Title: Flight Software PDR Presentation
1Flight Software PDR Presentation
HMI00373
- Jerry Drake
- HMI Software Lead
- jerry.drake_at_lmco.com
2Agenda Flight Software
- Requirements
- Sources
- Driving requirements
- Heritage - Flight Processor and Software
- Design Description
- Development Environment
- Context Diagram
- Computer Software Configuration Items (CSCIs)
- Start-Up ROM (SUROM) Software
- Architecture
- Flight Software Overview
- Architecture
- Camera Operational Modes
- Sequence Control
- Time Handling
- Fault Management
- Resource Utilization
- Safety and Reliability
- Software Development Status
3Requirements Sources
- 464-SYS-REQ-0004, Mission Requirements Document,
Rev. 4.4 - HMI Contract Functional Specification
- SU-HMI-S013, Instrument Performance Document
- 2H00021, HMI Performance Assurance Implementation
Plan (PAIP) - ICDs
- 464-HMI-ICD-0002, Spacecraft to HMI ICD
- 464-CDH-ICD-0005, 1553 ICD
- 464-CDH-ICD-0012, High Speed Bus ICD
- 464-GS-ICD-0001, Ground System ICD
- HMI Hardware Functional Specifications, Section
4.2, Software Interface - 2H00119, Functional Specification, HEB Power
Converter Subsystem - 2H00120, Functional Specification, HEB PCI to
Local Bus/1553 Interface - 2H00121, Functional Specification, HEB
Housekeeping Data Acquisition - 2H00122, Functional Specification, HEB Image
Stabilization Subsystem - 2H00123, Functional Specification, HEB Mechanism
Heater Controllers - 2H00124, Functional Specification, HEB CCD Camera
Interface - 2H00125, Functional Specification, HEB Data
Compressor/High Rate Interface - 2H00126, Functional Specification, HMI Oven
Controller - 2H00180, Functional Specification, HEB
Electronics Box
4Driving Requirements
- Spacecraft Command I/F Provide command
capability with spacecraft - APIDs, sampling rates and protocols contained in
ICDs - Commands uplink rate from ground 2 kbps
- Maximum command rate to HMI 10 commands/sec
- Maximum command packet size 250 bytes
- CCSDS formatted
- HMI Command APID range 800 - 815
- Function code identifies each command (in CCSDS
header) - Command sources
- Spacecraft
- Ground (1553 through spacecraft) 2 kbps
(effective 1 kbps) - STOL
- Manual
- Absolute Time Sequence (ATS) 10 commands/sec
- Relative Time Sequence (RTS) 10 commands/sec
- Telemetry Statistics Monitor (TSM)
- Internal to HMI
- Scripts Same as macro
5Driving Requirements (cont.)
- Spacecraft Telemetry I/F Provide telemetry
capability with spacecraft - 1553 Telemetry Channels (Transmit SubAddresses,
TSA) - Housekeeping TSA 3 - 6 and completion TSA 7
- Event Message TSA 12 - 13 and completion TSA 14
- Image Motion Compensation TSA 15 and completion
TSA 16 - Diagnostic TSA 17 - 26 and completion TSA 27
- Wraparound TSA 30
- Accept and respond to transmit mode codes 2, 4, 5
8 - 1553 Rates
- Housekeeping Nominal 2 kbps, reduced 1 kbps,
emergency 100 bps - Diagnostic 10 kbps
- 1355 Telemetry (Science)
- Software controls
- Configuration of 1355 connection
- Two High-Speed Bus Channels per interface card
- Two HSB Interface cards in HMI
- Doppler and magnetic images
- Initiation of transfer (load image parameters)
- Place housekeeping data into science stream
6Driving Requirements (cont.)
- Provide control of subsystems (derived
requirements) - Mechanisms (quantity in parentheses below)
- Wavelength Tuning Mechanisms (4)
- Polarization Selector Mechanisms (3)
- Shutters (2)
- Calibration/Focus Mechanisms (2)
- Front Door Mechanisms (2)
- Alignment Mechanisms (2)
- Cameras (2)
- Control image transfers and compression (internal
to HMI, 2) - Control image transmission (over 1355 to S/C, 2)
- Image Stabilization System (1)
- Oven (2)
- Operational Heaters (max of 8)
- Provide diagnostic telemetry capability
- High-rate mechanism current or Image
Stabilization data (up to 5 items at 512 Hz
sampling rate) - Provide capability to load code on-orbit
7Driving Requirements (cont.)
- Science
- Maintain regular cadence for doppler and vector
cameras - Framelist must start at the requested time within
/- 100 msec absolute time - Provide capability for table-driven sequence
control - Provide time in telemetry to 100 msec accuracy
- Provide the capability to maintain HMI internal
clock to an accuracy of /- 100 msec absolute
8Flight Processor/Software and Heritage
- RAD6000 Program A, Program B, Program C, Program
D - RAM 4 Mbytes
- EEPROM 512 Kbytes
- PROM (SUROM) 64 Kbytes
- Clock rate 20 Mhz
- PCI bus
- Software Heritage
- VxWorks/RAD6000 Program A, Program B, Program C,
Program D - SUROM BAE generic, Program A, Program C, Program
D - EEPROM Program C, Program D
- GNUZIP Program B, other program
- Mechanisms MDI, TRACE, Program B, Program C,
Program D, Program F
9Development Environment
- Languages
- SUROM
- C
- Assembly
- PAS
- Flight
- C/C
- Tools
- SUROM
- C compiler on RS6000 workstation
- Flight
- VxWorks
- GreenHills Multi
- Sunblade Workstation
- Configuration management tool
- Revision Control System (RCS)
- Schedule
- Purchase Sun workstation and software in Nov 2003
- Install and configure Sun worstation in Dec 2003
10Context Diagram
OVN (2)
ISS Sensor
HTR (8)
ISS PZT
FDM (2)
UART (test)
HMI Electronics Box (HEB)
ALM (2)
COP (test)
Processor (Rad6000)
Processor (Rad6000)
S/C 1553 I/F
WTM (4)
PCI/Local Bus Bridge/1553
PCI/Local Bus Bridge/1553
Cmd/HK
Mech/Heater Controller Type 2
Mech/Heater Controller Type 2
PSM (3)
SDO Spacecraft
Mech/Heater Controller Type 1
Mech/Heater Controller Type 1
PZT Driver
Housekeeping Data Acquisition
CFM (2)
Limb Tracker
Spare
S/C High Rate I/F (2)
SH M (2)
Compressor/High Rate Interface
Compressor/High Rate Interface
Science
Camera Interface/Buffer
Camera Interface/Buffer
WTM Wavelength Tuning Mech PSM Polarization
Selector Mech SHM Shutter Mech CFM
Calibration/Focus Mech FDM Front Door Mech ALM
ALignment Mech ISS Image Stabilization
System OVN Oven HTR Heaters
1355
1355
Doppler Camera Electronics Box
Magnetics Camera Electronics Box
11CSCIs
- Start-Up ROM (SUROM) Computer Software
Configuration Item (CSCI) - Commands and HK telemetry over 1553 bus
- Contained in PROM on processor card
- Can upload kernel from ground to RAM
- Can load kernel into EEPROM
- Default is to load kernel from EEPROM to RAM,
decompress and boot - Flight SoftWare (FSW) CSCI
- Contained in EEPROM on processor card
- Loaded and booted by kernel code
- Consists of
- Kernel code (VxWorks operating system, device
drivers, basic cmd and tlm on 1553) - Flight code
12SUROM Code
- SUROM heritage
- BAE generic, Program A, Program C and Program D
- Development approach
- Develop in simulator (Borland Builder C)
- Establish socket connection to use EGSE
- Test on Program A ODP
- Port from Borland to RS6000
- Test 1553 (ODP processor has 1553 chips on board)
- Test on HMI ETU
- Requires Interconnect board PCI/Local Bridge
Bus/1553 card with minimal capabilities - Development system for RAD6000 target
- RS6000 workstation
- C compiler, PAS assembler, RS6000 assembler and
linker - COP connection to processor board
- Architecture
- Executive
- State
- 1553
- Command Handler
13Nominal Boot Sequence
- If no commands are received within 30 seconds (5
seconds in fast-boot mode) of the first 1553
telemetry packet, the following occurs - A copy of the self-extracting VxWorks kernel is
- Read from EEPROM to a default RAM location
- Decompressed
- Executed
- Kernel then
- Initializes memory-resident file systems in
- EEPROM
- RAM
- Locates script file /EEPROM/BOOT0001.SCR
- Executes script file /EEPROM/BOOT0001.SCR
- Script /EEPROM/BOOT0001.SCR contains the list of
object modules to - Decompress
- Load into RAM
- Link
- Run for auto-booting
- Other script files (BOOT0002.SCR through
BOOT9999.SCR) can be used for alternate booting
by an operator
14Flight Software Architecture Diagram
15Camera Operational Modes
- Clear
- Remove charge from CCD (in preparation for
obtaining new image) - Integrate
- During integration, the CCDs parallel register
clocks will be held at appropriate voltage levels
- Serial register clocks can be individually
programmed to be high, low or clocking - Dither clocking
- Readout
- Full-frame readout of n lines
- Windowed readout of at least two windows
- Dump n lines
- Read x lines
- Dump m lines
- Read y lines, etc.
- Full-frame or windowed readout with n x m pixel
binning - Continuous clocking
16Sequence Control
- Modes
- Science (cadence held)
- Doppler cadence 50 seconds or shorter
- Vector cadence 5 minutes or shorter
- Test and calibration (no cadence, free running)
- Table-driven observing sequences
- Timeline table
- Framelist table
- Focus table
- Polarization table
- Wavelength table
- Tuning table
- Exposure table
- Table contents and definitions currently under
development with science team - Tables are uploadable and modifiable
- Can be stored in EEPROM or loaded from ground
17Time Handling
- VxWorks system tick (interrupt)
- OBC derived 1.95 msec (512 Hz)
- RAD6000 decrementer 20 msec (fallback source)
- Time at tone
- Internal clock latched into OBC 1553 Time Tag
Register by 1553 interrupt on receipt of tone
message - Software accesses OBC 1553 Time Tag Register over
PCI bus - Rate adjustment
- Send OBC 1553 Time Tag Register in housekeeping
telemetry - Ground calculates drift and issues command to
change rate (if so desired) - Spacecraft time included in every telemetry
packet - Observing cadence maintained by
- Starting sequence on nearest system tick to time
of day modulo cadence in seconds - The sequence period must be settable in software
- Command
- Contained in sequence table
- Repeating sequence
18Fault Management
- Internal limit checking of
- Motor current and total current
- Heater zone temperatures
- Camera aliveness
- Alignment Leg Mechanism
- Front Door Mechanism
- Autonomous checks of HMI 1553 bus activity over 2
(TBR) minutes - Activity level reported in health safety
telemetry - Levels below a settable threshold cause internal
recovery or safing actions
19Resource Utilization
- PROM (SUROM)
- Available 64 K
- Expected utilization 95
- HMI SUROM contains less functionality (the HMI
estimate is conservative) than the Program A
SUROM which fit into the same 64 K PROM - SUROM is unchangeable once programmed into PROM
and installed on the processor board - EEPROM
- Available 512K
- Expected utilization 11 K file system overhead
- 128 K for compressed kernel
- 128 K for compressed FSW
- 245 K available margin
- RAM
- Available 4 Mbytes
- Expected usage 512 Kb FSW
- 512 Kb RAM filesystem
- Up to 3 MB telemetry buffers for diagnostic
data storage (infrequent) - CPU Usage
- FSW 30
20Safety and Reliability
- Safety
- HMI flight software cannot cause loss of mission
or injury or death to humans - Coding standards will be used (2H00006) to
increase safety and reliability - Possible safety items
- Programming EEPROM
- Operating front door mechanism, alignment legs
and/or heaters - Fault management will be implemented (see next
slide) - Safety issues addressed at all major program
reviews - Reliability
- FSW developed incrementally
- FSW tested in simulation and emulation
- FSW will be used for as much hardware testing as
possible - Idle task shall detect and report in telemetry
CPU usage percentage and overrun (if any) - Exception handling shall capture and report task
errors - Internal consistency checks shall be made on cmd
parameters initial use of global pointer values
21Software Development Status
- Completed Peer Review on October 8, 2003
- Complete Software Requirements Document
- Initial draft submitted with CSR and updated for
PDR - Complete hardware board specifications
- Complete
- Command list (draft currently exists)
- Telemetry list (draft being prepared)
- Start detailed design
- SUROM and kernel in progress
- FSW starting
- Develop Software Design Documents
- Establish interface between simulator and EGSE
(to confirm design approach) - Risks
- Complexity of camera control interface