ExoMars - Schiaparelli landing - Unmanned Spaceflight.com

ExoMars - Schiaparelli landing

Options

Phil Stooke

Aug 12 2016, 07:07 PM

Post #1

Solar System Cartographer

Group: Members
Posts: 10170
Joined: 5-April 05
From: Canada
Member No.: 227

Starting a new topic here - hopefully that's OK! Clearly there will be a lot of action around this in the next weeks and months with descent images and HiRISE views of the hardware.

I thought I had posted this map earlier but apparently not. This shows the various landing ellipses in this area. The original plan was for an ellipse oriented NW-SE, but it changed with the different launch date and is now nearly E-W. Note that the ellipse shown in the recent ESA release is the envelope of all ellipses over a given launch period, but the actual landing ellipse for the given launch date is smaller. Opportunity's final landing ellipse is shown for comparison.

http://exploration.esa.int/mars/57445-exom...6-landing-site/

http://exploration.esa.int/mars/57446-exom...6-landing-site/

Phil

--------------------

... because the Solar System ain't gonna map itself.

Also to be found posting similar content on https://mastodon.social/@PhilStooke
Maps for download (free PD: https://upload.wikimedia.org/wikipedia/comm...Cartography.pdf
NOTE: everything created by me which I post on UMSF is considered to be in the public domain (NOT CC, public domain)

Replies

Gerald View Member Profile	Oct 26 2016, 08:10 AM Post #2
Senior Member Group: Members Posts: 2346 Joined: 7-December 12 Member No.: 6780	Those event-triggered multi-threading systems are very hard to test and debug. There may have been set a timer, which triggers the thruster shut-down if some event hasn't occurred within this time. If, for example the velocitiy variable is initialized with zero, and adjusted by the radar after an assumed time, a delayed setting of the variable may return standstill, although the variable simply hasn't been set. This could be resolved to some degree by adding an invalid flag. But how should the system behave in case of an invalid variable? Default would still be thrusters off, since waiting too long near ground with thrusters on would prevent a landing, and thrusters on during flight would be wrong, too. There are certainly thousands of possible errors of this kind you don't see in a fixed set of simulations. With the actual data, they can now set-up a new series of unit tests to get closer to real conditions near Mars. And once the error is nailed down, some will certainly say, that this could have been known before. But before the real-world test, finding a needle in a haystack is much easier. I'm wondering now, whether another test with a low-cost lander should be performed, or if the expensive payload should be risked without a prior fully accomplished landing test.

mcaplinger View Member Profile	Oct 26 2016, 02:17 PM Post #3
Senior Member Group: Members Posts: 2517 Joined: 13-September 05 Member No.: 497	QUOTE (Gerald @ Oct 26 2016, 12:10 AM) Those event-triggered multi-threading systems are very hard to test and debug. A sensible designer would never use such a structure for a flight control application. There have been well-understood flight control algorithms in use for almost 50 years that can be tested. Note that Viking landed on Mars with a very simple computer the very first time. http://history.nasa.gov/computers/Ch5-6.html -------------------- Disclaimer: This post is based on public information only. Any opinions are my own.

JRehling View Member Profile	Oct 26 2016, 06:46 PM Post #4
Senior Member Group: Members Posts: 2530 Joined: 20-April 05 Member No.: 321	Just to clarify on the question of proving computer program correctness… In the study of formal program verification, one seeks a mathematical-style proof that a program will correctly meet the formal requirements that are defined. This is, as was noted, quite hard to do for complex systems. Moreover, a program that is proven correct may be part of a failing system because the formal requirements are not an accurate statement of the real world application. For example, an airplane autopilot program that assumed that winds are always under 10km/hour might be proven logically correct, but lead to immediate failure because the real world has winds higher than that. I doubt if any spacecraft failures take place because an algorithm could have been proven correct in the above sense, but the effort to prove it was not made or was not tractable in a computational sense. It's far more likely that ignorance, oversight, or negligence would arise in defining the formal requirements or – more likely still – the notion of proving an algorithm correct in the formal sense was never part of the development process in the first place, for the very good reason that it's usually not tractable for complex systems. Formal program verification, as the literature defines it, is not a part of any software development process that I've been around. I'd liken it to a doctor trying to use the periodic table of elements to diagnose a patient's illness. Technically, an illness pertains to how your atoms are arranged, but that's not a useful level of description for a sick person, in most cases. For example, the two problems that afflicted the Cassini-Huygens relay: (1) The Doppler shift in radio frequency because of the relative velocity of Cassini and Huygens during the mission was not put into the formal requirements. Moreover, empirical testing that would have revealed this would have been unthinkable. The algorithm was absolutely correct – assuming that Cassini and Huygens were not moving very fast. The fact of their high relative velocity during the mission was simply excluded from the design phase, but fortunately this oversight was caught before arrival at Saturn. (2) The software that was supposed to turn on radio receivers listening to two partially-redundant radio channels did not turn on one of the two receivers, which meant that Cassini transmitted it in vain, and half of the images that it took were never received, and lost forever. Here, I'm not sure that enough information was released to the public for us to say exactly what went wrong. It becomes a bit arbitrary as to whether the algorithm was correct, but the specifications written incorrectly, or if the specifications were written correctly but the algorithm was not proven correct. My sense is that the paradigm of logical program verification is probably not a good description of their development process, but that may not be public information.

mcaplinger View Member Profile	Oct 26 2016, 07:04 PM Post #5
Senior Member Group: Members Posts: 2517 Joined: 13-September 05 Member No.: 497	QUOTE (JRehling @ Oct 26 2016, 10:46 AM) Formal program verification, as the literature defines it, is not a part of any software development process that I've been around. I have a PhD in computer science and I develop flight software for a living (among other things) and I use whatever tools I can, including formal correctness. But I guess I'd agree that it's not common. QUOTE The software that was supposed to turn on radio receivers listening to two partially-redundant radio channels did not turn on one of the two receivers... My understanding is that this was user error (miscommanding) rather than a software failure per se. Software can be complex, and the simpler it is, the more likely it is to be right. Landing on Mars should not be that hard from a software perspective. -------------------- Disclaimer: This post is based on public information only. Any opinions are my own.

Posts in this topic

Phil Stooke ExoMars - Schiaparelli landing Aug 12 2016, 07:07 PM

climber Oh yes, sorry about that. If I remembrer correctel... Oct 14 2016, 07:35 AM

katodomo QUOTE (climber @ Oct 14 2016, 09:35 AM) I... Oct 14 2016, 07:01 PM

climber This was just for Schiaparelli = Channels, oh well... Oct 14 2016, 09:26 AM

Explorer1 Schiaparelli seperation confirmed! Oct 16 2016, 05:35 PM

nogal Here is a link to a page where live updates about ... Oct 16 2016, 07:50 PM

Hungry4info ESA's official twitter confirms TGO is now ret... Oct 16 2016, 09:08 PM

nogal A few ESA links about Schiaparelli's EDL: Sch... Oct 17 2016, 11:59 PM

nogal ExoMars TGO burning proceding ok, "with sligh... Oct 19 2016, 03:20 PM

xflare Following Tweets from ESA, it seems they were abl... Oct 19 2016, 03:25 PM

akuo No exact timing mentioned but the Puna radiotelesc... Oct 19 2016, 03:28 PM

xflare Mars Express transmitting EDL data now. Oct 19 2016, 03:49 PM

Art Martin I have a question about this lander mission for th... Oct 19 2016, 04:06 PM

nogal ExoMars TGO is now confirmed to be in martian orbi... Oct 19 2016, 04:46 PM

PaulM QUOTE (Art Martin @ Oct 19 2016, 05:06 PM... Oct 19 2016, 05:35 PM

mcaplinger QUOTE (PaulM @ Oct 19 2016, 09:35 AM) Ent... Oct 19 2016, 05:49 PM

mcaplinger QUOTE (PaulM @ Oct 19 2016, 09:35 AM) I h... Oct 20 2016, 03:13 AM

PaulM QUOTE (mcaplinger @ Oct 20 2016, 04:13 AM... Oct 20 2016, 12:24 PM

climber Does somebody know when Oppy's images attempt ... Oct 19 2016, 04:32 PM

xflare Looks like the Orbiter burn was successful - signa... Oct 19 2016, 04:44 PM

Explorer1 Oppy's image attempt should come this afternoo... Oct 19 2016, 05:08 PM

xflare According to BBCs Jonathon Amos Mars Express saw p... Oct 19 2016, 06:07 PM

B Bernatchez When might we get HiRise coverage of the landing z... Oct 19 2016, 08:16 PM

Phil Stooke Have to figure out where it is first. Tracking mi... Oct 19 2016, 09:52 PM

James Sorenson There are two candidates that I spot in the Oppy i... Oct 19 2016, 10:03 PM

Steve5304 QUOTE (James Sorenson @ Oct 19 2016, 11:0... Oct 19 2016, 10:36 PM

fredk QUOTE (Steve5304 @ Oct 19 2016, 11:36 PM)... Oct 20 2016, 12:32 AM

marsophile QUOTE (fredk @ Oct 19 2016, 04:32 PM) ...... Oct 23 2016, 05:49 AM

James Sorenson When pancam auto-exposes images through each filt... Oct 23 2016, 06:35 PM

Explorer1 Flipping between the two links James posted I see ... Oct 19 2016, 10:50 PM

tanjent Based on the shape of the landing ellipse relative... Oct 19 2016, 11:23 PM

TheAnt The second image, at top right, look a bit like a ... Oct 20 2016, 12:29 AM

nprev Had to work all day so just catching up. Let... Oct 20 2016, 01:48 AM

JRehling I've seen a spacecraft re-enter (Stardust) fro... Oct 20 2016, 02:27 AM

JRehling QUOTE (nprev @ Oct 19 2016, 06:48 PM) Mar... Oct 20 2016, 03:24 AM

xflare I followed the edl on twitter, they got so close I... Oct 20 2016, 06:44 AM

Explorer1 Staying up late for the conference; looks like all... Oct 20 2016, 08:25 AM

Gerald QUOTE (Explorer1 @ Oct 20 2016, 10:25 AM)... Oct 20 2016, 03:27 PM

xflare QUOTE (Gerald @ Oct 20 2016, 04:27 PM) Ei... Oct 20 2016, 03:41 PM

xflare Arggh stream kept buffering so missed quite a bit,... Oct 20 2016, 08:47 AM

abalone "Schiaparelli Mars probe's parachute ... Oct 20 2016, 09:44 AM

climber QUOTE (abalone @ Oct 20 2016, 11:44 AM) ... Oct 20 2016, 10:01 AM

alphasam QUOTE (climber @ Oct 20 2016, 11:01 AM) S... Oct 20 2016, 11:19 AM

climber To me this si more than a partial succes since all... Oct 20 2016, 09:57 AM

tolis I think that it is a mistake that they tried to av... Oct 20 2016, 11:54 AM

craigmcg Its always good to be patient in these situations,... Oct 20 2016, 02:43 PM

climber Let see if it enters the category of multiple land... Oct 20 2016, 07:37 PM

katodomo Question: Schiaparelli carried INRRI, a laser retr... Oct 20 2016, 07:38 PM

Phil Stooke Not sure, but they would take that into account in... Oct 20 2016, 07:44 PM

nprev MOD NOTE: Two posts set invisible for inciting (an... Oct 21 2016, 12:03 AM

alan QUOTE ESA promised to continue attempts to communi... Oct 21 2016, 03:20 PM

tedstryk It appears that they may recover the data from AME... Oct 21 2016, 03:30 PM

xflare QUOTE (alan @ Oct 21 2016, 04:20 PM) http... Oct 21 2016, 03:51 PM

Explorer1 Yes, its a CTX image; low res, but that settles it... Oct 21 2016, 05:15 PM

JRehling This is an extreme "cup half full" inter... Oct 21 2016, 05:45 PM

nogal There were repeated remarks that the landing would... Oct 21 2016, 05:53 PM

Habukaz QUOTE (nogal @ Oct 21 2016, 07:53 PM) The... Oct 21 2016, 06:28 PM

fredk QUOTE (nogal @ Oct 21 2016, 06:53 PM) So ... Oct 21 2016, 06:52 PM

Explorer1 Yes, that's a good point JHReling. I seem to r... Oct 21 2016, 05:57 PM

alan 53 km's from Oppy, I bet she could reach it. Oct 21 2016, 06:29 PM

neo56 I looked at Oppy's new images on Midnight Plan... Oct 21 2016, 07:25 PM

Explorer1 We know from the CTX images that it landed near th... Oct 21 2016, 07:30 PM

fredk On top of that, with the landing site over 50 km f... Oct 21 2016, 07:43 PM

fredk I see a couple of possibly interesting features on... Oct 21 2016, 08:39 PM

tolis QUOTE (fredk @ Oct 21 2016, 09:39 PM) I s... Oct 21 2016, 09:49 PM

mcaplinger These images were likely not autoexposed, but you... Oct 23 2016, 08:23 PM

nogal A minuscule tribute to the ExoMars team. I have up... Oct 23 2016, 08:26 PM

marsophile One way to rule out the streak in http://qt.explo... Oct 24 2016, 01:20 AM

mcaplinger The time in the file name is an SCLK value and dri... Oct 24 2016, 03:32 AM

Deimos The images were taken with fixed exposure times to... Oct 24 2016, 05:19 PM

tolis Reported in Anatoly Zak's website: "By O... Oct 25 2016, 06:51 AM

vikingmars QUOTE (tolis @ Oct 25 2016, 08:51 AM) Rep... Oct 25 2016, 09:57 AM

tolis QUOTE (vikingmars @ Oct 25 2016, 10:57 AM... Oct 25 2016, 10:52 AM

nogal QUOTE (tolis @ Oct 25 2016, 07:51 AM) Tha... Oct 25 2016, 02:00 PM

JRehling As a career software engineer, I doubt very much i... Oct 25 2016, 04:58 PM

mcaplinger QUOTE (JRehling @ Oct 25 2016, 08:58 AM) ... Oct 25 2016, 06:49 PM

stevesliva QUOTE (mcaplinger @ Oct 25 2016, 02:49 PM... Oct 26 2016, 04:16 AM

Decepticon RE: ExoMars - Schiaparelli landing Oct 25 2016, 08:40 AM

Art Martin That would be mind blowing if the sequences of lan... Oct 25 2016, 01:53 PM

Habukaz According to this audio (transcript) from Deutschl... Oct 25 2016, 03:04 PM

katodomo The transcript link above also links: the EDM mis... Oct 25 2016, 03:37 PM

PDP8E I would like to know if ESA released a test articl... Oct 25 2016, 05:08 PM

Explorer1 English language article saying main hunch is a co... Oct 25 2016, 08:12 PM

siravan One of the difficulties of landing on Mars (among ... Oct 25 2016, 08:12 PM

tolis Whatever the cause of the mishap, I doubt that Exo... Oct 25 2016, 08:57 PM

Art Martin Reading that paper about the radar testing is a bi... Oct 25 2016, 10:10 PM

mcaplinger QUOTE (Art Martin @ Oct 25 2016, 02:10 PM... Oct 26 2016, 04:00 AM

katodomo QUOTE (Art Martin @ Oct 26 2016, 12:10 AM... Oct 26 2016, 06:55 AM

Explorer1 $$$, (or in Schiaparelli's case... Oct 26 2016, 03:46 AM

Gerald Those event-triggered multi-threading systems are ... Oct 26 2016, 08:10 AM

mcaplinger QUOTE (Gerald @ Oct 26 2016, 12:10 AM) Th... Oct 26 2016, 02:17 PM

JRehling Just to clarify on the question of proving compute... Oct 26 2016, 06:46 PM

mcaplinger QUOTE (JRehling @ Oct 26 2016, 10:46 AM) ... Oct 26 2016, 07:04 PM

climber I thought the radar comes on line only ONCE the ba... Oct 26 2016, 09:45 AM

Art Martin What a wonderful insight into the computer system ... Oct 26 2016, 08:39 PM

mcaplinger QUOTE (Art Martin @ Oct 26 2016, 12:39 PM... Oct 26 2016, 08:50 PM

PDP8E I agree with mcaplinger: Landing on Mars should no... Oct 26 2016, 09:00 PM

siravan I doubt that the primary problem was radar, as it ... Oct 26 2016, 11:27 PM

2 Pages

< 1 2 >

« Next Oldest · ExoMars Program · Next Newest »