Functional Overview

This section defines the major functional activities required to support the In-Orbit Refueling (IOR) mission. Functions are organized by operational segment (Ground Segment and Space Segment) to clarify operational responsibilities. Detailed subsystem allocation will be refined in later architecture stages.

IOR Spacecraft Capability Levels

Four levels of spacecraft capability are defined, with more details here. These capabilities define the minimum requirements for an entity to be classified as IOR Enabled, IOR Aware, IOR Cooperative and IOR Capable within this initiative.

The Depot, Service Vehicle (SV), Resupply Vehicle (RV), and IOR Capable Client Spacecraft (CS) share IOR Capable as a common set of capability level – enabling cooperative proximity operations and refueling.

IOR Enabled Capability Requirements

Physical Interface

These are Physical Interfaces between SV, Depot, Client Craft and Resupply Vehicle.

Space System Command’s System Engineering Review Board (SERB) has two approved standard interfaces for satellite refueling –

1. Northrop Grumman’s Passive Refueling Module (PRM) and
2. Orbit Fab’s Rapidly Attachable Fluid Transfer Interface (RAFTI).

Industry solutions for refueling of National Security Space assets equipped with these SERB-approved interfaces are sought to meet sustained space maneuver (SSM) needs by 2030

IOR Aware Capability Requirements

Autonomy

• Must be able to operate in autonomous mode with guidance from Ground Station
• Must accept only abort/override commands from Ground Station during autonomous operations

Ground Communication

• Must be able to send proximity operation status to Ground Station via defined communication path
• Operation status must include: DOCKED | UNDOCKED | PROPELLANT_AMOUNT (units). Increasing propellant amount indicates propellant transfer is in progress or is complete.

IOR Cooperative Capability Requirements

Each IOR Cooperative spacecraft must assist active and autonomous participation in proximity operations and refueling through communication and support capabilities.

Autonomy

• Must be able to operate in fully autonomous mode
• Must accept only abort/override commands from Ground Station during autonomous operations

Communication (Local and Ground)

• Must support RF-based local communication with partner spacecraft
• Must communicate using CCSDS Space Packet Protocol
• Must transmit proximity operation status to Ground Station via defined communication path

Attitude & Ephemeris Awareness and Control

• Must determine its own orientation (attitude determination)
• Must maneuver to commanded orientation
• Must autonomously control yaw, pitch, and roll to achieve required attitude
• Must generate and maintain ephemeris data (position and velocity state)

IOR Capable Capability Requirements

Each IOR Capable spacecraft must be able to completely execute RPOD and transfer operations as a master (chaser) and assist the master in RPOD and transfer operations as a slave (target).

IOR capable in addition to IOR Cooperative must have these capabilities

Sensing

• Must provide LiDAR-based relative sensing capability

Control Structure and Coordination Processing

• Must support establishment of a master–slave configuration (default or negotiated)
• Must support operation in either master or slave role
• Must process master–slave attitude coordination logic
• Must generate and transmit attitude-related commands to partner spacecraft when acting as master

IOR Capable RPOD Role Allocation

Although these entities implement the same capabilities, they perform different roles depending on the RPOD scenario.

*Depot transfers propellant to SV before the next supply mission. The transfer of propellant is not tied to this RPOD and can happen at any later time.

External Actors and Interfaces

 

Client Operator Ground System

• The client’s ground system interfaces with IOR systems ground system and coordinates the supply mission with IOR Ground Systems.
• Interfaces with: GS

Exchanges

1. Sends Go / No-Go authorization inputs
2. Sends client spacecraft status, ephemeris, and health information
3. Sends RPOD status information (for IOR-aware / cooperative spacecraft)
4. Receives service vehicle status, ephemeris, and health information to support decision-making
5. Receives Go / No-Go decisions for mission execution

IOR Operator

• Supervises mission execution and provides operational control authority
• Interfaces with: Ground Segment (GS)

Exchanges

• Initiates mission execution
• Issues abort commands
• Provides Go / No-Go decisions
• Reviews mission status and performance data
• Initiates anomaly response actions

Conjunction Service Provider

• Provides collision risk data
• Interfaces with: Ground Segment (GS)
• Exchanges:
  • Sends conjunction alerts
  • Sends collision risk data

Space Environment / Debris

• External influence on system behavior
• Interfaces with: Depot, Service Vehicle
• Exchanges:
  • Environmental disturbances
  • Collision risk exposure

Internal Interfaces

IOR Ground System <-> Depot

IOR Ground System to Depot

1. Sends operational commands
   a. Authorization
   b. Go/No Decision
   c. Maneuver Commands
2. Sends Mission States data

Depot to IOR Ground System

1. Sends telemetry and status information
   a. Ephemeris data
   b. Health and resource status of Depot
   c. Health and resource status of Service Vehicle
   d. Proximity Operation Status
   e. Propellant information
2. Sends Go/No status/assessment for depot-controlled operations

IOR Ground System <-> Service Vehicle

IOR Ground System to Service Vehicle

1. Provides telemetry and status information
   1. Ephemeris data
   2. Health and resource status of Depot
   3. Health and resource status of Service Vehicle
   4. Propellant information
2. Provides RPOD status
   1. Proximity operations status
   2. Hold point status
   3. Docking status
   4. Propellant transfer status
   5. Undocking and departure status
3. Sends Go/No status or assessment for service vehicle-controlled operations

Depot <-> Service Vehicle

Depot to Service Vehicle

1. Provides Operational commands while SV docked
   1. Start
   2. Operational Health status
   3. propellant status
   4. docking status
2. Provides RPOD guidance commands during proximity operations
   1. Relative Navigational Guidance

Service Vehicle to Depot

1. Status responses when docked to Depot SV
   1. Operational Health status
   2. Propellant status
   3. Docking complete
2. RPOD responses while SV in RPOD operations with Depot
   1. Local Navigational Status

Functional Chain

Nominal Service to Client Space Craft

 

Upstream

• OpCon Stage: Client request and planning

Downstream

• To be defined in System Requirements

Execute Rendezvous

Upstream

• OpCon Stage: Rendezvous

Downstream

• To be defined in System Requirements

Execute RPOD with Client Spacecraft

Upstream

• OpCon Stage: Proximity operations

Downstream

• To be defined in System Requirements

Propellant Transfer

Refer to Client Space craft capability levels

Satellite Capability Level: IOR Enabled

Satellite Capability Level: IOR Cooperative

Upstream

• To be defined in OPCONS

Downstream

• To be defined in System Requirements

Abort Far Rendezvous

Scenario (clean and realistic)

• SV at ~10 km → performing rendezvous
• CSP sends updated conjunction data
• Collision probability exceeds threshold
• GS declares No-Go / Abort

Upstream

• To be defined in OPCONS

Downstream

• To be defined in System Requirements

RPOD Recovery (Generic)

Generic recovery logic applicable to approach, hold points, and proximity operations.

For this system, RPOD recovery is driven by navigation and configuration integrity. Two realistic trigger scenarios are:

• Relative navigation inconsistency / sensor anomaly
  RPOD relies on precise relative navigation. If navigation data becomes inconsistent or unreliable, the Service Vehicle enters Hold, re-verifies conditions, may reinitialize navigation, and resumes operations only after consistency is restored.
• Target attitude or docking geometry out of limits
  Docking requires controlled alignment and stable attitude. If limits are exceeded, the Service Vehicle enters Hold or performs a limited Retreat / Back Away, waits for stabilization, and then re-approaches once conditions are acceptable.

Recovery is therefore the primary response, preserving mission progress and propellant.
Abort is the last resort, used only when recovery attempts fail or safe conditions cannot be re-established.

This functional chain models that behavior explicitly

 

Upstream

• To be defined in OPCONS

Downstream

• To be defined in System Requirements

Functional Decomposition

1. Ground Segment

1.1 Mission Management

• Provides Go / No-Go decision authority
• Authorizes mission execution
• Coordinates anomaly resolution

1.2 Mission Planning and Execution

• Plans service missions
• Designs trajectories for service vehicle operations
• Plans plane alignment maneuvers
• Plans phasing maneuvers
• Plans return-to-depot missions
• Plans abort and contingency missions

1.3 Client Interface

• Manages interaction with client ground system
• Receives and processes service requests
• Coordinates service negotiation and confirmation
• Exchanges mission status and coordination information with client

1.4 Space Communications Management

• Provides communication capability with space assets (SV, Depot)
• Transmits operational commands to space assets
• Receives telemetry from space assets

1.5 Navigation Data Management

• Maintains knowledge of space asset states
• Processes ephemeris for Depot, Service Vehicle, and Client spacecraft
• Determines orbital and relative states of space assets
• Assesses relative positioning for proximity and separation management

1.6 RPOD Mission Management

• Plans RPOD operations
• Authorizes RPOD execution
• Manages proximity operations
• Monitors RPOD operational status

1.7 Return-to-Depot Management

• Plans return-to-depot trajectory for Service Vehicle
• Commands return maneuvers
• Monitors Service Vehicle trajectory
• Monitors relative positioning between Service Vehicle and Depot

1.8 Resupply Mission Management

• Plans resupply missions
• Commands resupply maneuvers
• Monitors maneuver execution

1.9 Collision Risk Management

• Conjunction monitoring
• Avoidance maneuver planning

1.10 Maneuver Management

• Maneuver command generation
• Maneuver execution monitoring

1.11 Propellant Logistics Monitoring

• Depot inventory monitoring
• Service allocation tracking

1.12 Fault Management

• Safe-mode command
• Recovery coordination

1.13 System Health Monitoring

• Vehicle health assessment
• Mission status reporting

2. IOR Space Segment

2.1 Depot

2.1.1 Communications Management (GS Interface)

• Provides communication capability with Ground Segment
• Receives operational commands from Ground Segment
• Transmits telemetry to Ground Segment

2.1.2 RPOD Interface with Vehicles

• Manages proximity operations with Service Vehicle
• Manages docking interface
• Manages undocking operations

2.1.3 Attitude Control

• Controls attitude during docking operations

2.1.4 Service Vehicle Interface

• Manages mechanical interface with Service Vehicle
• Manages propellant transfer interface

2.1.5 Maneuver Execution

• Executes maneuver commands

2.1.6 Navigation Data Management

• Generates ephemeris
• Determines orbital state

2.1.7 Telemetry Generation

• Generates telemetry data

2.1.8 Propellant Storage Management

• Tracks propellant inventory
• Manages propellant conditioning

2.1.9 Fault Management

• Activates safe mode
• Performs system recovery

2.1.10 Health Monitoring

• Monitors depot subsystem health
• Monitors Service Vehicle health when SV is docked to Depot

2.2 Service Vehicle (SV)

 

 

2.2.1 Communications Management (GS Interface)

• Provides communication capability with Ground Segment
• Receives operational commands from Ground Segment
• Transmits telemetry to Ground Segment

2.2.2 Navigation Data Management

• Generates ephemeris
• Determines orbital and relative state

2.2.3 RPOD Operations

• Manages proximity operations
• Manages hold points
• Performs docking operations
• Performs undocking operations

2.2.4 Safety Management

• Verifies Go / No-Go conditions for RPOD operations
• Executes abort maneuvers

2.2.5 Relative Navigation

• Tracks target spacecraft
• Generates guidance solutions for RPOD

2.2.6 Propellant Transfer Operations

• Controls propellant transfer
• Monitors propellant flow

2.2.7 Maneuver Execution

• Executes maneuver commands

2.2.8 Propellant Inventory Management

• Tracks onboard propellant inventory

2.2.9 Health Monitoring and Diagnostics

• Monitors Service Vehicle subsystem health
• Performs fault diagnostics

2.2.10 Depot Interface

• Manages mechanical interface with Depot
• Manages propellant transfer interface
• Transmits Service Vehicle health status when docked to Depot

Functional Allocation

Functional Block Diagram

The activities are listed above, but are not added in the functional block diagram below to make the FBD easy to understand.