Artemis II Fault Tolerance
4 hours ago
- #Spacecraft Computing
- #Fault Tolerance
- #NASA Artemis II
- NASA's Artemis II uses two Vehicle Management Computers, each with two Flight Control Modules (FCMs), totaling four FCMs, with each being a self-checking pair of processors, resulting in eight CPUs running in parallel.
- The system employs a 'fail-silent' design where self-checking pairs detect errors immediately; it can lose three FCMs in 22 seconds and still operate safely, with silenced modules capable of resetting and rejoining mid-flight.
- Redundancy includes deterministic error-checking with FCMs synchronized to a network time, automatic silencing and resetting for missed deadlines, and hardware reinforcements like triple-modular-redundant memory and self-correcting network interfaces.
- To counter common mode failures, Orion has a dissimilar Backup Flight Software (BFS) system on different hardware and OS, with independently developed, simplified software for added reliability.
- In a total power loss ('dead bus') scenario, Orion can enter a safe mode to stabilize, align solar arrays for power recovery, and orient for thermal stability, with crew options for manual intervention like configuring life support.