Galois Releases FRIGATE 0.2.0 on CAMET Library

Galois this week released version 0.2.0 of its FRIGATE modeling tool on the CAMET Library. This latest version of FRIGATE demonstrates its ability to export an automated reasoning model from an industry standard modeling tool—in this case, MATLAB Simscape. Simulation model in hand, users can now correlate variables like G-forces, vibration, or temperature with projected mission success or failure, enabling FRIGATE to auto-generate a failure recovery plan to mitigate problems that arise.

FRIGATE was developed by Galois for complex space missions, harnessing the power of digital engineering and formal methods to drastically reduce the amount of effort needed to manage change in human-rated space systems.

Managing Change in Space

From launch vehicles to spacesuits, surface habitats to lunar rovers, human-rated space systems are extraordinarily and increasingly complex, each a vast web of interconnected puzzle pieces. A single changed variable—whether a damaged component or a change in personnel—can have an outsized impact on the whole system’s ability to function.

Failure recovery planning must take into account software and standards, sensor coverage and human capabilities, physical dynamics and system composition. Yet, despite the complexity of the systems and problems at hand, current system modeling and failure recovery procedures are dependent on and manually updated by a large ground operations staff.

“Currently, the International Space Station has extensive documentation on what to do if this or that goes wrong,” explained Galois Principal Scientist Tyler Smith. “All of those failure recovery plans have to be generated, maintained, and updated as the space station changes or if something fails. Right now, this is a manual process, meaning that you either have to rely on large teams of very expensive subject matter experts or you leave yourself at risk of catastrophic failure or even loss of life. So, the more of that process we can automate, the better.”

As humankind reaches ever farther into the stars, space missions will become longer, more frequent, and more complex. Managing design changes will require an unsustainable expenditure of time, effort, training, and support. Manual failure recovery planning methods cannot scale to deal with this challenge.

Virtual Representations of Dynamic Systems

FRIGATE 0.2.0 helps users create a dynamic virtual representation of a given system’s components, associates specific state variables with success or failure (G-forces, vibration, temperature, etc.), defines abort conditions in formal terms, and evaluates sensor coverage to ensure abort conditions can be detected.

By monitoring the relationships between a system’s various moving parts, FRIGATE generates, validates, and updates failure recovery plans that adhere to mission goals, safety rules, and system design and capabilities—automatically adjusting those plans as variables and context change. Thus, if a component is damaged, added, or removed in the virtual system, FRIGATE can tell the user whether the system will still work as intended and automatically generate the appropriate failure recovery plan for the particular challenge at hand.

The result: faster, cheaper, safer failure recovery planning—suited to a dynamic mission context.

“When something goes wrong in space, every second matters,” said Smith. “With NASA and the Defense Advanced Research Projects Agency (DARPA) collaborating to build a rocket with a nuclear reactor in it for deep space travel to Mars, where communication back to earth can take 20 minutes each way, automated failure recovery planning is a must. This latest version of FRIGATE is a significant step forward in our efforts to provide a tool that is both powerful and easy to use. We believe that it will be an invaluable resource for ensuring the safety and reliability of mission critical systems in the unforgiving environment of space.”

Work funded by the National Aeronautics and Space Administration Under Contract No. 80NSSC21C0460