跳转至

SateLight: A Satellite Application Update Framework for Satellite Computing

Satellite computing is an emerging paradigm that empowers satellites to perform onboard processing tasks (i.e., satellite applications), thereby reducing reliance on ground-based systems and improving responsiveness. However, enabling application software updates in this context remains a fundamental challenge due to application heterogeneity, limited ground-tosatellite bandwidth, and harsh space conditions. Existing software update approaches, designed primarily for terrestrial systems, fail to address these constraints, as they assume abundant computational capacity and stable connectivity.

To address this gap, we propose SateLight, a practical and effective satellite application update framework tailored for satellite computing. SateLight leverages containerization to encapsulate heterogeneous applications, enabling efficient deployment and maintenance. SateLight further integrates three capabilities: (1) a content-aware differential strategy that minimizes communication data volume, (2) a fine-grained onboard update design that reconstructs target applications, and (3) a layer-based faulttolerant recovery mechanism to ensure reliability under failureprone space conditions. Experimental results on a satellite simulation environment with 10 representative satellite applications demonstrate that SateLight reduces transmission latency by up to 91.18% (average 56.54%) compared to the best currently available baseline. It also consistently ensures 100% update correctness across all evaluated applications. Furthermore, a case study on a real-world in-orbit satellite demonstrates the practicality of our approach.

卫星计算是一种新兴的计算范式,它赋予卫星在轨执行处理任务(即卫星应用)的能力,从而减少对地面系统的依赖并提高响应速度。然而,由于应用的异构性、有限的星地通信带宽以及严酷的空间环境,在此背景下实现应用软件的更新仍然是一项根本性挑战。现有的软件更新方法主要为地面系统设计,未能解决这些制约因素,因为它们假设计算能力充裕且连接稳定。

为应对这一挑战,我们提出了 SateLight,一个专为卫星计算量身打造的、实用且高效的卫星应用更新框架。

SateLight 利用容器化技术来封装异构应用, 实现了高效的部署与维护。在此基础上,SateLight 进一步集成了三项核心能力:

  1. 一种可最小化通信数据量的内容感知差分策略
  2. 一种可重构目标应用的细粒度在轨更新设计
  3. 一种基于分层的容错恢复机制,以确保在易于出错的空间条件下的可靠性

在一个包含10个代表性卫星应用的卫星仿真环境中进行的实验结果表明,与当前最优的基线方法相比,SateLight 将传输延迟最多降低了 91.18%(平均 56.54%)。同时,它在所有评估的应用中始终确保了 100% 的更新正确性。此外,我们通过对一颗真实在轨卫星的案例研究,验证了我们方法的实用性。

Introduction

Satellite computing [1], [2] is an emerging paradigm that endows Low Earth Orbit (LEO) satellites with onboard computing capabilities, enabling them to process mission tasks directly in orbit. LEO satellites [3], [4], exemplified by leading constellations such as Telesat, OneWeb, and SpaceX, are undergoing rapid development [5]. Operating at orbital altitudes between 500 km and 1,000 km, these satellites have traditionally been limited to data collection and transmission. However, growing demands for real-time responsiveness and massive space-borne data have driven a shift towards autonomous, intelligent satellites with integrated processing capabilities. Modern satellites are now equipped with processors, memory, and accelerators, forming onboard infrastructure capable of executing complex tasks, i.e., satellite applications.

Satellite applications refer to the programs deployed on satellites to perform mission-specific computations, which can capture raw sensor data, analyze features of interest, and make decisions or transmit results back to the ground stations. Representative satellite applications [6]–[10] include image encoding, object detection, feature tracking, etc. However, once the satellite is launched, the functionalities of satellite applications are generally fixed, rendering it inflexible to accommodate evolving mission objectives or unforeseen requirements. This lack of adaptability poses a significant limitation in the dynamic and long-duration context of modern space missions. Thus, the capability to remotely update satellite applications from ground stations to satellites, whether for new features or bug fixes, has emerged as a critical and urgent requirement in satellite computing.

卫星计算 [1], [2] 是一种新兴范式,它赋予低地球轨道(LEO)卫星在轨计算能力,使其能够直接在轨道上处理任务数据。以 Telesat、OneWeb 和 SpaceX 等领先星座为代表的 LEO 卫星 [3], [4] 正在经历快速发展 [5]。这些卫星运行在500公里至1000公里的轨道高度,传统上其功能仅限于数据收集与传输。然而,对实时响应能力和海量天基数据的日益增长的需求,推动了卫星向具备集成处理能力的自主、智能方向转变。现代卫星现已配备处理器、内存和加速器,构成了能够执行复杂任务(即卫星应用)的在轨基础设施。

卫星应用是指部署在卫星上用以执行特定任务计算的程序,它们可以捕获原始传感器数据、分析感兴趣的特征、做出决策或将结果传回地面站。代表性的卫星应用 [6]–[10] 包括图像编码、目标检测、特征跟踪等。然而,一旦卫星发射,其应用功能通常是固定的, 这使其难以灵活适应不断变化的任务目标或不可预见的需求。

在现代航天任务动态且长周期的背景下,这种适应性的缺乏构成了一个重大限制。因此, 从地面站向卫星远程更新应用(无论是为了增加新功能还是修复错误)的能力, 已成为卫星计算中一个关键而紧迫的需求。

Despite its critical importance, effective application updating in satellite computing remains an unsolved problem. Existing software update approaches in terrestrial environments are generally divided into three categories: pre-update, in-update, and post-update. Pre-update approaches have focused on recommending what to update [11]–[14], assuming updates can be directly applied through full replacements. In-update studies have involved dynamic software updates, which enable runtime changes without service interruption [15]–[17]. However, these methods have depended on heavyweight static analysis, language-specific instrumentation, and extensive test suites, which could make them unsuitable for resource-constrained satellite systems. Post-update research has explored user feedback and update behavior analysis [18]–[21], but focused on software evolution rather than specific update mechanisms.

尽管至关重要,但在卫星计算中实现有效的应用更新仍是一个未解决的难题。

地面环境中的现有软件更新方法通常分为三类:更新前、更新中和更新后。

  1. 更新前的方法侧重于推荐更新内容 [11]–[14],并假设更新可以通过完全替换直接应用
  2. 更新中的研究涉及动态软件更新,它允许在不中断服务的情况下进行运行时更改 [15]–[17]
    • 然而,这些方法依赖于重量级的静态分析、特定于语言的插桩和大量的测试套件,这可能使它们不适用于资源受限的卫星系统
  3. 更新后的研究则探索了用户反馈和更新行为分析 [18]–[21],但其重点是软件演化而非具体的更新机制
没太看懂这三种更新方式的含义

用人话翻译一下!

在我们想要实施软件更新时, 在不同的时间段, 考察的点是不同的:

  • 更新前: 我该更新哪个?
  • 更新中: 如何做到无缝"热更新"?
  • 更新后: 更新效果如何?

Updating satellite applications introduces several unique and under-explored challenges. (1) Heterogeneous applications and constrained resources. Satellite systems host diverse software stacks, making language-specific update approaches infeasible. Limited onboard resources (e.g., CPU, memory, and energy) further restrict complex update logic. (2) Lowbandwidth, intermittent communication. Communication uplink capacity from the ground to the satellite is severely limited (tens to hundreds of kbps), with short, infrequent contact windows, leading to a high risk of incomplete or delayed application update delivery. (3) Harsh and unreliable space environments. Radiation and thermal shifts in space increase the likelihood of in-orbit faults, turning failed updates into potentially mission-critical events. To the best of our knowledge, limited research has addressed these challenges. A critical gap remains in designing satellite application update approaches that can effectively handle application heterogeneity, communication constraints, and reliability requirements.

更新卫星应用引入了几个独特且未被充分探索的挑战。

(1)异构应用与资源受限。卫星系统承载着多样的软件栈,使得特定于语言的更新方法不切实际。有限的在轨资源(如CPU、内存和能源)进一步限制了复杂的更新逻辑。

(2)低带宽、间歇性通信。从地面到卫星的上行通信链路容量受到严重限制(数十至数百kbps),且接触窗口短暂且不频繁,导致应用更新交付不完整或延迟的风险很高。

(3)严酷且不可靠的空间环境。空间中的辐射和温度变化增加了在轨故障的可能性,使得更新失败可能演变为危及任务的关键事件。

据我们所知,针对这些挑战的研究十分有限。在设计能够有效处理应用异构性、通信约束和可靠性需求的卫星应用更新方法方面,仍然存在着关键的空白。

To address these challenges, we present SateLight, a practical and effective satellite application update framework for satellite computing. At its core, SateLight adopts a containerbased design to encapsulate heterogeneous satellite applications. This abstraction leverages the well-established benefits of containers (e.g., flexibility and isolation), thereby simplifying application deployment and maintenance in resourceconstrained satellite systems. Containerization also mitigates the complexity of language-specific software update logic, enabling uniform update management based on containers.

Built on this foundation, SateLight introduces three core capabilities: (1) a communication-efficient upload strategy that minimizes uplink bandwidth usage through content-aware differential identification; (2) a fine-grained onboard update strategy that enables deterministic reconstruction of target application versions; and (3) a fault-tolerant recovery mechanism that ensures update reliability by leveraging the layered nature of containers for rapid recovery upon failure. Specifically, SateLight employs a content-aware differential algorithm to extract semantic deltas between the existing and updated application versions. These deltas are encoded and transmitted to the satellite, reducing the data transmission overhead. Upon reception, the onboard satellite system performs an application reconstruction by applying fine-grained updates at line or chunk granularity to the original containerized application. To guarantee update reliability, SateLight integrates a layerbased rollback mechanism: upon detecting update failures, it instantly reverts to the last stable container layer, thereby eliminating the need for a full re-upload.

We implement SateLight and evaluate its effectiveness using 10 representative satellite applications written in diverse programming languages, within a satellite simulation environment. Results show that SateLight reduces uplink transmission latency by an average of 99.99%, 73.06%, and 56.54% compared to three baselines. Despite adopting a fine-grained onboard application reconstruction strategy, SateLight incurs only a negligible overhead, increasing execution time by around 2 seconds on average. Moreover, it consistently achieves 100% update correctness across all evaluated applications. We validate the practicality of SateLight through a case study on BUPT-2, a real-world in-orbit satellite equipped with onboard cloud-native computing. We release a public repository [22] containing data and code used in this study to support reproducibility and future research.

为了应对这些挑战,我们提出了 SateLight,一个面向卫星计算的实用且高效的卫星应用更新框架。

SateLight 的核心是 采用基于容器的设计来封装异构的卫星应用:

  1. 这种抽象利用了容器已有的优势(例如,灵活性和隔离性),从而简化了在资源受限的卫星系统中的应用部署和维护
  2. 容器化还降低了特定于语言的软件更新逻辑的复杂性,使得基于容器的统一更新管理成为可能

在此基础上,SateLight 引入了三项核心能力:

(1)一种通过内容感知的差异识别来最小化上行链路带宽使用的通信高效上传策略

(2)一种能够对目标应用版本进行确定性重构的细粒度在轨更新策略

(3)一种容错恢复机制,它利用容器的分层特性,在发生故障时实现快速恢复

具体而言,SateLight 采用一种内容感知的差分算法来提取现有应用版本与更新版本之间的语义增量。 这些增量被编码并传输至卫星,从而减少了数据传输开销。

接收后,在轨卫星系统通过在行或块的粒度上 对原始容器化应用进行细粒度更新 ,从而完成应用重构。

为保证更新的可靠性,SateLight 集成了一种基于分层的回滚机制一旦检测到更新失败,它会立即恢复到上一个稳定的容器层,从而避免了完全重新上传的需要。

我们实现了 SateLight,并在一个卫星仿真环境中使用10个以不同编程语言编写的代表性卫星应用对其有效性进行了评估。结果表明,与三个基线方法相比,SateLight 的上行传输延迟平均降低了 99.99%73.06%56.54%。尽管采用了细粒度的在轨应用重构策略,SateLight 仅产生了可忽略的开销,平均执行时间仅增加约2秒。此外,它在所有评估的应用中始终实现了 100% 的更新正确性。我们通过对“北邮二号”(BUPT-2)——一颗配备了在轨云原生计算能力的真实在轨卫星——的案例研究,验证了 SateLight 的实用性。我们发布了一个包含本研究中使用的数据和代码的公共代码仓库 [22],以支持可复现性和未来的研究。

Background

A. Satellite-Ground System Architecture

As illustrated in Fig. 1, the interaction between LEO satellites and ground stations follows a highly time-sensitive and intermittent communication model, governed by orbital mechanics and visibility constraints. For instance, at t 1 , the satellite is approaching the visibility zone but remains outside the effective communication range. At t 2 , it enters the communication window, enabling both uplink (e.g., command transmissions, application updates) and downlink (e.g., telemetry, sensor data) operations. At t 3 , the satellite exits the communication range and autonomously executes onboard tasks. At t 4 , it passes beyond the ground station’s reach and awaits the next contact opportunity.

Communication with satellites is intermittent, with typical contact windows occurring 4–6 times per day, each lasting approximately 10 minutes [23]. Moreover, uplink bandwidth generally ranges from tens to a few hundred kbps [1], [23][25]. These impose strict requirements on data transmission to ensure reliable operations within each limited contact window.

如图1所示,低地球轨道卫星与地面站之间的交互遵循一个高度时间敏感且间歇性的通信模型,该模型受轨道力学和可见性约束的制约。例如,在 \(t_1\) 时刻,卫星正在接近可视区域但仍在有效通信范围之外。在 \(t_2\) 时刻,它进入通信窗口,从而可以进行上行链路(如指令传输、应用更新)和下行链路(如遥测、传感器数据)操作。在 \(t_3\) 时刻,卫星离开通信范围,并自主执行在轨任务。在 \(t_4\) 时刻,它超出了地面站的覆盖范围,等待下一次接触机会。

alt text

与卫星的通信是间歇性的, 典型的接触窗口每天出现4-6次,每次持续约10分钟 [23]。此外, 上行链路带宽通常在几十到几百 kbps 之间 [1], [23]–[25]。这些因素对数据传输提出了严格要求,以确保在每个有限的接触窗口内进行可靠的操作。

B. Key Challenges in Satellite Application Updates

Ensuring effective and reliable satellite application updates is non-trivial due to the following challenges:

• Challenge 1: Application Heterogeneity and Onboard Resource Constraints. Satellites can host diverse applications built using different programming languages, e.g., C, C++, and Python. This application heterogeneity complicates the design of a unified software update mechanism. Moreover, satellite systems operate under stringent resource constraints, including limited CPU cycles, memory, and energy. These limitations preclude the use of heavyweight software update methods [15]–[17] (e.g., complex program analysis or large test cases). The limited storage capacity of satellites further constrains the retention of multiple versions of applications.

• Challenge 2: Limited Communication Bandwidth. Uplink channels in LEO satellites are fundamentally constrained by low bandwidth and short transmission windows with ground stations. Large application updates can easily exceed the available bandwidth within a single pass, leading to partial transmissions and incomplete deployments. These constraints place greater demands on maximizing communication efficiency to ensure the delivery of critical missions.

• Challenge 3: Space Environment Risk in Orbit. The space environment is subject to radiation, extreme temperature fluctuations, and mechanical stress, which could pose threats to application updates. Any failure in update execution or application logic can compromise mission-critical functions, and in extreme cases, lead to permanent satellite malfunction. Consequently, satellite systems impose stringent reliability requirements on any update mechanism.

确保卫星应用的有效和可靠更新并非易事,主要面临以下挑战:

  • 挑战1:应用异构性与在轨资源限制。 卫星可以承载使用不同编程语言(如C、C++和Python)构建的多样化应用。这种应用的异构性使得设计统一的软件更新机制变得复杂。此外,卫星系统在严格的资源限制下运行,包括有限的CPU周期、内存和能源。这些限制排除了使用重量级软件更新方法 [15]–[17](例如,复杂的程序分析或大型测试用例)的可能性。卫星有限的存储容量进一步限制了保留多个应用版本的能力。

  • 挑战2:有限的通信带宽。 LEO 卫星的上行链路在根本上受到低带宽和与地面站短暂传输窗口的限制。大型应用更新很容易超出单个过境窗口内的可用带宽,导致传输不完整和部署失败。这些限制对最大化通信效率以确保关键任务的交付提出了更高要求。

  • 挑战3:在轨空间环境风险。 空间环境受到辐射、极端温度波动和机械应力的影响,这可能对应用更新构成威胁。更新执行或应用逻辑中的任何失败都可能危及关键任务功能,在极端情况下,甚至可能导致永久性的卫星故障。因此,卫星系统对任何更新机制都提出了严格的可靠性要求。

Framework

SateLight在容器化基础上集成了三大核心能力,旨在解决通信、更新执行和可靠性问题。

alt text

1. 通信高效的上载策略(内容感知差异化识别)

  • 设计原则:差异化以最小化带宽负载 (Differentiation to Minimize Bandwidth Load)
  • 目标:最大限度地减少上行链路带宽的使用,解决地面到卫星带宽低、通信间歇性(低带宽、短接触窗口)的问题
  • 机制 (Application Upload Component):采用内容感知差异化识别算法来提取现有版本和更新版本之间细粒度的语义差异(deltas)
    • 文件分析:SateLight在地面上对容器镜像执行分层比较(目录级和文件级增量分析)
      • 文本文件:执行行级差异分析。通过构建编辑图(Edit Graph)寻找最短编辑路径,识别插入(Insert, I)、删除(Delete, D)和保留(Retain, R)操作。为了优化大型文件的性能,采用双向分治变体计算编辑路径
      • 非文本/二进制文件:采用内容定义块级差异分析,通过计算滑动窗口上的滚动哈希值(如类似于Rabin Fingerprint方法)来检测稳定的块边界
    • 元数据表示
      • 将结构和语义变化封装为统一的元数据表示(如\(\langle\)Type, FilePath, EditOps\(\rangle\)),并对插入的数据进行单独存储,以便于后续在轨重建
      • 上传包使用Gzip等标准无损压缩进一步减少带宽消耗
  • 实验结果 (RQ1):SateLight显著减少了上载传输开销。平均而言,与表现最好的基线相比,它将传输延迟降低了56.54%,最高达到91.18%。在较低代码修改级别(10%)时,平均延迟减少达到69.63%

2. 在轨应用重建策略(细粒度在轨更新)

  • 目标:在卫星上实现目标应用版本的确定性重建
  • 机制 (Onboard Update Component, Step 3)
    • SateLight解析接收到的包含编辑操作的元数据包
    • 对于更新的文件,算法迭代应用编辑指令(R, D, I),在行或块的粒度上对原始内容进行修改,从而重建目标文件
  • 实验结果 (RQ2):即使采用了细粒度的重建过程,SateLight引入的在轨更新开销仍然极小。平均而言,在轨更新延迟仅比基线增加了约2秒左右。它在所有评估的应用中始终确保100%的更新正确性

3. 故障容忍恢复机制(基于分层的回滚)

  • 设计原则:通过可逆执行实现可靠性
  • 目标:确保在容易发生故障的空间条件下,应用更新的可靠性和可用性。解决空间环境风险(如辐射和热变化可能导致任务关键型故障)的挑战
  • 机制 (Onboard Update Component, Step 4)
    • SateLight通过事件触发机制(例如非零退出代码)持续监控容器状态,检测更新过程中或更新后的执行故障
    • 一旦检测到故障,它会立即触发回滚程序,无需地面站的远程协助
    • 该策略利用容器固有的分层架构,将每个应用版本封装为独立镜像层。如果更新镜像层(例如V1.1)被识别为故障,SateLight会通过替换最上层的方式,迅速回滚到上次稳定的镜像层(例如V1.0)
    • alt text
  • 实验结果 (RQ3):SateLight的基于分层的回滚机制实现了高效的平衡。它避免了镜像恢复所需的高存储需求(942,701.00 KB),同时实现了极快的备份时间(0.48 ms),并减少了恢复处理时间(36,131.41 ms),优于文件恢复和补丁恢复方法

Satellite Computing Recent advances in satellite computing have focused on enhancing onboard computational capabilities to support increasingly complex satellite applications. Komet [8] was a serverless edge computing platform tailored for LEO satellites, enabling on-demand function execution and dynamic service migration through hardware abstraction. Xing et al. [6] analyzed how thermal control and power constraints affect task scheduling on COTS devices in orbit. SECO [9] was a collaborative edge computing framework to coordinate real-time tasks, such as image compression and object detection, across multiple satellites for lowlatency Earth observation. Phoenix [10] was an energy-ware scheduling framework that leveraged sunlit orbital periods to opportunistically perform onboard processing. To alleviate bandwidth constraints, Maskey and Cho [42] designed a lightweight convolutional neural network for onboard image classification, reducing unnecessary data transmission. The Tiansuan constellation [43] employed KubeEdge to enable satellite-ground collaborative inference, improving application responsiveness. While these efforts advance various aspects of satellite computing, little attention has been given to the approaches for updating and evolving satellite applications. In this work, we address this gap by presenting SateLight. Software Update Research on software updates has been categorized into three primary phases: pre-update, in-update, and post-update. Prior research on pre- and post-update phases has primarily focused on update planning and impact assessment. In the pre-update stage, efforts have centered on recommending what to update. Techniques include mining user feedback [11], [12], recommending configuration updates [13], and leveraging large language models for code change suggestions [14]. However, these approaches focus on update recommendation rather than execution. Most assume a ground-based context, where direct version replacement is feasible, ignoring the operational constraints present in resource-limited satellites. In the post-update stage, studies have addressed user behavior and update effectiveness. This includes analyzing the influence of automated pull requests [18], detecting faulty updates [19], evaluating update interval strategies [20], and characterizing update patterns [21]. While valuable, these studies address different concerns and do not tackle the unique constraints of software evolution in satellites.

Studies on in-update have explored dynamically how to apply updates safely and efficiently, i.e., dynamic software update (DSU). For instance, Zhao et al. [15] leveraged test cases to identify safe update points in Java programs, albeit with high computational cost. Cazzola and Jalili [16] proposed an annotation-driven framework to detect unsafe update points and dynamically avoid them. MCR [17] supported live updates in C applications by automating control transfer and state migration through static instrumentation and thread coordination. However, DSU techniques pursue incremental, in-place updates during program execution, fundamentally differing from our goal of stable application replacement on satellites, which are infrequent, planned, communication-limited, and ground-controlled. Additionally, DSU relies on languagespecific analysis, runtime monitoring, and extensive test suites, making it impractical for resource-constrained satellites. In contrast, SateLight employs a lightweight content-aware update framework that avoids such overhead and addresses unique challenges to support diverse satellite applications.

  1. 与“卫星计算”领域研究的对比

    • 现有研究的焦点:以往的卫星计算研究主要致力于增强卫星的在轨处理能力。例如,开发在轨无服务器平台 (Komet)、研究如何管理卫星的电源和散热以更好地调度计算任务、设计多星协同计算框架 (SECO)、以及优化在轨AI模型以减少数据传输等
    • 现有研究的空白:作者指出,尽管这些工作让卫星变得更“聪明”,但它们几乎都忽略了一个根本性问题:如何对已经发射到太空中的卫星应用进行更新和维护
    • SateLight的定位:SateLight 正是为了填补这一关键空白,首次系统性地解决了卫星应用的更新难题

  2. 与“传统软件更新”领域研究的对比

作者将传统的软件更新研究分为三类,并逐一论证了它们为何不适用于卫星场景:

  • “更新前”与“更新后”的研究 (Pre-update / Post-update)

    • 内容:这类研究关注的是“推荐更新哪个版本”或“分析更新后的效果和用户反馈”
    • 不适用原因
      • 它们都基于一个地面环境的基本假设——更新操作本身是简单可行的(可以直接下载和替换)
      • 这完全忽视了卫星面临的低带宽、高延迟等致命的通信约束

  • “更新中”的研究 (In-update / DSU - 动态软件更新)

    • 内容:这就是所谓的“热更新”,旨在不中断服务的情况下动态地应用补丁
    • 不适用原因
      1. 目标不符:DSU追求的是频繁、无缝的运行时更新,而卫星更新是计划好的、频率很低、可以容忍短暂中断的版本替换
      2. 开销过高:DSU需要进行复杂的代码分析、运行时监控和大量测试,这对于卫星上极其有限的计算资源 (CPU, 内存) 来说是无法承受的
      3. 不具普适性:DSU方法通常与特定编程语言(如Java, C)绑定,无法应对卫星上多种语言开发的异构应用

这部分工作的核心论点是:现有的“卫星计算”研究没有考虑过“更新”问题,而现有的“软件更新”研究又不适用于卫星的极端环境

SateLight 作为一个轻量级、不依赖特定语言、且专为解决通信和资源限制而设计的框架,精准地切入了这一研究空白,提供了一个全新的、切实可行的解决方案

Conclusion

This paper presented SateLight, an effective framework for updating satellite applications under the constraints of satellite computing. SateLight adopted a container-based design for heterogeneous applications. Moreover, it enabled contentaware differential updates, onboard application reconstruction, and fault-tolerant recovery. Evaluation in a satellite simulation shows that SateLight significantly reduces transmission latency by up to 91.18%, with an average reduction of 56.54%, compared to the best-performing baseline. It also ensures 100% correctness in application updates. A real-world deployment on an operational in-orbit satellite confirms the applicability of SateLight for satellite software maintenance and evolution.

本文提出了 SateLight,一个面向卫星计算约束环境、用于更新卫星应用的高效框架。SateLight 采用了基于容器的设计来支持异构应用,并进一步实现了内容感知的差分更新、在轨应用重构以及容错恢复机制。

在卫星仿真环境中的评估结果表明,与性能最优的基线方法相比,SateLight 显著降低了传输延迟,最高降幅达 91.18%,平均降幅为 56.54%。同时,该框架确保了 100% 的应用更新正确性。最终,通过在真实在轨运行卫星上的部署案例,我们验证了 SateLight 在卫星软件维护与演化方面的实用性。