prisma_logotype_sve
About PrismaMission eventsNewsOrganisationContactsIMAGES
Images & Movies
ARTICLES
• Measuring particle mass
• Christening party
• The Prisma software
• Intense days at SSC
• Proving Sweden's capacity
• A challenge for SSC
• Door-opener for Nanospace
• Fills a gap for CNES
____________
Technical papers (pdf)
• Orbit constellation safety (08)
• Collision avoidance... (08)
• GNC experiments (07)
• Prisma (06)
• 3-axis magnetic... (06)
• Model-based onboard software (06)
• Orbit control (06)
• RAMSES
• Demonstration... (05)
• Rendezvous... (05)
Onboard software keeps Prisma in check

We are surrounded today by computers and the programming of computers is a run-of-the-mill profession, even if it still requires specialist knowledge. The programming of the computers that run a satellite however poses special challenges.

The software on Prisma is made up of several different parts. There are subsystems that run the different experiments and the different sub-functions – radio receiver, transmitter, power-unit with solar-panels, and naturally the formation flight system. Over and above these subsystems is the so called onboard software which is responsible for monitoring and running all of the satellite’s subsystems. The onboard software also handles the communications between the main satellite and the daughter satellite.

Radiation interferes with memory 
Space is a tough environment. Prisma’s computer-system will be working in a radiation environment that normal computers do not come near. A normal consequence of this is that a particle from the cosmic radiation can interfere with the electronics and convert a one to a zero or vice versa. This applies specifically to the computer’s memory.
 
In order to cope with this there is an error-correcting code for each memory position. This code calculates a checksum each time the computer stores anything in the memory. If the radiation has altered the memory the checksum will not agree.
 
“The code is then so smart that it can see what the error is and correct it”, says Niclas Larsson, who is the person at the Swedish Space Corporation who is responsible for Prisma’s onboard software.

SSC - PrismaMust be independently able to cope with more
If the computer at home locks up one can, in the worst case, reboot it again. The same applies to the majority of the electronic appliances we are surrounded by. This is not possible with a satellite’s guidance computer and the software controlling it. As the computer does not have continuous contact with the ground it must be able to handle situations by itself to a far greater extent than a computer in a more everyday environment.
 
“It is this that differentiates a space system from an Earthbound system, that it has such a high degree of autonomy”, says Niclas Larsson. “It must be independently able to detect and recover from a fault. The satellite must also be able to continuously monitor the sun. Otherwise it can lose its energy supply, and then all is lost”.
 
The onboard software functions as a security guard over the satellite’s other systems. If a formation flying system directs the satellites to move too far from each other the onboard software steps in and corrects this. If a unit becomes too cold the onboard software ensures that it is warmed up again.

Difficult to send a repairman
Another challenge that is particular to the space computer system also has to do with the fact that it is not possible to access the satellite after it has been launched.
 
“Other industries, like the car industry and the telecom-industry, can test-drive their equipment under conditions that are very similar to those that the equipment will be exposed to. We are not able to “test-drive” properly before we find ourselves in the real situation, when the satellite has launched and is on its way”.
 
In order to cope with this and to maintain as much flexibility as possible a lot of time and energy is spent on simulations. There one endeavors to electronically simulate as many potentially problematic situations as possible.
 
“We also devote a lot of energy to the capability of sending up new software programs after the satellite has been launched. To quite simply patch it. When you are in the real situation there is always something that doesn’t behave as it was intended to. Then it is important to quickly and effectively be able to send up modifications to the program code. This can save a mission that would otherwise fail”.

Computers that program computers
When the Swedish Space Corporation worked with the onboard software for the technology showcase SMART-1 they used something called automatic generation of code. This way of working has been further developed now with Prisma. Even if it doesn’t have the same status as the formation flight as a technology demonstration it is important for the Space Corporation to demonstrate that it works in a good way.
 
“It is the first time we have had sole responsibility for this. With SMART-1, for example, there were also collaborative partners involved”.
Automatic generation of code is in principle exactly what it sounds like.
 
“When we have actually created the simulation models and got them to simulate the satellite behaving as we want it to in the simulator then the results are automatically converted into code. Doing things this way saves time and avoids a number of errors. The automatic generator guarantees in the main that the code is correct and gives the same results as the simulation model”.
 
This in turn places a higher demand on those creating the simulation models in the simulation program.
 
“When they build their model they must be aware that it will ultimately become code through the simulation. This means that even those who do not normally work very much with code have had to learn how one constructs good simulations”.

Kim Bergström

Swedish National Space Board, tel +46 8 627 64 80 · SSC, tel +46 8 627 62 00