CN109815055B - Satellite program management system and satellite program management method - Google Patents
Satellite program management system and satellite program management method Download PDFInfo
- Publication number
- CN109815055B CN109815055B CN201910058178.4A CN201910058178A CN109815055B CN 109815055 B CN109815055 B CN 109815055B CN 201910058178 A CN201910058178 A CN 201910058178A CN 109815055 B CN109815055 B CN 109815055B
- Authority
- CN
- China
- Prior art keywords
- program
- application
- application program
- backup
- loading
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Abstract
The invention provides a satellite program management system, which comprises an application memory, a first backup application program and a second backup application program, wherein the application memory is configured to be readable and writable and stores the application program and the first backup application program; a boot memory configured to read only, store a boot program and a second backup application program; and a controller controlling the second backup application to repair the application and/or the first backup application, wherein the boot memory and the application memory are NOR FLASH. The invention further integrates the technical means of backup, repair, loading control, block cutting and the like, greatly improves the reliability of the storage and loading of the application program and saves the workload of the development of the application program.
Description
Technical Field
The invention relates to the field of satellites, in particular to a satellite program management system and a satellite program management method.
Background
After the satellite computer is started, a Boot Loader (Boot Loader) automatically runs to complete hardware initialization of the computer. The bootstrap program then loads the application program on the storage into the memory, after which the application program is responsible for managing the computer and performing the specified tasks. The application program may be a general-purpose operating system based application or may be a dedicated software system.
The satellite program management system is responsible for managing boot programs, applications, and storage devices. The existing program management modes are divided into a backup mode and a backup and simplification mode.
First, backup mode
In the backup mode, the boot program is stored on the boot memory. The application program and its backup are stored on the application storage.
After the bootstrap program completes initialization, the bootstrap program loads the application program to the memory for running. If the boot program cannot load the application program, a backup of the application program is loaded.
In the backup mode, if the application memory fails, all application programs cannot be loaded, and the computer system cannot run and cannot be recovered.
Second, backup and simplification mode
In a backup plus concise manner, a boot program is stored on the boot memory; the application program and its backup are stored on the application memory; a thin application is also stored on the boot memory, the thin application supporting only the necessary functions of the application to maintain system operation.
After the initialization of the bootstrap program is finished, the bootstrap program loads the application program to the memory for operation; if the boot program cannot load the application program, a backup of the application program is loaded. If the boot program cannot load the backup of the application program, the boot program loads the thin application program.
Under the backup and refinement mode, if the application memory fails, the computer system can only load the refinement application program and support the basic functions; the computer system can only recover by sending application program data through the satellite measurement and control center, and the uplink speed is usually very low, so the recovery speed is very slow.
Due to the addition of compact applications, a corresponding increase in research and development efforts is also required.
Programmable Read Only Memory (PROM) and erasable programmable read only memory (EEPROM) are used as memories on existing satellite computers to store boot programs and application programs. PROMs and EEPROMs are typically small in size, which limits their use, especially when multiple backups are needed to improve reliability. NOR FLASH (NOR FLASH) is a relatively emerging memory device, large in capacity, and randomly addressable, suitable for storing applications that need to be loaded after power-on.
Disclosure of Invention
The invention aims to improve the reliability of the satellite application program, support quick repair of the application program and simplify the development of the application program.
To solve the above technical problem, the present invention provides a satellite program management system, including: an application memory configured to be readable and writable, storing an application program and a first backup application program; a boot memory configured to read only, store a boot program and a second backup application program; and a controller controlling the second backup application to repair the application and/or the first backup application, wherein the boot memory and the application memory are NOR FLASH (NOR FLASH).
Further, the controller is configured to perform a repair operation, including: repairing the application program and/or the first backup application program by using a new application program issued by a satellite measurement and control center; or repairing the application with the first backup application; or repairing the first backup application with the application.
Further, the controller is configured to execute the repair operation according to an instruction of a satellite measurement and control center.
Further, the boot memory is configured to be read-only by a hardware jumper, such as implemented by a hardware jumper.
Further, the bootstrap program is configured to automatically load one of the application program, the first backup application program, and the second backup application program according to a satellite measurement and control center instruction or according to a preset loading rule.
Further, the preset loading rule includes: after the computer is powered on or initialized, loading the application program; when the application program fails to be checked or is reset within preset time for more than preset times, loading the first backup application program; when the first backup program fails to be verified or is reset for more than a preset number of times within preset time, loading the second backup application program; and when the second backup program fails to be checked or is reset for more than preset times within preset time, loading the application program.
Further, the application program, the first backup application program and the second backup application program are all divided into program blocks in the same manner; the program blocks of the application program are in one-to-one correspondence and same as the program blocks of the first backup application program, and are in one-to-one correspondence and same as the program blocks of the second backup application program; the bootstrap program selects the program blocks which are successfully verified to be manufactured into an assembly program, and the assembly program is the same as the application program; the bootstrap program loads the assembly program.
The invention also provides a satellite program management method, which comprises the following steps: storing the boot program and the second backup application program to the boot memory; storing the application program and the first backup application program in an application memory; repairing the application and/or the first backup application with the second backup application, wherein the boot memory and the application memory are NOR FLASH (NOR FLASH).
Further, the satellite program management method further includes: repairing the application program and/or the first backup application program by using a new application program issued by a satellite measurement and control center; or repairing the application with the first backup application; or repairing the first backup application with the application.
Further, the satellite program management method further includes: after the computer is powered on or initialized, loading the application program; loading the first backup application program after the application program fails to be checked or is reset for more than a preset number of times within preset time; loading the second backup application program after the first backup program fails to be checked or is reset for more than a preset number of times within preset time; and loading the application program after the second backup program fails to be checked or is reset for more than a preset number of times within preset time.
In summary, the satellite program management system and the satellite program management method provided by the invention integrate the technical means of backup, repair, loading control, dicing and the like, greatly improve the reliability of application program storage and loading, and save the workload of application program development.
Drawings
FIG. 1 is a system block diagram of one embodiment of a satellite program management system of the present invention;
FIG. 2 is a program dicing and assembly diagram of the satellite program management system of the present invention.
Detailed Description
The following describes embodiments of the present invention in further detail with reference to the accompanying drawings. The following examples will assist those skilled in the art in further understanding the invention, but are not intended to limit the invention in any way. It should be noted that variations and modifications can be made by persons skilled in the art without departing from the spirit of the invention. All falling within the scope of the present invention.
Application backup and repair
The satellite program management system ensures the reliability of program storage through a backup and repair method.
In one embodiment, as shown in fig. 1, the satellite program management system of the present invention comprises: a boot memory 1 configured to read only, storing a boot program 50 and a second backup application 53; an application memory 2 configured to be readable and writable, storing an application program 51 and a first backup application program 52; and a controller 3 configured to repair the application 51 and/or the first backup application 52 with the second backup application 53, wherein the boot memory 1 and the application memory 2 are NOR FLASH (NOR FLASH).
The application 51, the first backup application 52, and the second backup application 53 are identical programs, and by storing three identical programs, a single program exception is avoided.
Two memories are arranged, a boot memory 1 and an application memory 2 are arranged, three identical programs are dispersed into the two memories, and program exception caused by single memory exception is avoided.
The boot memory 1 is set to read only and the program thereon can be protected from modification.
The application memory 2 is writable, and if the controller 3 detects a program exception on the application memory 2, the program on the application memory 2 is repaired with the program on the boot memory 1, for example, by directly copying a normal program. Since the repair operation uses only data on the satellite, a fast repair can be achieved, avoiding the process of slowly transmitting repair data from the satellite control center 4 to the satellite.
NOR FLASH (NOR FLASH) is a relatively emerging memory device, large in capacity, and randomly addressable, suitable for storing applications that need to be loaded after power-on. The NOR flash memory is applied to the technical field of satellites, so that the storage capacity of satellite application programs can be greatly enhanced.
In one embodiment, the controller 3 is configured to perform a repair operation, including: a new application program issued by the satellite control center 4 repairs the application program 51 and/or the first backup application program 52; or repairing said application 51 with said first backup application 52; or to repair said first backup application 52 with said application 51.
In the embodiment, more repairing methods are supported, and the reliability of repairing operation is further increased.
Moreover, even if the application program on the satellite can run reliably, the new application program can be uploaded to the satellite through the satellite measurement and control center 4 so as to add a new program function or modify program defects.
In one embodiment, the controller 3 is configured to perform the repair operation according to instructions of the satellite measurement and control center 4. The satellite measurement and control center 4 can intervene in the procedure repairing process on the satellite manually, and the reliability of repairing operation is further improved.
In one embodiment, the boot memory 1 is set to read only with hardware jumpers. The hardware setting read-only can ensure that the boot memory 1 cannot be wrongly written or wrongly modified, and further improve the reliability of program storage.
Second, application program loading
The satellite program management system increases the probability of success of loading by attempting to load individual applications or copies thereof in sequence.
In one embodiment, the boot program 50 is configured to load one of the application 51, the first backup application 52, and the second backup application 53.
Because a plurality of identical programs exist, the bootstrap program can select normal program loading, so that the success rate of program loading is increased, and the reliability is enhanced.
In one embodiment, the boot program 50 is configured to: after the computer is powered on or initialized, the application program 51 is loaded; when the application 51 fails to check or resets more than a preset number of times within a preset time, loading a first backup application 52; when the first backup program 52 fails to check or resets more than a preset number of times within a preset time, loading a second backup application program 53; and when the second backup program 53 fails to check or resets more than a preset number of times within a preset time, loading the application program 51.
The boot program 50 loops through the specified loading order attempting to load the various programs until the loading is successful. This effectively avoids single program load exceptions.
Third, application program cutting and assembling
The reliability of the application program after being cut into blocks and assembled can be further stored and the success rate of loading.
In one embodiment, the application 51, the first backup application 52, and the second backup application 53 are all split into chunks in the same manner; the program blocks of the application 51 are in one-to-one correspondence and the same as the program blocks of the first backup application 52, and the program blocks of the second backup application 53 are in one-to-one correspondence and the same as each other; the bootstrap program 50 selects the program blocks which are successfully verified to be made into an assembly program, and the assembly program is the same as the application program 51; the boot program 50 loads the assembly program.
If the block is not cut, all the verification of one program can be successful or all the verification fails. If the block is cut, only the abnormal block of one program fails to be checked, and the other blocks are successfully checked. Since there are multiple backups per block, there is still a high probability that a normal application will be assembled. Therefore, the method can further enhance the capability of the system to resist the exception of the local memory block of the memory and the capability of successfully loading the application program.
For example, in one embodiment, as shown in FIG. 2, the application 51, the first backup application 52, and the second backup application 53 are divided into identical tiles A, B, C, each of which is stored in memory. The boot program 50 verifies the individual blocks and combines the verified blocks together to form a complete application. For example, block a of the application 51, block B of the first backup application 52, and block C of the second backup application 53 are combined into a complete program. It should be noted that in this embodiment, each program may be divided into two blocks, four blocks, or more than four blocks.
In one embodiment, the satellite measurement and control center 4 may manually intervene in the program loading process on the satellite, thereby further increasing the reliability of program loading.
Fourth, satellite program management method
In one embodiment, the satellite program management method of the present invention includes: storing the boot program and the second backup application program to the boot memory; storing the application program and the first backup application program in an application memory; repairing the application and/or the first backup application with the second backup application, wherein the boot memory and the application memory are NOR FLASH (NOR FLASH).
In one embodiment, the satellite program management method of the present invention includes: repairing the application program and/or the first backup application program by using a new application program issued by a satellite measurement and control center; or repairing the application with the first backup application; or repairing the first backup application with the application.
In one embodiment, the satellite program management method of the present invention includes: after the computer is powered on or initialized, loading the application program; loading a first backup application program after the application program fails to be checked or is reset for more than a preset number of times within preset time; loading the second backup application program after the first backup program fails to be checked or is reset for more than a preset number of times within preset time; and loading the application program after the second backup program fails to be checked or is reset for more than a preset number of times within preset time.
The foregoing detailed description of the preferred embodiments of the invention has been presented. It should be understood that many modifications and variations of the present invention are possible to those skilled in the art in light of the above teachings. Therefore, the technical solutions available to those skilled in the art through logic analysis, reasoning and limited experiments based on the prior art according to the concept of the present invention should be within the scope of protection defined by the claims.
Claims (1)
1. A satellite program management system, comprising:
an application memory configured to be readable and writable, storing an application program and a first backup application program;
a boot memory configured to read only, store a boot program and a second backup application program;
and a controller that controls the second backup application to repair the application and/or the first backup application,
wherein the boot memory and the application memory are NOR FLASH (NOR FLASH);
after the computer is powered on or initialized, loading the application program;
when the application program fails to be checked or is reset within preset time for more than preset times, loading the first backup application program;
when the first backup application program fails to be checked or is reset within preset time for more than preset times, loading the second backup application program;
when the second backup application program fails to be checked or is reset within preset time for more than preset times, loading the application program;
the application program, the first backup application program and the second backup application program are all segmented into program blocks according to the same mode;
the program blocks of the application program are in one-to-one correspondence and same as the program blocks of the first backup application program, and are in one-to-one correspondence and same as the program blocks of the second backup application program;
the bootstrap program selects the program blocks which are successfully verified to be manufactured into an assembly program, and the assembly program is the same as the application program;
the bootstrap program loads the assembly program;
the controller is configured to perform a repair operation, including:
repairing the application program and/or the first backup application program by using a new application program issued by a satellite measurement and control center;
or repairing the application with the first backup application;
or repairing the first backup application with the application;
the controller is configured to execute the repair operation according to an instruction of a satellite measurement and control center;
the boot memory is set to read-only with hardware jumpers;
the bootstrap program is configured to automatically load one of the application program, the first backup application program and the second backup application program according to a satellite measurement and control center instruction or according to a preset loading rule;
the satellite program management system and the satellite program management method have the advantages that technical means of backup, repair, loading control and block cutting are integrated, the storage and loading reliability of the application program is improved, and the workload of application program development is saved.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910058178.4A CN109815055B (en) | 2019-01-22 | 2019-01-22 | Satellite program management system and satellite program management method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910058178.4A CN109815055B (en) | 2019-01-22 | 2019-01-22 | Satellite program management system and satellite program management method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109815055A CN109815055A (en) | 2019-05-28 |
| CN109815055B true CN109815055B (en) | 2021-12-10 |
Family
ID=66603526
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910058178.4A Active CN109815055B (en) | 2019-01-22 | 2019-01-22 | Satellite program management system and satellite program management method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109815055B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113434208A (en) * | 2021-06-09 | 2021-09-24 | 山东航天电子技术研究所 | Satellite software self-adaptive loading method |
| CN114327659B (en) * | 2021-12-29 | 2024-02-20 | 飞依诺科技股份有限公司 | Equipment starting method and wireless ultrasonic equipment |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1549131A (en) * | 2003-05-06 | 2004-11-24 | 联想(北京)有限公司 | Repair method for computer operation system |
| CN103297482A (en) * | 2012-03-05 | 2013-09-11 | 联想(北京)有限公司 | Information processing method and device |
| CN106598780A (en) * | 2016-11-22 | 2017-04-26 | 深圳中科讯联科技股份有限公司 | System backup and recovery method and device |
| CN108763146A (en) * | 2018-04-24 | 2018-11-06 | 华东计算技术研究所(中国电子科技集团公司第三十二研究所) | High-reliability on-satellite computer based on normally-powered working mode |
| CN108920308A (en) * | 2018-07-16 | 2018-11-30 | 郑州云海信息技术有限公司 | A kind of method, apparatus and computer storage medium of data recovery process |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7711989B2 (en) * | 2005-04-01 | 2010-05-04 | Dot Hill Systems Corporation | Storage system with automatic redundant code component failure detection, notification, and repair |
-
2019
- 2019-01-22 CN CN201910058178.4A patent/CN109815055B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1549131A (en) * | 2003-05-06 | 2004-11-24 | 联想(北京)有限公司 | Repair method for computer operation system |
| CN103297482A (en) * | 2012-03-05 | 2013-09-11 | 联想(北京)有限公司 | Information processing method and device |
| CN106598780A (en) * | 2016-11-22 | 2017-04-26 | 深圳中科讯联科技股份有限公司 | System backup and recovery method and device |
| CN108763146A (en) * | 2018-04-24 | 2018-11-06 | 华东计算技术研究所(中国电子科技集团公司第三十二研究所) | High-reliability on-satellite computer based on normally-powered working mode |
| CN108920308A (en) * | 2018-07-16 | 2018-11-30 | 郑州云海信息技术有限公司 | A kind of method, apparatus and computer storage medium of data recovery process |
Non-Patent Citations (1)
| Title |
|---|
| 面向星载一体化综合电子系统的固态存储技术研究;许志宏;《CNKI博士学位论文全文库》;20170915(第9期);正文第14页 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109815055A (en) | 2019-05-28 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102023908B (en) | Method and device for backing up boot program | |
| US9910664B2 (en) | System and method of online firmware update for baseboard management controller (BMC) devices | |
| USRE42727E1 (en) | Method for quickly booting a computer system | |
| US20090217079A1 (en) | Method and apparatus for repairing multi-controller system | |
| CN102830990A (en) | Computer system starting method and computer terminal | |
| CN109815055B (en) | Satellite program management system and satellite program management method | |
| US20190278508A1 (en) | Information Handling System Firmware Persistent Memory Runtime Reclaim | |
| US7127603B2 (en) | System and method for manufacture of information handling systems with selective option ROM executions | |
| US9858434B2 (en) | System and method for erasing a storage medium | |
| CN107566169A (en) | A kind of firmware upgrade method and router based on openwrt | |
| CN110780942A (en) | System starting method and device, node equipment and computer readable storage medium | |
| CN104572354A (en) | Backup and restoration method for operating system based on restoration service and equipment thereof | |
| CN108459822B (en) | Installation method and device of operating system | |
| US10824517B2 (en) | Backup and recovery of configuration files in management device | |
| CN108958814B (en) | Multimode redundant embedded operating system starting method | |
| JPH11514124A (en) | How to load an operating system | |
| CN111124749A (en) | Method and system for automatically repairing BMC (baseboard management controller) system of tightly-coupled high-performance computer system | |
| US20230087221A1 (en) | Detection fields of view | |
| CN100476745C (en) | Method for implementing automatic fault-tolerance of image file in Linux operating system booting process | |
| US8074018B2 (en) | Disk array apparatus, and control method and control program recording medium | |
| JP2002297207A (en) | Backup processor | |
| CN112148377B (en) | Method and device for preventing SSD from abnormal power failure in EFI Shell environment | |
| CN113791874A (en) | Configuration method and device for virtual machine boot, computer equipment and storage medium | |
| KR102423056B1 (en) | Method and system for swapping booting disk | |
| CN112395130A (en) | System backup method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |