Design Verification of MSL Second Chance Pradip Maitra TASC 1 of 7 What is MSL Second Chance? Some Design Details Verifying.

Slides:



Advertisements
Similar presentations
MX250 Power on and off, Console Mode. January 2004 Page 2 Power Supply MX250 has ac and dc inputs –ac 100 to 240 V, 5A, 50 to 60 Hz –dc –48 V, 6A –worldwide.
Advertisements

MHSL - Dolphin Training Class
Welcome to the Award Winning Easiest to Use & Most Advanced View, Manage, and Control Security, Access Control, Video, Energy & Lighting Systems, & Critical.
Parallel and Distributed Simulation
SENG521 (Fall SENG 521 Software Reliability & Testing Operational Profiles (Part 5b) Department of Electrical & Computer Engineering,
Skyward Disaster Recovery Options
IV&V of Critical Behavior September, 2012 Shirley Savarino, TASC.
Upload your final deck on the speaker portal on or before April 26, The Scrub Process will include: Verification that required slides are included.
GLAST LAT ProjectISOC CDR, 4 August 2004 Document: LAT-PR-04500Section 3.11 GLAST Large Area Telescope: Instrument Science Operations Center CDR Section.
Checkers Steven Prockup Spencer MacDonald. Project Overview A computer checkers playing program where the human interface is through a physical checkerboard.
1 Software Testing and Quality Assurance Lecture 37 – Software Quality Assurance.
JPL Autonomous Space Mission Simulation Ground / Mission control: Abraham Hart Gary Kahler Filip Mladenovic Steven Palmer.
Section 15-1GLAST Ground System Design Review August 18&19, 2004 ISOC Organization ISOC Manager R Cameron Commanding, H&S Timeline Planning Command Generation.
GLAST LAT ProjectISOC CDR, 4 August 2004 Document: LAT-PR-04500Section 4.11 GLAST Large Area Telescope: Instrument Science Operations Center CDR Section.
Week:#14 Windows Recovery
Testing - an Overview September 10, What is it, Why do it? Testing is a set of activities aimed at validating that an attribute or capability.
Chapter 11: Testing The dynamic verification of the behavior of a program on a finite set of test cases, suitable selected from the usually infinite execution.
MAVEN CDR May 23-25, 2011 Particles and Fields Package Pre-Environmental Review May , 2012 Flight Software Peter R. Harvey Mars Atmosphere and Volatile.
Software Integration and Documenting
Microsoft ® Official Course Module 13 Troubleshooting and Recovering Windows 8.
How To Apply Quality Management
Flight-like Flight Software Testing Methods Celina A Garcia Jet Propulsion Laboratory California Institute of Technology ©2009 California Institute of.
From Use Cases to Test Cases 1. A Tester’s Perspective  Without use cases testers will approach the system to be tested as a “black box”. “What, exactly,
Mars 2020 Project Matt Wallace Deputy Project Manager August 3, 2015.
.1 RESEARCH & TECHNOLOGY DEVELOPMENT CENTER SYSTEM AND INFORMATION SCIENCES JHU/MIT Proprietary Titan MESSENGER Autonomy Experiment.
Compatibility and Interoperability Requirements
GLAST Large Area Telescope Instrument Flight Software Flight Unit Design Review 16 September 2004 Diagnostics Framework James Swain Stanford Linear Accelerator.
GLAST LAT Project4 April 2005 LAT System EngineeringLAT Test Planning Meeting GLAST LAT GLAST LAT System Engineering Gamma-ray Large Area Space Telescope.
21-1 MAVEN IPSR October 30,31, 2012 Particles and Fields Package Pre-Ship Review October 30,31, : Flight Software Peter R Harvey Mars Atmosphere.
Information Security What is Information Security?
Section 3.2 Notes Conditional Probability. Conditional probability is the probability of an event occurring, given that another event has already occurred.
MinMars Update Telecon October, 25 th Mars Design Reference Architecture 5.0 New reference document as of July 2009 – NASA-SP – Uploaded.
Tbox is a monitoring solution for all your computer systems Unifies and simplifies management of system surveillance Notifies you in the event of.
RBSP Radiation Belt Storm Probes RBSP Radiation Belt Storm Probes 12/25/20151 Flight Software Template for Instrument Critical Design Review Gary M. Heiligman.
Chapter 7 & 8 IOS Images and Router Configuration
GLAST Large Area Telescope LAT Flight Software System Checkout TRR Systems Engineering Mike DeKlotz GSFC Stanford Linear Accelerator Center Gamma-ray Large.
GLAST Large Area Telescope LAT Flight Software System Checkout TRR Test Suites (Backup) Stanford Linear Accelerator Center Gamma-ray Large Area Space Telescope.
Software reviews Cost impact of software defects Defect amplification model Review metrics and their use – Preparation effort (E p ), assessment effort.
1/106 December 2001Rosetta SOWG Status of the Rosetta Project TestBed (PTB) P. van der Plas Modelling and Simulation Section ESA/ESTEC ESA/Estec 6 December.
Tracing the JWST Proposal from User Interface to Commanding of an Instrument Margaret Meixner & WIT Balzano, Robinson & CMD.
CSSE October.2008 APF: Cycle plan and build Chapters 15 & 16.
Flight Simulator Overview Flight Compartment Host Computer Motion Control Cabinet Motion Platform 13/6/2016 Visual Display Visual Image Generator Interface.
1 Pertemuan 3 Operating Cisco IOS Software. Discussion Topics The purpose of Cisco IOS software Router user interface Router user interface modes Cisco.
Chap 5-1 Chapter 5 Discrete Random Variables and Probability Distributions Statistics for Business and Economics 6 th Edition.
DAQ & ConfDB Configuration DB workshop CERN September 21 st, 2005 Artur Barczyk & Niko Neufeld.
Chap 7 IOS Images Andres, Wen-Yuan Liao Department of Computer Science and Engineering De Lin Institute of Technology
1 Software Testing and Quality Assurance Lecture 38 – Software Quality Assurance.
1 © 2004, Cisco Systems, Inc. All rights reserved. CCNA 2 v3.1 Module 2 Introduction to Routers.
The Troubleshooting Process. Hardware Maintenance Make sure that the hardware is operating properly.  Check the condition of parts.  Repair or replace.
EDL 505 Week 4 Individual Culture of a School: Interview and Reflection Paper Resource Culture of a School: Interview and Reflection Paper Guidelines Interview.
EDL 535 Week 1 DQ 2 What is “due process” and why is it important? Check this A+ tutorial guideline at 535/EDL-535-Week-1-DQ-2.
EDL 535 Week 2 DQ 1 Discuss the powers of the local school board and how the decisions made affect education in your school. Check this A+ tutorial guideline.
EDL 535 Week 2 DQ 2 What liability issues affect you as a teacher? Check this A+ tutorial guideline at 535/EDL-535-Week-2-DQ-2.
EDL 535 Week 2 DQ 4 What are some examples of intentional and unintentional torts? Check this A+ tutorial guideline at
EDL 535 Week 3 DQ 1 Why are school leaders, principals, and teachers held to a higher standard of conduct in the community than people in other professions?
EDL 535 Week 4 DQ 2 What safety requirements are necessary in the use of technology? Check this A+ tutorial guideline at
EDL 535 Week 4 DQ 3 What are some ways that you can monitor cyber-bullying as a teacher leader? Check this A+ tutorial guideline at
EDL 535 Week 5 DQ 1 What are the major principles of IDEA? Check this A+ tutorial guideline at 535/EDL-535-Week-5-DQ-1.
LDR 531 Week 3 Summary R-531/LDR-531-Week-3-Summary For more details
Operational Flight Software
How To Apply Quality Management
GLAST Large Area Telescope:
Software Requirements
Boot Code Readiness Review
Key Terms By: Kelly, Jackson, & Merle
Rigorous Development Of a Safety-Critical System Based on Coordinated Atomic Actions By Subash M S.
EPU load – same as SIU load except…
Figure 8.1 Architecture of a Simple Computer System.
Launch and On-orbit Checkout
Operating Systems p.describe the characteristics of knowledge-based systems; q.describe the purpose of operating systems; r.describe the characteristics.
Presentation transcript:

Design Verification of MSL Second Chance Pradip Maitra TASC 1 of 7 What is MSL Second Chance? Some Design Details Verifying the Design Summary Questions

What is Second Chance (SECC)? 2 of 7 MSL has 2 Flight Computers (FC-A and FC-B) normally loaded with the same flight software (FSW) image. Only FC-A is ON during Cruise and Surface Ops. During EDL, the FC-B is also turned ON. FC-B executes a different FSW image during EDL. This FC-B image monitors FC-A state and actions. If FC-A misbehaves, FC-B takes over control and resumes EDL operation within 1-2 seconds. This was the intent of MSL Second Chance (SECC).

Design Details 3 of Second Chance requirements in addition to original 4446 FSW requirements. Principal guidelines: – Do not harm existing FSW functionality as it is going to get changed to accommodate Second Chance. – SC Image will not share normal FSW image banks. – SC Functionality can be deactivated in the last moment. – SC Image will be uploaded 2 weeks before EDL. – SC Image will be forgotten immediately after landing.

Design Details 4 of 7

Verifying the Design 5 of 7 Reset Scenario Analysis. Does any SECC requirement violate EDL Timeline? How capable is SECC image in resuming EDL? How SECC image interfaces with FSW environment? – SECC image upload and booting into it. – Unintended Enabling/Disabling/Arming SECC image. – Verifying receipt of “Prime in distress” event. – Where SECC image is being stored and can it affect normal FSW boot sequence? – Verifying successful removal of SECC image after landing.

Swim lane example: Verifying the Design 6 of 7

Summary The design verification work had uncovered a few problem areas that were judged to be of very low probability of occurrence. JPL conducted a high resolution simulation of FC-A failures during different time points of EDL. Their simulation also found that not all possible failure periods can be covered using a 1.5 to 2 seconds recovery time. 7 of 7

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.