OrbitFabric v0.5.0 — Commandability and Autonomy Contracts¶
Status: Released
Scope: Commandability and Autonomy Contracts
Summary¶
OrbitFabric v0.5.0 introduces the first contract-level Commandability and Autonomy slice.
This release extends the Mission Data Chain beyond Contact Windows and Downlink Flow Contracts:
Payload Contract
-> Data Product Contract
-> Storage Intent
-> Downlink Intent
-> Contact Window Assumption
-> Downlink Flow Contract
-> Commandability and Autonomy Contract
The feature remains deliberately narrow.
It models command sources, commandability rules, autonomous action assumptions and recovery intents so they can be validated, linted and documented.
It does not implement live uplink.
It does not implement command queues.
It does not implement operator authentication or authorization.
It does not implement an onboard scheduler.
It does not implement flight autonomy or real FDIR.
Added¶
v0.5.0 adds:
optional commandability.yaml domain
Command Source model
Commandability Rule model
Autonomous Action Contract model
Recovery Intent model
commandability/autonomy semantic lint rules
OF-CAB-* lint rule family
OF-AUT-* lint rule family
OF-REC-* lint rule family
generated commandability.md documentation
synthetic demo commandability/autonomy assumptions
New Mission Model Domain¶
The new optional file is:
mission/commandability.yaml
The demo mission now includes:
examples/demo-3u/mission/commandability.yaml
The domain may define:
command sources
commandability rules
autonomous action assumptions
recovery intents
Lint Rules¶
v0.5.0 introduces the first Commandability and Autonomy lint rule families:
OF-CAB-* commandability rule diagnostics
OF-AUT-* autonomous action diagnostics
OF-REC-* recovery intent diagnostics
These rules remain contract-level checks.
They do not authenticate, authorize, queue, schedule, uplink or execute real spacecraft commands.
Generated Documentation¶
When commandability/autonomy contracts are present, OrbitFabric now generates:
generated/docs/commandability.md
The generated page documents:
command sources
commandability rules
autonomous actions
recovery intents
expected events
expected effects
Demo Mission¶
The synthetic demo-3u mission now demonstrates:
ground_operator
-> payload.start_acquisition commandability rule
onboard_autonomy
-> stop payload on low/critical battery faults
-> recovery intents toward DEGRADED and SAFE
The demo commandability/autonomy assumptions are synthetic and clean-room.
They are not derived from a real mission, real operator concept, real command stack or real FDIR design.
Validation Baseline¶
The release baseline is:
ruff check .
pytest
mkdocs build --strict
orbitfabric --version
orbitfabric lint examples/demo-3u/mission/ \
--json generated/reports/lint_report.json
orbitfabric gen docs examples/demo-3u/mission/
orbitfabric sim examples/demo-3u/scenarios/battery_low_during_payload.yaml \
--json generated/reports/battery_low_during_payload_report.json \
--log generated/logs/battery_low_during_payload.log
Expected result:
orbitfabric 0.5.0
all checks passing
lint result: PASSED
docs generation: PASSED
scenario result: PASSED
Non-Goals¶
v0.5.0 intentionally does not introduce:
real command authentication
real command authorization
encryption
live uplink services
operator consoles
command queues
onboard schedulers
flight autonomy runtime
real FDIR or safing logic
Yamcs/OpenC3 runtime services
real spacecraft operations
These are not missing pieces of v0.5.0.
They remain intentionally deferred.
Architectural Meaning¶
v0.5.0 completes the first declared commandability and recovery-assumption layer.
OrbitFabric can now reason about whether commands, command sources, autonomous actions and recovery intents reference known mission objects and whether risky commands have explicit confirmation intent.
That is the correct contract-level step before future end-to-end mission data flow evidence, runtime skeletons or ground integration artifacts.
Final Position¶
OrbitFabric v0.5.0 remains a Mission Data Contract framework.
Commandability and autonomy definitions are contract assumptions.
They are not command runtime behavior, operator tooling or flight autonomy.