S1.6 Requirements: KnightSat C&DH Requirement Sour ce Verifica tion Source Document Test/ Analysis Number S1.6- 1 Provide reliable, real-time access and control of input/output (IO) devices S1.6- 2 Provide modular, adaptable and scalable computational interfaces between all IO devices and computers S1.6- 3 Provide sufficient computing resources for execution of all required system processes (excluding payloads) S1.6- 4 Provide sufficient, error corrective storage for system data logging and payload data storage
11
Embed
S1.6 Requirements: KnightSat C&DH RequirementSourceVerification Source Document Test/Analysis Number S1.6-1Provide reliable, real-time access and control.
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
S1.6 Requirements: KnightSat C&DH
Requirement Source Verification Source Document
Test/Analysis Number
S1.6-1 Provide reliable, real-time access and control of input/output (IO) devices
S1.6-2 Provide modular, adaptable and scalable computational interfaces between all IO devices and computers
S1.6-3 Provide sufficient computing resources for execution of all required system processes (excluding payloads)
S1.6-4 Provide sufficient, error corrective storage for system data logging and payload data storage
S1.6 Design: KnightSat C&DHRISK
Y
Architecture
S1.6 Design: KnightSat C&DH
• Physical Characteristics– Intel XScale PXA255 processing bank– Mass TBD, 12.5cm x 12.5cm x 2cm main
computer box, X” aluminum shielded– XX connector interface to IO bus
G = low risk Y = medium risk R = high risk NA = N/A
C&DH
Software
… … … … … …
Performance G G
Schedule Y Y
Cost G G
Safety G G
Testing G Y
Manpower Y Y
Facilities G G
Overall Subsystem Assessment Y Y NA
Program/Subsystem Risk Assessment
C&DH Detailed Requirements
Subsystem / Component Requirements Method
1.6-1 –Provide reliable, real-time access and control of input/output (IO) devices
A software control process must be able to communicate with its associated IO device(s) with minimal transmission delays
Design, Test, Analysis
The data exchange medium must have a high tolerance to electrically harsh environments (ie. EMI, radiation, etc.), having a bit error rate of no more than 10^-6 ppm.
Test, Analysis
Each IO node must be individually addressable and any two nodes (ie. computer to IO device) must be able to directly address each other without a master node coordinating the transmission. The node addressing scheme must support message prioritization.
Design
1.6-2 –Provide modular, adaptable and scalable computational interfaces between all IO devices and computers
Each individual network node interface must have minimal power consumption and each node must be easily inserted/removed on the network without interrupting pre-existing communications
Design, Test
Critical IO devices (ie. Star tracker, thruster, etc.) must have redundant interfaces to ensure device network availability at all times
Design, Test
Each network node must be able to operate without specific knowledge of the network topology Design
1.6-3 –Provide sufficient computing resources for execution of all required system processes (excluding payloads)
Any subsystem task and its corresponding processes must be able to execute when required and all of its requirements (ie. Real time access to thrusters) must be met
Design, Test, Analysis
C&DH Detailed Requirements
Subsystem / Component Requirements Method
1.6-4 –Provide sufficient, error corrective storage for system data logging and payload data storage
A sufficiently large memory space must be provided in which to store subsystem status data and payload data for downlink
Design, Analyze
The storage system must implement periodic EDAC to at least successfully detect two bit errors and correct one bit errors
Design, Test
C&DH
Risk element Description Proposed Mitigation
Bus Overrun Events
•A network node fails electrically and holds bus lines at fixed levels•A network node logically locks on transmission status
•Perform extensive complete network tests to detect possible failures•Implement an active monitoring system to monitor bus activity and isolate defective nodes
Storage Bank Module Failure
•A memory sector within the storage bank fails due to an SEU or to prolonged radiation exposure•A memory sector randomly fails due to poor component manufacturing or write cycle limits
•Conduct extensive product research and manufacturing processes analysis•Conduct prolonged memory usage (read/write cycles) tests•Design and implement a defective sector identification and memory remapping mechanism•Design and implement a redundant storage mechanism