The Third Workshop on...
Fault-Tolerant Spaceborne Computing Employing New Technologies, 2010

Sandia National Laboratories will host a working group to develop a preliminary statement of how trust affects, interacts, and enables space systems as well as how to measure trustworthiness. We invite representatives of government and contractor entities who are concerned about trust relationships in space systems, particularly those who have ideas or products in this area.

Trust affects space systems from multiple perspectives. Trust is present in communications of space systems and it also permeates communications with ground segments (both user and control) and between ground segment components. Trust is a supply chain and lifecycle issue for space systems - from concept to decommissioning and in all segments. Trust is required for multi-mission space systems - trust between secondary systems and the primary.

This working group will collectively determine where trust plays a role in space systems and how to measure the trustworthiness of those systems. Factors such as the time criticality of data and the potential consequences of failure of trust are part of the metric. The first task of the working group will be determining the trust areas the group will consider. The second task of the working group will be determining security metrics that apply to the chosen trust areas. The third task will be finding the common metrics that allow relative comparison of trust between areas.

We have approximately four hours allocated to this working group for this activity. The first hour will include presentations on trust areas and security. We currently plan on presenting on trust in cyber security and trust in supply chain. The working group hosts welcome other presentations about specific work in the area of space systems trust. Presentations will be limited to 10 minutes for a maximum of 3 additional presenters to leave two minutes for Q&A for each of the five presentations. In the second hour the working group will move on to the first task. Subsequent tasks' timing depends upon the timing of previous tasks.

The end product of the Trust Working Group will be a statement to be presented at the general Space Conference to an audience of seniors. This statement will directly reflect the results of each task of the working group - trust areas, security metrics, and common metrics.

Working Group Chair: Larry Bergman (JPL)
Working Group Co-Chair: Marti Bancroft (MBC)

The general goal of the Fault Tolerant Working Group will be to assess the current status of fault tolerance / management system technologies (both hardware and software) for space borne computing, future emerging mission needs / requirements, and specific problems and solutions that require further development for multicore space borne avionics.

TIMES MAY CHANGE Advances in space system sensors and science instruments have produced unprecedented quantities of digital data which much be stored and then returned to ground stations. Options for digital storage include large SRAMs, DRAMS, and non-volatile memory. This working group will build upon the discussions at Space Computing 2009 and evaluate the state-of-the-art in commercial and radiation hardened memory systems. Gaps will be identified and proposed solutions will be explored.

Outcome: Spider chart (radar chart)

Working Group Chair: AJ Kleinosowski

Tuesday Working Groups

Sponsor: Jet Propulsion Lab

Contacts:

• Marti Bancroft , MBC (contractor, OGA)
  
• Dr. Larry Bergman, JPL
  

• Tim Gallagher, Lockheed Martin Space Systems
  
• Rob Lamprereur, Ball Aerospace

Although the initial view by some was that this area was so application specific that there were few areas of potential collaboration, further discussions revealed that some collaboration opportunity in compiler support for ABFT and in tools might exist.

Therefore the focus of this working group will be to ensure consistent definitions of ABFT and to specifically identify components (in addition to the application) that serve to enable it and areas were those might of common use across missions. The goal is to identify areas where joint funding could benefit both the state of the art and multiple missions.

ABFT can benefit from operating system/hypervisor features, as well as middle ware, advance complier technology, libraries, novel approaches to rollback and replay (as compared with entire application checkpoint and restart, mostly not practical in time critical systems).

How these approaches and others combine to help ensure fault tolerant space borne computing, and where there are gaps that collaborative work could fill, will be the discussion themes of this workshop.

The following presenters will help ensure lively discussions:

• Tim Gallagher -- introductory remarks including lessons learned from prior work
• Rob Lamprereur -- introductory remarks including lessons learned from prior work
• Kim Gostelow (JPL) -- "An Execution Model for Multicore: Fault Tolerance and Parallelism"
• Mike Deliman (Wind River) -- "The Role of the Operating System and Hypervisor in Multi/Many Core ABFT -- Status and Potential Future Directions." Discussion will include possibilities of the hypervisor providing features for ram-scrubbing and/or core-scrubbing and how a type-1 hypervisor can aid the application by containing faults, preventing propagation, etc.
• Ian Troxel and Steve Crago -- "Hardware vs Software support for ABFT: Two Views, One Goal"

Most of the working group time will be devoted to open discussions, with the goal to identify at least one area for potential collaboration on things that enable ABFT for multiple (ideally diverse) applications.

NOTE: As of the preparation time of this document, the organizer has notified us he will not be able to travel. Attendees with interest please show up and the organizers will figure something out.

Next generation space missions, incorporating high data rate sensors and high performance onboard computing systems, will require concomitantly high bandwidth avionics data networks. These networks must also support real time performance, guaranteed quality of service, highly reliable operation, and fault tolerance. Low power operation and flexibility of the network to meet widely varying mission requirements are highly desirable, if not required. In working group, we will:

• Develop a roadmap of future mission interconnect needs
• Review current spacecraft avionics networks development projects
• Develop a recommendations for the development of future networks

Thursday Working Groups