TEC-ED, TEC-SW & MB4SE OSIP Campaign Final Presentation Days - Spring 2022




The Software Systems Division (TEC-SW) and Data Systems, Microelectronics & Component Technology Division (TEC-ED) Final Presentation Days are scheduled to take place on Tuesday 31 May & Wednesday 01 June 2022 followed by the MB4SE OSIP Campaign Final Presentations on 02 June.

These Final Presentation Days will be organised via WebEx

All material presented at the Final Presentation Days must, before submission, be cleared of any restrictions preventing it from being published on this web-site.

More info will become available beginning of May 2022

Final Presentation Days
    • 09:20 09:30
      Welcome & Intro 10m
    • 09:30 10:15
      Universal VHDL Verification Methodology (UVVM) Extension 45m

      This project was established to improve the verification of space related FPGA functionality – in order to improve quality and reduce development time. The project is based on UVVM (Universal VHDL Verification Methodology) – as a VHDL verification methodology with standardised handling of verification components, high level commands, functionality extension, split transactions and interface synchronisation, - focusing on overview, maintainability, extensibility, debuggability and efficient reuse.

      The target for this project was to improve UVVM further to handle space related FPGA projects even better. The main functionalities to be added were Constrained Random, Functional Coverage and Test Regression support. All of this was totally new functionality, some of which was significant extensions on previous similar basic functionality. All this required functionality has been implemented and is delivered to ESA.
      The Advanced Randomisation and Functional Coverage functionalities have already been published on Github, whereas the remaining functionality will be released over the next couple of months - after the already held successful final review, the external feedback and the internal re-review (after maturing and feedback) in both Inventas and EmLogic.

      The result of the project has been very important and useful extensions on the UVVM verification system. New published functionality has already been used by lots of designers, and quite a few more designers will start using the functionality for their next project.

      UVVM is now a great VHDL verification methodology for both FPGA and ASIC development and is in fact the world-wide most used VHDL verification methodology. Nevertheless, there is still room for important improvements that are under consideration.

      Speakers: Mr Espen Tallaksen (EmLogic) , Mr Marius Elvegård (Inventas)
    • 10:15 11:00
      De‐risk assessment: TTE cPCI Mass Memory Module 45m

      In the scope of this study, the feasibility of a 3U cPCI Mass Memory based fully on qualified components was examined, with effort taken to advance a preliminary designof the PCB of such a unit. In the study, the basic performance and operability was defined, along with a study of the available market, including the initial motivating use case in the Lunar Gateway. The conclusion of the study was that the concept is notfeasible at the current time due to a lack of qualified components, particularly power conditioning components that can meet the needs of modern digital electronics, that can fit in the small footprint of the 3U cPCI form factor, additionally due to ECSS routingrequirements. Solutions that could be addressed in the scope of other projects include the use of non-qualified COTS components, or the use of non-cPCI standard power delivery. Despite these limitations, a preliminary design of the cPCIMM was completed, howeverat the present time a follow-on design effort is not anticipated.

      Speakers: Mr Daniel Smith (DSI) , Mr Ole Bischoff (DSI)
    • 11:00 11:15
      Coffee Break 15m
    • 11:15 12:00
      Validation of a Complete Mathematical Library LibmCS: a Standard Compliant & Pre‐Qualified Mathematical Library for Critical Systems" 45m
      Speaker: Mr Andoni Arregui (GTD GmbH)
    • 12:00 12:45
      AROGAN 45m
      Speaker: Mr Kaj Helin (VTT)
    • 12:45 14:00
      Lunch Break 1h 15m
    • 14:00 14:45
      Blockchain Software Tool for Spacecraft Components Incoming and Outgoing Inspection 45m

      The project aims to provide a blockchain-based software tool for spacecraft components incoming and outgoing inspection in cooperation with the Subcontractor SAB Aerospace. The developed tool will make the quality control process more efficient by process digitalization and automation leading to prevention of unjustified claims between supply chain levels. It will also allow for the internal process traceability and transparency. The project’s objectives include also an analysis of the impact on incoming and outgoing inspection process costs blockchain-based tool will have on the process for the Subcontractor.

      Speakers: Mr Juraj Zamecnik (3IPK) , Ms Mária Capova (3IPK)
    • 14:45 15:30
      Spacecraft System and Subsystems models optimization by AIT/AIV and Operations big data analysis (SMO) 45m
      Speaker: Mr Rosario Messineo (ALTEC)
    • 15:30 15:45
      Coffee Break 15m
    • 15:45 16:30
      Applicability of Mutation Testing Method for Flight Software 45m
      Speaker: Mr Fabrizio Pastore (SnT ‐ University of Luxembourg)
    • 16:30 17:15
      ECSS‐E‐ST‐50‐15C Protocol On‐Board SW Implementation 45m
      Speaker: Mr Konrad Grochowski (N7 Space Sp z o.o.)
    • 09:20 09:30
      Welcome & Intro 10m
    • 09:30 10:15
      Digital Engineering Hub PathFinder 45m

      In the Digital Engineering Hub Pathfinder activity, RHEA, OHB, Astos Solutions and Open Engineering validated
      the use of a ECSS-E-TM-10-25 Annex A and Annex C enabled data repository as a centralized engineering hub
      by connecting 10 domain specific tools and data exchange formats to it through specifically designed adapters
      arranged in a hub-and-spokes pattern.

      Speaker: Mr Alex Vorobiev (RHEA)
    • 10:15 11:00
      Generic Concurrent Design 45m

      The Generative Concurrent Design activity sets out to introduce Generative Design into the established
      Concurrent Engineering processes. RHEA joined forces with Siemens Digital Industries Software and OHB do
      demonstrate a new approach in collaborative, ai-enabled automatic system architecture definition,
      generation and selection.

      Speaker: Mr Alex Vorobiev (RHEA)
    • 11:00 11:15
      Coffee Break 15m
    • 11:15 12:00
      Augmented Reality for Concurrent Engineering 45m

      The ARCE project aimed at implementing a system to assist multidisciplinary and distributed design teams by enabling concurrent visualization and editing of satellite design models using Augmented Reality (AR). The main objective of this type of system is to improve the existing data visualization and communication provided by the Open Concurrent Design Tool, OCDT. The system developed, including software and hardware, reached TRL4 and was validated at ESA's Concurrent Design Facility at ESTEC, with very promising results.

      Speaker: Ms Inês Cadilha (LusoSpace)
    • 12:00 12:45
      SW Component Model Alignment of OSRA and TASTE – Conceptual Design 45m
      Speaker: Ms Délia Cellarier (Thales Alenia Space - France)
    • 12:45 14:00
      Lunch Break 1h 15m
    • 14:00 14:45
      DDCSA ‐ Deterministic Data Communication for spacecraft applications 45m

      This study stands as a consolidation to the “SpaceWire Network Management Service Suite Definition and Validation” (SpW-NMS) activity. The SpW-NMS will add a new layer to SpaceWire protocol. This layer will provide a reliable determinism, a timely behaviour, and Quality of Service (QoS) features to the protocols.
      The DDCSA study was purposely built to consolidate SpW-NMS by doing an independent assessment of the requirements issued by the SpW-NMS activity; a design and model of the deterministic Spacewire protocol using state machines in a simulated environment provided by an extension of the TASTE tools; the verification of the protocol using also TASTE tools and interfaces with physical SpaceWire hardware; and the construction of use-cases with representative data traffic. The first use-case is a simulation of the SpW network topology of ESA science mission LISA, whereas the second use-case is the data traffic of the COMET-Interceptor probe, whose Platform is similar to the one used in some Sentinel satellites of the Earth Observation program Copernicus.

      Speaker: Mr Daniel Silveira (GMV)
    • 14:45 15:30
      OSRA‐ION ‐ OSRA Integrated On‐board Network 45m

      Space industry and Agencies have expressed the need to raise the level of standardization in the spacecraft avionics systems in order to increase efficiency and reduce development cost and schedule. This has been materialized by some initiatives and one main example is a common approach under the Space Avionics Open Interface Architecture (SAVOIR) initiative. In on-board spacecraft architectures, networks have become more and more complex with the multiplication of protocols: MIL-STD-1553 bus, CAN bus, SpaceWire, SpaceFibre, Ethernet. Today, there are multiplying On-Board Communication links creating scenarios in which a simple margin is not enough for the design. The emergence of System-On-Chip enables to manage several communication architecture on-board generating a lot of communication interaction. While the on-board architecture is evolving, design and simulation tools evolve in the same way That is why new tools are developed such as the OSRA-ION (Integrated On-Board Network) toolchain, which is now extensively used in all future studies in Thales Alenia Space Avionics team.

      Speaker: Mr Barthelemy Attanasio (Thales Alenia Space - France)
    • 15:30 15:45
      Coffee Break 15m
    • 15:45 16:30
      KATESU ‐ KLEPSYDRA AI technology evaluation for space use 45m

      New generations of spacecrafts are required to perform tasks with an increased level of autonomy. Future missions such as Active Debris Removal will rely on novel high-performance avionics to support image processing and Artificial Intelligence algorithms with large workloads. Similar requirements come from Earth Observation applications, where data processing on-board can be critical in order to provide real-time reliable information to Earth.
      These new advanced Space applications together with the increase in data amount and processing power, has brought new challenges with it: low determinism, excessive power needs, data losses and large response latency.
      In the KATESU project, a novel approach to on-board artificial intelligence (AI) is presented that is based on state-of-the-art academic research of the well known technique of data pipeline. The approach presented here provides a two-dimensional threading model combination of pipeline and parallelization techniques applied to deep neural networks (DNN), making these type of AI applications much more efficient and reliable. This new approach has been validated with several DNN models and two different computer architectures. The results show that the data processing rate and power saving of the applications increase substantially with respect to standard AI solutions.

      Speaker: Mr Pablo Ghiglino (Klepysdra)
    • 16:30 17:15
      ESOVER 45m

      We present an approach for using formal methods in embedded systems and its evaluation on a case study. In our approach, the developers describe the system in a restricted subset of the high-level programming language Scala. We then use 1) a verification system to formally prove properties of such Scala program, and 2) a source-to-source translator to map Scala to C code. We have adapted the Stainless verification system to support constructs for describing embedded software (more machine integer types and early returns) and to support verification patterns needed for embedded systems code (array swap operation, pre-allocated and initialized memory, constant-length arrays). The implemented C code translator generates code that can be compiled with compilers such as GCC and integrated into larger C applications.

      We evaluate our approach on a case study of a file system of an instrument on the Solar Orbiter satellite. We have ported around a thousand lines of C code to Scala. We wrote specification and proof hints to make the code verify. Stainless verified the absence of run-time errors, as well as function preconditions, postconditions, and data structure invariants. The generated C code was integrated into the existing code base and exhibits very similar code size, memory use, and
      performance. In this process we identified multiple bugs in the
      well-tested code base, which were fixed in-orbit.

      Speaker: Mr Viktor Kuncak (EPFL)
    • 09:20 09:30
      Welcome & Intro 10m
    • 09:30 10:00
      TeePee4Space ‐ Perform structural analyses on an heterogeneous and distributed set of models: showing the benefits of digital continuity at an extended enterprise level to systems engineers 30m

      TeePee4Space project takes place in the OSIP Model-Based System Engineering Campaign as an Early technology Development. The goal of this project is to perform structural analyses on an heterogeneous and distributed set of models showing the benefits of digital continuity at an extended enterprise level to systems engineers. The TeePee4Space project aimed at applying to space domain a methodology developed at IRT Saint Exupéry, that enables a shared vision on a system structural architecture. Using the proof-of-concept tool named TeePee that implements the method and that has been enriched with new capabilities, a space case study has been developed. We have demonstrated the possibility to perform several kind of structural analyses (Product Breakdown Structure, Mass analysis, Power Consumption analysis...) on heterogeneous (OCDT, Cameo, Capella, Excel...) and distributed (each company stores its own) models.

      Speaker: Mr Romaric Demachy (IRT Saint-Exupery)
    • 10:00 10:30
      MYCID: Systematic search of optimal space system missions design using set‐based concurrent engineering based on models 30m

      This study has demonstrated the applicability of the set-based concurrent engineering (SBCE) approach to the typical space mission design and developed a prototype tool supporting the approach. A methodology was defined using causal influence diagrams (CID), for which a graphical editor was developed. The tool support allows to explore these CID diagrams using constraint satisfaction techniques, allowing to compute the feasible design space.

      Speaker: Mr Gérald Garcia (Thales Alenia Space)
    • 10:30 10:45
      Coffee Break 15m
    • 10:45 11:15
      Artificial intelligence (AI) and natural language processing (NLP) to support space engineering activities 30m

      Model based approaches have proved to be efficient in supporting engineering activities, with models replacing traditional document based approaches. Nevertheless even in the most advanced deployments, a lot of engineering artifacts are textual either because the return on investment of introducing models is too low or because the information is more efficiently expressed in natural language even if consistency and correctness issues appear. On the other hand, huge progress has been made with AI-based Natural Language Processing (NLP), mainly driven by chatbots and  vocal  home  assistant usages. The activity presented here consisted in assessing how to spin in NLP technologies into the space engineering process, to support engineers in their daily activities. Multiple use cases were captured and ranked according to the user interest and technical feasibility. Eventually 5 use cases were selected to be demonstrated in the study including, for instance, semantic search through model and textual artefacts, or traceability between two set of artefacts (e.g., between two specification for satisfaction links or between functions and related requirements). For each use case, an investigation phase was done where multiple implementation options were studied and the retained principle was integrated into a micro-service single search architecture (with an unified web interface) capable to support almost all use cases and sourcing its data (the engineering artefacts) into a knowledge graph structured by an ontology very similar to OSMoSE's.

      Speaker: Mr Gérald Garcia (Thales Alenia Space)
    • 11:15 11:45
      System Engineering Models meet Knowledge Graphs 30m

      Tables and graphs are knowingly used to organise data within a company with different levels of depth and complexity. Knowledge graphs (KGs) are particularly useful because they can cope with data diversity (high-quality complete data and sparse and incomplete data), they have a high degree of scalability and flexibility (the semantic data model can be inter-operational, large, wide and as deep as needed) and, last but not least, they provide reasoning and inference capabilities. On the other hand, the need for intelligent systems enabling the access to heritage information is becoming more and more pressing with the growing amount of accumulated  data. This is especially relevant for Model Based System Engineering (MBSE) design where the creation of new complex concepts is facilitated by agreed data standards and data synchronisation tools. In this activity, ESA Engineering Models (EMs) based on the data model defined in the ECSS-E-TM-10-25A Annex A are migrated to a Knowledge Graph. The graph is further enriched with metadata information collected from the mission's feasibility reports. The resulting graph is first used to investigate similarities between past missions and to identify common subsystems architectures. Then, based on the knowledge contained in the KG, a novel  recommender system to suggest engineering components for new missions is deployed.

      Speaker: Mr Paul Darm (University of Strathclyde)
    • 11:45 12:15
      Early in the loop MBSE assessment of electronic availably for Nano/Micro satellite mission 30m

      Electronic Commercial-off-the-Shelf (COTS) component such as System-On-Chip (SoC) are key enablers for high processing with wide flexibility, but they remain sensitive to cosmic radiations as they are not physically hardened. Therefore, a fine analysis is necessary to find the good compromise between protection, mitigation, redundancy and mission availability.The study addresses a fast and flexible SEE sensitivity analysis, to enable early design evaluation with calculation of mission availability at functional chain level and then merged at system level. Model-based methods help system engineers to understand the FDIR measures and to evaluate the mitigation mechanism in relation to their efficiency, cost and benefits to satellite mission availability. The method allows analysing the white box SoC subsystem, to identify, detect and mitigate failures of hardware part and to analyse the impacts on the functional chain. The results are then merged at the system level to follow a classic black box analysis. A trade-off analysis is performed by evaluating the cost of integration to compare the impact of mitigation on availability against its cost. The method is built with the Capella system engineering tool environment. A viewpoint for availability assessment is designed. It allows modelling a non-functional FDIR element and mitigation mechanism, capturing parameters necessary, calculating availability in a non-intrusive way on the functional architecture deployed on the physical architecture. Special attention is devoted to check whether this viewpoint can be shared/split with other safety analysis. The final system availability carried out under static analysis conditions is integrated into Capella, assisted with graphical support for trade-off analysis.

      Speaker: Mr Guillaume Brau (IRT Saint-Exupery)
    • 12:15 14:00
      Lunch Break 1h 45m
    • 14:00 14:30
      Application of MBSE to reverse‐engineer OPS‐SAT and improve OPS‐SAT2: OHB 30m

      The main objective of the project “Application of MBSE to reverse‐engineer OPS‐SAT and improve OPS‐SAT2” is creating a model of the existing OPS-SAT system design through a reverse-engineering process.The model aims to be built in a way that it is most useful for OPS-SAT engineers to understand and discuss the existing design and use this as a basis for further development of the OPS-SAT system. Through a survey and series of workshops and interviews withthe OPS-SAT Engineering team the mission challenges and “pain point” are gathered with a special intension to use OPS-SAT as a first of its kind for ESA aiming at testing and validating the benefit of new techniques, i.e. MBSE. Based on the findings an MBSEmodelling framework and software environment is selected to support the activity based on the overall modelling objectives and sought output. This modelling framework (i.e. SysML language, Enterprise Architect Tool Suite, SPES Modelling Method) has been usedto implement the OPS-SAT model, from which a generic model template and respective documentation has been derive to support other IOD missions, potentially OPS-SAT2. To close the loop, the identified pain points have been mapped to concrete solutions implementedin the project to assess the expected benefit for future activities. In this project OHB System AG was acting as prime contractor together with the consortium partners LuxSpace SARL, GPP Communication GmbH & CO KG as well as Technische Universität Graz providingconsultancy for the OPS-SAT design.

      Speaker: Mr Stephan Jahnke (OHB)
    • 14:30 15:00
      Application of MBSE to reverse‐engineer OPS‐SAT and improve OPS‐SAT2: SAMARES 30m

      A few years ago, ESA has launched OPS-SAT mission, the first CubeSat mission designed and operated by ESA with the goal to provide a low-cost, open, and flexible flying ‘laboratory’ – a powerful platform for in- orbit demonstration of new, innovative control systems and software. The OPS-SAT team was large and diverse and has faced some challenges and pain points during the design process. ESA has launched a study to investigate on the possible support of an MBSE approach to alleviate some of the pain points and to prepare a reference model for future IOD missions.
      In this presentation, Samares Engineering explains how it was possible to address most of the pain points with the selected MBSE framework and gives some examples including the ability to ensure end to end traceability from mission down to the technical components. The presentation also explains the initial process used to perform reverse engineering from OPS-SAT document pack, the limits to identify the system functions and the suggested improvements to ease this process.
      Finally, the presentation focuses on OPS-SAT 2 mission, and demonstrates that the operational concept can be formalized as a model with behavior, able to support simulation. This simulation can be used as an efficient toolbox to run different operational scenarios including the upload, installation and run of a new experiment, and check that the model behaves as expected, or highlight issues not envisioned so far.

      Speaker: Mr Raphael Faudou (SAMARES)
    • 15:00 15:30
      Space to Ground Interface Control Model 30m

      The Space to Ground Interface Control Documents (S2GICD) and it's applicable documents define the data interfaces between each the satellites and their instruments to the ground segment, embeddingground stations, the Flight Operation Segment as well as the Payload Ground Segment.

      It is the central part for the monitoring and control, data processing and distribution of monitoring and control data received from the satellite. This document is typically sent to the Flight OperatingSegment (FOS) and while some of this information is indeed unique, most of it is in fact already covered by the existing ground segment functionality and require no development. This information includes Ground Station Link Geometry, Uplink, Downlink and Rangingcharacteristics, Virtual Channel, MAP ID, Spacecraft ID, etc.

      To a degree the effort to setup the ground segment from these documents has already been mitigated by having the satellite provider deliver the SCOS MIB which contains the telemetry and telecommandpacket definitions. Nevertheless, plenty of the available information is later mapped into the Monitoring and Control System Software Requirement Specification (MCSSRS) and only eventually into configuration variables of the control system.

      Currently, ESA is starting the ground segment of each satellite from an empty baseline, taking the S2GICD and ancillary documents, and to generate the SRS, to be later translated into proposals,documentation, and finally code and configuration change.

      This model does not scale, is becoming outdated, and does not fit current needs of missions that need to be ready in ever shorter periods and cannot wait for and MCS, which only gets delivered everyhalf a year. To make things fast with the current setup, would amount to an enormous cost unless the effort of deployment is itself optimized. We propose to precisely do that, by taking information available from existing models, we will create the initialversion of the ground segment, ready to be developed upon. This is usually the first delivery by industry when preparing for a launch, and we believe we can do it automatically using MBSE.

      Speaker: Mr Miguel Rey (Vision Space)
    • 15:30 15:45
      Coffee Break 15m
    • 15:45 16:15
      Model Based Avionics 30m

      A diversity of topics are being investigated by ESA via Discovery & Preparation undertakings, one of them is related to new working methodologies as
      it is the Model-Based Systems Engineering (MBSE). MBSE can be defined as the application of modelling to support system requirements management, design, analysis, verification and validation activities from conceptual design phase to the development and later life cycle phases. One key aspect is the digital continuity between disciplines.

      Taking SAVOIR background as inputs (Functional Reference Architecture, Generic OBC Functional Specification, RTU Functional and Operability Requirements) this project demonstrates, focusing on Data Handling Subsystem and using a MBSE tool (Capella) how to:
      - identify needs from solutions
      - import external requirements (needs) in a MBSE tool
      - trace requirements to functional components
      - trace functional components to one or more physical components (solutions)
      - finally, how documentation can be generated from the model

      At the end of the project a practical example of Model-Based engineering (in opposite to Document-Based engineering) will be available, serving as a solid base for further Model-Based engineering activities related to space avionics around the Data Handling Subsystem.

      Speaker: Mr Barthelemy Attanasio (Thales Alenia Space)
    • 16:15 16:45
      End‐to‐End Space Systems Engineering Portal 30m

      Space system engineering is a complex activity, spanning multiple phases and involving different stakeholders using a variety of engineering approaches and tools. ESA has been investing in Model-Based System Engineering (MBSE) research for many years, developing different MBSE frameworks and tools. Most of these have been focused on specific engineering phases and domains (ground or space). Recently, a broader need has been recognized across space institutions and industry in Europe to focus the MBSE efforts on semantic interoperability and associated model integration. This has led to the Model Based for System Engineering initiative, aiming to guide the development of a common Space System Ontology (SSO) and a Model Based Engineering Hub (MBEH) to support both aspects. In this context, the End-to-End Systems Engineering Portal (ESEP) represents a downstream application, offering a federated, web-based User Interface (UI) layer on top of the MBEH infrastructure. The objective is to offer a UI environment where system engineering users with different MBSE background and skills can integrate data, identify data gaps, and transition models between different engineering phases and formats using intuitive techniques at the UI level.

      Speaker: Mr Todor Stoitsev (SpaceCube GmbH)