Software powering Falcon 9 & Dragon

Hey there!  My name is Xavier and as you might know I’m a developer.  But I’m also a huge SpaceX fan and that got me thinking: what software and hardware  powers the Falcon 9, Falcon Heavy and Dragon?  Let’s first take a look at what challenges the hardware and software of a spacecraft  faces when it is being launched into space.

Спасибо за просмотр!

First of all its very hard to get your craft into orbit around the earth.  A launch on top of a rocket causes a lot of vibrations and that means that the craft itself  and the electronics have to be able to withstand that.  And once you get in orbit, you are welcomed by even more challenges.  Dragon for instance has to be able to cope with intense heat when it’s facing the sun  but also intense cold when sunlight is blocked by earth.  These temperatures range from -150°C all the way up to 120°C  But the biggest problem for the electronics is radiation.  This radiation comes from high-energy particles that are ejected by our sun, particles trapped  in Earth’s magnetic field and even cosmic rays or particles from outside our solar system.

These particles can have pretty severe effects on the systems inside a spacecraft.  One of the biggest problems is whats called a bit flip.  This occurs when a high energy particle hits the memory or the processor of the spacecraft.  If it hits the memory it can cause a 0 to become a 1, essentially corrupting a part  of the memory.  Luckily though the software onboard SpaceX vehicles can detect these bit flips and fix  the corrupted memory by using parity bits.  No big deal.  However when the processor is hit with radiation it can cause the result of a calculation to  be completely incorrect.  To demonstrate this, let’s ask a processor to calculate 10+10.  In binary that would look like this and the result is obviously 20.

No surprises there!  But let’s now take a look at what happens when a bit flip occurs while performing this  calculation.  We still ask the processor to calculate 10 + 10 but because of the bit flip the processor  is actually calculating something completely different.  Right now it will say that 10 + 10 equals 24 because one of the bits flipped while running  the calculations…  Wrong calculations can have very severe effects on a spacecraft.  This was demonstrated by the maiden flight of the Ariane 5 rocket in 1996.  It didn’t suffer from a bit flip, but 40 seconds into the flight, the rocket’s software  tried to put a 64 bit number into a 16 bit address causing the number to be truncated  and be completely different.

The rocket’s avionics then continued to perform their calculations with this wrong  number and performed an abrupt course correction because it thought it was going to wrong way.  The vehicle eventually broke up because the aerodynamic stress was simply too high.  Now back to SpaceX: how do they handle the problem of radiation?  Well they assume that you can’t protect electronics completely from radiation and  they design their systems with this in mind.  Instead of using expensive, radiation-hardened parts, SpaceX uses off-the-shelf components.  Let’s look at Dragon first.  According to John Muratore, previous director of SpaceX vehicle certification, each Dragon  is equipped with three flight computers.  Each of these flight computers is powered by a dual core x86 processor.  The computers however don’t use the multicore capability.

Instead they execute each calculation on the two cores individually and compare the results.  So three flight computer with each a dual core processor can be seen as 6 independent  computers that are constantly checking each others calculations.  If one of the flight computers is hit with radiation and produces a wrong calculation,  the others will spot it.  When that happens the malfunctioning computer will be rebooted automatically to prevent  further errors.  After rebooting the computer has to perform whats called a re-sync.  It has to get up to speed with what the vehicle is doing, so it copies the memory of the other  two computers and runs the same programs.

A bit like rebooting your computer with the option to restore all your windows when you  log back in.  Dragon can even handle a situation where all three of its computers are hit by radiation  at the same time although thats very unlikely to happen.  Besides 3 flight computers, Dragon has 18 other systems onboard that also use triple  redundancy computers.  That brings the total amount of processors up to 54!  And that’s just for a single Dragon capsule.  But Dragon isn’t alone, also the Falcon 9 has redundant systems.  It has 3 computers for each engine (9 x 3) and triple-redundancy flight computer which  means that it carries 30 processors.  At least that was the situation in 2012.

Right now it’s possible that Falcon 9 has even more processors to handle the landing.  Now at this point you might be thinking: hang on…  Does NASA really allow SpaceX to use regular hardware components?  The ones you and I can buy on Amazon?  Well actually yes!  NASA doesn’t require the use of radiation-hardened components.  Instead they require SpaceX to do extensive research into what effects the radiation can  have on their spacecrafts.  If they know how they’ll be affected, they can compensate for it.  In fact this is called a radiation-tolerant design and is different from a radiation-hardened  design.  In fact NASA itself doesn’t use radiation-hardened parts everywhere.  The International Space Station for instance uses a mix of radiation-hardened parts but  they also use regular laptops for some controls.

Even some parts on the Space Shuttle were radiation-tolerant instead of radiation-hardened.  But back to SpaceX: how do they select their parts?  Well they have two conditions: first of all the parts have to be capable enough to handle  their tasks – pretty obvious – and secondly, they take into account what tooling is available  for that particular part.  Tooling determines what kind of people SpaceX can hire.  Off-the-shelf hardware is pretty generic and uses software and tooling that a lot of developers  already know.  And that means that SpaceX has less trouble finding great engineers.  Radiation hardened parts however only work with special programming languages that few  people know, thus limiting the ability to hire new people.

Off-the-shelf hardware is also cheaper and that allows SpaceX to extensively test these  systems.  John Muratore said that at one point over 40 flight computers were sitting on people’s  desks for testing and development.  You simply cannot do that with expensive and hard to come by hardware.  But enough about all this hardware, what about the software that controls everything?  Well the operating system of choice at SpaceX is Linux.  It runs on the desktops of the engineers and powers its vehicles.  Using Linux everywhere allows them to streamline the development process and use the robust  tools that come with it.

The programming language

The programming language of choice is C++ and they use it for two main reasons.  First it allows SpaceX to hire a lot of brilliant people because the language is still relatively  popular.  Secondly, they benefits from the large C++ ecosystem.  No need to create custom software when you can just use tools that developers already  know like gcc, and gdb.  But Linux isn’t the only platform that is being used.  They also use LabView a graphical programming tool that runs on Windows.  It is used to visualise telemetry that they get from a Falcon 9 or Dragon during flight.  Ground teams use it to keep an eye on important metrics.

Another interesting fact is that SpaceX tries to share as much code as possible between  its vehicles.  The biggest advantage of this is that bug fixes for one vehicle are automatically pushed  to the other vehicles as well.  Oh and another interesting fact is that game developers are usually a good fit for SpaceX  because they are used to writing code that runs in environments where memory and processing  power are constrained.  The last thing we’ll take a look at is how SpaceX monitors their software and vehicles.  Engineers are encouraged to add metrics to everything they can think about.  When a vehicle is being used, all these logs are collected and analysed by programs who  raise an alarm if something is not within the safety margins.

All these metrics are stored together with the source code that was running at that time.  If something goes wrong with the vehicle, SpaceX can recreate the exact environment  to reproduce the problem and fix it.  And finally they are using continuous integration to automatically test all the code that is  being written by the engineers.  They even have test stands with all the components of a Falcon 9 bolted on so they can simulate  a complete flight to discover potential problems.  More details about the used hardware and software aren’t really available and that’s because  the United States government considers it classified.  A rocket like the Falcon 9 is basically a missile that goes to space.  So in the wrong hands, the technology could be misused and cause harm.

But even with limited information we got a pretty good view at what software and hardware  is being used at SpaceX and what challenges the teams face, considering the harsh environment  in space.  That was it for this video!  If you liked it, hit the thumbs up button and consider subscribing.  Also follow me on Twitter for more updates and as always: thank you so much for watching!

Press «Like» and get the best posts on Facebook ↓

Leave a Reply

;-) :| :x :twisted: :smile: :shock: :sad: :roll: :razz: :oops: :o :mrgreen: :lol: :idea: :grin: :evil: :cry: :cool: :arrow: :???: :?: :!:

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...
Software powering Falcon 9 & Dragon