Full virtualizing micro hypervisor for spacecraft flight computer

Recently partitioning and virtualization techniques for Integrated Modular Avionics (IMA) of aeronautics sector are proposed as the candidate architecture for safety-critical space applications. However, spacecraft software has subtle difference from aeronautic applications. Radiation particles in space environment cause various faults on the spacecraft computer. Requirement for autonomous operation with constrained resources is more stringent in space missions. Once it is launched, no way to refurbish the spacecraft without tremendous cost. These extra properties on top of those of regular aeronautic systems cause large software development cost in spacecraft projects. Summing up, spacecraft software should have real-time property, fault tolerance and efficient resource usage. In this paper, we introduce a hypervisor for spacecraft computer to improve reusability of inherited flight software from previous missions without redevelopment cycle. Fault tolerance is designed into the hypervisor to provide autonomous operation in space. We designed a prototype which is Type-II full virtualized hypervisor with kernel-level ARINC 653 partitioning on a dual-core LEON4-based flight computer for spacecraft. As the guest system, RTEMS-based flight software running on ERC32 flight computer is chosen because it has been used for many recent space missions and its flight software is likely to be reused when multicore LEON4 becomes widely available.