Frequently Asked Questions

Frequently Asked Questions #

What is RACCOON OS? #

RACCOON OS is a free, open source distribution of Linux for space applications. It consists of a OS platform that provides a bandwidth-efficient update mechanism, bootloader, device-specific drivers etc. and a set of applications known as the RACCOON Userspace.

The Userspace applications implement standard space protocols including Space Packet (CCSDS 130.3-G-1), USLP (CCSDS 700.1-G-1), COP-1 (CCSDS 232.1-B-2), CFDP (CCSDS 720.1-G-4) and a reduced set of the services in the Packet Utilisation Standard (ECSS-E-ST-70-41C). The implementation of some of these protocols and services is built on top of existing open source libraries. The Userspace uses ROS2 for its middleware and ecosystem of useful nodes.

In addition to the Userspace applications, we provide a set of tools to describe commands and telemetry using XTCE (a CCSDS recommended standard for ground segments), which also generate on-board software code from templates.

The mission database generated by the Userpace tools can be used by mission control systems that support the XTCE standard. Yamcs is the reference mission control software that we use for development and operation.

What can RACCOON OS do today? #

  • Build bootable images for the currently supported platforms: qemux86_64, imx8mp, raspberrypi0.
    • Support for other platforms with a Yocto Linux BSPs should be easy to add.
  • Manage a filesystem versioning repository based on OSTree, generate and apply bandwidth-minimizing delta upgrades. Roll back to previous versions.
  • Prototype implementations of the standard protocols and services mentioned above.
  • Run ROS2 Humble and cross-compile ROS2 workspaces to run on the target.
  • Packages like python3, numpy, gnuradio (with support for UHD radios) and many other common open source utilities.
  • Run the functional test / acquire telemetry for the thermal, vacuum and radiation tests of the RACCOON Mission.

What is missing in RACCOON OS? #

  • Housekeeper service
  • Packet Storage and Retrieval service
  • Realtime Forwarding Control service
  • A custom PUS service for Software Update
    • Currently software updates are applied manually in the command line.
  • Support for SDLS and SDLS-EP
  • Application sandboxing
  • A way for the user to create custom images of RACCOON OS without needing to use the Yocto Linux build system. This will probably be done as some cli/gui wrappers around the ostree utilities.

How do software updates work on RACCOON OS? #

How does RACCOON OS compare with … #

RODOS #

RODOS (Real time Onboard Dependable Operating System) is a FOSS, actively developed operating system for space applications that is widely used in academic missions in Germany and other countries. RODOS primarily targets bare-metal systems (microcontrollers, etc.), but applications written for RODOS can also run on POSIX systems. It provides a cross-platform implementation of a topic-based publish/subscribe middleware, which has been shown to be easy to understand for many aerospace engineers.

In contrast to RACCOON OS, RODOS does not provide implementations of space protocols, applications, interfaces to a ground segment, device drivers (beyond a Hardware Abstraction Library for the chip’s peripherals). RACCOON OS does not target bare-metal platforms.

NASA Core Flight System #

The NASA Core Flight System (cFS) is a FOSS software package that consists of multiple libraries written in C/C++ and a set of applications that implement many standard space protocols and services. cFS has been used in numerous missions (academic, institutional, private) and is at the forefront of open source space technology. cFS implementations of standards like CFDP, Space Data Link Security and SDLS-EP are widely used as reference implementations of these standards.

In contrast to RACCOON OS, cFS does not provide any kind of hardware support beyond the Operating System Abstraction Layer (OSAL). cFS also does not provide a reference ground segment implementation that is capable of sending commands. NASA OpenMCT has some compatibility with cFS, but the interface between the on-board side and the ground segment must be implemented by the user. 1

NanoSat MO Framework #

The NanoSat MO Framework is an open source framework for implementing space applications following the CCSDS Mission Operations standard. It was developed as a PhD thesis at Graz University of Technology in partnership with the European Space Agency, who currently maintains the software. The NMF has been used on OPS-SAT (TODO: and potentially other missions?)

The CCSDS MO Standard defines a set of services typically used for spacecraft operations (similar to the ECCS’s Packet Utilisation Standard 2) and a custom middleware called the Message Abstraction Layer (MAL)3. NMF provides a Java implementation of these services and MAL.

In contrast to RACCOON OS, the custom middleware (MAL) is only supported on Java and C++. Due to the lack of interoperability with other middleware solutions, there is a very reduced ecosystem of software that can be used. Furthermore, it requires developers to learn a new API which is less than ideally documented and for which there are few examples.

It is important to note that the NanoSat MO Framework is not free software. It is licensed with a custom, non- OSI-approved license (“European Space Agency Public License (ESA-PL) Weak Copyleft – v2.4”)

F' #

F’ (F Prime) is a FOSS, cutting-edge flight software framework developed by NASA which has first class support for bare-metal applications and running on Linux. It has been successfully deployed on several space missions. Similar to cFS, F’ comes with a wide variety of first- and third-party applications to support common space protocols and services. F’ also provides with a fully featured ground segment (the F’ Ground Data System) which supports commanding, telemetry and others. Furthermore, F’ is extensively documented and many examples and tutorials can be found.

In contrast with RACCOON OS, F’ uses a custom middleware based on components, ports and topologies. F’ does not provide any device drivers beyond a hardware abstraction layer. The F’ GDS works very well in conjunction with the F’ Flight Software - the mission database is directly generated from the same configuration files used to create onboard software structures. However, connecting the F’ Flight Software with a standards-based ground segment (like Yamcs) is up to the user.

F’ is the most similar FOSS operating system for space applications to RACCOON OS. The main difference between F’ and RACCOON OS is that in the latter, we try to leverage existing, widely adopted solutions for the middleware and libraries. The former provides a unified API that is cross platform on bare-metal and Linux systems alike. RACCOON OS does not target bare-metal systems. The authors of RACCOON OS would recommend writing software for bare-metal computers on spacecraft using F'.

SpaceOS #

SpaceOS is a proprietary unikernel written in OCaml and commercialized by Tarides, a French company which specializes in securing critical systems. Unfortunately, very little information about SpaceOS is publically available. The only source is the blog post linked here. We can infer that the SpaceOS compiler takes a set of user-provided Linux applications and creates a single-binary operating system that only contains the drivers necessary to run the user applications.

What redundancy/reliability features does RACCOON OS have? #

  • Automatic rollback to previous software versions if a configurable number of boot attempts is exceeded.
  • Filesystem metadata and data checksums and redundancy (by using the DUP profile, similar to raid1).
    • This is accomplished by using Btrfs by default. Other freely available and widely used filesystems only offer metadata checksums.

Has RACCOON OS been used in space? #

It has not been used in space yet but there are two missions planned to launch in the next year.

How is RACCOON OS licensed? #

It is licensed with GPLv3. The copyright is owned by the Technische Universität Berlin. We are in the process of founding a non-profit organization to manage the IP rights of RACCOON OS.

How can I use the GPLv3 licensed code of RACCOON OS? #

Please see this summary of the GPLv3 license. Note: this is not legal advice. If you make any changes to the software, you must publish your modified changes with the same license (GPLv3). You can use RACCOON OS for commercial applications, as long as you publish your source code. If you wish to use RACCOON OS but not publish your source code, you must purchase a license from the RACCOON Foundation. Note: the RACCOON Foundation is not yet able to accept license purchases.

What warranty does RACCOON OS come with? #

As stated in the GPLv3 license,

THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM “AS IS” WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.

In the future, you will be able to purchase a custom warranty for RACCOON OS from approved vendors.

Why is RACCOON OS based on Linux? #

We believe that Linux-based systems bring significant benefits over embedded systems for space applications. In terms of security, the Linux kernel has been battle-tested by being a foundational technology of modern IT infrastructure. Many exploit mitigations are on by default, and Linux provides robust access controls to prevent applications from accessing data from other applciations.

Using Linux in space also comes with some challenges that RACCOON OS aims to address.

  1. OpenMCT can be connected to a Yamcs instance with existing open-source plugins. ↩︎

  2. In fact, CCSDS MO is intended to be a successor of the Packet Utilisation Standard but (… whatever …). TODO source the presentation where this timeline is shown. ↩︎

  3. The author notes that “MAL” means “bad” in Spanish. ↩︎

Edit this page