1 / 30

Section 4 Flight Software

Section 4 Flight Software . . . Ray Whitley EO-1 WARP Flight Software Lead S-Band RF SA GPS RWA R000 R000 R000 Mongoose - V CSS ACE COMM H/K ACS/C&DH AST RSN IRU RSN RSN PSE RT RT RT BC RT RT RCS RSN MTB TAM PPT SADE R000 R000 R000 R000 M - V RT RT RT

Faraday
Download Presentation

Section 4 Flight Software

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Section 4 Flight Software . . . Ray Whitley EO-1 WARP Flight Software Lead

  2. S-Band RF SA GPS RWA R000 R000 R000 Mongoose - V CSS ACE COMM H/K ACS/C&DH AST RSN IRU RSN RSN PSE RT RT RT BC RT RT RCS RSN MTB TAM PPT SADE R000 R000 R000 R000 M - V RT RT RT RT RT RT XBAND WARP ALI RSN RSN RSN LAC Hyperion WARP X-Band RF Spacecraft Bus Architecture 2Kbps 4Mbps 4Mbps 4Mbps Sci Bkup 1773 Data Bus 105 Mbps Science - instrument or procured - GSFC managed

  3. MAP/TRMM Heritage • Litton Space Act personnel developed PSE & HSK software for MAP and for subsequent use on EO-1 • Bulk of S/C bus software ported from XTE / TRMM to the Mongoose V with MAP civil servants and Litton Space Act personnel • Mongoose V, PSE, Comm, and HSK baseline builds received between 11/98 and 12/98 • ACS attitude control derived from TRMM ACS flight code • ACE’s safe-hold algorithm derived from XTE / TRMM designs (same as ACS sun acquisition module in main processor)

  4. Functionality By Processor • ACS/C&DH Mongoose V: • Attitude determination & control modes • Real-time & stored command distribution to all subsystems • Telemetry acquisition and frame generation • Time maintenance & distribution • SSR record and playback (s/c & instrument housekeeping data) • ACE RSN: • Independent safe-hold • Sensor data acquisition • Actuator commanding • Comm RSN: • Command reception & de-blocking • Telemetry transmission • Spacecraft time correlation

  5. Functionality By Processor-2 • HK RSN: • GPS time/position data acquisition • thermister data collection • High Output Parrafins (HOPS) deployment control & monitoring • Miscellaneous LVPC services • PSE RSN: • power subsystem monitoring & control • X-Band RSN: • Phased Array Antenna command distribution • Phased Array Antenna housekeeping data collection & monitoring

  6. Functionality By Processor-3 • WARP Mongoose V: • Science data record set-up and control • Science data X-band & S-band playback control • WARP RSN: • Command distribution for LVPS services inside WARP • Housekeeping data acquisition & monitoring for the WARP

  7. Launch CPU/Memory Margins

  8. Verification Approach • Component & system level I&T at software lab prior to and at s/c delivery • Well documented and repeatable stol test procedures executed in lab and repeated upon delivery to spacecraft • Equivalent to “long form functional” • Code walk-thrus with panel of FSW peers, subsystem lead, & s/c systems engineering • Spacecraft subsystem functional, CPTs, “special tests” • Bus error injection and memory corruption • Processor stress test

  9. Pre-Ship FSW Releases

  10. Problem Tracking Reports

  11. Significant Test Results • All flight software components are now fully operational and healthy meeting both functional and performance requirements • significant problems uncovered during last three months of I&T, and since retified: • PSE shunting & power subsystem FDC requirements clarification • time maintenance with GPS data • inconsistent requirements in high-level FDCs (TSMs) and requirements just missing

  12. Special Topic: Flight Software Maintenance Capability

  13. On-orbit Sustaining Engineering • Maintenance Plan originally drafted by THC/Microtel in early September ‘99 include: • Key contractor personnel associated with the development of key flight software components • Available flight software development facility components for Swales and GSFC • Optionally augmenting maintenance facility with one or more higher fidelity breadboards • Have basic facility ready within days after spacecraft ships • For Training purposes, • Maintenance personnel participated in recent code walk-thrus of 2 mission critical flight software subsystems • Assisting in development of test data to be used to verify FDCs and TSMs in the software lab • Gather, review, and configure all software specification & user documentation • Re-verify software load/dump/verify utilities prior to S/C launch

  14. ACS/EFF ACE CM HK PSE FSW Lead COMM X BAND Sys. Eng. WARP M5/RSN C&DH * The following engineers are available for consultation should the need arise during the mission: C. Xenophontas (Litton) J. Marquardt (GSFC) G. Smith (Litton) A. Cudmore (GSFC) E. Stagmer (Litton) T. Miller (GSFC) S. Slegel (Raytheon) D. Molock (GSFC) S. Mann * L. Gaudaen (THC) L. Bashar (THC) J. Hengemihle (Microtel) J. Hengemihle R. Mason (Microtel) L. Bashar R. Mason * R. Mason * (Microtel) S. Mann * S. Mann (THC) J. D’Agostino K. Blackman A. Hawkins (THC) L. Bashar J. Hengemihle * EO-1 Flight Software Maintenance Functional Organization Chart

  15. EO-1 Flight Software Maintenance Facility WARP Dev. PC EO-1 M5 (BB) RS 232 Generic RSN (BB) WARP M5 (BB) ICE Proms BC MV5 Dev. PC Generic RSN Dev. PC (PSE, Xband, HK) S/C 1773 Bus COMM RSN (BB) VirtualSat Bus Monitor Cmd & Tlm Simulator (CSC Sim) ACE RSN (BB) 1773 RT Sim Cmds & Tlm (WARP, ALI, AC ACE, X-band I/F, COMM & H/K RSNs) FEDS Ethernet ASIST

  16. Special Topic: TSMs, Including Comprehensive Failure & Correction . . . Tom Feild EO-1 Systems Engineer, GSFC Code 568

  17. Comprehensive Failure Detection and Correction • EO-1 employs 2 methods to autonomously detect fault conditions and take appropriate action to safe the observatory: • TSM/RTS System • A Telemetry Statistics Monitor (TSM) is a telemetry point or combination of points that are used to verify observatory health • A Relative Time Sequence (RTS) is a list of commands that can be executed in response to a hazardous condition • TSMs monitor spacecraft health and when they detect a fault condition they can execute an RTS and/or issue an event message • Runs on the ACDS Mongoose 5 • FDC System • The Fault Detection and Correction (FDC) System consists of software checks and corrective actions that are embedded in the flight software running on the various processors on EO-1

  18. Failure Detection and Correction Philosophy • Philosophy is ‘Keep it Simple’ • Only conditions that threaten observatory health are addressed • Simplest ‘safe’ action is taken, often to power off the device whose health is in question • The TSM/RTS System is the primary method of detecting and correcting hazardous conditions on EO-1 • Except for certain instrument fault conditions, when one hazard has both a TSM/RTS action and an FDC action then the thresholds are set such that the TSM/RTS will trip first • All TSMs, RTSs, and FDCs will be tested prior to launch • Many ACS FDCs can only be tested on the high fidelity simulator • Many instrument FDCs only tested prior to instrument delivery • All TSMs/RTSs or FDCs will be retested after every new software load. Many are tested during the CPT.

  19. Event Messages • The Observatory sends down ‘Event Messages’ to provide information on all significant events that occur on the observatory such as: • Changes in spacecraft configuration (e.g. data rates, filter tables, day/night transitions) • Anomalous events such as activated TSMs, RTSs, and FDCs • All Event Messages are stored in VR-2 • VR-2 is downloaded during each pass • Provides Flight Ops Team with immediate access to information on spacecraft health and autonomous actions • Event messages are generated by: • ALL TSM activations • All RTS calls by TSMs • Most FDCs

  20. TSMs • Current version is TSM Rev G • Contains 33 TSMs (plus 17 monitor point TSMs) • Loaded on November 30, 1999 • 3 problems have been identified to date • 2 TSMs have tripped when not expected • 1 TSM did not trip when expected • Most already tested • 21 tested in special test • 6 to be tested during CPT (12/6 to 12/10) • 3 require retest • 3 require troubleshooting

  21. TSM Rev G

  22. TSM Rev G (continued)

  23. (EEPROM) RTSs • There are 256 RTSs • 1 to 64 are loaded in EEPROM • 65 to 256 are RAM only • 40 to 55 are reserved for the MOC (Not used for fault correction) • 1 to 39 and 56 to 64 are used for Fault Correction (48 total) • 34 are currently used; 14 are spares • #5 and #39 are also used by the MOC. They may use others. • Current EEPROM version is RTS Rev E • Loaded on November 30, 1999 • No problems with RTSs have been identified • 32 tested in special test (All OK) • 16 to be tested during CPT (12/6 to 12/10) • 16 to be tested by the MOC (12/13 to 12/14)

  24. RTS Rev E

  25. RTS Rev E (cont.)

  26. FDCs • Additional Failure Detection and Correction is found in the various processors on EO-1 • These are called Fault Detection and Correction (FDC) routines • FDCs contained in ACDS, ACE RSN, PSE RSN, Comm RSN, X-Band RSN, WARP M5, Hyperion, ALI, and AC • Most are enabled at power-up and during nominal mission mode • The ACS FDCs are mode dependent and not all are used in any one mode • Most can be individually enabled or disabled • Some instrument FDCs cannot be disabled • Several are disabled for launch

  27. FDCs (continued) • All have been tested • Many of the ACS FDCs can only be tested on the EO-1 hyperdynamic simulator • Most of the Instrument FDCs were tested before integration onto EO-1 • The rest have been tested on the observatory • When a new software load is performed, all FDCs in that software load are retested • ACS FDCs are tested on the EO-1 hyperdynamic simulator

  28. Use By Flight Operations Team • FDCs • Autonomous. Cannot be called directly by Flight Ops • Updates require new software load • Most can be enabled and disabled • TSMs • Autonomous. Cannot be tripped directly by Flight Ops • Updates require table load or new M5 load • Can be enabled or disabled or placed in ‘watch’ mode • RTSs • EEPROM RTSs 40 to 55 and all RAM RTSs (65 to 256) are reserved for the MOC • Others, such as RTSs 5 and 39 are used by the MOC • EEPROM updates require table load or M5 load • All RTSs can be enabled or disabled

  29. Summary • All RTSs and all but 2 TSMs will be tested by December 14, 1999 • 2 TSMs need special tests that may require a GSE change • Potential problems have been identified with 3 TSMs • Being investigated by Flight Software and Systems • After these items are completed the EO-1 Failure Detection and Correction System will be ready for launch • If software changes are made then re-testing will be required

More Related