Displaying HTML Interfaces And Managing Network Nodes… In Space!

June 8, 2020 by Roger Cheng 44 Comments

The touchscreen interface aboard SpaceX Crew Dragon is just one of its many differences from past space vehicles, but those big screens make an outsized visual impact. Gone are panels filled with indicator needles in gauges, or endless rows of toggle switches. It looked much like web interaction on everyday tablets for good reason: what we see is HTML and JavaScript rendered by the same software core underlying Google’s Chrome browser. This and many other details were covered in a Reddit Ask Me Anything with members of the SpaceX software team.

Various outlets have mentioned Chromium in this context, but without answering the obvious follow-up question: how deep does Chromium go? In this AMA we learn it does not go very deep at all. Chromium is only the UI rendering engine, their fault tolerant flight software interaction is elsewhere. Components such as Chromium are isolated to help keep system behavior predictable, so a frozen tab won’t crash the capsule. Somewhat surprisingly they don’t use a specialized real-time operating system, but instead a lightly customized Linux built with PREEMPT_RT patches for better real-time behavior.

In addition to Falcon rocket and Dragon capsule, this AMA also covered software work for Starlink which offered interesting contrasts in design tradeoffs. Because there are so many satellites (and even more being launched) loss of individual spacecraft is not a mission failure. This gives them elbow room for rapid iteration, treating the constellation more like racks of servers in a datacenter instead of typical satellite operations. Where the Crew Dragon code has been frozen for several months, Starlink code is updated rapidly. Quickly enough that by the time newly launched Starlink satellites reach orbit, their code has usually fallen behind the rest of the constellation.

Finally there are a few scattered answers outside of space bound code. Their ground support displays (visible in Hawthorne mission control room) are built with LabVIEW. They also confirmed that contrary to some claims, the SpaceX ISS docking simulator isn’t actually running the same code as Crew Dragon. Ah well.

Anyone interested in what it takes to write software for space would enjoy reading through these and other details in the AMA. And since it had a convenient side effect of serving as a recruiting event, there are plenty of invitations to apply if anyone has ambitions to join the team. We certainly can’t deny the attraction of helping to write the next chapter in human spaceflight.

[Photo credit: SpaceX]

NASA’s Long-Delayed Return To Human Spaceflight

June 1, 2020 by Tom Nardi 55 Comments

With the launch of the SpaceX Demo-2 mission, the United States has achieved something it hasn’t done in nearly a decade: put a human into low Earth orbit with a domestic booster and vehicle. It was a lapse in capability that stretched on far longer than anyone inside or outside of NASA could have imagined. Through a series of delays and program cancellations, the same agency that put boot prints on the Moon and built the iconic Space Shuttle had been forced to rely on Russia to carry its astronauts into space since 2011.

NASA would still be waiting to launch its own astronauts had they relied on America’s traditional aerospace giants to get the job done. The inaugural flight of the Boeing CST-100 “Starliner” to the International Space Station in December was an embarrassing failure that came perilously close to losing the unmanned capsule. A later investigation found that sloppy software development and inconsistent testing had caused at least two major failures during the mission, which ultimately had to be cut short as the vehicle couldn’t even reach the altitude of the ISS, to say nothing of making a docking attempt. NASA and Boeing have since agreed to attempt another test of the CST-100 sometime before the end of the year, though a delay into 2021 seems almost inevitable due to the global pandemic.

But America’s slow return to human spaceflight can’t be blamed on the CST-100, or even Boeing, for that matter. Since the retirement of the Space Shuttle, NASA has been hindered by politics and indecisiveness. With a constantly evolving mandate from the White House, the agency’s human spaceflight program has struggled to make significant progress towards any one goal.

Continue reading “NASA’s Long-Delayed Return To Human Spaceflight” →

A SpaceX Falcon 9 Will Blow Up Very Soon, And That’s OK

January 16, 2020 by Tom Nardi 27 Comments

They say you can’t make an omelette without breaking a few eggs, and there are few fields where this idiom is better exemplified than rocketry. It’s a forgone conclusion that when you develop a new booster, at least a few test articles are going to be destroyed in the process. In fact, some argue that a program that doesn’t push the hardware to the breaking point is a program that’s not testing aggressively enough.

Which is why, assuming everything goes according to plan, SpaceX will be obliterating one of their Falcon 9 boosters a little after 8:00 AM EST on Saturday morning. The event will be broadcast live via the Internet, and thanks to the roughly 70% propellant load it will be carrying at the moment of its destruction, it should prove to be quite a show.

This might seem like an odd way to spend $62 million, but for SpaceX, it’s worth it to know that the Crew Dragon Launch Abort System (LES) will work under actual flight conditions. The LES has already been successfully tested once, but that was on the ground and from a standstill. It allowed engineers to see how the system would behave should an abort occur while the rocket was still on the pad, but as the loss of the Soyuz MS-10 dramatically demonstrated, astronauts may need to make a timely exit from a rocket that’s already well on the way to space.

In an actual emergency, the crewed spacecraft will very likely be speeding away from a violent explosion and rapidly expanding cloud of shrapnel. The complete destruction of the Falcon 9 that will be carrying the Crew Dragon during Saturday’s test will serve to create the same sort of conditions the spacecraft will need to survive if the LES has any hope of bringing the crew home safely. So even if there was some way to prevent the booster from breaking up during the test, it’s more useful from an engineering standpoint to destroy it.

Of course, that only explains why the Falcon 9 will be destroyed during this test. But exactly how this properly functioning booster will find itself being ripped to pieces high over the Atlantic Ocean in a matter of seconds is an equally interesting question.

Continue reading “A SpaceX Falcon 9 Will Blow Up Very Soon, And That’s OK” →

SpaceX Clips Dragon’s Wings After Investigation

August 5, 2019 by Tom Nardi 120 Comments

When the SpaceX Dragon spacecraft reached orbit for the first time in 2010, it was a historic achievement. But to qualify for NASA’s Commercial Orbital Transportation Services (COTS) program, the capsule also needed to demonstrate that it could return safely to Earth. Its predecessor, the Space Shuttle, had wings that let it glide home and land like a plane. But in returning to the classic capsule design of earlier spacecraft, SpaceX was forced to rely on a technique not used by American spacecraft since the 1970s: parachutes and an ocean splashdown.

The Dragon’s descent under parachute, splashdown, and subsequent successful recovery paved the way for SpaceX to begin a series of resupply missions to the International Space Station that continue to this day. But not everyone at SpaceX was satisfied with their 21st century spacecraft having to perform such an anachronistic landing. At a post-mission press conference, CEO Elon Musk told those in attendance that eventually the Dragon would be able to make a pinpoint touchdown using thrusters and deployable landing gear:

The architecture that you observed today is obviously similar to what was employed in the Apollo era, but the next generation Dragon, the Crew Dragon, we’re actually going to be aiming for a propulsive landing with gear. We’ll still have the parachutes as a backup, but it’s going to be a precision landing, you could literally land on something the size of a helipad propulsively with gear, refuel, and take off again.

But just shy of a decade later, the violent explosion of the first space worthy Crew Dragon has become the final nail in the coffin for Elon’s dream of manned space capsules landing like helicopters. In truth, the future of this particular capability was already looking quite dim given NASA’s preference for a more pragmatic approach to returning their astronauts from space. But Crew Dragon design changes slated to be implemented in light of findings made during the accident report will all but completely remove the possibility of Dragon ever performing a propulsive landing.

Continue reading “SpaceX Clips Dragon’s Wings After Investigation” →

New Space Abort Systems Go Back To The Future

July 15, 2019 by Tom Nardi 26 Comments

Throughout the history of America’s human spaceflight program, there’s been an alternating pattern in regards to abort systems. From Alan Shepard’s first flight in 1961 on, every Mercury capsule was equipped with a Launch Escape System (LES) tower that could pull the spacecraft away from a malfunctioning rocket. But by the first operational flight of the Gemini program in 1965, the LES tower had been deleted in favor of ejection seats. Just three years later, the LES tower returned for the first manned flight of the Apollo program.

With the Space Shuttle, things got more complicated. There was no safe way to separate the Orbiter from the rest of the stack, so when Columbia made its first test flight in 1981, NASA returned again to ejection seats, this time pulled from an SR-71 Blackbird. But once flight tests were complete, the ejector seats were removed; leaving Columbia and all subsequent Orbiters without any form of LES. At the time, NASA believed the Space Shuttle was so reliable that there was no need for an emergency escape system.

It took the loss of Challenger and her crew in 1986 to prove NASA had made a grave error in judgment, but by then, it was too late. Changes were made to the Shuttle in the wake of the accident investigation, but escape during powered flight was still impossible. While a LES would not have saved the crew of Columbia in 2003, another seven lives lost aboard the fundamentally flawed Orbiter played a large part in President George W. Bush’s decision to begin winding down the Shuttle program.

In the post-Shuttle era, NASA has made it clear that maintaining abort capability from liftoff to orbital insertion is a critical requirement. Their own Orion spacecraft has this ability, and they demand the same from commercial partners such as SpaceX and Boeing. But while all three vehicles are absolutely bristling with high-tech wizardry, their abort systems are not far removed from what we were using in the 1960’s.

Let’s take a look at the Launch Escape Systems for America’s next three capsules, and see where historical experience helped guide the design of these state-of-the-art spacecraft.

Continue reading “New Space Abort Systems Go Back To The Future” →