Presentation is loading. Please wait.

Presentation is loading. Please wait.

Single Event Upset Simulation

Published bySri Hermanto Modified over 6 years ago

Similar presentations

Presentation on theme: "Single Event Upset Simulation"— Presentation transcript:

1 Single Event Upset Simulation
Carlos Beltran The Aerospace Corporation December 4, 2018

2 Background behind SEU simulation
Overview Background behind SEU simulation Implementation of SEU program coined “MemAggressor” Standalone Testing Integration into HIL simulations Future Applications

3 Background Aerospace developed a new capability to inject single event upset (SEU) into targeted memory locations. Provides a more test-like-you-fly Hardware-In-the-Loop (HIL) flight software (FSW) testing capability. SEUs are result of radiation hits flipping the bits and corrupting the memory of the FSW. Aerospace developed SEU simulation tool is called MemAggressor. MemAggressor provides the capabilities to inject temporary or permanent SEUs. Enables analysts to verify the FSW response under various failure conditions.

4 Hardware An ARM based processor was used for testing
Performing fault injection by flipping a single bit in regions of memory will simulate the scenario where an uncorrectable ECC memory page ultimately ends up loaded into the CPU register file. Application

5 Software The Aerospace test software is comprised of a memory aggressor daemon (MemAggressord) and a client application. Client (initiating) application The client application initiates the modification of target memory. Presumably the client application is some sort of test application running on a standard PC. This PC would have a network connection to the flight computer. The application sends protobuf messages via UDP to the MemAggressord. Since protobuf and UDP are fairly ubiquitous, the client application can be written in any language that supports them. The client app can even run on the target board and send UDP packets via localhost. UDP – User Datagram Protocol

6 MemAggressor Process MemAggressor implementation in a HIL simulation
MemAggressor waits for message from client Dynamics Client MemAggressor PID, Address, SEU Type If UDP message is received MemAggressor attaches to PID Set watchpoint(s) (using ARM debug registers) FSW executes MemAggressor detaches from FSW process allowing the FSW to execute normally.. No MemAggressor allows FSW to execute normally Hard watchpoint ? Yes FSW accesses variable and is halted by the watchpoint and a SIGTRAP is sent to MemAggressor MemAggressor waits for FSW to access address watched by watchpoint Data is corrupted by the program MemAggressor implementation in a HIL simulation

7 Standalone Testing A standalone attitude estimation program served as the SEU target for testing. Within the AHRS program, we focus on the ahrsContext struct shown below. The AhrsContext_t type encapsulates both state (R/W) memory and constant (R/O) memory. The state memory can be read from and written to at any time. In this example. the fields q0 through q3 are the current estimated quaternion of the fake system. On the other hand, constant memory is used to hold immutable data (things like one-time tuning configs, mathematical constants, etc. The value here is 'sampleFreq.'  AHRS - Attitude and Heading Reference System

8 Standalone Testing The fake AHRS program contains sensitivities to memory faults. Here are a few: The quaternion must be normalized, and should never be all 0s. Denormalized quaternions will propagate and persist, causing bad estimates. The sampleFreq field is marked const, and thus no sane C compiler would allow the program to manipulate it. The developer is relying on the hardware or system software to ensure that this value is correct and unmodified. The code does a divide with this field, so if it were to be erroneously zeroed out, NaNs would propagate. A bitflip in the program's .text section could lead to undefined instruction (prefetch abort) exceptions, either by direct instruction execution or indirect "branching into the weeds." NaN – Not a Number

9 Standalone Testing To the right is a log file from a test run with the standalone attitude estimation program running alongside the MemAggressor program. You can see that a message was received from the client and there was a watchpoint set on the variable “thisShouldbe1”. The attitude estimation program tried to access the variable and the MemAggressor program corrupted the data causing the program to return errors. This is an example of what could happen from a radiation hit in space with no protection from the FSW. Next step is to test what would happen in real FSW.

10 Current HIL Integration
MemAggressor will run along side the Flight Software during an end-to-end mission run. Flight software is modified to create a log of variable addresses. MemAggressor reads log to simulate SEU for the desired variables. Dynamics is modified to use the client SEU injection capabilities. Client is compiled as library and linked to dynamics.

11 Future HIL Integration and Concerns
Future HIL Integration Enhancement Provide options a user can set in config file for an end-to-end mission. Number of watchpoints to set. Max number of watchpoints is 4 (limited by architecture). Time in mission to set watchpoints. Concerns: The time it takes to insert the watchpoint and corrupting the data may be too long to stop the FSW and may cause FSW to fail or become unstable. This is something that will need to be monitored when running end-to-end mission runs.

12 Conclusion SEUs simulation can be done by leveraging low level debugging capabilities. The Aerospace Corporation developed SEU simulation capability is currently being used in HIL testing. This capability can be adapted to other architectures besides the ARM. In addition to SEU, this capability can be used to corrupt system feedbacks to simulate various sensor and communication failures.

Download ppt "Single Event Upset Simulation"

Similar presentations

Operating Systems Components of OS

Operating Systems Components of OS
Exceptional Control Flow Processes Today. Control Flow Processors do only one thing: From startup to shutdown, a CPU simply reads and executes (interprets)

Exceptional Control Flow Processes Today. Control Flow Processors do only one thing: From startup to shutdown, a CPU simply reads and executes (interprets)
Extensibility, Safety and Performance in the SPIN Operating System Presented by Allen Kerr.

Extensibility, Safety and Performance in the SPIN Operating System Presented by Allen Kerr.
Chap 2 System Structures.

Chap 2 System Structures.
1 CS 333 Introduction to Operating Systems Class 2 – OS-Related Hardware & Software The Process Concept Jonathan Walpole Computer Science Portland State.

1 CS 333 Introduction to Operating Systems Class 2 – OS-Related Hardware & Software The Process Concept Jonathan Walpole Computer Science Portland State.
CS 300 – Lecture 22 Intro to Computer Architecture / Assembly Language Virtual Memory.

CS 300 – Lecture 22 Intro to Computer Architecture / Assembly Language Virtual Memory.
Informationsteknologi Friday, November 16, 2007Computer Architecture I - Class 121 Today’s class Operating System Machine Level.

Informationsteknologi Friday, November 16, 2007Computer Architecture I - Class 121 Today’s class Operating System Machine Level.
Advanced OS Chapter 3p2 Sections 3.4 / 3.5. Interrupts These enable software to respond to signals from hardware. The set of instructions to be executed.

Advanced OS Chapter 3p2 Sections 3.4 / 3.5. Interrupts These enable software to respond to signals from hardware. The set of instructions to be executed.
The Structuring of Systems Using Upcalls David D. Clark 4/26/20111Frank Sliz, CS533, Upcalls.

The Structuring of Systems Using Upcalls David D. Clark 4/26/20111Frank Sliz, CS533, Upcalls.
Group 5 Alain J. Percial Paula A. Ortiz Francis X. Ruiz.

Group 5 Alain J. Percial Paula A. Ortiz Francis X. Ruiz.
1 Fault Tolerance in the Nonstop Cyclone System By Scott Chan Robert Jardine Presented by Phuc Nguyen.

1 Fault Tolerance in the Nonstop Cyclone System By Scott Chan Robert Jardine Presented by Phuc Nguyen.
Chapter 3: Operating-System Structures System Components Operating System Services System Calls System Programs System Structure Virtual Machines System.

Chapter 3: Operating-System Structures System Components Operating System Services System Calls System Programs System Structure Virtual Machines System.
Operating System Support for Virtual Machines Samuel T. King, George W. Dunlap,Peter M.Chen Presented By, Rajesh 1 References [1] Virtual Machines: Supporting.

Operating System Support for Virtual Machines Samuel T. King, George W. Dunlap,Peter M.Chen Presented By, Rajesh 1 References [1] Virtual Machines: Supporting.
9 Chapter Nine Compiled Web Server Programs. 9 Chapter Objectives Learn about Common Gateway Interface (CGI) Create CGI programs that generate dynamic.

9 Chapter Nine Compiled Web Server Programs. 9 Chapter Objectives Learn about Common Gateway Interface (CGI) Create CGI programs that generate dynamic.
Cosc 2150: Computer Organization

Cosc 2150: Computer Organization
Operating Systems ECE344 Ashvin Goel ECE University of Toronto OS-Related Hardware.

Operating Systems ECE344 Ashvin Goel ECE University of Toronto OS-Related Hardware.
Silberschatz, Galvin and Gagne  2002 3.1 Operating System Concepts Chapter 3: Operating-System Structures System Components Operating System Services.

Silberschatz, Galvin and Gagne  Operating System Concepts Chapter 3: Operating-System Structures System Components Operating System Services.
Operating Systems Lecture 7 OS Potpourri Adapted from Operating Systems Lecture Notes, Copyright 1997 Martin C. Rinard. Zhiqing Liu School of Software.

Operating Systems Lecture 7 OS Potpourri Adapted from Operating Systems Lecture Notes, Copyright 1997 Martin C. Rinard. Zhiqing Liu School of Software.
Processes Introduction to Operating Systems: Module 3.

Processes Introduction to Operating Systems: Module 3.
Distributed System Concepts and Architectures Services

Distributed System Concepts and Architectures Services

Similar presentations

Ads by Google