Reliability-oriented design of on-board satellite boot software against single event effects

In space missions, boot software is in charge of the initialisation sequence of flight computers. The processor module in which it runs has a high tolerance to radiation, although not all devices have the same tolerance level. A boot software design capable of recovering from errors in the most vulnerable devices shall provide greater system reliability. This work has been carried out in the context of the boot software development for the control unit of the Energetic Particle Detector instrument on-board the Solar Orbiter mission. This mission operates close to the Sun where high-energy particles can cause single event effects on electronic devices, especially SDRAM and EEPROM, which show lower radiation tolerance than the other devices. This fact motivates this work, where a sensitivity analysis of the incidence of single event effects on the behaviour of the boot software is carried out. Specifically, a fault injection environment has been used to analyse the effect of “stuck-at” bits on the boot software ability to deploy and pass control to the application software. The results show the boot software vulnerability to this kind of permanent effects and have led to the implementation of a reliability-oriented design, presented in this paper.