NASA MSFC Mission Operations Laboratory MSFC NASA MSFC Mission Operations Laboratory POIWG #35 January 27-31, 2014 Ann Bathew EO03/Operations Directors Office Ku Forward Capability and Operations
NASA MSFC Mission Operations Laboratory MSFC Page 2 Scope of Presentation The intent of this presentation is to provide the Payload User a high level overview of the Ku Forward Capability and Operations Ku Forward Capability Summary HOSC Service Access HOSC Implementation and Schedule Verification and Testing IT Security Requirements Safety Requirements Operational Concept Future Work Technical discussions to take place in Splinter Session Participants: HOSC, Systems Engineering & Integration (SE&I), SE&I- Payload Software Integration (PSI), IT Security, DMC, PRO, Safety, Planning, POD
NASA MSFC Mission Operations Laboratory MSFC Page 3 Ku Forward Capability Summary The ISS Ku Forward capability used internally by MCC-Houston to support systems and payloads (limited) activities is being extended to POIC and will be offered by the HOSC as a standard service to the Payload User community. Ku Forward provides a secondary communication path that will allow Payload ground systems to communicate with their on-orbit Joint Station LAN (JSL) or Ethernet connected payloads via standard IP communication protocols EXPRESS Logistics Carrier (ELC) Payload access to JSL is via Wireless Primary communication (command) path is still S-Band commanding through the PL MDM with 1553 service to the Payload Big Picture: HOSC is developing capabilities/services (CR 13351) that will allow both the POIC Cadre and Payload Users access to devices connected to the onboard Payload LAN Payload use of the Ku Forward capability should be identified in Payload Integration Agreement (PIA) ISS Program (OD and HOSC) has defined an approved set of standard communication protocols that a payload can use ISS Program (OD) defines IT Security Requirements pertaining to the Payload’s On-Orbit Payload Hardware in SSP 50975, International Space Station IT Security Requirements HOSC defines IT Security Requirements pertaining to the Payload’s remote Ground Site in SSP 50305, POIC to Generic User Interface Definition Document (PGUIDD), Vol 1 ISS Program (PSRP) will define any unique safety requirements pertaining to a Payload’s use of Ku Forward as part of the payload Safety Review process POIC will manage/control Payload User access to the Ku Forward Capability in real-time via HOSC provided tools and our standard planning and real-time processes
NASA MSFC Mission Operations Laboratory MSFC Page 4 Ku Forward – HOSC Service Access HOSC has developed a secure plan for remote Payload User access to Ku Forward HOSC requires two factor authentication to their servers Remote Payload User can only access specific, approved destinations using preapproved IP protocols Provides POIC FCT enable/disable control over these protocols Ku Forward “commands” are not defined in the Command & Telemetry Database and do not go through command server or any MDM for uplink/execution Routed through HOSC Payload Ethernet Gateway (HPEG) to onboard LAN Individual payload monitoring and aggregate monitoring of uplink bandwidth provided to cadre Aggregate metering by HOSC
NASA MSFC Mission Operations Laboratory MSFC Page 5 HOSC Implementation Ku Forward IP (POIC-Cadre) ~ May 2014 POIC Cadre use of Internet Protocols to onboard devices Ping to Express Laptops, PEHG HRDL Gateways Remote Desktop to Express Laptops Http to onboard video encoders Https to file server Secure Shell Ku Forward IP (POIC-Remote) & CFDP (POIC-Cadre) ~ Q1 FY15 Remote Payload User use of Internet Protocols to access their payloads and POIC Cadre access to CCSDS File Delivery Protocol (CFDP) Pings and Remote Desktop by Payload Users Secure Shell POIC Cadre access to CFDP File Transfers Ku Forward CFDP (POIC-Remote) ~ Q2 FY15 Remote Payload User use of Internet Protocols to access their payloads and access to use CFDP
NASA MSFC Mission Operations Laboratory MSFC Page 6 Schedule FY13 FY14FY15 DateCSTQ4Q1Q2Q3Q4Q1Q2Q3Q4 Ground Capabilities KuFWD (POIC-Cadre) IP CFDP IP CFDP CFDP KuFWD (POIC-Remote) CFDP IP IP CFDP
NASA MSFC Mission Operations Laboratory MSFC Page 7 Verification and Testing ISS Program (OD and HOSC) has defined an approved set of standard communication protocols compliant with NASA IT Security Requirements Approved protocols are CFDP, HTTPS, ICMP, RDP, and SSH Exceptions to the standard set of approved protocols can be requested as a Unique Requirement in the PIA Prohibited protocols per ISS Program (OD) and IT Security Requirements File Transfer Protocol (FTP) Telnet HOSC is certified for CFDP, HTTPS, ICMP, RDP, and SSH as defined by PGUIDD SE&I-PSI will update SSP 52050, International Standard Payload Rack to International Space Station, Software Interface Control Document with approved protocols SSP Pressurized Payloads Interface Requirements Document references SE&I and SE&I-PSI current ongoing discussions as to what verification data will be required from Payload User Dependent on which protocols are used Payload User is responsible for submitting verification data needed to close the payload unique ICD requirements per SSP No ISS Program Requirement for payload End to End Testing for use of Ku Forward
NASA MSFC Mission Operations Laboratory MSFC Page 8 Verification and Testing, cont. HOSC Verification and Testing EHS and TReK will be tested to verify end to end use of the protocols outlined in the PGUIDD Verification is performed at the protocol level CFDP HTTPS ICMP RDP (Windows tested and evaluating Linux) SSH HOSC has a Ku Band network emulation test setup, supporting Linux and Windows, to validate that the approved and user requested protocols can be supported New protocols and applications, as requested through the PIA process, need to be coordinated with adequate lead time to insure the configuration is tested and can be supported by HOSC Dry Run Test - January 9-10, 2014 Formal Verification - January 27-31, 2014
NASA MSFC Mission Operations Laboratory MSFC Page 9 IT Security Requirements HOSC IT Security Requirements pertaining to the Payload User’s Remote Ground Site SSP 50305, PGUIDD, Vol 1 defines the requirements that the remote Payload User’s ground location needs to meet to connect to the HOSC. A checklist is provided that the Payload User will complete and return, indicating the remote site compliance. If a legacy Payload User’s ground location is compliant now, it is compliant for KU Forward operations Remote ground sites should also be consistent with NPR A Security of Information Technology NIST SP Recommended Security Control for Federal Information Systems and Organizations ISS Program (OD) IT Security Requirements pertaining to the Payload User’s On-Orbit Payload Hardware Payloads should be compliant to SSP International Space Station IT Security Requirements.
NASA MSFC Mission Operations Laboratory MSFC Page 10 Payload Safety Recent discussions have occurred between Payload Safety Review Panel (PSRP) and POIF regarding Safety Approach when using Ku Forward capability If no Hazardous commands/communications identified during PSRP Safety Review Payload may utilize Ku Forward with no constraints If Hazardous commands/communications are identified during PSRP Safety Review PSRP will review each payload on a “case by case” basis to determine whether the payload can utilize Ku Forward capabilities PSRP internal forward work for defining processes to handle these Payloads Legacy Payloads with Hazardous commands will have to request use of the Ku Forward Capability in a re-flight Safety assessment Will Legacy Payloads without Hazardous commands have to go through a Safety Reassessment? Still in discussion at PSRP Commands defined in POIC Command & Telemetry Database as Critical/Hazardous fall under the PSRP definition of Hazardous commands Note: PSRP Memo to be sent to all Payload Users which will identify all applicable requirements and interpretations regarding Hazardous commanding via Ku Forward Per Flight Rule B2-451, Hazardous Commands are those that can remove an inhibit to a hazardous function, activate an unpowered hazardous system, reduce safety critical redundancy, create a fail- critical or hazardous condition, and/or control actively safed systems.
NASA MSFC Mission Operations Laboratory MSFC Page 11 Ku Forward Real-time Operations Ku Forward Planning POIC Planning Team will add the Ku Forward resource to Consolidated Planning System (CPS) Uplink bandwidth will be modeled Payload activities using Ku Forward will be placed in the JSL CMD band of OSTPV Activity names and Ops Notes should remain the same for legacy payloads that request use of Ku Forward Legacy Payloads may have new activities associated with Ku Forward Data Flow Management Ku Forward activity will be shown in the Data Flow Plan (DFP) Bandwidth allocation & management Total uplink bandwidth is 25 Mbps, shared across ISS users (systems and payloads) Initial plan is for 8 to 10 Mbps to be devoted to NASA payloads Bandwidth is monitored on a payload basis Payload Users are expected to monitor and control their own uplink bandwidth If a payload overruns its allocated bandwidth and impacts other users, DMC will notify POD/PRO and PRO will disable Payload User HPEG from service
NASA MSFC Mission Operations Laboratory MSFC Page 12 Ku Forward Real-time Operations, cont. Ku Forward Enablement Process Ku Forward “Commanding” Ku Forward communications operations are not “commanding” in the traditional sense Enabling the Payload for Ku Forward operations opens a port to the onboard LAN through the HOSC Payload Ethernet Gateway (HPEG) Pathway is opened up for two-way traffic instead of commands directly through the MDMs to the payload hardware There will NOT be “commands” listed on Command Track for the PRO to monitor Same as S Band command enablement process Payloads will have scheduled Ku Forward use windows shown in OSTPV Prior to enablement, the Payload User will check in with the PRO and provide an overview of planned operations PRO will brief POD, who will give Go for nominal Ku Forward commanding When window opens PRO will enable Ku Forward commanding for Payload via the Command User Enable Tool Troubleshooting Onboard issues should be directed to DMC Enablement issues should be directed to PRO HOSC interface issues should be directed to IST
NASA MSFC Mission Operations Laboratory MSFC Page 13 POIF Future Work and Discussions POIF Internal Identify and develop necessary Payload Operations Handbook (POH) Vol 2 updates for Ku Forward Operations Identify and develop any Payload Regulations associated with Ku Forward Operations DMC and PRO Ground Command Procedures (GCP) updates Planning Updates Required Training Discussions between POIF/POIC and SRP regarding payloads with hazardous commands/communications and approval to use Ku Forward Discussions between POIF and MOD Identify and develop Operations Interface Procedures (OIP) between Flight Control Teams (FCT) Identify Flight Rules necessary for Payloads access to JSL Bandwidth Allocations and Prioritization between Systems and Payloads Discussions to address impacts of loss of Ku Forward Possible Flight Rule updates to address loss of Ku Forward, including return to service time Discussions to address lack of Emergency Caution & Warning (ECW) for Payloads not connected to 1553
NASA MSFC Mission Operations Laboratory MSFC Page 14 Points of Contact for Ku Forward Operations HOSC Andrew DMCHugh Johnathan PARCMichelle PODAnn Jimmy POIF Safety Mitchell PROJennifer IT Security Truong SE&IChen SE&I-PSITony
NASA MSFC Mission Operations Laboratory MSFC Page 15 Applicable Documents and Other Data SSP 57072, Standard PIA for ISS Pressurized Payloads Payload Integration Agreement SSP 57000, Pressurized Payloads Interface Requirements Document Payload Verification Data SSP 52050, International Standard Payload Rack to International Space Station, Software Interface Control Document SSP 573XX, Unique Payload Software Interface Control Documents Payload Product Integrated List (PPIL) SSP 50974, International Space Station IT Security Requirements SSP 50305, POIC to Generic User Interface Definition Document, Vol 1 Payload Hazard Reports Planning Data Set
NASA MSFC Mission Operations Laboratory MSFC Page 16 Acronyms CFDPCCSDS File Delivery Protocol CMDCommand CPSConsolidated Planning System CRChange Request DFPData Flow Plan DMCData Management Coordinator ECWEmergency Caution & Warning EHSEnhanced HOSC System ELCEXPRESS Logistics Carrier FCTFlight Control Team FTPFile Transfer Protocol GCPGround Command Procedures HOSCHuntsville Operations Support Center HPEGHOSC Payload Ethernet Gateway HRDLHigh Rate Data Link HTTPSHypertext Transfer Protocol Secure ICDInterface Configuration Document ICMPInternet Control Message Protocol IPInternet Protocol ISTIntegrated Support Team JSLJoint Station LAN LANLocal Area Network MDMMultiplexer/Demultiplexer MODMission Operations Directorate OSTPVOnboard Short Term Plan Viewer PEHGPayload Ethernet Hub Gateway PIAPayload Integration Agreement PODPayload Operations Director POHPayload Operations Handbook POICPayload Operations & Integration Center POIFPayload Operations and Integration Function PRCUPayload Rack Checkout Unit PROPayload Rack Officer PSIPayload Software Integration PSRPPayload Safety Review Panel RDPRemote Desktop Protocol SE&ISystems Engineering & Integration SSHSecure Shell