DARPA Awards Arkyd SBIR Phase I Contract for Spacecraft Hypervisor

Arkyd 100 spacecraft. (Credit: Planetary Resources)
Arkyd 100 spacecraft. (Credit: Planetary Resources)

Arkyd Astronautics, a company owned by Planetary Resources, has been selected by DARPA for  2013 SBIR Phase I award for a project to incorporate hypervisor-based software virtualization into spacecraft architectures. I know that’s a mouthful; the benefits of it are described in the company’s abstract below.

Arkyd was one of four companies working on hypervisor technology that DARPA selected for Phase I awards. The other companies were: DornerWorks, Ltd., of  Grand Rapids, MI; Emergent Space Technologies, Inc., of Greenbelt, MD; and Intelligent Automation, Inc., of Rockville, MD.  All the abstracts are below.

DARPA 2013 SBIR Phase I Awards
Hypervisor Software Virtualization

Arkyd Astronautics, Inc.
Bellevue, WA
PI:  Ray Ramadorai
Title: Spacecraft Hypervisor Implementing Modularity and Security (SHIMS)

Abstract: Incorporating hypervisor-based software virtualization into spacecraft architectures offers the capability to integrate payload software in a plug-and-play fashion, enabling more flexible and reconfigurable platforms. The hypervisor allows the payload software to be implemented in an abstracted, virtualized environment, which isolates the payload software from core spacecraft functions and offers significant advantages for payload development efficiency, modularity, re-use, integration, and test.A virtualized software payload can also be executed on different spacecraft implementations without modification. Fault tolerance can be achieved by running redundant instances of payload software. Using an I/O virtualized hypervisor, triple modular redundancy (TMR) can be implemented without requiring three unique instances of the compute hardware.

For Phase I, Arkyd Astronautics proposes to develop a set of quantitative metrics for a spacecraft hypervisor, evaluate a set of existing hypervisor products against those criteria, and then extend one of those solutions to create a proof of concept spacecraft hypervisor. For Phase I (option), the proof-of-concept hypervisor would be extended to implement a voting mechanism for hardware/software interactions using software TMR. The hypervisor would be measured against the selected performance metrics, and evaluated for TMR operation in the presence of faults introduced into software payloads.

DornerWorks, Ltd.
Grand Rapids, MI
PI: Andrew Santangelo
Title: QuickSAT-ARLX, A Satellite Hypervisor Environment

Abstract: Dornerworks is seeking to develop as part of this SBIR project the QuickSAT-ARLX Space Hypervisor, a space qualified hypervisor that will support the virtualization of satellite payloads, systems and software modules on a full range of satellites including CubeSATs and MicroSATs to large satellites and launch vehicles. ARLX is an extended version of the open source Xen hypervisor utilizing robust automation tools to test and validate the security and related safety of this environment. Our extensions implement the ARINC 653 partitioning standard, isolating applications running on the same platform and providing high levels of certified safety and security. QuickSAT with the open source stepSATdb data architecture is a satellite design, mission planning, and product lifecycle management framework and environment. It is currently in use on the University NanoSat and Eagle Programs and at NASA research centers.

For the Phase I research effort we will begin integrating QuickSAT and ARLX to create a space qualified hypervisor with integrated virtual payload definition tools, modeling tool event scheduler. In addition feasibility demonstrations with supporting reports will be developed to show not only the viability of the system, but also project costs, issues and a path towards implementation.

Emergent Space Technologies, Inc.
Greenbelt, MD
PI: Travis Wheatley
Title: Space Qualified Satellite Hypervisor for COTS Processors

Abstract: There are many data intensive mission payloads for intelligence, surveillance and reconnaissance (ISR) that collect more data than is practical to transmit through the downlink. The ability to autonomously process and classify this data on board can significantly reduce the downlink bandwidth requirements, thereby making it more feasible to transmit products directly to commanders in the field or even the warfighter themselves. However, existing space-qualified processors do not have the raw processing power necessary to achieve this for many applications.

There are commercial-off-the-shelf (COTS) processors that could meet the processing requirements. A space-qualified-hypervisor implementation would allow the use of COTS components in order to meet the reliability requirements for a space based implementation by employing redundancy and also provide parallel processing opportunities that would greatly enhance the ability to meet the requirements of data intensive missions.

Emergent Space Technologies, Inc. proposes to conduct feasibility studies, technical analysis and simulation, and to conduct small scale proof of concept demonstrations during Phase 1 of this project to determine the space qualify-ability of a Type 1 hypervisor based off of an existing COTS processor.

Intelligent Automation, Inc.
Rockville, MD
PI: Peng Xie
Title: SafeHype: a light and secure satellite hypervisor

Abstract: The virtualization of satellite payload increases the capability and flexibility of the payload developer and is demanded in defense and intelligence community. In this proposed effort, we propose a tiny hypervisor, called SafeHype to virtualize satellite payload. SafeHype can securely isolate the virtual machines concurrently running on the same hardware resources such as CPU, memory and I/O devices. Moreover, SafeHype also supports the provisioning of a new machine on-the -flying. In this proposed effort, we utilize hardware support to reduce virtualization overhead.

SafeHype adopt resources pre-allocation and para-virtualized IO techniques to simplify its functions and to support real time applications. The code size of SafeHype is small and can feasibly be verified. SafeHype also reduces the surface attacks by bringing the guest virtual machine in more direct contact with the underlying hardware resources. Finally, we will develop a workable SafeHype prototype to show the feasibility of our proposed techniques for satellite hypervisor.