How Embedded Linux is used in Spacecrafts !

• Software Development
• Linux
• System Design

 How Embedded Linux is used in outer space ! EP1: Spacecrafts

Series introduction :

We will take a technical dive with Tux around the galaxy to see how Embedded Linux is used in outer space, fasten your seat belt and let the journey begin.

Ten years ago, the mainstream embedded systems consisted of just a Microcontroller with a few kilobytes of memory and either a bare-metal applications or small RTOS underneath, However, this is no longer the case.

Modern Embedded systems have increased in complexity. in addition to that, the space field has a lot of safety and reliability requirements as they operate in a different environment compared to Earth ( extremely cold, cosmic rays, and other factors. ) and of course; very remote, so the cost of one misbehave or an error could cost lives, millions of dollars or even the whole mission, all those factors made the space field careful in terms of hardware and software. An old tested platforms with limited functionality is usually preferred over modern platform with latest specs to make sure it will act in a deterministic way.

Linux OS started to gain some popularity in the space domain by exploring three space applications.

• Spacecrafts.
• Nano satellites.
• Astro-photography.

I hope you will enjoy the journey with me and TUX :D

1. Episode 1: Spacecrafts.
2. What challenges spacecrafts electronics face in space?
3. What is spacecraft on-board computer (OBC)?
4. What is a flight string ?
5. What safety through redundancy (Actor-Judge system) ?
6. SpaceX.
7. NASA flying Linux on Mars !
8. Boeing radiation-hardened space processor based on the ARM architecture.
9. There's always a catch, so what is it ?
10. Conclusion.
11. References.

Episode 1: Spacecrafts

The field of space is fascinating to many, but unfortunately; it’s also very confidential and restricted so it’s not so easy to find information about it available for the public consumption.[2]

I will begin by explaining some fundamental principles of embedded systems utilized in spacecrafts.

What challenges spacecrafts electronics face in space?

1. Vacuum: In the vacuum of space, there is no air to dissipate heat.
2. Radiation: electronics must be designed to withstand high levels of radiation, which can cause data corruption and permanent damage to electronics.
3. Extreme temperatures: Intense heat when facing the sun, intense cold when sun is blocked by earth, or even much more aggressive ranges in deep space missions.(-229 °C to 175°C) [4]
4. Vibration and shock: During launch and landing, spacecraft electronics must be able to withstand intense vibration and shock.
5. Limited power and resources: Spacecraft electronics must be designed to operate efficiently, as they often have limited power and resources available.
6. Limited communication: Communications with spacecraft can be delayed or disrupted due to the distance from Earth.
7. Long duration missions: Some spacecraft are designed to operate for many years, so electronics must be able to withstand the wear and tear of long-term use.

Overall, spacecraft electronics must be reliable, robust, and able to withstand a wide range of challenging conditions in order to function properly and complete their mission.

Before diving into the usage of Linux in the spacecraft domain, lets first establish some ground definitions int the field, which shall help us understand. 
OBC, flight string and safety through redundancy.

What is spacecraft on-board computer (OBC)?

The on-board computer (OBC) is a crucial component of a spacecraft, responsible for controlling propulsion, navigation, guidance, and communication functions. It also processes scientific data and transmits it back to Earth. Like any embedded system, the OBC includes a central processing unit (CPU), memory, and input/output (I/O) devices such as sensors and actuators. It must be built with ruggedized hardware and software and operate independently for extended periods with minimal maintenance.

What is a flight string ?

A “flight string” means an element of a redundant flight control system consisting of a flight computer and a data bus to a set of sensors and effectors. [6]

What safety through redundancy (Actor-Judge system) ?

Safety through redundancy is a principle that involves using multiple redundant components (flight strings) or systems doing the same thing, to increase the overall reliability and safety of a larger system.

In an Actor-Judge system, two — or more — separate components work together to ensure safety and accuracy. The “Actor” component is responsible for taking actions and making decisions based on the input it receives. The “Judge” component then evaluates the decisions made by many Actors and provides feedback if the all agree or not, which the Actor can use to adjust its actions in the future, we shall talk more later on how SpaceX using this principle in their falcon

The other option is to use special hardened HW which is developed for the outer space usage, with special protections against the cosmic rays and the bit-flip and so on.

This first one is called radiation tolerant design vs the second one which is called radiation hardened design.

Now Let’s discuss how Linux is used in SpaceX

SpaceX

OS:
 
SpaceX uses Linux on their primary flight computers for Dragon spacecraft and Falcon 9 launch vehicle, and also for their test vehicles, such as Grasshopper. Their version of Linux is based on the 3.2 kernel with real-time patches. SpaceX has also made their own mission-specific modifications to the kernel, and custom drivers have also been added. The kernel has been carefully evaluated, especially focusing on scheduler performance.

Hardware :

SpaceX uses an Actor-Judge system to provide triple redundancy to its rockets and spacecraft. what the heck is that ?

Actor-Judge system in falcon:

The Falcon 9 is equipped with 3 dual-core x86 processors running an instance of Linux on each core. The flight software is written in C/C++ and runs in the x86 environment. For each calculation/decision, the “flight string” compares the results of the two cores. If there is an inconsistency, the command is bad and sends no command. If both cores return the same answer, the string sends the command to the different microcontrollers on the rocket that control things like the engines and the grid fins.

NASA flying Linux on Mars !

NASA’s Ingenuity Mars Helicopter, is a technology demonstration to test the first powered flight on Mars, and it’s the first of it’s kind to fly on a world beyond our earth !

Ingenuity will face a pretty harsh environment on Mars,

Mars has beyond bone-chilling temperatures, with nights as cold as minus 90 degrees Celsius at Jezero Crater (the landing site)[10]. One of Ingenuity’s first objectives when it gets to the Red Planet is just to survive the frigid Martian night for the first time.

Mars has a rarefied atmosphere — just about 1% of the density of our atmosphere on Earth. Because the Mars atmosphere is so much less dense, Ingenuity is designed to be light, with rotor blades that are much larger and spin much faster than what would be required for a helicopter of Ingenuity’s mass on Earth. Mars does give the helicopter a little help: The gravity there is only about one-third that of Earth’s. That means slightly more mass can be lifted at a given spin rate.[9]

According to NASA GitHub for the F´ project [8] , this Airborne is equipped with Qualcomm’s Snapdragon 801 and running Linux on board !

And to be subjective, this just a technology demonstration vehicle, and as per Tim Canham, Mars Helicopter Operations Lead at NASA’s (JPL).[7]

It’s important to keep the Mars Helicopter mission in context, because this is a technology demonstration. The primary goal here is to fly on Mars, full stop.

But still this is a very important step in using Linux beyond earth !

Boeing radiation-hardened space processor based on the ARM architecture

After we discussed Actor-Judge system method used by SpaceX to make use of off the shelf hardware components, we can consider another approach to designing mission-critical hardware for use in space:

radiation hardening, or radiation hardening by design. This design method requires custom design of hardware that can withstand the harsh conditions of space, such as radiation.

Boeing has announced plans to develop a next-generation radiation-hardened space processor using the ARM architecture, which offers improved performance and efficiency, while providing enhanced radiation tolerance. The processor will be built with radiation-hardened-by-design (RHBD) features. The use of the ARM architecture provides optimal power-to-performance for upgradeability, software availability, ease of use, and cost.

The project also will use Radiation Hard By Design (RHBD) standard cell libraries, as well as the ARM A53 processor with its internal NEON single instruction, multiple data (SIMD) design.

System software infrastructure will support real-time operating systems and Unix/Linux parallel processing to support hierarchical fault tolerance ranging from single Chiplet deep-space robotic missions to multi-Chiplet -redundant human spaceflight missions.[11]

There’s always a catch, so what is it ?

• Choosing Linux as an operating system may limit the choice of hardware: The processor must have a memory management unit, and 8-bit and 16-bit processors are mostly ruled out. However, low-power 32-bit processors can be used in place of 8-bit and 16-bit ones (μClinux is an exception).
• Linux is not a RTOS by design: also you can use the Linux RT patch to make it more real-time friendly, but sometimes it’s not enough for hard Real-time systems, one solution to this problem is; to use Linux alongside other RTOS and run the hard real-time functionality on the RTOS, while making use of all the Linux of the shelf components for the rest of the project, you can run both of them on the same processor at the same time, utilizing technologies like hypervisors and time-space partitioning (This concept is used heavily in modern automotive, a topic for another article).
• You use much more code than you need (code bloat): It has been observed that many Linux programs, which were being considered for porting to certain systems, had issues with their package dependencies. These programs relied on underlying packages that contained an excessive amount of features and code that the programs did not actually require, resulting in unnecessary code bloat. The main problem with this, besides storage, is that in this kind of project, you normally run a lot of quality assurance steps, and having a lot of code makes this process much more expensive and time-consuming.[4]

Conclusion

To summarize, Linux has proven to be a reliable, flexible, and open-source operating system that has played an important role in various space missions. It is expected to continue to be a part of future space missions. However, using Linux also comes with some challenges, such as hardware requirements, Despite these challenges, Linux is expected to be a significant player in space technology.

References

References 


[1]  https://events.static.linuxfound.org/images/stories/pdf/lcna_co2012_gruen.pdf
[2]  Read about ITAR regulations as an example in USA.
[3]  https://ntrs.nasa.gov/api/citations/20090004677/downloads/20090004677.pdf
[3]  https://www.reddit.com/r/spacex/comments/gxb7j1/we_are_the_spacex_software_team_ask_us_anything/
[4]  https://www.researchgate.net/publication/321788741
[5]  https://www.nasa.gov/centers/johnson/pdf/390651main_shuttle_crew_operations_manual.pdf
[6]  https://space.stackexchange.com/questions/45076/what-is-a-flight-string#:~:text=No%20specific%20knowledge%20of%20Falcon,set%20of%20sensors%20and%20effectors.
[7]  https://spectrum.ieee.org/nasa-designed-perseverance-helicopter-rover-fly-autonomously-mars
[8]  https://nasa.github.io/fprime/projects.html
[9]  https://www.jpl.nasa.gov/news/press_kits/ingenuity/landing/
[10] https://mars.nasa.gov/mars2020/mission/science/landing-site/
[11] https://www.militaryaerospace.com/computers/article/16726308/boeing-to-develop-nextgeneration-radiationhardened-space-processor-based-on-the-arm-architecture

Sign in