Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Upgrading Software From 350 Million Miles Away

samzenpus posted more than 2 years ago | from the distant-support dept.

NASA 228

CWmike writes "Picture doing a remote software upgrade. Now picture doing it when the machine you're upgrading is a robotic rover sitting 350 million miles away, on the surface of Mars. That's what a team of programmers and engineers at NASA are dealing with as they get ready to download a new version of the flight software on the Mars rover Curiosity, which landed safely on the Red Planet earlier this week. 'We need to take a whole series of steps to make that software active. You have to imagine that if something goes wrong with this, it could be the last time you hear from the rover,' said Steve Scandore, a senior flight software engineer at NASA's Jet Propulsion Laboratory. 'It has to work,' he told Computerworld. 'You don't' want to be known as the guy doing the last activity on the rover before you lose contact.'"

cancel ×

228 comments

Sorry! There are no comments related to the filter you selected.

And NASA has made mistakes with this before... (4, Interesting)

YesIAmAScript (886271) | more than 2 years ago | (#40942705)

It is a difficult task. While NASA has don'e a lot better than most of us programmers ever have, they have made mistakes in updating from Earth to Mars before.

http://en.wikipedia.org/wiki/Mars_Global_Surveyor#Loss_of_contact [wikipedia.org]

Re:And NASA has made mistakes with this before... (4, Interesting)

Taco Cowboy (5327) | more than 2 years ago | (#40942835)

That is why I do not understand why the NASA engineers want to take such a risk

Unless it is a totally fatal software bug - that is, if they do not upgrade the software, the Curiosity rover gonna be bricked - I do not think taking the risk of bricking the rover for a regular software upgrade is worth the danger of bricking the rover, which is, as TFA has stated, 350 millions miles away
 

Re:And NASA has made mistakes with this before... (0)

Anonymous Coward | more than 2 years ago | (#40942847)

I presume it is because they planned on it from the beginning to allow them more time to work of the flight software while the craft was in transit.

Re:And NASA has made mistakes with this before... (2, Interesting)

Anonymous Coward | more than 2 years ago | (#40943623)

Unbelievable, this is so stupid...
WHY NOT INCLUDE SECOND BIOS? or whatever fuck they are using? if its so precious and easilly broken, why not use back up hardware? It's not like it would add another half kilo of weight???? Risk is TOO BIG not to do that. A few grams => problem solved.

Re:And NASA has made mistakes with this before... (5, Informative)

Anonymous Coward | more than 2 years ago | (#40943013)

99% of brickings are the result of people doing stuff that the manufacturer did not intend for you to do, on devices where important design details were hidden for commercial reasons.

This is unlikely (one would hope) to be the case here.

Re:And NASA has made mistakes with this before... (5, Funny)

K. S. Kyosuke (729550) | more than 2 years ago | (#40943381)

99% of brickings are the result of people doing stuff that the manufacturer did not intend for you to do

In that case, that should happen with deep space probes quite a lot.

Re:And NASA has made mistakes with this before... (0)

Anonymous Coward | more than 2 years ago | (#40943501)

I was referring more to trying to restrict you from upgrading / modifying stuff rather than people trying to "hack" stuff or squeeze extra functionality out of something that they have the full schematics / source code of.

Re:And NASA has made mistakes with this before... (4, Interesting)

hcs_$reboot (1536101) | more than 2 years ago | (#40943213)

why the NASA engineers want to take such a risk

Similar to some devices here on Earth, the rover should have an automatic revert solution. For instance, a non-updatable software running on a separate processor detects specific conditions (like no signal from Earth for a while) and flashes back the updatable software to its original version when that condition occurs.

Re:And NASA has made mistakes with this before... (5, Insightful)

cnettel (836611) | more than 2 years ago | (#40943279)

why the NASA engineers want to take such a risk

Similar to some devices here on Earth, the rover should have an automatic revert solution. For instance, a non-updatable software running on a separate processor detects specific conditions (like no signal from Earth for a while) and flashes back the updatable software to its original version when that condition occurs.

Such things tend to be present, but how many times have they tested the automatic revert in actual conditions? An alternative codepath is always a risk.

Updating the software can have great advantages. Only a slightly more reliable connection would allow vast amounts of more science to be done. Adapting the algorithms for autonomous functions such as simple navigation or sample processing also makes a great difference when your lag time for a single command is measured in terms of minutes and you don't even have that level of "real-time" access most of the time.

Re:And NASA has made mistakes with this before... (1)

Jane Q. Public (1010737) | more than 2 years ago | (#40943291)

Haha, I wrote pretty much the same thing, at about the same time. See below.

Re:And NASA has made mistakes with this before... (1)

somersault (912633) | more than 2 years ago | (#40943641)

I think most of us thought it. That probably means that NASA thought it too. Unless they were really against doing such a thing to save space/weight, but I think a few extra grams and square inches to have a recovery partition is definitely worth it, considering bricking the thing means you just wasted several billion dollars..

Re:And NASA has made mistakes with this before... (4, Interesting)

Jane Q. Public (1010737) | more than 2 years ago | (#40943277)

"I do not think taking the risk of bricking the rover for a regular software upgrade is worth the danger of bricking the rover..."

I guess it all depends on on (A) what the perceived value of the upgrade is, versus (B) the perceived risk.

It's probably a safe bet that they learned from the Surveyor issue, and built in better tests and safeguards. I imagine -- although I don't really know -- that they have implemented something like the "rolling upgrades" that are common now, which allow processes to replaced on the fly one at a time, without reboot, and with a failsafe revert that runs at a higher level than any of those processes if anything goes wrong.

It isn't like Windows, in which just about every time you install or upgrade something you have to make all the changes then "reboot". They get done one at a time, and they are tested individually after they are made.

It sounds complicated but conceptually it's pretty simple: you have a top-layer monitor program program that accepts commands to replace lower-level processes. All it needs to be pretty "fail-safe" is to wait for a specified period of time for an "okay" signal from Ground Control. If it doesn't receive one in the specified time, it automatically reverts the process back to the old version. It's a little more involved than that, but that's the idea.

Lots of software does that now. A lot has improved since 1996.

Re:And NASA has made mistakes with this before... (2)

TenDollarMan (1307733) | more than 2 years ago | (#40943445)

Yeah, but maybe the new JellyBean will be totally awesome!

Re:And NASA has made mistakes with this before... (1)

Anonymous Coward | more than 2 years ago | (#40943633)

It's not about updating the virus scanner or patching leaks.
The rover had software loaded for landing, now it's getting software for exploring Mars.
It would be a waste of resource to have both loaded at once since they are never required simultaniously.
A 4Gb SD card at Best Buy may be cheap, but memory that can tolerate the temperatures, radiation and other hazards of space exploration for 3 years is a little pricier.
While the risk of losing communication with the rover is there, I'm pretty sure there is a fallback for when the update fails.

Oblig. (4, Funny)

AliasMarlowe (1042386) | more than 2 years ago | (#40942849)

So what's their problem? Just tell a sysadmin [xkcd.com] to fix it.

Re:And NASA has made mistakes with this before... (3, Informative)

kasperd (592156) | more than 2 years ago | (#40943329)

they have made mistakes in updating from Earth to Mars before.

Sounds like it was not just a software update gone wrong but rather some mechanical problem which they were trying to work around. It was nothing like the usual bricking problem, where a firmware update overwrites code which is needed to perform future firmware updates.

The rovers have several mechanisms to make it safer to update firmware remotely. But ultimately a combination of multiple unfortunate events can still lead to the loss of a rover. And one of those events may have been human error. From the description it sounds like mechanical problems with the solar panel, combined with two cases of human error in coordination of updates, another case of human error trying to correct the previous human errors, an unfortunate condition triggering a latent problem introduced by previous errors, and finally ending up in a position causing the battery to overheat, and loss of power being the ultimate reason it was impossible to adjust the previous mistakes.

Re:And NASA has made mistakes with this before... (4, Informative)

gagol (583737) | more than 2 years ago | (#40943357)

That is probably why a team of 100 software engineers issues about 1000 commands per day for the rover. My guess is a lot of the work is triple checking everything before they upload an update. There is just no room for error in this situation.

Re:And NASA has made mistakes with this before... (2)

gagol (583737) | more than 2 years ago | (#40943367)

For those wondering where the numbers come from, just read the article!

Actually... only 157 million miles away (5, Informative)

ronhip (465417) | more than 2 years ago | (#40942711)

The spacecraft TRAVELLED 350 million miles to get there, but as of tonight, Mars is only about 157.5 million miles from Earth.

Re:Actually... only 157 million miles away (5, Funny)

Anonymous Coward | more than 2 years ago | (#40942909)

Forgot something and noticed halfway? Happens to me all the time...

Re:Actually... only 157 million miles away (1)

K. S. Kyosuke (729550) | more than 2 years ago | (#40943365)

The space highways are curved a lot.

Re:Actually... only 157 million miles away (1)

qbitslayer (2567421) | more than 2 years ago | (#40942971)

Give or take a million.

Re:Actually... only 157 million miles away (4, Funny)

TubeSteak (669689) | more than 2 years ago | (#40943035)

Good news everyone!
NASA will only have to wait half as long to find out if their software upgrade worked!

Re:Actually... only 157 million miles away (1)

toygeek (473120) | more than 2 years ago | (#40943117)

Oh is that all?

Re:Actually... only 157 million miles away (3, Funny)

TenDollarMan (1307733) | more than 2 years ago | (#40943465)

Curiosity made the Mars run in 1.82543347 × 10-5 Parsecs

Not the same cost to get wrong, but (2, Interesting)

Anonymous Coward | more than 2 years ago | (#40942735)

Working in remote smart metering we have a similar problem, where you can brick meters if the signal drops at the wrong place, or firmware doesn't fit the hardware right.

Wow (5, Insightful)

undulato (2146486) | more than 2 years ago | (#40942747)

NASA doing a software upgrade is not big news. This is going to be phenomenally safe. Much scarier doing software upgrades on millions of unknown hardware configurations globally than on one totally locked down platform no matter what distance or cost is involved.

Re:Wow (1)

AchilleTalon (540925) | more than 2 years ago | (#40942831)

Agree, NASA has done a complete upgrade on the previous rover. This isn't new stuff and it has been tested, the procedure is well known. Well, yes, someone may do stupid thing at the wrong time, however, the main difference is the speed of transfer and the delay between transmission and confirmation everything went fine. The environment is well controlled and I do not doubt there is fallback mechanisms in place. So, I'm sorry, on this one I am not really impressed by the NASA team.

Pressure changes things (5, Interesting)

jeko (179919) | more than 2 years ago | (#40943273)

Get a 10-foot 4X4 piece of lumber. Drop it flat on the ground. Walk from one end to the other like a balance beam. I'll bet you can do it. I'll bet you can do it blindfolded, walking backward. I'll bet you can do it reciting the alphabet backward. I'll bet you could do it drunk.

Take that same 4X4, suspend it 20 stories in the air between a couple of cranes. Put a bunch of razor sharp, rotating propellers on the ground beneath it. Intersperse the propellers with oil drillbits pointed up, not down for once. Have a bunch of trained turkey vultures flying around to watch you fall. Take your wife, kids and your momma, put a gun in their mouths while the Joker cackles that when you fall, he's gonna blow their heads off. Bring in the television cameras and monitors so the whole World can watch and you can watch them watch. Have some intern read the tweets and comments sections about your plight over the loudspeakers.

Now, there are a few ice-blooded "Licensed to Kill" Double-O men who could keep it together and walk that beam under that kind of pressure. Mary Lou Retton and Nadia could, no doubt. I seriously doubt I could.

Is it a big deal to do a software upgrade under such tightly controlled conditions? Not really. But try doing that software upgrade when billions of dollars and your career is on the line, with the whole world watching. The guy who screws that up is gonna be a punchline and a byword for a few decades, a real Wilson if you've read that book. :-) You'll be known as the guy who screwed up Mars.

Tell me there wouldn't be maybe one or two drops of sweat on the keyboard...

 

Re:Pressure changes things (0)

Jane Q. Public (1010737) | more than 2 years ago | (#40943327)

It isn't anything like that at all.

It's more like: the 4X4 is still on the ground, and there are no drills or propellers. It's just that you have to do it E-X-T-R-E-M-E-L-Y S-L-O-W-L-Y, with long pauses between each step. And if you do fall off, despite all the care taken, you lose your house and your car.

Re:Pressure changes things (1)

jkflying (2190798) | more than 2 years ago | (#40943487)

And all your colleagues lose their last few years of work.

Re:Wow (1)

Anonymous Coward | more than 2 years ago | (#40942833)

I won't deny the difficulty of the unknown hardware configuration, but the challenges are definitely still there, communication reliability for example. Also, you can always fix a failed upgrade. NASA doesn't get that luxury.

Re:Wow (0)

Anonymous Coward | more than 2 years ago | (#40942953)

Why do you assume that if there is a communications problem, the update will fail and it can't be fixed?
I would find it rather surprising when the update protocol was designed like that!

Re:Wow (1)

darkfeline (1890882) | more than 2 years ago | (#40942981)

Not if you're remotely managing a server via SSH whose physical machine is located at some godforsaken place far away. Sure, if all hell breaks loose then someone can go fix it, but it sure as hell ain't gonna be me. If sysadmins can set up failsafes to keep updates from going wrong just to avoid trekking down the street, I'm sure NASA can set up failsafes to avoid permanently losing an extremely expensive piece of hardware millions of miles away.

Re:Wow (1)

Stuarticus (1205322) | more than 2 years ago | (#40943293)

Apple Fanboi in the house! (sorry)

Failsafe (1, Insightful)

Wowsers (1151731) | more than 2 years ago | (#40942779)

For such expensive projects, would it not make sense to have two EPROM's, one containing the original known working system, and one for the new one. If the new version fails, the machine can fall back to the older version, switch between the two if there are more OS upgrades planned. If they have watchdog times on board to keep the rover going, surely they could do similar setup for the OS?

Re:Failsafe (3, Funny)

Anonymous Coward | more than 2 years ago | (#40942853)

Thank you so much Mr. Wowsers for giving NASA this great idea. I suspect, given the genius of the thought, you will be contacted for employment shortly.

Re:Failsafe (2)

zachie (2491880) | more than 2 years ago | (#40942867)

This, and also having a full replica of the whole rover on Earth to double check that any software updates won't screw the whole operation. But I can't imagine they are not doing these already :?

Re:Failsafe (5, Informative)

fatphil (181876) | more than 2 years ago | (#40942915)

Exactly. That's how it's done in the telecomms world (infrastructure, not terminals). Typically the new software is given three attempts to boot, and if it doesn't acknowledge that it's fully booted after three attempts, the bootloader falls back to the previous version of the software. Of course, things get tricker if you need to update the bootloader, but those should be very rare situations. However, they in turn can be handled a similar way (typically there's a 3-stage boot, the initial being a ROM bootstrap, then your bootloader, then the OS which you'll want to change).

Re:Failsafe (1)

Jane Q. Public (1010737) | more than 2 years ago | (#40943337)

It's extremely unlikely they will do anything even remotely resembling a "reboot". Instead they will carefully replace one process at a time, with no restarting.

Re:Failsafe (1)

fatphil (181876) | more than 2 years ago | (#40943503)

That depends on what OS they're running. And whether they need to change anything in that OS itself. And whether they think they can trust the current state of the system. If the reason you're patching the software is because there's a bug which means you can't trust the state of the system, such as a scribbler, then the last thing you want to do is to attempt to continue running in that state (even dumping your state for later debugging is dangerous - you can no longer trust the data that in the flash driver), you must start from scratch, i.e. a reboot.

Re:Failsafe (2)

ourlovecanlastforeve (795111) | more than 2 years ago | (#40943825)

They're running vxworks and they do have a backup computer. First the backup is flashed and verified, then the primary is flashed and verified.

Re:Failsafe (5, Informative)

Anonymous Coward | more than 2 years ago | (#40942949)

Computers: The two identical on-board rover computers, called "Rover Compute Element" (RCE), contain radiation hardened memory to tolerate the extreme radiation from space and to safeguard against power-off cycles. Each computer's memory includes 256 kB of EEPROM, 256 MB of DRAM, and 2 GB of flash memory.[22] This compares to 3 MB of EEPROM, 128 MB of DRAM, and 256 MB of flash memory used in the Mars Exploration Rovers.[23]
The RCE computers use the RAD750 CPU, which is a successor to the RAD6000 CPU used in the Mars Exploration Rovers.[24][25] The RAD750 CPU is capable of up to 400 MIPS, while the RAD6000 CPU is capable of up to 35 MIPS.[26][27] Of the two on-board computers, one is configured as backup, and will take over in the event of problems with the main computer.[22]

http://en.wikipedia.org/wiki/Curiosity_rover#Specifications [wikipedia.org]

Data transfer speeds between Curiosity and each orbiter may reach 2 Mbit/s and 256 kbit/s, respectively, but each orbiter is only able to communicate with Curiosity for about eight minutes per day

When you have little bandwidth, better get it right the first time.

Re:Failsafe (1)

Jane Q. Public (1010737) | more than 2 years ago | (#40943349)

In all honesty, except for the MIPS figure, that seems like pretty lame hardware for something of this importance.

But I'll bet that it's misleading: the majority of the functions probably aren't performed directly in the CPU and main memory, but by sub-modules running off of PLAs.

Re:Failsafe (5, Insightful)

gagol (583737) | more than 2 years ago | (#40943413)

Given it is radiation hardened specs, those are fabulous! You cant just get your latest core i7 and expect it to work correctly once it escapes the protection of earth's magnetosphere. Also, heat dissipation is much more trickier when you dont have air to work with (space) or cannot afford top replace air filters for the cooling systems (mars).

Re:Failsafe (1)

Jane Q. Public (1010737) | more than 2 years ago | (#40943431)

"Given it is radiation hardened specs, those are fabulous!"

Not really. That might have been true 10 years ago.

Hey... they had to radiation-harden this thing against ITSELF.

All I'm saying is: you can bet the hardware is in a well-shielded heavy metal box, and today all it takes is about 1/4 of a cubic inch to squeeze in another GB of RAM or flash.

So I suspect that they are using a system that is a bit more "distributed" (conceptually) than your everyday PC.

Re:Failsafe (0)

Anonymous Coward | more than 2 years ago | (#40943485)

What are you talking about?

No, it is not a bit more "distributed". The nodes are as specified and nothing more. And there is no point "squeezing" in anything else if it is not required.

More silicon means more power, more heat, more weight, more volume, and more transistors that can go wrong.

Re:Failsafe (4, Informative)

jkflying (2190798) | more than 2 years ago | (#40943603)

The radiation this thing emits is NOTHING compared to the solar and cosmic radiation it would experience both in transit and on Mars. Putting everything in a metal box only helps so much, you still need specifically designed electronics which can handle the odd bit of radiation without dying. Even with a thick metal box you can't run an i7 on Mars, or not for very long at least. Your standard DDR3 isn't going to work either, or your standard EEPROM.

The other thing to remember is that although this project is extremely important, they're still not going to throw more capabilities in than they need, because that is more that can go wrong. For a remote sensing platform, the amount of EEPROM isn't that important - you just need enough to hold your communication protocols, some basic reaction-to-obstacle algorithms and the motor control code. You aren't going to be pulling massive libraries in. The emphasis is on making it as simple as possible, so that there is less chance for bugs to creep in. Those extra MIPS will come in handy for the navigation and onboard image processing, and the flash for storing interesting info until you can upload, so those are what they have upgraded the most.

Re:Failsafe (1)

Sollord (888521) | more than 2 years ago | (#40942989)

The rover has two computers ones a fully redundant back up and I'd hope they didn't build a system that requires both system to be upgrade at the same time...

Re:Failsafe (2)

PhunkySchtuff (208108) | more than 2 years ago | (#40943031)

Not only am I absolutely sure they've got more than one copy of critical data in flash, but they have two identical and redundant computers on board
http://en.wikipedia.org/wiki/Curiosity_rover#Specifications [wikipedia.org]

From http://marsprogram.jpl.nasa.gov/msl/mission/rover/brains/ [nasa.gov]

The rover has two "computer brains" one which is normally asleep. In case of problems the other computer brain can be awakened to take over control and continue the mission.

Re:Failsafe (1)

wvmarle (1070040) | more than 2 years ago | (#40943099)

According to the linked article, they have two computers on board.

They're currently testing the computers to see everything works as intended, then upgrade the main computer, and if that goes fine upgrade the backup computer. Also the new software has been uploaded in transit, so at the moment they have both software systems (the landing system and the surface work system) on their craft.

What is not clear from the article, is how independent these computers are. E.g. what would happen if the upgrade fails partially, with the main computer trying to take over the craft, while the backup computer is still on the original program.

Re:Failsafe (2)

kasperd (592156) | more than 2 years ago | (#40943361)

What is not clear from the article, is how independent these computers are. E.g. what would happen if the upgrade fails partially, with the main computer trying to take over the craft, while the backup computer is still on the original program.

That's always a risk if you have two computers for redundancy. To completely solve that problem, you need four computers. But the algorithms for coordinating in such a scenario are complicated. So it might be safer to rely on systems being able to use the proper computer, with just two present. If you had a 3 out of 4 setup with the four computers running identical software, it only takes one software bug to bring down the system.

Re:Failsafe (2)

Jane Q. Public (1010737) | more than 2 years ago | (#40943383)

"If you had a 3 out of 4 setup with the four computers running identical software, it only takes one software bug to bring down the system."

Not at all. You have a separate "supervisor" board that moderates among the computers. In a case like that, you only need 3 for Damned Good Redundancy, not 4.

But I expect that NASA has good reason to have faith in the reliability of their dual machine.

Re:Failsafe (-1)

Anonymous Coward | more than 2 years ago | (#40943335)

Dude, the computer on board this thing is less powerful than even the weakest current generation phones. And I'm sure even Raspberry Pi. (which also uses less power)

NASA can't computer. They need to learn how to use Newegg right. They should get a guy for that.

Re:Failsafe (1)

CubeSat developer (2705175) | more than 2 years ago | (#40943609)

I think the problem here is not the risk of bricking the rover. It has two on-board computers in a redundant configuration, so if the update fails, the watchdog is going to switch to the secondary computer. Also, the integrity of the update is most likely protected by a checksum.

The real risk is that a valid on-board software could send unexpected commands to the other subsystems (that is what happened on MGS [wikipedia.org] and many other failed spacecraft). For example, it could instruct the rover to drive off a cliff ;-)

hmm (0)

strack (1051390) | more than 2 years ago | (#40942805)

i hope theres a really, really good reason why the need to update the software at all

Re:hmm (2)

c0lo (1497653) | more than 2 years ago | (#40942887)

i hope theres a really, really good reason why the need to update the software at all

Well, zero-day exploits.. and Wikileaks... and anonymous not forgiving or forgetting... and Duqu/Flame/Mahdi...

(grin)

Re:hmm (4, Insightful)

hey_popey (1285712) | more than 2 years ago | (#40942929)

Of course, not! They do it just for the lulz!
More seriously, for space systems and embedded systems in general, due to resource constraints on-board, you usually cannot fit all the functionality you would like to in one software image. So you keep only what is necessary for the first mission, and then you replace the obsolete ones with the next thing you want to do.
As a simplified example, when you launch a satellite, you will need it to deploy its solar arrays quickly (and do many initialization checks). When that is done, you could imagine changing this part of the software with something else...

Also, they might have had time planning constraints on the project, and needed to launch with a simpler first version of the software, while finalizing the second one. That does happen.

Re:hmm (1)

Anonymous Coward | more than 2 years ago | (#40942999)

Yeah. That's probably too much to ask from an organization that successfully sent a 4 ton spacecraft into space for a 9 month voyage over half a billion kilometers with a mission to lower a nuclear powered, car sized rover on the surface of Mars by entering the atmosphere with a rocket crane to lower it.

Damn cowboys, just sending out rovers willy-nilly. They've already sent up 2 rovers not long ago, I bet they didn't even have a good reason to send this one up at all. Yeah, they'll be updating the shit out of it for no reason, don't worry about that.

Hold F8, Boot to Safemode - which lacks networking (2)

DontScotty (978874) | more than 2 years ago | (#40942807)

By pressing F8 at the "Starting Windows 95" message, and then choosing Safe Mode from the Windows 95 start-up menu.

Following these steps will gain you ultimate FAME and FAILURE - for updating the Mars software!!!

Re:Hold F8, Boot to Safemode - which lacks network (1)

fatphil (181876) | more than 2 years ago | (#40942931)

I can't even get to that stage, it keeps giving me a keyboard error - did no-one stick one on Curiosity?

Re:Hold F8, Boot to Safemode - which lacks network (-1)

Anonymous Coward | more than 2 years ago | (#40942935)

Some people are so stupid. It was F5 until Windows 98, idiot! And what does Windows 95 have to do with anything? If you haven't noticed, this is 2012, not 1995.

In addition, I find your comment overall just plain stupid.

Re:Hold F8, Boot to Safemode - which lacks network (0)

Anonymous Coward | more than 2 years ago | (#40943051)

I found it quite funny (a 1995 pc wiz kid telling how you should do it), but the redundant "FAME and FAILURE" line kind of ruined it.

Re:Hold F8, Boot to Safemode - which lacks network (2)

wvmarle (1070040) | more than 2 years ago | (#40943105)

No keyboard found. Press to continue.

Re:Hold F8, Boot to Safemode - which lacks network (1)

wvmarle (1070040) | more than 2 years ago | (#40943111)

No keyboard found. Press <F1> to continue.

(correcting for HTML... preview? What preview? Oh, that preview...)

it can fly? (0)

wjh31 (1372867) | more than 2 years ago | (#40942911)

maybe im missing something, but unless this update is going to make it sprout wings, why does it need flight software when it's already landed

Re:it can fly? (5, Informative)

Bonobo_Unknown (925651) | more than 2 years ago | (#40942967)

The point of the exercise is to replace the no longer needed flight software with software it can use to better perform it's tasks while on Mars.

Re:it can fly? (1)

darkfeline (1890882) | more than 2 years ago | (#40943001)

Didn't you know? NASA uses python. https://xkcd.com/353/ [xkcd.com]

Re:it can fly? (1)

Jane Q. Public (1010737) | more than 2 years ago | (#40943401)

Whitespace and the Red Planet would probably not get along.

Wrong Question (1)

mutube (981006) | more than 2 years ago | (#40943341)

What we really need to know is why it didn't need flight software BEFORE now?! Obviously it isn't really on Mars... if 'Mars' even exists. Lizards all the way down I tell you! LIZARDS!!

This Is Intense! (1)

qbitslayer (2567421) | more than 2 years ago | (#40942939)

Why, the life of a Mars Rover engineer is always intense.

Os? (0)

Anonymous Coward | more than 2 years ago | (#40942961)

Not that I want to start a flamewar, but does anybody know what os they use?does anybody know the exact hardware specs?
I know that many sattelites carry around _reaheally_ old hardware and I'm really curious :-) what they send in a mars rover.
Did they program it from scratch or is it some already existing project?

Re:Os? (0)

Anonymous Coward | more than 2 years ago | (#40943239)

VxWorks, on RAD750 processors, which are basically radiation-hardened PowerPC G3. There's plenty more details; JFGI,

Re:Os? (1)

Anonymous Coward | more than 2 years ago | (#40943385)

GTFO wanker! [lmgtfy.com]

"flight software"? (1, Informative)

Barnett (550375) | more than 2 years ago | (#40942977)

Why are they updating the "flight software"? I thought they were done with the flying bit?

Re:"flight software"? (0)

Anonymous Coward | more than 2 years ago | (#40943437)

Why are they updating the "flight software"? I thought they were done with the flying bit?

Did you try reading the article?

"Michael Watkins, a mission systems manager at JPL, said during a press conference today that a team of programmers are getting ready to upgrade Curiosity's software from a program optimized for landing to one optimized for working on the planet's surface."

They can't help it if Journalists say summarize using in accurate language.

How the !@#$ does this get modded informative??? Ignorant is the new informative on slashdolt.

Re:"flight software"? (1)

Barnett (550375) | more than 2 years ago | (#40943665)

Calm down, this is Slashdot. Nobody reads TFA.

Imagine if it had been in kilometers (1)

G3ckoG33k (647276) | more than 2 years ago | (#40942987)

Imagine how far it would have been if they had measured it in kilometers instead!

Whoaw!

.
.
-
.
.
. ;)

big deal (0)

Anonymous Coward | more than 2 years ago | (#40943015)

I has an arm, doesn't it? So it can push its own reset button and go into the BIOS if need be.

Should have gone with Debian.. (2, Funny)

Anonymous Coward | more than 2 years ago | (#40943033)

sudo apt-get update mars

Stop Calling Mars "The Red Planet"! (0, Flamebait)

Fleetie (603229) | more than 2 years ago | (#40943075)

There is this global media obsession with referring to Mars as "The Red Planet". It is really irritating.

Mars has a name, just like all the other planets in our solar system: Its name is "Mars". So use it, and respect the planet and its name.

It's so irritating and "media lovvie". Also, the planet it not really "red" at all. It's brown. It belongs in exactly the same category as media types referring to scientists as "boffins". It's RUDE and DISRESPECTFUL.

I wish the media would shed this ridiculous obsession with ignoring the name of the planet MARS.

Re:Stop Calling Mars "The Red Planet"! (1, Funny)

Anonymous Coward | more than 2 years ago | (#40943195)

i spoke to mars and it assured me it wasn't offended

but it was happy for you to be offended on its behalf

Re:Stop Calling Mars "The Red Planet"! (0)

Anonymous Coward | more than 2 years ago | (#40943453)

My acquaintance from the Middle Kingdom mentioned something similar when dicussing the amount of filthy lucre we could liberate from the Sunshine State. Apparently there are hidden deposits of black gold to be found.

Yes but (1)

Anonymous Coward | more than 2 years ago | (#40943115)

which language do they use to tell the rover where to drive? Surely, it has to be Logo

Software upgrades.... (2)

disi (1465053) | more than 2 years ago | (#40943143)

It will sit there forever: "Are you sure you want to update? Yes/No"

Re:Software upgrades.... (2)

lxs (131946) | more than 2 years ago | (#40943459)

Have you tried turning it off and on again?

A little late? (-1, Redundant)

Anachragnome (1008495) | more than 2 years ago | (#40943211)

"...as they get ready to download a new version of the flight software on the Mars rover Curiosity..."

Flight software? She flying back too?

Re:A little late? (1)

MSojka (83577) | more than 2 years ago | (#40943345)

"...as they get ready to download a new version of the flight software on the Mars rover Curiosity..."

Flight software? She flying back too?

"Flight" as in "fight-or-flight response". You know, in case Curiosity encounters Martian life which think it's delicious ... or at least interesting enough to study and take apart.

Those people at NASA think of everything ...

Aww come on, 350 million...please (0)

Anonymous Coward | more than 2 years ago | (#40943281)

I just got back from MARs on Tuesday the tacos suck, the clubs are dead and the girls all wear suncreen with shitty tans..I'd so done with it...rather be in NY on a Wed night...

Just keep Wolowitz away (1)

TheHonch (1390893) | more than 2 years ago | (#40943423)

from the controls and everything should be fine

Risk mitigation (1)

WinstonWolfIT (1550079) | more than 2 years ago | (#40943469)

I don't feel I could begin to appreciate the issues these rocket surgeons deal with, but if it were my project, there would be two rovers, the guinea pig in Dalton, Ohio (there should be a penalty for bricking the test rover) and the one that gets the exact same script that succeeded in Dalton. Human hands should never directly touch a mission critical system.

Re:Risk mitigation (0)

Anonymous Coward | more than 2 years ago | (#40943639)

There are two rovers, one on earth for testing, etc.

There's some good related stories here (3, Insightful)

Grindalf (1089511) | more than 2 years ago | (#40943531)

If you follow "Scott Maxwell" in google plus, there are some great snippets about the landing and software. See: https://plus.google.com/u/0/112648317373638762082/posts [google.com]

What's the problem.... (0)

Anonymous Coward | more than 2 years ago | (#40943587)

If the software upload doesn't work, there are plenty of tools to help NASA fix it.
Some that come to mind are the (in)famous My Clean PC. If they had been smart
and purchased the extended warranty at the checkout, Geek Squad could help, too.

Sensationalism at it's WORST! (0)

Anonymous Coward | more than 2 years ago | (#40943649)

The headline should be "OMG! WE ARE TEH BUZY SO FAST!!!!shift-1"

The reason I say this is because it NEVER covers the fact that in possibility the programmers MUST have a Development Environments, Quality Assurance Environment, Staging Environment and Acceptance Testing Environments. Is it agile? Is it waterfall? WTF is the IT? and WTF is the I.T.?

Hell if you truly want to be technical and have a full fleshed out story you would say "In addition to the n flops uber computer simulators that introduce transmission failures and other physical environmental factors... We have the original prototype to exact specifications on the ground, in the labs here..."

Can a HaX0r hijack the uberWifi signal on mars and attack the aliens living there? If we divide by zero can the solar collectors and internal power source create an uncontrolled fusion? That's what I would like to know!!!

The original article itself does not cover "How does one prevent bricking 350m mile away equipment."

Should be easy enough (2)

symes (835608) | more than 2 years ago | (#40943697)

They are bound to have a copy of Curiosity here on Earth, surely? So they should be able to thoroughly test the process first. Ok, it is not Mars and there might be issues specific to transmitting that data over such distances... but still. I'd be really surprised if this hasn't been thoroughly tried and tested.

Re:Should be easy enough (1)

ledow (319597) | more than 2 years ago | (#40943731)

More than that, if you design the system properly it would never be a problem.

Watchdog timers on everything - on the hardware coming up, on the communications with Earth, etc. If you don't get a response from the timers in X seconds/minutes/days, then completely revert to the previous version of the software and try again.

So if you upgrade the software and break the radio, in a day or so of not being able to talk to Earth, the machine should notice and revert back to the previous software. If you break the upgrade completely, the watchdog timers for, e.g. OS-level monitoring, sensor control, radio-to-Earth, etc. will eventually trigger and then you can revert.

And *don't* let it remove a previous version of the software - just keep updates which automatically fall back to prior updates or the original mission software when they fail.

The biggest problem you have is not the software update, it's purely corruption of the hardware, which you can't do much to combat if it happens. But even then, I'd expect the boot sequence to start with something so minimal that it's capable of, say, checking the whole of RAM and avoiding anything that's a bit dodgy (e.g. Linux BadRAM-patch-style) and reverting to *literally* just something that shouts for help from the radio if it can't.

Well, it's not really the same (1)

aglider (2435074) | more than 2 years ago | (#40943811)

But the tecnologies used in some botnets are a goot starting points.
That'd be, call home and try to pull anything you need to do the upgrade.
The orbiter relay should be doing the same, first.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?