Powered by Indico
v3.2.9
The 17th ESA Workshop on Avionics, Data, Control and Software Systems (ADCSS2023) covers topics related to avionics for space applications, in the form of a set of round tables. The workshop acts as a forum for the presentation of position papers followed by discussion and interaction between ESA and Industry and between participants. Each theme part of ADCSS workshops will be first introduced and then expanded by presentations on related developments from technical and programmatic points of view. A round table discussion may follow, concluded by a synthesis outlining further actions and roadmaps for potential inclusion into ESA’s technology R&D plans.
All material presented at the workshop must, before submission, be cleared of any restrictions preventing it from being published on the ADCSS website.
Registration to the Workshop is free of charge.
On Thursday 16 November a one day workshop on Model Based Space Systems and Software Engineering (MBSE2023) will be organised. More information can be found on the MBSE2023 event website. In case you would like to attend both events, please be aware that you will have to register to both events separately.
In recent years, we have witnessed a continuous reduction in technology nodes, accompanied by the ever-expanding resources within these devices. Concurrently, system architects are striving to implement in them more intricate solutions, while technology roadmaps demand faster time-to-market. As you can imagine, these factors pose formidable challenges to the industry's latest developments. How can we overcome these hurdles when tackling space ASIC/FPGA projects? The search for innovative solutions is ongoing, and in this presentation, we aim to showcase our current position and illustrate how we can contribute to this transformative process.
This presentation provides an overview of the use of high-level design and synthesis tools in recent FPGA-based design projects carried out in the logic design department of Airbus D&S Ottobrunn. This includes insights from the work with state-of-the-art tools like the MATLAB HDL Coder and Vitis HLS as they were gained when investigating application scenarios from domains like radar signal processing and AI-based FDIR, as well as combined HW/SW design projects for the latest FPGA-based SoCs.
Nowadays, the continuous increase of the FPGAs complexity requires the adoption of new tools and flows to speed up the design from the modelling phase to the HW prototype. In this presentation, the design flow from high level specifications to the HW validation is proposed, focusing on the use of MATLAB/SIMULINK tools and automatic code generation with SIMULINK HDL-Coder.
We cannot develop as we have previously done with larger devices, tighter timescales and more functionality demanded. This presentation will introduce a flow which enables model-based design for FPGA, using SYSML the architecture, connectivity, registers and networks can be defined and auto generated to HDL. Enabling the model to be the master, this flow is designed to work with high level tools such as Vitis HLS and Simulink. This approach has been used on two space developments to date to improve the quality of the design and reduce the design time taken, during this presentation examples and deep dive will be provided into these projects.
Real-time, dependable systems have become increasingly popular and frequent in today's digital disruption era. However, traditional verification and validation processes have proven to be inefficient and unsuitable due to their rigidness. These systems require adaptability during design time, leading to longer development cycles and life cycles with consecutive security updates and improvements. The space domain is no exception as conducting exhaustive testing is impractical, while static analysis is too time-consuming.
To address these challenges, future Space Edge devices require an in-depth approach that enables flexibility in resource allocation without compromising guarantees of time, space, and energy efficiency. Continuous observation plays a crucial role here as correct runtime monitors can witness these constraints through continuous monitoring of the system.
This talk will explore the directions towards enabling safety on high-end embedded platforms by proposing a monitoring reference architecture for real-time dependable systems. We will discuss how adding a Monitoring IP Block Add-on can enhance the observation capabilities of embedded applications within a general-purpose data handling space platform. Additionally, we assume the presence of a high-end central computer running a static-partitioning hypervisor with safety monitors.
By taking advantage of this reference monitoring architecture, along with advanced runtime verification techniques, system engineers can achieve higher levels of reliability for real-time dependable systems operating on high-end embedded platforms.
The METASAT Horizon Europe project, funded by the European Commission and started in January 2023, will enable model-based design methodologies in order to manage the complexity of upcoming parallel hardware and software for on-board data processing. As a representative, qualifiable and mixed criticality high performance platform for on-board processing, METASAT designs a multicore platform based on FrontGrade Gaisler's NOEL-V featuring accelerators prototyped on an FPGA. This includes both the SPARROW AI SIMD (Single Instruction/Multiple
Data) accelerator tightly integrated with the CPU, as well as a GPU. All hardware components of the METASAT platform will be open source and based on the RISC-V open ISA. At the same time, the METASAT platform will provide a qualifiable software stack to be used with its complex hardware, based on RTEMS SMP and the XtratuM hypervisor.
In this presentation, we will provide an overview of the platform architecture as well as preliminary implementation decisions, current development status and early performance results.
The scientific goals of the PLATO mission are to search for planetary transits across a large number of stars. In this presentation we describe its on-board data processing architecture, including the 26 cameras and 14 data-processing units, the on-board data acquisition, processing and storage and the lessons learnt so far in implementing this system. In the case of PLATO, only the utilization of on-board data processing makes it possible to achieve the ambitious science mission goals
At the end of its operational life, CIMR satellite will perform a re-entry phase to comply with the ESA Clean Space policy. Given the mission's complexity, the presentation will detail critical aspects and innovative strategies for attitude control during perigee lowering, providing valuable insight into navigating challenges and ensuring a clean and controlled conclusion of the mission.
To limit the risk of cascading collisions, we will need active debris removal missions to retrieve satellites that die before they can be deorbited. It is well understood that sudden fatal failures can cause a dead satellite to tumble uncontrollably, but even properly decommissioned satellites may start tumbling spontaneously from solar radiation pressure torque buildup, making capture extremely challenging in both cases. The availability of a detumbling/antitumbling device ensuring passive stabilization of dead satellites could greatly reduce the risk and cost of debris removal missions.
We describe a passive magnetic damping device attached to a satellite's structure, which dissipates the kinetic energy and angular momentum thanks to eddy currents resulting from differential angular rates between the satellite and the Earth’s magnetic field, eventually stopping the tumbling motion.
Detailed sizing and simulation activities have demonstrated that one such small and lightweight device is capable of detumbling a medium-to-large satellite within just a few weeks, while also preventing self-tumbling. The presentation reviews the current development status, from initial sizing to performance simulations and vibration tests of two prototypes. These steps pave the way for the final development stages of a universally available detumbling function that can be a game-changer for active debris removal.
Active Debris Removal (ADR) is the ultimate technical solution to enforce a zero debris policy in the presence of old space objects which were not designed to be deorbited, or in case of malfunction of a deorbiting system. Such a technology is, however, extremely complex due to the noncooperative nature of the target and therefore often very expensive. ClearSpace intends to demonstrate the technical feasibility and commercial viability of ADR service by the means of two missions: ClearSpace-1, funded in the frame of ESA’s ADRIOS program, and CLEAR, funded by the UK Space Agency.
The presentation provides an overview of the overall GNC concept, able to fulfil challenging technical requirements while already seeking for low recurring costs. To that end, the close-range navigation relies only on passive imagery in the visible spectrum, making it reliant on favorable illumination conditions. It is furthermore foreseen to capture the target while the relative motion is synchronized. This results in a complex guidance function, which plans and executes in real real-time a synchronization trajectory satisfying numerous constraints, such as available control authority or illuminations conditions. Finally, a precise, reactive and robust controller is needed to follow accurately this very dynamical trajectory in the presence of severe disturbances due to flexible appendages and ensure successful control of the stack after capture while the knowledge of the center of mass and inertia properties is still uncertain.
Special attention is also paid to the minimization of risk of collision during the rendezvous and capture phase. At large distance, the mission relies on passive safety, which allows for a dramatic reduction of the propellant budget in case of anomaly and for a significant gain of time while recovering the mission. However, this can only be applied to the early phases of the rendezvous. Therefore, active collision avoidance manoeuvring (CAM) capability is also needed, which inevitably leads to the complex design of escape manoeuvres, since the mission aims at capturing a noncooperative target following a specific direction in the target body frame. This finally raises the need for efficient real-time onboard detection of anomalies to trigger properly the CAM. The main safety strategies retained to ensure mission safety are depicted in the last part of the presentation.
Since the beginning of the space age, there has been more space debris in orbit than operational satellites. In the recent years, we have been witnessing a significant change in the use of space, specifically in Low Earth Orbits, with launch rates around 10 times higher than 10 years ago. At the same time, the level of compliance with space debris mitigation measures has not improved with the same rate. The extrapolation of our current behaviour in the future shows the risk of making some orbital regions unusable. In addition, it has been observed that current mitigation approaches are insufficient to guarantee a stable evolution of the debris environment even if applied with much higher rates than currently observed. For this reason, ESA has decided to introduce the so-called the ‘Zero Debris approach’, whose goals is to significantly limit the production of debris in Earth and Lunar orbits by 2030 for all future missions, programmes and activities.
A first significant step in this direction is the update of ESA’s Space Debris Mitigation requirements applicable to ESA missions. Among the most notable changes, these requirements significantly reduce the duration of the disposal phase in LEO, from 25 to 5 years or less, and require spacecraft operating in high-risk conditions to be ready for removal, in case their disposal capability should fail. The requirements also cover additional aspects such as the collision avoidance operations and collision management during close proximity operations. The presentation will give a brief overview of the new requirements and the rationale adopted in their writing.
Flight software development to ECSS Category A qualification level is a technical challenge that up to now has not been required too often in the European space industry (e.g., ATV MSU, ESM PDE) and for which the production of qualification evidences and the corresponding Software Product Assurance activities to verify them are not straight forward although the requirements are clear in ECSS. Currently more and more space systems require operating systems and software building blocks to be qualified to category A, to enable the development of project specific category A software on top of them for new high criticality applications. As many of these operating systems and other software building blocks are qualified up to ECSS Category B, we developed on behalf of ESA a methodology and its accompanying tools to systematically upgrade such software components up to category A.
Long-term heritage of TAS-I software solutions evolved in a Multi-Core Software Architecture supporting several missions and configurations. The presentation will cover the current OBSW state of the art at TAS premises and the challenges faced in developing such an architecture, with a focus on a multi-layered Validation approach, the tools used to achieve it, and future V&V aspects.
The ESA-funded Health-AI project explored AI-based approaches for on-board FDIR. The Health-AI system has been developed by AIKO by leveraging the proprietary orbital_OLIVER software for onboard autonomy. It implements a combination of deep-learning and knowledge-based models for detection and classification, respectively. Use cases and data comes from real smallsat missions operated by Tyvak International. The developed system has been deployed and tested on representative flight hardware, including Ingeniars' GPU@Sat, a general-purpose GPU-like IP-core fitted on a radiation-hardened FPGA.
The presentation will discuss the project results, lessons learned, and route forward toward an operative system.
This project introduces a Machine Learning approach for anomaly and novelty detection in the HERA mission. The main objectives include evaluating diverse techniques, integrating them into the processor, and assessing their performance in terms of memory requirements. Additionally, we aim to run the model in real-time on the radiation-tolerant LEON 3 processor utilized in the mission's On-Board Computer.
During our investigation, we explored both supervised and unsupervised machine learning techniques for identifying anomalies and novelties. We carried out an in-depth analysis by utilizing data from the XMM and MEX subsystems, supplemented with artificially generated data. We successfully integrated the trained models into a C++ environment, specifically targeting big-endian processors like LEON 3. Moreover, we conducted benchmarking to evaluate the models' performance and their resource requirements, including imported libraries.
This research highlights the promising capabilities of machine learning, as it enables swift responses to unexpected events and plays a crucial role in ensuring the success of space operations.