You are here
SAT-CIRCA: Verifiable Real-Time Autonomy for Satellites
Title: Senior Principal Research Scientist
Phone: (612) 325-9314
Email: musliner@sift.info
Title: Vice President
Phone: (612) 578-7438
Email: hfunk@sift.info
On-board autonomy for satellite defense poses significant challenges to today’s planning and execution technology, including mission-critical performance, hard real-time deadlines, and limited computational resources. To meet these challenges, SIFT proposes to build SAT-CIRCA: an integrated, verifiable architecture for real-time satellite response planning and execution. In previous research, we have developed the Cooperative Intelligent Real-time Control Architecture (CIRCA), including a planning system uniquely capable of reasoning about adversarial domains, building reactive real-time plans for those domains, and using formal verification techniques to prove that its plans will guarantee system safety while also making best efforts to achieve mission goals. In this project, we propose to integrate the CIRCA reaction planning system with NASA’s most advanced technologies for verifiable onboard plan execution, the Plan Execution Interchange Language (PLEXIL) and the Universal Executive (UE). PLEXIL is a uniform plan representation with formal semantics that is well-suited to formal verification methods. The UE is a very compact plan executive that NASA researchers designed from the ground up to meet the challenges of spacecraft control, including limited computational resources and reliable, verifiable execution. The UE has been proven to enforce the semantics of PLEXIL using formal software analysis methods. Together, PLEXIL and the UE provide a way to reify CIRCA’s guarantees. That is, SAT-CIRCA will use CIRCA’s reaction planner to build plans in PLEXIL and execute them using the UE, thus guaranteeing that the UE will enforce the guarantees that CIRCA planned. SAT-CIRCA will be the first onboard autonomous satellite system capable of reasoning about its hazardous environment and guaranteeing to keep the system safe if at all possible.
* Information listed above is at the time of submission. *