The Extended Dynamic Fault Tree Model for Fault-tolerant OBDH Software of Microsatellite

Abstract

This paper presents the extended dynamic fault tree (eDFT) model for fault-tolerant On-board Data Handling (OBDH) software used in microsatellite. For high reliability, in case of the primary processor failure, hot/warm spare automatically and uninterruptedly start torun the OBDH software without critical data missing. Memory with triple-modular redundancy and communication bus with spare are frequently employed in OBDH subsytem design. The important feature of OBDH software which is different from hardware lies in software reconfiguration/redundancy. In safe mode, some of OBDH software modules, even the whole software, can be reconfigured. Because of the limitation of traditional fault tree regardless of dynamic redundancy, the eDFT must model this case to evaluate the instantaneous reliability of OBDH software. Time-to-failure tree (TTFT) can be used to implement the conversion of eDFT model. The result shows this approach is much fast and prompt, and the acceleration value is in direct proportion to TTFT units.