Space-grade CPUs: How do you send more computing power into space?

Figuring out radiation was a huge "turning point in the history of space electronics."

Read the whole story

 

[thrillgore]

Why not just take an off-the-shelf commercial setup (i.e., something iPhone-level) and encase everything sensitive in crazy-good radiation shielding? It seems like they are already very cost-, heat-, and energy-efficient.

I get that every kg and cm3 of matter to space is expensive, but it seems like it the benefits of a super-fast and highly efficient CPU might outweigh the cost of whatever shielding and cooling system is needed.

(I'm sure there is a reason, but I'm just curious).

Edit: Oops, looks like someone else already asked this.

Isn't this what SpaceX does? Except it uses three such systems in Byzantine fault tolerance to solve problems in launch and orbit.

 

[JaneDoe]

What I always was wondering: With more and more miniaturization at some point shielding should become an option.

X-ray scanners for trucks and cargo use radiation of 1-10MeV and penetrate up to 500mm steel. The cosmic rays go way higher in energy. I guess you would need lots of shielding to reduce the risk enough to use standard, unhardened electronics.

 

[John Savard]

While radiation shielding would work on the surface of Mars, it should be noted that in space, there's a problem.

Cosmic rays, when they meet shielding, tend to produce secondary radiation. So up to a point, more shielding makes the radiation problem worse instead of better.

Obviously, that eventually ceases to be true; that's why there's less radiation on the surface of the Earth than there is in space. But the amount of shielding required for that would be totally impractical for a space probe, which is why they have to be designed to live with radiation.

 

[AxMi-24]

Why not just take an off-the-shelf commercial setup (i.e., something iPhone-level) and encase everything sensitive in crazy-good radiation shielding? It seems like they are already very cost-, heat-, and energy-efficient.

I get that every kg and cm3 of matter to space is expensive, but it seems like it the benefits of a super-fast and highly efficient CPU might outweigh the cost of whatever shielding and cooling system is needed.

(I'm sure there is a reason, but I'm just curious).

Edit: Oops, looks like someone else already asked this.

Isn't this what SpaceX does? Except it uses three such systems in Byzantine fault tolerance to solve problems in launch and orbit.

Voting doesn't save you if your error rate is close to the clock rate of your CPU. It needs to be a fairly rare event for this to work reliably enough. Let's also remember that SpaceX operates in reasonably friendly radiation environment. It gets substantially worse once you are outside of protective influence of earths magnetic field.

 

[thereddaikon]

The ISS lies within The Van Allen belt so its probably not at as great of a risk as a deep space probe. I believe there is also some shielding on the ISS as well. The laptops, mostly ThinkPads, are modified for use in space though. Mainly their cooling is reworked, apparently normal laptop cooling fans are very inefficient in microgravity.

How does microgravity change the situation significantly? Does the original design rely on natural convection to cool some parts of the computer (display, parts of the motherboard that aren't CPU or GPU)? For the bits that actually have a heat sink and fan I'd expect that the effect of gravity-driven convection would be completely swamped by the fan, and that the fan bearings wouldn't care much about the acceleration vector as long as its magnitude isn't too huge.

EDIT: consistent usage
EDIT 2: perhaps the original design would tend to suck its own hot exhaust back in, without gravity to help send the hot air plume up and away?

I'm not exactly sure, IBM has a page on the history of ThinkPads in space and they mention the cooling system was modified but not how. The pictures we have of them dont look different from stock units on the outside so whatever they did it must not be extreme enough to warrant modifying the chassis. I think you are on to something with that second edit. I've read elsewhere that airflow in general is a problem in space and on the ISS. Without gravity or wind, gasses tend to stay put. I wonder if they have fans keeping a constant breeze going up there so you dont get caught in your own C02 cloud?

 

[jimlux]

What I always was wondering: With more and more miniaturization at some point shielding should become an option. If I look at the "board" of an iPhone it seems that it should be small enough that even massive shielding won't mean too much mass (and comparatively little cost anyway). Or is this wrong?

Shielding helps with "total dose" - the gradual degradation in the chips from the accumulated bombardment with particles. A typical design for GEO might have 0.2" of aluminum, which would keep the total dose down to single digit kRad for a year. (you can use other metals, it's all about density: so many grams/square cm). LEO is about 1 Rad/year, so almost no shielding is necessary for total dose - as the phrase has it: people live on ISS in LEO, and they have a fatal total dose level of 500 Rad.

However, that level of shielding doesn't help as much with "single event effects" and can actually make things worse - The particles coming in are very high energy, and putting shielding in can stop them, but in the stopping process, they emit radiation (Xrays) (bremsstrahlung), which then goes on and hammers your parts. Or the particle just shoots on through and deposits energy in your component, flipping bits or worse.

One tries to design so that there are no "destructive" single event effects (the latchup mentioned in the article), but you can still get things like single event gate rupture in FETs - The gate voltage is normally well below the maximum allowed, but the particle adds enough energy to break down the gate insulation, and now you've got a failed device.

 

[jimlux]

What I always was wondering: With more and more miniaturization at some point shielding should become an option. If I look at the "board" of an iPhone it seems that it should be small enough that even massive shielding won't mean too much mass (and comparatively little cost anyway). Or is this wrong?

There have been several mentions of the need for truly significant shielding.

I haven't seen mention yet of the problem of not having enough shielding. If a really energetic cosmic ray rips directly hits your memory chip, it's likely to paralyze, or even destroy a few transistors. But if it hits a layer of shielding, it may blast a cascade of _thousands_ of charged particles into your chip, all at once. Inadequate shielding doesn't just let the "bullet" slip through, it generates a cloud of shrapnel.

Here is an extreme example

https://en.wikipedia.org/wiki/Juno_Radiation_Vault

"Juno Radiation Vault is a compartment inside the Juno spacecraft that houses much of the probe's electronics and computers, and is intended to offer increased protection of radiation to the contents as the spacecraft endures the radiation environment at planet Jupiter.[1] The Juno Radiation Vault is roughly a cube, with walls made of 1 cm thick (1/3 of an inch) titanium metal, and each side having an area of about a square meter (10 square feet).[2] The vault weights about 200 kg (500 lbs).[3] Inside the vault are the main command and data handling and power control boxes, along with 20 other electronic boxes.[2] The vault should reduce the radiation exposure by about 800 times, as the spacecraft is exposed to an anticipated 20 million rads of radiation[1] It does not stop all radiation, but significantly reduces it in order to limit damage to the spacecraft's electronics.[2]"

This solves the total dose (20MegaRad down to 25 kRad) problem, which is important, but not the single event effects (high energy galactic cosmic rays, solar particles, etc.)

To compare, on Earth, you have about 1kg of air shielding every square cm. Juno's vault is about 3 grams/sq cm.

So you still need SEE tolerant designs and operation

 

[benwaggoner]

In pictures/video from the ISS, it looks like there are commercial Windows (or possibly Linux) laptops in use. How does that square with the CPU issues detailed in this article?

For Humans to survive in space you need radiation shielding. The ISS construction blocks 95% of radiation, which is more than enough inside the Van Allen belts.

And even then, the sensors in cameras in space rapidly get dead and stuck pixels due to the remaining radiation and cosmic rays. With the lens cap on, the image from a sensor that's been on the IIS for a year is very speckled.

At last month's SMPTE conference we did a live chat with the IIS, and quite a bit of this can be seen in the recorded clip, even scaled down to 720p: https://live.awsevents.com/awselemental/. IIRC, the original sensor was 4K, so 10x more pixels than seen here.

 

[benwaggoner]

"The design is based on the PowerPC 750"

Very conveniently for performance comparisons, the RAD750 is substantially equivalent to an original Bondi Blue iMac(with different peripherals and busses; but CPU and RAM; as well as architecture).

Not exactly a microcontroller; but very much not luxury.

Hah! pretty much a Wii. Which, even with a GPU, very much felt like an abacus with delusions of grandeur from a performance perspective.

 

[cb88]

In pictures/video from the ISS, it looks like there are commercial Windows (or possibly Linux) laptops in use. How does that square with the CPU issues detailed in this article?

They’re not running anything mission-critical, so if they oops or BSoD no big deal?

Also those are workstation thinkpads... so probably have Xeon's with ECC at least for the ram, if you get an upset in the CPU it won't fix it at all though. If I remember correctly AMD is slightly more RAD hard than Intel as they do some ECC on the chip for the registers also and also have ECC in their GPUs as well. Still nothing close to how rad hard LEON is though.

Ryzen Pro chips typically have ECC enabled (but it's really a BIOS feature).

 

[thereddaikon]

I don't think ECC directly helps in this case. It helps correct errors in memory sure but it doesn't protect the silicon from radiation. And all of the ThinkPads I have see are older Intel models, usually T series. There are some AMD T series but only newer models. I haven't seen pictures of W or P series on the ISS.

 

[vm_]

Cannot help but to wonder what radiation hardened CPUs SpaceX is considering for their Spaceship program?

 

[Tofleru]

Makes me wonder why so much computing power is needed in the first place ?

The older probes like Voyager I & II accomplished so much with so little computing power. Or maybe they were less autonomous, and relied heavily on being remotely operated ?

Also, more computing power usually breeds more software complexity, which adds more possible (software) failure points. I guess it's finding the right balance...

Your last paragraph is not far from the mark. I work writing life- and mission-critical software, and needless complexity is an enemy of safety. The mission profile dictates the required sophistication of software, which drives requirements for CPUs.

For a flyby, you don’t need autonomy much beyond reboot on fault - the craft is a instrument platform on a ballistic trajectory. Just keep the science and comms alive.

Where you need software complexity is with rovers and other autonomous explorers, and you need the CPU power to burn. Autonomy is quite useful in low-/slow-/no-comm environments, but brings with it all kinds on software gremlins. Generally worth it, but can really raise the costs of the mission. It’s not unusual to have a 5-10 ratio of SW test code to mission code, and sometimes much more. And it’s very hard to test software well.

 

[Medicicidem]

So they're saying this computer didn't have the balls to stand up to radiation exposure

none of those testes covered radiation exposure.

quite the makin-me-spit-out-my-coffee kind of typo there

 

[Dmytry]

I'm now curious what happens to an actual iPhone if an astronaut brings one to the international space station...

Or if you took say 5 of modern laptop grade boards and made them all run exact same code and compare control outputs and reboot the ones that disagree (with only the device that compares outputs and does rebooting being space rated). I guess flash may be the problem then, a lot of microcontrollers on a board and they all have firmware and it is all corruptible.

 

[Buddy P]

while this article goes a long way to help clear up misunderstandings about spaceflight computers, it is perpetuating another common misunderstanding, that being that NASA is a monolithic organization, which just isn't true.

While many NASA scientific spacecraft in the relatively recent past have used the RAD750, at least 2 currently in development are using LEON processors. PACE, the Plankton and ocean Color Explorer, is using the LEON3 and WFIRST, the Wide Field Infrared Survey Telescope, is using the LEON4 .

 

[Emon]

This article is somewhat misleading in saying there is a divide between Europe and America. BAE stands for British Aerospace Engineering, last time I looked Britain is still on the other side of the Atlantic from America.

BAE SYSTEMS are very insistent that it doesn't stand for British Aerospace any more.

Heh, I remember when I was in college, when BAE was present during a career fair, someone asked, "what does BAE stand for?" The recruiter goes, "um, hmm, good question, I think it's just three letters that don't really stand for anything, kinda like IBM!"

 

[espresso3x]

Typically, values are stored as bytes, not bits. In every architecture I've worked with, a memory address refers to an entire byte (never just a single bit) and are used as such (to store the full range of possible values 0-255, rather than repeating a single bit eight times).

Erm.. no.
The 8-bit byte is a construct which the hardware presents to the software.

The underlying hardware has very little to do with 8-bit.

For example, a modern desktop computer accesses it's memory in 128-bit wide words.
In the case of "server" hardware 144-bit words with the extra 16-bit being used for error correction.
This carries down, as internally a straightforward 64-bit CPU is built around 64-bit blocks (but can also have 128/256/512/... vector units).

The software's ability to change one byte at a time is an "illusion" that the hardware provides.

Agreed! Please note that I said the addressing goes to the byte level. (i.e. one does not call up the address of an individual bit). I then proceeded to use a single byte as an example to attempt to explain how, with TMR, a double error is uncorrectable as there are more than two possible values. And, as you point out, it gets even more complex than that once one takes into account what the hardware does "under the hood" with word size, bus widths, cache lines and virtual addressing (TLB, etc).

Then, there's the complication that, as the process shrinks and chip voltages drop, a single charged particle may impact more than a single bit, but the effect will be dependent on the orientation of impact and the physical, 3-dimensional arrangement of the memory cells in question.

Rad tolerance / hardening is certainly a fascinating and never-ending set of challenges!

 

[scotty992]

In pictures/video from the ISS, it looks like there are commercial Windows (or possibly Linux) laptops in use. How does that square with the CPU issues detailed in this article?

those dont have to be rad hardened.

That is true now - although originally this was not the standard e.g. the original Columbus (European) module was 100% rad hard.

 

[scotty992]

This article is somewhat misleading in saying there is a divide between Europe and America. BAE stands for British Aerospace Engineering

No it doesn't. BAe (note lower case) originally stood for "British Aerospace", but following their merger with Marconi (edit: specifically Marconi Electronic Systems, hence the second part of the name) the name is just "BAE Systems" and doesn't actually stand for anything.

In addition, while BAE Systems is a British company, the article correctly notes that the RAD processors were entirely designed by American companies - BAE is just the manufacturer, and even that manufacturing is done not just by the American subsidiary, but specifically by a division that was actually part of Lockheed when the processors were designed. It's really not misleading to consider that being a pretty clear case of America doing things separately from Europe.

And also I'd point out that while the original ERC32 was a 100% European project, nowadays the frabrication of the LEON2/3 and 4 is done by Atmel (USA).

 

[scotty992]

This was a major topic of discussion during the first Dragon missions, because Dragon was the first vehicle authorized to approach the ISS without chip-level radiation hardening. SpaceX uses a multiple fault-tolerant computing architecture featuring six primary computers organized logically in three pairs. Each computer cross-checks against the other in its pair, and the three pairs participate in a voting algorithm...

We (Airbus/ESA) also use multiple PCs for critical flight functionality, but additionally also use rad hard components. Having said that, there is a LOT of talk within Airbus right now regarding how we use rad hard components and how it's kind of overkill for many applications (e.g. double the cost to achieve 99.9% instead of 99.7% safety, if you get what I mean).

 

[Celery Man]

So they're saying this computer didn't have the balls to stand up to radiation exposure

none of those testes covered radiation exposure.

quite the makin-me-spit-out-my-coffee kind of typo there

You could say there are lumps in the road to successful spaceflight... you just have to check for them.

 

[ArX]

And most importantly…
Only two things are infinite: the universe and human stupidity; and I'm not sure about the former. -- Albert Einstein:

Deep space travel could destroy astronauts' guts
https://www.engadget.com/2018/10/02/dee ... -gut-tumor

Proc Natl Acad Sci U S A. 2018 Oct 16;115(42):E9832-E9841. doi: 10.1073/pnas.1807522115. Epub 2018 Oct 1.
Space radiation triggers persistent stress response, increases senescent signaling, and decreases cell migration in mouse intestine.
Kumar S1,2, Suman S1,2, Fornace AJ Jr1,2, Datta K3,2.
https://www.ncbi.nlm.nih.gov/pubmed/30275302

Humans Will Never Colonize Mars
https://gizmodo.com/humans-will-never-c ... 1836316222

 

[tigas]

Makes me wonder why so much computing power is needed in the first place ?

The older probes like Voyager I & II accomplished so much with so little computing power. Or maybe they were less autonomous, and relied heavily on being remotely operated ?

Also, more computing power usually breeds more software complexity, which adds more possible (software) failure points. I guess it's finding the right balance...

Your last paragraph is not far from the mark. I work writing life- and mission-critical software, and needless complexity is an enemy of safety. The mission profile dictates the required sophistication of software, which drives requirements for CPUs.

For a flyby, you don’t need autonomy much beyond reboot on fault - the craft is a instrument platform on a ballistic trajectory. Just keep the science and comms alive.

Where you need software complexity is with rovers and other autonomous explorers, and you need the CPU power to burn. Autonomy is quite useful in low-/slow-/no-comm environments, but brings with it all kinds on software gremlins. Generally worth it, but can really raise the costs of the mission. It’s not unusual to have a 5-10 ratio of SW test code to mission code, and sometimes much more. And it’s very hard to test software well.

A talk on the Voyager computers at StrangeLoop 2019: "Uptime 15,364 days - The Computers of Voyager" by Aaron Cummings

 

[r2k-in-the-vortex]

Why not just take an off-the-shelf commercial setup (i.e., something iPhone-level) and encase everything sensitive in crazy-good radiation shielding? It seems like they are already very cost-, heat-, and energy-efficient.

I get that every kg and cm3 of matter to space is expensive, but it seems like it the benefits of a super-fast and highly efficient CPU might outweigh the cost of whatever shielding and cooling system is needed.

(I'm sure there is a reason, but I'm just curious).

Edit: Oops, looks like someone else already asked this.

Isn't this what SpaceX does? Except it uses three such systems in Byzantine fault tolerance to solve problems in launch and orbit.

Voting doesn't save you if your error rate is close to the clock rate of your CPU. It needs to be a fairly rare event for this to work reliably enough. Let's also remember that SpaceX operates in reasonably friendly radiation environment. It gets substantially worse once you are outside of protective influence of earths magnetic field.

Their upper stages do pass inner van Allen belt for launches above LEO, that's about as unfriendly as it gets for anywhere around inner solar system planets.

 

[r2k-in-the-vortex]

I'm now curious what happens to an actual iPhone if an astronaut brings one to the international space station...

Or if you took say 5 of modern laptop grade boards and made them all run exact same code and compare control outputs and reboot the ones that disagree (with only the device that compares outputs and does rebooting being space rated). I guess flash may be the problem then, a lot of microcontrollers on a board and they all have firmware and it is all corruptible.

Maybe one of the most noticeable places for rad damage in ISS is if you take a random youtube video from there and keep an eye out for dead pixels, there are quite the number of them on pretty much all the cameras they have up there.
https://www.youtube.com/watch?v=QvTmdIhYnes

 

[talon_262]

"But none of those testes covered radiation exposure"

Argh. Should I test my testes ?

Excellent article, thank you.

Every day or two, more often if you're inclined and able...

/s

 

[raxx7]

This was a major topic of discussion during the first Dragon missions, because Dragon was the first vehicle authorized to approach the ISS without chip-level radiation hardening. SpaceX uses a multiple fault-tolerant computing architecture featuring six primary computers organized logically in three pairs. Each computer cross-checks against the other in its pair, and the three pairs participate in a voting algorithm...

We (Airbus/ESA) also use multiple PCs for critical flight functionality, but additionally also use rad hard components. Having said that, there is a LOT of talk within Airbus right now regarding how we use rad hard components and how it's kind of overkill for many applications (e.g. double the cost to achieve 99.9% instead of 99.7% safety, if you get what I mean).

1) Airbus flight computers are not PCs by any stretch of the imagination.

2) Airbus flght computers are not rad-hard as far as I now.

 

[danielravennest]

I've read elsewhere that airflow in general is a problem in space and on the ISS. Without gravity or wind, gasses tend to stay put. I wonder if they have fans keeping a constant breeze going up there so you dont get caught in your own C02 cloud?

Yes, they care called the "Cabin Air Fans". It is not just to disperse CO2 concentrations, but also to send air through the CO2 scrubbers, and distribute cooling through the station. The sunny side warms the station up, as does all the lights and active equipment inside. The circulating air goes through a heat exchanger with a water loop (because it is non-toxic), which in turn goes to an ammonia loop outside the modules, which goes to radiator panels.

Think of it this way: those giant solar panels are collecting solar energy, which eventually ends up as heat somewhere. The only way to get rid of heat is through radiation to space.

 

[Mordicus]

1) Airbus flight computers are not PCs by any stretch of the imagination.

2) Airbus flght computers are not rad-hard as far as I now.

Just like Boeing, Airbus builds both airliners and satellites.
Avionics uses lots of COTS components (industrial temperature range). There are more SEU in [subsonic] flight than on ground, but it is nowhere near the levels of space equipment.

My suspicion is that ECC on cache, which has been needed for the last twenty years (Sun had quite a lot of embarrassing large-system failures with parity-only rather than ECC on the L2 cache of their Ultrasparc II processors; decades earlier Cray's CDC6600 hadn't even had parity and had some issues from that, so the Cray I had SECDED main memory) is surprisingly effective - everything runs from cache, and most cache corruption can be refilled from ECC main memory.

There were rumors that some errors Sun servers were due to the epoxy around the RAM chips, random decay of isotopes.

 

[cb88]

I don't think ECC directly helps in this case. It helps correct errors in memory sure but it doesn't protect the silicon from radiation. And all of the ThinkPads I have see are older Intel models, usually T series. There are some AMD T series but only newer models. I haven't seen pictures of W or P series on the ISS.

Not sure what you mean by "Protect the silicon from radiation"... regular CPUs aren't particularly any more vulnerable to damage from radiation that most RAD hard CPUs though some may used FAB processes that make do make them more resistant to physical damage... the reason you use RAD hard CPUs is to prevent bit flips in main memory or cache (ECC), registers (ECC), and in logic via different methods (redundancy or specialized ECC or both). The main difference with consumer grade ECC is that it only applies to ram typically, or in the case of some perhaps registers also, but not the actual logic as RAD hard CPUs almost always protect as well.

 

[danielravennest]

Their upper stages do pass inner van Allen belt for launches above LEO, that's about as unfriendly as it gets for anywhere around inner solar system planets.

The Apollo missions kind of went "over" the Van Allen Belts. They are belts, not spheres, defined by the magnetic field, which is mostly aligned with the poles. Since the launch site is at 28.5N latitude, the parking orbit varied from that latitude N to S. They timed the TLI burn so the spacecraft went well to one side of the belt centerlines, which reduced their exposure. Not sure of the latitude of the splashdown, but the probably tried to do something similar.

 

[PhaseShifter]

Particles hitting the Earth’s atmosphere are composed of roughly 89% protons, 9% alpha particles, 1% heavier nuclei, and 1% solitary electrons.

Is that by particle count or by mass?

I mean, that's a significant charge imbalance one way or the other--I would have expected the electrons to balance the charges of the other particles (so <0.1% by mass, or >50% by count).

 

[raxx7]

1) Airbus flight computers are not PCs by any stretch of the imagination.

2) Airbus flght computers are not rad-hard as far as I now.

Just like Boeing, Airbus builds both airliners and satellites.
Avionics uses lots of COTS components (industrial temperature range). There are more SEU in [subsonic] flight than on ground, but it is nowhere near the levels of space equipment.

I kind of assumed that he was talking about rad-hard in atmospheric aircraft because he mentioned 99.something reliability and in space you'll be very lucky to go an hour without a SEU.

 

[gromett]

But none of those testes covered

Spaceballs?

 

[jimlux]

while this article goes a long way to help clear up misunderstandings about spaceflight computers, it is perpetuating another common misunderstanding, that being that NASA is a monolithic organization, which just isn't true.

While many NASA scientific spacecraft in the relatively recent past have used the RAD750, at least 2 currently in development are using LEON processors. PACE, the Plankton and ocean Color Explorer, is using the LEON3 and WFIRST, the Wide Field Infrared Survey Telescope, is using the LEON4 .

The recent MarCO cubesats have a LEON3FT core in the Iris radio. I don't know what the flight computer was, offhand, but it's not a Rad750. Many of the smallsats riding along on Artemis-1 are using the Iris deep space radio, which use the LEON3FT core. JPL's new flight computer, the Sphinx, uses a GR712, which is also a LEON core, but in an ASIC.

The SunRISE mission to fly 6 satellites in supersync GEO uses a Space Dynamics Lab bus, which uses one of the LEON based CPUs from Cobham/Gaisler. And the JPL developed payload uses a Xilinx Zynq based processor from SpaceMicro.

Unless you're doing a "build to print" (like Mars2020) you're probably looking at other processors than the Rad750.

 

[kharms]

Just wanted to say that this is one of the most interesting articles I have ever read on Arstechnica! Really enjoyed it!

 

[jimlux]

Have they done any testing to figure out what it would take to run bleeding edge processors without radiation issues?

I'm sure it's something along the lines of "way too much weight and volume of shieling to be worth it" but I'm curious how much that is.

Actually, bleeding edge processors work fairly well in a radiation environment - they're so heavily doped to get the tiny feature sizes that it can take a fair amount of dose to change their functioning. Single event effects, though, are a problem. Most designs are destructive latchup free, but there are problems with power supply sequencing and on chip charge pumps and clock generators - if you take a hit and the various voltages don't line up in the right order and time, you can cook stuff internally.

And, of course, you have to worry about SEFI (Single Event Functional Interrupt) - the chip loses its mind temporarily, and has to be reset, or power cycled. Not a problem if it's once a day, a real problem if it's once a minute or once a second.

 

[itfa]

Can somebody explain what I'm missing here? Why aren't they using traditional radiation protection (AKA physical barrier like lead foil)?

 

[jimlux]

This article is somewhat misleading in saying there is a divide between Europe and America. BAE stands for British Aerospace Engineering

No it doesn't. BAe (note lower case) originally stood for "British Aerospace", but following their merger with Marconi (edit: specifically Marconi Electronic Systems, hence the second part of the name) the name is just "BAE Systems" and doesn't actually stand for anything.

In addition, while BAE Systems is a British company, the article correctly notes that the RAD processors were entirely designed by American companies - BAE is just the manufacturer, and even that manufacturing is done not just by the American subsidiary, but specifically by a division that was actually part of Lockheed when the processors were designed. It's really not misleading to consider that being a pretty clear case of America doing things separately from Europe.

And also I'd point out that while the original ERC32 was a 100% European project, nowadays the frabrication of the LEON2/3 and 4 is done by Atmel (USA).

Actually the rad tolerant Atmel parts were fabricated in France at the fab in Nantes. Atmel sold the fab. The AT697 is a 65nm part, and I don't know where they fab them. Atmel is now part of Microchip.

Cobham/Gaisler (formerly Aeroflex/Gaisler) is making a variety of LEON based microcontrollers for space applications.