Designed to operate up to 490 million kilometres away from Earth and withstanding four years of harsh radiation exposure, Hera’s computer must run smoothly without locking up or crashing – on pain of mission failure – while pushing the limits of onboard autonomy.
Development of the Hera mission for planetary defence is taking place across Europe, to finalise a ready-to-build design to present to Europe’s space ministers at the Space19+ Ministerial Council this November. Hera’s onboard computer is being overseen by QinetiQ Space in Belgium, also the makers of the Proba family of technology-testing mini-satellites.
Peter Holsters of QinetiQ Space explained, "A popular analogy is that if a satellite’s platform is like a bus – with the science-generating payloads like passengers on its seats – then the onboard computer is the driver of the bus. It is the brain of the entire mission, co-ordinating and operating the various onboard systems and payloads."
==
==
The challenge is that this particular onboard computer will be operating much further away than a typical mission in Earth orbit. In order to intercept the Didymos pair of near-Earth asteroids, the desk-sized spacecraft will be venturing beyond the orbit of Mars.
Holsters added, "Going so far away means operating in a different radiation environment for a start, which requires very careful component selection as well as specific software strategies."
Beyond the protection of Earth’s magnetic field, space is riddled with charged particles from the wider cosmos, as well as solar storms from our own sun. These particles are energetic enough to pass through surface shielding to ‘flip’ individual memory bits – potentially corrupting computer memory – or do permanent damage called ‘latch-ups’, equivalent to tiny short circuits.
As for all deep-space missions, support from ground control will be constrained as well. The sheer distance involved means that real-time control will not be feasible. Hera’s computer will be capable of making many of its own decisions.
PROMOTED CONTENT
In addition, in the complex double asteroid environment of Didymos, switching into safe mode during critical close-proximity operations must be avoided.
"In Earth orbit a mission’s computer going into safe mode is no big deal – the satellite itself is not going anywhere, there’s time to reconfigure it. But in deep space, with big asteroids whirling around, any recovery from failure will have to be done autonomously, and as quickly as possible," Holsters said.
"Our benchmark for Hera is that reconfiguration from any computer failure should be extremely fast, a matter of 10 to 20 seconds."
Hera’s computer will run on a powerful dual-core LEON-3 processor – part of a family of ESA-developed microprocessors for space. Its overall design is developed from the ADPMS – Advanced Data and Power Management System – computer flown on Proba-2, Proba-V and the forthcoming Proba-3 mini-satellites. This computer has demonstrated more than 15 years of in-orbit operations with very high reliability.
"Currently, we are qualifying the redundancy and fast switch-over time element of the design. This testing is allowing us to demonstrate all relevant functioning that Hera needs, so once the decision is made to fly the mission then we will be ready," Holsters said.
Receive the latest developments and updates on Australia’s space industry direct to your inbox. Subscribe today to Space Connect here.
