Gofore

We offer expert knowledge in digitalization.

Airbus Defence and Space

Software quality assurance for the Sentinel-6 satellite

In 2016, Airbus Defence and Space Germany selected Gofore’s subsidiary Huld as the Independent Software Verification and Validation (ISVV) contractor to ensure the quality of the Sentinel-6 satellite’s software. After four years, the satellite will be launched on November 2020. The mission is the first NASA-ESA (the European Space Agency) joint effort in an Earth science satellite mission, where Airbus is prime contractor to ESA.

Reviewing the satellite control software in a major project

Sentinel-6 satellite will measure its distance to the ocean surface with an accuracy of a few centimetres and use this data to map the topography globally, repeating the cycle every ten days. The measurements made are vital for modelling the oceans and predicting rises in sea levels caused by climate change. The satellite will also collect precise data of atmospheric temperature and humidity that will help improve weather forecasts and climate models.

“InHuld provided the final deliverables to Airbus Defence and Space, bringing our contribution to successful Acceptance Review by our customer. The satellite is now orbiting the Earth at an altitude of 1,300 kilometres”, comments Violeta Tudose, Project manager from Huld.

Previous satellites have also measured the rises of the sea level. However, measuring smaller sea level variations near coastlines, which can affect ship navigation and commercial fishing, has been beyond their capabilities. The satellite will include new technology in the Advanced Microwave Radiometer instrument that, along with the mission’s radar altimeter, will enable researchers to see these smaller, more complicated ocean features.

Independent Software Verification and Validation of the satellite

These verifications and validations were performed for the on-board software that consists of satellite Central Software (provided by Airbus Defence & Space GmbH), Global Navigation Satellite System (GNSS) Boot Software and Receiver Control Software (provided by RUAG Space Austria), and Radar Altimeter Boot Software (provided by Thales Alenia Space France).

The ISVV project included management and technical activities such as:

  • Verification of the software requirements by Technical Specification Analysis: checking that the requirements baseline is correctly understood, broken down in further detailed requirements, and correctly incorporated into architectural and detailed design.
  • Verification of the software architectural design by Design Analysis: tracing of requirements and design entities is checked to ensure complete coverage of the requirements.
  • Verification of the software source code by Code Analysis: ensuring the correctness of the code with respect to design baseline.
  • Validation: testing of the software to validate the reliability, robustness and correct functioning of the software.

The ISVV effectiveness is calculated based on the number of findings and their severity, acceptance, and impact. There were more than 400 000 lines of code under ISVV. From the total number of more than 400 ISVV findings for all the software products, more than one hundred were major findings.

“My most significant finding was about undetected arithmetic overflows in processing of memory management telecommands. The associated out-of-bounds access to memory may have inconvenient side effects, some of which are not necessarily well known. The associated possibility to transfer bytes between overlapping memory areas may replace important information with dummy content. The associated possibility to generate a vast amount of response packets may disturb the receiver of those packets and may also reduce the software’s ability to perform ordinary activities”, recalls Kimmo Varpaaniemi, project’s Lead engineer from Huld.

Over 30 years of experience in developing on-board software for ESA missions

Since 1989, Huld has successfully built and delivered high-reliability software, accumulating over 30 years of experience in developing on-board software for ESA missions and as well in conducting Independent Software Verification and Validation, ISVV, for multiple space on-board software. Today, many of the satellites, to which Huld has contributed, are in operation well beyond their originally scheduled lifetime.

“This project offered the opportunity to work with a dedicated on-board software development and validation crew, to create positive outcomes at each stage of the project interacting with multiple software suppliers on a regular basis, assisting them until we got the confirmation “The independent Software verification and validation is considered successful and the software is considered flight worthy without modifications”. We also build a meaningful relationship with the world’s second largest space company, Airbus Defence and Space”, comments Violeta Tudose.

Images © ESA 2015, Airbus Defence and Space

Important figures

  • 4 Satellite’s software, which consisted of four main components
  • 400000 lines of code under ISVV
  • 400 ISVV findings

Expertise

Skills and competencies used in the project

Get in touch!

Dubravka Ilic

Space

+358 400 466 612

Other success stories

Normet

Efficiency through electric power transmission

Hiab

Hiab maintains its industry leader status with the help of digital services

Škoda Transtech

The training simulator brings millions worth of savings to Tampere’s tram traffic

Back to top