So what happens when the hypervisor itself gets hit by a NSEU, either in it's instruction stream, or some data structure it maintains (page tables, vm function pointer table, etc). I don't see how triplicate VMs addresses that. I guess you could just reboot the system, but then what controls the craft while that happens. Are they planning on sending dual/triplicate hardware as well to address that problem?
Posted Sep 19, 2013 1:46 UTC (Thu) by Cyberax (✭ supporter ✭, #52523)
[Link]
Spacecraft do not really need to have millisecond-precise control all the time. Indeed, quick reaction is important only during the powered flight stages.
I'd personally just install a very simple additional microcontroller to issue timed commands during these stages.
NSEU on the hypervisor?
Posted Sep 19, 2013 2:06 UTC (Thu) by pflugstad (subscriber, #224)
[Link]
I thought of that as well, but then what if the microcontroller has a NSEU... its RAM is not protected either.
NSEU on the hypervisor?
Posted Sep 19, 2013 2:07 UTC (Thu) by dlang (✭ supporter ✭, #313)
[Link]
They are planning to send redundant hardware, that's how they will be able to survive and recover from radiation induced errors.
But, 3 $1K processors are still cheaper than 1 $200K processor, not to mention faster.
Now, they may discover that NASA is right and you really need a space rated processor to keep going
Or they may find that a little bit of redundancy and shielding lets them get by for a fraction of what a NASA mission would need, and have a lot more performance available as well.
NSEU on the hypervisor?
Posted Sep 19, 2013 5:08 UTC (Thu) by Cyberax (✭ supporter ✭, #52523)
[Link]
Unfortunately, shielding doesn't really help against cosmic rays. They are just too high-energetic. It helps against fairly slow-energy particles trapped in radiation belts, though.
Radiation hardening
Posted Sep 19, 2013 8:51 UTC (Thu) by kleptog (subscriber, #1183)
[Link]
I actually found the wikipedia article on this quite informative:
Essentially you have two kinds of damage. Actual physical irreversible damage which degrades your chips over a long period. And transient spikes which can cause problems. The latter can sometimes be fixed by turning it off and on, but that seems a little difficult if you're doing it on one chip with VMs.
Still, given the price difference you can play the odds. If for the same price you can send up 100 of these things and a dozen fail you're still way ahead (except, perhaps, for the space junk).
Radiation hardening
Posted Sep 27, 2013 15:39 UTC (Fri) by Wol (guest, #4433)
[Link]
The other to bear in mind is the steady shrinkage in the size of the die. What you really want is a last-generation processor made using this-generation fabrication.
Let's assume a particle strike causes a 5nm "area of destruction". Do you want that hitting a track that's 10nm wide, or 30nm wide?
In other words, based purely on physical component size, older hardware will be more robust.
Cheers,
Wol
NSEU on the hypervisor?
Posted Sep 19, 2013 14:21 UTC (Thu) by cate (subscriber, #1359)
[Link]
BTW it is the same method (triple hardware instead of radiation-resistant-hardware) used successfully by SpaceX Dragons (see e.g. https://en.wikipedia.org/wiki/Dragon_(spacecraft)#Radiation_tolerance)
NSEU on the hypervisor?
Posted Sep 19, 2013 13:39 UTC (Thu) by kh (subscriber, #19413)
[Link]
I read it as right now they are simulating redundant hardware, but will launch with redundant hardware.
