REG NASA-LLIS-2041-2008 Lessons Learned MRO Spaceflight Computer Side Swap Anomalies [Export Version].pdf
《REG NASA-LLIS-2041-2008 Lessons Learned MRO Spaceflight Computer Side Swap Anomalies [Export Version].pdf》由会员分享,可在线阅读,更多相关《REG NASA-LLIS-2041-2008 Lessons Learned MRO Spaceflight Computer Side Swap Anomalies [Export Version].pdf(4页珍藏版)》请在麦多课文档分享上搜索。
1、Lessons Learned Entry: 2041Lesson Info:a71 Lesson Number: 2041a71 Lesson Date: 2008-12-16a71 Submitting Organization: JPLa71 Submitted by: David Oberhettingera71 POC Name: Todd Bayer; David E. Hermana71 POC Email: Todd.J.Bayerjpl.nasa.gov; David.E.Hermanjpl.nasa.gova71 POC Phone: 818-354-5810 (Bayer
2、); 818-393-5872 (Herman)Subject: MRO Spaceflight Computer Side Swap Anomalies Export Version Abstract: A few months into its mission, MRO began experiencing unexpected side swaps to the redundant flight computer that placed the spacecraft into safe mode. The problem was traced to subtle inconsistenc
3、ies between the MRO design implementation of an ASIC device and a known limitation of that device. Users of the RAD750 spaceflight computer should assure that the “PPCI Erratum 24“ ASIC defect cannot cause excessive accumulation of uncorrectable SDRAM memory errors, and that the system architecture
4、has robust error recovery capabilities.Description of Driving Event: Mars Reconnaissance Orbiter (MRO) was launched in August 2005 with a mission to study the Martian climate, identify water-related landforms and aqueous deposits, characterize potential landing sites for Mars landers, and provide UH
5、F relay for science data produced by these future missions. The MRO spacecraft is furnished with two redundant onboard computers (i.e., two Command & Data Handling Subsystems, or C&DHs), referred to as Side A and Side B, that share continuously updated state and sensor data. One computer remains act
6、ive, while the second serves as a “cold backup“ that can boot in tens of seconds. In March 2007, 4 months after beginning the science phase of its mission, telemetry alerted the operations team at the NASA/Caltech Jet Propulsion Laboratory to two successive timeouts of the spacecrafts heartbeat watc
7、hdog timer (Reference (1). The first timeout prompted onboard fault protection (FP) software to order a warm reset of Side A. The second timeout triggered an Provided by IHSNot for ResaleNo reproduction or networking permitted without license from IHS-,-,-autonomous switch or “side swap“ to the Side
8、 B computer. After the booting of Side B, FP autonomously configured the vehicle into safe mode. This prompted an intensive investigation that failed to determine the root cause and rule out a permanent failure of Side A. Eleven months later, MRO performed another unrequested warm reset followed by
9、an unrequested side swap- this time back to Side A of the C&DH (Reference (2). Since Side A was now functioning properly, it was clear to JPL investigators that the fault on Side A which caused the first swap was cleared by the power cycling of Side A, allowing them to rule out a permanent hardware
10、failure. This prompted JPL to re-open the investigation. In the course of this, they revisited information on a defect (“PPCI Erratum 24“) in the Power Peripheral Component Interconnect (PPCI) bridge Application-Specific Integrated Circuit (ASIC) in the RAD750 Spaceflight Computer (SFC) that was fir
11、st reported in 2006 by the RAD750 vendor (Reference (2). Under very specific conditions, this ASIC defect can cause the memory controller (Figure 1) to halt operations, resulting nominally in a warm reset of the computer that clears the condition. Figure 1, the block diagram of the RAD750 SFC, has t
12、hree blocks. The center block is labeledFigure 1. Block diagram of the RAD750 SFC with the memory controller highlightedThis reported defect had not raised much JPL concern in 2006 because of the events rarity and the belief that it would result merely in a warm reboot of the computer. However, the
- 1.请仔细阅读文档,确保文档完整性,对于不预览、不比对内容而直接下载带来的问题本站不予受理。
- 2.下载的文档,不会出现我们的网址水印。
- 3、该文档所得收入(下载+内容+预览)归上传者、原创作者;如果您是本文档原作者,请点此认领!既往收益都归您。
下载文档到电脑,查找使用更方便
10000 积分 0人已下载
下载 | 加入VIP,交流精品资源 |
- 配套讲稿:
如PPT文件的首页显示word图标,表示该PPT已包含配套word讲稿。双击word图标可打开word文档。
- 特殊限制:
部分文档作品中含有的国旗、国徽等图片,仅作为作品整体效果示例展示,禁止商用。设计者仅对作品中独创性部分享有著作权。
- 关 键 词:
- REGNASALLIS20412008LESSONSLEARNEDMROSPACEFLIGHTCOMPUTERSIDESWAPANOMALIESEXPORTVERSIONPDF
链接地址:http://www.mydoc123.com/p-1019345.html