As spacecraft become more complex and autonomous, the need for reliable fault protection will become more prevalent. When coupled with the additional requirement of limiting cost, the task of implementing fault protection on spacecraft becomes extremely challenging. The current state-of-the-art Cassini fault protection software, for example, is a testament to the complexity and difficulty of implementing fault protection on spacecraft. This paper describes how domain knowledge about spacecraft fault protection can be captured and stored in a reusable, component-based spacecraft architecture. The spacecraft-level fault protection strategy for a new spacecraft can then be created by composing generic component specifications, each with component-level fault protection included. The resulting fault protection design can be validated by formal analysis and simulation before any costly implementation begins. As spacecraft technology improves, new generic fault protection logic may be added, allowing active improvements to be made to the foundation. Thesis Supervisor: Dr. Nancy G. Leveson Title: Professor of Aeronautics and Astronautics
[1]
Nancy G. Leveson.
Intent Specifications: An Approach to Building Human-Centered Specifications
,
2000,
IEEE Trans. Software Eng..
[2]
Marcel J. Sidi,et al.
Spacecraft Dynamics and Control: A Practical Engineering Approach
,
1997
.
[3]
Glenn Reeves,et al.
Software architecture themes in JPL's Mission Data System
,
1999,
2000 IEEE Aerospace Conference. Proceedings (Cat. No.00TH8484).
[4]
Robert Rasmussen,et al.
Goal-based fault tolerance for space systems using the mission data system
,
2001,
2001 IEEE Aerospace Conference Proceedings (Cat. No.01TH8542).