Spirit Sends Debug Information to Earth 477
gfilion writes "NASA has released a
press release that says: 'Shortly before noon, controllers were surprised to receive a relay of data from Spirit via the Mars Odyssey orbiter. Spirit sent 73 megabits at a rate of 128 kilobits per second.'" They've been having communications troubles with Spirit since Wednesday, so it's good to hear from it again, even if the data is just filler.
No BSOD Jokes, Please (Score:2, Insightful)
Re:No BSOD Jokes, Please (Score:4, Funny)
Re:No BSOD Jokes, Please (Score:4, Interesting)
Re:No BSOD Jokes, Please (Score:3, Insightful)
The two main problems I see with that is radio contact with the base and coordinated science. If a roverlet goes behind a hill it no
Re:No BSOD Jokes, Please (Score:3, Interesting)
ISDN to mars (Score:5, Funny)
(first post?)
Re:ISDN to mars (Score:5, Insightful)
Tom
Re:ISDN to mars (Score:3, Informative)
Chip H.
Re:ISDN to mars (Score:3, Funny)
Re:ISDN to mars (Score:5, Funny)
I guarantee you Mars will have DSL before I do.
You know what they say (Score:5, Interesting)
The data rate is pretty good... (Score:5, Funny)
Re:The data rate is pretty good... (Score:2, Funny)
Re:The data rate is pretty good... (Score:4, Funny)
PING spirit (192.168.1.10): 56 data bytes
64 bytes from 192.168.1.10: icmp_seq=0 ttl=237 time=960125 ms
64 bytes from 192.168.1.10: icmp_seq=1 ttl=237 time=961019 ms
64 bytes from 192.168.1.10: icmp_seq=2 ttl=237 time=960843 ms
64 bytes from 192.168.1.10: icmp_seq=3 ttl=237 time=959980 ms
64 bytes from 192.168.1.10: icmp_seq=4 ttl=237 time=960333 ms
--- spirit ping statistics ---
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max = 959980/960460/961019 ms
Re:The data rate is pretty good... (Score:5, Funny)
Ping matters not to a true master such as myself. You would just have to wait ten minutes to find out that I owned your sorry ass. ;)
Re:The data rate is pretty good... (Score:3, Funny)
Re:The data rate is pretty good... (Score:4, Funny)
Abbreviated locs. Now we know what the real problem with the beagle was; it didn't have enough lox!
Wow (Score:5, Funny)
Pretty damn scary that that's faster then most pr0n download's via Kazza...
Can low-power corrupt memory? (Score:5, Interesting)
In other words, if the onboard CPU has enough power and continues to run but the memory doesn't have enough power, doesn't that cause all kinds of wackiness?
They keep talking about the data pointing to simultaneous faults... well, as programmers we know these are the very worst kinds of bugs to deal with, but with something as (I'm assuming) well written as their code, so doesn't that point to a memory problem? I mean, the think is working flat-out beautifully one moment, and then the next moment it goes tits up.
The other question I had concerned this motor they had turned on but which didn't complete its sequence. When they command the motor to do something, do they tell it to run for some interval of time, or do they tell it to achieve a specific position? I was thinking that if it's the latter, and then if it gets stuck somehow, this could create the low power situation as the motor just grinds away.
Re:Can low-power corrupt memory? (Score:3, Insightful)
but then again maybe I should be.
Re:Can low-power corrupt memory? (Score:3, Informative)
On the subject of streetlights, I was travelling down a major highway the other day. Usually there's a light or two that's stuck on during the day wherever you go. I decided to count how many there were, so I counted 100 streelights out. Out of those hundred, 19 *were stuck on in broad daylight*. The waste of electricity must be phenomenal, since these are all bright high-pressure Na lamps.
Re:Can low-power corrupt memory? (Score:5, Funny)
Or inane.
Re:Can low-power corrupt memory? (Score:3, Informative)
OTOH, if nobody ever used an acronym unless other people were already using it, we'd never have any new acronyms at all. Slashdot culture would suffer terribly.
Re:Can low-power corrupt memory? (Score:3, Insightful)
And for all those people that say things like "Do you think the people at NASA are just stupid and wouldn
Re:Can low-power corrupt memory? (Score:3, Informative)
It's cheaper to send a space craft to Mars that it is to send it to the Moon believe it or not. When it comes to sending manned missions, that's another story. I would rather not get into all of the nitty gritty here since I have somewhere to be right now but if you are interested, hunt a little on the web about "gravitational slingshots" for lack of a better term.
Re:Can low-power corrupt memory? (Score:5, Interesting)
Obviously with volatile RAM without battery backup we shouldn't need to care about the state of the RAM on power-down as it is only temporary storage and will be re-initialised on power-up. Generally the storage components will have wider operating tolerances than the microprocessor so it is very unlikely that the RAM will get corrupted during the powerdown proceedure.
With non-volatile hardware such as battery backed RAM, flash, eeprom, fram etc we have a problem because these contain NV config data and firmware that must be consistent. And with some such as FLASH the write times can be very long, may be longer than the power-down time. In this case the general philosophy is to write the bytes, and the very last step is to update the checksum and set a valid data flag. Which means at worst the device boots up and knows its got some dodgy code or data on its hands, and hopefully handles it in a graceful fashion.
With something like the Spirit I would guess that some form of multiple redundancy is used so that there are multiple firmware images, with a switchable bootloader so that a new image or dataset can be uploaded to an area that is offline, and only once all of the checksums/message hashes are confirmed is the switch made. And hardware watchdogs are running so that if the worst happens and it hangs it can always boot an alternate image. I would also expect a backup OTP PROM image that is guaranteed never to change and known to work.
Re:Can low-power corrupt memory? (Score:4, Funny)
Ahh! So you're saying that while the Spirit is willing, the flash is weak?
Yes, but there are other possibilities (Score:5, Insightful)
Since Spirit is rebooting [cnn.com] sixty times per day, a problem that started when an electric motor moving its spectrometer "conked out", one thinks first of a hardware failure, possibly leading to software corruption.
I don't know the boot sequence of Spirit, but in most battery-powered embedded systems with which I am familiar, an elaborate state machine design is made to ensure that, when the boot sequence is complete, the system has sufficient power to perform any task that may be requested of it. Since the power supply is limited, an unexpectedly heavy load on the primary supply could cause the supply voltage to the microcomputer to fall below its specified lower limit, leading to a system reset.
Now imagine that there is a hardware failure associated with some process that runs during the boot sequence--a voltage regulator turn-on, a heating system initialization, an electric motor activation, whatever--that results in excessive current drain. When this part of the boot sequence is reached, the supply voltage falls, and the microcomputer resets. This disables the problem-causing hardware, unloading the power supply. When the supply voltage recovers, the microcomputer reboots (either automatically, with a power-on reset, via a watchdog timer, or via some other means) and, when the critical part of the boot sequence is reached, the supply voltage falls again. The system is now in a continuous loop, in which it can remain indefinitely. (Or at least 60 times per day....)
Note that this situation can also arise due to a defect in the power supply--if the output impedance of the power supply has risen for some reason, its output voltage under lightly loaded conditions can be acceptable, but it may not be able to supply heavier loads.
One expects the Spirit power supply to be complex, with separate regulators for the microcomputer, radio transceiver, and electric motors, so looking for common circuits and systems would be the first thing to do when troubleshooting for this type of failure. Looking for system conditions that can cause a system reset would be another; the JPL people have lived with their systems for years now, and would have had many design reviews to identify possible system failure scenarios--I'm not telling them anything new here. I understand that the system telemetry received yesterday indicates that the power supply is within specification, so that seems to eliminate that possiblility.
The second alternative is a soft memory failure of some kind, either caused by a supply failure as the parent suggests or perhaps by a radiation event of some kind.
Note that these problems can be multi-disciplinary; for example, the problem could be caused by some vibration when a motor runs that loosens a broken connection created by a chemical reaction to something on the surface (to take an extreme example).
Spirit rebooting 60 times a day (Score:5, Informative)
Silly Spammers (Score:5, Funny)
Re:Spirit rebooting 60 times a day (Score:4, Interesting)
In some ways, there is an air of arrogance in everything NASA does, from their press conferences to their marketing agreements. We have dead shuttle astronauts being transformed into "national heroes," even though their demise wasn't the result of any heroic sacrifices on their part, but rather a materials and systems failure scenario that NASA failed to handle properly. We have Spirit as the "little train that could," sending back waves of photographs of rocks that NASA engineers have actually named. Does the naming of rocks somehow bring NASA's mission closer to the unwashed masses who relate better to Beanie Babies than to the stark facts of reality?
Harsh as it sounds, NASA is reaping what they sow: A string of hardware and software failures that is serving as a backdrop to newly-mandated initiatives by Bush to send miners to the moon and astronauts to Mars. Yet NASA can't even seem to get a remote-control buggy to work correctly. The mind just reels at the catastrophes that await us between now and 2015 should NASA continue down this road of inept management and hardware/software designs insufficiently tested against the harsh envrions of space. As geeks, we owe it not only to ourselves but to the non-geek public to recognize these failures as serious shortcomings in the NASA culture. We must resist the temptation to blindly set NASA on a pedestal in the name of scientific achievement without first critically analyzing their failures.
Improving NASA: Get-it-right vs. get experience (Score:5, Insightful)
While I would never claim that NASA is perfect, I think you underestimate the both the engineering challenge of putting a rover on Mars and the impact of more conservative, get-it-right, policies.
Interplanetary missions are the hardest of all because the engineers never get to actually test the whole device under realistic conditions. Although they can test and analyze each subsystem under a variety of simulated or near-realistic conditions, they have no way of building a test rover, putting it in interplanetary space of months, having is aerobrake into a thin atmosphere, parachute in a thin atmosphere, and crashland at high speed, and then operate all its mechanical parts under dusty low G conditions.
Second, get-it-right == conservatism == greater cost == fewer missions == less experience. The last thing NASA should do is spend more money, take more time, and do fewer missions. The only way we will really learn how to operate in space is to go into space. I'm not saying that better engineering won't help, only that more experience (unfettered by excessive conservatism) is a crucial part of learning to operate on other planets.
Re:Improving NASA: Get-it-right vs. get experience (Score:3, Interesting)
This approach gives NASA the public exposure it needs to continue its work, but space is a very expensive testing ground. Where's the rush to get into space? It's not as if we're trying to capture fleeting moments of time. It seems ludicrous to me that NASA is on a 15-year time table...given the vastness of time in a cosmological sense,
Re:Improving NASA: Get-it-right vs. get experience (Score:5, Insightful)
That would be ideal, but keep in mind that NASA is funded by Congress, an entity that changes its mind about everything every 2-8 years. Any NASA program that takes too long to complete is very likely to be cancelled halfway through, wasting 100% of the resources that were put into it.
Re:Improving NASA: Get-it-right vs. get experience (Score:5, Insightful)
Unfortunately, if you want to look at things on the scale of cosmological time, we don't even exist. Human beings have been around for a blink of the eye of the universe, and unless we get our backsides off this damp ball of rock as soon as possible there's every chance that within another blink, we won't exist anymore. Between climate change (not even human-caused - the "comfortable" Earth we know is just a fleeting hospitible break between the planet's normal fire and ice), potential self-destruction, impact events and a dozen other risks, our continued persistence in keeping all our eggs in one basket is nothing short of asking for annihilation. How many other "intelligent" species would sit there and watch as enough rock and ice to wipe out life plunges into a planet that is, comparitively, just next door and do nothing? We did when Shoemaker-Levy 9 hit Jupiter. My only comfort is that, should the human race be wiped out while confined to Earth by its own lack of vision and sense, it'll be a service to galactic evolution.
Re:Spirit rebooting 60 times a day (Score:3, Insightful)
But this just isn't the case.
From what I can tell NASA is doing as good a job as anyone on Earth with the technologies, manufacturing processes and testing programs available to them.
I would hope that NASA be the first ones to run a diag
Bushes space program... (Score:3, Insightful)
I agree it's wrong to just put NASA on a pedestal, but analyze their success as well as thier failures, and be sure to compare it to the other space agencies out there. I think they are doing a pretty incredible job accomplishing lots of things that have never been done before.
With that said, lets see how Opportunity does tonight!
Re:Bushes space program... (Score:3, Insightful)
Ok- on one hand, we can spent the money to free 25 million people from a brutal and oppressive dictator, give credibility to the UN, provide a catalyst for the democratization of one of the most volatile regions in the world, and eliminate a threat to our national security.
-OR-
We can hurl more crap up into space.
Thats a pretty tough choice.
Re:Spirit rebooting 60 times a day (Score:5, Informative)
Maybe they have. That's how they know how difficult a task it is to get it right.
I am something of an aerospace engineer, and work professionally with real-time systems (based on VxWorks - fancy that!). Let me illustrate the kind of bizarre bug that can happen on a spacecraft, and how it was fixed from the ground.
Consider a satellite with a simple on-board computer. To guard against the OS locking up (no matter how good the software is, you can't protect against radiation-induced bit flips in memory), it has a hardware watchdog timer. The software resets the timer periodically, before the hardware can reboot the system. Things run well for a while.
Then the on-board system starts resetting for no apparent reason. No suggestion of memory problems, no apparent hardware problems. The problem is traced to a radiation-induced change in component values in the watchdog timer, causing the timer to go off sooner than expected. Until the satellite is finally turned down a few years later, an important task of the ground stations was checking for watchdog resets and adjusting the software watchdog task accordingly. When the software eventually spent all its time resetting the watchdog timer, the satellite could no longer function and was turned down.
The moral of the story: space is weird and hostile. Things happen. No matter how hard you try, you cannot always get it right.
...laura
Re:Spirit rebooting 60 times a day (Score:5, Informative)
Spirit uses Wind River's RTOS, VxWorks. The main computer (the Rover Electronics Module) uses a 20MHz 32-bit Rad 6000 CPU, a radiation-hardened PowerPC variant manufactured by BAe in England. The computer has 128M of ECC RAM and a 3M EEPROM. It connects with hardware via a Versa Module Europa (VME) bus.
The software was compiled with a compiler from Green Hills' MULTI development environment, but the developers coded using the Wind River Tornado IDE.
Re:Spirit rebooting 60 times a day (Score:4, Interesting)
Re:Spirit rebooting 60 times a day (Score:3, Interesting)
What was in the data? (Score:2, Funny)
im sorry dave i can't do that
&*A^S^ DJHDHSHA ASHHASD&@^%@@ DD&D^^@
CNN article (Score:4, Interesting)
Re:CNN article (Score:2, Funny)
Re:CNN article (Score:3, Funny)
Re:CNN article (Score:5, Funny)
It wasn't exactly 'filler' (Score:5, Informative)
Only a couple of frames were fillers of random values. Most of the frames were engineering data. No actual scientific data came down, though.
Still, it's a good sign that it's still able to talk.
Someone was thinking ahead (Score:3, Insightful)
I don't know what I'd do if I didn't get to see high resolution pictures of dirt and rock every day.
Who to blame it on... (Score:5, Funny)
A Fatal Exception 0E has occurred at 0028:C0231810 in VXD VMM(0D) + 00001810
Cool! [bsod.org]
The awnser is simple... (Score:2, Funny)
128 Kilobits (Score:5, Funny)
128 kbps over 35 million miles... looks like we'll need another benchmark to replace the station wagon full of DAT tapes
got some useful data (Score:4, Insightful)
They don't say why it's sending fill data, but I bet the NASA geeks are happy about getting that engineering data.
If we could put a man on the moon with slide rulers, we should have no problem figuring out how to three-key a computer on another planet
Fill Data (Score:5, Informative)
Re:Fill Data (Score:3, Informative)
Re:got some useful data (Score:5, Informative)
My guess is the NASA rover's link follows a similar principle, though its probably using some pretty damn fancy techniques to get the data from that far. Oh and missing the first part of the data would really suck for them since a retransmit would take 20 minutes.
60 reboots? (Score:2, Funny)
At 73 megabits, that's a lot of BSOD. Oops. Sorry. Red Screens of Death with Spirit being on Mars and all.
Wind river (Score:2, Interesting)
Re:Wind river (Score:5, Informative)
VxWorks does not provide any memory protection (well, AE does, but it's so buggy nobody uses it).
If a task dies, it does not clean up after it. All memory is global, i.e. any task can overwrite memory for any other task.
Wind River couldn't even implement a decent malloc implementation. I had to replace it with Doug Lea's DLMalloc code (which glibc's malloc is based off of). It fragments horribly, and becomes increasingly slower the more free blocks exist.
Just by replacing malloc, I brought the time down on our box from 50 minutes to under 3 minutes and went from tens of thousands of fragments to a couple of dozen.
If you want a reliable embedded system with a lot of complexity, go with QNX or perhapse a good embedded Linux (I like Timesys Linux myself - good realtime support).
At least with QNX if there's a problem in a task, it's much easier to isolate it and not kill the entire system. As it is on the product I'm working on, if a task dies about the only way to recover is to reboot. Also, VxWorks has piss-poor built-in debugging support. Sometimes you can get a stack trace. Tracing the heap is virtually impossible (and because it's a global memory pool, you don't even know what blocks were allocated by what task or even how much memory each task has allocated). In the product I'm working on I added such support to find memory leaks and detect memory corruption.
VxWorks AE does provide memory protection. We tried to use it, but it was so buggy and slow we had to drop it and go back to standard VxWorks.
VxWorks hasn't really changed in the last few years and Wind River is losing customers like crazy to the better alternatives. They're hemmoraging money at an astronomical rate and quickly losing market share to the likes of QNX and Linux.
Even the realtime performance of VxWorks isn't that great. The finest granularity for a reliable timer is 1/2 the system tick rate (often no more than 20ms resolution).
VxWorks doesn't have a shell as such either. The commands you type in are functions with parameters to those functions. You can do things like my_global = global_a + 7
or
my_func(&my_global, 3)
on the command line, but it's not at all like a traditional command line.
Most real-time Linux implementations arn't all that great either from my research into it. Most don't deal with priority inversion, or require a completely separate set of APIs for RT tasks (i.e. RT Linux). I found Timesys Linux to solve most of these issues and it looks like our next generation will be based off of either Timesys Linux or QNX.
-Aaron
Re:Wind river (Score:4, Interesting)
I have been porting some vxWorks applications to windows recently(Don't ask) and the lack of a tool like that is killing me.
Any suggestion of such a tool like windview that works on windows would be gratefully accepted.
Re:Wind river (Score:3, Interesting)
Usually in VxWorks everything is compiled and linked into a single binary image (i.e. no filesystem). For flash, the only built-in file system is FAT, not even FAT32. Due to this, it makes the flash much more critical. Fat itself is not very robust.
Ideally they would have at least 2 copies of the image in flash and switch to the secondary if the primary fails a CRC or other validation test. Also, it should h
Little Green Men (Score:4, Funny)
I wonder (Score:5, Funny)
It's probably some bizarre licensing issue for the OS causing it to shut down as it's detected that NASA are trying to run two copies at the same time.
Kind of like Beagle 2's problems caused by the transmissions being intercepted by the RIAA as they file a lawsuit against Colin Pillinger for offering illegal music downloads from Mars. [amishrabbit.com]
The cause has been found (Score:5, Funny)
Cause of Spirit problem known! (Score:5, Funny)
mars dvd message (Score:5, Interesting)
-bk.
Re:mars dvd message (Score:3, Informative)
Although i havent personally worked on this, it really seems like something that nasa put together for middle school students looking for something fun to do, not something any experienced codebreaker would have trouble poking through.
CONTENTS OF MESSAGE (Score:5, Funny)
NASA was trying to hide illegal mp3's on mars (Score:5, Funny)
most mp3's: 128kbps
COINCIDENCE?
i think not.
Re:NASA was trying to hide illegal mp3's on mars (Score:5, Funny)
Nasa sent up monkeys. Are they all accounted for?
Nasa sent up robots. Where are they now?
"We can defeat the monkeys. We can defeat the robots.
BUT NOT AT THE SAME TIME!!!"
- Lewis Black
vxWorks... (Score:3, Informative)
Power and versatility was delivered via the advanced applications developed for each of the robotic functions of the Rover devices, plus their communications links with the landing craft. VxWorks not only served as the ideal development platform for the engineers, it also had to be sufficiently robust itself to ensure it would perform according to plan under the extreme conditions on Mars and during the journey from Earth.
To bad it never makes it to run level three sounds like init is dying..
I, for one, welcome our... (Score:5, Funny)
Cheers to the European engineers who caught us with our pants downs and jeers to the American engineers who thought our little rover needed an external reset button for some reason.
New superlative: (Score:5, Funny)
Connections (Score:4, Funny)
Rus
It's all done for the TV ratings (Score:5, Funny)
This is what is happenning people, the new in reality TV - our own Mars Rover - The Ultimate Survivor. The Opportunity will be landing today, so the audience should be able to vote for which rover is going to be kicked out of the show.
The Drama, The Excitement, The Unknonw, The Sex... oh, wait!
Suspiciously good pics of landing site from orbit (Score:3, Interesting)
I thought that the best cameras in orbit around Mars were those on the European Mars Express, with a top resolution of 12 metres/pixel, and yet here the Spirit lander, about 2 metres aross, is spread across about 10 pixels.
Something's not right...
Re:Suspiciously good pics of landing site from orb (Score:5, Interesting)
128 Kb/s .. Where is society coming to? (Score:3, Funny)
Lack or proper parenting skills at NASA (Score:3, Funny)
It looks like NASA is experiencing a common parenting problem, I suggest something like this [amazon.com] for the rocket scientists
Time to confess... (Score:3, Funny)
sure would be nice.. (Score:5, Insightful)
Re:sure would be nice.. (Score:3, Informative)
You can adjust the modifiers for all adjectives. The default is 0 (which is +1 for positives and -1 for negatives), but you can, e.g., make Funny == -4.
I don't recommend it, though, because then you might miss funny Mars cartoons like this one [coxnewsweb.com].
--
For news, status, updates, scientific info, images, video, and more, check out:
(AXCH) 2004 Mars Exploration Rovers - News, Status, Technical Info, History [axonchisel.net].
(AXCH) MER2004 More Info (Score:3, Informative)
(AXCH) 2004 Mars Exploration Rovers - News, Status, Technical Info, History [axonchisel.net].
Closed source project... (Score:5, Interesting)
If JPL would give us more information, I bet they'd have 50% of the entire engineering brainpower on the planet checking for races, inversions, memory leaks, hardware design flaws, etc.
If there was ever a project that could benefit from so many eyeballs, its space exploration. There are thousands of some of the most talented engineers on the planet who would jump at the chance to contribute to something like this.
unmanned probes (Score:3, Interesting)
Perhaps all Spirit really needs is somebody to give it a little kick.
how depressing (Score:3, Funny)
Damn it.
Problem Isolated: Bad Flash Ram (Score:3)
Why does this not surprise me? I'd guess that SanDisk put in the low bid for that part.
Re:Linux Cost Tax Payers at least $410M...nothing (Score:5, Informative)
http://www.windriver.com/news/press/20040105.html [windriver.com]
Re:Linux Cost Tax Payers at least $410M...nothing (Score:2, Informative)
Why is it that you do not know this? mmm?
Re:Linux Cost Tax Payers at least $410M...nothing (Score:5, Informative)
Some of us Engineers work with RTOS all the time, not just for fun-and-dandy projects, for for multi-million dollar outcomes. Consensus is that Linux is not good enough. QNX, VRTX, VxWorks etc are still the preferred choices, but everyone admits that Linux is getting there. Most of us don't hang out on slashdot, yet many Linux zealots do: you don't get a good opinion here.
Re:Linux Cost Tax Payers at least $410M...nothing (Score:3, Interesting)
Re:Wow. (Score:2, Informative)
Re:Wow. (Score:3, Funny)
too bad it seems to be 95% crapola.
Sounds like the internet to me....
Re:400 million and only one CPU (Score:5, Interesting)
On Spirit, power is an issue. More CPUs == more power drain.
Furthermore, I remember the folks initially speculating that something was wrong with the power system. I stopped following it, but it said that this transmission was composed of power subsystem diagnostic data. Could be it's a response requested earlier that it didn't have enough juice to send, in which case more CPUs would have actually exacerbated the problem.
Re:400 million and only one CPU (Score:5, Insightful)
1. you'd have to increase the complexity of the device even more, exposing it to a higher risk of failure statistically
2. you'd need more complicated software and hardware that would require more time and effort (money & delays)
3. the hardware would need more power (limited batteries and solar panel capacity)
4. the system would be heavier and bigger (costs are measured in grams, iirc).
While you have a valid point, the constraints of this design give very strong tradeoffs among safety, feasability, and cash flow (and I'm sure there are others, but I'm not a rocket scientist). I'd imagine that some time was spent on redundant systems, but the adage of "Why have one when you can have two at twice the price?" only works when your budget can support the extra price of man-hours and cash.
I'd argue that where you work has unlimited available power, and if you need more, you can ask your power company for more. You have the money to spend on a X-thousand-dollar sever that's been pre-fabbed by whatever company you like. If you need more, you get more drop-shipped to you within days. NASA had to build these little buggers from the ground up.
<RANT>
You know, if you take your philosophy of simply duplicating the entire machine, there is a backup. It's called "Opportunity." It lands tomorrow.
I highly resent the fact that you've called some of the greatest engineers of our time "retarded." If you can't understand the problem (I certainly don't, but I do understand the concept of tradeoffs in design) you have no right to speak on the issue. Of course, this is slashdot. Everyone can mouth off about everything. Nevermind.
</RANT>
~MCH.
Re:400 million and only one CPU (Score:3, Interesting)
While that statement is correct for adding components in series, it is not correct when applied to adding components for redundancy (i.e. in parallel). Adding another CPU in parallel increases the redundancy, and therefore decreases the risk of failure statistically. Here is the math for both types:
Series: If I add two components in series to a system, with reliability of R_1 and R_2,
Re:400 million and only one CPU (Score:3, Informative)
I'm not sure how this is a disadvantage. The people at NASA can't be experts at everything, and in this case, it looks like they decided to hire an outside company to write the rover software. Just becasue it is a proprietary OS doesn't meant that the code is any buggier, that NASA can't review the software, or that there is any less ability to debug the thing when problems occur.
and only on cpu and only one set of code
A second
Re:should NASA let Wind River write the code? (Score:5, Insightful)
Re:should NASA let Wind River write the code? (Score:3, Interesting)
If we gave them a budget? Yes.
Nasa's fiscal year 2003 budget: $15.1 Billion [nasa.gov].
DoD's fiscal year 2003 budget: $396.1 Billion [cdi.org].
The DoD's budget does not include emergency supplementals, such as the $40 billion supplemental in '02, or the $87 billion supplemental requested in '03.
Re:should NASA let Wind River write the code? (Score:3, Funny)
Of course not. I bet Bob's Electronics Boutique has got just the right parts. Piece of PCB, a blue LED, duct tape, a goat... You mention it, they got it.