Batteries in Space [article]

Erik Ramsgaard Wognsen
2016 Ph.d.-serien for Det Teknisk-Naturvidenskabelige Fakultet, Aalborg Universitet  
Satellites provide humanity with many useful services, but for the services to work reliably, satellites must be carefully designed, programmed and verified. Formal methods provide many techniques to analyze, check, prove, and synthesize systems. But in addition to correctness we are also interested in energy and how it is used. This thesis follows the transition of formal methods research into quantitative territory. Energy is scarce in space, so to get the most out of the satellites we have
more » ... ent large sums to place in orbit, we must also understand how they use energy. We treat three topics, starting with batteries. We show that precise modeling of battery behavior in the context of formal methods enables more efficient operation without extensive safety margins, and that battery-aware scheduling can reduce energy waste. On the other hand, pushing a battery to the limit to provide optimal short term performance reduces long term battery life over hundreds of recharge cycles. We provide a method to evaluate the long term effect of proposed usage profiles on the battery and weigh them against the benefit of the increased short term performance. The second topic concerns the actual energy use in satellite equipment such as radio transceivers. Many electronic circuits and computations can be expressed as dataflow graphs. First we show how a translation of dataflow graphs to priced timed automata enables the use of cost-optimal reachability algorithms to perform energy-optimal scheduling, and how this can be used to study trade-offs between time and energy. For the specific dataflow formalism finite-state machine-based scenario-aware dataflow, we develop a systematic translation to timed automata such that general properties of the dataflow graphs can be model checked. The final topic is the correct operation of computer processors in space. We formalize a realistic low-level assembly language and show how programs in it can be modified to guarantee detection of computation errors caused by transient bit errors in data registers, thus making satellite software more resilient to high-energy particles found outside our atmosphere as well as aggressive power saving techniques. iii
doi:10.5278/vbn.phd.engsci.00072 fatcat:jpclsc7jazhinmnn3wfrjissx4