Enabling Technology
One way that we are enabling technology through dynamic analysis is via simulation that uses the NASA Operational Simulator (NOS) architecture. NOS provides an environment to analyze the actual execution of the flight binary image in a simulated target hardware environment, responding to simulated conditions in the spacecraft operational environment. The reusable simulation architecture allows the IV&V Program to quickly develop, deploy, and perform V&V in a simulated environment.
The approach taken within NOS provides the capability to test the flight software without the presence of actual spacecraft sensors, actuators, and instruments. The simulation environment runs the flight software in a CPU emulator alongside custom hardware models. This allows the simulation to run in real-time or faster than real-time environments. Utilizing simulation reduces the cost of establishing a hardware-in-the-loop test environment by eliminating the need for specialized flight hardware.
When developer’s simulations are unavailable, the IV&V Program creates its own custom software-only simulation environment to support dynamic analysis using NOS. NOS is implemented through a robust and flexible simulation architecture as shown in the figure below.
At the heart of the simulation architecture is the NOS middleware. NOS provides a generic solution to implementing communications protocols in distributed simulations, provides a solution to simulation timing, and provides a dynamic interception capability to allow modification of data without affecting existing software. In addition, NOS is built upon a layered architecture to support the development of additional communications protocols. NOS facilitates communications with all simulation components such as test drivers, simulators, flight software, and external simulations.
The test driver is the primary interface for the simulation environment used to exercise the flight software. The processor model provides an environment to execute the flight software. No changes to the flight software are required to run in this environment. The external simulators include any external system that provides inputs to the flight software system (science instruments, environmental simulators, etc.).
The simulation architecture includes custom reusable hardware models, extensions that allow the use of the operational ground systems, internal bus monitoring, instrument models, and a custom built middleware capability that allows integration of other COTS/GOTS systems. The simulation architecture is being evaluated on non-NASA systems.
The closed loop, end-to-end simulation environment is a robust, reliable, and flexible software system. It provides a platform for both analysis and operational usage of the system under test while maintaining complete system integrity. It is capable of operating in a highly distributed environment allowing for the utilization of processing power of multiple hardware platforms, as well as functioning as a “simulator in a box” which can easily and effectively by distributed for individual usage on a single laptop or personal computer.
Summary of Features/Capabilities
Interception Technology – NOS provides an interception capability that allows users of the simulations to intercept, modify, or block data to or from various simulation components. The interception technology provides users the ability to inject faults during simulation without modifying software. The interceptor technology has potential to provide increased software mission assurance agency-wide. Potentially any NASA mission and its accompanying simulators can be plugged-into the simulation architecture to form a complete system simulation solution capable of injecting hardware faults into the flight-configured software.
Reusable Simulation Architecture – The simulation architecture utilized to develop software-only simulators provides NASA’s IV&V Program with a reusable mechanism to set up test environments. Software-only simulation is not a new concept; however the approach taken when developing the architecture used by the Independent Test Capability (ITC) team is new, unique and has no known competition. The generic architecture enables rapid construction of software-only environments that simulate an interactive ground-spacecraft mission system, utilizes existing components when applicable (Commercial-Off-The-Shelf (COTS) and/or Government-Off-The-Shelf (GOTS)), and includes custom software when mission specific tailoring is required. This reduces simulator development schedule, cost and risk. The simulations include a high fidelity simulation of the spacecraft processor and mission specific electronics using a combination of commercial products and custom software; the [spacecraft] hardware simulation is so accurate that it can host and execute the unmodified binary image of the spacecraft flight software.
High-Fidelity Simulator with No Hardware Dependencies
- Simulation of operational spacecraft and ground system
- Controlled execution of the simulation model and processor states, including start, pause, stop, save, and resume commands
- Architecture supports dynamic addition of external custom spacecraft components to simulation environment
- Fault injection of spacecraft hardware & measurements, software, and environmental variables to test flight software management responses
- Step-wise execution of flight software in controlled, repeatable manner
- Execute mission scenarios and characterize timing behavior, memory usage, and CPU utilization
- Complete operational spacecraft and ground system command and telemetry interfaces using the same systems, databases, and scripts used for flight
- Ability to view and modify traffic on internal spacecraft busses (i.e. MIL-STD-1553, SpaceWire)
Benefits Compared to Other Simulation Environments
- Works with unmodified flight binary – most simulators require changes and recompilation
- Architecture built to support multiple spacecraft software systems
- Provide near-real time performance (0.5x – 300 x real-time)
- Provide access to simulation to all disciplines on a flight project
- Provide high fidelity model without dependency on hardware
- Ability to quickly add capability for trades / fault analyses
- Ability to integrate external simulators
Additional Information/Reference Materials