Shutterstock 1041249343 Planetmars Softwarevalidation Hero

Independent Software validation

Our lead in pioneering and building Software Validation Facilities and executing Independent Software Validations stems from many years of participation in joint European space projects.

 

What we do

At Terma, we have participated in the development of the independent verification and validation concepts and in the construction of the corresponding software validation facility. This includes contribution to the ESTEC ISVV Guide.

We have conducted independent verification and validation on a number of missions and projects, including:

  • XMM
  • Envisat
  • Rosetta
  • Smart 1
  • Herchel/Planck (the CDMU software). 

Today more than ever, it is of crucial importance to thoroughly test embedded software and to verify that it will perform as expected prior to launching the spacecraft. The importance of rigorous validation increases as more and more functions are implemented in the control software of the satellites.

Therefore, a final test by an independent organization is indispensable in ensuring the correct performance of the software and to ascertain that the software will not jeopardize the mission or cause unacceptable spacecraft behavior. This has to cover both static analysis of the software and dynamic test of time-critical situations. 

The SVF includes an extensive tool kit to simulate the surrounding environment. Also included are tools for configuration management, patch preparation for maintenance, and the associated software development environment.

In the SVF, the software is embedded in dynamic system simulations allowing the realistic reproduction of a flight scenario. The software is subsequently executed to substantiate that no failures occur that would be detrimental to an acceptable system performance.

We are a specialist and market leader in providing tools for software validation and verification. Thus, we have developed the necessary SVF for a range of ESA satellite projects. At Terma, we pioneered the development of the methodology that is now standard for all ESA science and Earth observation missions. 

Mars Express - copyright ESA ESA - D. Ducros
Atmosphere and climate

Mars Express

We have developed and used Software Validation Facilities (SVFs) for the Mars Express mission
The Mars Express Mission

Software Validation Facilities

Software Validation Facilities comprise facilities to examine software execution in its target processor environment. The activities include features to support debugging and analysis of software performance. Software Validation Facilities are especially developed to support independent validation of embedded software.

The independent validation and certification process of software requires elaborate facilities to examine the software execution in its target processor environment. The aim is to ensure that software performance will not lead to unacceptable system behavior in terms of mission criticality.

Within Terma's Software Validation Facilities, it is possible to test the robustness of flight software in scenarios that would be costly or potentially dangerous as part of an exhaustive test program.

For these purposes, we have, at Terma, developed and used Software Validation Facilities (SVFs) for a range of satellite projects.

We have provided SVFs to a variety of ESA missions, including:

  • Herschel/Planck
  • Mars Express
  • XMM
  • Integral
  • Rosetta
  • Metop
  • Envisat

Software Validation Facility systems offer simulated real-time performance with one-clock-cycle time resolution. This feature ensures a fully correct timing relation between the on-board software under test and its environment. Thus, it is possible, functionally and timing-wise, to simulate accurately the behavior of any complex device.

Together with the prime contractor, we define a number of scenarios that may potentially lead to mission failure. They may be derived top down from operational situations, or they may be defined bottom up from perceived software or subsystem failures.

In the SVF, the software is embedded in dynamic system simulations allowing the realistic reproduction of a flight scenario. The software is subsequently executed to substantiate that no failures occur that would be detrimental to an acceptable system performance. 

Functionality

An SVF configuration is highly flexible, consisting of a Sun Unix work station and a VME crate hosting one or more target emulator boards. The two are connected via a bus coupler kit, consisting of a special VME board mounted in the VME crate, an Sbus card mounted in the workstation, and a cable connecting the two. 

An SVF may be located conveniently and used in a normal office environment. With the Sun work station connected to a network, it may also be used remotely, utilizing normal Unix facilities such as remote login, remote X11 display, etc.

The basic part of the SVF host software consists of three Unix processes: the generic process "Target Emulator Server" which encapsulates and synchronizes all target emulator access, the main user control interface "User", and the environment simulation control interface "EnvSim".

Need more details?

Then download our solution materials

Want to learn more?

If you have any questions about Software validation, please get in touch with our expert.

HHB

Director, Sales and Marketing

Hans Henrik Bonde

+45 4594 9611

hhb@terma.com