Forgot your password?
typodupeerror
Programming Space Linux Technology

SpaceX: Lessons Learned Developing Software For Space Vehicles 160

Posted by timothy
from the no-one-can-hear-you-bleep-in-space dept.
jrepin writes "On day two of the 2013 Embedded Linux Conference, Robert Rose of SpaceX spoke about the 'Lessons Learned Developing Software for Space Vehicles.' In his talk, he discussed how SpaceX develops its Linux-based software for a wide variety of tasks needed to put spacecraft into orbit—and eventually beyond. Linux runs everywhere at SpaceX, he said, on everything from desktops to spacecraft."
This discussion has been archived. No new comments can be posted.

SpaceX: Lessons Learned Developing Software For Space Vehicles

Comments Filter:
  • VxWorks? (Score:5, Insightful)

    by sanman2 (928866) on Sunday March 24, 2013 @05:48PM (#43265389)

    I thought that for the Falcon rocket and Dragon capsule, SpaceX use the VxWorks realtime OS made by Wind River.

    Is the market for spacecraft programming expected to grow significantly in the coming decade(s)?

    • Is the market for spacecraft programming expected to grow significantly in the coming decade(s)?

      Yes.

    • Is the market for spacecraft programming expected to grow significantly in the coming decade(s)?

      Even if it went up an order of magnitude... you're still only talking a few thousand jobs. Not something I'd want to build a career plan on.

      • Is the market for spacecraft programming expected to grow significantly in the coming decade(s)?

        Even if it went up an order of magnitude... you're still only talking a few thousand jobs. Not something I'd want to build a career plan on.

        Derek, you, myself and others have been closely following space for sometime. You know that if Bigelow gets going, and SpaceX really gets launch cheap, then we are going to the moon and mars SOON. And yes, there will be LOADS of coding needed. Nobody will want something like Windows creating the blue screams of death. They will want an OS that works. Period.

        • Derek, you, myself and others have been closely following space for sometime. You know that if Bigelow gets going, and SpaceX really gets launch cheap, then we are going to the moon and mars SOON.

          Maybe, probably not. When launch gets cheap, [non professional] people will finally realize what professionals knew all along - vehicles and equipment designed to survive and operate in extreme and unusual environments are inherently expensive. (There's a reason why MIL-SPEC gear is more expensive than consumer g

          • The only reason why Launch is expensive is because we use a launch vehicle exactly once. the Shuttle never had a chance of lowering the costs since it recycled all of the wrong parts. OTOH, If grasshopper is successful AND SpaceX can get at least 10 launches per F9 LV, then we will likely see launch costs of below $.5-1M / Tonne to LEO. At that point, Space is simply a new frontier. And yes, we will see loads of needs for coders.
            BTW, I am not certain how old you are, but, I was using the internet back in t
            • The only reason why Launch is expensive is because we use a launch vehicle exactly once. the Shuttle never had a chance of lowering the costs since it recycled all of the wrong parts.

              The Shuttle recycled the most expensive part - and that was the *wrong* part? The mind boggles at the amount of doublethink required to reach that conclusion.

              OTOH, If grasshopper is successful AND SpaceX can get at least 10 launches per F9 LV, then we will likely see launch costs of below $.5-1M / Tonne to LEO. At tha

    • The JPL-built Mars rovers run VxWorks, as do some other NASA probes. Maybe that's what you're thinking of.
    • vxworks does sell a hard realtime linux - maybe they're using that. Technically linux runs on the vx microkernel/hypervisor thingy.

      You get to deal with linux but then have a few more knobs to tell it how to behave.

    • by Guspaz (556486)

      I thought that for the Falcon rocket and Dragon capsule, SpaceX use the VxWorks realtime OS made by Wind River.

      No, they don't use it at all. RFTA.

      • by Dahamma (304068)

        Or don't RTFA, and instead actually do some research first.

        http://www.spacex.com/downloads/dragonlab-datasheet.pdf [spacex.com]

        Search for "Flight Software" (the most mission critical RT bit, of course).

        • by Guspaz (556486)

          So, which is more accurate, do you think? A 3+ year old datasheet for a spacecraft that isn't even scheduled to fly for the first time until 2014 (first DragonLab mission), or recent statements by the person IN CHARGE of the flight software?

          Your research is flawed.

          • by Dahamma (304068)

            No, it's not. Ok, here's more evidence.

            http://www.spacex.com/careers.php?jvi=oe2HWfwD,Job [spacex.com]

            "Our Flight Software Group currently has opportunities developing software for embedded flight hardware using Linux and VxWorks as well as ground simulation software using Linux. "

            They are HIRING people with VxWorks experience and say they use it in their current job descriptions.

            They use Linux, obviously. But they also use VxWorks for some mission critical RT applications. You said "they don't use it at all". You ar

  • by gadzook33 (740455) on Sunday March 24, 2013 @05:55PM (#43265443)
    I think this is all interesting and good stuff but hopefully most of it is stuff that software companies are already doing these days. At this point if you're not doing continuous integration or looking at ways to automate anything that possibly can be automated, you should get moving.
  • by Anonymous Coward on Sunday March 24, 2013 @06:09PM (#43265507)

    I started my career in nuclear engineering before moving into software development.

    There were three really important principles: Redundancy (having several of everything); Diversity (having different implementations i.e. different designs from different manufacturers) and Segregation (keeping things physically separate and firewalled off from each other).

    I'm a bigger Linux fan than many here. I've been using it since 1995 and I'm a die-hard Slackware user, but having everything running on the same OS seems like an accident waiting to happen. Yes, I know that it's great that you can have one piece of code that you can compile and run anywhere, and that's easier if you're only using one OS.

    However, one of the great things about Open Standards and Open Source was (is) that for many years software was portable so that it could be compiled and run on big- or little-endian 32- and 64-bit POSIX-like systems on a wide variety of CPU architectures.

    That may have been "expensive" in terms of software maintenance, but as I learned when working for a now-defunct very large UNIX company, writing your software to be portable across those systems exposes (and forces you to fix) many subtle bugs that otherwise would not have been found until deployment.

    Also, relying on just one OS puts you at the mercy of any latent bug in that specific system. Having a diversity of OSes in use mitigates that problem.

    The state of Software Engineering in general is still pretty primitive. I'm still amazed at the poor quality of a lot of "professional" code and the cavalier attitude towards testing...In the land of the blind, the one-eyed man is king.

    • by Anonymous Coward

      All of what you say is done at Airbus. They generally have zero issues with software, except in rare cases where the specification is already less than perfect. The same is with NASA's shuttle software. I assume you can say the same with Boeing 777s and 787s.

      Software != Software

      In beancounting, software quality matters remotely. In avionics, a lack of quality will surely kill.

      • by Anonymous Coward

        Bean counters will be angry if your software doesn't calculate and round up money correctly.

        • by PPH (736903)
          So, let them fly out here and confront me. Preferably on an airplane for which they wrote the avionics code.
          • Well, I guess they'll just run your salary through your miscalculating application, or your tax, depending on to which side the errors go (salary: too low, tax: too high).

      • by mattr (78516)

        China AIrlines Flight 140. Software fighting humans. Software wins.

        • That wasn't a case of software fighting humans, that was an issue of humans doing something incorrectly and not correcting properly - all they had to do was disconnect the autopilot and they would have had full command authority, but they didn't.

          Funny that - they gave the autopilot full command authority and then tried to fight it. And failed.

      • by Anonymous Coward
        LOL. Airbus is the group that tried to get MS to certify Windows for DO-178B. After Gates read over the specs, he told them that they had a good laugh, but to fuck off, Even to this day, Airbus continues to try and get other companies to port to Windows to add to their systems.

        Airbus is well known for their blue screams of death. Just look at AF-400. There was NO feedback on the stick so the senior pilot did not know that the international pilot with minimal experience was pulling back on the stick.
        And,
    • by Anonymous Coward

      JPL agrees with you:

      lars-lab.jpl.nasa.gov/JPL_Coding_Standard_C.pdf

      LOC-1: Language Compliance
      Rule 1 (language)
      All C code shall conform to the ISO/IEC 9899-1999(E) standard for the C
      programming language, with no reliance on undefined or unspecified
      behavior. [MISRA-C:2004 Rule 1.1, 1.2]
      The purpose of this rule is to make sure that all mission critical code can be compiled
      with any language compliant compiler, can be analyzed by a broad range of tools, and
      can be understood, debugged, tested, and maintained by any competent C programmer. It
      ensures that there is no hidden reliance on compiler or platform specific behavior that
      may jeopardize portability or code reuse. The rule prohibits straying outside the language
      definition, and forbids reliance of undefined or unspecified behavior.

      The other rules in the JPL coding guidelines are also interesting.

      • by Shinobi (19308)

        Yeah, this is something I try to hammer into the students I occassionally mentor:

        Do not write your code to be written for a specific compiler(Linux and its GCC'isms being a specific example) or even a hard reliance on a library, if it can be avoided. Oh, sure, you can't build a program like a kid builds with Duplo Lego in quite the same way any more, but when done properly it's more likely to be solid.

      • by rmstar (114746)

        Rule 1 (language)
        All C code shall conform to the ISO/IEC 9899-1999(E) standard for the C
        programming language, with no reliance on undefined or unspecified
        behavior.

        That quote you show is a bit like a sign reading "when smoking at a gas station, make sure no hot ashes touch the ground".

        The other rules in the JPL coding guidelines are also in

        • The reason they insist on C is for two reasons:

          (1) It's more portable than most of those safer languages. When every design you build is custom hardware, you want to have easy code reuse for standard functionality and signal processing.

          (2) VxWorks (not sure about 6xx, but previous versions this really stands) is built to be a front-end for C - it adds a multi-tasking thin OS (limited memory protection), debugging and logging tools, and that's about it. You get a marginal Tornado IDE supporting C and C++,

    • Also, relying on just one OS puts you at the mercy of any latent bug in that specific system. Having a diversity of OSes in use mitigates that problem.

      Having a diversity of OSes puts you at the mercy of random and subtle bugs in one OS that require customizing either the OS or the code. (Which customization carriers further hazards of it's own.) Relying on one OS mitigates that problem.

      TANSTAAFL.

      • by Ichijo (607641)

        Having a diversity of OSes puts you at the mercy of random and subtle bugs in one OS that require customizing either the OS or the code.

        Or crossing that OS off the list. Or having the bug fixed.

  • by Anonymous Coward

    I work for a major European, high-end automotive company and we use Linux for radar applications. Now that this works nicely, we can do stuff like braking automagically (you still need to slightly tip the pedal) with the lowest possible deceleration which will assure you don't hit the vehicle in front of you.
    That means, even if you are trailed by a somewhat sleepy person that car has the maximum reaction time to also hit the brakes.
    The excellent quality of Linux now shows in all sorts of applications from a

  • Why mention Linux? (Score:1, Insightful)

    by jellyfoo (2865315)

    Linux is mentioned twice in the summary. Is there a reason why? We all know Linux has major use in the embedded and scientific world, this isn't a secret. Are people still desperate to mention Linux anywhere as some form of validation that they chose the right decision to stick with it or something?

    I thought Linux had "won", or something. If that was the case then it shouldn't be necessary to circlejerk the name anymore.

    • by nospam007 (722110) * on Sunday March 24, 2013 @07:54PM (#43266151)

      "Linux is mentioned twice in the summary. Is there a reason why?"

      2013 will be the year of Linux on spaceships.

    • by PPH (736903)

      Keeping score much?

    • by MBCook (132727)
      The article is from Linux Weekly News (great resource, long time subscriber). It shouldn't be surprising that they would take a Linux bent on the story.
    • by Anonymous Coward

      SpaceX is "Linux, Linux, Linux", he said.

      It's a nice word, can't say it too many times.

  • But there are differences in the software requirements for the launch vehicles and spacecraft, largely having to do with the different reaction times available. As long as a spacecraft is not within 250 meters of the International Space Station (ISS), it can take some time to react to any problem. For a rocket, that luxury is not available; it must react in short order.

    [snarktag]The solution is clear, keep parameters in an XML file. Use base class reference objects and inject the proper objects at runtime

Be sociable. Speak to the person next to you in the unemployment line tomorrow.

Working...