Communications of the ACM detailed how NASA engineered Artemis II’s flight computer to survive radiation‑induced glitches. Orion carries two Vehicle Management Computers, each housing two Flight Control Modules, and every module contains a self‑checking processor pair. In practice eight CPUs execute the same software in lockstep, allowing the system to detect and silence a faulty unit within seconds.

Each Flight Control Module runs a fail‑silent routine: if a processor’s calculation deviates, the pair flags the error, resets, and resynchronizes with the remaining modules. The architecture guarantees identical inputs and outputs across modules, with per‑second clock drift corrections and triple‑modular‑redundant memory that auto‑corrects single‑bit errors. Network interfaces duplicate traffic on two lanes and three separate switching planes for added safety.

To guard against common‑mode failures, Orion also carries a completely independent Backup Flight Software stack on different hardware and a distinct operating system. In a total power loss—dubbed a “dead bus”—the craft powers up into safe mode, points its solar arrays sunward, stabilizes thermally, and then attempts Earth contact, while crew can manually manage life support. This layered redundancy sets a high bar for mission‑critical computing.