe herein the requirements, design, and implementation of our software health manager and the software under control. We provide details of the analysis and design for the Phase II prototype, and describe future directions for the remainder of Phase II and the new topics we plan to address in Phase III.","PeriodicalId":422009,"journal":{"name":"2009 Third IEEE International Conference on Space Mission Challenges for Information Technology","volume":"17 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-07-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128832739","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
D. Boroson, J. Scozzafava, D. V. Murphy, Bryan S. Robinson, M. Lincoln
NASA is presently overseeing a project tocreate the world’s first free-space lasercommunications system that can be operated overa range ten times larger than the near-earth rangesthat have been demonstrated to date. To be flownon the Lunar Atmosphere and Dust EnvironmentExplorer (LADEE), which is planned for launch byNASA in 2012, it will demonstrate high-rate lasercommunications from Lunar orbit to atransportable ground terminal on the Earth. Tosupport up to 622 Mbps over the approximately400 thousand kilometer link, the system will makeuse of a high peak-power doped-fiber transmitter,a hybrid pointing and tracking system, highefficiency modulation and coding techniques,superconducting photon-counting detectors, and ascalable optical collector architecture. It also willsupport up to 20 Mbps on the optical uplink, plus ahighly accurate continuous two-way time-of-flightmeasurement capability with the potential toperform ranging with sub-centimeter accuracy tothe moving spacecraft. The project is beingundertaken by MIT Lincoln Laboratory (MIT/LL)and the NASA Goddard Space Flight Center(GSFC.)
{"title":"The Lunar Laser Communications Demonstration (LLCD)","authors":"D. Boroson, J. Scozzafava, D. V. Murphy, Bryan S. Robinson, M. Lincoln","doi":"10.1109/SMC-IT.2009.57","DOIUrl":"https://doi.org/10.1109/SMC-IT.2009.57","url":null,"abstract":"NASA is presently overseeing a project tocreate the world’s first free-space lasercommunications system that can be operated overa range ten times larger than the near-earth rangesthat have been demonstrated to date. To be flownon the Lunar Atmosphere and Dust EnvironmentExplorer (LADEE), which is planned for launch byNASA in 2012, it will demonstrate high-rate lasercommunications from Lunar orbit to atransportable ground terminal on the Earth. Tosupport up to 622 Mbps over the approximately400 thousand kilometer link, the system will makeuse of a high peak-power doped-fiber transmitter,a hybrid pointing and tracking system, highefficiency modulation and coding techniques,superconducting photon-counting detectors, and ascalable optical collector architecture. It also willsupport up to 20 Mbps on the optical uplink, plus ahighly accurate continuous two-way time-of-flightmeasurement capability with the potential toperform ranging with sub-centimeter accuracy tothe moving spacecraft. The project is beingundertaken by MIT Lincoln Laboratory (MIT/LL)and the NASA Goddard Space Flight Center(GSFC.)","PeriodicalId":422009,"journal":{"name":"2009 Third IEEE International Conference on Space Mission Challenges for Information Technology","volume":"5 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-07-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116823138","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Anomaly data can be used to estimate baseline values for operational mission software anomaly frequencies; these estimates can be used for future missions to determine whether software reliability is improving. The accuracy of anomaly frequency estimates can be affected by characteristics of the anomaly data and the problem reporting system maintaining that data. We have been using text mining and machine learning techniques to address one of these issues, in which the number of software-related anomalies is incorrectly reported because the problem reporting system does not tag them correctly. Results to date indicate that these techniques may substantially increase the accuracy of anomaly frequency estimates.
{"title":"Improving the Accuracy of Space Mission Software Anomaly Frequency Estimates","authors":"A. Nikora, Galen Balcom","doi":"10.1109/SMC-IT.2009.55","DOIUrl":"https://doi.org/10.1109/SMC-IT.2009.55","url":null,"abstract":"Anomaly data can be used to estimate baseline values for operational mission software anomaly frequencies; these estimates can be used for future missions to determine whether software reliability is improving. The accuracy of anomaly frequency estimates can be affected by characteristics of the anomaly data and the problem reporting system maintaining that data. We have been using text mining and machine learning techniques to address one of these issues, in which the number of software-related anomalies is incorrectly reported because the problem reporting system does not tag them correctly. Results to date indicate that these techniques may substantially increase the accuracy of anomaly frequency estimates.","PeriodicalId":422009,"journal":{"name":"2009 Third IEEE International Conference on Space Mission Challenges for Information Technology","volume":"29 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-07-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126822878","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Mission operations personnel require decommutation, plotting, and statistical software to perform ad-hoc data analysis on archived telemetry data to ensure mission integrity and normality. Therefore, our goal is to provide software solutions to assist in telemetry accessibility. In this paper, we describe our continuing efforts to improve telemetry data accessibility by enhancing the Second Level Archive, as presented in SMC-IT 2006, by simplifying the data analysis process and improving the plotting performance.
{"title":"Continuing to Improve Telemetry Data Accessibility","authors":"A. Li, E. Hu, C. Olson","doi":"10.1109/SMC-IT.2009.48","DOIUrl":"https://doi.org/10.1109/SMC-IT.2009.48","url":null,"abstract":"Mission operations personnel require decommutation, plotting, and statistical software to perform ad-hoc data analysis on archived telemetry data to ensure mission integrity and normality. Therefore, our goal is to provide software solutions to assist in telemetry accessibility. In this paper, we describe our continuing efforts to improve telemetry data accessibility by enhancing the Second Level Archive, as presented in SMC-IT 2006, by simplifying the data analysis process and improving the plotting performance.","PeriodicalId":422009,"journal":{"name":"2009 Third IEEE International Conference on Space Mission Challenges for Information Technology","volume":"14 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-07-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129412739","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
G. Troglio, J. Benediktsson, G. Moser, S. Serpico, J. L. Moigne
With the launch of several Lunar missions such as the Lunar Reconnaissance Orbiter (LRO) and Chandrayaan-1, a large amount of Lunar images will be acquired and will need to be analyzed. Although many automatic feature extraction methods have been proposed and utilized for Earth remote sensing images, these methods are not always applicable to Lunar data that often present low contrast and uneven illumination characteristics. In this paper, we propose a new method for the extraction of features from the Lunar surface, based on the combination of several image processing techniques, including a watershed segmentation and the generalized Hough Transform. The method has many applications, among which image registration, and can be generalized to other planetary images as well.
{"title":"Automatic Extraction of Planetary Image Features","authors":"G. Troglio, J. Benediktsson, G. Moser, S. Serpico, J. L. Moigne","doi":"10.1109/SMC-IT.2009.32","DOIUrl":"https://doi.org/10.1109/SMC-IT.2009.32","url":null,"abstract":"With the launch of several Lunar missions such as the Lunar Reconnaissance Orbiter (LRO) and Chandrayaan-1, a large amount of Lunar images will be acquired and will need to be analyzed. Although many automatic feature extraction methods have been proposed and utilized for Earth remote sensing images, these methods are not always applicable to Lunar data that often present low contrast and uneven illumination characteristics. In this paper, we propose a new method for the extraction of features from the Lunar surface, based on the combination of several image processing techniques, including a watershed segmentation and the generalized Hough Transform. The method has many applications, among which image registration, and can be generalized to other planetary images as well.","PeriodicalId":422009,"journal":{"name":"2009 Third IEEE International Conference on Space Mission Challenges for Information Technology","volume":"186 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-07-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133418651","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Model-based design and automated code generation are increasingly used at NASA to produce actual flight code, particularly in the Guidance, Navigation, and Control domain. However, since code generators are typically not qualified, there is no guarantee that their output is correct, and consequently auto-generated code still needs to be fully tested and certified. We have thus developed AutoCert, a generator-independent plug-in that supports the certification of auto-generated code. AutoCert takes a set of mission safety requirements, and formally verifies that the auto-generated code satisfies these requirements. It generates a natural language report that explains why and how the code complies with the specified requirements. The report is hyper-linked to both the program and the verification conditions and thus provides a high-level structured argument containing tracing information for use in code reviews.
{"title":"Generating Code Review Documentation for Auto-Generated Mission-Critical Software","authors":"E. Denney, B. Fischer","doi":"10.1109/SMC-IT.2009.54","DOIUrl":"https://doi.org/10.1109/SMC-IT.2009.54","url":null,"abstract":"Model-based design and automated code generation are increasingly used at NASA to produce actual flight code, particularly in the Guidance, Navigation, and Control domain. However, since code generators are typically not qualified, there is no guarantee that their output is correct, and consequently auto-generated code still needs to be fully tested and certified. We have thus developed AutoCert, a generator-independent plug-in that supports the certification of auto-generated code. AutoCert takes a set of mission safety requirements, and formally verifies that the auto-generated code satisfies these requirements. It generates a natural language report that explains why and how the code complies with the specified requirements. The report is hyper-linked to both the program and the verification conditions and thus provides a high-level structured argument containing tracing information for use in code reviews.","PeriodicalId":422009,"journal":{"name":"2009 Third IEEE International Conference on Space Mission Challenges for Information Technology","volume":"300 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-07-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129800205","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In this paper, the authors present a path planing system for autonomous navigation of lunar/planetary rover. In the path planner, candidate paths are generated and evaluated by multiple criteria including occlusion index, terrain roughness/inclination indices. The proposed system considers the occlusion effect produced by obstacles present in the inspected environment and the features of the environment itself. An algorithm that computes the next sensing position within the map is introduced as part of the system presented. The different components of the system and their interactions are explained thoroughly. Simulation and experimental results where the proposed system is implemented are presented.
{"title":"A Path Planning System based on 3D Occlusion Detection for Lunar Exploration Rovers","authors":"A. Mora, K. Nagatani, Kazuya Yoshida, M. Chacin","doi":"10.1109/SMC-IT.2009.59","DOIUrl":"https://doi.org/10.1109/SMC-IT.2009.59","url":null,"abstract":"In this paper, the authors present a path planing system for autonomous navigation of lunar/planetary rover. In the path planner, candidate paths are generated and evaluated by multiple criteria including occlusion index, terrain roughness/inclination indices. The proposed system considers the occlusion effect produced by obstacles present in the inspected environment and the features of the environment itself. An algorithm that computes the next sensing position within the map is introduced as part of the system presented. The different components of the system and their interactions are explained thoroughly. Simulation and experimental results where the proposed system is implemented are presented.","PeriodicalId":422009,"journal":{"name":"2009 Third IEEE International Conference on Space Mission Challenges for Information Technology","volume":"79 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-07-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132086565","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
This paper will describe the benefits of incorporating software Time and Space Partitioning (TSP), based upon the aeronautic IMA concept, into the spacecraft avionics architecture to manage the growth of mission functions implemented in the on-board software. The paper addresses how TSP can be used to safely integrate applications of different criticality and security classifications, and how incremental validation is supported to control the impact of software modifications to the system.
{"title":"Time and Space Partitioning in Spacecraft Avionics","authors":"J. Windsor, K. Hjortnaes","doi":"10.1109/SMC-IT.2009.11","DOIUrl":"https://doi.org/10.1109/SMC-IT.2009.11","url":null,"abstract":"This paper will describe the benefits of incorporating software Time and Space Partitioning (TSP), based upon the aeronautic IMA concept, into the spacecraft avionics architecture to manage the growth of mission functions implemented in the on-board software. The paper addresses how TSP can be used to safely integrate applications of different criticality and security classifications, and how incremental validation is supported to control the impact of software modifications to the system.","PeriodicalId":422009,"journal":{"name":"2009 Third IEEE International Conference on Space Mission Challenges for Information Technology","volume":"3 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-07-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126169967","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
For many reasons, the chip technology for spacecraft computing has lagged commercial systems by decades. Equally disconcerting, however, has been a similar lag in the computer architectures used. This paper will look at an emerging class of multi-core processor architectures, called “tiled,” extrapolate what they might look like in the future, and how they might be adapted to space applications. This extrapolation will include physical characteristics (speed, power, and area), system architectures, and fault tolerant models
{"title":"An Exploration of Tiled Architectures for Space Applications","authors":"P. Kogge, Megan Vance","doi":"10.1109/SMC-IT.2009.10","DOIUrl":"https://doi.org/10.1109/SMC-IT.2009.10","url":null,"abstract":"For many reasons, the chip technology for spacecraft computing has lagged commercial systems by decades. Equally disconcerting, however, has been a similar lag in the computer architectures used. This paper will look at an emerging class of multi-core processor architectures, called “tiled,” extrapolate what they might look like in the future, and how they might be adapted to space applications. This extrapolation will include physical characteristics (speed, power, and area), system architectures, and fault tolerant models","PeriodicalId":422009,"journal":{"name":"2009 Third IEEE International Conference on Space Mission Challenges for Information Technology","volume":"59 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-07-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114577339","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: