Computer Radiation Error Model

SWITCH TO API

Description

The Computer Radiation Error Model simulates radiation-induced errors on a Computer system. It extends the base Radiation Model and triggers error responses based on Single Event Effects (SEE) probability and Total Ionizing Dose (TID) thresholds. This model enables realistic simulation of space radiation effects on onboard computer systems, including safe mode entry, automatic reboots, and permanent failure.

---

Example Use Cases

• Radiation Hardness Testing: Evaluate computer system resilience to radiation environments encountered in different orbits.
• Fault Tolerance Analysis: Simulate radiation-induced failures to test fault detection and recovery mechanisms.

---

Module Implementation

The model extends Radiation Model and uses its TID and SEE probability outputs to determine when radiation-induced errors occur.

Total Ionizing Dose Effects

TID represents the cumulative radiation exposure over time. The model monitors TID against two configurable thresholds:

• Safe Mode Threshold ($D_{\text{safe}}$): When TID exceeds this value, the computer enters safe mode. Default is 100 Gy.
• Failure Threshold ($D_{\text{fail}}$): When TID exceeds this value, permanent failure occurs and the computer shuts down immediately. Default is 500 Gy.

TID effects are evaluated regardless of computer state. Permanent failure takes precedence over safe mode:

$$\text{Response}=\{\begin{array}{ll}\text{Permanent Failure}& \text{if }D\ge D_{\text{fail}}\\ \text{Safe Mode}& \text{if }D\ge D_{\text{safe}}\\ \text{None}& \text{otherwise}\end{array}$$

Setting a threshold to zero or negative disables that response.

Single Event Effects

SEE are transient radiation-induced events that occur probabilistically. Each simulation step, the model rolls against the SEE probability:

$$P_{\text{event}}=P_{\text{SEE}}\times k$$

where $P_{\text{SEE}}$ is the SEE probability from the radiation model and $k$ is the sensitivity multiplier for the specific computer.

SEE evaluation only occurs when the computer is in a stable Running state. Events are not evaluated during state transitions or when the computer is shut down.

When an SEE occurs, the type is determined by a second probability roll:

Effect Type	Description	Recovery
Single Event Latchup (SEL)	High-current state requiring power cycle	Reboot
Single Event Functional Interrupt (SEFI)	Processor halt or control flow error	Reboot
Single Event Upset (SEU)	Bit flip in memory or registers	May require reboot

The probability distribution is:

• SEL: $P_{\text{SEL}}$ (default 5%)
• SEFI: $P_{\text{SEFI}}$ (default 15%)
• SEU: $1-P_{\text{SEL}}-P_{\text{SEFI}}$ (default 80%)

For SEU events, there is an additional probability $P_{\text{critical}}$ (default 10%) that the bit flip causes a critical error requiring a reboot.

Reboot Behavior

When a reboot is triggered, the model initiates a shutdown and schedules a startup once the shutdown completes. If a Computer Power Model is attached and indicates no power is available (open circuit or model shutdown), the reboot is deferred until power is restored.

Automatic Responses

The model can automatically trigger responses to radiation events:

• Auto Reboot: Automatically restarts the computer after SEE events that require recovery. Enabled by default.
• Auto Safe Mode: Automatically enters safe mode when the TID safe mode threshold is exceeded. Enabled by default.

---

Assumptions/Limitations

• SEE events are simulated probabilistically using a random number generator; results vary between runs unless a seed is set.
• The sum of SEL and SEFI probabilities should not exceed 1.0; the remaining probability is assigned to SEU events.
• Permanent failure is irreversible within a simulation run.
• SEE evaluation is skipped during computer state transitions to avoid accounting errors.
• When a Computer Power Model blocks reboot, the model retries each tick until power is available.