Dynamic Fault Tree Analysis for a Distributed Onboard Computer

Kurzfassung

Future space missions will demand greater capabilities regarding the processing of sensor data on onboard computers of satellites than current space technology can provide. Limited downlink bandwidth, high resolution sensors and more rigid real-time control algorithms, dedicated to increase satellite autonomy, drive the need for growing onboard computing performance. To overcome these challenges, new high-performance onboard computers are necessary, leading to an increased consideration of Commercial-Of-The-Shelf (COTS) components. The DLR project Scalable Onboard Computing for Space Avionics (ScOSA) targets these challenges with a complex onboard computer design consisting of space-qualified and COTS computing devices, arranged as heterogeneous SpaceWire-interconnected grid computer in space. However, the utilization of COTS components in the harsh space environment imposes new challenges on the system. Therefore, Fault Detection Isolation and Recovery (FDIR) mechanisms are important functionalities of systems like ScOSA. These enable the preservation of the demanded dependability levels for an embedded system in space. To ensure this dependability, the FDIR subsystem configuration requires a detailed analysis regarding potential faults in the system. For this purpose, we employed Dynamic Fault Tree (DFT) analysis, a methodology which is used to model faults and their temporal propagation through an onboard computer. With this paper, we contribute a new building block for showing the applicability of DFT analysis and for closing the gap between theory and practical application of DFTs. The quantitative results of the analysis of the contribution of the ScOSA FDIR subsystem to the overall system reliability are taken as baseline for a discussion on how to effectively improve the system's reliability further. To showcase the methodology, an earth observation low earth orbit use case scenario is defined and the by FDIR means enforced processing system of the Xilinx Zynq SoC computing devices with a DFT analysis evaluated.