On-Board Software for the Mars Pathfinder Microrover

The Pathfinder Micro-rover Flight experiment will perform engineering and science experiments on the Martian surface to pave the way for future Mars missions. The rover is controlled by a 1970's era microprocessor. Its on-board software, while in some ways a typical embedded-system design, has to deal with some unusual constraints. The rover will be operating in a harsh and mostly unknown environment, with limited electrical and processing power, accessible only via a limited-bandwidth communication link with long time delays. The software design is driven by these factors to provide reliability in the face of hardware, software, and operational failures, flexibility to allow adaptation and reconfiguration, simplicity, predictability, and visibility into its internal state and the external environment. This paper describes the overall software structure, and details some of the more interesting features of the design, including error handling, power control logic, and navigation with hazard avoidance. The development environment is also described, including the use of world-wide-web-style hypertext to provide quick access to the collection of documents that accumulate in a software project. MISSION TO MARS The Mars Pathfinder Microrover, a 10-kilogram robotic vehicle, will perform engineering and science experiments on the Martian surface, and pave the way for future Mars exploration. Due to the communication time delays between Earth and Mars, and the unpredictability of the surface environment, the rover must operate semi-autonomously based on traverse waypoints and high-level commands from a human operator. Research robots like the Pathfinder rover's predecessors often sport state-of-the-art processors, but a flight project requires proven, radiation-hardened components and imposes a severe power and weight budget. With the limited financial budget of a low-cost flight project on top of that, the result is a spacecraft with a difficult mission, a short development schedule, and a "computationally-challenged" central processing unit. The rover's software architecture is motivated by several ideals intended to meet the mission goals while addressing all of these limitations: Reliability: handling failures of non-essential hardware components and unexpected environmental conditions. Time-critical anomalies (such as power drains and obstacle contact) must be handled without operator intervention. Software failures must be protected against occurring, and recovered from if they do occur. Flexibility: adapting to changes in the rover's hardware and environment. Modifications to behavior should be autonomous or easily commandable. Where possible, the rover is self-calibrating. Simplicity: in general, the simplest acceptable approach to each requirement or design problem is 1 of 7 8/15/2002 3:27 PM file:///A|/swrover.html