An independent panel assessing the security of NASA operations has raised serious questions about the space agency’s plan to test flight software for its lunar missions.
At a Thursday meeting of the Aerospace Safety Advisory Panel, one of its members, former NASA Flight Director Paul Hill, outlined the panel’s concerns after speaking with executives for NASA’s first three Artemis missions. This includes a test flight of the Space Launch System rocket and Orion spacecraft for Artemis I, and then human flights on the Artemis II and III missions.
Hill said the security panel was concerned about the lack of “end-to-end” testing of the software and hardware used during these missions, from launch to landing. Such extensive testing ensures that the flight software is compatible with a variety of vehicles and in a number of different environments, including launch turbulence and space maneuvers.
“The panel is very concerned about the end-to-end integrated test capability plans, especially for flight software,” said Hill. “There is no end-to-end integrated avionics and software testing capability. Instead, multiple and separate labs, emulators and simulations are used to test subsets of the software.”
The security panel also struggled to understand why NASA apparently hadn’t learned lessons from the recent failed test flight of Boeing’s Starliner spacecraft, Hill said. (Boeing is also the prime contractor for the core phase of the Space Launch System rocket).
Prior to a test flight of the Starliner crew capsule in December 2019, Boeing was not conducting integrated, end-to-end testing for the mission that was supposed to dock at the International Space Station. Instead of conducting a software test that spanned the roughly 48 hours from launch to station, Boeing broke the test into pieces. As a result, the spacecraft nearly got lost twice, failing to reach its orbiting laboratory.
Hill referred to a NASA Engineering and Safety Center (NESC) report, published Sept. 8, that raised similar concerns about trying to run software testing across multiple centers and labs.
“It’s not clear to the panelists that their current plan and processes are benefiting from their lessons learned,” Hill said. “The NESC report makes the excellent point that as many flight systems as possible must be developed for success with the goal of testing like you fly in the same way that NASA’s operations teams train the way you fly and fly the way you train.”
In response to these concerns, a NASA spokeswoman said the agency would, in fact, conduct end-to-end testing, although acknowledging it would be done in multiple facilities.
“NASA conducts integrated end-to-end testing for the software, hardware, avionics and integrated systems needed to fly Artemis missions,” said Kathryn Hambleton. “By leveraging the agency’s advanced software development labs, teams from SLS, Orion, and Exploration Ground Systems use real-world flight hardware and software, as well as emulators — versions of the software each team uses to test their code and how it works with the whole integrated system – to support both system-level interface testing and integrated mission testing to ensure that the software and electronic systems work together.”
After the Starliner accident, she said, NASA’s chief engineer set up an independent review team to review all of Artemis I’s critical flight and ground software activities. Those recommendations have fed into preparation for the upcoming Artemis missions, which may begin flying in late 2021 or 2022.