Linux on a Small Satellite

The Department of Defense (DoD) Office of Force Transformation (OFT) approached the Naval Research Laboratory (NRL) with an opportunity to build and launch a micro-satellite, of the 100-kilogram class, to provide a platform for a host of technology and operational experiments. A key challenge posed to the Laboratory by OFT was to build this capability in less than one year. Bringing this first TacSat vision together required the development of new partnerships and methods as well as the leveraging of existing hardware, software and facilities.

Figure 1. TacSat-1 Spacecraft, Solar Arrays Deployed, Nadir (Earth-Facing) Side Facing Up

Copperfield-2, a sensor system developed by the author's team for the Navy, became the cornerstone of the TacSat-1 payload infrastructure. The Copperfield-2 sensor system (Figure 2) originally was designed for use on unmanned aerial vehicles (UAVs)—a good match for adaptation to a space mission, as many of the design requirements are similar.

A satellite bus can be thought of as the spacecraft vehicle. It provides the physical and electrical infrastructure to support the payload. The satellite payload is the sensor or experiment being carried by the bus. TacSat-1 used a bus originally designed for use in the ORBCOMM constellation of small communications satellites. If Copperfield-2 was flown on an aircraft or UAV, that platform would serve as a bus, providing infrastructure to the payload.

Figure 2. TacSat-1 Copperfield-2 Payload Block Diagram

The first hardware version of the Copperfield payload was designed from legacy hardware systems and was adapted to allow the original hardware to operate through an Ethernet-connected TCP/IP interface. When trades were made before designing the second-generation experimental capability, various bus standards, commercial off-the-shelf (COTS) emerging capabilities and other factors were considered. We decided to pursue a 3U CompactPCI architecture to allow maximum flexibility of the physical form factor (Figure 3). However, we decided to use a custom PCI motherboard so the CompactPCI user-defined P2 connector pins could be used for our own purposes. This results in a motherboard with slots that support our custom-designed hardware, slots that support COTS Ethernet switch cards and slots that can accommodate cards built to the PXI standard. The resulting architecture blends standard CompactPCI with Ethernet connectivity available by way of the P2 backplane.

Figure 3. TacSat-1 Copperfield-2 CompactPCI Cardset and Chassis

Few satellite programs have the latitude or the ability to take the risks that the TacSat-1 experiment has. The TacSat-1 experiment allows innovative leveraging of both government off-the-shelf (GOTS) and COTS hardware components, as well as novel approaches to creating payload software that provide maximum flexibility and standards-based operation. The risk philosophy allowed the utilization of a modular payload hardware. Identically, a modular software and communication system was expanded for TacSat-1, extending the role of standards-based open-source software such that it provides reusable software infrastructure suitable for flexible command and control of the TacSat-1 payload.

The Copperfield-2 payload architecture was intended to provide as much flexibility as possible. It is a testament to the flexibility of the architecture that extension of the UAV payload to a space application was possible. Because the payload software components are not space-flight critical, meaning the health and safety of the spacecraft does not depend on its reliability, much of the software can be leveraged across air and space platforms.

From the beginning of Copperfield-2 development, it was our desire to capitalize on the momentum, capability and availability of Linux source code. With the development of the processor card with its PowerPC PowerQuicc II, the hardware infrastructure was in place to support a robust embedded system. The accessibility of source was a paramount feature that allowed us to recover from various situations we encountered, including board layout errors. Although the board design was made to look similar to the Motorola reference design—MPC8620ADS-PCI, which no longer is available—some ambiguities, hardware limitations and other issues necessitated changes to the kernel.

When TacSat-1 development began, many seasoned veterans questioned the choice of Linux as host to the payload control software. Proprietary real-time operating systems typically have been used for space systems developed at NRL. During the architectural design process, no hard real-time requirements were discovered, revalidating the original choice of Linux for Copperfield-2 and, thus, also for TacSat-1.

Beyond the tweaks necessary to get Linux working correctly with our hardware, only three device drivers were written—one to support the sensor data format; one to interface with the Xilinx SystemAce, a CompactFlash interface device that can be used to load FPGAs and also be used for OS storage; and one on the PowerPC 823 HSI interface box communicating with the FPGA. Due to the large Xilinx Virtex-II mapped to the memory space of our PowerPC processor, some innovation was required to handle device driver development in the face of changing FPGA designs. Don Kremer at Aeronix developed a series of utilities that can read Verilog source files and create myriad macros, C code and even HTML documentation that allow the Verilog hardware specification essentially to write the majority of the necessary drivers.