Hardware reconfigurability and software upgradability are increasingly viewed as properties crucial to the survival of a spacecraft in an ultra-long-life mission. One of the major challenges that arise from onboard software upgrading is that of guarding the system against performance loss caused by interrupted services of the spacecraft or residual design faults introduced by an upgrade. The current practice of onboard software upgrade imposes severe unavailability on mission operation and provides no safeguard function, which are unacceptable for NASA's future missions. With those motivation, we strive to develop a low-cost, flexible methodology for mitigating the adverse effects of unsuccessful upgrades on long-life deep-space missions.
This effort focuses on onboard guarded software upgrading (GSU), which is an important aspect of onboard maintenance for long-life missions. GSU aims for avoiding or minimizing mission performance loss or degradation due to software upgrading activities during a mission or due to system failure caused by residual faults in an upgraded version. GSU permits an upgraded software component to start its service to the mission seamlessly through onboard validation and guarded operation; and, in the case that the upgraded component is not sufficiently reliable and thus imposes an unacceptable risk to the mission, ensures that the system will be safely downgraded back by replacing the upgraded software component with an earlier version. ... more
A. T. Tai, W. H. Sanders, L. Alkalai, S. N. Chau, and K. S. Tso, ``Performability analysis of guarded-operation duration: A translation approach for reward model solutions,'' Performance Evaluation, vol. 56, pp. 249-276, Mar. 2004. (download PDF file)
A. T. Tai, K. S. Tso, L. Alkalai, S. N. Chau, and W. H. Sanders, "Low-cost error containment and recovery for onboard guarded software upgrading and beyond," IEEE Trans. Computers, vol. 51, pp. 121-137, Feb. 2002. (download PDF file)
A. T. Tai, K. S. Tso, L. Alkalai, S. N. Chau, and W. H. Sanders, "On the effectiveness of a message-driven confidence-driven protocol for guarded software upgrading," Performance Evaluation, vol. 44, pp. 211-236, Apr. 2001. (download PDF file)