Engineering Resilient Space Systems: Leveraging Novel System Engineering Techniques and Software Architectures

July 30 - August 3, 2012
California Institute of Technology - Pasadena, CA 91125

Final Report

Workshop Overview:

Future space missions will require the conception, development and operation of a class of spacecraft that has unprecedented resilience, i.e., the ability to achieve envisioned science objectives even if the spacecraft performance and/or the environment are not as expected. Looking forward to future missions, the recent planetary decadal survey describes missions that will have tremendously challenging resilience requirements. For example, the Venus In-Situ Explorer will have a very short period of time to perform its science before the extreme environment of the Venusian atmosphere kills the spacecraft; in its short lifetime it will need to autonomously decide what measurements to take for the best science return possible. Another example is the Trojan Asteroid Tour and Rendezvous concept that will fly by multiple small bodies and is required to make measurements in a very short time window. Finally, envisioned missions like extra-solar planetary probes must be fully autonomous and resilient due to the exceptionally long mission lifetimes and distances from Earth, and the completely mysterious environment they will find at their destination.

These incredibly complex and ambitious endeavors represent the future of space science missions. These spacecraft must be capable of reasoning about their own state and the state of the environment in order to predict and avoid hazardous conditions, recover from internal failures, and ultimately meet the science objectives despite the uncertainties. The current paradigm relies on "brute force" approaches. Current missions fulfill their science objects typically by sequencing a fixed set of operations, with little capability for in-flight onboard decision making. Today, spacecraft operate in assumed known environments and in response to internal faults leverage on traditional techniques of: hardware redundancy, shielding, implementation of hundreds of pre-programmed 'reflexes', and large technical margins. The new class of missions, described above, will require unprecedented autonomy and resilience to achieve both the mission science objectives and reduced costs being demanded by government funding pressure. Moving beyond the current state of the practice therefore requires a fundamental paradigm shift in the way we conceptualize, design, implement, validate, and operate our systems. The challenge is to figure out a way to effectively develop and deploy such capabilities in order to enable the new class of missions, i.e., deliver an acceptable probability of returning high-value science while addressing degrading spacecraft condition and environmental uncertainty.

The goal of the proposed study program is to investigate the system capabilities, software architectures and autonomy technologies that will provide the needed resilience for these future missions. Initially a set of reference missions enabled by, or benefiting from, resilient systems will be discussed. The focus of the workshops will then be to:

  1. Explore novel systems engineering techniques needed to architect, design, implement, validate, and operate these systems, and manage their associated complexity,
  2. Review software architectures and technologies that will be relied on to provide the requisite intelligence and behavior for these systems.

The products of these workshops will include:

  1. A description of the desired end-state capabilities,
  2. The definition of necessary functions to support these new system capabilities,
  3. The identification of unique architectural patterns to support these new system capabilities,
  4. The identification of enabling software technologies (e.g. middleware, languages, virtual machines, frameworks, etc.),
  5. Areas of focus where further technology investment is required, leading to a roadmap for future research and development programs that develop, mature and apply these capabilities in order to enable truly resilient missions, and
  6. A list of key processes for the agile and verifiable development of these systems.

These products will be utilized to derive a final report for the workshop, a technology plan that will provide a reasonable path forward in the development and infusion of these capabilities in order to enable truly resilient missions.

Workshop Participants:

  • Ella Atkins - University of Michigan
  • Melissa Bunte - Arizona State University
  • Richard Camilli - Woods Hole Oceanographic Inst.
  • George Cancro - JHU/APL
  • Betty Cheng - Michigan State University
  • John Day - JPL/Caltech
  • Kenneth Donahue - JPL
  • John Doyle - Caltech
  • Tara Estlin - JPL
  • Lorraine Fesq - JPL
  • Kai Goebel - NASA Intelligent Systems
  • Kim Gostelow - JPL
  • Andrew Ingersoll - Caltech
  • Mitch Ingham - JPL
  • Stephen Johnson - University of Colorado
  • Joseph Kochocki - Charles Stark Draper Lab.
  • Azad Madni - University of Southern California
  • Richard Murray - Caltech
  • Necmiye Ozay - Caltech
  • Robert Rasmussen - JPL
  • Len Reder - JPL
  • Abhinav Saxena - NASA Ames Research Center
  • Howard Shrobe - DARPA
  • Janos Sztipanovits - Vanderbilt University
  • Leslie Tamppari - JPL
  • Eric Timmons - MIT
  • David Wang - MIT
  • Brian C. Williams - MIT
  • Huan Xu - Caltech

Short Course Presentations

Len Reder

Introduction to Short Courses - What is a resilient system?
(2.0 MB .pdf)

Robert Rasmussen

Principled System Architecture
(8.3 MB .pdf)

Kim Gostelow

Capturing Flight Software Architecture using Domain Specific Languages
(389 KB .pdf)

Richard Murray

Control Theory and Methods
(4.1 MB .pdf)

Brian Williams

Autonomy Practices
(13.5 MB .pdf)

Henry Garrett

Ultra-Reliability for Interstellar Missions
(3.8 MB .pdf)

Workshop Presentation

Vision For Future Missions (Requirements & Ref. Mission Ideas)

Mitch Ingham

Goals & Products for Workshop
(237 KB .pdf)

Andy Ingersoll

Decadal Survey Future Missions
(3.8 MB .pdf)

David Thompson

Agile Science Operations
(2.9 MB .pdf)

Leslie Tamppari

Challenging Science Mission Scenarios
(6 MB .pdf)

Adaptability (concepts & capabilities)

John Doyle

Universal Laws and Architectures
(8.8 MB .pdf)

Janos Sztipanovits
Vanderbilt U.

Modeling for Structural Adaptation: Lessons Learned from Model-based Design
(2.5 MB .pdf)

Richard Doyle

Relations Between Resilience and Validation
(403 KB .pdf)

Postdoc / Graduate Student / Early Career Hire Talks

Huan Xu

Reactive Synthesis for Aircraft Electric Power Systems
(2.3 MB .pdf)

Eric Timmons

State Estimation of Hybrid Systems
(323 KB .pdf)

David Wang

tBurton: Model-based Temporal Generative Planning
(631 KB .pdf)

Necmiye Ozay

Distributed Synthesis of Distributed Control Protocols
(3.3 MB .pdf)

Trust (Principles, Risks, Patterns, Verification)

Azad Madni

Affordable, Adaptable and Effective: The Case for Engineered Resilient Systems
(356 KB .pdf)

Gerard Holzmann

Agile Verification
(315 KB .pdf)

Erv Baumann
Northrop Grumman

Model-Based Integrated Health System
(1.8 MB .pdf)


Ligthning Talks
(1.7 MB .pdf)