Upload
others
View
1
Download
0
Embed Size (px)
Citation preview
Name Designation Affiliation Signature & Date
Authored by:
P.C. van Niekerk Senior Software
Engineer EMSS Antennas
Approved by:
M. Dahlgren SPF Band 1 SE Chalmers/
OSO
A. Taylor SPF Band 345
PM Oxford
University
I.P. Theron SPF Lead Engineer
EMSS Antennas
SINGLE PIXEL FEED CONTROLLER
SOFTWARE REQUIREMENTS SPECIFICATION
Document number ........................................................................ SKA-TEL-DSH-0000104 Revision ........................................................................................................................... 4 Author ..................................................................................................... P.C. van Niekerk .................................................................................................... with T.J. Steyn, A.J. Born Date ................................................................................................................. 2018-09-05 Status .................................................................................................................. Released
P.C. van Niekerk (Sep 6, 2018)P.C. van Niekerk
Isak Theron (Sep 6, 2018)Isak Theron
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 2 of 67
DOCUMENT HISTORY Revision Date of Issue Engineering Change
Number
Comments
A 2016-09-30 - First draft release for internal review
1 2016-11-30 - Released with DDR feedback
1A 2017-05-05 - Draft released for B1 delta DDR
2 2017-05-31 - Released after delta DDR. There were no observations
on Rev. 1A.
2A 2018-07-31 EA-SKA-WAV-0001 Distributed for delta CDR document review (some
unnecessary requirements removed and incorrect use of
MeerKAT terminology resolved)
3 2018-08-10 CN0038 Released for Band 2 and services CDR closure
3A 2018-08-27 - Internal review after adding band 5 state machine
4 2018-09-05 CN0050 Released with band 5 state machine
DOCUMENT SOFTWARE Package Version Filename
Word processor MS Word Word 2016 SKA-TEL-DSH-0000104_Rev4_SPFCSoftwareRequirementsSpecification.docx
Block diagrams
Other
ORGANISATION DETAILS Name SKA Organisation
Registered Address Jodrell Bank Observatory
Lower Withington
Macclesfield
Cheshire
SK11 9DL
United Kingdom
Registered in England & Wales
Company Number: 07881918
Fax. +44 (0)161 306 9600
Website www.skatelescope.org
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 3 of 67
TABLE OF CONTENTS
LIST OF ABBREVIATIONS ................................................................................ 8
1 SCOPE ........................................................................................................ 9
1.1 Identification ........................................................................................................................... 9
1.2 Numbering Conventions ......................................................................................................... 9
1.3 System Description ................................................................................................................. 9
1.3.1 Overview ..................................................................................................................... 9
1.3.2 Functional Breakdown ................................................................................................ 9
1.3.3 External Interfaces Identification .............................................................................. 10
2 DOCUMENTS.............................................................................................. 11
2.1 Applicable Documents .......................................................................................................... 11
2.2 Reference Documents ........................................................................................................... 11
3 REQUIREMENTS .......................................................................................... 12
3.1 Modes of Operation .............................................................................................................. 12
3.1.1 OFF ............................................................................................................................ 13
3.1.1.1 Purpose ..................................................................................................................... 13
3.1.1.2 Functional Requirements .......................................................................................... 13
3.1.2 STARTUP .................................................................................................................... 14
3.1.2.1 Purpose ..................................................................................................................... 14
3.1.2.2 Functional Requirements .......................................................................................... 14
3.1.3 STANDBY_LP .............................................................................................................. 14
3.1.3.1 Purpose ..................................................................................................................... 14
3.1.3.2 Functional Requirements .......................................................................................... 15
3.1.4 OPERATE.................................................................................................................... 15
3.1.4.1 Purpose ..................................................................................................................... 15
3.1.4.2 Functional Requirements .......................................................................................... 16
3.1.5 MAINTENANCE .......................................................................................................... 17
3.1.5.1 Purpose ..................................................................................................................... 17
3.1.5.2 Functional Requirements .......................................................................................... 17
3.1.6 ERROR ....................................................................................................................... 17
3.1.6.1 Purpose ..................................................................................................................... 17
3.1.6.2 Functional Requirements .......................................................................................... 17
3.2 CSCI Capability Requirements ............................................................................................... 18
3.2.1 Control ...................................................................................................................... 20
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 4 of 67
3.2.1.1 Feed Packages ........................................................................................................... 20
3.2.1.2 Control Vacuum Pump .............................................................................................. 21
3.2.1.3 Control Helium Compressor ...................................................................................... 22
3.2.2 Monitor and Report .................................................................................................. 22
3.2.2.1 States and Modes...................................................................................................... 22
3.2.2.2 Alarms ....................................................................................................................... 23
3.2.2.3 Events ........................................................................................................................ 23
3.2.2.4 Logs ........................................................................................................................... 24
3.2.2.5 Sensors ...................................................................................................................... 24
3.2.2.6 Faults and Failures .................................................................................................... 24
3.2.2.7 Automatic Safety Checks........................................................................................... 24
3.2.3 Support ...................................................................................................................... 25
3.2.3.1 Remote Updates ....................................................................................................... 25
3.2.3.2 Load and Save Configuration Data ............................................................................ 25
3.2.3.3 Load and Save Metadata........................................................................................... 25
3.2.3.4 Engineering Interface ................................................................................................ 25
3.2.4 Performance Requirements ...................................................................................... 26
3.2.4.1 System Start-up ......................................................................................................... 26
3.2.4.2 Processing Resources ................................................................................................ 26
3.2.4.3 Data Latency.............................................................................................................. 26
3.2.4.4 Mode Transition Times ............................................................................................. 26
3.2.5 Specific Requirements for Stamp CoM Setup ........................................................... 26
3.2.5.1 Clock Speeds ............................................................................................................. 26
3.2.5.2 Peripherals ................................................................................................................ 26
3.2.5.3 Watchdog Timer ........................................................................................................ 26
3.2.6 Application Software Control Logic........................................................................... 27
3.2.6.1 Tango Device Server .................................................................................................. 27
3.2.6.2 SPFC Control Block .................................................................................................... 28
3.2.6.3 Vacuum Pump Controller .......................................................................................... 28
3.2.6.4 Helium Compressor Controller ................................................................................. 29
3.2.6.5 Feed Package Control Block ...................................................................................... 30
3.3 SPFC External Interface Requirements ................................................................................. 40
3.3.1 LMC_SPF (I.M.LMC_SPF.01) ...................................................................................... 40
3.3.2 DFN (I.M.DFN_SPF.05) .............................................................................................. 40
3.3.2.1 Feed Package Interfaces (SPF IIF01, SPF IIF02, SPF IIF03) ......................................... 41
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 5 of 67
3.3.2.2 Vacuum Pump Interface (SPF IIF04) .......................................................................... 41
3.3.2.3 Helium Compressor Interface (SPF IIF05) ................................................................. 41
3.4 CSCI Internal Interface Requirements ................................................................................... 41
3.4.1 Ethernet Physical Layer (IIF1) .................................................................................... 42
3.4.2 UART (IIF2) ................................................................................................................ 42
3.4.3 SD Card (IIF3) ............................................................................................................. 42
3.4.4 Elapsed Time Counter (IIF4) ...................................................................................... 42
3.4.5 ADCs (IIF5) ................................................................................................................. 43
3.5 CSCI Internal Data Requirements .......................................................................................... 43
3.6 Adaptation Requirements ..................................................................................................... 43
3.7 Safety Requirements ............................................................................................................. 43
3.8 Security and Privacy Requirements ...................................................................................... 43
3.9 CSCI Environment Requirements .......................................................................................... 43
3.10 Computer Resource Requirements ....................................................................................... 43
3.10.1 Computer Hardware Requirements .......................................................................... 43
3.10.2 Computer Hardware Resource Utilisation Requirements ........................................ 44
3.10.3 Computer Software Requirements ........................................................................... 44
3.10.4 Computer Communications Requirements .............................................................. 44
3.10.4.1 Ethernet interface ..................................................................................................... 44
3.10.4.2 Serial UART interfaces ............................................................................................... 44
3.10.4.3 Programming and low level debug interface ............................................................ 45
3.11 Software Quality Factors ....................................................................................................... 45
3.11.1 Reliability ................................................................................................................... 45
3.11.2 Maintainability .......................................................................................................... 45
3.11.3 Availability ................................................................................................................. 45
3.11.4 Flexibility ................................................................................................................... 45
3.11.5 Portability .................................................................................................................. 45
3.11.6 Reusability ................................................................................................................. 45
3.11.7 Usability..................................................................................................................... 45
3.11.8 Design ........................................................................................................................ 46
3.12 Design and Implementation Constraints .............................................................................. 46
3.13 Personnel Related Requirements ......................................................................................... 46
3.14 Training Related Requirements ............................................................................................ 46
3.15 Logistics Related Requirements ............................................................................................ 46
3.15.1 System Maintenance................................................................................................. 46
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 6 of 67
3.15.2 Software Support ...................................................................................................... 46
3.15.3 System Transportation .............................................................................................. 46
3.16 Other Requirements ............................................................................................................. 46
3.17 Packaging Requirements ....................................................................................................... 46
3.18 Precedence and Criticality Requirements ............................................................................. 47
3.19 Development Method and Testing ....................................................................................... 47
3.20 Documentation ..................................................................................................................... 48
4 VERIFICATION ............................................................................................ 49
4.1 Quality Conformance ............................................................................................................ 49
4.1.1 Responsibility for Tests ............................................................................................. 49
4.1.2 Special Tests and Examinations ................................................................................ 49
4.1.3 Requirements Validation Phases and Methods ........................................................ 49
4.2 Requirements Verification .................................................................................................... 50
5 REQUIREMENTS TRACEABILITY ........................................................................ 67
6 NOTES ..................................................................................................... 67
6.1 Explanatory Notes ................................................................................................................. 67
6.2 List of Unresolved Items ....................................................................................................... 67
7 PREPARATION FOR DELIVERY ......................................................................... 67
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 7 of 67
LIST OF FIGURES
Figure 1: SPFC communication and control interfaces. ........................................................................ 10
Figure 2: SPFC modes. ........................................................................................................................... 12
Figure 3: Functional breakdown of the SPFC. ....................................................................................... 19
Figure 4: Application software code blocks. ......................................................................................... 27
Figure 5: SPFVac state machine. ........................................................................................................... 28
Figure 6: SPFHe state machine. ............................................................................................................ 29
Figure 7: SPF1 state machine. ............................................................................................................... 31
Figure 8: SPF2 state machine. ............................................................................................................... 34
Figure 9: SPF345 state machine. ........................................................................................................... 38
Figure 10: SPFC internal interfaces. ...................................................................................................... 42
Figure 11: The waterfall design methodology. ..................................................................................... 47
Figure 12: SPFC software development and testing model. ................................................................. 48
LIST OF TABLES
Table 1: SPFC external interface identification ..................................................................................... 10
Table 2: SPFC mode transition criteria .................................................................................................. 13
Table 3: Summary of the software system functions ........................................................................... 19
Table 4: Temperature settings .............................................................................................................. 21
Table 5: SPFC capability states .............................................................................................................. 22
Table 6: SPF1 mode description ............................................................................................................ 32
Table 7: Mutual exclusivity (m) of the SPF1 states & modes ................................................................ 32
Table 8: SPF1 state definitions .............................................................................................................. 33
Table 9: SPF2 states description ........................................................................................................... 35
Table 10: Mutual exclusivity (m) of the SPF2 states & modes .............................................................. 36
Table 11: SPF2 state definitions ............................................................................................................ 36
Table 12: SPF345 states description ..................................................................................................... 38
Table 13: Mutual exclusivity (m) of the SPF345 states & modes .......................................................... 39
Table 14: SPF345 state definitions ........................................................................................................ 40
Table 15: SPFC hardware resource utilisation requirements ............................................................... 44
Table 16: Test phases applicable to the SPFC ....................................................................................... 49
Table 17: Test methods applicable to the SPFC .................................................................................... 49
Table 18: Requirements verification matrix ......................................................................................... 50
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 8 of 67
LIST OF ABBREVIATIONS
CoM ............................... Computer on Module
CDR ................................ Critical Design Review
CSCI ............................... Computer Software Configuration Item
DDR ............................... Detail Design Review
DFN ................................ Dish Fibre Network
ETC ................................ Elapsed Time Counter
FMECA ........................... Failure Mode, Effects and Criticality Analysis
FP ................................... Feed Package
FPC ................................ Feed Package Controller
ICMP .............................. Internet Control Message Protocol
LMC ............................... Local Monitoring and Control
LRU ................................ Line Replaceable Unit
MAC ............................... Media Access Control
RFE ................................ Radio Frequency Equipment
SCP ................................ Secure Copy Protocol
SD .................................. Secure Digital
SFTP ............................... SSH File Transfer Protocol
SKA ................................ Square Kilometre Array
SM ................................. State Machine
SPF ................................. Single Pixel Feed
SPF1 ............................... Single Pixel Feed Band 1
SPF2 ............................... Single Pixel Feed Band 2
SPF345 ........................... Single Pixel Feed Band 345
SPFC ............................... Single Pixel Feed Controller
SPFHe ............................ SPF Helium Service
SPFVac ........................... SPF Vacuum Service
SSH ................................ Secure Socket Shell
TDS ................................ Tango Device Server
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 9 of 67
1 SCOPE
1.1 Identification
This specification establishes the functional, design, development and test requirements for the application software of the Square Kilometre Array (SKA) single pixel feed controller (SPFC).
This specification describes the functions and requirements of the SPFC application software needed to control and monitor multiple feed packages as well as receiver services. This document is intended to be used by software developers to develop the SPFC application software.
1.2 Numbering Conventions
Each requirement is indicated with a project identifier (here SPFC-SW) and a sequential Arabic number in square brackets. These numbers are used as cross references throughout this specification. The numbered requirements are used in the verification section of this document.
1.3 System Description
1.3.1 Overview
The SKA antenna positioner will be able to house up to three single pixel feed packages, each functioning in a different frequency band. Two of the feed packages comprise of a cryostat with a cryocooler requiring a high-pressure helium supply and return to function and one will be an ambient system, which does not require helium or vacuum connections. A vacuum, internal to the cryostat, thermally insulates the cryocooler allowing it to reach cryogenic temperatures by eliminating convection heat transfer and reducing solid conduction through the remaining gas to a negligible level. The supply of high pressure helium and the creation of a vacuum are defined as the SPF helium service (SPFHe) and SPF vacuum service (SPFVac) respectively. The SPFC is responsible for controlling the SPFHe and SPFVac as well as the respective SPFs.
The SPFC is a microprocessor-based design, located in the antenna pedestal, with the primary function of controlling the entire SPF sub-element of the antenna (including the vacuum and helium services). It monitors the health status of each SPF cryostat, receiver control and monitoring electronics and also controls the active components inside each receiver cryostat. All monitored parameters are independently logged per receiver feed package (FP) and sent to the end user when requested.
The SPFC has an optic fibre Ethernet interface that provides feedback of each FP via the Tango protocol. ON/OFF control of the low noise amplifiers (LNAs), temperature control set points, and the cool down and vacuum procedures are accomplished via the network interface. The SPFC is Linux based and Secure Shell (SSH) connections to the SPFC are possible in order to change initialisation files and perform low level configuration.
Once initialised the SPFC shall automatically control each connected FP to enter into the user defined default start-up-mode.
1.3.2 Functional Breakdown
The SPFC is designated to be an autonomous system that controls and monitors multiple FPs, as well as the SPF services that keep the FPs operational. The SPFC application software shall be executing on a Linux operating system and communication shall be done remotely via an Ethernet connection by means of the Tango communication protocol [RD4].
The functional breakdown of all the SPFC software functions is detailed in paragraph 3.2.
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 10 of 67
1.3.3 External Interfaces Identification
Figure 1 illustrates the external communication and control interfaces defined for the SPFC. The SPFC communicates with the FPs, SPFHe and SPFVac through the dish fibre network (DFN) (I.M.DI_SPF.5). Communication with the local monitoring and control (LMC) is done via the I.M.LMC_SPF.1 interface. The other interfaces depicted in Figure 1 are mechanical and power interfaces and the details thereof fall outside the scope of this document. For a more detailed identification of the functional external interfaces, please refer to Table 1.
Figure 1: SPFC communication and control interfaces.
Table 1: SPFC external interface identification
Interface Name External
To Interface Identifier To Reference
Controller with LMC SPF I.M.LMC_SPF.01 LMC [AD3]
Controller with SPF1 SPFC SPF_IIF01 [I.M.DI_SPF.05] SPF1 [AD4]
Controller with SPF2 SPFC SPF_IIF02 [I.M.DI_SPF.05] SPF2 [AD5]
Controller with SPF345 SPFC SPF_IIF03 [I.M.DI_SPF.05] SPF345 [AD6]
SPF Vacuum SPFC SPF_IIF04 [I.M.DI_SPF.05] SPFVac [AD7]
SPF Helium SPFC SPF_IIF05 [I.M.DI_SPF.05] SPFHe [AD8]
Pedestal Shielded Compartment
SPF Controller
(317-040000)
(Major Components)D
ish S
truct
ure
Pow
er
(I.M
.DS
_S
PF
.06)
DFN
Fib
re(I
.M.D
I_S
PF
.05)
LM
C D
ata
(I.M
.LM
C_S
PF
.01)
SPF Controller HWCI(317-041000)
Dis
h S
truct
ure
Mechani
cal
(I.M
.DS
_S
PF
.13)
SP
F1 (
SP
F IIF
01)
SP
F345 (
SP
F IIF
03)
SP
F H
eliu
m (
SP
F IIF
05)
SP
F V
acu
um
(S
PF
IIF
04)
SP
F2 (
SP
F IIF
02)
Major component physical location
Line Replaceable Unit
Sub assembly
Internal Control via DFN
SPF External
Key:
External Functional
SPF Major ComponentSPF Controller External
SPF Controller CSCI(317-042000)
Software
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 11 of 67
2 DOCUMENTS
2.1 Applicable Documents
The following documents are applicable to the extent stated herein. In the event of conflict between the contents of the applicable documents and this document, the applicable documents shall take precedence. Unless specifically stated, the latest revisions shall apply.
[AD1] A. Peens-Hough, et. al., “Single Pixel Feed (SPF) Requirements Specification”, SKA-TEL-DSH-0000012, Rev. 5, 2017-06-01.
[AD2] P. C. van Niekerk, “Single Pixel Feed Controller Development Specification”, SKA-TEL-DSH-0000087, Rev. 2, 2018-08-10.
[AD3] G. Smit, et. al., “Data Exchange Interface between The Dish LMC and the SPF Controller”, SKA-TEL-DSH-0000055, Rev 2, 2018-02-01.
[AD4] P. C. van Niekerk, “SPF Controller to SPF Band 1 Data Exchange ICD”, SKA-TEL-DSH-0000093, Rev. 3, 2018-01-31.
[AD5] P. C. van Niekerk, “SPF Controller to SPF Band 2 Data Exchange ICD”, SKA-TEL-DSH-0000094, Rev. 2, 2017-11-03.
[AD6] T. Steyn, “SPF Controller to SPF Band 345 Data Exchange ICD”, SKA-TEL-DSH-0000095, Rev. 1, 2018-09-05.
[AD7] T. Steyn, “SPF Controller to SPF Vacuum ICD”, SKA-TEL-DSH-0000096, Rev. 1, 2016-11-30.
[AD8] T. Steyn, “SPF Controller to SPF Helium Data Exchange ICD”, SKA-TEL-DSH-0000097, Rev. 1, 2016-11-30.
2.2 Reference Documents
The following documents are referenced in this document. In the event of conflict between the contents of the referenced documents and this document, this document shall take precedence.
[RD1] A. Krebs, “Single Pixel Feed Helium Service Development Specification”, SKA-TEL-DSH-0000089, Rev. 1, 2016-11-30.
[RD2] L. Mc Nally, “Single Pixel Feed Vacuum Service Development Specification”, SKA-TEL-DSH-0000091, Rev. 1, 2016-11-30.
[RD3] Stamp9G20 Technical Reference, Taskit GmbH document, 2009
[RD4] Tango Controls System Handbook, Version 9.2, Online: http://ftp.esrf.fr/pub/cs/tango/tango_92.pdf
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 12 of 67
3 REQUIREMENTS
3.1 Modes of Operation
The modes of operation of the SPFC is given in Figure 2 and detailed in the subsections that follow. The events causing mode transitions are also indicated.
The requirements associated with each mode are described in detail in these subsections, under the following requirement titles:
1. Entry. The conditional requirements under which the mode is entered from the previous mode.
2. Transition. The functional requirements upon entering the mode which will only be performed once.
3. Implementation. The functional requirements to be performed continuously while in the specific mode.
4. Exit. The conditional requirements under which the mode is exited to the next mode.
[SPFC-SW-0001] The SPFC shall have the following internal modes. The interaction of the modes is shown in Figure 2. (Refines: SPFC-0001)
• OFF
• STARTUP
• STANDBY_LP
• OPERATE
• MAINTENANCE
• ERROR
OFF
STARTUPSTANDBY
LP
OPERATE MAINTENANCE
1
5
4
2
3
ERROR 6
7
89
Low Power
Full Power
Low Power
Low Powerand
Full Power
From any mode if requested
From any mode if requested
From any mode if critical functional error occurs
Figure 2: SPFC modes.
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 13 of 67
Each mode has the transition criteria as given in Table 2.
Table 2: SPFC mode transition criteria
Number Current Mode New Mode Mode Transition Trigger
1 OFF STARTUP Automatic at system start-up.
2 STARTUP STANDBY_LP Automatic after system initialisation.
3 STANDBY_LP OPERATE By LMC command.
4 STANDBY_LP OFF By LMC command as a maintenance command
5 MAINTENANCE OPERATE By LMC command.
6 ERROR OPERATE By LMC command.
7 ANY STANDBY_LP From any mode if STANDBY_LP is requested.
8 ANY MAINTENANCE From any mode if MAINTENANCE is requested.
9 ANY ERROR From any mode if critical functional error occurs.
[SPFC-SW-0002] The SPFC shall have the following power states (Refines: SPFC-0002):
1. LOW_POWER
2. FULL_POWER
[SPFC-SW-0003] All modes and power states shall be reported to the LMC via the Tango interface upon request (Refines: SPFC-0003).
3.1.1 OFF
3.1.1.1 Purpose
This mode is used to indicate that the SPFC computer software configuration item (CSCI) is not running. This is the default starting mode of the SPFC and is set at system start-up or if commanded so by the LMC when the system is in STANDBY_LP mode.
3.1.1.2 Functional Requirements
3.1.1.2.1 Entry
[SPFC-SW-0004] The SPFC shall have the OFF mode set when the application is started. [SPFC-SW-0005] The SPFC shall enter the OFF mode if a system reset is requested by the LMC as a maintenance command (Refines: SPFC-0004).
3.1.1.2.2 Transition
There are no transitional requirements for the OFF mode.
3.1.1.2.3 Implementation
The OFF mode has no implementation.
3.1.1.2.4 Exit
[SPFC-SW-0006] The SPFC shall exit the OFF mode automatically and enter the STARTUP mode with no delays when powered up.
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 14 of 67
3.1.2 STARTUP
3.1.2.1 Purpose
The STARTUP mode is entered into when the SPFC CSCI is first activated by the operating system. In this mode, the SPFC CSCI shall handle the setting up of all hardware peripherals and initialisation of the various internal data structures and state machine operations in order to maintain a low power state.
3.1.2.2 Functional Requirements
3.1.2.2.1 Entry
[SPFC-SW-0007] The SPFC shall automatically enter the STARTUP mode when it is started by the operating system.
3.1.2.2.2 Transition
[SPFC-SW-0008] The SPFC shall ensure that no communication or external interrupts are active while residing in the STARTUP mode.
[SPFC-SW-0009] The SPFC shall perform the following operations once while entering the STARTUP mode:
• Initialise all structures, variables and constants from user defined initialisation (.ini) files.
• Initialise all I/O pins to the correct states.
• Open the serial ports for feed packages and helium service.
• Initialise and start feed packages, vacuum pump and helium service state machine.
• Start the SPFC Tango device server (TDS) for LMC communication.
3.1.2.2.3 Implementation
[SPFC-SW-0010] The SPFC shall perform no continuous processing while in the STARTUP mode and shall exit the mode as soon as all system initialisation procedures are completed.
3.1.2.2.4 Exit
[SPFC-SW-0011] The SPFC shall exit the STARTUP mode and transition to the STANDBY_LP mode automatically if no errors were detected during initialisation (Refines: SPFC-0005). [SPFC-SW-0012] The SPFC shall enter the ERROR state if an error is detected which prevents it from performing its functional requirements (Refines: SPFC-0015).
3.1.3 STANDBY_LP
3.1.3.1 Purpose
The STANDBY_LP mode is entered automatically upon successful completion of the initialisation actions in the STARTUP mode. In this mode, the SPFC is deemed operational and will adhere to commands received from the LMC over the Tango communication channel. The SPFC also executes the sub-state controllers for each feed package, the vacuum and helium service. The SPFC shall transition to the ERROR mode if an operational error occurs from which it is unable to recover.
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 15 of 67
3.1.3.2 Functional Requirements
3.1.3.2.1 Entry
[SPFC-SW-0013] The SPFC shall enter the STANDBY_LP mode from the STARTUP mode automatically if no errors were detected (Refines: SPFC-0005). [SPFC-SW-0014] The SPFC shall enter the STANDBY_LP mode from any other mode if so requested by the LMC (Refines: SPFC-0007).
3.1.3.2.2 Transition
[SPFC-SW-0015] The SPFC shall ensure that all health status of the sub-elements is cleared when the transition to the STANDBY_LP mode is active.
[SPFC-SW-0016] The SPFC shall ensure that the helium compressor, vacuum pump and feeds are all in their respected Off modes if commanded to enter STANDBY_LP (Refines: SPFC-0006).
3.1.3.2.3 Implementation
The SPFC shall perform the following operations while in the STANDBY_LP mode:
• [SPFC-SW-0017] Estimate the time to full performance and report this value to the LMC (Refines: SPFC-0054).
• [SPFC-SW-0018] Execute state machines for the following sub-elements:
o Band 1 feed package
o Band 2 feed package
o Band 345 feed package
o Vacuum service
o Helium service.
• [SPFC-SW-0019] Message decoding of the following systems and subsystems:
o LMC via the Tango interface
o Feed packages via their individual serial communication interfaces
o Helium controller via a serial interface.
• [SPFC-SW-0020] Monitor and report on system status, sub-element status, sensors, alarms, events, faults and logs (Refines: SPFC-0021, SPFC-0023, SPFC-0024, SPFC-0025, SPFC-0028, SPFC-0033, SPFC-0036, SPFC-0042).
3.1.3.2.4 Exit
[SPFC-SW-0021] The SPFC shall exit the STANDBY_LP mode and transition to a new mode only if requested by the LMC (Refines: SPFC-0004, SPFC-0005). [SPFC-SW-0022] The SPFC shall enter the ERROR mode if an error is detected which prevents it from performing its functional requirements (Refines: SPFC-0015).
3.1.4 OPERATE
3.1.4.1 Purpose
This is the operational mode of the SPFC. In this mode, the SPFC can be in full or degraded performance states. Astronomical observation is done in this mode.
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 16 of 67
3.1.4.2 Functional Requirements
3.1.4.2.1 Entry
[SPFC-SW-0023] The SPFC shall enter the OPERATE mode from the STANDBY_LP, MAINTENANCE or ERROR mode only upon request from the LMC.
3.1.4.2.2 Transition
[SPFC-SW-0024] The SPFC shall not commence with the transition until execution of all previous commands are completed.
3.1.4.2.3 Implementation
The SPFC shall perform the following operations while in the OPERATE mode:
• [SPFC-SW-0025] Execute state machines for the following sub-elements:
o Band 1 feed package
o Band 2 feed package
o Band 345 feed package
o Vacuum service
o Helium service.
• [SPFC-SW-0026] Message decoding of the following systems and subsystems:
o LMC via the Tango interface
o Feed packages via their individual serial communication interfaces
o Helium controller via a serial interface.
• [SPFC-SW-0027] Monitor and report on system status, sub-element status, sensors, alarms, events, faults and logs (Refines: SPFC-0021, SPFC-0023, SPFC-0024, SPFC-0025, SPFC-0028, SPFC-0033, SPFC-0036, SPFC-0042).
The SPFC shall perform the following operations while in the OPERATE_DEGRADED power state:
• [SPFC-SW-0028] Estimate the time to full performance and report this value to the LMC (Refines: SPFC-0054).
• [SPFC-SW-0029] Continuously try to achieve FULL_PERFORMANCE power state (Refines: SPFC-0008).
The SPFC shall perform the following operations while in the OPERATE_FULL_PERFORMANCE power state:
• [SPFC-SW-0030] Comply with all performance requirements (Refines: SPFC-0009).
3.1.4.2.4 Exit
[SPFC-SW-0032] The SPFC shall exit the OPERATE mode only if commanded by the LMC. [SPFC-SW-0033] The SPFC shall enter the ERROR mode if an error is detected which prevents it from performing its functional requirements (Refines: SPFC-0015).
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 17 of 67
3.1.5 MAINTENANCE
3.1.5.1 Purpose
The SPFC shall enter this mode from any other mode when commanded by the LMC. When in the MAINTENANCE mode, the SPFC shall ensure that the system is physically safe to work on by an engineer, an engineering communication interface is made available and orchestrate remote software updates to its subsystems if so requested.
3.1.5.2 Functional Requirements
3.1.5.2.1 Entry
[SPFC-SW-0034] The SPFC shall enter the MAINTENANCE mode from other modes upon request from the LMC.
3.1.5.2.2 Transition
[SPFC-SW-0035] The SPFC shall not commence with the transition until execution of all previous commands are completed.
3.1.5.2.3 Implementation
The SPFC shall perform the following operations while in the MAINTENANCE mode:
• [SPFC-SW-0036] Either be in FULL_POWER or LOW_POWER states (Refines: SPFC-0011).
• [SPFC-SW-0037] Configure its receivers to be safe for physical maintenance (Refines: SPFC-0012, SPFC-0153).
• [SPFC-SW-0038] Enable the engineering interface (Refines: SPFC-0013).
• [SPFC-SW-0039] Enable SPF sub-element firmware and software to be updated (Refines: SPFC-0014).
3.1.5.2.4 Exit
[SPFC-SW-0040] The SPFC shall exit the MAINTENANCE mode only if commanded by the LMC. [SPFC-SW-0041] The SPFC shall enter the ERROR mode if an error is detected which prevents it from performing its functional requirements (Refines: SPFC-0015).
3.1.6 ERROR
3.1.6.1 Purpose
The ERROR mode is automatically entered from any mode if an error occurs which prevents the SPFC to perform its functional tasks. The SPFC shall log the error and the reason thereof to an error log. The SPFC shall provide diagnostic information via the Tango interface or the debug port. Depending on the severity of the ERROR, the SPFC shall either automatically restart and transition to the OFF mode, or wait for the LMC to request a new mode.
3.1.6.2 Functional Requirements
3.1.6.2.1 Entry
[SPFC-SW-0042] The ERROR mode is automatically entered from any mode if an error occurs which prevents the SPFC to perform its functional tasks (Refines: SPFC-0015).
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 18 of 67
3.1.6.2.2 Transition
The SPFC shall ensure that no status changes are allowed while transitioning to the ERROR mode as to have accurate information on the system state and possible cause of the error when an error log is generated.
3.1.6.2.3 Implementation
The SPFC shall perform the following operations while in the ERROR mode:
• [SPFC-SW-0043] Log the error to disk. The following information shall be contained in the error log:
o SPFC mode from which the error occurred.
o System health status.
o Sub-element state machine state.
o Hardware resource status
o Disk space
o Memory usage
o Communication port status
• [SPFC-SW-0044] Notify all connected Tango clients that the SPFC is in its ERROR mode and thus not available for operation.
• [SPFC-SW-0045] Provide debug information with the same content as the error log via the debug port, regardless if there is a terminal connected to it or not.
3.1.6.2.4 Exit
[SPFC-SW-0046] If communication with the LMC can be maintained, the SPFC shall remain in the ERROR mode until a new mode is requested by the LMC.
3.2 CSCI Capability Requirements
The functional breakdown of the SPFC CSCI is given below in Figure 3.
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 19 of 67
Single Pixel Feed Controller
Interfaces
Events
Alarms
Monitor and Report
States and Modes
Ethernet
Tango
Multiple Receivers
HeliumCompressor
Engieering
Sensors
Faults andFailures
Automatic safety checks
Support
Load/SaveConfig Data
RemoteUpdates
Control
Feed Packages
LNA
Vacuum Valve
Cryo Motor
Temperature Controllers
Calibration Signal
Vacuum Pump
Helium Compressor
Load/SaveMetadata
Serial
Digital
Vacuum Pump
HeliumCompressor
State Machines
Firmware programming
Figure 3: Functional breakdown of the SPFC.
Table 3: Summary of the software system functions
No. SPFC Function Description
1. Interfaces
1.1. Ethernet Communicate via the Ethernet interface.
1.1.1. Tango Use the Tango control suite for SPFC_LMC communication.
1.1.2. Engineering Use SSH for configuration, updates and debugging
1.2. Serial Communicate via UART interfaces.
1.2.1. Multiple Receivers Implement separate software ICDs for communication with each of the receivers.
1.2.2. Helium Compressor Implement software ICD for helium compressor communication.
1.2.3. Firmware programming Implement a proprietary low level debugging interface for firmware programming and CPU debugging.
1.3. Digital Set output and get input of digital IO pins.
1.3.1. Vacuum Pump Control digital lines to and from vacuum pump.
1.3.2. Helium Compressor Control digital lines to and from helium compressor.
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 20 of 67
No. SPFC Function Description
2. Monitor and Report
2.1. States and Modes Report system states and modes on request
2.2. Sensors Report sensor data
2.3. Alarms Report alarms of events which require action
2.4. Events Report events which are informative
2.5. Logs Report logs based on the log level set by the LMC
2.6. Faults and Failures Report faults and failures of the system
2.7. Automatic safety checks Failsafe safety checks to protect the receiver components
3. Control
3.1. Feed Packages Control the sub-elements.
3.1.1. State Machines Control the state machines of the sub-elements.
3.1.2. LNA LNAs ON and OFF.
3.1.3. Vacuum Valve Vacuum valve OPEN and CLOSE.
3.1.4. Cryocooler Motor Cryocooler motor ON and OFF.
3.1.5. Temperature Controllers Temperature control of 1st and 2nd stage RFE platforms.
3.1.6. Calibration Signal Calibration signal control in lab test setup.
3.2. Vacuum Pump Control vacuum service.
3.3. Helium Compressor Control helium service.
4. Support
4.1. Remote Updates Feed package firmware update via SPFC software.
4.2. Load/Save Configuration Data Upload and download configuration files.
4.3. Load/Save Metadata Provide software version information and item serial numbers.
3.2.1 Control
3.2.1.1 Feed Packages
The SPFC application software shall control each of the following devices on each FP as described below.
3.2.1.1.1 State Machines
[SPFC-SW-0048] The application software shall control each FP with its own state machine as described in §3.2.6.5 (Refines: SPFC-0021).
3.2.1.1.2 LNAs
[SPFC-SW-0049] The SPFC shall be able to individually switch the LNAs ON or OFF via a request from the Tango interface.
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 21 of 67
3.2.1.1.3 Vacuum Valve
[SPFC-SW-0050] The vacuum valve on each FP shall be automatically controlled by its corresponding state machine. [SPFC-SW-0051] The LMC shall be able to control the vacuum valve manually with a Tango command when in the MAINTENANCE mode.
3.2.1.1.4 Cryocooler Motor
[SPFC-SW-0052] The cryocooler motor shall either be controlled automatically by the state machine or by the LMC in the MAINTENANCE mode. It can be switched ON or OFF.
3.2.1.1.5 Temperature Controllers
[SPFC-SW-0053] The SPFC shall have two temperature controllers for band 2 with the control options as shown in Table 4.
Table 4: Temperature settings
Setting RFE 1st Stage Temperature Controller Calibration Source Temperature Controller
Off Temperature controller switched off Temperature controller switched off
Set point 1 Temperature controlled at approx. 14 K Temperature controlled at approx. 280 K
Set point 2 Temperature controlled at approx. 16 K Temperature controlled at approx. 285 K
Set point 3 Temperature controlled at approx. 18 K Temperature controlled at approx. 290 K
Set point 4 Temperature controlled at approx. 20 K Temperature controlled at approx. 296 K
Set point 5 Temperature controlled at approx. 22 K Temperature controlled at approx. 300 K
Set point 6 Temperature controlled at approx. 24 K Temperature controlled at approx. 305 K
Warm Temperature controlled at approx. 295 K Temperature controlled at approx. 310 K
3.2.1.1.6 Calibration Signal
[SPFC-SW-0055] An LMC controlled signal via the Tango interface shall enable or disable the calibration source (in MAINTENANCE mode in a lab setup when the digitizer is bypassed) with a fibre control line directly from the SPFC.
3.2.1.2 Control Vacuum Pump
[SPFC-SW-0056] The SPFC shall have a state machine which orchestrates vacuum pump control and status as per §3.2.6.3 (Refines: SPFC-0021, SPFC-0022). [SPFC-SW-0057] The vacuum pump state machine shall execute in its own thread.
The following vacuum control functions shall be implemented. Note that some of these commands are only available in MAINTENANCE mode.
• [SPFC-SW-0058] The SPFC shall be able to switch the vacuum pump ON and OFF as required by the different FPs.
• [SPFC-SW-0059] The LMC shall be able to switch the vacuum pump ON and OFF via the Tango interface, while in MAINTENANCE mode.
• [SPFC-SW-0060] The LMC shall be able to override and switch off the vacuum pump and disable the vacuum pump control via the Tango interface, while in operational or MAINTENANCE mode.
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 22 of 67
3.2.1.3 Control Helium Compressor
[SPFC-SW-0061] The SPFC shall have a state machine which orchestrates helium compressor control and status as per §3.2.6.4 (Refines: SPFC-0021, SPFC-0022). [SPFC-SW-0062] The helium compressor state machine shall execute in its own thread.
The following helium compressor functions shall be implemented. Note that some of these commands are only available in MAINTENANCE mode.
• [SPFC-SW-0063] The SPFC shall be able to switch the helium compressor ON and OFF via the helium compressor serial interface as required by the different FPs.
• [SPFC-SW-0064] The LMC shall be able to switch the helium compressor ON and OFF via the Tango interface, while in MAINTENANCE mode.
• [SPFC-SW-0065] The LMC shall be able to reset the helium compressor via the Tango interface, while in MAINTENANCE mode.
• [SPFC-SW-0066] The LMC shall be able to override and switch the helium compressor OFF via the Tango interface, while in MAINTENANCE mode.
3.2.2 Monitor and Report
3.2.2.1 States and Modes
[SPFC-SW-0067] The SPFC shall report its active mode to the LMC when requested (Refines: SPFC-0003). [SPFC-SW-0068] The health status of the SPFC shall be reported to the LMC upon request from the LMC (Refines: SPFC-0025).
[SPFC-SW-0069] The SPFC shall report to the LMC the capability status of each FP individually (Refines: SPFC-0024).
[SPFC-SW-0070] The SPFC shall have the following aggregated capability states for each band independently which is reported to the LMC (Refines: SPFC-0016):
• UNAVAILABLE
• STANDBY
• OPERATE_DEGRADED
• OPERATE_FULL
The criteria for each capability state are given in Table 5 below.
Table 5: SPFC capability states
State Description and Transition requirements
UNAVAILABLE [SPFC-SW-0071] The SPFC shall set SPFx to UNAVAILABLE if no communication to the SPFx can be established or if there are errors that render the SPFx not fully functional (Refines: SPFC-0017).
STANDBY [SPFC-SW-0072] The SPFC shall set SPFx to STANDBY, if it is ready to fully function, and its cooling system is turned off (Refines: SPFC-0018).
OPERATE_DEGRADED [SPFC-SW-0073] The SPFC shall set an SPFx to OPERATE_DEGRADED if it is fully functional, but its performance is not within its specifications (Refines: SPFC-0019).
OPERATE_FULL [SPFC-SW-0074] The SPFC shall set an SPFx to OPERATE_FULL if it is fully functional and its performance is within its specifications (Refines: SPFC-0020).
Note: SPFx refers to any SPF1, SPF2, SPF345 bands. Refer to paragraph 3.2.6.5 for the mapping of these capabilities to the lower level states.
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 23 of 67
[SPFC-SW-0075] The SPFC software shall automatically detect when a FP is connected to the feed and report on missing sub-elements (Refines: SPFC-0026). [SPFC-SW-0076] The overall SPF system health status shall be reported, which is a rolled up status based on all FP and services device-status sensors (Refines: SPFC-0023).
[SPFC-SW-0077] The SPFC shall monitor all control lines of the vacuum pump to determine its status as per §3.3.2.2.
[SPFC-SW-0078] The SPFC shall monitor all communication and control lines of the helium compressor to determine its status as per §3.3.2.3.
[SPFC-SW-0079] The SPFC shall implement a built-in self-test (BIT) to determine its health status (Refines: SPFC-0058, SPFC-0059). [SPFC-SW-0080] Part of the BIT shall include a power-on self-tests (POST) that is included in the Linux operating system e.g. memory, wear levelling and interrupts.
3.2.2.2 Alarms
[SPFC-SW-0081] The SPFC shall be able to set the level of reporting of alarms to the LMC (Refines: SPFC-0027). [SPFC-SW-0082] When an alarm condition is detected, the SPFC shall report the alarm to the LMC within 3 seconds (Refines: SPFC-0029). [SPFC-SW-0083] An alarm shall be triggered by the SPFC if a condition or failure exist where a hazard to equipment or personnel is posed or where the effectiveness of a sub-element is reduced (Refines: SPFC-0030). [SPFC-SW-0084] The SPFC shall report no alarms for FPs not fitted (Refines: SPFC-0031).
[SPFC-SW-0085] The alarm message from the SPFC to the LMC shall contain the following information (Refines: SPFC-0028):
• Time of detection of condition
• Description of the condition
• Justification for raising the alarm:
o Conditional data measured
o Identification of source
o Logic to evaluate the data.
[SPFC-SW-0086] The SPFC shall trigger an alarm for the following conditions (Refines: SPFC-0030):
• Sensor value not within configured limits
• SPFC error
• FP error
• Vacuum error
• Helium error.
3.2.2.3 Events
[SPFC-SW-0087] The SPFC shall be able to set the level of reporting of events to the LMC (Refines: SPFC-0032).
[SPFC-SW-0088] The SPFC shall report the following events to the LMC (Refines: SPFC-0033):
• Changes in states and modes and any sub-element state and mode as required by the LMC.
• Changes in health status.
[SPFC-SW-0089] The SPFC shall report no events for missing FPs (Refines: SPFC-0034).
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 24 of 67
3.2.2.4 Logs
[SPFC-SW-0090] The SPFC shall be able to set the level of reporting of logging information to the LMC (Refines: SPFC-0035). [SPFC-SW-0091] The SPFC shall report log messages to the LMC at the chosen log level (Refines: SPFC-0036). [SPFC-SW-0092] The SPFC shall report no log messages to the LMC for missing FPs (Refines: SPFC-0037).
[SPFC-SW-0093] All sensor data shall be logged with a UNIX time stamp to a Secure Digital (SD) card in a round robin scheme. [SPFC-SW-0094] Inactive log files shall be compressed and kept for a duration of 30 days on the SPFC, upon which it shall automatically be deleted (Refines: SPFC-0066). [SPFC-SW-0095] The SPFC shall not exceed 70% of the total amount of logging storage (Refines: SPFC-0067).
[SPFC-SW-0096] The SPFC shall be able to perform diagnostic logging. [SPFC-SW-0097] The SPFC shall be able to enable or disable the diagnostic logging without interfering with the operational software.
3.2.2.5 Sensors
[SPFC-SW-0098] The SPFC shall be able to set the level of reporting of sensor information to the LMC (Refines: SPFC-0038). [SPFC-SW-0099] The SPFC shall report drill-down monitoring points to the LMC to enable fault diagnostics of the SPF sub-element (Refines: SPFC-0039).
[SPFC-SW-0100] All FP sensor values shall be available as Tango attributes. [SPFC-SW-0101] All sensors shall report their own status over Tango and shall report when its value is in the warning or error ranges.
3.2.2.6 Faults and Failures
[SPFC-SW-0102] The SPFC shall report failures and the identification thereof based on the product structure and the failure mode, effects and criticality analysis (FMECA) to the LMC (Refines: SPFC-0040).
[SPFC-SW-0103] The SPFC shall identify faulty Line Replaceable Units (LRU) where applicable (Refines: SPFC-0041).
[SPFC-SW-0104] The SPFC shall report to the LMC monitoring points that are required for preventative maintenance or for predicting failures as identified in the FMECA (Refines: SPFC-0042).
[SPFC-SW-0105] The SPFC shall report no faults of missing FPs (Refines: SPFC-0043).
3.2.2.7 Automatic Safety Checks
[SPFC-SW-0106] The SPFC shall switch off the specific radio frequency equipment (RFE) temperature controller if its sensor value exceeds 320 K (Refines: SPFC-0012, SPFC-0154). [SPFC-SW-0107] The vacuum valve shall be closed if the cryostat or manifold pressure suddenly increases (Refines: SPFC-0013, SPFC-0155). [SPFC-SW-0108] The SPFC shall always do a valve safety check to confirm that the pressure in the vacuum manifold is acceptable, before opening the vacuum valve (Refines: SPFC-0014, SPFC-0156).
[SPFC-SW-0109] To limit the overall peak inrush current, the SPFC shall ensure that the SPFHe and SPFVac services are not switched on simultaneously (Refines: SPFC-0201).
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 25 of 67
3.2.3 Support
3.2.3.1 Remote Updates
3.2.3.1.1 Application Software Updates
[SPFC-SW-0110] The SPFC shall facilitate remote updates of the SPFC application software. (Refines: SPFC-0044). [SPFC-SW-0111] Remote software upgrades shall be implemented by a Linux package upgrader. [SPFC-SW-0112] The SPFC shall use a configuration file to point to a specific http or ftp server where new updates will be available.
3.2.3.1.2 Feed Package Upgrades
[SPFC-SW-0113] The SPFC shall facilitate remote updates of the firmware of connected FPs (Refines: SPFC-0045). [SPFC-SW-0114] The SPFC shall be able to individually disable a FP to start the firmware update process.
3.2.3.2 Load and Save Configuration Data
[SPFC-SW-0115] The SPFC shall be able to upload and download configuration and calibration files to a specified FP. [SPFC-SW-0116] The configuration files shall be made available by the SPFC via SSH file transfer protocol (SFTP).
3.2.3.3 Load and Save Metadata
[SPFC-SW-0117] The serial number of the SPFC shall be configurable.
[SPFC-SW-0118] The SPFC shall monitor the following metadata and report it to the LMC upon request (Refines: SPFC-0046, SPFC-0047, SPFC-0048, SPFC-0049, SPFC-0050):
• SPFC software version
• SPFC serial number
• SPFC total operation time
• Firmware version of all connected feed packages
• Serial numbers of all connected feed packages
• Firmware version of the helium compressor
• Serial number of the helium compressor
• Total operation time of a feed package.
3.2.3.4 Engineering Interface
[SPFC-SW-0119] The SPFC shall provide an engineering interface via its Ethernet port to allow remote access to it for detailed system diagnostics and maintenance (Refines: SPFC-0051). [SPFC-SW-0120] Remote access to the SPFC shall be via a secure socket shell (SSH) connection directly to the Linux operating system. [SPFC-SW-0121] The engineering interface of the SPFC shall have access control with username and password security. [SPFC-SW-0122] The SPFC shall allow a remote connection of simulator software for detailed operational diagnostics and low level control.
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 26 of 67
3.2.4 Performance Requirements
3.2.4.1 System Start-up
[SPFC-SW-0123] The SPFC shall perform its POST, operating system start-up and application initialisation in less than 5 minutes (Refines: SPFC-0052).
3.2.4.2 Processing Resources
[SPFC-SW-0125] The SPFC CSCI shall not exceed 80% of the available CPU processing time (Refines: SPFC-0055).
[SPFC-SW-0126] The SPFC shall be capable of maintaining all FPs in the fully powered up state for extended durations (Refines: SPFC-0056).
3.2.4.3 Data Latency
[SPFC-SW-0127] The latency introduced by the SPFC because of processing and hardware specific delays shall be less than 5s (Refines: SPFC-0061).
3.2.4.4 Mode Transition Times
[SPFC-SW-0128] The SPFC shall comply with the mode transition times as specified in [AD2] (Refines: SPFC-0062).
3.2.5 Specific Requirements for Stamp CoM Setup
3.2.5.1 Clock Speeds
The Main Clock Oscillator (crystal) on the Stamp runs at 18.432 MHz. (125) [SPFC-SW-0129] The phase locked loop A (PLLA) shall be derived from the main clock to run at 396 MHz (Refines: SPFC-0096). (126) [SPFC-SW-0130] The PLLA shall be selected to be used as the Master as well as the Processor clock speed.
3.2.5.2 Peripherals
The following peripherals on the Stamp CoM shall be disabled.
• [SPFC-SW-0131] USB ports shall not be used in the SPFC. Both the USB Host port clock and the USB Device port clock shall be disabled (Refines: SPFC-0096).
• [SPFC-SW-0132] The USART 5 port shall be disabled.
3.2.5.3 Watchdog Timer
[SPFC-SW-0133] Each independent FP thread shall be monitored by a watchdog timer (WDT) that shall restart the thread if the time-out is reached. [SPFC-SW-0134] If a specific thread cannot be restarted, the whole application software shall be restarted with a system reboot. [SPFC-SW-0135] An automatic restart of the application software shall be initiated if an unhandled exception occurs. [SPFC-SW-0137] If the SPFC CSCI is unresponsive for more than 10s, it shall automatically be restarted by the WDT (Refines: SPFC-0063, SPFC-0186).
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 27 of 67
3.2.6 Application Software Control Logic
An overview of the application software is displayed in Figure 4 and described in more detail below.
Application Software on SPFC
Tango Device Server
SPFC Control Block(Sensor & Control Values;
Health Status)
SPF2 SM (Sampling & State Machine Control)
SPFVac SM (Sampling & State
Machine Control)
To SPFVac
To SPF2
Ethernet port
SPFHe SM (Sampling & State
Machine Control)
SPF1 SM (Sampling & State Machine Control)
To SPF1
SPF345 SM (Sampling & State Machine Control)
To SPF345
To SPFHe
SPF1 Comm
Protocol
SPF2 Comm
Protocol
SPF345 Comm
Protocol
SPFHe Comm
Protocol
SPFVac Comm
Protocol
Figure 4: Application software code blocks.
3.2.6.1 Tango Device Server
[SPFC-SW-0138] The TDS shall create a communication channel via Ethernet for clients to connect to using the Tango protocol (Refines: SPFC-0076). [SPFC-SW-0139] The TDS shall translate the Tango commands and attribute requests and pass it on to the SPFC control block. [SPFC-SW-0140] The TDS shall continuously run in its own thread and shall be independent of other SPFC application threads.
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 28 of 67
3.2.6.2 SPFC Control Block
The SPFC control block is the central part of the SPFC application software. [SPFC-SW-0141] It shall aggregate the necessary sensor values and health status of the sub-elements. [SPFC-SW-0142] The SPFC shall provide the requested sensor values to the TDS upon request. [SPFC-SW-0143] The SPFC control block shall raise the necessary events and alarms when such conditions occur.
[SPFC-SW-0144] The SPFC control block shall manage all corresponding threads and state machines of the sub-elements.
3.2.6.3 Vacuum Pump Controller
[SPFC-SW-0145] The SPF services control block shall independently control services when required by either the LMC or the FPs (Refines: SPFC-0022). [SPFC-SW-0146] The vacuum service state machine shall at least have the states as shown in Figure 5. The following applies:
• [SPFC-SW-0147] The vacuum service SM shall be in the OFF state when the SPFVac is powered down.
• [SPFC-SW-0148] The vacuum service SM shall be in the TEMPERATURE OUT OF RANGE state when the SPFVac is in its OPERATIONAL TOO COLD state due to the ambient temperature being too cold to create a vacuum and needs to wait for the temperature to rise before it can create a vacuum.
• [SPFC-SW-0149] The vacuum service SM shall be in the OPERATIONAL state when the SPFVac is operating according to the specifications of [RD2].
• [SPFC-SW-0150] The vacuum service SM shall be in the UNAVAILABLE state when an error occurred that prevents the SPFVac from operating according to its specifications given in [RD2].
[SPFC-SW-0151] The SPFC shall be able to automatically switch the vacuum pump ON or OFF as required by the different FPs (Refines: SPFC-0022). [SPFC-SW-0152] A Tango client shall be able to manually switch the vacuum pump ON or OFF (Refines: SPFC-0022). [SPFC-SW-0153] A Tango client shall be able to enable or disable the vacuum pump control (Refines: SPFC-0022).
Figure 5: SPFVac state machine.
Ok
Fail
Degraded
Comms-on &Enabled?
Initialize
Yes
No
Off
Maintenance
Unavailable
comms-on & enabled
From any s tate
Device-status(overall health)
StatesNominalWarning
Error
Operational
From any s tate
From any s tate
Temperature Out of Range
Error Unavailable
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 29 of 67
3.2.6.4 Helium Compressor Controller
[SPFC-SW-0154] The helium service SM shall at least have the states as shown in Figure 6. The following applies:
• [SPFC-SW-0155] The helium service SM shall be in the OFF state when the SPFHe is powered down.
• [SPFC-SW-0156] The helium service SM shall be in the OPERATIONAL state when the SPFHe is operating as per its fully operating conditions given in [RD1].
• [SPFC-SW-0157] The helium service SM shall be in the LOW-PRESSURE state when the helium needs to be replenished, but is still able to operate according to the specifications of [RD1].
• [SPFC-SW-0158] The helium service SM shall be in the UNAVAILABLE state when a communication error occurs on the SPFHe or if it is unable to operate according to the specifications of [RD1].
[SPFC-SW-0159] The SPFC shall be able to automatically switch the helium compressor ON or OFF as required by the different FPs (Refines: SPFC-0022). [SPFC-SW-0160] A Tango client shall be able to manually switch the helium compressor ON or OFF (Refines: SPFC-0022). [SPFC-SW-0161] A Tango client shall be able to reset the helium compressor (Refines: SPFC-0022). [SPFC-SW-0162] A Tango client shall be able to override and switch off the helium compressor and disable the helium compressor controller (Refines: SPFC-0022).
Ok
Fail
Degraded
Comms-on &Enabled?
Initialize
Yes
No
Off
Reset
Maintenance
Unavailable
comms-on & enabled
From any s tate
Device-status(overall health)
StatesNominalWarning
Error
Operational
From any s tate
From any s tate
Low Pressure(Operational)
Error
Figure 6: SPFHe state machine.
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 30 of 67
3.2.6.5 Feed Package Control Block
[SPFC-SW-0163] All commands and requests for each FP shall be placed in a queue and shall be processed sequentially. [SPFC-SW-0164] FP sensors and FP data shall be monitored continuously at 1 Hz. [SPFC-SW-0165] FP sensor data shall be temporary saved into a rolling buffer from where the latest values shall be logged and be made available to send over the Tango interface. [SPFC-SW-0166] Each FP SM shall continuously execute in its own thread and communicate independently with its respective band feed package controller (FPC).
3.2.6.5.1 Band 1 FPC
The FP SM diagram is shown in Figure 7 with a description of each state in Table 6. The following applies:
• [SPFC-SW-0244] The default start-up state shall be user selectable to be either STANDBY-LP or OPERATE.
• [SPFC-SW-0245] The Band 1 FPC shall be in the STANDBY-LP mode when the SPF1 is ready to fully function and the LNA temperature control is switched off (Refines: SPFC-0018).
• [SPFC-SW-0246] If OPERATE is selected as the default start-up state, the Band 1 FPC shall automatically transition from STANDBY-LP to the next required states to reach the OPERATE mode with an OPERATE-FULL capability state, if the SPF1s performance is within specifications (Refines: SPFC-0020).
• [SPFC-SW-0247] If OPERATIONAL is requested from the Tango interface, the Band 1 FPC shall automatically transition from its current state to the next required states to reach the OPERATE mode with an OPERATE-FULL capability state, if the SPF1s performance is within specifications (Refines: SPFC-0020).
• [SPFC-SW-0248] If the SPF1 is fully functional, but its performance is not within its specifications, the Band 1 FPC shall transition to the OPERATE-DEGRADED capability state (Refines: SPFC-0019).
• [SPFC-SW-0249] The RF power shall only be switched ON or OFF with Tango requests.
• [SPFC-SW-0250] In the event of an error occurs which renders the SPF1 not fully functional, the Band 1 FPC shall transition to the ERROR state.
• [SPFC-SW-0251] The Band 1 FPC shall transition to the UNAVAILABLE state when no communication can be established with the SPF1.
• [SPFC-SW-0252] The Band 1 FPC shall transition to the MAINTENANCE mode when requested via the Tango interface.
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 31 of 67
Figure 7: SPF1 state machine.
Fail
Degraded
OK
Unavailable(expected online)
Error
Soft-Off
StartupState?
TransitionalMaintenance
Unavailable (not expected
online)
Availablecontrolled
RX detected
Error Corrected
RX Detected
Degraded Performance
Soft-off
Warm-operational
From any state
From any state
Warm-Operational
Nominal
Warning
Error
StatesDevice-status
(overall health)
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 32 of 67
Table 6: SPF1 mode description
SPF Capability State
FP Mode Description
Un
avai
lab
le OFFLINE
The SPF1 is either not installed (and not expected to be online) or no communication can be established (expected to be online)
ERROR This indicates that an error has occurred and that the SPF1 is turned off
MAINTENANCE This is used during production or when the SPF1 is manually controlled while doing maintenance
Stan
db
y
STANDBY-LP The LNA’s and all temperature controllers are disabled.
Op
erat
e D
egra
ded
TRANSITIONAL The SPF1 is busy stabilizing the 1st stage LNA temperature in order to go to the AVAILABLE state. LNA heaters are enabled.
DEGRADED PERFORMANCE
The SPF1 is operational, but not able to meet specifications yet. From the AVAILABLE state: the 1st stage LNA temperature has moved outside expected nominal ranges.
Op
erat
e Fu
ll
AVAILABLE; TEMP STABILISED
The SPF1 package is fully operational and ready to be utilised. The 1st stage LNA temperature has stabilised and all critical sensor values are within their expected nominal ranges.
The data in Table 7 shows which states are mutual exclusive and which states can exist simultaneously.
Table 7: Mutual exclusivity (m) of the SPF1 states & modes (X = Can exist simultaneously. R = Required)
Un
avai
lab
le
Off
Tran
siti
on
al
De
grad
ed
Pe
rfo
rman
ce
Ava
ilab
le
Mai
nte
nan
ce
Erro
r
Serv
ices
Err
or
De
grad
ed
Unavailable m m m m X X m m
Off m m m m m m m m
Transitional m m m m m m m m
Degraded Performance m m m m m m X R
Available m m m m m m m m
Maintenance X m m m m m m m
Error X m m m m m m m
Services Error m m m X m m m m
Degraded m m m R m m m m
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 33 of 67
The variables referenced in Table 8 shall be user changeable. By default, their values are as follows:
• TLNA = H & V channel LNA temperature average
• TSLNA = 1st Stage temperature setpoint (selected from Table 4)
• TSO = Temperature setpoint maximum offset = 1.0 K
• TNO = Non-operational temperature = 320 K
• TWOE = Warm operational error temperature = 315 K
Table 8: SPF1 state definitions
Feed Package States Sensor & Equipment States
Primary States
States / Modes Typical LNA Temperatures
(TLNA) RF Power
Un
avai
lab
le OFFLINE undetermined undetermined
MAINTENANCE = Amb user select
ERROR undetermined Off
Stan
db
y
STANDBY-LP = Amb Off
Op
era
te
De
grad
ed
TRANSITIONAL TLNA < TWOE Off
DEGRADED TNO > TLNA > TWOE user select
Op
era
te
Full WARM OPERATIONAL
(CONTROLLED) TSLNA - TSO ≤ TLNA ≤ TSLNA + TSO On
3.2.6.5.2 Band 2 FPC
The Band 2 FP SM diagram is shown in Figure 8. A description of each state is given in Table 9. The following applies:
• [SPFC-SW-0167] The Band 2 default start-up state shall be user selectable to be either STANDBY-LP or OPERATE.
• [SPFC-SW-0168] The Band 2 FPC shall be in the STANDBY-LP mode when the SPF2 is ready to fully function and the cooling system is switched off (Refines: SPFC-0018).
• [SPFC-SW-0169] If OPERATE is selected as the default start-up state, the Band 2 FPC shall automatically transition from STANDBY-LP to the next required states to reach the OPERATE mode with an OPERATE-FULL capability state, if the SPF2s performance is within specifications (Refines: SPFC-0020).
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 34 of 67
• [SPFC-SW-0170] If OPERATIONAL is requested from the Tango interface, the Band 2 FPC shall automatically transition from its current state to the next required states to reach the OPERATE mode with an OPERATE-FULL capability state, if the SPF2s performance is within specifications (Refines: SPFC-0020).
• [SPFC-SW-0171] If the SPF2 is fully functional, but its performance is not within its specifications, the Band 2 FPC shall transition to the OPERATE-DEGRADED capability state (Refines: SPFC-0019).
• [SPFC-SW-0172] The Band 2 RF power shall only be switched ON or OFF with Tango requests.
• [SPFC-SW-0173] The Band 2 FPC shall transition to the REGENERATION state when requested via the Tango interface if in MAINTENANCE mode.
• [SPFC-SW-0174] In the event of an error occurs which renders the SPF2 not fully functional, the Band 2 FPC shall transition to the ERROR state.
• [SPFC-SW-0175] The Band 2 FPC shall transition to the UNAVAILABLE state when no communication can be established with the SPF2 (Refines: SPFC-0017).
• [SPFC-SW-0176] The Band 2 FPC shall transition to the MAINTENANCE mode when requested via the Tango interface.
Figure 8: SPF2 state machine.
Degraded
Fail
Ok
Startup State?
RX Detected
Soft-Off
Soft-off
Transitional
Error
Available
Cold-operational
ErrorCorrected
Finalstabilisation
Soft-off
Cold-operational
Regene-ration
DegradedPerformance
Initiateregeneration
P & T (un)stable
Maintenance
Fromany state
From any state
Device-status(ove rall health)
StatesNominalWarning
Error
Unavailable(expected online)
Unavailable(not expected
online)
RX DetectedSoft-off
Regen pending
Regenerate
Timeout
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 35 of 67
Table 9: SPF2 states description
SPF State FP State Description U
nav
aila
ble
OFFLINE The SPF2 is either not installed (and not expected to be online) or no communication can be established (expected to be online)
ERROR This indicates that an error has occurred and that the SPF2 is turned off
MAINTENANCE This is used during production or when the SPF2 is manually controlled while doing maintenance
Stan
db
y
STANDBY-LP The cryocooler, LNA’s and both temperature controllers are disabled. The vacuum valve is closed.
Op
erat
e D
egra
ded
REGENERATION
The SPF2 is warming up in order to release and evacuate the gas particles that have been accumulated on the cryogenic surfaces and the charcoal trap during cryopumping. After this regeneration process the SPF2 is cooled down to the AVAILABLE state again.
REGEN PENDING
The SPF2 is still operational, but waiting for the vacuum pump to become available in order to go to the REGENERATION state.
TRANSITIONAL The SPF2 is busy cooling down in order to go to the AVAILABLE state. A vacuum is created in the cryostat and the cryocooler is enabled.
DEGRADED PERFORMANCE
The SPF2 is operational, but not able to meet specifications yet. From the AVAILABLE state: Either the RFE 1st stage temperature has increased (unstable) or the pressure in the cryostat has increased above the expected nominal ranges. A higher temperature control set-point could stabilize the temperature, otherwise a cryostat regeneration might be required in order to attain the AVAILABLE state again.
Op
erat
e Fu
ll
AVAILABLE The SPF2 is fully cold, operational and ready to be utilised. The RFE 1st stage temperature has stabilised and all critical sensor values are within their expected nominal ranges
The data in Table 10 shows which states are mutual exclusive and which states can exist simultaneously.
The variables referenced in Table 11 shall be user changeable. By default, their values are as follows:
• Cryocooler On Pressure = PCO = 5 x 10-2 mbar
• Cryopumping Pressure = PCP = 1 x 10-2 mbar
• Cryopumping Pressure Error = PCPE = 1 x 10-1 mbar
• Cold Operational Temperature = TCO = 30 K
• Cold Operational Available Temperature range = ΔTCOA = 1K
• RFE1 Temperature Setpoint = TSRFE1
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 36 of 67
Table 10: Mutual exclusivity (m) of the SPF2 states & modes (X = Can exist simultaneously. R = Required)
Un
avai
lab
le
Off
Tran
siti
on
al
De
grad
ed
Pe
rfo
rman
ce
Ava
ilab
le
Mai
nte
nan
ce Er
ror
Serv
ices
Er
ror
De
grad
ed
Unavailable m m m m X X m m
Off m m m m m m m m
Transitional m m m m m m m m
Degraded Performance m m m m m m X R
Available m m m m m m m m
Maintenance X m m m m m m m
Error X m m m m m m m
Services Error m m m X m m m m
Degraded m m m R m m m m
Table 11: SPF2 state definitions
Feed Package States Sensor & Equipment States
Primary States
States / Modes
Vacuum Valve state
Vacuum Manifold Pressure
(PM)
Cryostat Pressure
(PC)
Typical LNA Temperatures
(TLNA)
Cooler Motor state
RF Power
Un
avai
lab
le OFFLINE
undeter-mined
undeter-mined
undeter-mined
undetermined undeter-
mined undeter-
mined
MAINTENANCE user
select user
select user
select <= Amb
user select
user select
ERROR closed n/a undeter-
mined undetermined off off
Stan
db
y
STANDBY-LP closed n/a <= Atm <= Amb off off
Op
erat
e
Deg
rad
ed
TRANSITIONAL SM
controlled PCO < PM <
Atm PCO < PC <
Atm TCO < TRFE1 <
Amb SM
controlled user
select
DEGRADED SM
controlled PM < PCO
PCP < PC < PCPE.
TCO < TRFE1 < Amb
on user
select
Op
erat
e
Full COLD
OPERATIONAL closed n/a PC < PCP
TSRFE1 - ΔTCOA
≤ TRFE1 ≤ TSRFE1 + ΔTCOA
on user
select
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 37 of 67
3.2.6.5.3 Band 345 FPC
The Band 345 FP SM diagram is shown in Figure 9. A description of each state is given in Table 12. The following applies:
• [SPFC-SW-0253] The Band 345 default start-up state shall be user selectable to be either STANDBY-LP or OPERATE.
• [SPFC-SW-0254] The Band 345 FPC shall be in the STANDBY-LP mode when the SPF345 is ready to fully function and the cooling system is switched off (Refines: SPFC-0018).
• [SPFC-SW-0255] If OPERATE is selected as the default start-up state, the Band 345 FPC shall automatically transition from STANDBY-LP to the next required states to reach the OPERATE mode with an OPERATE-FULL capability state, if the SPF345’s performance is within specifications (Refines: SPFC-0020).
• [SPFC-SW-0256] If OPERATIONAL is requested from the Tango interface, the Band 345 FPC shall automatically transition from its current state to the next required states to reach the OPERATE mode with an OPERATE-FULL capability state, if the SPF345’s performance is within specifications (Refines: SPFC-0020).
• [SPFC-SW-0257] If the SPF345 is fully functional, but its performance is not within its specifications, the Band 345 FPC shall transition to the OPERATE-DEGRADED capability state (Refines: SPFC-0019).
• [SPFC-SW-0258] The Band 345 RF power shall only be switched ON or OFF with Tango requests.
• [SPFC-SW-0259] The Band 345 FPC shall transition to the REGENERATION state when requested via the Tango interface if in MAINTENANCE mode.
• [SPFC-SW-0260] In the event of an error occurs which renders the SPF345 not fully functional, the Band 345 FPC shall transition to the ERROR state.
• [SPFC-SW-0261] The Band 345 FPC shall transition to the UNAVAILABLE state when no communication can be established with the SPF345 (Refines: SPFC-0017).
• [SPFC-SW-0262] The Band 345 FPC shall transition to the MAINTENANCE mode when requested via the Tango interface.
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 38 of 67
Figure 9: SPF345 state machine.
Table 12: SPF345 states description
SPF State FP State Description
Un
avai
lab
le OFFLINE
The SPF345 is either not installed (and not expected to be online) or no communication can be established (expected to be online)
ERROR This indicates that an error has occurred and that the SPF345 is turned off
MAINTENANCE This is used during production or when the SPF345 is manually controlled while doing maintenance
Stan
db
y
STANDBY-LP The cryocooler, LNA’s and all temperature controllers are disabled. The vacuum valve is closed.
Op
erat
e
Deg
rad
ed
REGENERATION
The SPF345 is warming up in order to release and evacuate the gas particles that have accumulated during cryopumping. After this regeneration process the SPF345 is cooled down to the AVAILABLE state again.
REGEN PENDING
The SPF345 is still operational, but waiting for the vacuum pump to become available in order to go to the REGENERATION state.
Degraded
Fail
Ok
Startup State?
RX Detected
Soft-Off
Soft-off
Transitional
Error
Available
Cold-operational
ErrorCorrected
Finalstabilisation
Soft-off
Cold-operational
Regene-ration
DegradedPerformance
Initiateregeneration
P & T (un)stable
Maintenance
Fromany state
From any state
Device-status(ove rall health)
StatesNominalWarning
Error
Unavailable(expected online)
Unavailable(not expected
online)
RX DetectedSoft-off
Regen pending
Regenerate
Timeout
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 39 of 67
SPF State FP State Description
TRANSITIONAL The SPF345 is busy cooling down in order to go to the AVAILABLE state. A vacuum is created in the cryostat and the cryocooler is enabled.
DEGRADED PERFORMANCE
The SPF345 is operational, but not able to meet specifications yet. From the AVAILABLE state: Either the RFE 1st stage temperature has increased (unstable) or the pressure in the cryostat has increased above the expected nominal ranges. A higher temperature control set-point could stabilize the temperature, otherwise a cryostat regeneration might be required in order to attain the AVAILABLE state again.
Op
erat
e Fu
ll
AVAILABLE The SPF345 is fully cold, operational and ready to be utilised. The RFE 1st stage temperature has stabilised and all critical sensor values are within their expected nominal ranges
The data in Table 13 shows which states are mutual exclusive and which states can exist simultaneously.
Table 13: Mutual exclusivity (m) of the SPF345 states & modes (X = Can exist simultaneously. R = Required)
Un
avai
lab
le
Off
Tran
siti
on
al
De
grad
ed
Pe
rfo
rman
ce
Ava
ilab
le
Mai
nte
nan
ce Er
ror
Serv
ice
s
Erro
r
De
grad
ed
Unavailable m m m m X X m m
Off m m m m m m m m
Transitional m m m m m m m m
Degraded Performance m m m m m m X R
Available m m m m m m m m
Maintenance X m m m m m m m
Error X m m m m m m m
Services Error m m m X m m m m
Degraded m m m R m m m m
The following variables referenced in Table 14 shall be user changeable. By default, their values are as follows:
• Cryocooler On Pressure = PCO = 5 x 10-2 mbar
• Cryopumping Pressure = PCP = 1 x 10-2 mbar
• Cryopumping Pressure Error = PCPE = 1 x 10-1 mbar
• Turbopump On pressure = PTO = 1 x 10-2 mbar
• Cold Operational Temperature = TCO = 30 K
• Cold Operational Available Temperature range = ΔTCOA = 1K
• RFE1 Temperature Setpoint = TSRFE1
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 40 of 67
Table 14: SPF345 state definitions
Feed Package States
Sensor & Equipment States
Primary States
States / Modes
Vacuum Valve state
Vacuum Manifold
Pressure (PM)
Cryostat Pressure
(PC)
Typical LNA Temperatures
(TLNA)
Cooler Motor state
Turbo pump power
RF Power
Un
avai
lab
le
OFFLINE undeter-
mined undeter-mined
undeter-mined
undetermined undeter-
mined off
undeter-mined
MAINTE-NANCE
user select
user select user
select <= Amb
user select
user select
user select
ERROR closed n/a Undeter-
mined undetermined off off off
Stan
db
y
STANDBY-LP
closed n/a <= Atm <= Amb off off off
Op
erat
e
Deg
rad
ed TRANSI-
TIONAL SM
controlled PCO < PM < Atm
PCO < PC < Atm
TCO < TRFE1 < Amb SM
controlled SM
controlled user
select
DEGRADED SM
controlled PM < PCO
PCP < PC < PCPE.
TCO < TRFE1 < Amb on off user
select
Op
erat
e
Full
COLD OPERA-TIONAL
closed n/a PC < PCP TSRFE1 - ΔTCOA
≤ TRFE1 ≤ TSRFE1 + ΔTCOA
on off user
select
3.3 SPFC External Interface Requirements
The SPFC external interface diagram is given in Figure 1. The details of each interface are given in the subsections that follow.
3.3.1 LMC_SPF (I.M.LMC_SPF.01)
[SPFC-SW-0177] The SPFC shall conform to the Tango interface requirements detailed in [AD3] (Refines: SPFC-0073, SPFC-0074, SPFC-0075).
[SPFC-SW-0178] The SPFC shall always allow SFTP and SSH connections on the LMC_SPF interface, using default ports (Refines: SPFC-0049). These connections are used for remote low-level control and debugging.
3.3.2 DFN (I.M.DFN_SPF.05)
The DFN is a physical interface and within it are several logic interfaces. These logic interfaces are between the SPFC and the various sub-elements. The logical interfaces are described the following subsections.
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 41 of 67
3.3.2.1 Feed Package Interfaces (SPF IIF01, SPF IIF02, SPF IIF03)
[SPFC-SW-0179] The SPFC shall be able to simultaneously connect to 3 FPs over 3 UART over fibre communication interfaces.
[SPFC-SW-0180] The SPFC shall conform to the interface requirements given in [AD4] for SPF1, [AD5] for SPF2 and [AD6] for SPF345 (Refines: SPFC-0064, SPFC-0078, SPFC-0079, SPFC-0080).
3.3.2.2 Vacuum Pump Interface (SPF IIF04)
[SPFC-SW-0181] The SPFC shall conform to the interface requirements given in [AD7] (Refines: SPFC-0081).
[SPFC-SW-0182] The SFPC shall be able to manipulate two digital output control lines to the vacuum pump which represents “Start” and “Stop” control signals (Refines: SPFC-0081).
[SPFC-SW-0183] The SPFC shall be able to read two digital input lines which indicates 4 states: Offline, Online (too cold to operate), Ready (warm enough to operate) and Running (Refines: SPFC-0081). For more details, see [AD7].
3.3.2.3 Helium Compressor Interface (SPF IIF05)
[SPFC-SW-0184] The SPFC shall connect to the SPFHe via a UART over fibre interface and conform to the interface requirements given in [AD8] (Refines: SPFC-0082).
[SPFC-SW-0185] One digital output pin on the Stamp shall be allocated as a control line to the helium compressor which implements a “Reset” signal to the SPFHe Controller. [SPFC-SW-0186] One digital input pin shall be allocated as a feedback signal to the Stamp which indicates if the helium compressor is “Running”. For more details, see [AD8].
3.4 CSCI Internal Interface Requirements
The internal interfaces of the SPFC are shown in Figure 10. Each interface is described in the following subsections.
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 42 of 67
SPFC
Ethernet(PHY)
Stamp(ARM CPU)
ADCs
UART
IIF4
SD card
ETC
IIF1
IIF5
IIF3
IIF2
Figure 10: SPFC internal interfaces.
3.4.1 Ethernet Physical Layer (IIF1)
[SPFC-SW-0187] The media independent interface (MII) connection setup to the physical (PHY) layer shall be precompiled into the Linux file system image and managed by the Linux OS.
3.4.2 UART (IIF2)
The UART interface of the Stamp PCB represents all the UART interfaces of the SPFC. As per §3.3.2.1, the UART interface communicates with all the connected SPFs.
[SPFC-SW-0188] The setup of the programming and low level debug UART shall be precompiled in the Linux file system. [SPFC-SW-0189] The programming and debugging interface shall only allow local access to the SPFC, directly to the PCB.
3.4.3 SD Card (IIF3)
[SPFC-SW-0190] The SD card bus shall be available for logging data to an SD card.
3.4.4 Elapsed Time Counter (IIF4)
[SPFC-SW-0191] Provision shall be made to implement an elapsed time counter (ETC) over an I2C bus (Refines: SPFC-0050, SPFC-0186).
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 43 of 67
3.4.5 ADCs (IIF5)
[SPFC-SW-0192] ADCs for monitoring the on-board sensor values shall be implemented by using an I2C bus.
[SPFC-SW-0193] The four analogue inputs on the Stamp shall be implemented to monitor the voltage, current and on-board temperature SPFC, with one spare channel (Refines: SPFC-0057, SPFC-0070, SPFC-0188).
3.5 CSCI Internal Data Requirements
These requirements are left to the design.
3.6 Adaptation Requirements
[SPFC-SW-0194] The SPFC shall be configured with a fixed IPv4 address allocated by SKA.
3.7 Safety Requirements
[SPFC-SW-0195] The SPFC software classification shall be non-safety critical. Sufficient hardware interlocks shall be designed into the system to allow this classification.
3.8 Security and Privacy Requirements
[SPFC-SW-0196] The SPFC operating system shall be password protected to restrict unauthorised local or remote access.
3.9 CSCI Environment Requirements
[SPFC-SW-0197] The SPFC shall execute on the Taskit Stamp9G20 Computer on Module (CoM) which has an ARM architecture.
[SPFC-SW-0198] The SPFC shall execute on the Linux Ånström OpenEmbedded distribution which resides on the built-in flash memory of the Stamp CoM.
3.10 Computer Resource Requirements
3.10.1 Computer Hardware Requirements
[SPFC-SW-0199] The SPFC shall be executed on the Stamp CoM Atmel AT91SAM9G20 with ARM926EJ-S core MCU (Refines: SPFC-0068, SPFC-0069, SPFC-0182). [SPFC-SW-0200] The Stamp CoM shall have the following hardware requirements (Refines: SPFC-0183, SPFC-0184, SPFC-0186):
• Variable CPU speed setting
• 128 MB SD RAM
• 512 MB Flash
• 1x 10/100 Ethernet MAC
• 6x UART
• 1x I2C
• 1x SD Card with 8GB capacity
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 44 of 67
• 1x 4 Channel ADC
• 16x Digital I/O ports
• Watchdog timer
Refer to [RD1] for more details on the Stamp CoM.
3.10.2 Computer Hardware Resource Utilisation Requirements
[SPFC-SW-0201] The hardware capacities given in Table 15 shall not be exceeded by the SPFC as a design goal (Refines: SPFC-0055).
Table 15: SPFC hardware resource utilisation requirements
Item Specification Capacity [%]
CPU CPU time 80
SD RAM 128 MB 50
Flash 512 MB 50
External storage (SD Card) 4 GB 70
Ethernet Bits per second 50
3.10.3 Computer Software Requirements
[SPFC-SW-0202] The SPFC shall as far as possible use features provided by the embedded OS to implement (Refines: SPFC-0182):
• Power-On Self-Test (POST).
• Loading of the SPFC executable on power-up.
• Downloading of software updates.
• Allowing remote access to the system.
3.10.4 Computer Communications Requirements
3.10.4.1 Ethernet interface
[SPFC-SW-0203] The monitoring data rate on the Ethernet interface shall not exceed 200 kbps (Refines: SPFC-0060). [SPFC-SW-0204] Control messages over the Ethernet interface shall not exceed 10 kbps.
3.10.4.2 Serial UART interfaces
[SPFC-SW-0205] The serial UART interfaces shall be configured for low speed data transmission. The following settings shall be used, except of defined otherwise in respective ICDs:
• 19200 baud rate
• 8 data bits
• 1 stop bit
• No parity
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 45 of 67
3.10.4.3 Programming and low level debug interface
[SPFC-SW-0206] The programming and low level debug interface shall have the following configuration parameters:
• 115200 baud rate
• 8 data bits
• 1 stop bit
• No parity
3.11 Software Quality Factors
The following software quality factors shall be adhered to as far as possible. Standard EMSS Antennas in-house coding standards will be adhered to.
3.11.1 Reliability
[SPFC-SW-0207] The SPFC shall be reliable in the sense that the application can run for extended periods of time of at least 12 months continuous operation (Refines: SPFC-0111). [SPFC-SW-0208] The SPFC software shall recycle its resources, implement circular buffers and have no memory leaks as detected by reasonable profiling and testing. [SPFC-SW-0209] The SPFC operation shall be consistent and repeatable with the same input conditions. [SPFC-SW-0210] The SPFC software shall be based on sound software design principles and design patterns.
3.11.2 Maintainability
[SPFC-SW-0211] To ensure maintainability of the SPFC, it shall have a modular design as far as possible.
3.11.3 Availability
[SPFC-SW-0212] The SPFC software, when executing, shall always be available for sub-elements to communicate with it. [SPFC-SW-0213] The SPFC shall not have a state where authorised local or remote access is denied.
3.11.4 Flexibility
[SPFC-SW-0214] The SPFC shall be flexible to accompany new requirements and system specifications.
3.11.5 Portability
[SPFC-SW-0215] The SPFC shall, as far as possible, be portable in the sense that it can be ported to another hardware or software (OS) platform. This will mitigate possible future legacy issues.
3.11.6 Reusability
[SPFC-SW-0216] The software modules and objects shall be implemented in such a way as to promote software reusability.
3.11.7 Usability
There are no usability requirements for the SPFC software.
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 46 of 67
3.11.8 Design
[SPFC-SW-0218] A modular software design method shall be used to ensure encapsulation of functionality.
3.12 Design and Implementation Constraints
[SPFC-SW-0219] The SPFC shall be implemented in C/C++.
3.13 Personnel Related Requirements
Personnel expected to support the SPFC should have detailed knowledge of the hardware, the Stamp CoM, the Linux operating system, the C/C++ computer language as well as the Tango Control System interface.
3.14 Training Related Requirements
There are no training requirements for the SPFC CSCI.
3.15 Logistics Related Requirements
3.15.1 System Maintenance
[SPFC-SW-0220] Software maintenance shall be handled by EMSS Antennas. [SPFC-SW-0221] Any software fixes or upgrades shall be handled under the terms of the contracts in place. [SPFC-SW-0222] Preventative system maintenance shall be provided by EMSS Antennas under a separate maintenance contract if needed.
3.15.2 Software Support
[SPFC-SW-0223] First line software support shall be given by EMSS Antennas. [SPFC-SW-0224] A remote connection to the SPFC shall be available to perform remote software support, as detailed in §3.2.3.4.
3.15.3 System Transportation
[SPFC-SW-0225] The SPFC software shall be transported in a binary package form, and shall be pre-installed on the SPFC hardware. [SPFC-SW-0226] Updates of the SPFC software shall be performed via its OS and requesting a new binary package from a specified server on the network.
3.16 Other Requirements
None.
3.17 Packaging Requirements
[SPFC-SW-0227] The SPFC application software shall be remotely updated to a distribution server on the SKA network and no physical media shall be used for SPFC software installation. [SPFC-SW-0228] All CSCI and data items shall be safely stored in a repository of the client’s choice.
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 47 of 67
3.18 Precedence and Criticality Requirements
All requirements have equal precedence and assessed criticality.
3.19 Development Method and Testing
[SPFC-SW-0229] The SPFC software design philosophy shall be implemented on cycles of the waterfall method as depicted in Figure 11. [SPFC-SW-0230] The software development shall be an iterative process adding more detail and functionality with each cycle.
Figure 11: The waterfall design methodology.
[SPFC-SW-0231] All software shall be tested and debugged on a PC before it is uploaded to any hardware. [SPFC-SW-0232] It shall be preferred to have a Company Software Standard in place before software development commences.
An overview of the Test Interface(s) (TI) model is shown in Figure 12.
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 48 of 67
SPFC
Eth
ern
et
UA
RT
UA
RT
UA
RT
UA
RT
PW
R
I/O
SPF1 / SIM
SPF2 / SIM
SPF345 / SIM
SPFHe / SIM
SPFVac / SIM
220 VAC
I/O
Visual
Low Level Support:• Linux control and setup via SSH• File transfer via SFTP/SCP• ICMP (Ping)
SSH/SFTP/SCP/ICMP
Tango Clients:• SPFC Test Interface• LMC
Tango (TCP/IP)
1
2
3
4
5
6
7
8Fr
on
t P
anel
Dis
pla
yx
Legend:
Test Interface x
Figure 12: SPFC software development and testing model.
[SPFC-SW-0233] Low level engineering and support connections shall be made available to the SPFC via the Ethernet interface, as indicated by TI (1) in Figure 12 (Refines: SPFC-0051). [SPFC-SW-0234] The protocols allowed on the Ethernet interface of the SPFC shall be at least TCP/IP, SSH, SFTP and Internet Control Message Protocol (ICMP). [SPFC-SW-0235] Low level engineering and support shall include the following tests and operations:
• Connectivity tests via ICMP,
• Operating system control, setup and remote updates via SSH and SFTP/SCP, and
• Configuration and log file transfers via SFTP/SCP (Refines: SPFC-0051).
[SPFC-SW-0236] An SPFC interface testing graphical user interface (GUI) shall be developed in order to test the SPFC application software from TI (2) as seen in Figure 12. [SPFC-SW-0240] The front panel display shall serve as a visual test interface TI (3) for SPFC internal status. [SPFC-SW-0241] TI (4,5,6,7,8) shall be used to test the interfaces between SPF1, SPF2, SPF345, SPFHe and SPFVac respectively. These tests can either be done with external protocol simulators or production hardware).
3.20 Documentation
[SPFC-SW-0242] This system shall have a software test document (STD), describing the required software tests that shall be performed in order to qualify the software as well as a software test report (STR) to detail the qualification results.
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 49 of 67
4 VERIFICATION
4.1 Quality Conformance
4.1.1 Responsibility for Tests
[SPFC-SW-0243] The supplier shall perform all requirement verification and acceptance tests.
4.1.2 Special Tests and Examinations
None.
4.1.3 Requirements Validation Phases and Methods
The conformance verification test phases and the test methods to ensure that the requirements as defined in this document have been satisfied are summarized in Table 16 and Table 17 respectively.
Table 16: Test phases applicable to the SPFC
Abbr. Description
N/A Not applicable
DT Tested/verified during the development phase (first prototypes)
QT Tested/verified during qualification
AT Acceptance test during integration and manufacturing
Table 17: Test methods applicable to the SPFC
Verification Methods
Term Abbr. Description
Inspection I
The inspection of a characteristic either visually or by simple
measurement and compared against a drawing, standard or data sheet.
Verification by inspection implies that the measurement technique is
elementary enough to obviate a formal test procedure.
Analysis A Verification of a characteristic by means of analysis using appropriate
theoretical models.
Demonstration D Verifying a functional characteristic by means of actual demonstration
using the hardware itself.
Formal Test FT
The measurement of either mechanical or electrical characteristic using
standard measuring equipment. If the measurement technique or
equipment needed for the measurement is non-standard, it is described
under the appropriate test paragraph number.
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 50 of 67
4.2 Requirements Verification
Table 18: Requirements verification matrix
Requirement number & description
Test Phase Test Description
(& responsible party)
DT QT AT (Note: These test definitions serve
as framework for more detailed test instructions.)
[SPFC-SW-0001] The SPFC shall have the following internal modes. The interaction of the modes is shown in Figure 2. (Refines: SPFC-0001)
• OFF
• STARTUP
• STANDBY_LP
• OPERATE
• MAINTENANCE
• ERROR
I I Inspect SPFC CSCI source code
[SPFC-SW-0002] The SPFC shall have the following power states (Refines: SPFC-0002):
• LOW_POWER
• FULL_POWER
I I Inspect SPFC CSCI source code
[SPFC-SW-0003] All modes and power states shall be reported to the LMC via the Tango interface upon request (Refines: SPFC-0003).
D D Demonstrate capability
[SPFC-SW-0004] The SPFC shall have the OFF mode set when the application is started.
I I Inspect SPFC CSCI source code
[SPFC-SW-0005] The SPFC shall enter the OFF mode if a system reset is requested by the LMC as a maintenance command (Refines: SPFC-0004).
D D Demonstrate capability
[SPFC-SW-0006] The SPFC shall exit the OFF mode automatically and enter the STARTUP mode with no delays when powered up.
I I Inspect SPFC CSCI source code
[SPFC-SW-0007] The SPFC shall automatically enter the STARTUP mode when it is started by the operating system.
I I Inspect SPFC CSCI source code
[SPFC-SW-0008] The SPFC shall ensure that no communication or external interrupts are active while residing in the STARTUP mode.
I D
Inspect SPFC CSCI source code and demonstrate capability during qualification by sending commands to the SPFC via external interfaces while its starting up
[SPFC-SW-0009] The SPFC shall perform the following operations once while entering the STARTUP mode:
• Initialise all structures, variables and constants from user defined initialisation (.ini) files.
• Initialise all I/O pins to the correct states.
• Open the serial ports for feed packages and helium service.
• Initialise and start feed packages, vacuum pump and helium service state machine.
• Start the SPFC Tango device server (TDS) for LMC communication.
I I Inspect SPFC CSCI source code
[SPFC-SW-0010] The SPFC shall perform no continuous processing while in the STARTUP mode and shall exit the mode as soon as all system initialisation procedures are completed.
I I Inspect SPFC CSCI source code
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 51 of 67
Requirement number & description
Test Phase Test Description
(& responsible party)
DT QT AT (Note: These test definitions serve
as framework for more detailed test instructions.)
[SPFC-SW-0011] The SPFC shall exit the STARTUP mode and transition to the STANDBY_LP mode automatically if no errors were detected during initialisation (Refines: SPFC-0005).
I I Inspect SPFC CSCI source code
[SPFC-SW-0012] The SPFC shall enter the ERROR state if an error is detected which prevents it from performing its functional requirements (Refines: SPFC-0015).
D D Simulate an error condition
[SPFC-SW-0013] The SPFC shall enter the STANDBY_LP mode from the STARTUP mode automatically if no errors were detected (Refines: SPFC-0005).
I I Inspect SPFC CSCI source code
[SPFC-SW-0014] The SPFC shall enter the STANDBY_LP mode from any other mode if so requested by the LMC (Refines: SPFC-0007).
D D Demonstrate capability
[SPFC-SW-0015] The SPFC shall ensure that all health status of the sub-elements is cleared when the transition to the STANDBY_LP mode is active.
D D Demonstrate capability
[SPFC-SW-0016] The SPFC shall ensure that the helium compressor, vacuum pump and feeds are all in their respected Off modes if commanded to enter STANDBY_LP (Refines: SPFC-0006).
I I Inspect SPFC CSCI source code
[SPFC-SW-0017] Estimate the time to full performance and report this value to the LMC (Refines: SPFC-0054).
D A Demonstrate an analyse the results
[SPFC-SW-0018] Execute state machines for the following sub-elements:
• Band 1 feed package
• Band 2 feed package
• Band 345 feed package
• Vacuum service
• Helium service.
I I Inspect SPFC CSCI source code
[SPFC-SW-0019] Message decoding of the following systems and subsystems:
• LMC via the Tango interface
• Feed packages via their individual serial communication interfaces
• Helium controller via a serial interface.
I I Inspect SPFC CSCI source code
[SPFC-SW-0020] Monitor and report on system status, sub-element status, sensors, alarms, events, faults and logs (Refines: SPFC-0021, SPFC-0023, SPFC-0024, SPFC-0025, SPFC-0028, SPFC-0033, SPFC-0036, SPFC-0042).
D D Demonstrate each of the capabilities by simulation of needed
[SPFC-SW-0021] The SPFC shall exit the STANDBY_LP mode and transition to a new mode only if requested by the LMC (Refines: SPFC-0004, SPFC-0005).
D D Demonstrate capability
[SPFC-SW-0022] The SPFC shall enter the ERROR mode if an error is detected which prevents it from performing its functional requirements (Refines: SPFC-0015).
D D Demonstrate capability by simulating an error condition
[SPFC-SW-0023] The SPFC shall enter the OPERATE mode from the STANDBY_LP, MAINTENANCE or ERROR mode only upon request from the LMC.
D D Demonstrate capability
[SPFC-SW-0024] The SPFC shall not commence with the transition until execution of all previous commands are completed.
D D Demonstrate capability
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 52 of 67
Requirement number & description
Test Phase Test Description
(& responsible party)
DT QT AT (Note: These test definitions serve
as framework for more detailed test instructions.)
[SPFC-SW-0025] Execute state machines for the following sub-elements:
• Band 1 feed package
• Band 2 feed package
• Band 345 feed package
• Vacuum service
• Helium service.
I I Inspect SPFC CSCI source code
[SPFC-SW-0026] Message decoding of the following systems and subsystems:
• LMC via the Tango interface
• Feed packages via their individual serial communication interfaces
• Helium controller via a serial interface.
I I Inspect SPFC CSCI source code
[SPFC-SW-0027] Monitor and report on system status, sub-element status, sensors, alarms, events, faults and logs (Refines: SPFC-0021, SPFC-0023, SPFC-0024, SPFC-0025, SPFC-0028, SPFC-0033, SPFC-0036, SPFC-0042).
D D Demonstrate each of the capabilities by simulation of needed
[SPFC-SW-0028] Estimate the time to full performance and report this value to the LMC (Refines: SPFC-0054).
D A Demonstrate an analyse the results
[SPFC-SW-0029] Continuously try to achieve FULL_PERFORMANCE power state (Refines: SPFC-0008).
I A Analyse sensor graphs during a simulated test run
[SPFC-SW-0030] Comply with all performance requirements (Refines: SPFC-0009).
I I Inspect SPFC CSCI source code
[SPFC-SW-0032] The SPFC shall exit the OPERATE mode only if commanded by the LMC.
D D Demonstrate capability
[SPFC-SW-0033] The SPFC shall enter the ERROR mode if an error is detected which prevents it from performing its functional requirements (Refines: SPFC-0015).
D D Demonstrate capability by simulating an error condition
[SPFC-SW-0034] The SPFC shall enter the MAINTENANCE mode from other modes upon request from the LMC.
D D Demonstrate capability
[SPFC-SW-0035] The SPFC shall not commence with the transition until execution of all previous commands are completed.
D D Demonstrate capability
[SPFC-SW-0036] Either be in FULL_POWER or LOW_POWER states (Refines: SPFC-0011).
I I Inspect SPFC CSCI source code
[SPFC-SW-0037] Configure its receivers to be safe for physical maintenance (Refines: SPFC-0012, SPFC-0153).
I I Inspect SPFC CSCI source code
[SPFC-SW-0038] Enable the engineering interface (Refines: SPFC-0013).
I I Inspect SPFC CSCI source code
[SPFC-SW-0039] Enable SPF sub-element firmware and software to be updated (Refines: SPFC-0014).
D D Demonstrate capability
[SPFC-SW-0040] The SPFC shall exit the MAINTENANCE mode only if commanded by the LMC.
D D Demonstrate capability
[SPFC-SW-0041] The SPFC shall enter the ERROR mode if an error is detected which prevents it from performing its functional requirements (Refines: SPFC-0015).
D D Demonstrate capability by simulating an error condition
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 53 of 67
Requirement number & description
Test Phase Test Description
(& responsible party)
DT QT AT (Note: These test definitions serve
as framework for more detailed test instructions.)
[SPFC-SW-0042] The ERROR mode is automatically entered from any mode if an error occurs which prevents the SPFC to perform its functional tasks (Refines: SPFC-0015).
D D Demonstrate capability by simulating an error condition
[SPFC-SW-0043] Log the error to disk. The following information shall be contained in the error log:
• SPFC mode from which the error occurred.
• System health status.
• Sub-element state machine state.
• Hardware resource status
• Disk space
• Memory usage
• Communication port status
D D Demonstrate capability by simulating an error condition
[SPFC-SW-0044] Notify all connected Tango clients that the SPFC is in its ERROR mode and thus not available for operation.
D D Demonstrate capability by simulating an error condition
[SPFC-SW-0045] Provide debug information with the same content as the error log via the debug port, regardless if there is a terminal connected to it or not.
D D Demonstrate capability
[SPFC-SW-0046] If communication with the LMC can be maintained, the SPFC shall remain in the ERROR mode until a new mode is requested by the LMC.
D D Demonstrate capability
[SPFC-SW-0048] The application software shall control each FP with its own state machine as described in §3.2.6.5 (Refines: SPFC-0021).
I I Inspect SPFC CSCI source code
[SPFC-SW-0049] The SPFC shall be able to individually switch the LNAs ON or OFF via a request from the Tango interface.
D D Demonstrate capability
[SPFC-SW-0050] The vacuum valve on each FP shall be automatically controlled by its corresponding state machine.
D D Demonstrate capability
[SPFC-SW-0051] The LMC shall be able to control the vacuum valve manually with a Tango command when in the MAINTENANCE mode.
D D Demonstrate capability
[SPFC-SW-0052] The cryocooler motor shall either be controlled automatically by the state machine or by the LMC in the MAINTENANCE mode. It can be switched ON or OFF.
D D Demonstrate capability
[SPFC-SW-0053] The SPFC shall have two temperature controllers for band 2 with the control options as shown in Table 4.
I I Inspect SPFC CSCI source code
[SPFC-SW-0055] An LMC controlled signal via the Tango interface shall enable or disable the calibration source (in MAINTENANCE mode in a lab setup when the digitizer is bypassed) with a fibre control line directly from the SPFC.
D Demonstrate capability
[SPFC-SW-0056] The SPFC shall have a state machine which orchestrates vacuum pump control and status as per §3.2.6.3 (Refines: SPFC-0021, SPFC-0022).
I I Inspect SPFC CSCI source code
[SPFC-SW-0057] The vacuum pump state machine shall execute in its own thread.
I I Inspect SPFC CSCI source code
[SPFC-SW-0058] The SPFC shall be able to switch the vacuum pump ON and OFF as required by the different FPs.
D D Demonstrate capability
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 54 of 67
Requirement number & description
Test Phase Test Description
(& responsible party)
DT QT AT (Note: These test definitions serve
as framework for more detailed test instructions.)
[SPFC-SW-0059] The LMC shall be able to switch the vacuum pump ON and OFF via the Tango interface, while in MAINTENANCE mode.
D D Demonstrate capability
[SPFC-SW-0060] The LMC shall be able to override and switch off the vacuum pump and disable the vacuum pump control via the Tango interface, while in operational or MAINTENANCE mode.
D D Demonstrate capability
[SPFC-SW-0061] The SPFC shall have a state machine which orchestrates helium compressor control and status as per §3.2.6.4 (Refines: SPFC-0021, SPFC-0022).
I I Inspect SPFC CSCI source code
[SPFC-SW-0062] The helium compressor state machine shall execute in its own thread.
I I Inspect SPFC CSCI source code
[SPFC-SW-0063] The SPFC shall be able to switch the helium compressor ON and OFF via the helium compressor serial interface as required by the different FPs.
D D Demonstrate capability
[SPFC-SW-0064] The LMC shall be able to switch the helium compressor ON and OFF via the Tango interface, while in MAINTENANCE mode.
D D Demonstrate capability
[SPFC-SW-0065] The LMC shall be able to reset the helium compressor via the Tango interface, while in MAINTENANCE mode.
D D Demonstrate capability
[SPFC-SW-0066] The LMC shall be able to override and switch the helium compressor OFF via the Tango interface, while in MAINTENANCE mode.
D D Demonstrate capability
[SPFC-SW-0067] The SPFC shall report its active mode to the LMC when requested (Refines: SPFC-0003).
D D Demonstrate capability
[SPFC-SW-0068] The health status of the SPFC shall be reported to the LMC upon request from the LMC (Refines: SPFC-0025).
D D Demonstrate capability
[SPFC-SW-0069] The SPFC shall report to the LMC the capability status of each FP individually (Refines: SPFC-0024).
D A Demonstrate capability
[SPFC-SW-0070] The SPFC shall have the following aggregated capability states for each band independently which is reported to the LMC (Refines: SPFC-0016):
• UNAVAILABLE
• STANDBY
• OPERATE_DEGRADED
• OPERATE_FULL
I I Inspect SPFC CSCI source code
[SPFC-SW-0071] The SPFC shall set SPFx to UNAVAILABLE if no communication to the SPFx can be established or if there are errors that render the SPFx not fully functional (Refines: SPFC-0017).
D D Demonstrate capability by simulating conditions
[SPFC-SW-0072] The SPFC shall set SPFx to STANDBY, if it is ready to fully function, and its cooling system is turned off (Refines: SPFC-0018).
D D Demonstrate capability by simulating conditions
[SPFC-SW-0073] The SPFC shall set an SPFx to OPERATE_DEGRADED if it is fully functional, but its performance is not within its specifications (Refines: SPFC-0019).
D D Demonstrate capability by simulating conditions
[SPFC-SW-0074] The SPFC shall set an SPFx to OPERATE_FULL if it is fully functional and its performance is within its specifications (Refines: SPFC-0020).
D D Demonstrate capability by simulating conditions
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 55 of 67
Requirement number & description
Test Phase Test Description
(& responsible party)
DT QT AT (Note: These test definitions serve
as framework for more detailed test instructions.)
[SPFC-SW-0075] The SPFC software shall automatically detect when a FP is connected to the feed and report on missing sub-elements (Refines: SPFC-0026).
D D Demonstrate capability
[SPFC-SW-0076] The overall SPF system health status shall be reported, which is a rolled up status based on all FP and services device-status sensors (Refines: SPFC-0023).
D A Demonstrate capability
[SPFC-SW-0077] The SPFC shall monitor all control lines of the vacuum pump to determine its status as per §3.3.2.2.
I I Inspect SPFC CSCI source code
[SPFC-SW-0078] The SPFC shall monitor all communication and control lines of the helium compressor to determine its status as per §3.3.2.3.
I I Inspect SPFC CSCI source code
[SPFC-SW-0079] The SPFC shall implement a built-in self-test (BIT) to determine its health status (Refines: SPFC-0058, SPFC-0059).
I I Inspect SPFC CSCI source code
[SPFC-SW-0080] Part of the BIT shall include a power-on self-tests (POST) that is included in the Linux operating system e.g. memory, wear levelling and interrupts.
I I Inspect SPFC CSCI source code
[SPFC-SW-0081] The SPFC shall be able to set the level of reporting of alarms to the LMC (Refines: SPFC-0027).
I I Inspect SPFC CSCI source code
[SPFC-SW-0082] When an alarm condition is detected, the SPFC shall report the alarm to the LMC within 3 seconds (Refines: SPFC-0029).
D FT Test the capability with a stopwatch
[SPFC-SW-0083] An alarm shall be triggered by the SPFC if a condition or failure exist where a hazard to equipment or personnel is posed or where the effectiveness of a sub-element is reduced (Refines: SPFC-0030).
D D Demonstrate capability
[SPFC-SW-0084] The SPFC shall report no alarms for FPs not fitted (Refines: SPFC-0031).
D D Demonstrate capability
[SPFC-SW-0085] The alarm message from the SPFC to the LMC shall contain the following information (Refines: SPFC-0028):
• Time of detection of condition
• Description of the condition
• Justification for raising the alarm:
o Conditional data measured
o Identification of source
o Logic to evaluate the data.
I I Inspect SPFC CSCI source code
[SPFC-SW-0086] The SPFC shall trigger an alarm for the following conditions (Refines: SPFC-0030):
• Sensor value not within configured limits
• SPFC error
• FP error
• Vacuum error
• Helium error.
D D Demonstrate capability
[SPFC-SW-0087] The SPFC shall be able to set the level of reporting of events to the LMC (Refines: SPFC-0032).
D D Demonstrate capability
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 56 of 67
Requirement number & description
Test Phase Test Description
(& responsible party)
DT QT AT (Note: These test definitions serve
as framework for more detailed test instructions.)
[SPFC-SW-0088] The SPFC shall report the following events to the LMC (Refines: SPFC-0033):
• Changes in states and modes and any sub-element state and mode as required by the LMC.
• Changes in health status.
I I Inspect SPFC CSCI source code
[SPFC-SW-0089] The SPFC shall report no events for missing FPs (Refines: SPFC-0034).
D D Demonstrate capability
[SPFC-SW-0090] The SPFC shall be able to set the level of reporting of logging information to the LMC (Refines: SPFC-0035).
I I Inspect SPFC CSCI source code
[SPFC-SW-0091] The SPFC shall report log messages to the LMC at the chosen log level (Refines: SPFC-0036).
D D Demonstrate capability
[SPFC-SW-0092] The SPFC shall report no log messages to the LMC for missing FPs (Refines: SPFC-0037).
D D Demonstrate capability
[SPFC-SW-0093] All sensor data shall be logged with a UNIX time stamp to a Secure Digital (SD) card in a round robin scheme.
I I Inspect SPFC CSCI source code
[SPFC-SW-0094] Inactive log files shall be compressed and kept for a duration of 30 days on the SPFC, upon which it shall automatically be deleted (Refines: SPFC-0066).
I I Inspect SPFC CSCI source code
[SPFC-SW-0095] The SPFC shall not exceed 70% of the total amount of logging storage (Refines: SPFC-0067).
I I Inspect SPFC CSCI source code
[SPFC-SW-0096] The SPFC shall be able to perform diagnostic logging.
D I Demonstrate capability
[SPFC-SW-0097] The SPFC shall be able to enable or disable the diagnostic logging without interfering with the operational software.
D D Demonstrate capability by enabling diagnostic logging during the whole qualification process
[SPFC-SW-0098] The SPFC shall be able to set the level of reporting of sensor information to the LMC (Refines: SPFC-0038).
D D Demonstrate capability
[SPFC-SW-0099] The SPFC shall report drill-down monitoring points to the LMC to enable fault diagnostics of the SPF sub-element (Refines: SPFC-0039).
I I Inspect SPFC CSCI source code
[SPFC-SW-0100] All FP sensor values shall be available as Tango attributes.
I I Inspect SPFC CSCI source code
[SPFC-SW-0101] All sensors shall report their own status over Tango and shall report when its value is in the warning or error ranges.
I I Inspect SPFC CSCI source code
[SPFC-SW-0102] The SPFC shall report failures and the identification thereof based on the product structure and the failure mode, effects and criticality analysis (FMECA) to the LMC (Refines: SPFC-0040).
D A Demonstrate capability
[SPFC-SW-0103] The SPFC shall identify faulty Line Replaceable Units (LRU) where applicable (Refines: SPFC-0041).
D D Demonstrate capability
[SPFC-SW-0104] The SPFC shall report to the LMC monitoring points that are required for preventative maintenance or for predicting failures as identified in the FMECA (Refines: SPFC-0042).
I I Inspect SPFC CSCI source code
[SPFC-SW-0105] The SPFC shall report no faults of missing FPs (Refines: SPFC-0043).
D D Demonstrate capability
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 57 of 67
Requirement number & description
Test Phase Test Description
(& responsible party)
DT QT AT (Note: These test definitions serve
as framework for more detailed test instructions.)
[SPFC-SW-0106] The SPFC shall switch off the specific radio frequency equipment (RFE) temperature controller if its sensor value exceeds 320 K (Refines: SPFC-0012, SPFC-0154).
FT FT Test by simulating values
[SPFC-SW-0107] The vacuum valve shall be closed if the cryostat or manifold pressure suddenly increases (Refines: SPFC-0013, SPFC-0155).
FT FT Test by simulating values
[SPFC-SW-0108] The SPFC shall always do a valve safety check to confirm that the pressure in the vacuum manifold is acceptable, before opening the vacuum valve (Refines: SPFC-0014, SPFC-0156).
I I Inspect SPFC CSCI source code
[SPFC-SW-0109] To limit the overall peak inrush current, the SPFC shall ensure that the SPFHe and SPFVac services are not switched on simultaneously (Refines: SPFC-0201).
I D Demonstrate capability
[SPFC-SW-0110] The SPFC shall facilitate remote updates of the SPFC application software. (Refines: SPFC-0044).
I I Inspect CSCI system configuration
[SPFC-SW-0111] Remote software upgrades shall be implemented by a Linux package upgrader.
I I Inspect CSCI system configuration
[SPFC-SW-0112] The SPFC shall use a configuration file to point to a specific http or ftp server where new updates will be available.
D D Demonstrate capability as well as possible error conditions and recovery
[SPFC-SW-0113] The SPFC shall facilitate remote updates of the firmware of connected FPs (Refines: SPFC-0045).
D D Demonstrate capability as well as possible error conditions and recovery
[SPFC-SW-0114] The SPFC shall be able to individually disable a FP to start the firmware update process.
D FT Demonstrate capability by updating one FPs firmware while controlling another
[SPFC-SW-0115] The SPFC shall be able to upload and download configuration and calibration files to a specified FP.
D D Demonstrate capability
[SPFC-SW-0116] The configuration files shall be made available by the SPFC via SSH file transfer protocol (SFTP).
I I Inspect CSCI system configuration
[SPFC-SW-0117] The serial number of the SPFC shall be configurable.
D D Demonstrate capability
[SPFC-SW-0118] The SPFC shall monitor the following metadata and report it to the LMC upon request (Refines: SPFC-0046, SPFC-0047, SPFC-0048, SPFC-0049, SPFC-0050):
• SPFC software version
• SPFC serial number
• SPFC total operation time
• Firmware version of all connected feed packages
• Serial numbers of all connected feed packages
• Firmware version of the helium compressor
• Serial number of the helium compressor
• Total operation time of a feed package.
I I Inspection
[SPFC-SW-0119] The SPFC shall provide an engineering interface via its Ethernet port to allow remote access to it for detailed system diagnostics and maintenance (Refines: SPFC-0051).
I I Inspection – this is covered by various other tests
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 58 of 67
Requirement number & description
Test Phase Test Description
(& responsible party)
DT QT AT (Note: These test definitions serve
as framework for more detailed test instructions.)
[SPFC-SW-0120] Remote access to the SPFC shall be via a secure socket shell (SSH) connection directly to the Linux operating system.
I I Inspection – this is covered by various other tests
[SPFC-SW-0121] The engineering interface of the SPFC shall have access control with username and password security.
I I Inspection – this is covered by various other tests
[SPFC-SW-0122] The SPFC shall allow a remote connection of simulator software for detailed operational diagnostics and low level control.
I D Demonstrate during qualification
[SPFC-SW-0123] The SPFC shall perform its POST, operating system start-up and application initialisation in less than 5 minutes (Refines: SPFC-0052).
I FT Test with a stopwatch
[SPFC-SW-0125] The SPFC CSCI shall not exceed 80% of the available CPU processing time (Refines: SPFC-0055).
I I Inspect system resources under full load
[SPFC-SW-0126] The SPFC shall be capable of maintaining all FPs in the fully powered up state for extended durations (Refines: SPFC-0056).
I D Demonstrate
[SPFC-SW-0127] The latency introduced by the SPFC because of processing and hardware specific delays shall be less than 5s (Refines: SPFC-0061).
I A Check sensor timestamps as well as command reaction times
[SPFC-SW-0128] The SPFC shall comply with the mode transition times as specified in [AD2] (Refines: SPFC-0062).
I D Demonstrate capability by cycling the system through various simulated mode transitions
[SPFC-SW-0129] The phase locked loop A (PLLA) shall be derived from the main clock to run at 396 MHz (Refines: SPFC-0096).
I I Inspect CSCI system configuration
[SPFC-SW-0130] The PLLA shall be selected to be used as the Master as well as the Processor clock speed.
I I Inspect CSCI system configuration
[SPFC-SW-0131] USB ports shall not be used in the SPFC. Both the USB Host port clock and the USB Device port clock shall be disabled (Refines: SPFC-0096).
I I Inspect CSCI system configuration
[SPFC-SW-0132] The USART 5 port shall be disabled. I I Inspect CSCI system configuration
[SPFC-SW-0133] Each independent FP thread shall be monitored by a watchdog timer (WDT) that shall restart the thread if the time-out is reached.
I D Demonstrate WDT functionality by simulating faults or error conditions
[SPFC-SW-0134] If a specific thread cannot be restarted, the whole application software shall be restarted with a system reboot.
I D Demonstrate WDT functionality by simulating faults or error conditions
[SPFC-SW-0135] An automatic restart of the application software shall be initiated if an unhandled exception occurs.
I D Demonstrate WDT functionality by simulating faults or error conditions
[SPFC-SW-0137] If the SPFC CSCI is unresponsive for more than 10s, it shall automatically be restarted by the WDT (Refines: SPFC-0063, SPFC-0186).
I D Demonstrate WDT functionality by simulating faults or error conditions
[SPFC-SW-0138] The TDS shall create a communication channel via Ethernet for clients to connect to using the Tango protocol (Refines: SPFC-0076).
I I Inspection
[SPFC-SW-0139] The TDS shall translate the Tango commands and attribute requests and pass it on to the SPFC control block.
I I Inspect CSCI source code
[SPFC-SW-0140] The TDS shall continuously run in its own thread and shall be independent of other SPFC application threads.
I I Inspection
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 59 of 67
Requirement number & description
Test Phase Test Description
(& responsible party)
DT QT AT (Note: These test definitions serve
as framework for more detailed test instructions.)
[SPFC-SW-0141] It shall aggregate the necessary sensor values and health status of the sub-elements.
I D Demonstrate capability
[SPFC-SW-0142] The SPFC shall provide the requested sensor values to the TDS upon request.
I I Inspection
[SPFC-SW-0143] The SPFC control block shall raise the necessary events and alarms when such conditions occur.
I D Demonstrate capability
[SPFC-SW-0144] The SPFC control block shall manage all corresponding threads and state machines of the sub-elements.
I I Inspection – software design
[SPFC-SW-0145] The SPF services control block shall independently control services when required by either the LMC or the FPs (Refines: SPFC-0022).
I I Inspection – software design
[SPFC-SW-0146] The vacuum service state machine shall at least have the states as shown in Figure 5.
I I Inspection – software design
[SPFC-SW-0147] The vacuum service SM shall be in the OFF state when the SPFVac is powered down.
I D Demonstrate capability
[SPFC-SW-0148] The vacuum service SM shall be in the TEMPERATURE OUT OF RANGE state when the SPFVac is in its OPERATIONAL TOO COLD state due to the ambient temperature being too cold to create a vacuum and needs to wait for the temperature to rise before it can create a vacuum.
I D Demonstrate capability
[SPFC-SW-0149] The vacuum service SM shall be in the OPERATIONAL state when the SPFVac is operating according to the specifications of [RD2].
I D Demonstrate capability
[SPFC-SW-0150] The vacuum service SM shall be in the UNAVAILABLE state when an error occurred that prevents the SPFVac from operating according to its specifications given in [RD2].
I D Demonstrate capability
[SPFC-SW-0151] The SPFC shall be able to automatically switch the vacuum pump ON or OFF as required by the different FPs (Refines: SPFC-0022).
I D Demonstrate capability
[SPFC-SW-0152] A Tango client shall be able to manually switch the vacuum pump ON or OFF (Refines: SPFC-0022).
I D Demonstrate capability
[SPFC-SW-0153] A Tango client shall be able to enable or disable the vacuum pump control (Refines: SPFC-0022).
[SPFC-SW-0154] The helium service SM shall at least have the states as shown in Figure 6.
I I Inspection – software design
[SPFC-SW-0155] The helium service SM shall be in the OFF state when the SPFHe is powered down.
I D Demonstrate capability
[SPFC-SW-0156] The helium service SM shall be in the OPERATIONAL state when the SPFHe is operating as per its fully operating conditions given in [RD1].
I D Demonstrate capability
[SPFC-SW-0157] The helium service SM shall be in the LOW-PRESSURE state when the helium needs to be replenished, but is still able to operate according to the specifications of [RD1].
I D Demonstrate capability
[SPFC-SW-0158] The helium service SM shall be in the UNAVAILABLE state when a communication error occurs on the SPFHe or if it is unable to operate according to the specifications of [RD1].
I D Demonstrate capability
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 60 of 67
Requirement number & description
Test Phase Test Description
(& responsible party)
DT QT AT (Note: These test definitions serve
as framework for more detailed test instructions.)
[SPFC-SW-0159] The SPFC shall be able to automatically switch the helium compressor ON or OFF as required by the different FPs (Refines: SPFC-0022).
I D Demonstrate capability
[SPFC-SW-0160] A Tango client shall be able to manually switch the helium compressor ON or OFF (Refines: SPFC-0022).
I D Demonstrate capability
[SPFC-SW-0161] A Tango client shall be able to reset the helium compressor (Refines: SPFC-0022).
I D Demonstrate capability
[SPFC-SW-0162] A Tango client shall be able to override and switch off the helium compressor and disable the helium compressor controller (Refines: SPFC-0022).
I D Demonstrate capability
[SPFC-SW-0163] All commands and requests for each FP shall be placed in a queue and shall be processed sequentially.
I D Demonstrate capability by sending a set of commands in quick succession
[SPFC-SW-0164] FP sensors and FP data shall be monitored continuously at 1 Hz.
I I Inspect sensor timestamps
[SPFC-SW-0165] FP sensor data shall be temporary saved into a rolling buffer from where the latest values shall be logged and be made available to send over the Tango interface.
I Inspect CSCI source code
[SPFC-SW-0166] Each FP SM shall continuously execute in its own thread and communicate independently with its respective band feed package controller (FPC).
I Inspect CSCI source code
[SPFC-SW-0244] The default start-up state shall be user selectable to be either STANDBY-LP or OPERATE.
I Inspect CSCI source code
[SPFC-SW-0245] The Band 1 FPC shall be in the STANDBY-LP mode when the SPF1 is ready to fully function and the LNA temperature control is switched off (Refines: SPFC-0018).
I D Demonstrate capability
[SPFC-SW-0246] If OPERATE is selected as the default start-up state, the Band 1 FPC shall automatically transition from STANDBY-LP to the next required states to reach the OPERATE mode with an OPERATE-FULL capability state, if the SPF1s performance is within specifications (Refines: SPFC-0020).
I D Demonstrate capability
[SPFC-SW-0247] If OPERATIONAL is requested from the Tango interface, the Band 1 FPC shall automatically transition from its current state to the next required states to reach the OPERATE mode with an OPERATE-FULL capability state, if the SPF1s performance is within specifications (Refines: SPFC-0020).
I D Demonstrate capability
[SPFC-SW-0248] If the SPF1 is fully functional, but its performance is not within its specifications, the Band 1 FPC shall transition to the OPERATE-DEGRADED capability state (Refines: SPFC-0019).
I D Demonstrate capability
[SPFC-SW-0249] The RF power shall only be switched ON or OFF with Tango requests.
I D Demonstrate capability
[SPFC-SW-0250] In the event of an error occurs which renders the SPF1 not fully functional, the Band 1 FPC shall transition to the ERROR state.
I D Demonstrate capability
[SPFC-SW-0251] The Band 1 FPC shall transition to the UNAVAILABLE state when no communication can be established with the SPF1.
I D Demonstrate capability
[SPFC-SW-0252] The Band 1 FPC shall transition to the MAINTENANCE mode when requested via the Tango interface.
I D Demonstrate capability
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 61 of 67
Requirement number & description
Test Phase Test Description
(& responsible party)
DT QT AT (Note: These test definitions serve
as framework for more detailed test instructions.)
[SPFC-SW-0167] The Band 2 default start-up state shall be user selectable to be either STANDBY-LP or OPERATE.
I Inspect CSCI source code
[SPFC-SW-0168] The Band 2 FPC shall be in the STANDBY-LP mode when the SPF2 is ready to fully function and the cooling system is switched off (Refines: SPFC-0018).
I D Demonstrate capability
[SPFC-SW-0169] If OPERATE is selected as the default start-up state, the Band 2 FPC shall automatically transition from STANDBY-LP to the next required states to reach the OPERATE mode with an OPERATE-FULL capability state, if the SPF2s performance is within specifications (Refines: SPFC-0020).
I D Demonstrate capability
[SPFC-SW-0170] If OPERATIONAL is requested from the Tango interface, the Band 2 FPC shall automatically transition from its current state to the next required states to reach the OPERATE mode with an OPERATE-FULL capability state, if the SPF2s performance is within specifications (Refines: SPFC-0020).
I D Demonstrate capability
[SPFC-SW-0171] If the SPF2 is fully functional, but its performance is not within its specifications, the Band 2 FPC shall transition to the OPERATE-DEGRADED capability state (Refines: SPFC-0019).
I D Demonstrate capability
[SPFC-SW-0172] The Band 2 RF power shall only be switched ON or OFF with Tango requests.
I D Demonstrate capability
[SPFC-SW-0173] The Band 2 FPC shall transition to the REGENERATION state when requested via the Tango interface if in MAINTENANCE mode.
I D Demonstrate capability
[SPFC-SW-0174] In the event of an error occurs which renders the SPF2 not fully functional, the Band 2 FPC shall transition to the ERROR state.
I D Demonstrate capability
[SPFC-SW-0175] The Band 2 FPC shall transition to the UNAVAILABLE state when no communication can be established with the SPF2 (Refines: SPFC-0017).
I D Demonstrate capability
[SPFC-SW-0176] The Band 2 FPC shall transition to the MAINTENANCE mode when requested via the Tango interface.
I D Demonstrate capability
[SPFC-SW-0253] The Band 345 default start-up state shall be user selectable to be either STANDBY-LP or OPERATE.
I Inspect CSCI source code
[SPFC-SW-0254] The Band 345 FPC shall be in the STANDBY-LP mode when the SPF345 is ready to fully function and the cooling system is switched off (Refines: SPFC-0018).
I D Demonstrate capability
[SPFC-SW-0255] If OPERATE is selected as the default start-up state, the Band 345 FPC shall automatically transition from STANDBY-LP to the next required states to reach the OPERATE mode with an OPERATE-FULL capability state, if the SPF345’s performance is within specifications (Refines: SPFC-0020).
I D Demonstrate capability
[SPFC-SW-0256] If OPERATIONAL is requested from the Tango interface, the Band 345 FPC shall automatically transition from its current state to the next required states to reach the OPERATE mode with an OPERATE-FULL capability state, if the SPF345’s performance is within specifications (Refines: SPFC-0020).
I D Demonstrate capability
[SPFC-SW-0257] If the SPF345 is fully functional, but its performance is not within its specifications, the Band 345 FPC shall transition to the OPERATE-DEGRADED capability state (Refines: SPFC-0019).
I D Demonstrate capability
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 62 of 67
Requirement number & description
Test Phase Test Description
(& responsible party)
DT QT AT (Note: These test definitions serve
as framework for more detailed test instructions.)
[SPFC-SW-0258] The Band 345 RF power shall only be switched ON or OFF with Tango requests.
I D Demonstrate capability
[SPFC-SW-0259] The Band 345 FPC shall transition to the REGENERATION state when requested via the Tango interface if in MAINTENANCE mode.
I D Demonstrate capability
[SPFC-SW-0260] In the event of an error occurs which renders the SPF345 not fully functional, the Band 345 FPC shall transition to the ERROR state.
I D Demonstrate capability
[SPFC-SW-0261] The Band 345 FPC shall transition to the UNAVAILABLE state when no communication can be established with the SPF345 (Refines: SPFC-0017).
I D Demonstrate capability
[SPFC-SW-0262] The Band 345 FPC shall transition to the MAINTENANCE mode when requested via the Tango interface.
I D Demonstrate capability
[SPFC-SW-0177] The SPFC shall conform to the Tango interface requirements detailed in [AD3] (Refines: SPFC-0073, SPFC-0074, SPFC-0075).
I Inspection
[SPFC-SW-0178] The SPFC shall always allow SFTP and SSH connections on the LMC_SPF interface, using default ports (Refines: SPFC-0049).
I Inspection
[SPFC-SW-0179] The SPFC shall be able to simultaneously connect to 3 FPs over 3 UART over fibre communication interfaces.
I Inspection
[SPFC-SW-0180] The SPFC shall conform to the interface requirements given in [AD4] for SPF1, [AD5] for SPF2 and [AD6] for SPF345 (Refines: SPFC-0064, SPFC-0078, SPFC-0079, SPFC-0080).
I Inspection
[SPFC-SW-0181] The SPFC shall conform to the interface requirements given in [AD7] (Refines: SPFC-0081).
I Inspection
[SPFC-SW-0182] The SFPC shall be able to manipulate two digital output control lines to the vacuum pump which represents “Start” and “Stop” control signals (Refines: SPFC-0081).
I Inspection
[SPFC-SW-0183] The SPFC shall be able to read two digital input lines which indicates 4 states: Offline, Online (too cold to operate), Ready (warm enough to operate) and Running (Refines: SPFC-0081).
I Inspection
[SPFC-SW-0184] The SPFC shall connect to the SPFHe via a UART over fibre interface and conform to the interface requirements given in [AD8] (Refines: SPFC-0082).
I Inspection
[SPFC-SW-0185] One digital output pin on the Stamp shall be allocated as a control line to the helium compressor which implements a “Reset” signal to the SPFHe Controller.
I Inspection
[SPFC-SW-0186] One digital input pin shall be allocated as a feedback signal to the Stamp which indicates if the helium compressor is “Running”.
I Inspection
[SPFC-SW-0187] The media independent interface (MII) connection setup to the physical (PHY) layer shall be precompiled into the Linux file system image and managed by the Linux OS.
I Inspection
[SPFC-SW-0188] The setup of the programming and low level debug UART shall be precompiled in the Linux file system.
I Inspection
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 63 of 67
Requirement number & description
Test Phase Test Description
(& responsible party)
DT QT AT (Note: These test definitions serve
as framework for more detailed test instructions.)
[SPFC-SW-0189] The programming and debugging interface shall only allow local access to the SPFC, directly to the PCB.
I Inspection
[SPFC-SW-0190] The SD card bus shall be available for logging data to an SD card.
I Inspection
[SPFC-SW-0191] Provision shall be made to implement an elapsed time counter (ETC) over an I2C bus (Refines: SPFC-0050, SPFC-0186).
I Inspection
[SPFC-SW-0192] ADCs for monitoring the on-board sensor values shall be implemented by using an I2C bus.
I Inspection
[SPFC-SW-0193] The four analogue inputs on the Stamp shall be implemented to monitor the voltage, current and on-board temperature SPFC, with one spare channel (Refines: SPFC-0057, SPFC-0070, SPFC-0188).
I Inspection
[SPFC-SW-0194] The SPFC shall be configured with a fixed IPv4 address allocated by SKA.
I I Inspection
[SPFC-SW-0195] The SPFC software classification shall be non-safety critical.
I Inspection
[SPFC-SW-0196] The SPFC operating system shall be password protected to restrict unauthorised local or remote access.
I Inspection
[SPFC-SW-0197] The SPFC shall execute on the Taskit Stamp9G20 Computer on Module (CoM) which has an ARM architecture.
I Inspection
[SPFC-SW-0198] The SPFC shall execute on the Linux Ånström OpenEmbedded distribution which resides on the built-in flash memory of the Stamp CoM.
I Inspection
[SPFC-SW-0199] The SPFC shall be executed on the Stamp CoM Atmel AT91SAM9G20 with ARM926EJ-S core MCU (Refines: SPFC-0068, SPFC-0069, SPFC-0182).
I Inspection
[SPFC-SW-0200] The Stamp CoM shall have the following hardware requirements (Refines: SPFC-0183, SPFC-0184, SPFC-0186):
• Variable CPU speed setting
• 128 MB SD RAM
• 512 MB Flash
• 1x 10/100 Ethernet MAC
• 6x UART
• 1x I2C
• 1x SD Card with 8GB capacity
• 1x 4 Channel ADC
• 16x Digital I/O ports
• Watchdog timer
I Inspection
[SPFC-SW-0201] The hardware capacities given in Table 15 shall not be exceeded by the SPFC as a design goal (Refines: SPFC-0055).
I Inspection
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 64 of 67
Requirement number & description
Test Phase Test Description
(& responsible party)
DT QT AT (Note: These test definitions serve
as framework for more detailed test instructions.)
[SPFC-SW-0202] The SPFC shall as far as possible use features provided by the embedded OS to implement (Refines: SPFC-0182):
• Power-On Self-Test (POST).
• Loading of the SPFC executable on power-up.
• Downloading of software updates.
• Allowing remote access to the system.
I Inspection
[SPFC-SW-0203] The monitoring data rate on the Ethernet interface shall not exceed 200 kbps (Refines: SPFC-0060).
I FT Test throughput with a network analyser during full load
[SPFC-SW-0204] Control messages over the Ethernet interface shall not exceed 10 kbps.
I FT Test throughput with a network analyser during full load
[SPFC-SW-0205] The serial UART interfaces shall be configured for low speed data transmission. The following settings shall be used, except of defined otherwise in respective ICDs:
• 19200 baud rate
• 8 data bits
• 1 stop bit
• No parity
I Inspection
[SPFC-SW-0206] The programming and low level debug interface shall have the following configuration parameters:
• 115200 baud rate
• 8 data bits
• 1 stop bit
• No parity
I Inspection
[SPFC-SW-0207] The SPFC shall be reliable in the sense that the application can run for extended periods of time of at least 12 months continuous operation (Refines: SPFC-0111).
D D Demonstrate during operation
[SPFC-SW-0208] The SPFC software shall recycle its resources, implement circular buffers and have no memory leaks as detected by reasonable profiling and testing.
I Inspect CSCI source code
[SPFC-SW-0209] The SPFC operation shall be consistent and repeatable with the same input conditions.
D Demonstrate during development
[SPFC-SW-0210] The SPFC software shall be based on sound software design principles and design patterns.
I Inspect CSCI source code
[SPFC-SW-0211] To ensure maintainability of the SPFC, it shall have a modular design as far as possible.
I Inspect CSCI design
[SPFC-SW-0212] The SPFC software, when executing, shall always be available for sub-elements to communicate with it.
D D Demonstrate capability during full system load
[SPFC-SW-0213] The SPFC shall not have a state where authorised local or remote access is denied.
I I Inspection
[SPFC-SW-0214] The SPFC shall be flexible to accompany new requirements and system specifications.
I Inspection
[SPFC-SW-0215] The SPFC shall, as far as possible, be portable in the sense that it can be ported to another hardware or software (OS) platform.
I Inspection
[SPFC-SW-0216] The software modules and objects shall be implemented in such a way as to promote software reusability.
I Inspection
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 65 of 67
Requirement number & description
Test Phase Test Description
(& responsible party)
DT QT AT (Note: These test definitions serve
as framework for more detailed test instructions.)
[SPFC-SW-0218] A modular software design method shall be used to ensure encapsulation of functionality.
I Inspection
[SPFC-SW-0219] The SPFC shall be implemented in C/C++. I Inspection
[SPFC-SW-0220] Software maintenance shall be handled by EMSS Antennas.
I Inspection
[SPFC-SW-0221] Any software fixes or upgrades shall be handled under the terms of the contracts in place.
I Inspection
[SPFC-SW-0222] Preventative system maintenance shall be provided by EMSS Antennas under a separate maintenance contract if needed.
I Inspection
[SPFC-SW-0223] First line software support shall be given by EMSS Antennas.
I Inspection
[SPFC-SW-0224] A remote connection to the SPFC shall be available to perform remote software support, as detailed in §3.2.3.4.
I Inspection
[SPFC-SW-0225] The SPFC software shall be transported in a binary package form, and shall be pre-installed on the SPFC hardware.
I I Inspection
[SPFC-SW-0226] Updates of the SPFC software shall be performed via its OS and requesting a new binary package from a specified server on the network.
I D Demonstrate capability
[SPFC-SW-0227] The SPFC application software shall be remotely updated to a distribution server on the SKA network and no physical media shall be used for SPFC software installation.
I I Inspection
[SPFC-SW-0228] All CSCI and data items shall be safely stored in a repository of the client’s choice.
I I Inspection
[SPFC-SW-0229] The SPFC software design philosophy shall be implemented on cycles of the waterfall method as depicted in Figure 11.
I I Inspection
[SPFC-SW-0230] The software development shall be an iterative process adding more detail and functionality with each cycle.
I Inspection
[SPFC-SW-0231] All software shall be tested and debugged on a PC before it is uploaded to any hardware.
I Inspection
[SPFC-SW-0232] It shall be preferred to have a Company Software Standard in place before software development commences.
I I Inspection
[SPFC-SW-0233] Low level engineering and support connections shall be made available to the SPFC via the Ethernet interface, as indicated by TI (1) in Figure 12 (Refines: SPFC-0051).
I I Inspection
[SPFC-SW-0234] The protocols allowed on the Ethernet interface of the SPFC shall be at least TCP/IP, SSH, SFTP and Internet Control Message Protocol (ICMP).
I I Inspection
[SPFC-SW-0235] Low level engineering and support shall include the following tests and operations:
• Connectivity tests via ICMP,
• Operating system control, setup and remote updates via SSH and SFTP/SCP, and
• Configuration and log file transfers via SFTP/SCP (Refines: SPFC-0051).
I I Inspection
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 66 of 67
Requirement number & description
Test Phase Test Description
(& responsible party)
DT QT AT (Note: These test definitions serve
as framework for more detailed test instructions.)
[SPFC-SW-0236] An SPFC interface testing graphical user interface (GUI) shall be developed in order to test the SPFC application software from TI (2) as seen in Figure 12.
I I Inspection
[SPFC-SW-0240] The front panel display shall serve as a visual test interface TI (3) for SPFC internal status.
I Inspection
[SPFC-SW-0241] TI (4,5,6,7,8) shall be used to test the interfaces between SPF1, SPF2, SPF345, SPFHe and SPFVac respectively. These tests can either be done with external protocol simulators or production hardware).
I FT Test using simulators or actual hardware
[SPFC-SW-0242] This system shall have a software test document (STD), describing the required software tests that shall be performed in order to qualify the software as well as a software test report (STR) to detail the qualification results.
I I Inspection
[SPFC-SW-0243] The supplier shall perform all requirement verification and acceptance tests.
I I Inspection
Document No.: Revision: Date:
SKA-TEL-DSH-0000104 4 2018-09-05
Author: P.C. van Niekerk
Page 67 of 67
5 REQUIREMENTS TRACEABILITY
Traceability of the SPF sub-element level requirements to the major SPF components will be added to the DHS requirements in Core. It can also be checked manually by considering the “Refines” entries in the first column of Table 18.
6 NOTES
6.1 Explanatory Notes
None.
6.2 List of Unresolved Items
None.
7 PREPARATION FOR DELIVERY
Each SPFC shall be fully programmed with the correct software version. All software code shall also be supplied in software format in the SPF data pack.
SKA-TEL-DSH-0000104_Rev4_SPFCSoftwareRequirementsSpecificationAdobe Sign Document History 06/09/2018
Created: 06/09/2018
By: Alastir Robyntjies ([email protected])
Status: Signed
Transaction ID: CBJCHBCAABAAVAFPH_Q7tiYk2oLIz5-hjbnq8yM5p9Gp
"SKA-TEL-DSH-0000104_Rev4_SPFCSoftwareRequirementsSpecification" History
Document created by Alastir Robyntjies ([email protected])06/09/2018 - 13:03:35 GMT+2- IP address: 196.24.39.242
Document emailed to P.C. van Niekerk ([email protected]) for signature06/09/2018 - 13:04:54 GMT+2
Document viewed by P.C. van Niekerk ([email protected])06/09/2018 - 13:13:14 GMT+2- IP address: 41.164.24.90
Document e-signed by P.C. van Niekerk ([email protected])Signature Date: 06/09/2018 - 13:15:27 GMT+2 - Time Source: server- IP address: 41.193.220.2
Document emailed to Magnus Dahlgren ([email protected]) for signature06/09/2018 - 13:15:28 GMT+2
Document viewed by Magnus Dahlgren ([email protected])06/09/2018 - 16:26:57 GMT+2- IP address: 129.16.208.26
Document e-signed by Magnus Dahlgren ([email protected])Signature Date: 06/09/2018 - 16:29:07 GMT+2 - Time Source: server- IP address: 129.16.208.26
Document emailed to Angela Taylor ([email protected]) for signature06/09/2018 - 16:29:08 GMT+2
Document viewed by Angela Taylor ([email protected])06/09/2018 - 17:42:18 GMT+2- IP address: 163.1.19.1
Document e-signed by Angela Taylor ([email protected])Signature Date: 06/09/2018 - 19:38:06 GMT+2 - Time Source: server- IP address: 163.1.19.1
Document emailed to Isak Theron ([email protected]) for signature06/09/2018 - 19:38:07 GMT+2
Document viewed by Isak Theron ([email protected])06/09/2018 - 20:50:30 GMT+2- IP address: 154.119.40.218
Document e-signed by Isak Theron ([email protected])Signature Date: 06/09/2018 - 20:50:58 GMT+2 - Time Source: server- IP address: 154.119.40.218
Signed document emailed to Isak Theron ([email protected]), Alastir Robyntjies ([email protected]), P.C.van Niekerk ([email protected]), Magnus Dahlgren ([email protected]) and 1 more06/09/2018 - 20:50:58 GMT+2