Checking for Application Vulnerabilities Using Fault Injection

This thesis introduces a fault injector, called "Pulad", specifically developed for finding application vulnerabilities. Most previous approaches for finding application vulnerabilities involved static verification methods. With these methods, the source code is not executed. Since vulnerabilities can only be revealed when they are exploited, the use of a dynamic verification method, executing the source code, seems needed. The main two dynamic verification areas are software testing and fault injection. This thesis focuses on fault injection. Pulad, the fault injector described in this thesis consists of two main parts called the "collector" and the "fault injector". The goal of the collector is to record all the environment-application interactions when the application is running. These interactions focusing on the environment files are then analyzed and the following fields are uploaded into a database including the file name, file extension, file size, file directory, number of times the file was used, file permission (includes symbolic link and ownership) and number of times an error occurred. The fault injector allows to inject faults either using a graphical user interface (GUI) or directly through a text file. The faults in the files include the file name, the directory name, the execution path, the library path, the file existence, the file ownership, the file permission, etc. For each of the faults, the specific type of fault needs to be indicated. Moreover, the interaction points where the faults should be injected are also provided by the user

Probabilistic Risk Assessment (PRA): A Practical and Cost Effective Approach

The Lunar Reconnaissance Orbiter (LRO) is the first mission of the Robotic Lunar Exploration Program (RLEP), a space exploration venture to the Moon, Mars and beyond. The LRO mission includes spacecraft developed by NASA Goddard Space Flight Center (GSFC) and seven instruments built by GSFC, Russia, and contractors across the nation. LRO is defined as a measurement mission, not a science mission. It emphasizes the overall objectives of obtaining data to facilitate returning mankind safely to the Moon in preparation for an eventual manned mission to Mars. As the first mission in response to the President's commitment of the journey of exploring the solar system and beyond: returning to the Moon in the next decade, then venturing further into the solar system, ultimately sending humans to Mars and beyond, LRO has high-visibility to the public but limited resources and a tight schedule. This paper demonstrates how NASA's Lunar Reconnaissance Orbiter Mission project office incorporated reliability analyses in assessing risks and performing design tradeoffs to ensure mission success. Risk assessment is performed using NASA Procedural Requirements (NPR) 8705.5 - Probabilistic Risk Assessment (PRA) Procedures for NASA Programs and Projects to formulate probabilistic risk assessment (PRA). As required, a limited scope PRA is being performed for the LRO project. The PRA is used to optimize the mission design within mandated budget, manpower, and schedule constraints. The technique that LRO project office uses to perform PRA relies on the application of a component failure database to quantify the potential mission success risks. To ensure mission success in an efficient manner, low cost and tight schedule, the traditional reliability analyses, such as reliability predictions, Failure Modes and Effects Analysis (FMEA), and Fault Tree Analysis (FTA), are used to perform PRA for the large system of LRO with more than 14,000 piece parts and over 120 purchased or contractor built components

Landsat 9 Thermal Infrared Sensor 2 Architecture and Design

The Thermal Infrared Sensor 2 (TIRS-2) will fly aboard the Landsat 9 spacecraft and leverages the Thermal Infrared Sensor (TIRS) design currently flying on Landsat 8. TIRS-2 will provide similar science data as TIRS, but is not a buildto-print rebuild due to changes in requirements and improvements in absolute accuracy. The heritage TIRS design has been modified to reduce the influence of stray light and to add redundancy for higher reliability over a longer mission life. The TIRS-2 development context differs from the TIRS scenario, adding to the changes. The TIRS-2 team has also learned some lessons along the way

Landsat 9 TIRS-2 Architecture and Design

No abstract availabl

Landsat 9 TIRS-2 Architecture and Design

TIRS-2 will fly on the LandSat 9. Like TIRS on Landsat 8, TIRS-2 will produce radiometrically calibrated, geo-located thermal image data. USGS is responsible for operational code. TIRS-2 image data will have the same performance characteristics as that of TIRS on Landsat 8 except better in some cases