OBS Framework

Implementation - Domain Dictionary

Encapsulation of the access to an external unit. External units are represented within an application by proxy components. An abstract unit is a proxy component for an external unit. All access to the external unit is performed through its abstract unit proxy.

See the Operating System Interface design pattern.

A punctual action whose associated actions are only executed if some conditions are satisfied. Conditional punctual action specialize punctual actions by adding an execution check to them. The execution check is performed immediately before executing the actions associated to the conditional punctual actions and the execution of the latter is conditional upon the outcome of the execution check.

See the Punctual Action design pattern.

A conditional punctual action that enapsulates the propagation of a control block and the conditions under which the control block is to be propagated .

See the Control Block design pattern.

Encapsulation of a generic data processing algorithm. A control block is connected to a set of inputs u_k and to a set of outputs y_k and is capable of propagating the inputs to the outputs by applying a transfer function to them. The transfer function is of the generic kind: y_k+1=f(x_k,u_k) where x_k is an state variable that is internally propagated according to an equation like: x_k+1=g(x_k,u_k).

See the Control Block design pattern.

A functionality manager that controls the execution of a number of control blocks. Control managers are application-independent components that are intended to be periodically activated by an external agent. When they are activated, they processes the control blocks by deciding which ones should be propagated and sending them the propagate requests.

See the Control Block design pattern.

Encapsulation of a critical telecommand that must be executed according to an "arm-fire" protocol. Execution of the actions associated to this telecommand must be performed in two steps. First, an "arm" request is received and then a "fire" request is received. The telecommand actions are executed only after both the arm and the fire requests have been received and only if the two requests satisfy certain constraints (e.g. separation in time less than a certain threshold).

See the Telecommand Management design pattern.

Encapsulation of an access to some atomic variable. An atomic variable is a variable that cannot be further broken down into lower-level elements and that has one single value. The data item component allows this value to be read and to be set. The data item variable hides the physical nature of the variable (the address at which the variable is stored, the I/O port from which the variable value is read and to which it is written, etc). A component that holds a reference to a data item has a permanent link to the variable encapsulated in the data item. Some data items may give read-only access to a variables. Others may give both read and write access.

See the Connection design pattern.

A component that acts as a shared data area for data that must be exchanged among other components. The data pool physically contains the data to be exchanged. The producers of data deposit them into the data pool and the consumers of data retrieve them from the data pool.

See the Shared Data design pattern.

Encapsulation of a report describing a synchronous or asynchronous occurence together with its associated data.

See the Event design pattern.

A container for an ordered sequence of events. An event repository is used either by components that wish to create event reports or by components that wish to inspect the event reports created by other components.

See the Event design pattern.

An encapsulation of a Fault Detection Isolation and Recovery (FDIR) check consisting of an FDI check and its associated recovery action.

See the FDIR Check design pattern.

A generic and customizable finite state machine (FSM). An FSM is characterized by a set of FsmStates. It is intended to be periodically activated by some external agent. When it is activated, the FSM executes the actions associated to the current state and performs any required state transitions.

See the Finite State Machine design pattern.

An encapsulation of an event that, when it is fired, commands a specific state transition in a specific FSM.

See the Finite State Machine design pattern.

An encapsulation of the behaviour associated to one state in an FSM. This behaviour consists of:

• actions that are associated to the FSM state.
• an entry check that verifies whether the state can be entered.
• an exit check that verifies whether the state can be exited.
• a termination check that verifies if all actions associated to the current state have been executed.
• a next state that must be entered when the actions associated to the current state have been completed.

• An initialization action: a punctual action performed immediately after the state is entered
• A continued action: an action performed continuously while the state is active
• An exit action: a punctual action that is performed immediately before the state is exited

See the Finite State Machine design pattern.

An encapsulation of a repetitive action to be controlled by a functionality manager.

See the Manager design pattern.

An application-indepedent component responsible for controlling the repetitive execution of actions that are encapsulated in components characterized by a standard functionality implementer interface. The functionality manager decouples the management of the actions from their implementation by processing them exclusively through this standard interface.

See the Manager design pattern.

An encapsulation of a sequence of actions that must be performed by the application at specified times to achieve a specified goal. A manoeuvre is characterized by:

• the actions that are associated to the manoeuvre.
• a start check that verifies whether manoeuvre execution can start. Depending on the manoeuvre, readiness to start can be defined by a time tag or by the occurrence of certain operational conditions.
• a continuation check that verifies whether an on-going manoeuvre can continue its execution.
• a termination check that verifies whether the manoeuvre has terminated execution. Depending on the manoeuvre, termination can be defined by a time tag or by the achievement of pre-specified operational conditions.

See the Manoeuvre Management design pattern.

An application-independent component responsible for controlling the execution of generic manoeuvres. The manoeuvre manager is intended to be periodically activated by an external agent. When it is activated, it processes all pending manoeuvres and decides which ones should start execution, which ones should continue execution, and which ones should be terminated. Manoeuvre managers are a form of functionality managers.

See the Manoeuvre Management design pattern.

A component that encapsulates the mode switching logic for a mode-dependent component. A mode-dependent component is a component whose behaviour depends on operational mode. More specifically, a mode-dependent component is a component that must implement one or more strategies where, for each strategy, several implementations are possible, one for each operational mode. If i_s is the implementation for strategy s, then: i_s = f_s(m) where m is the operational mode and f_s(.) is a function that associates an implementation to each operational mode. A mode manager is a component that, for a specific component, implements the logic to determine the operational mode as a function of current operational conditions and that implements the f_s(.) functions for all the strategies used by the mode-dependent component.

See the Mode Management design pattern.

Encapsulation of a time profile representing the desired behaviour over time of a variable that must be subjected to monitoring.

See the Variable Monitoring design pattern.

Application-independent encapsulation of the access to a group of related operating system services. .

See the Operating System Interface design pattern.

An encapsulation of a data structure that holds a set of parameters and offers read and write access to them through symbolic identifiers.

See the Parameter Database design pattern.

An action that is executed in one-shot mode, namely an action that is activated once and executes to completion during its single activation. Punctual actions are opposed to manoeuvres that instead represent actions that are executed over several activations and over a period of time.

See the Punctual Action design pattern.

A component that encapsulates the reconfiguration logic for a reconfigurable functionality. A reconfigurable functionality is a functionality for which several independent but functionally equivalent implementations exist of which only one is intended to be active at any given time. A reconfiguration is a switch between two alternative implementations of the same functionality.

See the Reconfiguration Management design pattern.

Encapsulation of an action or set of actions that must be executed in response to the detection of an anomaly. The recovery action is triggered by the component that detects the anomaly. To each anomaly conditions, one recovery action should be associated. Detection of an anomaly should result in the associated recover action being triggered. Recovery actions can be linked in chains so that the triggering of the recovery action at the head of the chain will cause all recovery actions in the chain to be triggered in sequence.

See the Recovery Action design pattern.

Encapsulation of an action to be performed on or by the application software in a punctual fashion. A telecommand is characterized by:

• the action that is associated to the telecommand.
• a time tag that defines the earliest time when the telecommand should be considered for execution.
• a validity check that verifies whether the attributes associated to the telecommand have legal values.
• an execution check that verifies that the operational conditions at the time the telecommand is due for execution are compatible with the safe execution of the telecommand. operational conditions hold.

See the Telecommand Management design pattern.

The encapsulation of the mechanism for receiving raw telecommands, decoding them and loading them into the telecommand manager.

See the Telecommand Management design pattern.

A component that processes telecommands. A telecommand manager maintains a list of pending telecommands. It decides when and whether individual telecommands should be executed and perform all actions relative to their execution that are independent of the specific actions that are associated to the telecommand. Telecommand managers are a form of functionality managers.

See the Telecommand Management design pattern.

The attribute of components that are potentially capable of supplying a telemetry image containing a subset of their internal state. The same telemeterable component may be required to supply different telemetry images depending on operational conditions. Telemeterable components are therefore endowed with a format attribute whose value defines the type of telemetry image that they supply at any given time.

See the Telemeterable design pattern.

Encapsulation of a single telemetry item together with the process to acquire, format and validate it. A telemetry item represents a small set of closely related telemetry data that are to be inserted in the telemetry stream as contiguous data. It will often consist of one or a small number of word of 16 bits each but may also consist of groups of bits of different sizes.

See the Telemetry Item design pattern.

A component that manages the telemetry data generation process. A telemetry manager is responsible for maintaining a list of components that can contribute data to the telemetry stream. When it is activated, it directs these components to generate their telemetry data and dispatches the data thus generated to the telemetry stream. Telemetry managers are a form of functionality managers.

See the Telemetry Management design pattern.

An encapsulation of the data sink to which telemetry data are written. A telemetry stream represents a generic channel through which telemetry data can be forwarded to the ground station and encapsulates details about the physical implementation of this channel.

See the Telemetry Stream design pattern.

Encapsulation of the mechanism for forwarding trace signals to an external test set up. A trace signal is a physical signal that is generated by the software in response to the execution of selected statements. It is used as a means of performing timing measurements and other checks on the execution of an embedded application.

See the Trace design pattern.