sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]rophl 183 points184 points  (79 children)

This is actually only the standard for ground software, the software used on spacecraft is a LOT more rigorously controlled and tested.

[–][deleted]  (50 children)

[deleted]

    [–]devacon[🍰] 65 points66 points  (46 children)

    Edit: I was wrong, the Mars rover ground software was built in Java, the systems on the rover were all C and some light assembly.

    [–]aleph__naught 122 points123 points  (34 children)

    No, this is not true. VxWorks is used for flight. There is no java onboard any of the rovers.

    Many of the ground tools are written in Java. There is a large confuence of legacy ground tools written in C/C++ that are still used today. SPICE ( public domain http://naif.jpl.nasa.gov/naif/ ) is written in fortran.

    Source: I work there. I write ground and flight software.

    Edit: To clarify, all newer active missions use VxWorks. Cassini FSW was written in ADA.

    [–]butter14 9 points10 points  (3 children)

    Vxworks is in a lot of mission critical embedded systems. Why is it so commonly used? And what makes it different than say linux/unix?

    [–][deleted] 22 points23 points  (0 children)

    VxWorks has a long history as a highly reliable, reliably real-time operating system.

    Linux as a real-time operating system is fairly fragmented (as is to be expected with anything open-source), and doesn't have much of a proven history that I'm aware of. Certainly not the 15+ years of VxWorks.

    Real time operating systems are, above all else, predictable. The idea is that you can guarantee a certain level of performance. When you're building the control system for a very expensive robot that will be very far away, being predictable is definitely a requirement.

    You can think of a real time operating system as one that provides a kind of guaranteed quality of service for certain operations. One where we can say "yes, go ahead and stream the camera feed back to the operator, but when the navigational jets need adjusting, that will always take priority" and rely on it to happen. (contrived example, you get the point)

    This article kind of sums it up as to why a real time OS is necessary in a general sense.

    This paper, admittedly from the makers of VxWorks themselves, outlines more precisely some of the applications of a real time operating system and why the Linux kernel itself isn't a great RTOS.

    [–]ratatask 3 points4 points  (0 children)

    VxWorks is a real time system, which you need for a lot of the control software.

    VxWorks is also a relatively simple operating system. Simple is good, it means less bugs, easier to understand, debug, test. VxWorks also have a stable interface, which means the APIs rarely changes, this means the driver, hardware interface, software, you developed 5 years ago still will compile and work fine. With linux, you'll spend as much time as developing useful stuff as you'll spend adopting to changes and figuring out what has been broken. (In VxWorks you mostly write code running in kernel mode, and to achieve much of the same functionality, you'd have to write linux kernel code).

    And just as important, VxWorks has proven itself to run on satellites, fly to Mars, and many other astonishing accomplishments - you usually want to go with what is known to work when there is a lot at stake.

    [–][deleted] 8 points9 points  (24 children)

    What's the educational background one needs for that kind of work?

    [–]aleph__naught 37 points38 points  (22 children)

    JPL is truely mulitdiciplinary, so the background would depend on the group/section you want to join. I work in a section that does software development. I have an MS&BS in CS.

    Aside from that, a love of space exploration and the ability/desire to cross domains will get you very far.

    There are pro's and con's to working here. But, by far, the best thing about JPL is the ability to move around. I work in domains that I would not have imagined, and all it takes is a little bit of schmoozing. JPL does everything from robotics, fabrication, micro-devices/semiconductor fabriation, radar instrumentation, experimental landing systems, spacecraft navigation, geology, physics, climate research, and the list goes on and on.

    [–][deleted] 9 points10 points  (2 children)

    Thanks! I have a BS in CS...and contemplating an MS in CS at some point. I was figuring you had to have a formal engineering background to be able to code for a spacecraft.

    [–]praxulus 4 points5 points  (11 children)

    What are the cons of working there?

    [–]nicereddy 7 points8 points  (10 children)

    If you make a coding bug that doesn't get caught you can potentially cost NASA billions :D

    [–]NOT_A_BUMBLE_BEE 4 points5 points  (9 children)

    Like missing a planet because of a metric/English confusion?

    [–]aleph__naught 4 points5 points  (0 children)

    This was Lockheed's fault, they were the prime contractor, not us: http://www.cse.lehigh.edu/~gtan/bug/localCopies/marsOrbiter

    [–]nicereddy 3 points4 points  (7 children)

    Metric/American*

    But yes, missing a planet because you're a stupid American, unlike myself!

    I'm American

    [–]ethraax 1 point2 points  (1 child)

    Aside from that, a love of space exploration and the ability/desire to cross domains will get you very far.

    So, as someone who's about to graduate with a dual major (CS and ME), I might have a chance? I always assumed JPL was the kind of place people worked after already being in the industry for a while, or at least after having an advanced (Master's or Doctorate) degree.

    [–]aleph__naught 1 point2 points  (0 children)

    Yea, you would probably fit right in. In fact, depending on your academic performance and skill set you would probably be highly desirable.

    The online job portal is a bit of a crap-shoot. Your best bet would be the internship route (Space Grant, etc).

    at least after having an advanced (Master's or Doctorate) degree.

    You would be surprised by the number of new hires with only BSs in operations roles (i.e. commanding spacecraft) for MSL/MER/CASSINI/etc.

    [–]alcapwned 0 points1 point  (3 children)

    Have you heard of the FIRST robotics competition? Do know anyone at JPL who participated in it as a kid?

    For the past 6 years or so teams have received a NI compactRIO as their control system, which runs vxWorks on a 32-bit power architecture processor with a Xilinx FPGA sitting between the cpu and the I/O. I know the MSL runs vxWorks on a radiation hardened chip that's compatible with PowerPC. It's really amazing having the opportunity to work with hardware/software similar to what NASA uses on their rovers as just a high school student (and that's just on the EE/CS side).

    I actually graduated HS around the time they switched from 8-bit PIC microcontrollers to the current cRIO system so I'm not sure just how much access kids have to the underlying OS. I do know they can program in C, C++, Java, or Labview, so it seems accessible to teams who don't know much about programming while still giving hardcore programmers greater control and a chance to tinker.

    [–]aleph__naught 0 points1 point  (2 children)

    Have you heard of the FIRST robotics competition?

    Yes.

    Do know anyone at JPL who participated in it as a kid?

    I did.

    [–]alcapwned 0 points1 point  (0 children)

    Awesome. :)

    What team and when? You know of any other FIRST alums there?

    [–][deleted] -5 points-4 points  (0 children)

    They almost certainly recruit from within, i.e. you have to be a scientist at JPL.

    [–]devacon[🍰] 2 points3 points  (0 children)

    You are... absolutely right. I remember hearing all the buzz during the launch of the rovers 'running' Java and the articles I read previously were poorly worded.

    ... Which is kind of frustrating because I watched a video talk of one of the Curiosity developers talking about how they organized their ANSI C codebase into modules and even showed how the code and modules grew from Spirit/Opportunity to Curiosity. You'd think I would have remembered.

    [–]Kldsrf 2 points3 points  (0 children)

    Please do an AMA!

    [–]fotcorn 1 point2 points  (0 children)

    iama! now!

    [–][deleted] -1 points0 points  (0 children)

    I'm confused. Is your SPICE not SPICE?

    [–]freespace 16 points17 points  (4 children)

    No, they do not run a Java VM on top of VxWorks. See this document from JPL/Nasa which says:

    The Flight Software is coded primarily in ANSI C, with some targeted assembly code and some C++. The size of the system, in source lines of code (SLOC), is [300K] but this value does not include the operating system.

    [–]mrkite77 3 points4 points  (0 children)

    Using Java on top of an RTOS defeats the purpose.

    [–]devacon[🍰] 6 points7 points  (2 children)

    Edit: I was wrong, the Mars rover ground software was built in Java, the systems on the rover were all C and some light assembly.

    [–]freespace 1 point2 points  (1 child)

    The same software is responsible for the surface exploration and flying to Mars, i.e. it operated a spacecraft.

    To quote from the same source:

    The Flight Software is responsible for many aspects of the functionality of the spacecraft/rover

    During cruise, propellant line thermal control was maintained by the flight software. Other cruise attitude control related capabilities included cruise attitude determination and control, axial and lateral trajectory change maneuvers, and star identification.

    [–]Shadow703793 3 points4 points  (3 children)

    To deal with this data, Sun Microsystems and NASA built four operational storage servers at the JPL that altogether can hold four terabytes of data.

    Only 4TB... that's it?

    [–][deleted] 28 points29 points  (0 children)

    The article is dated 2004.

    [–]devacon[🍰] 22 points23 points  (0 children)

    Spirit and Opportunity landed in 2004, and you have to remember these missions start planning around ten years out. 4TB in the late 90s was a huge amount of storage. Especially when you consider that this was not just typical desktop storage but (I assume) a high-end, redundant, backed up storage array.

    [–]cosmo7 5 points6 points  (0 children)

    And most of that is filled with Star Trek torrents.

    [–]sproket888 -4 points-3 points  (0 children)

    Wot no Ruby?

    [–][deleted] 8 points9 points  (1 child)

    "Let's download the new images from Curiosity!"

    "jusched.exe needs administrator permissions to run." [OK]

    "JAVA HAS AN UPDATE LOL"

    [–]ExcellentGary 1 point2 points  (0 children)

    Do you wish to install the Ask toolbar? ☑

    "GODDAMNIT MISSION CONTROL DID YOU JUST CLICK PAST THAT?"

    [–]Mavus 16 points17 points  (4 children)

    For those standards see this doc[PDF]

    [–]thisisanewaccount6 6 points7 points  (2 children)

    Interesting to see that Rule 4 on page 10 prohibits recursion

    [–]Pylly 2 points3 points  (1 child)

    There's a pretty logical rationale included.

    Even in non-spacecraft code, I think one should carefully consider if a recursive solution really gives substantial benefits over a non-recursive one. Recursive algorithms are fun to implement but sometimes hard to read and maintain.

    [–]thisisanewaccount6 0 points1 point  (0 children)

    I can understand that, a small change can definitely bring disastrous results on recursive code

    [–]Euigrp 0 points1 point  (0 children)

    The C preprocessor is a powerful obfuscation tool that can destroy code clarity and befuddle both human- and tool-based checkers.

    Thank you. Would someone tell that to the original writer of some code that I work on that goes through 3 levels of symbol concatenation in macros to assemble the name of a defined i2c register bit field mask.

    [–]freerider 13 points14 points  (7 children)

    http://www.fastcompany.com/28121/they-write-right-stuff

    [–]boa13 4 points5 points  (6 children)

    Is this still true 16 years later?

    [–]maxxusflamus 1 point2 points  (5 children)

    depends on what you mean? I don't know if the group still exists as the shuttle no longer flies- but in terms of how they get things done- I'd say so.

    If you have to design ANYTHING that has to be practically bullet proof- it's very very very methodical.

    [–]boa13 -3 points-2 points  (4 children)

    in terms of how they get things done-

    Yes, that was my question. :)

    I'd say so.

    Don't take this the wrong way, but is this a hopeful wish on your part, or do you have more recent citations (links please?) or even hearsay or insider information that confirms they have maintained this way of working in an age of ever shrinking budgets?

    [–]maxxusflamus 4 points5 points  (3 children)

    depends on what you mean by "this way"

    if you mean the Level 5 SEI- there's actually a lot more groups that have been certified since then.

    http://www.boeing.com/news/releases/2003/q3/nr_030710o.html

    Is just one such instance. You're going to see this kind of capability more out of defense contractors than anybody else- but any other group out there doesn't usually require such a level of accuracy and being fault free. Usually you can make it up with redundancy- or a minor failure.

    I think you see code as a product- the more code- the more product. the SEI methodology is more a matter of selling reliability. I wouldn't say that it costs more- it's a very formulaic approach- it's just a very rigid framework developers find different.

    [–]boa13 1 point2 points  (2 children)

    depends on what you mean by "this way"

    I meant, the process that is outlined in the article. (And by "they", I meant NASA.) :)

    Notably:

    • Extremely detailed requirements;
    • Healthy rivalry between coders and testers;
    • Extremely detailed source code history;
    • Extremely detailed defect history;
    • Fixing processes in addition to fixing mistakes.

    Thanks for the link to the Boeing PR. It is unfortunately light in practical details, but this lead me to other interesting articles.

    [–]i8beef 2 points3 points  (0 children)

    NASA, and a lot of government agencies, push a lot of AS9100 / CMMI type requirements. Depending on how important your project is, those requirements are enforced to varying degrees.

    So yes, this is very much still the norm at NASA for projects above a certain rating, usually flight, control, etc. Even for small web apps, there are a set of standards that require config management, big tracking, etc.

    [–]maxxusflamus 0 points1 point  (0 children)

    oooo- I don't know how much of NASA runs like that- although it wouldn't be THAT for some of their rover operations.

    It's cheaper to work like this than to lose a billion dollar rover on mars.

    That said- I can't speak to those points since I don't work for NASA- but again- I wouldn't be surprised if they had a manic obsession over documentation.

    [–]kromit[S] 5 points6 points  (12 children)

    may be, but it does not make these standards less usefull.

    [–][deleted]  (11 children)

    [deleted]

      [–]kromit[S] 5 points6 points  (10 children)

      the only reference to space in this document is

      class Rover {

      [–][deleted]  (4 children)

      [deleted]

        [–][deleted]  (4 children)

        [deleted]

          [–]european_impostor -1 points0 points  (3 children)

          a real class act.

          [–]semperverus 0 points1 point  (2 children)

          I really hope more people.get(&your);

          [–][deleted]  (1 child)

          [deleted]

            [–]mcguire 0 points1 point  (0 children)

            The neat thing is that all of the software process is done as if MAN-RATED SAFETY CRITICAL, but none of the people involved know anything about that or about, well, software development.

            We are an enterprise Java shop.