azaion/gps-denied-onboard
1
0
Fork 0
mirror of https://github.com/azaion/gps-denied-onboard.git synced 2026-06-21 08:41:12 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
087f4dba274ffe06c1daad0461ee856c9f5068f0
gps-denied-onboard/_docs/02_tasks/done/AZ-229_satellite_service_sync.md
T
Oleksandr Bezdieniezhnykh 087f4dba27 [AZ-228] [AZ-229] Add VIO and satellite sync boundaries 
Co-authored-by: Cursor <cursoragent@cursor.com>
2026-05-03 18:31:04 +03:00

2.8 KiB
Raw Blame History

Satellite Service Sync Boundary

Task: AZ-229_satellite_service_sync Name: Satellite Service Sync Boundary Description: Import mission cache packages before flight and upload generated-tile packages after flight. Complexity: 3 points Dependencies: AZ-222_runtime_config_errors_telemetry, AZ-225_tile_manager_cache_manifest, AZ-226_generated_tile_orthorectification Component: Satellite Service Tracker: AZ-229 Epic: AZ-214

Problem

The onboard runtime needs a clear boundary for Satellite Service package exchange without allowing mid-flight network calls.

Outcome

  • Pre-flight cache packages can be imported and handed to Tile Manager validation.
  • Post-flight generated-tile packages can be uploaded/retried.
  • Mid-flight provider or Satellite Service calls are explicitly blocked.

Scope

Included

  • Pre-flight import behavior.
  • Post-flight generated-tile upload behavior.
  • Package status and retry/error reporting.

Excluded

  • In-flight retrieval ranking.
  • Tile manifest validation and generated tile creation.

Dependencies

Document Dependencies

  • _docs/02_document/contracts/shared/runtime_contracts.md
  • _docs/02_document/contracts/shared/config_errors_telemetry.md

Acceptance Criteria

AC-1: Pre-flight package import succeeds Given a valid Satellite Service mission cache package When import runs before flight Then the package is available for Tile Manager validation.

AC-2: Post-flight upload is auditable Given a generated-tile package exists after landing When upload runs Then success, rejection, or retryable failure is recorded.

AC-3: Mid-flight network calls are blocked Given the runtime is in flight mode When cache data is missing Then the component does not call a satellite provider or suite service.

Non-Functional Requirements

Reliability

  • Upload failures retain packages for retry.

Security

  • Signing credentials are never logged.

Unit Tests

AC Ref What to Test Required Outcome
AC-1 Valid import package Package ready for validation
AC-2 Upload unavailable Retryable failure recorded
AC-3 Flight-mode missing data No network call

Blackbox Tests

AC Ref Initial Data/Conditions What to Test Expected Behavior NFR References
AC-3 Network disabled in replay Relocalization missing data Degraded/no-candidate behavior, no fetch Security

Constraints

  • No in-flight Satellite Service or satellite-provider network dependency.
  • Package sync is before takeoff or after landing only.

Risks & Mitigation

Risk 1: Boundary confusion

  • Risk: Retrieval code starts fetching provider data mid-flight.
  • Mitigation: Flight-mode invariant is acceptance-tested.
Reference in New Issue View Git Blame Copy Permalink