SINGLE PIXEL FEED CONTROLLER SOFTWARE ... - ska-sdp.orgska-sdp.org/sites/default/files/attachments/ska-tel-dsh-0000104_rev4... · Name Designation Affiliation Signature & Date Authored

Name Designation Affiliation Signature & Date

Authored by:

P.C. van Niekerk Senior Software

Engineer EMSS Antennas

Approved by:

M. Dahlgren SPF Band 1 SE Chalmers/

OSO

A. Taylor SPF Band 345

PM Oxford

University

I.P. Theron SPF Lead Engineer

EMSS Antennas

SINGLE PIXEL FEED CONTROLLER

SOFTWARE REQUIREMENTS SPECIFICATION

Document number ........................................................................ SKA-TEL-DSH-0000104 Revision ........................................................................................................................... 4 Author ..................................................................................................... P.C. van Niekerk .................................................................................................... with T.J. Steyn, A.J. Born Date ................................................................................................................. 2018-09-05 Status .................................................................................................................. Released

P.C. van Niekerk (Sep 6, 2018)P.C. van Niekerk

Isak Theron (Sep 6, 2018)Isak Theron

https://na1.documents.adobe.com/verifier?tx=CBJCHBCAABAAVAFPH_Q7tiYk2oLIz5-hjbnq8yM5p9Gp




Document No.: Revision: Date:

SKA-TEL-DSH-0000104 4 2018-09-05

Author: P.C. van Niekerk

Page 2 of 67

DOCUMENT HISTORY Revision Date of Issue Engineering Change

Number

Comments

A 2016-09-30 - First draft release for internal review

1 2016-11-30 - Released with DDR feedback

1A 2017-05-05 - Draft released for B1 delta DDR

2 2017-05-31 - Released after delta DDR. There were no observations

on Rev. 1A.

2A 2018-07-31 EA-SKA-WAV-0001 Distributed for delta CDR document review (some

unnecessary requirements removed and incorrect use of

MeerKAT terminology resolved)

3 2018-08-10 CN0038 Released for Band 2 and services CDR closure

3A 2018-08-27 - Internal review after adding band 5 state machine

4 2018-09-05 CN0050 Released with band 5 state machine

DOCUMENT SOFTWARE Package Version Filename

Word processor MS Word Word 2016 SKA-TEL-DSH-0000104_Rev4_SPFCSoftwareRequirementsSpecification.docx

Block diagrams

Other

ORGANISATION DETAILS Name SKA Organisation

Registered Address Jodrell Bank Observatory

Lower Withington

Macclesfield

Cheshire

SK11 9DL

United Kingdom

Registered in England & Wales

Company Number: 07881918

Fax. +44 (0)161 306 9600

Website www.skatelescope.org


SKA-TEL-DSH-0000104 4 2018-09-05


Page 3 of 67

TABLE OF CONTENTS

LIST OF ABBREVIATIONS ................................................................................ 8

1 SCOPE ........................................................................................................ 9

1.1 Identification ........................................................................................................................... 9

1.2 Numbering Conventions ......................................................................................................... 9

1.3 System Description ................................................................................................................. 9

1.3.1 Overview ..................................................................................................................... 9

1.3.2 Functional Breakdown ................................................................................................ 9

1.3.3 External Interfaces Identification .............................................................................. 10

2 DOCUMENTS.............................................................................................. 11

2.1 Applicable Documents .......................................................................................................... 11

2.2 Reference Documents ........................................................................................................... 11

3 REQUIREMENTS .......................................................................................... 12

3.1 Modes of Operation .............................................................................................................. 12

3.1.1 OFF ............................................................................................................................ 13

3.1.1.1 Purpose ..................................................................................................................... 13

3.1.1.2 Functional Requirements .......................................................................................... 13

3.1.2 STARTUP .................................................................................................................... 14

3.1.2.1 Purpose ..................................................................................................................... 14


3.1.3 STANDBY_LP .............................................................................................................. 14

3.1.3.1 Purpose ..................................................................................................................... 14


3.1.4 OPERATE.................................................................................................................... 15

3.1.4.1 Purpose ..................................................................................................................... 15


3.1.5 MAINTENANCE .......................................................................................................... 17

3.1.5.1 Purpose ..................................................................................................................... 17


3.1.6 ERROR ....................................................................................................................... 17

3.1.6.1 Purpose ..................................................................................................................... 17


3.2 CSCI Capability Requirements ............................................................................................... 18

3.2.1 Control ...................................................................................................................... 20


SKA-TEL-DSH-0000104 4 2018-09-05


Page 4 of 67

3.2.1.1 Feed Packages ........................................................................................................... 20

3.2.1.2 Control Vacuum Pump .............................................................................................. 21

3.2.1.3 Control Helium Compressor ...................................................................................... 22

3.2.2 Monitor and Report .................................................................................................. 22

3.2.2.1 States and Modes...................................................................................................... 22

3.2.2.2 Alarms ....................................................................................................................... 23

3.2.2.3 Events ........................................................................................................................ 23

3.2.2.4 Logs ........................................................................................................................... 24

3.2.2.5 Sensors ...................................................................................................................... 24

3.2.2.6 Faults and Failures .................................................................................................... 24

3.2.2.7 Automatic Safety Checks........................................................................................... 24

3.2.3 Support ...................................................................................................................... 25

3.2.3.1 Remote Updates ....................................................................................................... 25

3.2.3.2 Load and Save Configuration Data ............................................................................ 25

3.2.3.3 Load and Save Metadata........................................................................................... 25

3.2.3.4 Engineering Interface ................................................................................................ 25

3.2.4 Performance Requirements ...................................................................................... 26

3.2.4.1 System Start-up ......................................................................................................... 26

3.2.4.2 Processing Resources ................................................................................................ 26

3.2.4.3 Data Latency.............................................................................................................. 26

3.2.4.4 Mode Transition Times ............................................................................................. 26

3.2.5 Specific Requirements for Stamp CoM Setup ........................................................... 26

3.2.5.1 Clock Speeds ............................................................................................................. 26

3.2.5.2 Peripherals ................................................................................................................ 26

3.2.5.3 Watchdog Timer ........................................................................................................ 26

3.2.6 Application Software Control Logic........................................................................... 27

3.2.6.1 Tango Device Server .................................................................................................. 27

3.2.6.2 SPFC Control Block .................................................................................................... 28

3.2.6.3 Vacuum Pump Controller .......................................................................................... 28

3.2.6.4 Helium Compressor Controller ................................................................................. 29

3.2.6.5 Feed Package Control Block ...................................................................................... 30

3.3 SPFC External Interface Requirements ................................................................................. 40

3.3.1 LMC_SPF (I.M.LMC_SPF.01) ...................................................................................... 40

3.3.2 DFN (I.M.DFN_SPF.05) .............................................................................................. 40

3.3.2.1 Feed Package Interfaces (SPF IIF01, SPF IIF02, SPF IIF03) ......................................... 41


SKA-TEL-DSH-0000104 4 2018-09-05


Page 5 of 67

3.3.2.2 Vacuum Pump Interface (SPF IIF04) .......................................................................... 41

3.3.2.3 Helium Compressor Interface (SPF IIF05) ................................................................. 41

3.4 CSCI Internal Interface Requirements ................................................................................... 41

3.4.1 Ethernet Physical Layer (IIF1) .................................................................................... 42

3.4.2 UART (IIF2) ................................................................................................................ 42

3.4.3 SD Card (IIF3) ............................................................................................................. 42

3.4.4 Elapsed Time Counter (IIF4) ...................................................................................... 42

3.4.5 ADCs (IIF5) ................................................................................................................. 43

3.5 CSCI Internal Data Requirements .......................................................................................... 43

3.6 Adaptation Requirements ..................................................................................................... 43

3.7 Safety Requirements ............................................................................................................. 43

3.8 Security and Privacy Requirements ...................................................................................... 43

3.9 CSCI Environment Requirements .......................................................................................... 43

3.10 Computer Resource Requirements ....................................................................................... 43

3.10.1 Computer Hardware Requirements .......................................................................... 43

3.10.2 Computer Hardware Resource Utilisation Requirements ........................................ 44

3.10.3 Computer Software Requirements ........................................................................... 44

3.10.4 Computer Communications Requirements .............................................................. 44

3.10.4.1 Ethernet interface ..................................................................................................... 44

3.10.4.2 Serial UART interfaces ............................................................................................... 44

3.10.4.3 Programming and low level debug interface ............................................................ 45

3.11 Software Quality Factors ....................................................................................................... 45

3.11.1 Reliability ................................................................................................................... 45

3.11.2 Maintainability .......................................................................................................... 45

3.11.3 Availability ................................................................................................................. 45

3.11.4 Flexibility ................................................................................................................... 45

3.11.5 Portability .................................................................................................................. 45

3.11.6 Reusability ................................................................................................................. 45

3.11.7 Usability..................................................................................................................... 45

3.11.8 Design ........................................................................................................................ 46

3.12 Design and Implementation Constraints .............................................................................. 46

3.13 Personnel Related Requirements ......................................................................................... 46

3.14 Training Related Requirements ............................................................................................ 46

3.15 Logistics Related Requirements ............................................................................................ 46

3.15.1 System Maintenance................................................................................................. 46


SKA-TEL-DSH-0000104 4 2018-09-05


Page 6 of 67

3.15.2 Software Support ...................................................................................................... 46

3.15.3 System Transportation .............................................................................................. 46

3.16 Other Requirements ............................................................................................................. 46

3.17 Packaging Requirements ....................................................................................................... 46

3.18 Precedence and Criticality Requirements ............................................................................. 47

3.19 Development Method and Testing ....................................................................................... 47

3.20 Documentation ..................................................................................................................... 48

4 VERIFICATION ............................................................................................ 49

4.1 Quality Conformance ............................................................................................................ 49

4.1.1 Responsibility for Tests ............................................................................................. 49

4.1.2 Special Tests and Examinations ................................................................................ 49

4.1.3 Requirements Validation Phases and Methods ........................................................ 49

4.2 Requirements Verification .................................................................................................... 50

5 REQUIREMENTS TRACEABILITY ........................................................................ 67

6 NOTES ..................................................................................................... 67

6.1 Explanatory Notes ................................................................................................................. 67

6.2 List of Unresolved Items ....................................................................................................... 67

7 PREPARATION FOR DELIVERY ......................................................................... 67


SKA-TEL-DSH-0000104 4 2018-09-05


Page 7 of 67

LIST OF FIGURES

Figure 1: SPFC communication and control interfaces. ........................................................................ 10

Figure 2: SPFC modes. ........................................................................................................................... 12

Figure 3: Functional breakdown of the SPFC. ....................................................................................... 19

Figure 4: Application software code blocks. ......................................................................................... 27

Figure 5: SPFVac state machine. ........................................................................................................... 28

Figure 6: SPFHe state machine. ............................................................................................................ 29

Figure 7: SPF1 state machine. ............................................................................................................... 31

Figure 8: SPF2 state machine. ............................................................................................................... 34

Figure 9: SPF345 state machine. ........................................................................................................... 38

Figure 10: SPFC internal interfaces. ...................................................................................................... 42

Figure 11: The waterfall design methodology. ..................................................................................... 47

Figure 12: SPFC software development and testing model. ................................................................. 48

LIST OF TABLES

Table 1: SPFC external interface identification ..................................................................................... 10

Table 2: SPFC mode transition criteria .................................................................................................. 13

Table 3: Summary of the software system functions ........................................................................... 19

Table 4: Temperature settings .............................................................................................................. 21

Table 5: SPFC capability states .............................................................................................................. 22

Table 6: SPF1 mode description ............................................................................................................ 32

Table 7: Mutual exclusivity (m) of the SPF1 states & modes ................................................................ 32

Table 8: SPF1 state definitions .............................................................................................................. 33

Table 9: SPF2 states description ........................................................................................................... 35

Table 10: Mutual exclusivity (m) of the SPF2 states & modes .............................................................. 36

Table 11: SPF2 state definitions ............................................................................................................ 36

Table 12: SPF345 states description ..................................................................................................... 38

Table 13: Mutual exclusivity (m) of the SPF345 states & modes .......................................................... 39

Table 14: SPF345 state definitions ........................................................................................................ 40

Table 15: SPFC hardware resource utilisation requirements ............................................................... 44

Table 16: Test phases applicable to the SPFC ....................................................................................... 49

Table 17: Test methods applicable to the SPFC .................................................................................... 49

Table 18: Requirements verification matrix ......................................................................................... 50


SKA-TEL-DSH-0000104 4 2018-09-05


Page 8 of 67

LIST OF ABBREVIATIONS

CoM ............................... Computer on Module

CDR ................................ Critical Design Review

CSCI ............................... Computer Software Configuration Item

DDR ............................... Detail Design Review

DFN ................................ Dish Fibre Network

ETC ................................ Elapsed Time Counter

FMECA ........................... Failure Mode, Effects and Criticality Analysis

FP ................................... Feed Package

FPC ................................ Feed Package Controller

ICMP .............................. Internet Control Message Protocol

LMC ............................... Local Monitoring and Control

LRU ................................ Line Replaceable Unit

MAC ............................... Media Access Control

RFE ................................ Radio Frequency Equipment

SCP ................................ Secure Copy Protocol

SD .................................. Secure Digital

SFTP ............................... SSH File Transfer Protocol

SKA ................................ Square Kilometre Array

SM ................................. State Machine

SPF ................................. Single Pixel Feed

SPF1 ............................... Single Pixel Feed Band 1

SPF2 ............................... Single Pixel Feed Band 2

SPF345 ........................... Single Pixel Feed Band 345

SPFC ............................... Single Pixel Feed Controller

SPFHe ............................ SPF Helium Service

SPFVac ........................... SPF Vacuum Service

SSH ................................ Secure Socket Shell

TDS ................................ Tango Device Server


SKA-TEL-DSH-0000104 4 2018-09-05


Page 9 of 67

1 SCOPE

1.1 Identification

This specification establishes the functional, design, development and test requirements for the application software of the Square Kilometre Array (SKA) single pixel feed controller (SPFC).

This specification describes the functions and requirements of the SPFC application software needed to control and monitor multiple feed packages as well as receiver services. This document is intended to be used by software developers to develop the SPFC application software.

1.2 Numbering Conventions

Each requirement is indicated with a project identifier (here SPFC-SW) and a sequential Arabic number in square brackets. These numbers are used as cross references throughout this specification. The numbered requirements are used in the verification section of this document.

1.3 System Description

1.3.1 Overview

The SKA antenna positioner will be able to house up to three single pixel feed packages, each functioning in a different frequency band. Two of the feed packages comprise of a cryostat with a cryocooler requiring a high-pressure helium supply and return to function and one will be an ambient system, which does not require helium or vacuum connections. A vacuum, internal to the cryostat, thermally insulates the cryocooler allowing it to reach cryogenic temperatures by eliminating convection heat transfer and reducing solid conduction through the remaining gas to a negligible level. The supply of high pressure helium and the creation of a vacuum are defined as the SPF helium service (SPFHe) and SPF vacuum service (SPFVac) respectively. The SPFC is responsible for controlling the SPFHe and SPFVac as well as the respective SPFs.

The SPFC is a microprocessor-based design, located in the antenna pedestal, with the primary function of controlling the entire SPF sub-element of the antenna (including the vacuum and helium services). It monitors the health status of each SPF cryostat, receiver control and monitoring electronics and also controls the active components inside each receiver cryostat. All monitored parameters are independently logged per receiver feed package (FP) and sent to the end user when requested.

The SPFC has an optic fibre Ethernet interface that provides feedback of each FP via the Tango protocol. ON/OFF control of the low noise amplifiers (LNAs), temperature control set points, and the cool down and vacuum procedures are accomplished via the network interface. The SPFC is Linux based and Secure Shell (SSH) connections to the SPFC are possible in order to change initialisation files and perform low level configuration.

Once initialised the SPFC shall automatically control each connected FP to enter into the user defined default start-up-mode.

1.3.2 Functional Breakdown

The SPFC is designated to be an autonomous system that controls and monitors multiple FPs, as well as the SPF services that keep the FPs operational. The SPFC application software shall be executing on a Linux operating system and communication shall be done remotely via an Ethernet connection by means of the Tango communication protocol [RD4].

The functional breakdown of all the SPFC software functions is detailed in paragraph 3.2.


SKA-TEL-DSH-0000104 4 2018-09-05


Page 10 of 67

1.3.3 External Interfaces Identification

Figure 1 illustrates the external communication and control interfaces defined for the SPFC. The SPFC communicates with the FPs, SPFHe and SPFVac through the dish fibre network (DFN) (I.M.DI_SPF.5). Communication with the local monitoring and control (LMC) is done via the I.M.LMC_SPF.1 interface. The other interfaces depicted in Figure 1 are mechanical and power interfaces and the details thereof fall outside the scope of this document. For a more detailed identification of the functional external interfaces, please refer to Table 1.

Figure 1: SPFC communication and control interfaces.

Table 1: SPFC external interface identification

Interface Name External

To Interface Identifier To Reference

Controller with LMC SPF I.M.LMC_SPF.01 LMC [AD3]

Controller with SPF1 SPFC SPF_IIF01 [I.M.DI_SPF.05] SPF1 [AD4]



SPF Vacuum SPFC SPF_IIF04 [I.M.DI_SPF.05] SPFVac [AD7]

SPF Helium SPFC SPF_IIF05 [I.M.DI_SPF.05] SPFHe [AD8]

Pedestal Shielded Compartment

SPF Controller

(317-040000)

(Major Components)D

ish S

truct

ure

Pow

er

(I.M

.DS

_S

PF

.06)

DFN

Fib

re(I

.M.D

I_S

PF

.05)

LM

C D

ata

(I.M

.LM

C_S

PF

.01)

SPF Controller HWCI(317-041000)

Dis

h S

truct

ure

Mechani

cal

(I.M

.DS

_S

PF

.13)

SP

F1 (

SP

F IIF

01)

SP

F345 (

SP

F IIF

03)

SP

F H

eliu

m (

SP

F IIF

05)

SP

F V

acu

um

(S

PF

IIF

04)

SP

F2 (

SP

F IIF

02)

Major component physical location

Line Replaceable Unit

Sub assembly

Internal Control via DFN

SPF External

Key:

External Functional

SPF Major ComponentSPF Controller External

SPF Controller CSCI(317-042000)

Software


SKA-TEL-DSH-0000104 4 2018-09-05


Page 11 of 67

2 DOCUMENTS

2.1 Applicable Documents

The following documents are applicable to the extent stated herein. In the event of conflict between the contents of the applicable documents and this document, the applicable documents shall take precedence. Unless specifically stated, the latest revisions shall apply.

[AD1] A. Peens-Hough, et. al., “Single Pixel Feed (SPF) Requirements Specification”, SKA-TEL-DSH-0000012, Rev. 5, 2017-06-01.

[AD2] P. C. van Niekerk, “Single Pixel Feed Controller Development Specification”, SKA-TEL-DSH-0000087, Rev. 2, 2018-08-10.

[AD3] G. Smit, et. al., “Data Exchange Interface between The Dish LMC and the SPF Controller”, SKA-TEL-DSH-0000055, Rev 2, 2018-02-01.

[AD4] P. C. van Niekerk, “SPF Controller to SPF Band 1 Data Exchange ICD”, SKA-TEL-DSH-0000093, Rev. 3, 2018-01-31.

[AD5] P. C. van Niekerk, “SPF Controller to SPF Band 2 Data Exchange ICD”, SKA-TEL-DSH-0000094, Rev. 2, 2017-11-03.

[AD6] T. Steyn, “SPF Controller to SPF Band 345 Data Exchange ICD”, SKA-TEL-DSH-0000095, Rev. 1, 2018-09-05.

[AD7] T. Steyn, “SPF Controller to SPF Vacuum ICD”, SKA-TEL-DSH-0000096, Rev. 1, 2016-11-30.

[AD8] T. Steyn, “SPF Controller to SPF Helium Data Exchange ICD”, SKA-TEL-DSH-0000097, Rev. 1, 2016-11-30.

2.2 Reference Documents

The following documents are referenced in this document. In the event of conflict between the contents of the referenced documents and this document, this document shall take precedence.

[RD1] A. Krebs, “Single Pixel Feed Helium Service Development Specification”, SKA-TEL-DSH-0000089, Rev. 1, 2016-11-30.

[RD2] L. Mc Nally, “Single Pixel Feed Vacuum Service Development Specification”, SKA-TEL-DSH-0000091, Rev. 1, 2016-11-30.

[RD3] Stamp9G20 Technical Reference, Taskit GmbH document, 2009

[RD4] Tango Controls System Handbook, Version 9.2, Online: http://ftp.esrf.fr/pub/cs/tango/tango_92.pdf

http://ftp.esrf.fr/pub/cs/tango/tango_92.pdf


SKA-TEL-DSH-0000104 4 2018-09-05


Page 12 of 67

3 REQUIREMENTS

3.1 Modes of Operation

The modes of operation of the SPFC is given in Figure 2 and detailed in the subsections that follow. The events causing mode transitions are also indicated.

The requirements associated with each mode are described in detail in these subsections, under the following requirement titles:

1. Entry. The conditional requirements under which the mode is entered from the previous mode.

2. Transition. The functional requirements upon entering the mode which will only be performed once.

3. Implementation. The functional requirements to be performed continuously while in the specific mode.

4. Exit. The conditional requirements under which the mode is exited to the next mode.

[SPFC-SW-0001] The SPFC shall have the following internal modes. The interaction of the modes is shown in Figure 2. (Refines: SPFC-0001)

• OFF

• STARTUP

• STANDBY_LP

• OPERATE

• MAINTENANCE

• ERROR

OFF

STARTUPSTANDBY

LP

OPERATE MAINTENANCE

1

5

4

2

3

ERROR 6

7

89

Low Power

Full Power

Low Power

Low Powerand

Full Power

From any mode if requested

From any mode if requested

From any mode if critical functional error occurs

Figure 2: SPFC modes.


SKA-TEL-DSH-0000104 4 2018-09-05


Page 13 of 67

Each mode has the transition criteria as given in Table 2.

Table 2: SPFC mode transition criteria

Number Current Mode New Mode Mode Transition Trigger

1 OFF STARTUP Automatic at system start-up.

2 STARTUP STANDBY_LP Automatic after system initialisation.

3 STANDBY_LP OPERATE By LMC command.

4 STANDBY_LP OFF By LMC command as a maintenance command

5 MAINTENANCE OPERATE By LMC command.

6 ERROR OPERATE By LMC command.

7 ANY STANDBY_LP From any mode if STANDBY_LP is requested.

8 ANY MAINTENANCE From any mode if MAINTENANCE is requested.

9 ANY ERROR From any mode if critical functional error occurs.

[SPFC-SW-0002] The SPFC shall have the following power states (Refines: SPFC-0002):

1. LOW_POWER

2. FULL_POWER

[SPFC-SW-0003] All modes and power states shall be reported to the LMC via the Tango interface upon request (Refines: SPFC-0003).

3.1.1 OFF

3.1.1.1 Purpose

This mode is used to indicate that the SPFC computer software configuration item (CSCI) is not running. This is the default starting mode of the SPFC and is set at system start-up or if commanded so by the LMC when the system is in STANDBY_LP mode.

3.1.1.2 Functional Requirements

3.1.1.2.1 Entry

[SPFC-SW-0004] The SPFC shall have the OFF mode set when the application is started. [SPFC-SW-0005] The SPFC shall enter the OFF mode if a system reset is requested by the LMC as a maintenance command (Refines: SPFC-0004).

3.1.1.2.2 Transition

There are no transitional requirements for the OFF mode.

3.1.1.2.3 Implementation

The OFF mode has no implementation.

3.1.1.2.4 Exit

[SPFC-SW-0006] The SPFC shall exit the OFF mode automatically and enter the STARTUP mode with no delays when powered up.


SKA-TEL-DSH-0000104 4 2018-09-05


Page 14 of 67

3.1.2 STARTUP

3.1.2.1 Purpose

The STARTUP mode is entered into when the SPFC CSCI is first activated by the operating system. In this mode, the SPFC CSCI shall handle the setting up of all hardware peripherals and initialisation of the various internal data structures and state machine operations in order to maintain a low power state.


3.1.2.2.1 Entry

[SPFC-SW-0007] The SPFC shall automatically enter the STARTUP mode when it is started by the operating system.


[SPFC-SW-0008] The SPFC shall ensure that no communication or external interrupts are active while residing in the STARTUP mode.

[SPFC-SW-0009] The SPFC shall perform the following operations once while entering the STARTUP mode:

• Initialise all structures, variables and constants from user defined initialisation (.ini) files.

• Initialise all I/O pins to the correct states.

• Open the serial ports for feed packages and helium service.

• Initialise and start feed packages, vacuum pump and helium service state machine.

• Start the SPFC Tango device server (TDS) for LMC communication.


[SPFC-SW-0010] The SPFC shall perform no continuous processing while in the STARTUP mode and shall exit the mode as soon as all system initialisation procedures are completed.

3.1.2.2.4 Exit

[SPFC-SW-0011] The SPFC shall exit the STARTUP mode and transition to the STANDBY_LP mode automatically if no errors were detected during initialisation (Refines: SPFC-0005). [SPFC-SW-0012] The SPFC shall enter the ERROR state if an error is detected which prevents it from performing its functional requirements (Refines: SPFC-0015).

3.1.3 STANDBY_LP

3.1.3.1 Purpose

The STANDBY_LP mode is entered automatically upon successful completion of the initialisation actions in the STARTUP mode. In this mode, the SPFC is deemed operational and will adhere to commands received from the LMC over the Tango communication channel. The SPFC also executes the sub-state controllers for each feed package, the vacuum and helium service. The SPFC shall transition to the ERROR mode if an operational error occurs from which it is unable to recover.


SKA-TEL-DSH-0000104 4 2018-09-05


Page 15 of 67


3.1.3.2.1 Entry

[SPFC-SW-0013] The SPFC shall enter the STANDBY_LP mode from the STARTUP mode automatically if no errors were detected (Refines: SPFC-0005). [SPFC-SW-0014] The SPFC shall enter the STANDBY_LP mode from any other mode if so requested by the LMC (Refines: SPFC-0007).


[SPFC-SW-0015] The SPFC shall ensure that all health status of the sub-elements is cleared when the transition to the STANDBY_LP mode is active.

[SPFC-SW-0016] The SPFC shall ensure that the helium compressor, vacuum pump and feeds are all in their respected Off modes if commanded to enter STANDBY_LP (Refines: SPFC-0006).


The SPFC shall perform the following operations while in the STANDBY_LP mode:

• [SPFC-SW-0017] Estimate the time to full performance and report this value to the LMC (Refines: SPFC-0054).

• [SPFC-SW-0018] Execute state machines for the following sub-elements:

o Band 1 feed package



o Vacuum service

o Helium service.

• [SPFC-SW-0019] Message decoding of the following systems and subsystems:

o LMC via the Tango interface

o Feed packages via their individual serial communication interfaces

o Helium controller via a serial interface.

• [SPFC-SW-0020] Monitor and report on system status, sub-element status, sensors, alarms, events, faults and logs (Refines: SPFC-0021, SPFC-0023, SPFC-0024, SPFC-0025, SPFC-0028, SPFC-0033, SPFC-0036, SPFC-0042).

3.1.3.2.4 Exit

[SPFC-SW-0021] The SPFC shall exit the STANDBY_LP mode and transition to a new mode only if requested by the LMC (Refines: SPFC-0004, SPFC-0005). [SPFC-SW-0022] The SPFC shall enter the ERROR mode if an error is detected which prevents it from performing its functional requirements (Refines: SPFC-0015).

3.1.4 OPERATE

3.1.4.1 Purpose

This is the operational mode of the SPFC. In this mode, the SPFC can be in full or degraded performance states. Astronomical observation is done in this mode.


SKA-TEL-DSH-0000104 4 2018-09-05


Page 16 of 67


3.1.4.2.1 Entry

[SPFC-SW-0023] The SPFC shall enter the OPERATE mode from the STANDBY_LP, MAINTENANCE or ERROR mode only upon request from the LMC.


[SPFC-SW-0024] The SPFC shall not commence with the transition until execution of all previous commands are completed.


The SPFC shall perform the following operations while in the OPERATE mode:

• [SPFC-SW-0025] Execute state machines for the following sub-elements:




o Vacuum service

o Helium service.

• [SPFC-SW-0026] Message decoding of the following systems and subsystems:

o LMC via the Tango interface

o Feed packages via their individual serial communication interfaces

o Helium controller via a serial interface.

• [SPFC-SW-0027] Monitor and report on system status, sub-element status, sensors, alarms, events, faults and logs (Refines: SPFC-0021, SPFC-0023, SPFC-0024, SPFC-0025, SPFC-0028, SPFC-0033, SPFC-0036, SPFC-0042).

The SPFC shall perform the following operations while in the OPERATE_DEGRADED power state:

• [SPFC-SW-0028] Estimate the time to full performance and report this value to the LMC (Refines: SPFC-0054).

• [SPFC-SW-0029] Continuously try to achieve FULL_PERFORMANCE power state (Refines: SPFC-0008).

The SPFC shall perform the following operations while in the OPERATE_FULL_PERFORMANCE power state:

• [SPFC-SW-0030] Comply with all performance requirements (Refines: SPFC-0009).

3.1.4.2.4 Exit

[SPFC-SW-0032] The SPFC shall exit the OPERATE mode only if commanded by the LMC. [SPFC-SW-0033] The SPFC shall enter the ERROR mode if an error is detected which prevents it from performing its functional requirements (Refines: SPFC-0015).


SKA-TEL-DSH-0000104 4 2018-09-05


Page 17 of 67

3.1.5 MAINTENANCE

3.1.5.1 Purpose

The SPFC shall enter this mode from any other mode when commanded by the LMC. When in the MAINTENANCE mode, the SPFC shall ensure that the system is physically safe to work on by an engineer, an engineering communication interface is made available and orchestrate remote software updates to its subsystems if so requested.


3.1.5.2.1 Entry

[SPFC-SW-0034] The SPFC shall enter the MAINTENANCE mode from other modes upon request from the LMC.




The SPFC shall perform the following operations while in the MAINTENANCE mode:

• [SPFC-SW-0036] Either be in FULL_POWER or LOW_POWER states (Refines: SPFC-0011).

• [SPFC-SW-0037] Configure its receivers to be safe for physical maintenance (Refines: SPFC-0012, SPFC-0153).

• [SPFC-SW-0038] Enable the engineering interface (Refines: SPFC-0013).

• [SPFC-SW-0039] Enable SPF sub-element firmware and software to be updated (Refines: SPFC-0014).

3.1.5.2.4 Exit

[SPFC-SW-0040] The SPFC shall exit the MAINTENANCE mode only if commanded by the LMC. [SPFC-SW-0041] The SPFC shall enter the ERROR mode if an error is detected which prevents it from performing its functional requirements (Refines: SPFC-0015).

3.1.6 ERROR

3.1.6.1 Purpose

The ERROR mode is automatically entered from any mode if an error occurs which prevents the SPFC to perform its functional tasks. The SPFC shall log the error and the reason thereof to an error log. The SPFC shall provide diagnostic information via the Tango interface or the debug port. Depending on the severity of the ERROR, the SPFC shall either automatically restart and transition to the OFF mode, or wait for the LMC to request a new mode.


3.1.6.2.1 Entry

[SPFC-SW-0042] The ERROR mode is automatically entered from any mode if an error occurs which prevents the SPFC to perform its functional tasks (Refines: SPFC-0015).


SKA-TEL-DSH-0000104 4 2018-09-05


Page 18 of 67


The SPFC shall ensure that no status changes are allowed while transitioning to the ERROR mode as to have accurate information on the system state and possible cause of the error when an error log is generated.


The SPFC shall perform the following operations while in the ERROR mode:

• [SPFC-SW-0043] Log the error to disk. The following information shall be contained in the error log:

o SPFC mode from which the error occurred.

o System health status.

o Sub-element state machine state.

o Hardware resource status

o Disk space

o Memory usage

o Communication port status

• [SPFC-SW-0044] Notify all connected Tango clients that the SPFC is in its ERROR mode and thus not available for operation.

• [SPFC-SW-0045] Provide debug information with the same content as the error log via the debug port, regardless if there is a terminal connected to it or not.

3.1.6.2.4 Exit

[SPFC-SW-0046] If communication with the LMC can be maintained, the SPFC shall remain in the ERROR mode until a new mode is requested by the LMC.

3.2 CSCI Capability Requirements

The functional breakdown of the SPFC CSCI is given below in Figure 3.


SKA-TEL-DSH-0000104 4 2018-09-05


Page 19 of 67

Single Pixel Feed Controller

Interfaces

Events

Alarms

Monitor and Report

States and Modes

Ethernet

Tango

Multiple Receivers

HeliumCompressor

Engieering

Sensors

Faults andFailures

Automatic safety checks

Support

Load/SaveConfig Data

RemoteUpdates

Control

Feed Packages

LNA

Vacuum Valve

Cryo Motor

Temperature Controllers

Calibration Signal

Vacuum Pump

Helium Compressor

Load/SaveMetadata

Serial

Digital

Vacuum Pump

HeliumCompressor

State Machines

Firmware programming

Figure 3: Functional breakdown of the SPFC.

Table 3: Summary of the software system functions

No. SPFC Function Description

1. Interfaces

1.1. Ethernet Communicate via the Ethernet interface.

1.1.1. Tango Use the Tango control suite for SPFC_LMC communication.

1.1.2. Engineering Use SSH for configuration, updates and debugging

1.2. Serial Communicate via UART interfaces.

1.2.1. Multiple Receivers Implement separate software ICDs for communication with each of the receivers.

1.2.2. Helium Compressor Implement software ICD for helium compressor communication.

1.2.3. Firmware programming Implement a proprietary low level debugging interface for firmware programming and CPU debugging.

1.3. Digital Set output and get input of digital IO pins.

1.3.1. Vacuum Pump Control digital lines to and from vacuum pump.

1.3.2. Helium Compressor Control digital lines to and from helium compressor.


SKA-TEL-DSH-0000104 4 2018-09-05


Page 20 of 67

No. SPFC Function Description

2. Monitor and Report

2.1. States and Modes Report system states and modes on request

2.2. Sensors Report sensor data

2.3. Alarms Report alarms of events which require action

2.4. Events Report events which are informative

2.5. Logs Report logs based on the log level set by the LMC

2.6. Faults and Failures Report faults and failures of the system

2.7. Automatic safety checks Failsafe safety checks to protect the receiver components

3. Control

3.1. Feed Packages Control the sub-elements.

3.1.1. State Machines Control the state machines of the sub-elements.

3.1.2. LNA LNAs ON and OFF.

3.1.3. Vacuum Valve Vacuum valve OPEN and CLOSE.

3.1.4. Cryocooler Motor Cryocooler motor ON and OFF.

3.1.5. Temperature Controllers Temperature control of 1st and 2nd stage RFE platforms.

3.1.6. Calibration Signal Calibration signal control in lab test setup.

3.2. Vacuum Pump Control vacuum service.

3.3. Helium Compressor Control helium service.

4. Support

4.1. Remote Updates Feed package firmware update via SPFC software.

4.2. Load/Save Configuration Data Upload and download configuration files.

4.3. Load/Save Metadata Provide software version information and item serial numbers.

3.2.1 Control

3.2.1.1 Feed Packages

The SPFC application software shall control each of the following devices on each FP as described below.

3.2.1.1.1 State Machines

[SPFC-SW-0048] The application software shall control each FP with its own state machine as described in §3.2.6.5 (Refines: SPFC-0021).

3.2.1.1.2 LNAs

[SPFC-SW-0049] The SPFC shall be able to individually switch the LNAs ON or OFF via a request from the Tango interface.


SKA-TEL-DSH-0000104 4 2018-09-05


Page 21 of 67

3.2.1.1.3 Vacuum Valve

[SPFC-SW-0050] The vacuum valve on each FP shall be automatically controlled by its corresponding state machine. [SPFC-SW-0051] The LMC shall be able to control the vacuum valve manually with a Tango command when in the MAINTENANCE mode.

3.2.1.1.4 Cryocooler Motor

[SPFC-SW-0052] The cryocooler motor shall either be controlled automatically by the state machine or by the LMC in the MAINTENANCE mode. It can be switched ON or OFF.

3.2.1.1.5 Temperature Controllers

[SPFC-SW-0053] The SPFC shall have two temperature controllers for band 2 with the control options as shown in Table 4.

Table 4: Temperature settings

Setting RFE 1st Stage Temperature Controller Calibration Source Temperature Controller

Off Temperature controller switched off Temperature controller switched off

Set point 1 Temperature controlled at approx. 14 K Temperature controlled at approx. 280 K






Warm Temperature controlled at approx. 295 K Temperature controlled at approx. 310 K

3.2.1.1.6 Calibration Signal

[SPFC-SW-0055] An LMC controlled signal via the Tango interface shall enable or disable the calibration source (in MAINTENANCE mode in a lab setup when the digitizer is bypassed) with a fibre control line directly from the SPFC.

3.2.1.2 Control Vacuum Pump

[SPFC-SW-0056] The SPFC shall have a state machine which orchestrates vacuum pump control and status as per §3.2.6.3 (Refines: SPFC-0021, SPFC-0022). [SPFC-SW-0057] The vacuum pump state machine shall execute in its own thread.

The following vacuum control functions shall be implemented. Note that some of these commands are only available in MAINTENANCE mode.

• [SPFC-SW-0058] The SPFC shall be able to switch the vacuum pump ON and OFF as required by the different FPs.

• [SPFC-SW-0059] The LMC shall be able to switch the vacuum pump ON and OFF via the Tango interface, while in MAINTENANCE mode.

• [SPFC-SW-0060] The LMC shall be able to override and switch off the vacuum pump and disable the vacuum pump control via the Tango interface, while in operational or MAINTENANCE mode.


SKA-TEL-DSH-0000104 4 2018-09-05


Page 22 of 67

3.2.1.3 Control Helium Compressor

[SPFC-SW-0061] The SPFC shall have a state machine which orchestrates helium compressor control and status as per §3.2.6.4 (Refines: SPFC-0021, SPFC-0022). [SPFC-SW-0062] The helium compressor state machine shall execute in its own thread.

The following helium compressor functions shall be implemented. Note that some of these commands are only available in MAINTENANCE mode.

• [SPFC-SW-0063] The SPFC shall be able to switch the helium compressor ON and OFF via the helium compressor serial interface as required by the different FPs.

• [SPFC-SW-0064] The LMC shall be able to switch the helium compressor ON and OFF via the Tango interface, while in MAINTENANCE mode.

• [SPFC-SW-0065] The LMC shall be able to reset the helium compressor via the Tango interface, while in MAINTENANCE mode.

• [SPFC-SW-0066] The LMC shall be able to override and switch the helium compressor OFF via the Tango interface, while in MAINTENANCE mode.

3.2.2 Monitor and Report

3.2.2.1 States and Modes

[SPFC-SW-0067] The SPFC shall report its active mode to the LMC when requested (Refines: SPFC-0003). [SPFC-SW-0068] The health status of the SPFC shall be reported to the LMC upon request from the LMC (Refines: SPFC-0025).

[SPFC-SW-0069] The SPFC shall report to the LMC the capability status of each FP individually (Refines: SPFC-0024).

[SPFC-SW-0070] The SPFC shall have the following aggregated capability states for each band independently which is reported to the LMC (Refines: SPFC-0016):

• UNAVAILABLE

• STANDBY

• OPERATE_DEGRADED

• OPERATE_FULL

The criteria for each capability state are given in Table 5 below.

Table 5: SPFC capability states

State Description and Transition requirements

UNAVAILABLE [SPFC-SW-0071] The SPFC shall set SPFx to UNAVAILABLE if no communication to the SPFx can be established or if there are errors that render the SPFx not fully functional (Refines: SPFC-0017).

STANDBY [SPFC-SW-0072] The SPFC shall set SPFx to STANDBY, if it is ready to fully function, and its cooling system is turned off (Refines: SPFC-0018).

OPERATE_DEGRADED [SPFC-SW-0073] The SPFC shall set an SPFx to OPERATE_DEGRADED if it is fully functional, but its performance is not within its specifications (Refines: SPFC-0019).

OPERATE_FULL [SPFC-SW-0074] The SPFC shall set an SPFx to OPERATE_FULL if it is fully functional and its performance is within its specifications (Refines: SPFC-0020).

Note: SPFx refers to any SPF1, SPF2, SPF345 bands. Refer to paragraph 3.2.6.5 for the mapping of these capabilities to the lower level states.


SKA-TEL-DSH-0000104 4 2018-09-05


Page 23 of 67

[SPFC-SW-0075] The SPFC software shall automatically detect when a FP is connected to the feed and report on missing sub-elements (Refines: SPFC-0026). [SPFC-SW-0076] The overall SPF system health status shall be reported, which is a rolled up status based on all FP and services device-status sensors (Refines: SPFC-0023).

[SPFC-SW-0077] The SPFC shall monitor all control lines of the vacuum pump to determine its status as per §3.3.2.2.

[SPFC-SW-0078] The SPFC shall monitor all communication and control lines of the helium compressor to determine its status as per §3.3.2.3.

[SPFC-SW-0079] The SPFC shall implement a built-in self-test (BIT) to determine its health status (Refines: SPFC-0058, SPFC-0059). [SPFC-SW-0080] Part of the BIT shall include a power-on self-tests (POST) that is included in the Linux operating system e.g. memory, wear levelling and interrupts.

3.2.2.2 Alarms

[SPFC-SW-0081] The SPFC shall be able to set the level of reporting of alarms to the LMC (Refines: SPFC-0027). [SPFC-SW-0082] When an alarm condition is detected, the SPFC shall report the alarm to the LMC within 3 seconds (Refines: SPFC-0029). [SPFC-SW-0083] An alarm shall be triggered by the SPFC if a condition or failure exist where a hazard to equipment or personnel is posed or where the effectiveness of a sub-element is reduced (Refines: SPFC-0030). [SPFC-SW-0084] The SPFC shall report no alarms for FPs not fitted (Refines: SPFC-0031).

[SPFC-SW-0085] The alarm message from the SPFC to the LMC shall contain the following information (Refines: SPFC-0028):

• Time of detection of condition

• Description of the condition

• Justification for raising the alarm:

o Conditional data measured

o Identification of source

o Logic to evaluate the data.

[SPFC-SW-0086] The SPFC shall trigger an alarm for the following conditions (Refines: SPFC-0030):

• Sensor value not within configured limits

• SPFC error

• FP error

• Vacuum error

• Helium error.

3.2.2.3 Events

[SPFC-SW-0087] The SPFC shall be able to set the level of reporting of events to the LMC (Refines: SPFC-0032).

[SPFC-SW-0088] The SPFC shall report the following events to the LMC (Refines: SPFC-0033):

• Changes in states and modes and any sub-element state and mode as required by the LMC.

• Changes in health status.

[SPFC-SW-0089] The SPFC shall report no events for missing FPs (Refines: SPFC-0034).


SKA-TEL-DSH-0000104 4 2018-09-05


Page 24 of 67

3.2.2.4 Logs

[SPFC-SW-0090] The SPFC shall be able to set the level of reporting of logging information to the LMC (Refines: SPFC-0035). [SPFC-SW-0091] The SPFC shall report log messages to the LMC at the chosen log level (Refines: SPFC-0036). [SPFC-SW-0092] The SPFC shall report no log messages to the LMC for missing FPs (Refines: SPFC-0037).

[SPFC-SW-0093] All sensor data shall be logged with a UNIX time stamp to a Secure Digital (SD) card in a round robin scheme. [SPFC-SW-0094] Inactive log files shall be compressed and kept for a duration of 30 days on the SPFC, upon which it shall automatically be deleted (Refines: SPFC-0066). [SPFC-SW-0095] The SPFC shall not exceed 70% of the total amount of logging storage (Refines: SPFC-0067).

[SPFC-SW-0096] The SPFC shall be able to perform diagnostic logging. [SPFC-SW-0097] The SPFC shall be able to enable or disable the diagnostic logging without interfering with the operational software.

3.2.2.5 Sensors

[SPFC-SW-0098] The SPFC shall be able to set the level of reporting of sensor information to the LMC (Refines: SPFC-0038). [SPFC-SW-0099] The SPFC shall report drill-down monitoring points to the LMC to enable fault diagnostics of the SPF sub-element (Refines: SPFC-0039).

[SPFC-SW-0100] All FP sensor values shall be available as Tango attributes. [SPFC-SW-0101] All sensors shall report their own status over Tango and shall report when its value is in the warning or error ranges.

3.2.2.6 Faults and Failures

[SPFC-SW-0102] The SPFC shall report failures and the identification thereof based on the product structure and the failure mode, effects and criticality analysis (FMECA) to the LMC (Refines: SPFC-0040).

[SPFC-SW-0103] The SPFC shall identify faulty Line Replaceable Units (LRU) where applicable (Refines: SPFC-0041).

[SPFC-SW-0104] The SPFC shall report to the LMC monitoring points that are required for preventative maintenance or for predicting failures as identified in the FMECA (Refines: SPFC-0042).

[SPFC-SW-0105] The SPFC shall report no faults of missing FPs (Refines: SPFC-0043).

3.2.2.7 Automatic Safety Checks

[SPFC-SW-0106] The SPFC shall switch off the specific radio frequency equipment (RFE) temperature controller if its sensor value exceeds 320 K (Refines: SPFC-0012, SPFC-0154). [SPFC-SW-0107] The vacuum valve shall be closed if the cryostat or manifold pressure suddenly increases (Refines: SPFC-0013, SPFC-0155). [SPFC-SW-0108] The SPFC shall always do a valve safety check to confirm that the pressure in the vacuum manifold is acceptable, before opening the vacuum valve (Refines: SPFC-0014, SPFC-0156).

[SPFC-SW-0109] To limit the overall peak inrush current, the SPFC shall ensure that the SPFHe and SPFVac services are not switched on simultaneously (Refines: SPFC-0201).


SKA-TEL-DSH-0000104 4 2018-09-05


Page 25 of 67

3.2.3 Support

3.2.3.1 Remote Updates

3.2.3.1.1 Application Software Updates

[SPFC-SW-0110] The SPFC shall facilitate remote updates of the SPFC application software. (Refines: SPFC-0044). [SPFC-SW-0111] Remote software upgrades shall be implemented by a Linux package upgrader. [SPFC-SW-0112] The SPFC shall use a configuration file to point to a specific http or ftp server where new updates will be available.

3.2.3.1.2 Feed Package Upgrades

[SPFC-SW-0113] The SPFC shall facilitate remote updates of the firmware of connected FPs (Refines: SPFC-0045). [SPFC-SW-0114] The SPFC shall be able to individually disable a FP to start the firmware update process.

3.2.3.2 Load and Save Configuration Data

[SPFC-SW-0115] The SPFC shall be able to upload and download configuration and calibration files to a specified FP. [SPFC-SW-0116] The configuration files shall be made available by the SPFC via SSH file transfer protocol (SFTP).

3.2.3.3 Load and Save Metadata

[SPFC-SW-0117] The serial number of the SPFC shall be configurable.

[SPFC-SW-0118] The SPFC shall monitor the following metadata and report it to the LMC upon request (Refines: SPFC-0046, SPFC-0047, SPFC-0048, SPFC-0049, SPFC-0050):

• SPFC software version

• SPFC serial number

• SPFC total operation time

• Firmware version of all connected feed packages

• Serial numbers of all connected feed packages

• Firmware version of the helium compressor

• Serial number of the helium compressor

• Total operation time of a feed package.

3.2.3.4 Engineering Interface

[SPFC-SW-0119] The SPFC shall provide an engineering interface via its Ethernet port to allow remote access to it for detailed system diagnostics and maintenance (Refines: SPFC-0051). [SPFC-SW-0120] Remote access to the SPFC shall be via a secure socket shell (SSH) connection directly to the Linux operating system. [SPFC-SW-0121] The engineering interface of the SPFC shall have access control with username and password security. [SPFC-SW-0122] The SPFC shall allow a remote connection of simulator software for detailed operational diagnostics and low level control.


SKA-TEL-DSH-0000104 4 2018-09-05


Page 26 of 67

3.2.4 Performance Requirements

3.2.4.1 System Start-up

[SPFC-SW-0123] The SPFC shall perform its POST, operating system start-up and application initialisation in less than 5 minutes (Refines: SPFC-0052).

3.2.4.2 Processing Resources

[SPFC-SW-0125] The SPFC CSCI shall not exceed 80% of the available CPU processing time (Refines: SPFC-0055).

[SPFC-SW-0126] The SPFC shall be capable of maintaining all FPs in the fully powered up state for extended durations (Refines: SPFC-0056).

3.2.4.3 Data Latency

[SPFC-SW-0127] The latency introduced by the SPFC because of processing and hardware specific delays shall be less than 5s (Refines: SPFC-0061).

3.2.4.4 Mode Transition Times

[SPFC-SW-0128] The SPFC shall comply with the mode transition times as specified in [AD2] (Refines: SPFC-0062).

3.2.5 Specific Requirements for Stamp CoM Setup

3.2.5.1 Clock Speeds

The Main Clock Oscillator (crystal) on the Stamp runs at 18.432 MHz. (125) [SPFC-SW-0129] The phase locked loop A (PLLA) shall be derived from the main clock to run at 396 MHz (Refines: SPFC-0096). (126) [SPFC-SW-0130] The PLLA shall be selected to be used as the Master as well as the Processor clock speed.

3.2.5.2 Peripherals

The following peripherals on the Stamp CoM shall be disabled.

• [SPFC-SW-0131] USB ports shall not be used in the SPFC. Both the USB Host port clock and the USB Device port clock shall be disabled (Refines: SPFC-0096).

• [SPFC-SW-0132] The USART 5 port shall be disabled.

3.2.5.3 Watchdog Timer

[SPFC-SW-0133] Each independent FP thread shall be monitored by a watchdog timer (WDT) that shall restart the thread if the time-out is reached. [SPFC-SW-0134] If a specific thread cannot be restarted, the whole application software shall be restarted with a system reboot. [SPFC-SW-0135] An automatic restart of the application software shall be initiated if an unhandled exception occurs. [SPFC-SW-0137] If the SPFC CSCI is unresponsive for more than 10s, it shall automatically be restarted by the WDT (Refines: SPFC-0063, SPFC-0186).


SKA-TEL-DSH-0000104 4 2018-09-05


Page 27 of 67

3.2.6 Application Software Control Logic

An overview of the application software is displayed in Figure 4 and described in more detail below.

Application Software on SPFC

Tango Device Server

SPFC Control Block(Sensor & Control Values;

Health Status)

SPF2 SM (Sampling & State Machine Control)

SPFVac SM (Sampling & State

Machine Control)

To SPFVac

To SPF2

Ethernet port

SPFHe SM (Sampling & State

Machine Control)


To SPF1


To SPF345

To SPFHe

SPF1 Comm

Protocol

SPF2 Comm

Protocol

SPF345 Comm

Protocol

SPFHe Comm

Protocol

SPFVac Comm

Protocol

Figure 4: Application software code blocks.

3.2.6.1 Tango Device Server

[SPFC-SW-0138] The TDS shall create a communication channel via Ethernet for clients to connect to using the Tango protocol (Refines: SPFC-0076). [SPFC-SW-0139] The TDS shall translate the Tango commands and attribute requests and pass it on to the SPFC control block. [SPFC-SW-0140] The TDS shall continuously run in its own thread and shall be independent of other SPFC application threads.


SKA-TEL-DSH-0000104 4 2018-09-05


Page 28 of 67

3.2.6.2 SPFC Control Block

The SPFC control block is the central part of the SPFC application software. [SPFC-SW-0141] It shall aggregate the necessary sensor values and health status of the sub-elements. [SPFC-SW-0142] The SPFC shall provide the requested sensor values to the TDS upon request. [SPFC-SW-0143] The SPFC control block shall raise the necessary events and alarms when such conditions occur.

[SPFC-SW-0144] The SPFC control block shall manage all corresponding threads and state machines of the sub-elements.

3.2.6.3 Vacuum Pump Controller

[SPFC-SW-0145] The SPF services control block shall independently control services when required by either the LMC or the FPs (Refines: SPFC-0022). [SPFC-SW-0146] The vacuum service state machine shall at least have the states as shown in Figure 5. The following applies:

• [SPFC-SW-0147] The vacuum service SM shall be in the OFF state when the SPFVac is powered down.

• [SPFC-SW-0148] The vacuum service SM shall be in the TEMPERATURE OUT OF RANGE state when the SPFVac is in its OPERATIONAL TOO COLD state due to the ambient temperature being too cold to create a vacuum and needs to wait for the temperature to rise before it can create a vacuum.

• [SPFC-SW-0149] The vacuum service SM shall be in the OPERATIONAL state when the SPFVac is operating according to the specifications of [RD2].

• [SPFC-SW-0150] The vacuum service SM shall be in the UNAVAILABLE state when an error occurred that prevents the SPFVac from operating according to its specifications given in [RD2].

[SPFC-SW-0151] The SPFC shall be able to automatically switch the vacuum pump ON or OFF as required by the different FPs (Refines: SPFC-0022). [SPFC-SW-0152] A Tango client shall be able to manually switch the vacuum pump ON or OFF (Refines: SPFC-0022). [SPFC-SW-0153] A Tango client shall be able to enable or disable the vacuum pump control (Refines: SPFC-0022).

Figure 5: SPFVac state machine.

Ok

Fail

Degraded

Comms-on &Enabled?

Initialize

Yes

No

Off

Maintenance

Unavailable

comms-on & enabled

From any s tate

Device-status(overall health)

StatesNominalWarning

Error

Operational

From any s tate

From any s tate

Temperature Out of Range

Error Unavailable


SKA-TEL-DSH-0000104 4 2018-09-05


Page 29 of 67

3.2.6.4 Helium Compressor Controller

[SPFC-SW-0154] The helium service SM shall at least have the states as shown in Figure 6. The following applies:

• [SPFC-SW-0155] The helium service SM shall be in the OFF state when the SPFHe is powered down.

• [SPFC-SW-0156] The helium service SM shall be in the OPERATIONAL state when the SPFHe is operating as per its fully operating conditions given in [RD1].

• [SPFC-SW-0157] The helium service SM shall be in the LOW-PRESSURE state when the helium needs to be replenished, but is still able to operate according to the specifications of [RD1].

• [SPFC-SW-0158] The helium service SM shall be in the UNAVAILABLE state when a communication error occurs on the SPFHe or if it is unable to operate according to the specifications of [RD1].

[SPFC-SW-0159] The SPFC shall be able to automatically switch the helium compressor ON or OFF as required by the different FPs (Refines: SPFC-0022). [SPFC-SW-0160] A Tango client shall be able to manually switch the helium compressor ON or OFF (Refines: SPFC-0022). [SPFC-SW-0161] A Tango client shall be able to reset the helium compressor (Refines: SPFC-0022). [SPFC-SW-0162] A Tango client shall be able to override and switch off the helium compressor and disable the helium compressor controller (Refines: SPFC-0022).

Ok

Fail

Degraded

Comms-on &Enabled?

Initialize

Yes

No

Off

Reset

Maintenance

Unavailable

comms-on & enabled

From any s tate

Device-status(overall health)


Error

Operational

From any s tate

From any s tate

Low Pressure(Operational)

Error

Figure 6: SPFHe state machine.


SKA-TEL-DSH-0000104 4 2018-09-05


Page 30 of 67

3.2.6.5 Feed Package Control Block

[SPFC-SW-0163] All commands and requests for each FP shall be placed in a queue and shall be processed sequentially. [SPFC-SW-0164] FP sensors and FP data shall be monitored continuously at 1 Hz. [SPFC-SW-0165] FP sensor data shall be temporary saved into a rolling buffer from where the latest values shall be logged and be made available to send over the Tango interface. [SPFC-SW-0166] Each FP SM shall continuously execute in its own thread and communicate independently with its respective band feed package controller (FPC).

3.2.6.5.1 Band 1 FPC

The FP SM diagram is shown in Figure 7 with a description of each state in Table 6. The following applies:

• [SPFC-SW-0244] The default start-up state shall be user selectable to be either STANDBY-LP or OPERATE.

• [SPFC-SW-0245] The Band 1 FPC shall be in the STANDBY-LP mode when the SPF1 is ready to fully function and the LNA temperature control is switched off (Refines: SPFC-0018).

• [SPFC-SW-0246] If OPERATE is selected as the default start-up state, the Band 1 FPC shall automatically transition from STANDBY-LP to the next required states to reach the OPERATE mode with an OPERATE-FULL capability state, if the SPF1s performance is within specifications (Refines: SPFC-0020).

• [SPFC-SW-0247] If OPERATIONAL is requested from the Tango interface, the Band 1 FPC shall automatically transition from its current state to the next required states to reach the OPERATE mode with an OPERATE-FULL capability state, if the SPF1s performance is within specifications (Refines: SPFC-0020).

• [SPFC-SW-0248] If the SPF1 is fully functional, but its performance is not within its specifications, the Band 1 FPC shall transition to the OPERATE-DEGRADED capability state (Refines: SPFC-0019).

• [SPFC-SW-0249] The RF power shall only be switched ON or OFF with Tango requests.

• [SPFC-SW-0250] In the event of an error occurs which renders the SPF1 not fully functional, the Band 1 FPC shall transition to the ERROR state.

• [SPFC-SW-0251] The Band 1 FPC shall transition to the UNAVAILABLE state when no communication can be established with the SPF1.

• [SPFC-SW-0252] The Band 1 FPC shall transition to the MAINTENANCE mode when requested via the Tango interface.


SKA-TEL-DSH-0000104 4 2018-09-05


Page 31 of 67

Figure 7: SPF1 state machine.

Fail

Degraded

OK

Unavailable(expected online)

Error

Soft-Off

StartupState?

TransitionalMaintenance

Unavailable (not expected

online)

Availablecontrolled

RX detected

Error Corrected

RX Detected

Degraded Performance

Soft-off

Warm-operational

From any state

From any state

Warm-Operational

Nominal

Warning

Error

StatesDevice-status

(overall health)


SKA-TEL-DSH-0000104 4 2018-09-05


Page 32 of 67

Table 6: SPF1 mode description

SPF Capability State

FP Mode Description

Un

avai

lab

le OFFLINE

The SPF1 is either not installed (and not expected to be online) or no communication can be established (expected to be online)

ERROR This indicates that an error has occurred and that the SPF1 is turned off

MAINTENANCE This is used during production or when the SPF1 is manually controlled while doing maintenance

Stan

db

y

STANDBY-LP The LNA’s and all temperature controllers are disabled.

Op

erat

e D

egra

ded

TRANSITIONAL The SPF1 is busy stabilizing the 1st stage LNA temperature in order to go to the AVAILABLE state. LNA heaters are enabled.

DEGRADED PERFORMANCE

The SPF1 is operational, but not able to meet specifications yet. From the AVAILABLE state: the 1st stage LNA temperature has moved outside expected nominal ranges.

Op

erat

e Fu

ll

AVAILABLE; TEMP STABILISED

The SPF1 package is fully operational and ready to be utilised. The 1st stage LNA temperature has stabilised and all critical sensor values are within their expected nominal ranges.

The data in Table 7 shows which states are mutual exclusive and which states can exist simultaneously.

Table 7: Mutual exclusivity (m) of the SPF1 states & modes (X = Can exist simultaneously. R = Required)

Un

avai

lab

le

Off

Tran

siti

on

al

De

grad

ed

Pe

rfo

rman

ce

Ava

ilab

le

Mai

nte

nan

ce

Erro

r

Serv

ices

Err

or

De

grad

ed

Unavailable m m m m X X m m

Off m m m m m m m m

Transitional m m m m m m m m

Degraded Performance m m m m m m X R

Available m m m m m m m m

Maintenance X m m m m m m m

Error X m m m m m m m

Services Error m m m X m m m m

Degraded m m m R m m m m


SKA-TEL-DSH-0000104 4 2018-09-05


Page 33 of 67

The variables referenced in Table 8 shall be user changeable. By default, their values are as follows:

• TLNA = H & V channel LNA temperature average

• TSLNA = 1st Stage temperature setpoint (selected from Table 4)

• TSO = Temperature setpoint maximum offset = 1.0 K

• TNO = Non-operational temperature = 320 K

• TWOE = Warm operational error temperature = 315 K

Table 8: SPF1 state definitions

Feed Package States Sensor & Equipment States

Primary States

States / Modes Typical LNA Temperatures

(TLNA) RF Power

Un

avai

lab

le OFFLINE undetermined undetermined

MAINTENANCE = Amb user select

ERROR undetermined Off

Stan

db

y

STANDBY-LP = Amb Off

Op

era

te

De

grad

ed

TRANSITIONAL TLNA < TWOE Off

DEGRADED TNO > TLNA > TWOE user select

Op

era

te

Full WARM OPERATIONAL

(CONTROLLED) TSLNA - TSO ≤ TLNA ≤ TSLNA + TSO On

3.2.6.5.2 Band 2 FPC

The Band 2 FP SM diagram is shown in Figure 8. A description of each state is given in Table 9. The following applies:

• [SPFC-SW-0167] The Band 2 default start-up state shall be user selectable to be either STANDBY-LP or OPERATE.

• [SPFC-SW-0168] The Band 2 FPC shall be in the STANDBY-LP mode when the SPF2 is ready to fully function and the cooling system is switched off (Refines: SPFC-0018).

• [SPFC-SW-0169] If OPERATE is selected as the default start-up state, the Band 2 FPC shall automatically transition from STANDBY-LP to the next required states to reach the OPERATE mode with an OPERATE-FULL capability state, if the SPF2s performance is within specifications (Refines: SPFC-0020).


SKA-TEL-DSH-0000104 4 2018-09-05


Page 34 of 67

• [SPFC-SW-0170] If OPERATIONAL is requested from the Tango interface, the Band 2 FPC shall automatically transition from its current state to the next required states to reach the OPERATE mode with an OPERATE-FULL capability state, if the SPF2s performance is within specifications (Refines: SPFC-0020).


• [SPFC-SW-0172] The Band 2 RF power shall only be switched ON or OFF with Tango requests.

• [SPFC-SW-0173] The Band 2 FPC shall transition to the REGENERATION state when requested via the Tango interface if in MAINTENANCE mode.


• [SPFC-SW-0175] The Band 2 FPC shall transition to the UNAVAILABLE state when no communication can be established with the SPF2 (Refines: SPFC-0017).



Degraded

Fail

Ok

Startup State?

RX Detected

Soft-Off

Soft-off

Transitional

Error

Available

Cold-operational

ErrorCorrected

Finalstabilisation

Soft-off

Cold-operational

Regene-ration

DegradedPerformance

Initiateregeneration

P & T (un)stable

Maintenance

Fromany state

From any state

Device-status(ove rall health)


Error


Unavailable(not expected

online)

RX DetectedSoft-off

Regen pending

Regenerate

Timeout


SKA-TEL-DSH-0000104 4 2018-09-05


Page 35 of 67

Table 9: SPF2 states description

SPF State FP State Description U

nav

aila

ble

OFFLINE The SPF2 is either not installed (and not expected to be online) or no communication can be established (expected to be online)



Stan

db

y

STANDBY-LP The cryocooler, LNA’s and both temperature controllers are disabled. The vacuum valve is closed.

Op

erat

e D

egra

ded

REGENERATION

The SPF2 is warming up in order to release and evacuate the gas particles that have been accumulated on the cryogenic surfaces and the charcoal trap during cryopumping. After this regeneration process the SPF2 is cooled down to the AVAILABLE state again.

REGEN PENDING

The SPF2 is still operational, but waiting for the vacuum pump to become available in order to go to the REGENERATION state.

TRANSITIONAL The SPF2 is busy cooling down in order to go to the AVAILABLE state. A vacuum is created in the cryostat and the cryocooler is enabled.


The SPF2 is operational, but not able to meet specifications yet. From the AVAILABLE state: Either the RFE 1st stage temperature has increased (unstable) or the pressure in the cryostat has increased above the expected nominal ranges. A higher temperature control set-point could stabilize the temperature, otherwise a cryostat regeneration might be required in order to attain the AVAILABLE state again.

Op

erat

e Fu

ll

AVAILABLE The SPF2 is fully cold, operational and ready to be utilised. The RFE 1st stage temperature has stabilised and all critical sensor values are within their expected nominal ranges


The variables referenced in Table 11 shall be user changeable. By default, their values are as follows:

• Cryocooler On Pressure = PCO = 5 x 10-2 mbar

• Cryopumping Pressure = PCP = 1 x 10-2 mbar

• Cryopumping Pressure Error = PCPE = 1 x 10-1 mbar

• Cold Operational Temperature = TCO = 30 K

• Cold Operational Available Temperature range = ΔTCOA = 1K

• RFE1 Temperature Setpoint = TSRFE1


SKA-TEL-DSH-0000104 4 2018-09-05


Page 36 of 67


Un

avai

lab

le

Off

Tran

siti

on

al

De

grad

ed

Pe

rfo

rman

ce

Ava

ilab

le

Mai

nte

nan

ce Er

ror

Serv

ices

Er

ror

De

grad

ed


Off m m m m m m m m









Feed Package States Sensor & Equipment States

Primary States

States / Modes

Vacuum Valve state

Vacuum Manifold Pressure

(PM)

Cryostat Pressure

(PC)

Typical LNA Temperatures

(TLNA)

Cooler Motor state

RF Power

Un

avai

lab

le OFFLINE

undeter-mined

undeter-mined

undeter-mined

undetermined undeter-

mined undeter-

mined

MAINTENANCE user

select user

select user

select <= Amb

user select

user select

ERROR closed n/a undeter-

mined undetermined off off

Stan

db

y

STANDBY-LP closed n/a <= Atm <= Amb off off

Op

erat

e

Deg

rad

ed

TRANSITIONAL SM

controlled PCO < PM <

Atm PCO < PC <

Atm TCO < TRFE1 <

Amb SM

controlled user

select

DEGRADED SM

controlled PM < PCO

PCP < PC < PCPE.

TCO < TRFE1 < Amb

on user

select

Op

erat

e

Full COLD

OPERATIONAL closed n/a PC < PCP

TSRFE1 - ΔTCOA

≤ TRFE1 ≤ TSRFE1 + ΔTCOA

on user

select


SKA-TEL-DSH-0000104 4 2018-09-05


Page 37 of 67

3.2.6.5.3 Band 345 FPC

The Band 345 FP SM diagram is shown in Figure 9. A description of each state is given in Table 12. The following applies:

• [SPFC-SW-0253] The Band 345 default start-up state shall be user selectable to be either STANDBY-LP or OPERATE.

• [SPFC-SW-0254] The Band 345 FPC shall be in the STANDBY-LP mode when the SPF345 is ready to fully function and the cooling system is switched off (Refines: SPFC-0018).

• [SPFC-SW-0255] If OPERATE is selected as the default start-up state, the Band 345 FPC shall automatically transition from STANDBY-LP to the next required states to reach the OPERATE mode with an OPERATE-FULL capability state, if the SPF345’s performance is within specifications (Refines: SPFC-0020).

• [SPFC-SW-0256] If OPERATIONAL is requested from the Tango interface, the Band 345 FPC shall automatically transition from its current state to the next required states to reach the OPERATE mode with an OPERATE-FULL capability state, if the SPF345’s performance is within specifications (Refines: SPFC-0020).


• [SPFC-SW-0258] The Band 345 RF power shall only be switched ON or OFF with Tango requests.

• [SPFC-SW-0259] The Band 345 FPC shall transition to the REGENERATION state when requested via the Tango interface if in MAINTENANCE mode.


• [SPFC-SW-0261] The Band 345 FPC shall transition to the UNAVAILABLE state when no communication can be established with the SPF345 (Refines: SPFC-0017).



SKA-TEL-DSH-0000104 4 2018-09-05


Page 38 of 67


Table 12: SPF345 states description

SPF State FP State Description

Un

avai

lab

le OFFLINE

The SPF345 is either not installed (and not expected to be online) or no communication can be established (expected to be online)



Stan

db

y

STANDBY-LP The cryocooler, LNA’s and all temperature controllers are disabled. The vacuum valve is closed.

Op

erat

e

Deg

rad

ed

REGENERATION

The SPF345 is warming up in order to release and evacuate the gas particles that have accumulated during cryopumping. After this regeneration process the SPF345 is cooled down to the AVAILABLE state again.

REGEN PENDING

The SPF345 is still operational, but waiting for the vacuum pump to become available in order to go to the REGENERATION state.

Degraded

Fail

Ok

Startup State?

RX Detected

Soft-Off

Soft-off

Transitional

Error

Available

Cold-operational

ErrorCorrected

Finalstabilisation

Soft-off

Cold-operational

Regene-ration

DegradedPerformance

Initiateregeneration

P & T (un)stable

Maintenance

Fromany state

From any state

Device-status(ove rall health)


Error


Unavailable(not expected

online)

RX DetectedSoft-off

Regen pending

Regenerate

Timeout


SKA-TEL-DSH-0000104 4 2018-09-05


Page 39 of 67

SPF State FP State Description

TRANSITIONAL The SPF345 is busy cooling down in order to go to the AVAILABLE state. A vacuum is created in the cryostat and the cryocooler is enabled.


The SPF345 is operational, but not able to meet specifications yet. From the AVAILABLE state: Either the RFE 1st stage temperature has increased (unstable) or the pressure in the cryostat has increased above the expected nominal ranges. A higher temperature control set-point could stabilize the temperature, otherwise a cryostat regeneration might be required in order to attain the AVAILABLE state again.

Op

erat

e Fu

ll

AVAILABLE The SPF345 is fully cold, operational and ready to be utilised. The RFE 1st stage temperature has stabilised and all critical sensor values are within their expected nominal ranges



Un

avai

lab

le

Off

Tran

siti

on

al

De

grad

ed

Pe

rfo

rman

ce

Ava

ilab

le

Mai

nte

nan

ce Er

ror

Serv

ice

s

Erro

r

De

grad

ed


Off m m m m m m m m








The following variables referenced in Table 14 shall be user changeable. By default, their values are as follows:

• Cryocooler On Pressure = PCO = 5 x 10-2 mbar

• Cryopumping Pressure = PCP = 1 x 10-2 mbar

• Cryopumping Pressure Error = PCPE = 1 x 10-1 mbar

• Turbopump On pressure = PTO = 1 x 10-2 mbar

• Cold Operational Temperature = TCO = 30 K

• Cold Operational Available Temperature range = ΔTCOA = 1K

• RFE1 Temperature Setpoint = TSRFE1


SKA-TEL-DSH-0000104 4 2018-09-05


Page 40 of 67


Feed Package States

Sensor & Equipment States

Primary States

States / Modes

Vacuum Valve state

Vacuum Manifold

Pressure (PM)

Cryostat Pressure

(PC)

Typical LNA Temperatures

(TLNA)

Cooler Motor state

Turbo pump power

RF Power

Un

avai

lab

le

OFFLINE undeter-

mined undeter-mined

undeter-mined

undetermined undeter-

mined off

undeter-mined

MAINTE-NANCE

user select

user select user

select <= Amb

user select

user select

user select

ERROR closed n/a Undeter-

mined undetermined off off off

Stan

db

y

STANDBY-LP

closed n/a <= Atm <= Amb off off off

Op

erat

e

Deg

rad

ed TRANSI-

TIONAL SM

controlled PCO < PM < Atm

PCO < PC < Atm

TCO < TRFE1 < Amb SM

controlled SM

controlled user

select

DEGRADED SM

controlled PM < PCO

PCP < PC < PCPE.

TCO < TRFE1 < Amb on off user

select

Op

erat

e

Full

COLD OPERA-TIONAL

closed n/a PC < PCP TSRFE1 - ΔTCOA

≤ TRFE1 ≤ TSRFE1 + ΔTCOA

on off user

select

3.3 SPFC External Interface Requirements

The SPFC external interface diagram is given in Figure 1. The details of each interface are given in the subsections that follow.

3.3.1 LMC_SPF (I.M.LMC_SPF.01)

[SPFC-SW-0177] The SPFC shall conform to the Tango interface requirements detailed in [AD3] (Refines: SPFC-0073, SPFC-0074, SPFC-0075).

[SPFC-SW-0178] The SPFC shall always allow SFTP and SSH connections on the LMC_SPF interface, using default ports (Refines: SPFC-0049). These connections are used for remote low-level control and debugging.

3.3.2 DFN (I.M.DFN_SPF.05)

The DFN is a physical interface and within it are several logic interfaces. These logic interfaces are between the SPFC and the various sub-elements. The logical interfaces are described the following subsections.


SKA-TEL-DSH-0000104 4 2018-09-05


Page 41 of 67

3.3.2.1 Feed Package Interfaces (SPF IIF01, SPF IIF02, SPF IIF03)

[SPFC-SW-0179] The SPFC shall be able to simultaneously connect to 3 FPs over 3 UART over fibre communication interfaces.

[SPFC-SW-0180] The SPFC shall conform to the interface requirements given in [AD4] for SPF1, [AD5] for SPF2 and [AD6] for SPF345 (Refines: SPFC-0064, SPFC-0078, SPFC-0079, SPFC-0080).

3.3.2.2 Vacuum Pump Interface (SPF IIF04)

[SPFC-SW-0181] The SPFC shall conform to the interface requirements given in [AD7] (Refines: SPFC-0081).

[SPFC-SW-0182] The SFPC shall be able to manipulate two digital output control lines to the vacuum pump which represents “Start” and “Stop” control signals (Refines: SPFC-0081).

[SPFC-SW-0183] The SPFC shall be able to read two digital input lines which indicates 4 states: Offline, Online (too cold to operate), Ready (warm enough to operate) and Running (Refines: SPFC-0081). For more details, see [AD7].

3.3.2.3 Helium Compressor Interface (SPF IIF05)

[SPFC-SW-0184] The SPFC shall connect to the SPFHe via a UART over fibre interface and conform to the interface requirements given in [AD8] (Refines: SPFC-0082).

[SPFC-SW-0185] One digital output pin on the Stamp shall be allocated as a control line to the helium compressor which implements a “Reset” signal to the SPFHe Controller. [SPFC-SW-0186] One digital input pin shall be allocated as a feedback signal to the Stamp which indicates if the helium compressor is “Running”. For more details, see [AD8].

3.4 CSCI Internal Interface Requirements

The internal interfaces of the SPFC are shown in Figure 10. Each interface is described in the following subsections.


SKA-TEL-DSH-0000104 4 2018-09-05


Page 42 of 67

SPFC

Ethernet(PHY)

Stamp(ARM CPU)

ADCs

UART

IIF4

SD card

ETC

IIF1

IIF5

IIF3

IIF2

Figure 10: SPFC internal interfaces.

3.4.1 Ethernet Physical Layer (IIF1)

[SPFC-SW-0187] The media independent interface (MII) connection setup to the physical (PHY) layer shall be precompiled into the Linux file system image and managed by the Linux OS.

3.4.2 UART (IIF2)

The UART interface of the Stamp PCB represents all the UART interfaces of the SPFC. As per §3.3.2.1, the UART interface communicates with all the connected SPFs.

[SPFC-SW-0188] The setup of the programming and low level debug UART shall be precompiled in the Linux file system. [SPFC-SW-0189] The programming and debugging interface shall only allow local access to the SPFC, directly to the PCB.

3.4.3 SD Card (IIF3)

[SPFC-SW-0190] The SD card bus shall be available for logging data to an SD card.

3.4.4 Elapsed Time Counter (IIF4)

[SPFC-SW-0191] Provision shall be made to implement an elapsed time counter (ETC) over an I2C bus (Refines: SPFC-0050, SPFC-0186).


SKA-TEL-DSH-0000104 4 2018-09-05


Page 43 of 67

3.4.5 ADCs (IIF5)

[SPFC-SW-0192] ADCs for monitoring the on-board sensor values shall be implemented by using an I2C bus.

[SPFC-SW-0193] The four analogue inputs on the Stamp shall be implemented to monitor the voltage, current and on-board temperature SPFC, with one spare channel (Refines: SPFC-0057, SPFC-0070, SPFC-0188).

3.5 CSCI Internal Data Requirements

These requirements are left to the design.

3.6 Adaptation Requirements

[SPFC-SW-0194] The SPFC shall be configured with a fixed IPv4 address allocated by SKA.

3.7 Safety Requirements

[SPFC-SW-0195] The SPFC software classification shall be non-safety critical. Sufficient hardware interlocks shall be designed into the system to allow this classification.

3.8 Security and Privacy Requirements

[SPFC-SW-0196] The SPFC operating system shall be password protected to restrict unauthorised local or remote access.

3.9 CSCI Environment Requirements

[SPFC-SW-0197] The SPFC shall execute on the Taskit Stamp9G20 Computer on Module (CoM) which has an ARM architecture.

[SPFC-SW-0198] The SPFC shall execute on the Linux Ånström OpenEmbedded distribution which resides on the built-in flash memory of the Stamp CoM.

3.10 Computer Resource Requirements

3.10.1 Computer Hardware Requirements

[SPFC-SW-0199] The SPFC shall be executed on the Stamp CoM Atmel AT91SAM9G20 with ARM926EJ-S core MCU (Refines: SPFC-0068, SPFC-0069, SPFC-0182). [SPFC-SW-0200] The Stamp CoM shall have the following hardware requirements (Refines: SPFC-0183, SPFC-0184, SPFC-0186):

• Variable CPU speed setting

• 128 MB SD RAM

• 512 MB Flash

• 1x 10/100 Ethernet MAC

• 6x UART

• 1x I2C

• 1x SD Card with 8GB capacity


SKA-TEL-DSH-0000104 4 2018-09-05


Page 44 of 67

• 1x 4 Channel ADC

• 16x Digital I/O ports

• Watchdog timer

Refer to [RD1] for more details on the Stamp CoM.

3.10.2 Computer Hardware Resource Utilisation Requirements

[SPFC-SW-0201] The hardware capacities given in Table 15 shall not be exceeded by the SPFC as a design goal (Refines: SPFC-0055).

Table 15: SPFC hardware resource utilisation requirements

Item Specification Capacity [%]

CPU CPU time 80

SD RAM 128 MB 50

Flash 512 MB 50

External storage (SD Card) 4 GB 70

Ethernet Bits per second 50

3.10.3 Computer Software Requirements

[SPFC-SW-0202] The SPFC shall as far as possible use features provided by the embedded OS to implement (Refines: SPFC-0182):

• Power-On Self-Test (POST).

• Loading of the SPFC executable on power-up.

• Downloading of software updates.

• Allowing remote access to the system.

3.10.4 Computer Communications Requirements

3.10.4.1 Ethernet interface

[SPFC-SW-0203] The monitoring data rate on the Ethernet interface shall not exceed 200 kbps (Refines: SPFC-0060). [SPFC-SW-0204] Control messages over the Ethernet interface shall not exceed 10 kbps.

3.10.4.2 Serial UART interfaces

[SPFC-SW-0205] The serial UART interfaces shall be configured for low speed data transmission. The following settings shall be used, except of defined otherwise in respective ICDs:

• 19200 baud rate

• 8 data bits

• 1 stop bit

• No parity


SKA-TEL-DSH-0000104 4 2018-09-05


Page 45 of 67

3.10.4.3 Programming and low level debug interface

[SPFC-SW-0206] The programming and low level debug interface shall have the following configuration parameters:

• 115200 baud rate

• 8 data bits

• 1 stop bit

• No parity

3.11 Software Quality Factors

The following software quality factors shall be adhered to as far as possible. Standard EMSS Antennas in-house coding standards will be adhered to.

3.11.1 Reliability

[SPFC-SW-0207] The SPFC shall be reliable in the sense that the application can run for extended periods of time of at least 12 months continuous operation (Refines: SPFC-0111). [SPFC-SW-0208] The SPFC software shall recycle its resources, implement circular buffers and have no memory leaks as detected by reasonable profiling and testing. [SPFC-SW-0209] The SPFC operation shall be consistent and repeatable with the same input conditions. [SPFC-SW-0210] The SPFC software shall be based on sound software design principles and design patterns.

3.11.2 Maintainability

[SPFC-SW-0211] To ensure maintainability of the SPFC, it shall have a modular design as far as possible.

3.11.3 Availability

[SPFC-SW-0212] The SPFC software, when executing, shall always be available for sub-elements to communicate with it. [SPFC-SW-0213] The SPFC shall not have a state where authorised local or remote access is denied.

3.11.4 Flexibility

[SPFC-SW-0214] The SPFC shall be flexible to accompany new requirements and system specifications.

3.11.5 Portability

[SPFC-SW-0215] The SPFC shall, as far as possible, be portable in the sense that it can be ported to another hardware or software (OS) platform. This will mitigate possible future legacy issues.

3.11.6 Reusability

[SPFC-SW-0216] The software modules and objects shall be implemented in such a way as to promote software reusability.

3.11.7 Usability

There are no usability requirements for the SPFC software.


SKA-TEL-DSH-0000104 4 2018-09-05


Page 46 of 67

3.11.8 Design

[SPFC-SW-0218] A modular software design method shall be used to ensure encapsulation of functionality.

3.12 Design and Implementation Constraints

[SPFC-SW-0219] The SPFC shall be implemented in C/C++.

3.13 Personnel Related Requirements

Personnel expected to support the SPFC should have detailed knowledge of the hardware, the Stamp CoM, the Linux operating system, the C/C++ computer language as well as the Tango Control System interface.

3.14 Training Related Requirements

There are no training requirements for the SPFC CSCI.

3.15 Logistics Related Requirements

3.15.1 System Maintenance

[SPFC-SW-0220] Software maintenance shall be handled by EMSS Antennas. [SPFC-SW-0221] Any software fixes or upgrades shall be handled under the terms of the contracts in place. [SPFC-SW-0222] Preventative system maintenance shall be provided by EMSS Antennas under a separate maintenance contract if needed.

3.15.2 Software Support

[SPFC-SW-0223] First line software support shall be given by EMSS Antennas. [SPFC-SW-0224] A remote connection to the SPFC shall be available to perform remote software support, as detailed in §3.2.3.4.

3.15.3 System Transportation

[SPFC-SW-0225] The SPFC software shall be transported in a binary package form, and shall be pre-installed on the SPFC hardware. [SPFC-SW-0226] Updates of the SPFC software shall be performed via its OS and requesting a new binary package from a specified server on the network.

3.16 Other Requirements

None.

3.17 Packaging Requirements

[SPFC-SW-0227] The SPFC application software shall be remotely updated to a distribution server on the SKA network and no physical media shall be used for SPFC software installation. [SPFC-SW-0228] All CSCI and data items shall be safely stored in a repository of the client’s choice.


SKA-TEL-DSH-0000104 4 2018-09-05


Page 47 of 67

3.18 Precedence and Criticality Requirements

All requirements have equal precedence and assessed criticality.

3.19 Development Method and Testing

[SPFC-SW-0229] The SPFC software design philosophy shall be implemented on cycles of the waterfall method as depicted in Figure 11. [SPFC-SW-0230] The software development shall be an iterative process adding more detail and functionality with each cycle.

Figure 11: The waterfall design methodology.

[SPFC-SW-0231] All software shall be tested and debugged on a PC before it is uploaded to any hardware. [SPFC-SW-0232] It shall be preferred to have a Company Software Standard in place before software development commences.

An overview of the Test Interface(s) (TI) model is shown in Figure 12.


SKA-TEL-DSH-0000104 4 2018-09-05


Page 48 of 67

SPFC

Eth

ern

et

UA

RT

UA

RT

UA

RT

UA

RT

PW

R

I/O

SPF1 / SIM

SPF2 / SIM

SPF345 / SIM

SPFHe / SIM

SPFVac / SIM

220 VAC

I/O

Visual

Low Level Support:• Linux control and setup via SSH• File transfer via SFTP/SCP• ICMP (Ping)

SSH/SFTP/SCP/ICMP

Tango Clients:• SPFC Test Interface• LMC

Tango (TCP/IP)

1

2

3

4

5

6

7

8Fr

on

t P

anel

Dis

pla

yx

Legend:

Test Interface x

Figure 12: SPFC software development and testing model.

[SPFC-SW-0233] Low level engineering and support connections shall be made available to the SPFC via the Ethernet interface, as indicated by TI (1) in Figure 12 (Refines: SPFC-0051). [SPFC-SW-0234] The protocols allowed on the Ethernet interface of the SPFC shall be at least TCP/IP, SSH, SFTP and Internet Control Message Protocol (ICMP). [SPFC-SW-0235] Low level engineering and support shall include the following tests and operations:

• Connectivity tests via ICMP,

• Operating system control, setup and remote updates via SSH and SFTP/SCP, and

• Configuration and log file transfers via SFTP/SCP (Refines: SPFC-0051).

[SPFC-SW-0236] An SPFC interface testing graphical user interface (GUI) shall be developed in order to test the SPFC application software from TI (2) as seen in Figure 12. [SPFC-SW-0240] The front panel display shall serve as a visual test interface TI (3) for SPFC internal status. [SPFC-SW-0241] TI (4,5,6,7,8) shall be used to test the interfaces between SPF1, SPF2, SPF345, SPFHe and SPFVac respectively. These tests can either be done with external protocol simulators or production hardware).

3.20 Documentation

[SPFC-SW-0242] This system shall have a software test document (STD), describing the required software tests that shall be performed in order to qualify the software as well as a software test report (STR) to detail the qualification results.


SKA-TEL-DSH-0000104 4 2018-09-05


Page 49 of 67

4 VERIFICATION

4.1 Quality Conformance

4.1.1 Responsibility for Tests

[SPFC-SW-0243] The supplier shall perform all requirement verification and acceptance tests.

4.1.2 Special Tests and Examinations

None.

4.1.3 Requirements Validation Phases and Methods

The conformance verification test phases and the test methods to ensure that the requirements as defined in this document have been satisfied are summarized in Table 16 and Table 17 respectively.

Table 16: Test phases applicable to the SPFC

Abbr. Description

N/A Not applicable

DT Tested/verified during the development phase (first prototypes)

QT Tested/verified during qualification

AT Acceptance test during integration and manufacturing

Table 17: Test methods applicable to the SPFC

Verification Methods

Term Abbr. Description

Inspection I

The inspection of a characteristic either visually or by simple

measurement and compared against a drawing, standard or data sheet.

Verification by inspection implies that the measurement technique is

elementary enough to obviate a formal test procedure.

Analysis A Verification of a characteristic by means of analysis using appropriate

theoretical models.

Demonstration D Verifying a functional characteristic by means of actual demonstration

using the hardware itself.

Formal Test FT

The measurement of either mechanical or electrical characteristic using

standard measuring equipment. If the measurement technique or

equipment needed for the measurement is non-standard, it is described

under the appropriate test paragraph number.


SKA-TEL-DSH-0000104 4 2018-09-05


Page 50 of 67

4.2 Requirements Verification

Table 18: Requirements verification matrix

Requirement number & description

Test Phase Test Description

(& responsible party)

DT QT AT (Note: These test definitions serve

as framework for more detailed test instructions.)

[SPFC-SW-0001] The SPFC shall have the following internal modes. The interaction of the modes is shown in Figure 2. (Refines: SPFC-0001)

• OFF

• STARTUP

• STANDBY_LP

• OPERATE

• MAINTENANCE

• ERROR

I I Inspect SPFC CSCI source code

[SPFC-SW-0002] The SPFC shall have the following power states (Refines: SPFC-0002):

• LOW_POWER

• FULL_POWER


[SPFC-SW-0003] All modes and power states shall be reported to the LMC via the Tango interface upon request (Refines: SPFC-0003).

D D Demonstrate capability

[SPFC-SW-0004] The SPFC shall have the OFF mode set when the application is started.


[SPFC-SW-0005] The SPFC shall enter the OFF mode if a system reset is requested by the LMC as a maintenance command (Refines: SPFC-0004).


[SPFC-SW-0006] The SPFC shall exit the OFF mode automatically and enter the STARTUP mode with no delays when powered up.


[SPFC-SW-0007] The SPFC shall automatically enter the STARTUP mode when it is started by the operating system.


[SPFC-SW-0008] The SPFC shall ensure that no communication or external interrupts are active while residing in the STARTUP mode.

I D

Inspect SPFC CSCI source code and demonstrate capability during qualification by sending commands to the SPFC via external interfaces while its starting up

[SPFC-SW-0009] The SPFC shall perform the following operations once while entering the STARTUP mode:

• Initialise all structures, variables and constants from user defined initialisation (.ini) files.

• Initialise all I/O pins to the correct states.

• Open the serial ports for feed packages and helium service.

• Initialise and start feed packages, vacuum pump and helium service state machine.

• Start the SPFC Tango device server (TDS) for LMC communication.


[SPFC-SW-0010] The SPFC shall perform no continuous processing while in the STARTUP mode and shall exit the mode as soon as all system initialisation procedures are completed.



SKA-TEL-DSH-0000104 4 2018-09-05


Page 51 of 67






[SPFC-SW-0011] The SPFC shall exit the STARTUP mode and transition to the STANDBY_LP mode automatically if no errors were detected during initialisation (Refines: SPFC-0005).


[SPFC-SW-0012] The SPFC shall enter the ERROR state if an error is detected which prevents it from performing its functional requirements (Refines: SPFC-0015).

D D Simulate an error condition

[SPFC-SW-0013] The SPFC shall enter the STANDBY_LP mode from the STARTUP mode automatically if no errors were detected (Refines: SPFC-0005).


[SPFC-SW-0014] The SPFC shall enter the STANDBY_LP mode from any other mode if so requested by the LMC (Refines: SPFC-0007).


[SPFC-SW-0015] The SPFC shall ensure that all health status of the sub-elements is cleared when the transition to the STANDBY_LP mode is active.


[SPFC-SW-0016] The SPFC shall ensure that the helium compressor, vacuum pump and feeds are all in their respected Off modes if commanded to enter STANDBY_LP (Refines: SPFC-0006).


[SPFC-SW-0017] Estimate the time to full performance and report this value to the LMC (Refines: SPFC-0054).

D A Demonstrate an analyse the results

[SPFC-SW-0018] Execute state machines for the following sub-elements:

• Band 1 feed package



• Vacuum service

• Helium service.


[SPFC-SW-0019] Message decoding of the following systems and subsystems:

• LMC via the Tango interface

• Feed packages via their individual serial communication interfaces

• Helium controller via a serial interface.


[SPFC-SW-0020] Monitor and report on system status, sub-element status, sensors, alarms, events, faults and logs (Refines: SPFC-0021, SPFC-0023, SPFC-0024, SPFC-0025, SPFC-0028, SPFC-0033, SPFC-0036, SPFC-0042).

D D Demonstrate each of the capabilities by simulation of needed

[SPFC-SW-0021] The SPFC shall exit the STANDBY_LP mode and transition to a new mode only if requested by the LMC (Refines: SPFC-0004, SPFC-0005).


[SPFC-SW-0022] The SPFC shall enter the ERROR mode if an error is detected which prevents it from performing its functional requirements (Refines: SPFC-0015).

D D Demonstrate capability by simulating an error condition

[SPFC-SW-0023] The SPFC shall enter the OPERATE mode from the STANDBY_LP, MAINTENANCE or ERROR mode only upon request from the LMC.





SKA-TEL-DSH-0000104 4 2018-09-05


Page 52 of 67






[SPFC-SW-0025] Execute state machines for the following sub-elements:




• Vacuum service

• Helium service.


[SPFC-SW-0026] Message decoding of the following systems and subsystems:

• LMC via the Tango interface

• Feed packages via their individual serial communication interfaces

• Helium controller via a serial interface.


[SPFC-SW-0027] Monitor and report on system status, sub-element status, sensors, alarms, events, faults and logs (Refines: SPFC-0021, SPFC-0023, SPFC-0024, SPFC-0025, SPFC-0028, SPFC-0033, SPFC-0036, SPFC-0042).

D D Demonstrate each of the capabilities by simulation of needed

[SPFC-SW-0028] Estimate the time to full performance and report this value to the LMC (Refines: SPFC-0054).

D A Demonstrate an analyse the results

[SPFC-SW-0029] Continuously try to achieve FULL_PERFORMANCE power state (Refines: SPFC-0008).

I A Analyse sensor graphs during a simulated test run

[SPFC-SW-0030] Comply with all performance requirements (Refines: SPFC-0009).


[SPFC-SW-0032] The SPFC shall exit the OPERATE mode only if commanded by the LMC.




[SPFC-SW-0034] The SPFC shall enter the MAINTENANCE mode from other modes upon request from the LMC.




[SPFC-SW-0036] Either be in FULL_POWER or LOW_POWER states (Refines: SPFC-0011).


[SPFC-SW-0037] Configure its receivers to be safe for physical maintenance (Refines: SPFC-0012, SPFC-0153).


[SPFC-SW-0038] Enable the engineering interface (Refines: SPFC-0013).


[SPFC-SW-0039] Enable SPF sub-element firmware and software to be updated (Refines: SPFC-0014).


[SPFC-SW-0040] The SPFC shall exit the MAINTENANCE mode only if commanded by the LMC.





SKA-TEL-DSH-0000104 4 2018-09-05


Page 53 of 67






[SPFC-SW-0042] The ERROR mode is automatically entered from any mode if an error occurs which prevents the SPFC to perform its functional tasks (Refines: SPFC-0015).


[SPFC-SW-0043] Log the error to disk. The following information shall be contained in the error log:

• SPFC mode from which the error occurred.

• System health status.

• Sub-element state machine state.

• Hardware resource status

• Disk space

• Memory usage

• Communication port status


[SPFC-SW-0044] Notify all connected Tango clients that the SPFC is in its ERROR mode and thus not available for operation.


[SPFC-SW-0045] Provide debug information with the same content as the error log via the debug port, regardless if there is a terminal connected to it or not.


[SPFC-SW-0046] If communication with the LMC can be maintained, the SPFC shall remain in the ERROR mode until a new mode is requested by the LMC.


[SPFC-SW-0048] The application software shall control each FP with its own state machine as described in §3.2.6.5 (Refines: SPFC-0021).


[SPFC-SW-0049] The SPFC shall be able to individually switch the LNAs ON or OFF via a request from the Tango interface.


[SPFC-SW-0050] The vacuum valve on each FP shall be automatically controlled by its corresponding state machine.


[SPFC-SW-0051] The LMC shall be able to control the vacuum valve manually with a Tango command when in the MAINTENANCE mode.


[SPFC-SW-0052] The cryocooler motor shall either be controlled automatically by the state machine or by the LMC in the MAINTENANCE mode. It can be switched ON or OFF.


[SPFC-SW-0053] The SPFC shall have two temperature controllers for band 2 with the control options as shown in Table 4.


[SPFC-SW-0055] An LMC controlled signal via the Tango interface shall enable or disable the calibration source (in MAINTENANCE mode in a lab setup when the digitizer is bypassed) with a fibre control line directly from the SPFC.

D Demonstrate capability

[SPFC-SW-0056] The SPFC shall have a state machine which orchestrates vacuum pump control and status as per §3.2.6.3 (Refines: SPFC-0021, SPFC-0022).


[SPFC-SW-0057] The vacuum pump state machine shall execute in its own thread.


[SPFC-SW-0058] The SPFC shall be able to switch the vacuum pump ON and OFF as required by the different FPs.



SKA-TEL-DSH-0000104 4 2018-09-05


Page 54 of 67






[SPFC-SW-0059] The LMC shall be able to switch the vacuum pump ON and OFF via the Tango interface, while in MAINTENANCE mode.


[SPFC-SW-0060] The LMC shall be able to override and switch off the vacuum pump and disable the vacuum pump control via the Tango interface, while in operational or MAINTENANCE mode.


[SPFC-SW-0061] The SPFC shall have a state machine which orchestrates helium compressor control and status as per §3.2.6.4 (Refines: SPFC-0021, SPFC-0022).


[SPFC-SW-0062] The helium compressor state machine shall execute in its own thread.


[SPFC-SW-0063] The SPFC shall be able to switch the helium compressor ON and OFF via the helium compressor serial interface as required by the different FPs.


[SPFC-SW-0064] The LMC shall be able to switch the helium compressor ON and OFF via the Tango interface, while in MAINTENANCE mode.


[SPFC-SW-0065] The LMC shall be able to reset the helium compressor via the Tango interface, while in MAINTENANCE mode.


[SPFC-SW-0066] The LMC shall be able to override and switch the helium compressor OFF via the Tango interface, while in MAINTENANCE mode.


[SPFC-SW-0067] The SPFC shall report its active mode to the LMC when requested (Refines: SPFC-0003).


[SPFC-SW-0068] The health status of the SPFC shall be reported to the LMC upon request from the LMC (Refines: SPFC-0025).


[SPFC-SW-0069] The SPFC shall report to the LMC the capability status of each FP individually (Refines: SPFC-0024).

D A Demonstrate capability

[SPFC-SW-0070] The SPFC shall have the following aggregated capability states for each band independently which is reported to the LMC (Refines: SPFC-0016):

• UNAVAILABLE

• STANDBY

• OPERATE_DEGRADED

• OPERATE_FULL


[SPFC-SW-0071] The SPFC shall set SPFx to UNAVAILABLE if no communication to the SPFx can be established or if there are errors that render the SPFx not fully functional (Refines: SPFC-0017).

D D Demonstrate capability by simulating conditions

[SPFC-SW-0072] The SPFC shall set SPFx to STANDBY, if it is ready to fully function, and its cooling system is turned off (Refines: SPFC-0018).


[SPFC-SW-0073] The SPFC shall set an SPFx to OPERATE_DEGRADED if it is fully functional, but its performance is not within its specifications (Refines: SPFC-0019).


[SPFC-SW-0074] The SPFC shall set an SPFx to OPERATE_FULL if it is fully functional and its performance is within its specifications (Refines: SPFC-0020).



SKA-TEL-DSH-0000104 4 2018-09-05


Page 55 of 67






[SPFC-SW-0075] The SPFC software shall automatically detect when a FP is connected to the feed and report on missing sub-elements (Refines: SPFC-0026).


[SPFC-SW-0076] The overall SPF system health status shall be reported, which is a rolled up status based on all FP and services device-status sensors (Refines: SPFC-0023).


[SPFC-SW-0077] The SPFC shall monitor all control lines of the vacuum pump to determine its status as per §3.3.2.2.


[SPFC-SW-0078] The SPFC shall monitor all communication and control lines of the helium compressor to determine its status as per §3.3.2.3.


[SPFC-SW-0079] The SPFC shall implement a built-in self-test (BIT) to determine its health status (Refines: SPFC-0058, SPFC-0059).


[SPFC-SW-0080] Part of the BIT shall include a power-on self-tests (POST) that is included in the Linux operating system e.g. memory, wear levelling and interrupts.


[SPFC-SW-0081] The SPFC shall be able to set the level of reporting of alarms to the LMC (Refines: SPFC-0027).


[SPFC-SW-0082] When an alarm condition is detected, the SPFC shall report the alarm to the LMC within 3 seconds (Refines: SPFC-0029).

D FT Test the capability with a stopwatch

[SPFC-SW-0083] An alarm shall be triggered by the SPFC if a condition or failure exist where a hazard to equipment or personnel is posed or where the effectiveness of a sub-element is reduced (Refines: SPFC-0030).


[SPFC-SW-0084] The SPFC shall report no alarms for FPs not fitted (Refines: SPFC-0031).


[SPFC-SW-0085] The alarm message from the SPFC to the LMC shall contain the following information (Refines: SPFC-0028):

• Time of detection of condition

• Description of the condition

• Justification for raising the alarm:

o Conditional data measured

o Identification of source

o Logic to evaluate the data.


[SPFC-SW-0086] The SPFC shall trigger an alarm for the following conditions (Refines: SPFC-0030):

• Sensor value not within configured limits

• SPFC error

• FP error

• Vacuum error

• Helium error.


[SPFC-SW-0087] The SPFC shall be able to set the level of reporting of events to the LMC (Refines: SPFC-0032).



SKA-TEL-DSH-0000104 4 2018-09-05


Page 56 of 67






[SPFC-SW-0088] The SPFC shall report the following events to the LMC (Refines: SPFC-0033):

• Changes in states and modes and any sub-element state and mode as required by the LMC.

• Changes in health status.


[SPFC-SW-0089] The SPFC shall report no events for missing FPs (Refines: SPFC-0034).


[SPFC-SW-0090] The SPFC shall be able to set the level of reporting of logging information to the LMC (Refines: SPFC-0035).


[SPFC-SW-0091] The SPFC shall report log messages to the LMC at the chosen log level (Refines: SPFC-0036).


[SPFC-SW-0092] The SPFC shall report no log messages to the LMC for missing FPs (Refines: SPFC-0037).


[SPFC-SW-0093] All sensor data shall be logged with a UNIX time stamp to a Secure Digital (SD) card in a round robin scheme.


[SPFC-SW-0094] Inactive log files shall be compressed and kept for a duration of 30 days on the SPFC, upon which it shall automatically be deleted (Refines: SPFC-0066).


[SPFC-SW-0095] The SPFC shall not exceed 70% of the total amount of logging storage (Refines: SPFC-0067).


[SPFC-SW-0096] The SPFC shall be able to perform diagnostic logging.

D I Demonstrate capability

[SPFC-SW-0097] The SPFC shall be able to enable or disable the diagnostic logging without interfering with the operational software.

D D Demonstrate capability by enabling diagnostic logging during the whole qualification process

[SPFC-SW-0098] The SPFC shall be able to set the level of reporting of sensor information to the LMC (Refines: SPFC-0038).


[SPFC-SW-0099] The SPFC shall report drill-down monitoring points to the LMC to enable fault diagnostics of the SPF sub-element (Refines: SPFC-0039).


[SPFC-SW-0100] All FP sensor values shall be available as Tango attributes.


[SPFC-SW-0101] All sensors shall report their own status over Tango and shall report when its value is in the warning or error ranges.


[SPFC-SW-0102] The SPFC shall report failures and the identification thereof based on the product structure and the failure mode, effects and criticality analysis (FMECA) to the LMC (Refines: SPFC-0040).


[SPFC-SW-0103] The SPFC shall identify faulty Line Replaceable Units (LRU) where applicable (Refines: SPFC-0041).


[SPFC-SW-0104] The SPFC shall report to the LMC monitoring points that are required for preventative maintenance or for predicting failures as identified in the FMECA (Refines: SPFC-0042).


[SPFC-SW-0105] The SPFC shall report no faults of missing FPs (Refines: SPFC-0043).



SKA-TEL-DSH-0000104 4 2018-09-05


Page 57 of 67






[SPFC-SW-0106] The SPFC shall switch off the specific radio frequency equipment (RFE) temperature controller if its sensor value exceeds 320 K (Refines: SPFC-0012, SPFC-0154).

FT FT Test by simulating values

[SPFC-SW-0107] The vacuum valve shall be closed if the cryostat or manifold pressure suddenly increases (Refines: SPFC-0013, SPFC-0155).

FT FT Test by simulating values

[SPFC-SW-0108] The SPFC shall always do a valve safety check to confirm that the pressure in the vacuum manifold is acceptable, before opening the vacuum valve (Refines: SPFC-0014, SPFC-0156).


[SPFC-SW-0109] To limit the overall peak inrush current, the SPFC shall ensure that the SPFHe and SPFVac services are not switched on simultaneously (Refines: SPFC-0201).

I D Demonstrate capability

[SPFC-SW-0110] The SPFC shall facilitate remote updates of the SPFC application software. (Refines: SPFC-0044).

I I Inspect CSCI system configuration

[SPFC-SW-0111] Remote software upgrades shall be implemented by a Linux package upgrader.


[SPFC-SW-0112] The SPFC shall use a configuration file to point to a specific http or ftp server where new updates will be available.

D D Demonstrate capability as well as possible error conditions and recovery

[SPFC-SW-0113] The SPFC shall facilitate remote updates of the firmware of connected FPs (Refines: SPFC-0045).

D D Demonstrate capability as well as possible error conditions and recovery

[SPFC-SW-0114] The SPFC shall be able to individually disable a FP to start the firmware update process.

D FT Demonstrate capability by updating one FPs firmware while controlling another

[SPFC-SW-0115] The SPFC shall be able to upload and download configuration and calibration files to a specified FP.


[SPFC-SW-0116] The configuration files shall be made available by the SPFC via SSH file transfer protocol (SFTP).


[SPFC-SW-0117] The serial number of the SPFC shall be configurable.


[SPFC-SW-0118] The SPFC shall monitor the following metadata and report it to the LMC upon request (Refines: SPFC-0046, SPFC-0047, SPFC-0048, SPFC-0049, SPFC-0050):

• SPFC software version

• SPFC serial number

• SPFC total operation time

• Firmware version of all connected feed packages

• Serial numbers of all connected feed packages

• Firmware version of the helium compressor

• Serial number of the helium compressor

• Total operation time of a feed package.

I I Inspection

[SPFC-SW-0119] The SPFC shall provide an engineering interface via its Ethernet port to allow remote access to it for detailed system diagnostics and maintenance (Refines: SPFC-0051).

I I Inspection – this is covered by various other tests


SKA-TEL-DSH-0000104 4 2018-09-05


Page 58 of 67






[SPFC-SW-0120] Remote access to the SPFC shall be via a secure socket shell (SSH) connection directly to the Linux operating system.


[SPFC-SW-0121] The engineering interface of the SPFC shall have access control with username and password security.


[SPFC-SW-0122] The SPFC shall allow a remote connection of simulator software for detailed operational diagnostics and low level control.

I D Demonstrate during qualification

[SPFC-SW-0123] The SPFC shall perform its POST, operating system start-up and application initialisation in less than 5 minutes (Refines: SPFC-0052).

I FT Test with a stopwatch

[SPFC-SW-0125] The SPFC CSCI shall not exceed 80% of the available CPU processing time (Refines: SPFC-0055).

I I Inspect system resources under full load

[SPFC-SW-0126] The SPFC shall be capable of maintaining all FPs in the fully powered up state for extended durations (Refines: SPFC-0056).

I D Demonstrate

[SPFC-SW-0127] The latency introduced by the SPFC because of processing and hardware specific delays shall be less than 5s (Refines: SPFC-0061).

I A Check sensor timestamps as well as command reaction times

[SPFC-SW-0128] The SPFC shall comply with the mode transition times as specified in [AD2] (Refines: SPFC-0062).

I D Demonstrate capability by cycling the system through various simulated mode transitions

[SPFC-SW-0129] The phase locked loop A (PLLA) shall be derived from the main clock to run at 396 MHz (Refines: SPFC-0096).


[SPFC-SW-0130] The PLLA shall be selected to be used as the Master as well as the Processor clock speed.


[SPFC-SW-0131] USB ports shall not be used in the SPFC. Both the USB Host port clock and the USB Device port clock shall be disabled (Refines: SPFC-0096).


[SPFC-SW-0132] The USART 5 port shall be disabled. I I Inspect CSCI system configuration

[SPFC-SW-0133] Each independent FP thread shall be monitored by a watchdog timer (WDT) that shall restart the thread if the time-out is reached.

I D Demonstrate WDT functionality by simulating faults or error conditions

[SPFC-SW-0134] If a specific thread cannot be restarted, the whole application software shall be restarted with a system reboot.


[SPFC-SW-0135] An automatic restart of the application software shall be initiated if an unhandled exception occurs.


[SPFC-SW-0137] If the SPFC CSCI is unresponsive for more than 10s, it shall automatically be restarted by the WDT (Refines: SPFC-0063, SPFC-0186).


[SPFC-SW-0138] The TDS shall create a communication channel via Ethernet for clients to connect to using the Tango protocol (Refines: SPFC-0076).

I I Inspection

[SPFC-SW-0139] The TDS shall translate the Tango commands and attribute requests and pass it on to the SPFC control block.

I I Inspect CSCI source code

[SPFC-SW-0140] The TDS shall continuously run in its own thread and shall be independent of other SPFC application threads.

I I Inspection


SKA-TEL-DSH-0000104 4 2018-09-05


Page 59 of 67






[SPFC-SW-0141] It shall aggregate the necessary sensor values and health status of the sub-elements.


[SPFC-SW-0142] The SPFC shall provide the requested sensor values to the TDS upon request.

I I Inspection

[SPFC-SW-0143] The SPFC control block shall raise the necessary events and alarms when such conditions occur.


[SPFC-SW-0144] The SPFC control block shall manage all corresponding threads and state machines of the sub-elements.

I I Inspection – software design

[SPFC-SW-0145] The SPF services control block shall independently control services when required by either the LMC or the FPs (Refines: SPFC-0022).


[SPFC-SW-0146] The vacuum service state machine shall at least have the states as shown in Figure 5.


[SPFC-SW-0147] The vacuum service SM shall be in the OFF state when the SPFVac is powered down.


[SPFC-SW-0148] The vacuum service SM shall be in the TEMPERATURE OUT OF RANGE state when the SPFVac is in its OPERATIONAL TOO COLD state due to the ambient temperature being too cold to create a vacuum and needs to wait for the temperature to rise before it can create a vacuum.


[SPFC-SW-0149] The vacuum service SM shall be in the OPERATIONAL state when the SPFVac is operating according to the specifications of [RD2].


[SPFC-SW-0150] The vacuum service SM shall be in the UNAVAILABLE state when an error occurred that prevents the SPFVac from operating according to its specifications given in [RD2].


[SPFC-SW-0151] The SPFC shall be able to automatically switch the vacuum pump ON or OFF as required by the different FPs (Refines: SPFC-0022).


[SPFC-SW-0152] A Tango client shall be able to manually switch the vacuum pump ON or OFF (Refines: SPFC-0022).


[SPFC-SW-0153] A Tango client shall be able to enable or disable the vacuum pump control (Refines: SPFC-0022).

[SPFC-SW-0154] The helium service SM shall at least have the states as shown in Figure 6.


[SPFC-SW-0155] The helium service SM shall be in the OFF state when the SPFHe is powered down.


[SPFC-SW-0156] The helium service SM shall be in the OPERATIONAL state when the SPFHe is operating as per its fully operating conditions given in [RD1].


[SPFC-SW-0157] The helium service SM shall be in the LOW-PRESSURE state when the helium needs to be replenished, but is still able to operate according to the specifications of [RD1].


[SPFC-SW-0158] The helium service SM shall be in the UNAVAILABLE state when a communication error occurs on the SPFHe or if it is unable to operate according to the specifications of [RD1].



SKA-TEL-DSH-0000104 4 2018-09-05


Page 60 of 67






[SPFC-SW-0159] The SPFC shall be able to automatically switch the helium compressor ON or OFF as required by the different FPs (Refines: SPFC-0022).


[SPFC-SW-0160] A Tango client shall be able to manually switch the helium compressor ON or OFF (Refines: SPFC-0022).


[SPFC-SW-0161] A Tango client shall be able to reset the helium compressor (Refines: SPFC-0022).


[SPFC-SW-0162] A Tango client shall be able to override and switch off the helium compressor and disable the helium compressor controller (Refines: SPFC-0022).


[SPFC-SW-0163] All commands and requests for each FP shall be placed in a queue and shall be processed sequentially.

I D Demonstrate capability by sending a set of commands in quick succession

[SPFC-SW-0164] FP sensors and FP data shall be monitored continuously at 1 Hz.

I I Inspect sensor timestamps

[SPFC-SW-0165] FP sensor data shall be temporary saved into a rolling buffer from where the latest values shall be logged and be made available to send over the Tango interface.

I Inspect CSCI source code

[SPFC-SW-0166] Each FP SM shall continuously execute in its own thread and communicate independently with its respective band feed package controller (FPC).


[SPFC-SW-0244] The default start-up state shall be user selectable to be either STANDBY-LP or OPERATE.


[SPFC-SW-0245] The Band 1 FPC shall be in the STANDBY-LP mode when the SPF1 is ready to fully function and the LNA temperature control is switched off (Refines: SPFC-0018).


[SPFC-SW-0246] If OPERATE is selected as the default start-up state, the Band 1 FPC shall automatically transition from STANDBY-LP to the next required states to reach the OPERATE mode with an OPERATE-FULL capability state, if the SPF1s performance is within specifications (Refines: SPFC-0020).


[SPFC-SW-0247] If OPERATIONAL is requested from the Tango interface, the Band 1 FPC shall automatically transition from its current state to the next required states to reach the OPERATE mode with an OPERATE-FULL capability state, if the SPF1s performance is within specifications (Refines: SPFC-0020).


[SPFC-SW-0248] If the SPF1 is fully functional, but its performance is not within its specifications, the Band 1 FPC shall transition to the OPERATE-DEGRADED capability state (Refines: SPFC-0019).


[SPFC-SW-0249] The RF power shall only be switched ON or OFF with Tango requests.


[SPFC-SW-0250] In the event of an error occurs which renders the SPF1 not fully functional, the Band 1 FPC shall transition to the ERROR state.


[SPFC-SW-0251] The Band 1 FPC shall transition to the UNAVAILABLE state when no communication can be established with the SPF1.


[SPFC-SW-0252] The Band 1 FPC shall transition to the MAINTENANCE mode when requested via the Tango interface.



SKA-TEL-DSH-0000104 4 2018-09-05


Page 61 of 67






[SPFC-SW-0167] The Band 2 default start-up state shall be user selectable to be either STANDBY-LP or OPERATE.


[SPFC-SW-0168] The Band 2 FPC shall be in the STANDBY-LP mode when the SPF2 is ready to fully function and the cooling system is switched off (Refines: SPFC-0018).


[SPFC-SW-0169] If OPERATE is selected as the default start-up state, the Band 2 FPC shall automatically transition from STANDBY-LP to the next required states to reach the OPERATE mode with an OPERATE-FULL capability state, if the SPF2s performance is within specifications (Refines: SPFC-0020).


[SPFC-SW-0170] If OPERATIONAL is requested from the Tango interface, the Band 2 FPC shall automatically transition from its current state to the next required states to reach the OPERATE mode with an OPERATE-FULL capability state, if the SPF2s performance is within specifications (Refines: SPFC-0020).




[SPFC-SW-0172] The Band 2 RF power shall only be switched ON or OFF with Tango requests.


[SPFC-SW-0173] The Band 2 FPC shall transition to the REGENERATION state when requested via the Tango interface if in MAINTENANCE mode.




[SPFC-SW-0175] The Band 2 FPC shall transition to the UNAVAILABLE state when no communication can be established with the SPF2 (Refines: SPFC-0017).




[SPFC-SW-0253] The Band 345 default start-up state shall be user selectable to be either STANDBY-LP or OPERATE.


[SPFC-SW-0254] The Band 345 FPC shall be in the STANDBY-LP mode when the SPF345 is ready to fully function and the cooling system is switched off (Refines: SPFC-0018).


[SPFC-SW-0255] If OPERATE is selected as the default start-up state, the Band 345 FPC shall automatically transition from STANDBY-LP to the next required states to reach the OPERATE mode with an OPERATE-FULL capability state, if the SPF345’s performance is within specifications (Refines: SPFC-0020).


[SPFC-SW-0256] If OPERATIONAL is requested from the Tango interface, the Band 345 FPC shall automatically transition from its current state to the next required states to reach the OPERATE mode with an OPERATE-FULL capability state, if the SPF345’s performance is within specifications (Refines: SPFC-0020).





SKA-TEL-DSH-0000104 4 2018-09-05


Page 62 of 67






[SPFC-SW-0258] The Band 345 RF power shall only be switched ON or OFF with Tango requests.


[SPFC-SW-0259] The Band 345 FPC shall transition to the REGENERATION state when requested via the Tango interface if in MAINTENANCE mode.




[SPFC-SW-0261] The Band 345 FPC shall transition to the UNAVAILABLE state when no communication can be established with the SPF345 (Refines: SPFC-0017).




[SPFC-SW-0177] The SPFC shall conform to the Tango interface requirements detailed in [AD3] (Refines: SPFC-0073, SPFC-0074, SPFC-0075).

I Inspection

[SPFC-SW-0178] The SPFC shall always allow SFTP and SSH connections on the LMC_SPF interface, using default ports (Refines: SPFC-0049).

I Inspection

[SPFC-SW-0179] The SPFC shall be able to simultaneously connect to 3 FPs over 3 UART over fibre communication interfaces.

I Inspection

[SPFC-SW-0180] The SPFC shall conform to the interface requirements given in [AD4] for SPF1, [AD5] for SPF2 and [AD6] for SPF345 (Refines: SPFC-0064, SPFC-0078, SPFC-0079, SPFC-0080).

I Inspection

[SPFC-SW-0181] The SPFC shall conform to the interface requirements given in [AD7] (Refines: SPFC-0081).

I Inspection

[SPFC-SW-0182] The SFPC shall be able to manipulate two digital output control lines to the vacuum pump which represents “Start” and “Stop” control signals (Refines: SPFC-0081).

I Inspection

[SPFC-SW-0183] The SPFC shall be able to read two digital input lines which indicates 4 states: Offline, Online (too cold to operate), Ready (warm enough to operate) and Running (Refines: SPFC-0081).

I Inspection

[SPFC-SW-0184] The SPFC shall connect to the SPFHe via a UART over fibre interface and conform to the interface requirements given in [AD8] (Refines: SPFC-0082).

I Inspection

[SPFC-SW-0185] One digital output pin on the Stamp shall be allocated as a control line to the helium compressor which implements a “Reset” signal to the SPFHe Controller.

I Inspection

[SPFC-SW-0186] One digital input pin shall be allocated as a feedback signal to the Stamp which indicates if the helium compressor is “Running”.

I Inspection

[SPFC-SW-0187] The media independent interface (MII) connection setup to the physical (PHY) layer shall be precompiled into the Linux file system image and managed by the Linux OS.

I Inspection

[SPFC-SW-0188] The setup of the programming and low level debug UART shall be precompiled in the Linux file system.

I Inspection


SKA-TEL-DSH-0000104 4 2018-09-05


Page 63 of 67






[SPFC-SW-0189] The programming and debugging interface shall only allow local access to the SPFC, directly to the PCB.

I Inspection

[SPFC-SW-0190] The SD card bus shall be available for logging data to an SD card.

I Inspection

[SPFC-SW-0191] Provision shall be made to implement an elapsed time counter (ETC) over an I2C bus (Refines: SPFC-0050, SPFC-0186).

I Inspection

[SPFC-SW-0192] ADCs for monitoring the on-board sensor values shall be implemented by using an I2C bus.

I Inspection

[SPFC-SW-0193] The four analogue inputs on the Stamp shall be implemented to monitor the voltage, current and on-board temperature SPFC, with one spare channel (Refines: SPFC-0057, SPFC-0070, SPFC-0188).

I Inspection

[SPFC-SW-0194] The SPFC shall be configured with a fixed IPv4 address allocated by SKA.

I I Inspection

[SPFC-SW-0195] The SPFC software classification shall be non-safety critical.

I Inspection

[SPFC-SW-0196] The SPFC operating system shall be password protected to restrict unauthorised local or remote access.

I Inspection

[SPFC-SW-0197] The SPFC shall execute on the Taskit Stamp9G20 Computer on Module (CoM) which has an ARM architecture.

I Inspection

[SPFC-SW-0198] The SPFC shall execute on the Linux Ånström OpenEmbedded distribution which resides on the built-in flash memory of the Stamp CoM.

I Inspection

[SPFC-SW-0199] The SPFC shall be executed on the Stamp CoM Atmel AT91SAM9G20 with ARM926EJ-S core MCU (Refines: SPFC-0068, SPFC-0069, SPFC-0182).

I Inspection

[SPFC-SW-0200] The Stamp CoM shall have the following hardware requirements (Refines: SPFC-0183, SPFC-0184, SPFC-0186):

• Variable CPU speed setting

• 128 MB SD RAM

• 512 MB Flash

• 1x 10/100 Ethernet MAC

• 6x UART

• 1x I2C

• 1x SD Card with 8GB capacity

• 1x 4 Channel ADC

• 16x Digital I/O ports

• Watchdog timer

I Inspection

[SPFC-SW-0201] The hardware capacities given in Table 15 shall not be exceeded by the SPFC as a design goal (Refines: SPFC-0055).

I Inspection


SKA-TEL-DSH-0000104 4 2018-09-05


Page 64 of 67






[SPFC-SW-0202] The SPFC shall as far as possible use features provided by the embedded OS to implement (Refines: SPFC-0182):

• Power-On Self-Test (POST).

• Loading of the SPFC executable on power-up.

• Downloading of software updates.

• Allowing remote access to the system.

I Inspection

[SPFC-SW-0203] The monitoring data rate on the Ethernet interface shall not exceed 200 kbps (Refines: SPFC-0060).

I FT Test throughput with a network analyser during full load

[SPFC-SW-0204] Control messages over the Ethernet interface shall not exceed 10 kbps.

I FT Test throughput with a network analyser during full load

[SPFC-SW-0205] The serial UART interfaces shall be configured for low speed data transmission. The following settings shall be used, except of defined otherwise in respective ICDs:

• 19200 baud rate

• 8 data bits

• 1 stop bit

• No parity

I Inspection

[SPFC-SW-0206] The programming and low level debug interface shall have the following configuration parameters:

• 115200 baud rate

• 8 data bits

• 1 stop bit

• No parity

I Inspection

[SPFC-SW-0207] The SPFC shall be reliable in the sense that the application can run for extended periods of time of at least 12 months continuous operation (Refines: SPFC-0111).

D D Demonstrate during operation

[SPFC-SW-0208] The SPFC software shall recycle its resources, implement circular buffers and have no memory leaks as detected by reasonable profiling and testing.


[SPFC-SW-0209] The SPFC operation shall be consistent and repeatable with the same input conditions.

D Demonstrate during development

[SPFC-SW-0210] The SPFC software shall be based on sound software design principles and design patterns.


[SPFC-SW-0211] To ensure maintainability of the SPFC, it shall have a modular design as far as possible.

I Inspect CSCI design

[SPFC-SW-0212] The SPFC software, when executing, shall always be available for sub-elements to communicate with it.

D D Demonstrate capability during full system load

[SPFC-SW-0213] The SPFC shall not have a state where authorised local or remote access is denied.

I I Inspection

[SPFC-SW-0214] The SPFC shall be flexible to accompany new requirements and system specifications.

I Inspection

[SPFC-SW-0215] The SPFC shall, as far as possible, be portable in the sense that it can be ported to another hardware or software (OS) platform.

I Inspection

[SPFC-SW-0216] The software modules and objects shall be implemented in such a way as to promote software reusability.

I Inspection


SKA-TEL-DSH-0000104 4 2018-09-05


Page 65 of 67






[SPFC-SW-0218] A modular software design method shall be used to ensure encapsulation of functionality.

I Inspection

[SPFC-SW-0219] The SPFC shall be implemented in C/C++. I Inspection

[SPFC-SW-0220] Software maintenance shall be handled by EMSS Antennas.

I Inspection

[SPFC-SW-0221] Any software fixes or upgrades shall be handled under the terms of the contracts in place.

I Inspection

[SPFC-SW-0222] Preventative system maintenance shall be provided by EMSS Antennas under a separate maintenance contract if needed.

I Inspection

[SPFC-SW-0223] First line software support shall be given by EMSS Antennas.

I Inspection

[SPFC-SW-0224] A remote connection to the SPFC shall be available to perform remote software support, as detailed in §3.2.3.4.

I Inspection

[SPFC-SW-0225] The SPFC software shall be transported in a binary package form, and shall be pre-installed on the SPFC hardware.

I I Inspection

[SPFC-SW-0226] Updates of the SPFC software shall be performed via its OS and requesting a new binary package from a specified server on the network.


[SPFC-SW-0227] The SPFC application software shall be remotely updated to a distribution server on the SKA network and no physical media shall be used for SPFC software installation.

I I Inspection

[SPFC-SW-0228] All CSCI and data items shall be safely stored in a repository of the client’s choice.

I I Inspection

[SPFC-SW-0229] The SPFC software design philosophy shall be implemented on cycles of the waterfall method as depicted in Figure 11.

I I Inspection

[SPFC-SW-0230] The software development shall be an iterative process adding more detail and functionality with each cycle.

I Inspection

[SPFC-SW-0231] All software shall be tested and debugged on a PC before it is uploaded to any hardware.

I Inspection

[SPFC-SW-0232] It shall be preferred to have a Company Software Standard in place before software development commences.

I I Inspection

[SPFC-SW-0233] Low level engineering and support connections shall be made available to the SPFC via the Ethernet interface, as indicated by TI (1) in Figure 12 (Refines: SPFC-0051).

I I Inspection

[SPFC-SW-0234] The protocols allowed on the Ethernet interface of the SPFC shall be at least TCP/IP, SSH, SFTP and Internet Control Message Protocol (ICMP).

I I Inspection

[SPFC-SW-0235] Low level engineering and support shall include the following tests and operations:

• Connectivity tests via ICMP,

• Operating system control, setup and remote updates via SSH and SFTP/SCP, and

• Configuration and log file transfers via SFTP/SCP (Refines: SPFC-0051).

I I Inspection


SKA-TEL-DSH-0000104 4 2018-09-05


Page 66 of 67






[SPFC-SW-0236] An SPFC interface testing graphical user interface (GUI) shall be developed in order to test the SPFC application software from TI (2) as seen in Figure 12.

I I Inspection

[SPFC-SW-0240] The front panel display shall serve as a visual test interface TI (3) for SPFC internal status.

I Inspection

[SPFC-SW-0241] TI (4,5,6,7,8) shall be used to test the interfaces between SPF1, SPF2, SPF345, SPFHe and SPFVac respectively. These tests can either be done with external protocol simulators or production hardware).

I FT Test using simulators or actual hardware

[SPFC-SW-0242] This system shall have a software test document (STD), describing the required software tests that shall be performed in order to qualify the software as well as a software test report (STR) to detail the qualification results.

I I Inspection

[SPFC-SW-0243] The supplier shall perform all requirement verification and acceptance tests.

I I Inspection


SKA-TEL-DSH-0000104 4 2018-09-05


Page 67 of 67

5 REQUIREMENTS TRACEABILITY

Traceability of the SPF sub-element level requirements to the major SPF components will be added to the DHS requirements in Core. It can also be checked manually by considering the “Refines” entries in the first column of Table 18.

6 NOTES

6.1 Explanatory Notes

None.

6.2 List of Unresolved Items

None.

7 PREPARATION FOR DELIVERY

Each SPFC shall be fully programmed with the correct software version. All software code shall also be supplied in software format in the SPF data pack.

SKA-TEL-DSH-0000104_Rev4_SPFCSoftwareRequirementsSpecificationAdobe Sign Document History 06/09/2018

Created: 06/09/2018

By: Alastir Robyntjies ([email protected])

Status: Signed

Transaction ID: CBJCHBCAABAAVAFPH_Q7tiYk2oLIz5-hjbnq8yM5p9Gp

"SKA-TEL-DSH-0000104_Rev4_SPFCSoftwareRequirementsSpecification" History

Document created by Alastir Robyntjies ([email protected])06/09/2018 - 13:03:35 GMT+2- IP address: 196.24.39.242

Document emailed to P.C. van Niekerk ([email protected]) for signature06/09/2018 - 13:04:54 GMT+2

Document viewed by P.C. van Niekerk ([email protected])06/09/2018 - 13:13:14 GMT+2- IP address: 41.164.24.90

Document e-signed by P.C. van Niekerk ([email protected])Signature Date: 06/09/2018 - 13:15:27 GMT+2 - Time Source: server- IP address: 41.193.220.2

Document emailed to Magnus Dahlgren ([email protected]) for signature06/09/2018 - 13:15:28 GMT+2

Document viewed by Magnus Dahlgren ([email protected])06/09/2018 - 16:26:57 GMT+2- IP address: 129.16.208.26

Document e-signed by Magnus Dahlgren ([email protected])Signature Date: 06/09/2018 - 16:29:07 GMT+2 - Time Source: server- IP address: 129.16.208.26

Document emailed to Angela Taylor ([email protected]) for signature06/09/2018 - 16:29:08 GMT+2

Document viewed by Angela Taylor ([email protected])06/09/2018 - 17:42:18 GMT+2- IP address: 163.1.19.1

Document e-signed by Angela Taylor ([email protected])Signature Date: 06/09/2018 - 19:38:06 GMT+2 - Time Source: server- IP address: 163.1.19.1

Document emailed to Isak Theron ([email protected]) for signature06/09/2018 - 19:38:07 GMT+2

Document viewed by Isak Theron ([email protected])06/09/2018 - 20:50:30 GMT+2- IP address: 154.119.40.218

Document e-signed by Isak Theron ([email protected])Signature Date: 06/09/2018 - 20:50:58 GMT+2 - Time Source: server- IP address: 154.119.40.218

Signed document emailed to Isak Theron ([email protected]), Alastir Robyntjies ([email protected]), P.C.van Niekerk ([email protected]), Magnus Dahlgren ([email protected]) and 1 more06/09/2018 - 20:50:58 GMT+2