Mike Deliman

When I was a kid anything that was a computer, or had one in it, was pretty obvious. Computers weren't "just everywhere".  Now we've got multiple CPU chips on a board, multiple CPU cores on a chip, different kinds of cores on a single chip, multiple computer boards in a single chassis, ... it goes on.    These things are embedded in everything around us, all this hardware glued together to achieve something.
This brings us to software.  Software has to evolve to keep up with hardware, and with the needs of users.  With all these cores and chips and boards and systems running around, it gets a bit confusing.   Software is what enables everything from multi-processing to "poly-processing".  There's a lot of buzzwords about it - SMP, AMP, POS, VOS, Real time kernel, Separation Kernels... but what does it all mean?  And.. what's it for?

Eventually these things will all become even more blurry. As the realization that the "system" is a composite of the hardware and software all together spreads beyond the aerospace and defense industries, the various specifications will have to cover a fusion of SMP, AMP, and partitioned systems.

For now, though... what I'm talking about includes:
SMP - Symmetric  Multi-Processing - two or more cores running out of the same RAM, each processing parts of a shared task.   The cores may or may not run the same exact OS, but often do.
AMP - Asymmetric Multi-Processing - this is where several separate computers process data as parts of an overall larger system.  They may briefly share data, or have a limited amount of shared memory, but other than this each computer is a separate processing node.
SMP is comparatively  new, but AMP has been available through packages like vxMP for a long time.
SMP and AMP are multi-processor applications, where multiple computers are connected together to achieve a larger goal.  They both bring up issues of concurrency, and offer their own challenges for the implementer.

Way on the other end of the scale are what might be called "poly-processing computers" partitioned systems, where a single computer is virtually carved up and treated as if it's really several computers.   Each of those virtual computers can run a completely different OS - one for it's rich applications and ease of install, one for it's sophisticated communications abilities and firewall, perhaps even a third or forth to handle other kinds of processing. or devices.  You can already share a PC between Windows and Linux (for example) using virtual machine software technologies.  But did you know that similar things are being done with flight systems - using a single high-powered computer to replaces dozens of of single-purpose computers, to reduce weight, cost, and complexity? 

SMP and AMP are for systems where one CPU can not possibly handle the work load before it.   If the work can all be done in one "space" -simultaneously acquire data, process data in place, store data - SMP is a good fit, as all the processors run out of one pool of RAM.  One processor can be tasked with managing / storing the pools of data, another can perform the processing-in-place.

If the work should be handled in separate spaces - say the processing can't be done in-place for whatever reason - AMP would be a better fit. 

In the case of poly-processing (via vitalization, etc), this paradigm fits more where you want to take advantage of the extra processing power of a modern computer to have it replace a number of older computers (or other devices), to save on weight and expense of a newer system with similar function.  A Good examples of this could come from the shipbuilding and aircraft industries, where you have multiple separate mechanical and computational systems that may easily be replaced with smaller, lighter, more capable modern electronics.  Each of these separate systems might still need a small general purpose computer to control them, but that can be costly and add weight.   A single, modern, high-powered computer may be able to replace dozens of smaller, less capable systems.

With any of these paradigms it all comes down to: what is your application, how does it need to be accomplished, and does your system have enough processing capacity to achieve your goals.

About four years ago a pair of robots, who began life as MER-A and MER-B, landed on Mars, starting a 90 day mission.  That was one of the most exciting Januaries I've ever experienced!  (It's hard to top the successful landings of two probes on another planet in 3 weeks!!)

About 5 months ago a planet-wide dust storm gave us cause for concern - it had the potential to kill both of the rovers.   Happily both survived.  In fact, the weather is why we've run so long - as much dust as the winds have dropped on our babies, the winds have also kept the panels clean enough to keep the rovers alive this long.

In two more weeks, there's a chance that Mars will get hit by an asteroid.   Chances of a strike vary according to sources, but the inside bet is: it's going to be a fly by.  In some ways scientists would really love to see a strike, to study an actual asteroid collision with a stony planet (not ours!).   I'm kind of glad it's likely to be a miss, as fascinating as it would be (and yes, I'd watch with a telescope if I could), it'd be tragic if either of the rovers were lost because of it.

I wonder... if Spirit or Opportunity will get a chance to photograph an asteroid - perhaps a temporary neighbor to Phobos and Deimos - as a 4th birthday present?

In any case:  Happy Fourth Birthday Spirit, Opportunity, and Congratulations MER Team!!

Hello All

Today MESSENGER successfully made its first swing by Mercury. Mercury is as alien a world to us as any  we really only know a large  amount about our planet and our red neighbor, Mars. We probably know more about the Jovian planets than Mercury. As close as it is to the sun  it's an incredibly hard study. 

This maneuver is part of slowing-down to do long term studies of the planet.  It's also our first look at the planet in over three decades. Believe it or not  even a brief flyby like this will yield some important scientific data.  It's going to take a lot more fly-bys and several years to compete the mission and the study, this is one more step along the way... a big one, though!

I'm proud that Wind River was able to help empower the MESSENGER team to achieve this goal  and I hope they don't mind us helping spread the word...

You've heard about it, haven't you?  The Google Lunar X prize?

The X-Prize foundation seeks to encourage radical breakthroughs for the benefit of humanity.
In case you don't know or don't remember the Ansari X prize, it was a contest for a private (non-government) entity too engineer and launch a re-usable space entry vehicle twice within a short time (to prove it was re-usable).  Burt Rutan and his crew at Scaled Composites created The White Knight and Space Ship One, and won the Ten Million Dollar prize.  Even though Paul Allen backed the project with a lot more than $10mil in funding, you have to admit the results are pretty fantastiic: not  only did they achieve the goal, but Virgin Atlantic is going to create a service based on this.  We may yet see commercial flights into space affordable for folks who aren't billionaires.

Back to the Lunar X prize.  The idea here is similar, but the challenge is for a private team to put a rover on the Moon, the prize is Thirty Million Dollars.

Ignoring the question as to weather private industry can build a rover that can withstand space, radiation, the G-forces of liftoff and landing, temperature extremes, vibration of rocket propelled thrust, and to be sure it's understood - Radiation,  the basic problem boils down to this: the expertise and resources needed to launch a rocket capable of carrying everything necessary to get a rover TO the moon, orbiting, and landed in good operating condition, and the rocket itself.

Looking at just the landing part - remember, the moon has no atmosphere, so airbags would be a bit tough to work out, and parachutes are out of the question.  This has to be a retro-rocket landing.  Which means: some sort of airframe, controllable rockets (unless you're really lucky), rocket fuel, etc.  Translation: weight.   

The rover itself doesn't have to do much, but what it does have to do is pretty big for a private group: survive the radiation and temperature extremes of space long enough to land on the surface and send back proof of operation.   To protect the computers from radiation you can shield them - usually with metal.  For the temperature extremes you can make a thermal box with some sort of heating and cooling provisions. Those will need powered somehow,  and probably will need some kind of battery backups at least for parts of the cruise and landing.  That translates to...: weight.

And you need a transmitter (at least), capable of being received on the earth from the Moon, licensed, and all that, and it'll need an antenna to direct the transmission.  That's  more weight.

Can private industry build a rover capable of going to the Moon, surviving landing, and able to run in the extremes of heat, cold, and radiation in space?  I have no doubt at all that it can be done.   I don't know if it would be as capable, elegant, and demure as our Wonder Twins on Mars, but it can be done.
The hard part is going to be strapping it all on top of a rocket capable of lifting all the weight to the Moon, and renting the facility to do it with.  Even if you had the help of Space Ship One to get you into sub-orbital space, you still have to have enough to break earth orbit, at the right time, get you to the moon, and slow you down enough to drop you to the surface... and the rest of it.  I'm pretty sure that for a rocket that big you're going to need a facility like KSC, Arianespace, or Baikonur, I doubt a Space Ship One style launch could manage a craft big enough for the rest of that, mostly due to the weight factor.

Is it impossible?  Many thought the Ansari-X prize was impossible. 

I'm taken back to when I was a litte kid, listening to a 78rpm record we had of a famous speech.  That speech was about hopes, and dreams, and challenges, and difficulties, and the strength of human resolution, and eventually about setting and achieving nearly impossible goals.  And I remember later watching on T.V. as we fulfilled those goals.

Do I think the Lunar-X prize is impossible?  I think it'll only take time.

Though we haven't seen a lot of Mars in the news lately, for those who keep track, the past couple of months have been somewhat stressful.  A sandstorm started on Mars over a month ago.  It's still raging on, and even though the rovers are on opposite sides of the planet, the storm has affected both rovers.

This dust storm has measurable effects.  It's made the sky more opaque, added dust to the solar panels, and made the atmosphere retain a little more heat.  With the dust in the sky, less sun light makes it down to the rovers.  With new layers of dust on the panels, even more of the sunlight is blocked out.  And even though the dust helps retain heat,  it's not a huge difference, and it's still cold enough that the emergency heaters could be turned on.

Right now the rovers are running on borrowed time.  We're all surprised the robots have lasted this long (happily surprised!), and that the batteries have managed to retain enough charge to keep the rovers going.

Day by day the batteries are monitored, as is the power usage and power generated by the solar panels.  For any given day, if more power is produced than is consumed, it's called a "power positive day". A "Power Negative Day" would be a day when more power is used than is made.  Power negative days drain the batteries down.

Over the last several weeks, the rovers teams have trimmed power consumption down drastically, and the result is that even on the darkest days, the rovers were able to operate with positive power balances.  The danger remains that the heaters could be triggered, and it wouldn't take long for the heaters to drain the batteries. 

The good news is that today on the Rovers web site I see that the dust is starting to clear.

--

Phoenix is on it's way to Mars.  It has successfully completed it's first TCM - trajectory correction maneuver - or flight correction.   So far, everything is going well.

After more than 1234 days in service, after surviving the extreme cold of Martian winter, the rovers may be facing their toughest challenge:  summer dust storms.

I live out in the desert, and on our planet, dust storms can raise-up at the drop of a hat, and obliterate everything.  Just a few months ago we had a couple of days of "zero-visibility" warnings because of dust storms.  In our deserts, though, there are still plants and trees that can hold some of the dust down.

On Mars, when the dust blows, there's nothing to stop it.

Here's the news item from JPL... 
------------

MEDIA RELATIONS OFFICE

JET PROPULSION LABORATORY

CALIFORNIA INSTITUTE OF TECHNOLOGY

NATIONAL AERONAUTICS AND SPACE ADMINISTRATION

PASADENA, CALIF. 91109 TELEPHONE 818-354-5011

http://www.jpl.nasa.gov

 

Guy Webster/Gay Yee Hill  818-354-6278/5011

Jet Propulsion Laboratory,

Pasadena

,

Calif.

 

Dwayne Brown/Tabatha Thompson 202-358-1726/3895

NASA Headquarters,

Washington

 

NEWS RELEASE: 2007-080  July 20, 2007

 

NASA Mars Rovers Braving Severe Dust Storms

 

PASADENA

,

Calif.

- Having explored Mars for three-and-a-half years in what were missions originally designed for three months, NASA's Mars rovers are facing perhaps their biggest challenge.

 

For nearly a month, a series of severe Martian summer dust storms has affected the rover

Opportunity

and, to a lesser extent, its companion, Spirit. The dust in the Martian atmosphere over

Opportunity

has blocked 99 percent of direct sunlight to the rover, leaving only the limited diffuse sky light to power it. Scientists fear the storms might continue for several days, if not weeks.

 

"We're rooting for our rovers to survive these storms, but they were never designed for conditions this intense," said Alan Stern, associate administrator of NASA's Science Mission Directorate, Washington.

 

If the sunlight is further cut back for an extended period, the rovers will not be able to generate enough power to keep themselves warm and operate at all, even in a near-dormant state. The rovers use electric heaters to keep some of their vital core electronics from becoming too cold.

 

Before the dust storms began blocking sunlight last month,

Opportunity

's solar panels had been producing about 700 watt hours of electricity per day, enough to light a 100-watt bulb for seven hours. When dust in the air reduced the panels' daily output to less than 400 watt hours, the rover team suspended driving and most observations, including use of the robotic arm, cameras and spectrometers to study the site where Opportunity is located.

 

 

On Tuesday, July 17, the output from

Opportunity

's solar panels dropped to 148 watt hours, the lowest point for either rover. On Wednesday,

Opportunity

's solar-panel output dropped even lower, to 128 watt hours.

 

NASA engineers are taking proactive measures to protect the rovers, especially

Opportunity

, which is experiencing the brunt of the dust storm. The rovers are showing robust survival characteristics. Spirit, in a location where the storm is currently less severe, has been instructed to conserve battery power by limiting its activities.

 

"We are taking more aggressive action with both rovers than we needed before," said John Callas, project manager for the twin rovers at NASA's Jet Propulsion Laboratory,

Pasadena

,

Calif.

 

By

Opportunity

's 1,236th Martian day, which ended Tuesday, driving and all science observations had already been suspended. The rover still used more energy than its solar panels could generate on that day, drawing down its battery. "The only thing left to cut were some of the communication sessions," Callas said.

 

To minimize further the amount of energy

Opportunity

is using, mission controllers sent commands on Wednesday, July 18, instructing the rover to refrain from communicating with Earth on Thursday and Friday. This is the first time either of the rovers has been told to skip communications for a day or more in order to conserve energy. Engineers calculate that skipping communications sessions should lower daily energy use to less than 130 watt hours.

 

A possible outcome of this storm is that one or both rovers could be damaged permanently or even disabled. Engineers will assess the capability of each rover after the storm clears.

 

NASA will provide mission updates as events warrant. The Jet Propulsion Laboratory manages the rover project for the Science Mission Directorate.

 

For more information about the rovers, visit:

 

http://marsrovers.jpl.nasa.gov

 

-end-

July 4th 1997 NASA did something spectacular: demonstrated a bunch of new technologies and delivered a space craft to the surface of another planet.  Mars Pathfinder landed on Mars.  Not long after, NASA started working on more probes to be sent to Mars, to do some research on the the climate and the polar ice packs.  It's pretty important research given that this seems to be where ALL the water on Mars was. Water is a pretty important item if we ever want to have a return mission or a manned mission.  Not to mention water drives a lot of geological and planetary evolution.  And there's that "life" thing too.

Some bad things happened (most notably, 2 Mars Probes crashed).  Mission delays ensued, launch windows were missed, and eventually the project was "mothballed".  It didn't look like this mission to the polar ice was ever going to get a chance. 

Here we are more than a decade after Mars Pathfinder's success, and Up From The Ashes , The Phoenix rises!  Next month, it will start on it's way to the red planet.  This craft is, in terms of software evolution, Mars Pathfinder's sibling, sort-of one of the Mars Exploration Rovers' grandparents.  I hope you'll join me in wishing it "Bon Voyage"!

Watch the whole story.

Not quite a year ago, Mars was in the news.  Opportunity had made it to a new milestone - Victoria Crater.  Among the issues being discussed at the time was: will we send the rover down into this crater, from which it would likely never return.  I posted my own feelings in an entry titled Precipice .

My feelings haven't changed.  I'm still amazed at what we've managed to achieve.  I still feel a bit mixed about sending this rover to it's eventual doom.  And I still know in my heart that it's The Right Thing to do; it's what we sent it there for, and there's not going to be any better ..opportunities.. to get this much information.

So here it is - Opportunity is going in.  And a whole new adventure begins for our rover.  And I feel excited about this new adventure.

-----  full article from NASA/JPL

Guy Webster 818-354-6278

Jet Propulsion Laboratory,

Pasadena

,

Calif.

 

 

Dwayne Brown/Tabatha Thompson 202-358-1726/3895

NASA Headquarters,

Washington

 

NEWS RELEASE: 2007-070            June 28, 2007

 

NASA Mars Rover Ready For Descent Into Crater

 

PASADENA

,

Calif.

- NASA's Mars rover

Opportunity

is scheduled to begin a descent down a rock-paved slope into the Red Planet's massive Victoria Crater. This latest trek carries real risk for the long-lived robotic explorer, but NASA and the Mars Rover science team expect it to provide valuable science.

 

Opportunity

already has been exploring layered rocks in cliffs around Victoria Crater. The team has planned the descent carefully to enable an eventual exit, but

Opportunity

could become trapped inside the crater or lose some capabilities. The rover has operated more than 12 times longer than its originally intended 90 days.

 

The scientific allure is the chance to examine and investigate the compositions and textures of exposed materials in the crater's depths for clues about ancient, wet environments. As the rover travels farther down the slope, it will be able to examine increasingly older rocks in the exposed walls of the crater.

 

"While we take seriously the uncertainty about whether Opportunity will climb back out, the potential value of investigations that appear possible inside the crater convinced me to authorize the team to move forward into Victoria Crater," said Alan Stern, NASA associate administrator, Science Mission Directorate, NASA Headquarters, Washington. "It is a calculated risk worth taking, particularly because this mission has far exceeded its original goals."

 

The robotic geologist will enter Victoria Crater through an alcove named

Duck

Bay

. The eroding crater has a scalloped rim of cliff-like promontories, or capes, alternating with more gently sloped alcoves, or bays.

 

A meteor impact millions of years ago excavated Victoria, which lies approximately 4 miles (6 kilometers) south of where Opportunity landed in January 2004. The impact-created bowl is half a mile (800 meters) across and about five times as wide as Endurance Crater, where

Opportunity

spent more than six months exploring in 2004.

 

The rover began the journey to

Victoria

from Endurance 30 months ago. It reached the rim at

Duck

Bay

nine months ago.

Opportunity

then drove approximately a quarter of the way clockwise around the rim, examining rock layers visible in the promontories and possible entry routes in the alcoves. Now, the rover has returned to the most favorable entry point.

 

"

Duck

Bay

looks like the best candidate for entry," said John Callas, rover project manager, NASA's Jet Propulsion Laboratory,

Pasadena

,

Calif.

"It has slopes of 15 to 20 degrees and exposed bedrock for safe driving."

 

If all of its six wheels continue working, engineers expect

Opportunity

to be able to climb back out of the crater. However,

Opportunity

's twin rover, Spirit, lost the use of one wheel more than a year ago, diminishing its climbing ability.

 

"These rovers are well past their design lifetimes, and another wheel could fail on either rover at any time," Callas said. "If

Opportunity

were to lose the use of a wheel inside Victoria Crater, it would make it very difficult, perhaps impossible, to climb back out."

 

"We don't want this to be a one-way trip," said Steve Squyres, principal investigator for the rovers' science instruments, Cornell University, Ithaca, N.Y. "We still have some excellent science targets out on the plains that we would like to visit after Victoria. But if

Opportunity

becomes trapped there, it will be worth the knowledge gained."

 

The Jet Propulsion Laboratory manages the Mars Exploration Rover project for NASA's Science Mission Directorate.

 

For more information on the Mars Rovers, visit:

 

http://www.nasa.gov/rovers

 

Visuals describing this decision and the anticipated science can be viewed at:

 

http://www.nasa.gov/mission_pages/mer/070628

 

-end-

I've blown a horn or two about Open Standards, and what they can buy you.  I'm proud of where my employer adheres to, helps promote, and even helps reform and enhance open standards.   It's interesting to see this morning's announcement about Apple's Leopard build achieving cert.

Recently my cohorts Paul Parkinson and Doug Gaff have been making a bit of noise about changes in the software industry - evolution of software, and specialized software for military and commercial avionics,and other applications that have strict time and security requirements.  Aside from requiring strict adherence to standards, critical systems software - especially medical or flight related - have an increasing litany of certification inspections it must pass.  In the secure-systems markets the same trend is evident.  Each of these markets are starting to require time- and space- critical systems.

Let me define time and space critical. 

Time critical is pretty straight forward - anything that has to be done within deadlines, is time critical. Sometimes time-critical functions are also periodic in nature, requiring periodic service with deadlines.

Space-critical is a bit more slippery.  This is about RAM, but not just "how much".  I'm talking about space in terms of RAM that other processes are protected from, and RAM that is protected from this process, and even memory shared between processes.

There are a lot of examples of time critical periodic applications.  Any aspect of handling telemetry - course, attitude, velocity, housekeeping (checking fluid levels, etc) - has time critical periodic attributes.   It's easy to think of time-critical tasks.

Space-critical is a little more elusive to both define and decide where to use, especially in embedded and real-time applications.  The answer to time-critical is somewhere between having fast enough hardware, efficient enough software, and proper scheduling. Protecting memory areas on a process-by-process basis has excellent benefits, but those benefits usually come at a cost of slower execution.    Sure, you never want your stack to be overflowed, your text to be zero-cleared, or your exception table to be  the victim of an uninitialized data pointer, but when is the trade-off in execution speed penalties worth the  overhead of enabling such protection?  The answer has more to do with security than with protection from poorly-debugged code - the separation, multiplexing, encoding, decoding and proper sorting of information streams.  There may be situations where every function of your application must have it's own data spaces because of the nature of the data being handled.  In fact, this kind of design is becoming more common.

It seems like it would take a fantastic amount of processing power to be able to do what's described above - guarantee on-time scheduling to handle deadlines, and mix-in varying levels of RAM-security, and still provide all the services and infrastructure necessary from an O.S. to build effective applications on-top of.  Even though processors are being created now with incredible horsepower, it wouldn't seem like they could keep up with much of this kind of work.  All that partition scheduling and context swapping would bog down the best of processors if it had more than just a few partitions and contexts to handle!

...or would it?

Come on down to the Regional Devlopers Conference in Manhattan Beach (Los Angeles) on May 24th, and we'll talk about it.  :-) See you there!