The Fourth Workshop on...
Fault-Tolerant Spaceborne Computing Employing New Technologies, 2011

SCHEDULE

Location guide: Monday's activities and the dinner on Tuesday are at the Hotel TBD as noted. The main meeting place for the conference is at the CSRI building near Sandia labs. The high-level sessions will be elsewhere at Sandia, but meet at the CSRI building.

Monday
May 23		 Tuesday
May 24		 Wednesday
May 25		 Thursday
May 26
8:00 Breakfast and registration Breakfast Breakfast
8:30 AM Keynote: Steve Petersen, USAF, title TBD Technical working group meeting (Sandia CSRI) (Thursday Morning Schedule)
F: Architecture
9:00 AM Organizers, Workshop Process
9:15 AM Background color legend:
Process
Government
Non-Government
Available
Working Group		 Keynote: Mike Johnson, NASA, NASA Roadmap Processor Panel Process
9:30 AM Tara Estlin, JPL, Autonomy in Rovers
10 AM Break Break Break
10:30 AM Peter Milliken, Aeroflex, 90nm 9SF Productization and Qualification Program Elaine Gonsalves, Aeroflex, LEON 4FT Processor-status and plans Architecture working group meeting (continued) Special meeting TBD
11 AM Ron Scrofano (fix to Enright), Aerospace, Title TBD Ken Mighell, NOAO, Experience with Maestro
11:30 AM Registration (Sandia CSRI Building) 11:20: Tzvetan Metodi, Aerospace, Title TBD;11:40: Ian Troxel/Paul Murray, SEAKR Eric Watco, Cisco, Leveraging Terrestrial Open Standards Based Commercial Trusted Solutions for Space-based Applications
NoonLunch (on your own) Lunch Lunch User group meeting (Sandia CSRI) (Thursday Afternoon Schedule)
G: Maestro/Tilera User Group Organizational Discussion. Note: The ending time will be determined by participants airplane schedules.
1 PM Technical working group meeting
(Monday afternoon schedule)
A: Trust (Sandia)
B: Path to Flight (Hotel)		 Lewis Cohen, NRO, Advanced Technology Group Foundational Technology Division Radiation Hardened Microelectronics Program Processor panel. Each panelist will have 5 minutes to recap their talk earlier in the day, then a discussion with audience.
1:30 PM Warren Snapp, Boeing, RHBD Futures
2 PM Steve Crago and Warren Snapp, ISI and Boeing, Maestro Outbrief for Software and Interconnect (15 mins each)
2:30 PM Richard Berger, BAE, TBD Break
3 PM Break Break Closed Session
3:30 PM Technical working group meetings (continued) Mitch Fletcher, Honeywell, Space Processing -- One size DOESN'T fit all
4 PM Charles Norton, JPL, ...
4:30 PM Mike Deliman, WindRiver, Certifiable - The Bumpy Road To Assurable Software Outbrief for Trust, Path to Flight, and Fault Tolerance working groups
5:00 PMReception (Sheraton Albuquerque Uptown)Dinner on your ownTechnical working group meeting (Sheraton Albuquerque Uptown) (Tuesday night schedule)
E: Interconnect Committee Meeting (Rafi)
6:00 PMDinner and dinner speaker Tara Estlin, JPL, Driving on Mars
7:00 PMTechnical working group meetings (Sheraton Albuquerque Uptown) (Monday night schedule)
C: Fault tolerance (system level)		 Technical working group meeting (Sheraton Albuquerque Uptown) (Tuesday night schedule)
D: Software

Monday Working Groups

A. Trust

(First Day: Mon, May 23, 1-5pm, at Sandia):

[Closed session]

B. Path to Flight

(First Day: Mon, May 23, 1-5pm, at Hotel):

Path To Flight Working Group

Working Group Chair: Larry Bergman (JPL)

Monday, May 23, 2011
1:00PM - 3:30PM
Sheraton Albuquerque Uptown

A number of next generation multicore flight processor families are gradually reaching a minimum state of flight readiness. This working group will examine (1) the range of mission infusion scenarios, (2) their driving requirements, and (3) what (if any) additional ground and flight validation experiment testing (both hardware and software) is still required prior to commitment to flight missions. Some variance in flight qualification metrics (i.e., different operating environments, lifetime, use, and reliability factors) are expected due to different target end mission applications. Products of the workshop will include mission class qualification needs (gap areas), current TRL levels of emerging multicore processor chips and board level sub-systems, and prospects for future flight experiment validation opportunities (e.g., SmallSats, CubeSats).

Brief talks are planned to stimulate interactive discussion:

Monday Afternoon Schedule

A: TrustB. Path to Flight
1 PM
  1. Topic: Red Teaming
  2. Description: Experiences of a red teamer
  3. Speaker: Ray Parks
  4. Bio:
 Overview and Goals of Working Group (Larry Bergman/JPL)
1:30 PM
  1. Topic: Trusted Foundry
  2. Description: Experience from an ASIC-designer's perspective who has used the Trusted Foundry heavily since its inception
  3. Speaker: Robert Lovejoy
  4. Bio: Robert O. Lovejoy received his B.S. degree in electrical engineering from University of Utah, Salt Lake City, UT, in 2004. He received an M.S. degree in electrical engineering from the University of Utah, in 2005. He has over 5 years of experience in mixed-signal and analog integrated circuits research and design. Robert joined Sandia National Laboratories in 2005 and is currently a Senior Member of Technical Staff in the Mixed-Signal ASIC/System-on-Chip Products development group.
 Spaceborne Flight Validation of NASA ESTO Technologies (Charles Norton/JPL)

Abstract - The NASA Earth Science Technology Office invests in instruments, components, and information systems to advance technologies that enable scientific observation and measurement of Earth. In this talk I will describe ESTO's new thrust in spaceborne technology validation where CubeSat and Space Station payloads are in development to raise the TRL of components relevant to the Earth science Decadal Survey.

2:00 PM
  1. Topic: Supply Chain Risk Management
  2. Description:
  3. Speaker:
  4. Bio:
 Crossing the Mid-TRL Valley of Death - Remaining Gaps for Infusing Multicore Processor Technology into Deep Space Missions (Dwight Geer/JPL)
2:30 PM
  1. Topic: TBD
  2. Description:
  3. Speaker:
  4. Bio:
 Infusion Challenges Across Gov Space Systems (tbd/BAE) (Invited - Not Confirmed)
3:00 PM
  1. Topic: TBD
  2. Description:
  3. Speaker:
  4. Bio:
 Discussion
3:30 PM Roundtable discussion with all participants

C. Fault Tolerance (System Level>

(First Day: Mon, May 23, 7 pm):

Fault Tolerant (System Level) Working Group

Working Group Chair: Larry Bergman (JPL)
Working Group Co-Chair: Marti Bancroft (MBC)

Monday, May 23, 2011
7:00PM - 9:00PM
Sheraton Albuquerque Uptown

The general goal of the Fault Tolerant Working Group will be to assess the current status of fault tolerance / management system technologies (both hardware and software) for space borne computing, future emerging mission needs / requirements, and specific problems and solutions that require further development for multicore space borne avionics. One area of emphasis this year will be to focus on new challenges as well as new innovative solutions for implementing fault tolerance capability on multicore processor architectures.

Monday Night Schedule

C: Fault Tolerance (System Level)
7 PM Overview and Goals of Working Group (Larry Bergman/JPL)
7:20 PM Multicore Fault Tolerance Paradigms (Kim Gostelow, JPL)
7:40 PM Improving microprocessor reliability through software mitigation (Heather Quinn, LANL)
8:00 PM Execution Leases (Tzvetan (Setso) Metodi/Aerospace Corp, Mohit Tiwari/UCSB)

Abstract: High-assurance systems, designed to enforce policies that control information flow between processing tasks with several levels of classification, are becoming increasingly critical to current and future space programs. However, such systems, which are often hard real-time systems, are costly to develop and difficult to test in order to guarantee strict security, reliability, and predictability requirements. We present Execution Leases, the hardware design and Instruction Set Architecture (ISA) changes needed to enable hardware support for secure separation of different classification levels, using a single core RAD750 processor as a first example. Current approaches on single core processors rely on software-based partitioning kernels that do not have complete access to all internal processor components and must implement all real-time guarantees in software. The hardware modifications proposed allow for a potential higher level of NSA approval and ensure that no contamination can occur between tasks. The proposed hardware modifications also allow for complex separation policies to be implemented reliably while reducing the complexity of the operating system kernel. Although changes to the RAD750 are the example, this work could extend to other processor cores including potentially the "soft cores" used in FPGAs. The proposed approach will be contrasted with the available software options used in current space programs.

8:20 PM Discussion: Discuss remaining unsolved challenge areas / problems that need still need to be addressed with further research. Is the fault management robust enough for these multicore processors to be used in GN&C situations, or more appropriate for special purpose onboard data processing?
9:00 PM or when discussion winds down - ADJOURN

Tuesday Working Groups

D. Software

(Second Day: Tue, May 24, 7 pm):

Software Working Group

Working Group Chair: Marti Bancroft (MBC)
Working Group Co-Chair: Larry Bergman (JPL)

Tuesday, May 24, 2011
7:00PM - 10:00PM
Sheraton Albuquerque Uptown

Flight software spans a wide number of system components. Just a few examples include operating system (often real time), application(s), numerical libraries, fault and power management, health management, data management, service layers, communications, and job scheduling to name a few. Further, depending on whether the multicore processor's primary role is for GN&C (spacecraft's main processor) or as a co-processor (e.g., payload processing), would affect which software elements are required and the degree of fault resiliency required. This Working Group will also examine the remaining gaps for flight software in general that would be required for flight. Brief talks are planned to stimulate interactive discussion.

Tuesday Night Schedule

D: Software
7:00PMOverview and Goals of Working Group (Marti Bancroft, Larry Bergman)
7:20PMFunctional Programming for Multicore (Kim Gostelow/JPL)

Abstract: Functional programming offers advantages for programming in multi-core: - simple exposition of parallelism with no effort on the part of the program - functional programs can be moved, stopped and started, restarted, without concern - replication, such as TMR, for simple checking of program behavior with no advance programmer effort to make it possible. Of course, functional programming still must work with programs with state. Although theoretically not necessary, for practical reasons, functional programs must deal with state. This talk will present some functional programming language constructs for dealing with some of the most common uses of state in programs.

7:40PMCertifiable Software (Mike Deliman/Windriver)
8:00PMAutomatic Generation of Fault Tolerant Code (Hans Zima/JPL)

Abstract: In this talk we present an outline of an introspection-based system supporting adaptive fault tolerance that is being developed at the Jet Propulsion Laboratory in Pasadena, California. In this context, we will describe how automatic analysis of the control and data flow in source programs can be exploited to automatically create correctness assertions for critical sections of a program, or to generate redundant code that can be embedded in a self-checking programming framework.

8:20PMStudy of Porting Applications to GPUs and Manycore (Doug Enright/Aerospace Corp)
8:40PMDiscussion
10:00PMADJOURN (or whenever discussion ends)

E. Interconnect

(Second Day: Tue, May 24, 7 pm):

A standards organization has been formed to define a next generation spacecraft interconnect standard beyond SpaceWire and Time Triggered Gigabit Ethernet. This is a closed meeting of the Requirements Subcommittee of the Next Generation Spacecraft Interconnect Standards Committee. To learn more about this activity or to join the Subcommittee, contact Charles Collier at Charles.Collier@kirtland.af.mil.

An outbrief of the subcommittee’s work will be provided by Charles Collier Wednesday at 2:30.

Tuesday Night Schedule

TBD

Thursday Working Groups

F. Spaceborne Computing Architecture Working Group

(Fourth Day: Thu, May 26, 8:30 am-noon, at Sandia)

Lead by: Richard Stempien (MITRE Corp.)
Terry Cooney (Aerospace Corp.)

The Spaceborne Computing Architecture Working Group (SCAWG) focuses on emerging applications, algorithms, open architecture concepts, along with COTS hardware and software technologies which are applicable across the community for multiple space platforms types and environments.

Thursday Morning Schedule

0800-0810 "Introduction" --- Richard Stempien (MITRE) / Terry Cooney (Aerospace)
0810-0850 "DM Cubsat Systems" --- John Samson (Honeywell)
0850-0930 "Recovering the Forgotten Role of Efficiency in Spaceborne HPEC Processing Efficiency" --- Randy Kuning (Northrop Grumman)
0930-1010 "Space Networking Technology --- Gary Brown (Honeywell)
1010-1020 Break
1020-1120 "Computing Capabilities and High-Density Flash Memory Use in Space Avionics Applications --- Charles Howard (Southwest Research Institute)
1120-1200 "New Technologies for Space Computing and Mass Data Storage" --- James Hobbs and Fred Garcia (Honeywell)

G. Maestro/Tilera User's Group

(Fourth Day: Thu, May 26, 1-5 pm, at Sandia)

The Maestro/Tilera User's Group (MTUG) will have its first meeting to discuss both technical topics and user group organizational issues. The Maestro processor is a 49-core rad-hard by design microprocessor based on Tilera's TILE64 processor and designed by Boeing. Maestro software environment, based on Tilera's commercial software, is developed and supported by USC/ISI, and includes an integrated development environment, compilers, debugger, parallelization and communication libraries, application libraries, and performance instrumentation and analysis tools. The goal of the user group is to establish an independent group of users that share expertise, experience, and tools that improve productivity for government-oriented users of the Maestro and Tilera architectures.

Thursday Afternoon Schedule

12:00-12:25 Introduction
12:25-1:40 Organizational discussions (goals, user group models, etc.)
1:40-2:00 Maestro radiation testing consortium discussion
2:00-3:00 MDB (Maestro Development Board) status and user discussions
Document date June 3, 2011.