34C3 - The Ultimate Apollo Guidance Computer Talk

Edit subtitles

0:00 - 0:15

34C3 preroll music
0:15 - 0:21

Herald: The following talk is about a very
relevant piece of technological legacy of
0:21 - 0:28

our human race. The first piece of
computer that landed on our moon and
0:28 - 0:34

actually it became a metric. People
started to compare other architectures,
0:34 - 0:41

other computers in volumes of multiples of
processing speed of this computer. It's
0:41 - 0:46

rocket science, but it's even harder: it's
computer rocket science. So I'm very happy
0:46 - 0:51

to have Christian Hessmann, or Hessie, on
stage who is actually a rocket scientist.
0:51 - 0:53

And for the ...
laughter
0:53 - 0:58

... for the computer part we have Michael
Steil who is the founder of the Xbox Linux
0:58 - 1:03

project and has gathered with this project
and many others lots and lots of
1:03 - 1:07

experience around architectures of
computers. So please give a warm round of
1:07 - 1:10

applause for the Ultimate
Apollo Guidance talk!
1:10 - 1:18

applause
1:18 - 1:23

Michael Steil: Welcome! Is this on?
Can you all hear me? Yes.
1:23 - 1:27

Welcome to the Ultimate Apollo Guidance
Computer Talk, a.k.a. a comprehensive
1:27 - 1:32

introduction into computer architecture.
And operating systems. And spaceflight.
1:32 - 1:34

laughter
1:34 - 1:38

My name is Michael Steil ...
Christian: ... and I'm Christian Hessmann.
1:38 - 1:42

Michael: This talk is number six in a series
by various people. The idea is to explain as
1:42 - 1:46

much as possible about a classic computer
system in 60 minutes. The Apollo Guidance
1:46 - 1:51

Computer AGC is a digital computer that
was designed from scratch specifically for
1:51 - 1:55

use on board of the Apollo spacecraft to
support the Apollo moon landings between
1:55 - 2:02

1969 and 1972. Developed at MIT between
1961 and 1966 a total of 42 AGCs were
2:02 - 2:07

built at a cost of about $200,000 each.
The base clock is about one megahertz,
2:07 - 2:11

all data is 15 bits, and there are two
kilowords of RAM and 36 kiloword ROM,
2:11 - 2:16

words of ROM. It's about the size of
a large suitcase, weighs 32 kilograms and
2:16 - 2:22

consumes about 55 watts. Its user
interface is a numeric display and keyboard.
2:22 - 2:27

Some historical context: In the
mid 1960s you couldn't just take
2:27 - 2:30

an off-the-shelf computer and
put it into a spacecraft.
2:30 - 2:32

The first mini computers were
the size of a small fridge -
2:32 - 2:36

too heavy, to power-hungry and too slow
for real-time scientific calculations,
2:36 - 2:40

even though the industry had come a long
way since the previous decade.
2:40 - 2:43

Already 10 years later
though, microcomputers with highly
2:43 - 2:47

integrated circuits started outclassing
the AGC Hardware in many regards.
2:47 - 2:50

There are many reasons that make the AGC
especially interesting:
2:51 - 2:56

The architecture is very 60s and feels
very alien to us today,
2:56 - 2:58

the hardware is very innovative for its time.
2:58 - 3:02

It has some very interesting
and unusual peripherals.
3:02 - 3:05

Its operating system was revolutionary
for its time and
3:05 - 3:08

the mission software has all the bits to
- with the right hardware attached -
3:08 - 3:09

fly you to the moon.
3:11 - 3:13

C: In the Apollo program, the Apollo
guidance computer was used
3:13 - 3:17

in two unmanned test missions, where
it was remote control from the ground,
3:17 - 3:21

and three manned test missions, and in
the seven manned landing missions.
3:21 - 3:24

Astronauts hated the idea of giving up any
control to a computer,
3:24 - 3:27

they wanted to be in charge.
And while as a fallback,
3:27 - 3:29

most of the mission could also
be flown manually,
3:29 - 3:31

the mission planners got their way.
3:31 - 3:33

To understand the purpose
and the responsibilities of the
3:33 - 3:36

Apollo Guidance Computer, we need to
first look at the Apollo mission.
3:36 - 3:39

The core strategy of the Apollo program
was, instead of landing
3:39 - 3:42

the complete spacecraft on the moon,
for which an extremely large rocket
3:42 - 3:45

would have been required, to only
land a much smaller lander
3:45 - 3:49

while the larger part with the fuel
for the way back stays in orbit.
3:49 - 3:52

So the Apollo spacecraft can be
separated into the lunar module,
3:52 - 3:56

the command module and the service module.
The Saturn 5 rocket launches it and
3:56 - 3:59

three astronauts from Cape Kennedy
into Earth orbit.
3:59 - 4:03

By accelerating at the right time the
translunar injection moves the spacecraft
4:03 - 4:07

into a so-called free return orbit,
but just coasting it would travel
4:07 - 4:09

around the moon and back to earth.
4:09 - 4:12

Right at the beginning of this three-day journey
the command and service module
4:12 - 4:17

extracts the lunar module and docks with it.
By braking on the far side of the moon the
4:17 - 4:22

spacecraft enters a lunar orbit. After two
of the astronauts have climbed into the
4:22 - 4:27

lunar module, and after undocking, the
lunar module breaks - this is called
4:27 - 4:33

powered descent - and lands.
4:33 - 4:36

Applause
4:36 - 4:40

After taking off again, the lunar module
rendezvous with the command and service
4:40 - 4:43

module and the two astronauts from the
lunar module climb into the command module
4:43 - 4:47

and the lunar module is jettisoned. The
remaining command and service module
4:47 - 4:51

accelerates at the far side of the
Moon for trajectory towards Earth.
4:51 - 4:55

For entry, only the command module remains.
By the way, these excellent visualizations
4:55 - 4:58

are from Jared Owen's "How the Apollo
spacecraft works" videos,
4:58 - 5:01

which we can highly recommend.
5:01 - 5:04

The command and service
module and the lunar module each contained
5:04 - 5:07

one a AGC. It was the same hardware,
but attached to partially different
5:07 - 5:11

I/O devices, and with the software
adapted for the specific spacecraft.
5:11 - 5:15

The astronauts interact with them through
the display and keyboard units, which are
5:15 - 5:19

mounted alongside these
hundreds of switches.
5:19 - 5:23

The computer's responsibilities
during the mission are to track
5:23 - 5:26

the position and speed, the so called
state vector of both spacecraft,
5:26 - 5:30

stabilize the spacecraft's attitude,
calculate the control engine burns and
5:30 - 5:35

monitor or control the
Saturn V during launch.
5:37 - 5:40

M: In order to understand how the Apollo
guidance computer does all this,
5:40 - 5:44

we'll look at its architecture, the
hardware implementation, some of its
5:44 - 5:48

interesting peripherals, the system
software as well as ...
5:48 - 5:50

the system software as well as
the mission software.
5:50 - 5:55

The architecture of the
AGC can be described as a Von Neumann
5:55 - 5:59

accumulator machine with 15 bit one's
complement big-endian arithmetic.
5:59 - 6:03

So we'll talk about the instruction set, the
arithmetic model and instruction encoding
6:03 - 6:07

as well as the memory model, I/O
operations and counters, and finally the
6:07 - 6:12

interrupt model. Machine code instruction
sets vary widely. The instruction set of a
6:12 - 6:14

modern ARM processor, which is mainly
optimized for runtime performance
6:14 - 6:19

consists of about 400 instructions. Subleq
is a language mostly of academic interest,
6:19 - 6:22

that shows that a single instruction can
be enough to solve the same problems as
6:22 - 6:26

all other turing-complete languages. While
a more complex constructions, that can
6:26 - 6:31

achieve higher code density and contribute
to higher performance, it also generally
6:31 - 6:35

means that the CPU will be drastically
more complex. A computer from the early
6:35 - 6:38

1960s consisted of only a few thousand
transistors as opposed to today's
6:38 - 6:43

billions, which is why this is the sweet
spot for the AGC. 36 instructions provided
6:43 - 6:47

just about the performance that was
required for the mission. These are the 36
6:47 - 6:51

instructions: some load and store
instructions, arithmetic and logic,
6:51 - 6:56

control flow instructions, I/O instructions
and instructions for dealing with interrupts.
6:56 - 7:00

The memory model is the cornerstone
of the instruction set. Memory consists of
7:00 - 7:05

4096 cells, numbered in hexadecimal
000 through FFF. Each cell contains a
7:05 - 7:11

15 bit word, numbered between 0 and
7FFF. Almost all changes in data -
7:11 - 7:16

in memory go through a 15 bit accumulator,
also called the A register. A program can
7:16 - 7:19

copy words between the accumulator and a
memory cell, but also add, subtract,
7:19 - 7:23

multiply and divide values, as they are
moved around. The data in memory can have
7:23 - 7:27

many meanings, depending on how it is
interpreted. These values may represent
7:27 - 7:30

integers, while those three words are
meant to be decoded as machine code
7:30 - 7:33

instructions. Code and data in a single
address space make the AGC a so-called Von
7:33 - 7:38

Neumann machine. The CPU's program counter
PC always holds the address of the
7:38 - 7:42

instruction to be executed next. The
'load' instruction copies the contents of
7:42 - 7:46

a given memory cell into the accumulator.
The PC goes on to the next instruction.
7:46 - 7:50

The 'add' instruction adds contents of a
given memory cell to the accumulator, and
7:50 - 7:53

the 'store' instruction copies the value
in the accumulator into memory at a given
7:53 - 7:58

location. The generalized version of these
instructions we just saw, use K as a
7:58 - 8:03

placeholder for a memory address as an
argument. These are cards that are quick
8:03 - 8:08

reference of instructions. This is the
generic syntax of the instruction, a short
8:08 - 8:11

description, the exact operations in
pseudocode - this one takes a memory
8:11 - 8:15

address k and adds it to a, the
accumulator - the encoding of the
8:15 - 8:20

instruction in memory, and the number of
clock cycles. The original syntax is the
8:20 - 8:23

name the original designers gave to the
instruction. For this talk I have chosen a
8:23 - 8:27

more modern syntax, here on the right,
which makes it much more easier, much
8:27 - 8:31

easier to describe the CPU both to people
with and without a background in machine
8:31 - 8:35

programming. Let's have a look at the
instruction set in detail. Here's an
8:35 - 8:39

example of the load instruction. Load a
comma indirect two zero zero. On the left
8:39 - 8:43

you see the set of registers of the AGC.
Most operations work with the accumulator,
8:43 - 8:47

so we will be ignoring the other registers
for now. While executing this instruction,
8:47 - 8:51

the CPU looks at memory at location two
zero zero, reads its contents and copies
8:51 - 8:56

it into the accumulator. This is the store
instruction "store", a load indirect two
8:56 - 8:59

zero zero comma A. Like with all
instructions the first argument is the
8:59 - 9:03

destination - memory - the second one the
source - the accumulator. It looks up
9:03 - 9:06

address two zero zero in memory and copies
the contents of the accumulator to that
9:06 - 9:10

cell. There's also an exchange
instruction which can atomically swap the
9:10 - 9:15

contents of the accumulator and a memory
cell. The 'add' instruction will look up
9:15 - 9:18

the contents of a given memory address and
add it to the contents of the accumulator
9:18 - 9:23

and store the result back into the
accumulator. And there's a 'subtract'
9:23 - 9:27

instruction. It takes the contents of
memory dest and subtracts it from the
9:27 - 9:31

content of the accumulator and stores the
result back into the accumulator.
9:31 - 9:34

The result of every subtraction can be
negative, so we need to talk about how
9:34 - 9:39

negative numbers are expressed on the AGC.
Let's look at just 4 bit numbers.
9:39 - 9:45

4-bit unsigned integers can express values
from 0 to 15 with sign and value encoding
9:45 - 9:48

the uppermost bit corresponds to the sign,
and the remaining 3 bits represent the
9:48 - 9:53

absolute value. Consequently, there are
separate values for plus 0 and minus 0.
9:53 - 9:56

This encoding is hard to work with, since
the 0 transitions need to be special
9:56 - 9:59

cased. One's Complement encoding has the
order of the negative numbers reversed.
9:59 - 10:04

The 0 transitions are simpler now, but
there's still two representations of 0.
10:04 - 10:07

Modern Two's Complement encoding only has
a single encoding for 0, and it's fully
10:07 - 10:12

backwards compatible with unsigned
addition and subtraction. In the 1960s,
10:12 - 10:16

computers designed for scientific
calculations are usually One's Complement
10:16 - 10:21

and so is the AGC. Unsigned four bit
numbers can express values from 0 to 15.
10:21 - 10:26

In One's Complement the values 0 through 7
match the unsigned values 0 through 7, and
10:26 - 10:30

the negative size side is organized like
this: Unlike Two's Complement, the two
10:30 - 10:34

sides are perfectly symmetrical, so
negating a number is as easy as
10:34 - 10:40

complementing it, that is, flipping all
the bits. So the two representations of 0
10:40 - 10:46

are plus 0, with all 0 bits, and minus 0,
with all 1 bits. Addition in the positive
10:46 - 10:50

space is equivalent to the unsigned
version, same in the negative space when
10:50 - 10:54

mapping signed negative numbers to their
unsigned counterparts. It gets interesting
10:54 - 11:02

when we have a 0 transition. Signed 6 - 4
is 6 + (-4) which is unsigned 6 + 11,
11:02 - 11:08

which in modulus 16 is 1. We have a carry.
In One's Complement, a carry needs to be
11:08 - 11:11

added to the end result, so we get two,
which is correct. The trick to jump over
11:11 - 11:14

the duplicate 0 on a zero-transition
by adding the carries is called
11:14 - 11:16

the 'end-around-carry'.
11:16 - 11:20

An overflow means that the signed result
does not fit into the number space.
11:20 - 11:25

Signed 7 + 1 would result in signed -7,
which is incorrect. The same happens
11:25 - 11:28

when overshooting negative numbers. After
applying the end-around carry, the result
11:28 - 11:33

of signed 7 here is incorrect. The CPU
detects this and flags the result, the
11:33 - 11:37

accumulator has an extra bit to record the
information about an overflow, we call it V.
11:37 - 11:45

So if we have code that reads the value
of 7FFF from memory and adds 1, the result
11:45 - 11:49

is 0 and an overflow is detected, so the
accumulator is flagged. The store
11:49 - 11:53

instruction in addition to writing A to
memory, does extra work if there's an
11:53 - 11:58

overflow condition: it clears the overflow
condition, writes plus 1 or minus 1 into A,
11:58 - 12:02

depending on whether it's a positive or
a negative overflow, and skips the next
12:02 - 12:06

instruction. This way the program can
detect the overflow and use the plus 1 or
12:06 - 12:11

minus 1 to apply the signed carry to a
higher-order word. By storing A to memory,
12:11 - 12:15

we now have a double-word result. In one's
complement negating a number is as easy
12:15 - 12:19

as flipping every bit in a word so there's
a dedicatet instruction for loading and
12:19 - 12:22

negating a value. ldc, which stands for
'load complement', reads a word from
12:22 - 12:28

memory, negates it by inverting all the
bits and writes it into the accumulator.
12:28 - 12:32

Incrementing, that is adding 1 to a word,
is such a common operation that there's a
12:32 - 12:36

dedicated instruction that increments a
word in memory in place. There is no
12:36 - 12:39

corresponding decrement instruction.
Instead, there are two similar instructions:
12:39 - 12:43

augment and diminish. The increment
instruction adds one to the original value,
12:43 - 12:46

the augment instruction adds one
to all positive values and
12:46 - 12:51

subtracts 1 from all negative values.
Effectively increments the absolute value
12:51 - 12:55

retaining the sign. The diminish
instruction decrements positive values and
12:55 - 13:00

increments negative values. Optimized for
scientific calculations, the CPU has
13:00 - 13:04

dedicated multiplication circuitry. The
model instruction reads a word from memory
13:04 - 13:09

and multiplies it with the accumulator.
When you multiply two signed 15 bit words,
13:09 - 13:13

you need up to 29 bits, that is two words,
for the result. The complete result will
13:13 - 13:17

be written into two registers, the upper
half into A and the lower half into B.
13:17 - 13:21

B is a separate 15 bit register which is
mostly used together with the accumulator
13:21 - 13:27

with instructions that deal with 30 bit
data. Double word values are expressed
13:27 - 13:30

with the uppermost bits in A, or, if in
memory, at lower addresses, and the lower
13:30 - 13:34

bits in B, or at higher addresses, making
the AGC a big endian machine. Assuming the
13:34 - 13:38

normalized form, with matching signs, the
effective value is the concatenation of
13:38 - 13:42

the two times 14 bits of the values.
13:42 - 13:46

Division also works with double words.
It takes the combination of
13:46 - 13:50

the A and B registers as the dividend
and a word from memory as the divisor.
13:50 - 13:53

There are also two results:
the result and the remainder.
13:53 - 13:55

The result is written into A and
the remainder in to B.
13:55 - 14:00

Some other instructions also allow
using A and B as a double word register.
14:00 - 14:03

Load a b comma indirect two zero zero
looks up addresse two zero zero in
14:03 - 14:06

memory and reads the words at this
and the next cell into A and B.
14:06 - 14:10

The load complement variant does the same
but inverts all bits during the load.
14:10 - 14:13

There is no instruction to store A and B
in a single step,
14:13 - 14:16

but there is a double word
exchange instruction. And finally there's
14:16 - 14:21

an add instruction that works in double
words. And to load and store just the B
14:21 - 14:26

register there's an exchange instruction
for that. For working with tables there's
14:26 - 14:30

the indexed addressing mode. Any
instruction that takes an address as an
14:30 - 14:36

argument can use it. This example 'load A
comma indirect 7 0 0 plus indirect 8 0'
14:36 - 14:43

first looks up address 0 8 0, adds it to
the base of 7 0 0, which results in 7 0 2,
14:43 - 14:47

reads from that address and writes the
result into A. What does this mean?
14:47 - 14:51

There's a table in memory at 7 0 0. In the
example, it contains multiples of 3, and
14:51 - 14:56

an index to that table is stored in memory
at 0 8 0, which in the example is 2.
14:56 - 15:01

So we read the entry at index 2 of
the table, which is 6.
15:01 - 15:04

Without a base address, we get
the syntax in this example:
15:04 - 15:08

load A comma double indirect 8 0.
The base is effectively zero in this case.
15:08 - 15:13

The CPU will look up the value at 0 8 0
in memory, add it to the base of 0,
15:13 - 15:17

so the value is still the same.
And read from that address.
15:17 - 15:21

In this case, memory at 0 8 0 effectively
stores what C programmers know
15:21 - 15:25

as a pointer, and 3A0 is the pointer's
different destination.
15:25 - 15:29

The instruction performed it indirectly.
15:30 - 15:33

By default, instructions are
executed sequentially.
15:33 - 15:36

The program counter PC increments as
instructions are executed, always pointing
15:36 - 15:40

to the next instruction. Control flow
instructions like jump and conditional
15:40 - 15:45

jump change that. When the CPU hits a jump
instruction, it will load its argument
15:45 - 15:49

into the program counter, which means that
execution will continue at that address.
15:49 - 15:53

jz, jump if zero, only jumps if A is zero.
Otherwise it continues with the next
15:53 - 15:58

instruction. Similarly, jlez only jumps if
A is negative or zero.
15:58 - 16:03

CCS count compare and skip, is a fun one.
It's a four-way fork for execution.
16:03 - 16:07

Depending on whether the value in
memory is positive, negative,
16:07 - 16:11

plus minus - plus zero, minus zero, it will
jump to one of the next four instructions.
16:11 - 16:14

If you know the value is
positive or zero, you can ignore
16:14 - 16:16

the other two cases and just
fill the first two slots.
16:16 - 16:20

And if it's supposed to be only negative,
you have to skip the first two slots.
16:20 - 16:24

They should never be reached, but
it's good practice for them to fill them
16:24 - 16:29

with error handlers. Since CCS also puts
the absolute diminished value of the
16:29 - 16:34

memory location into A, so it decrements
A, a special case of CCS A can be used for
16:34 - 16:39

loops that count down A. The call
instruction. Isn't it for calling
16:39 - 16:43

subroutines aka functions. It's like a
jump instruction but it saves its origin,
16:43 - 16:46

so the callee can return to it later. For
the call instruction, the program counter
16:46 - 16:50

is incremented first, and then copied into
the link register LR. Finally, the
16:50 - 16:53

argument of the call instruction is copied
into the program counter, so that
16:53 - 16:57

execution continues there. The link
register now contains the return address.
16:57 - 17:01

At the end of the subroutine, the RET
instruction effectively copies the
17:01 - 17:05

contents of the linked register into the
program counter, so execution resumes just
17:05 - 17:09

after the call instruction.
If the subroutine wants to call
17:09 - 17:12

its own subroutine, the program has to
save the link register before,
17:12 - 17:15

and restore it afterwards. There's an
exchange instruction specifically for this.
17:15 - 17:19

For additional levels, a stack can be
constructed, manually,
17:19 - 17:20

using the indexing syntax.
17:20 - 17:24

So far we've seen the following
registers: the A register is used for
17:24 - 17:28

memory accesses and all arithmetic. It is
combined with the B register for double
17:28 - 17:32

width arithmetic, the program counter to
keep track of what to execute and the link
17:32 - 17:35

register remembers the return address when
calling a subroutine. We haven't seen the
17:35 - 17:39

zero register yet. It always contains
zero, so when we read from it, we get zero
17:39 - 17:42

and when we write to it the value gets
discarded. There are three more registers
17:42 - 17:46

that we will talk about later. The eight
registers are numbered, that is they are
17:46 - 17:51

assigned memory addresses. This means that
the first eight words in memory are
17:51 - 17:54

actually occupied by the registers. They
can be accessed using the addresses and
17:54 - 17:58

all instructions that take a memory
address. This allows for much greater
17:58 - 18:02

flexibility in the instruction set: we can
load A with the contents of the B register
18:02 - 18:05

by reading the contents of memory at
location 1 into A. The content of zero can
18:05 - 18:10

be loaded into A by just reading from
memory at 7, which is the zero register.
18:10 - 18:14

A can be incremented by incrementing
memory at zero and B can be used as
18:14 - 18:20

a pointer by reading from double indirect
one. Let's look at memory more closely.
18:20 - 18:27

Memory is 4096 words and goes from
000 to FFF. The registers are located at
18:27 - 18:31

the very bottom of memory. Including them,
there are 1024 words of RAM,
18:31 - 18:35

random access memory, and
three kilowords of ROM, read-only memory.
18:35 - 18:39

The AGC was originally architected to
only have this little RAM and ROM,
18:39 - 18:42

but there's actually more.
Let's look at the RAM area.
18:42 - 18:46

The uppermost quarter is banked. The area
is a window through which one of eight
18:46 - 18:51

different banks can be accessed, each 250
words in size. The erasable Bank register
18:51 - 18:56

EB points to one of these banks. If EB is
0, Bank 0 is visible in the banked area.
18:56 - 19:01

If EB is five, bank five is visible.
Addresses in the fixed area always
19:01 - 19:05

represent the same RAM cells, but these
are not additional cells, but the same as
19:05 - 19:09

banks zero, one and two. This means that
there's a total of 8 times 256 words of
19:09 - 19:16

RAM, two kilowords. ROM is organized
similarly. The lower kiloword is banked.
19:16 - 19:22

The fixed bank register FB selects one of
the 32 banks. Support for more than 32
19:22 - 19:26

kilowords of ROM was added at the last
minute. The 'superbank' bit can switch the
19:26 - 19:28

uppermost eight banks to the second set..
laughter
19:28 - 19:33

so that a total of 40 kilowords are
supported by the architecture.
19:33 - 19:37

The fixed ROM area will always show the
same contents as two of the ROM banks, the
19:37 - 19:42

designers chose banks two and three to
simplify address encoding. In practice,
19:42 - 19:47

fixed ROM contains core operating system
code, and fixed RAM core operating system
19:47 - 19:50

data, that have to be available at all
times. The remaining functionality is
19:50 - 19:55

distributed across the different ROM and
RAM banks. Switching the RAM Bank can be
19:55 - 19:59

done by writing through the EB register.
This is not a separate instruction but can
19:59 - 20:04

be expressed by writing A to memory
location three. If A is five, writing A
20:04 - 20:10

into EB will make RAM Bank five visible at
3 0 0. The same store instruction could be
20:10 - 20:14

used to write to the FB register at memory
location 4, to switch the ROM Bank. But
20:14 - 20:18

that wouldn't work for a common case.
If code in one bank wants to call code in
20:18 - 20:22

another Bank, by first switching the
ROM Bank, load FB, and then doing
20:22 - 20:26

the function call, writing the bank number
into FB will switch out the bank the code
20:26 - 20:29

is currently running on, so it won't
be able to execute the call instruction.
20:29 - 20:32

Instead it will continue running some
completely unrelated code that happens
20:32 - 20:34

to get the same address on
the other bank.
20:34 - 20:37

To call code on a different Bank,
FB and PC registers need
20:37 - 20:42

to be changed atomically. call f is only a
synonym for the existing double word
20:42 - 20:47

exchange instruction. Code first has to
load the bank and the program counter into
20:47 - 20:56

A and B. Which then call f can atomically
move into FB and PC. The same exchange
20:56 - 20:59

instruction can be used for a far return:
it moves the original values back into FB
20:59 - 21:06

and PC. The two Bank registers only hold
five and three bits respectively. The
21:06 - 21:11

other bits are zero and there's a third
bank register, BB, both banks, which
21:11 - 21:15

merges the information from both other
bank registers. The call far both banks
21:15 - 21:18

synonym is a double word exchange
instruction that updates the program
21:18 - 21:23

counter and both banks. Subroutines
usually have their private variables on
21:23 - 21:26

particular RAM banks. Call for both banks
passes control to a function on the
21:26 - 21:30

different ROM Bank and also directly
switches RAM banks, so that the callee can
21:30 - 21:34

immediately access its variables. Return
for both banks returns to the caller,
21:34 - 21:39

restoring its RAM Bank configuration. The
unusual ordering of the bank registers was
21:39 - 21:43

chosen to allow for a double word exchange
of FB and PC, as well as for a double word
21:43 - 21:49

exchange of PC and BB. Now we've seen all
eight registers. There's eight more
21:49 - 21:52

special locations in memory above the
registers, the shadow area, which we'll
21:52 - 21:56

talk about later. And above those, there
are four so-called editing registers,
21:56 - 22:00

which make up for the missing shift and
rotate instructions. When writing a 15 bit
22:00 - 22:06

value into the ROR editing register, it
will be moved to the right by one bit, and
22:06 - 22:10

the lowest bit will be cycled to the top.
The result can then be read back.
22:10 - 22:17

ROL rotates left, SHR shifts to the right
duplicating the top bit, and SHR7 shifts
22:17 - 22:21

to the right by 7 bits, filling the top
with zeros. This is needed for the
22:21 - 22:26

interpreter system software component that
we'll learn about later. We have seen that
22:26 - 22:30

the CPU is connected to RAM and ROM over
the memory bus, but computers also talk to
22:30 - 22:35

peripheral devices that is the I/O bus.
We've already seen the address space for
22:35 - 22:40

memory; there is a second address space
to talk to devices. There are 512 I/O
22:40 - 22:45

channels numbered 000 through FFF. Each
channel is 15 bits, and the in and out
22:45 - 22:49

instructions can read words from -, and
write words to I/O channels. For many
22:49 - 22:54

devices, a channel contains 15 individual
control bits. A control bit can for
22:54 - 22:59

example toggle a lamp on a display. The
'out OR' instruction sets individual bits,
22:59 - 23:04

and 'out AND' clears individual bits. So
I/O instructions can work on the whole
23:04 - 23:10

word or do boolean operations on them:
AND, OR and XOR. To make boolean
23:10 - 23:15

operations also usable between registers,
channels 1 and 2 are actually aliases of
23:15 - 23:22

the B and LR registers, which allows for
these instructions. For AND there's also a
23:22 - 23:27

dedicated instruction that works on A and
memory. After the registers, the shadow
23:27 - 23:32

area, and the editing registers, there's
another special area: the counters. Like
23:32 - 23:36

I/O channels, they connect to external
devices but they don't send bits or hold
23:36 - 23:40

words back and forth, instead they are
controlled by hardware pulses, or cause
23:40 - 23:45

hardware pulses. On every pulse, TIME1
gets incremented for example, while other
23:45 - 23:51

counters take the number stored into them
by code and count down, generating pulses.
23:51 - 23:55

When I/O devices need to signal the CPU,
thay can interrupt normal execution.
23:55 - 23:59

Next to the program counter, which points
to the next instruction, there's the
23:59 - 24:03

instruction register which holds the
current opcode. When an interrupt happens,
24:03 - 24:09

the CPU copies PC into a special memory
location PC' and IR into IR' and then
24:09 - 24:12

jumps to a magic location depending on the
type of interrupt, in this example 814.
24:12 - 24:16

When the interrupt handlers finished
servicing the device the iret instruction
24:16 - 24:21

will copy PC' and IR' back into PC and IR,
so execution will continue at the original
24:21 - 24:27

location. Memory locations eight through
hex F are shadows of the eight registers.
24:27 - 24:30

PC and IR are automatically saved by
interrupts and the remaining registers
24:30 - 24:35

need to be saved by software if necessary.
The overflow condition flag cannot be
24:35 - 24:40

saved or restored, so while there's an
overflow condition until the next store
24:40 - 24:44

instruction, which resolves the offload,
interrupts will be disabled.
24:44 - 24:50

The 11 interrupt handlers have to reside
in fixed ROM starting at 8 0 0.
24:50 - 24:55

There are 4 words for each entry.
Typical interrupt entry code saves A and B,
24:55 - 25:00

loads A and B with a bank and PC of the
actual handler and jumps there.
25:00 - 25:04

Interrupt 0 is special: it's the
entry point on reset.
25:04 - 25:08

Next we will enter the interrupt return
instruction, there's an instruction
25:08 - 25:11

to cause an interrupt in software,
and instructions to enable and
25:11 - 25:16

disable interrupts globally. There is one
more special memory location at hex 37,
25:16 - 25:21

the watchdog. This location needs to be
read from or - read from or written to -
25:21 - 25:24

at least every 0.64 seconds
otherwise the hardware will decide the
25:24 - 25:30

system software is unresponsive and cause
a reset. Now we've seen an instruction set
25:30 - 25:33

and in the examples we've seen the codes
that represent instructions in memory.
25:33 - 25:37

Let's look at how the encoding works. The
load instruction, the upper three bits are
25:37 - 25:42

the opcode representing the load a and the
remaining 12 bits encode the address.
25:42 - 25:45

This allows for a total of eight
instructions but there are more
25:45 - 25:49

than eight instructions. RAM addresses
always start with zero zero and
25:49 - 25:54

ROM adresses start with anything but
zero zero. So the store instruction,
25:54 - 25:57

which only makes sense on RAM, only
needs to encode 10 address bits instead
25:57 - 26:03

of 12, making room for another
three RAM-only instructions.
26:03 - 26:06

The same is true for the increment
instruction, which makes room for
26:06 - 26:10

three more, as well as CCS which shares
an opcode with jump, which only works
26:10 - 26:16

on ROM addresses. Since jumps to the
bank register don't make much sense
26:16 - 26:21

these codes are used to encode STI, CLI
and extend. Extend is a prefix.
26:21 - 26:24

It changes the meaning of the opcode
of the next instruction ...
26:24 - 26:28

laughter ... allowing for a
second set of two-word instructions.
26:28 - 26:34

There's one more special call instruction
'call 2' which is 'call LR',
26:34 - 26:38

which is the return instruction. But
the CPU doesn't special case this one.
26:38 - 26:42

Return is a side-effect of calling memory
at location 2. It executes the instruction
26:42 - 26:46

encoded in the LR register, the 12 bit
address with the leading zeros decodes
26:46 - 26:52

into another call instruction which
transfers control to the return address.
26:52 - 26:57

Indexed addressing is achieved by using
the index prefix. An indexed instruction
26:57 - 27:00

consists of two instruction words, index
and the base instruction. The addressing
27:00 - 27:04

code in the base instruction is the base
address and the index instruction encodes
27:04 - 27:09

the address of the index. Index is an
actual instruction. The CPU reads from the
27:09 - 27:15

given address, 0 8 0 in the example, then
adds its value, 3, to the instruction code
27:15 - 27:20

of the following instruction 3 7 0 0 which
is stored in the internal IR register.
27:20 - 27:24

Then it uses the resulting instruction
code 3 7 0 3 for the next instruction,
27:24 - 27:30

which is a load from 703, the effective
address. If an interrupt occurs after in
27:30 - 27:33

the index instruction, that is no problem
because IR contains the effective
27:33 - 27:36

instruction code which will be saved into
IR Prime and restored at the end of the
27:36 - 27:40

interrupt handler. Finally there's one
index encoding with a special meaning.
27:40 - 27:43

When the address looks like it's
referencing the shadow instruction
27:43 - 27:47

register it's an interrupt return
instruction. Looking at the instruction
27:47 - 27:50

set architecture as a whole, there are
many quirky and unusual features when
27:50 - 27:53

compared to modern architectures. It uses
One's Complement instead of Two's
27:53 - 27:58

Complement; it has no status register; the
overflow flag can't even be saved so
27:58 - 28:02

interrupts are disabled until the overflow
is resolved; the store instruction may
28:02 - 28:07

skip a word under certain circumstances;
the ccs destruction can skip several words
28:07 - 28:11

and can be outright dangerous if the
instructions following it use prefixes;
28:11 - 28:14

there are no shift or rotate instructions
but magic memory locations that shift and
28:14 - 28:19

rotate when writing into them; most
boolean instructions only work on I/O
28:19 - 28:23

channels; indexing is done by hacking the
following instruction code, and the
28:23 - 28:28

architecture has no concept of a stack,
indexing has to be used if one is needed.
28:28 - 28:33

This was the architecture of the Apollo
guidance computer, now let's look at how
28:33 - 28:36

this architecture is implemented in
hardware. The hardware implementation runs
28:36 - 28:40

at one megahertz, is micro coded and uses
integrated circuits, core memory, and core
28:40 - 28:43

rope memory. We'll look at the block
diagram and how instructions are
28:43 - 28:47

implemented in micro code, and then about
how the schematics map to integrated
28:47 - 28:53

circuits on modules on trays. This
simplified block diagram shows the AGC at
28:53 - 28:57

the hardware level. Each box contains on
the order of 500 logic gates. The dotted
28:57 - 29:01

lines are wires that to move a single bit
of information, the solid lines are 15
29:01 - 29:07

wires that move a data word. These units
deal with timing and control, and these
29:07 - 29:11

are the central units. The central
register unit stores A, B, link registers,
29:11 - 29:16

and program counter, and the arithmetic
unit can add and subtract numbers. The
29:16 - 29:22

memory components deal with RAM and ROM.
The main clock of about one megahertz
29:22 - 29:25

feeds into the sequence generator which
keeps cycling through twelve stages, which
29:25 - 29:31

is one memory cycle, MCT. Instructions
usually take as many memory cycles as they
29:31 - 29:36

need memory accesses, so load, add, and
store take two cycles, and jump takes one.
29:36 - 29:40

The sequence generator contains a
collection of 12 step micro programs for
29:40 - 29:45

each MCT, for each instruction, like this
one for the load instruction. In each
29:45 - 29:52

step, the entries send control pulses to
the other units, which are connected
29:52 - 29:57

through the write bus. The control signal
WA for example instructs the register unit
29:57 - 30:01

to put the contents of A onto the write
bus, and RA makes it read the value on the
30:01 - 30:07

bus into A. Memory is also connected to
the write bus. WS will copy the bus
30:07 - 30:10

contents into the memory address register,
and RG and WG will read and write the G
30:10 - 30:16

register, which buffers the cells value
after read and before a write. So in stage
30:16 - 30:25

7 for example RG puts the memory buffer
onto the bus, and WB writes the bus
30:25 - 30:30

contents into the temporary G register.
And in T10, B gets put on the bus and it
30:30 - 30:34

gets read into the A register. At the
beginning of every memory cycle the
30:34 - 30:38

hardware sends the memory address S,
usually what's encoded instruction, to
30:38 - 30:42

memory and copies the contents of that
address into G. in the second half of the
30:42 - 30:48

MCT it stores G back into the same cell.
So if we show memory timing next to the
30:48 - 30:50

microcode, as well as the pseudocode
version of the load instruction which is
30:50 - 30:55

easier to read, we can see it loads the
value from memory into G copies it into B
30:55 - 30:59

and then copies it into A. More
interesting is the exchange instruction.
30:59 - 31:06

It saves A to B, reads memory into G,
copies the result into A, copies the old
31:06 - 31:11

value into G, and stores that G into
memory. Division for example takes several
31:11 - 31:15

MCT and it's micro program is way more
complex. But there are more micro programs
31:15 - 31:19

than the ones for the machine
instructions. Since there is only a single
31:19 - 31:22

adding unit in the whole computer,
incrementing and decrementing the counters
31:22 - 31:26

is done by converting the pulses into
special instructions that get injected
31:26 - 31:31

into the instruction stream. There are 14
of these so-called unprogrammed sequences
31:31 - 31:35

with their own micro programs. Some counter
shift, some are for interacting with
31:35 - 31:41

debugging hardware, and these two control
the interrupt and reset sequences.
31:41 - 31:46

The complete schematics are publicly
available and fit on just 49 sheets.
31:46 - 31:51

The whole implementation only uses a single
type of gate, a three input NAND gate.
31:51 - 31:55

Two of these are contained in one
integrated circuit, and about a hundred of
31:55 - 31:58

these ICs form a logic module.
32:00 - 32:04

24 logic modules and some interface and
power supply modules are connected
32:04 - 32:07

together in tray A, which also contains
the I/O and debug connectors.
32:07 - 32:11

Tray B contains various driver and amplifier
modules, as well as RAM and ROM.
32:11 - 32:16

RAM is implemented as magnetic core memory,
which stores bits in magnetized toroids.
32:16 - 32:20

Reading a bit clears it, so the memory
sequencer makes sure to always write the
32:20 - 32:24

value again after reading it.
Without mass storage, like tape, the AGC
32:24 - 32:30

has an unusually high amount of ROM.
Core Rope Memory encodes bits by wires that
32:30 - 32:35

either go through- or past a ferrite core.
The 500,000 bits per computer were woven
32:35 - 32:40

completely by hand. Trays A and B are put
together like this and hermetically
32:40 - 32:45

sealed, making for a rather compact
computer. This is its orientation when
32:45 - 32:50

installed on the spacecraft, with the six
ROM modules accessible so they could in
32:50 - 32:55

theory be replaced during the mission. And
that was the hardware part.
32:55 - 33:01

applause
C: Next let's look at the devices.
33:01 - 33:05

applause
33:05 - 33:08

Let's look at the devices connected
to the computer.
33:08 - 33:11

We will look at the core devices
that allow the Apollo guidance computer to
33:11 - 33:14

maintain the state vector, some quite
special devices you don't see on many
33:14 - 33:18

other computers, and the peripherals used
for communication with astronauts and
33:18 - 33:22

Mission Control. The gyroscope is the core
peripheral that the Apollo guidance
33:22 - 33:25

computer was originally built around. The
Apollo Guidance Computer rotates it into a
33:25 - 33:29

certain base position with the CDU command
counters, and then the gyro detects
33:29 - 33:32

rotation around the three axes of the
spacecraft that can be read from the CDU
33:32 - 33:35

counters. Using the gyroscope, the
spacecraft always knows it's attitude,
33:35 - 33:40

that is its orientation in space. The
accelerometer adjust acceleration forces
33:40 - 33:46

on the three axis. The three values can be
read from the PIPA counters. The optics on
33:46 - 33:49

the command module are used to measure the
relative position to the celestial bodies.
33:49 - 33:53

The computer uses the OPT command counters
to move the optics to point towards the
33:53 - 33:57

general direction of a star, and will read
in the astronauts fine-tuning through the
33:57 - 34:01

OPT counters. The landing radar sits at
the bottom of the lunar module and
34:01 - 34:04

measures the distance to the ground. The
RADARUPT interrupt will be triggered
34:04 - 34:07

whenever a new measurement is available,
and the RNRAD counter contains the new
34:07 - 34:12

value. Lunar module's rendezvous radar
measures the distance of the command and
34:12 - 34:16

service module during rendezvous. After
setting the two angles and the CDUT and
34:16 - 34:19

CDUS counters to point it towards the two
other spacecraft, it will automatically
34:19 - 34:22

track it and cause RADARUPT interrupts
when new data is available, which can be
34:22 - 34:27

read from the RNRAD counters. The command
module, the service module, and the lunar
34:27 - 34:31

module all contain reaction control
system, RCS, jets that emit small bursts
34:31 - 34:35

for holding or charging the attitude. On
lunar module, there's one bit for each of
34:35 - 34:38

the sixteen jets. Setting a bit to one
will make the jet fire.The system software
34:38 - 34:44

uses a dedicated timer, TIME6, and it's
interrupt T6RUPT for timing the pulses.
34:44 - 34:48

The user interface is provided by the so
called DSKY which stands for display and
34:48 - 34:52

keyboard. It has 19 keys, 15 lamps, and
several numeric output lines.
34:52 - 34:55

Keys generate the KEYRUPT interrupts and
the key number can be read
34:55 - 35:00

from the KEYIN I/O channel. The numeric
display is driven by the OUT O channel.
35:00 - 35:02

There is bidirectional digital radio
communication and S-band between
35:02 - 35:07

Mission Control and each spacecraft at a
selectable speed of 1.9 or 51 kbit/s
35:07 - 35:10

Data words from Mission Control show up
in the INLINK counter and
35:10 - 35:15

trigger interrupt UPRUPT. Data words to be
sent are stored in the I/O channel DNTM1
35:15 - 35:18

and the DOWNRUPT interrupt will signal
the program when it can load
35:18 - 35:24

the register with the next word. These
were some of the interesting peripherals.
35:25 - 35:30

M: The AGC system, the AGC system software
35:30 - 35:32

makes it a priority based cooperative -
but also pre-emptive - real-time
35:32 - 35:37

interactive fault tolerant computer with
virtual machine support. The topics we'll
35:37 - 35:41

talk about are multitasking, the
interpreter, device drivers, and the
35:41 - 35:46

waitlist, as well as the user interface,
and mechanisms for fault recovery. The AGC
35:46 - 35:49

has many things to do. It does
mathematical calculations that can take
35:49 - 35:53

several seconds, and it does I/O with its
devices; it services interrupts when a
35:53 - 35:57

device wants the computers attention, for
example a key press. It does regular
35:57 - 36:01

servicing of devices, like updating the
display, and it supports real-time
36:01 - 36:06

control, like flashing a lamp or firing
boosters at exactly the right time.
36:06 - 36:10

There's only a single CPU, so it must
switch between the different tasks.
36:10 - 36:14

Batch processing multitasking computers
work on long-running jobs one after the
36:14 - 36:18

other, but if some jobs have higher
priorities it makes more sense to run a job
36:18 - 36:21

for only - say 20 milliseconds - then
check the job queues and keep running
36:21 - 36:25

the highest priority job in the queue
until it terminates and is removed
36:25 - 36:29

from the queue, then keep picking the
highest priority job.
36:29 - 36:33

Jobs have to manually check at least
every 20 milliseconds whether
36:33 - 36:36

there's a higher priority job in the queue
by doing doing a so-called 'yield',
36:36 - 36:41

which makes the AGC a priority scheduled
cooperative multitasking computer.
36:41 - 36:45

A job is described by 12 word data
structure in memory, that contains
36:45 - 36:49

the PC and both bank's register that point
to where the job will start or continue
36:49 - 36:55

running, as well as a word with a disabled
flag in the sign bit and a 5 bit priority.
36:55 - 36:59

The core set consists of seven
job entries. Minus zero in the priority
36:59 - 37:03

word means that the entry is empty. Job
zero is always the currently running one.
37:03 - 37:07

When a new job gets created with a higher
priority, the yield operation will
37:07 - 37:12

exchange the 12 words so that new job is
job zero. Negating the priority will put a
37:12 - 37:17

job to sleep, so yield won't switch to it
again. Negating it again will wake it up.
37:17 - 37:21

The first eight words in the job entry can
be used for local storage for the job.
37:21 - 37:23

Since it's always job zero that is
running, these words are always
37:23 - 37:28

conveniently located at the same addresses
in memory. The executive has a set of
37:28 - 37:33

subroutines that control the job data
structures. You can create a new job
37:33 - 37:37

pointed to by a pair of PC and BB
registers of a given priority, change the
37:37 - 37:41

priority of the current job, put the
current job to sleep, wake up a given job,
37:41 - 37:46

and terminate the current job.
Yield is not an executive function, but a
37:46 - 37:50

two instruction sequence that checks the
new job variable in which the executive
37:50 - 37:54

always holds the idea of the highest
priority job. If job zero is the highest
37:54 - 37:57

priority job there's nothing to do. If
there is a higher priority job, it calls
37:57 - 38:02

the change job subroutine which switches
to that job. NEWJOB isn't just a variable
38:02 - 38:06

in memory, but also the watchdog word. If
it isn't accessed regularly, that is
38:06 - 38:10

cooperative multitasking is stuck, the
hardware will automatically reset itself.
38:10 - 38:14

A lot of the code in the AGC does
scientific calculations, calculating for
38:14 - 38:19

example just the sum of two products of a
scalar and a vector would require hundreds
38:19 - 38:23

of instructions in AGC machine code. There
is library code that provides all kinds of
38:23 - 38:27

operations on single, double, or triple
precision fixed point values, vectors, and
38:27 - 38:33

matrices. It also provides a softer multi-
purpose accumulator, MPAC, which can hold
38:33 - 38:36

a double, triple, or a vector, depending
on the mode flag. In C-like pseudo code we
38:36 - 38:41

would load the vector into the MPAC,
multiply it with a scalar, save it, do the
38:41 - 38:46

other multiplication, and add the result
to the saved value. Formulas like this one
38:46 - 38:51

need to store intermediate results, so a
thirty-eight word stack is provided. If a
38:51 - 38:54

job uses math code, the MPAC, the MODE
field, and the stack pointer will be
38:54 - 38:58

stored in the remaining fields of the Core
Set Entry. The stack will be part of a
38:58 - 39:03

data tructure called VAC, which will be
pointed to by the Core Set Entry. A job
39:03 - 39:06

can be created with, or without a VAC,
depending on which subroutine it is
39:06 - 39:12

created with. The machine code version of
the example code would still be very
39:12 - 39:15

verbose, with many function calls passing
pointers. The designers of the AGC
39:15 - 39:18

software decided to create a new and
compact language that will be interpreted
39:18 - 39:22

at runtime, a virtual machine. The
interpretive language is turing-complete
39:22 - 39:27

and in addition to the MPAC it has two
index registers, two step registers, and
39:27 - 39:31

its own link register. The encoding
manages to fit two seven bit op codes in
39:31 - 39:35

one word, which allows for 128 op codes
and explains why there is a 'shift right
39:35 - 39:40

by seven' function in the CPU. The two
operands are stored in the following two
39:40 - 39:45

words, allowing 14 bit addresses. 14 bit
addresses means interpretive code doesn't
39:45 - 39:49

have to work this complicated memory layer
anymore. It allows addressing about half
39:49 - 39:53

of the ROM at the same time. At the lowest
kiloword of each half, RAM is visible, so
39:53 - 39:58

interpretive code can pick between one of
these two memory layouts. This is the
39:58 - 40:02

complete instruction set, regular machine
code, interpretive code can be mixed and
40:02 - 40:05

matched inside the job. The exit
instruction will continue executing
40:05 - 40:09

regular machine code at the next address,
and CALL INTPRET will similarly switch to
40:09 - 40:13

interpreter mode. In addition to long-
running math tasks, the system software
40:13 - 40:17

also supports device drivers. When a
device needs the computers attention, for
40:17 - 40:21

example in case of a DSKY key press, it
causes an interrupt. The current job will
40:21 - 40:24

be interrupted, and the interrupt handler
will read the device data and return as
40:24 - 40:29

quickly as possible. If there's more to
do, it can schedule a job for later. Some
40:29 - 40:34

devices need to be serviced regularly. A
120 microsecond timer causes interrupts
40:34 - 40:38

that read data and write data... that read
data from and write data to certain
40:38 - 40:43

devices. The numeric display of the DSKY
for example only allows updating a few
40:43 - 40:48

digits at a time, so its driver is
triggered by the 120 microsecond timer.
40:48 - 40:52

The timer interrupt cycles through eight
phases, which distributes the device
40:52 - 40:57

drivers across time to minimize the
duration of one interrupt handler. Some
40:57 - 41:01

devices need to be driven at exact times.
If for example a job decides that it needs
41:01 - 41:05

to flash a lamp twice, it would turn it on
immediately and schedule three weightless
41:05 - 41:11

tasks in the future at specific times. The
first one will turn the lamp off, the
41:11 - 41:16

second one will turn it on again and the
third one will turn it off again. The
41:16 - 41:21

sorted time deltas of the weightless tasks
are stored in the data structure LST1,
41:21 - 41:25

with the first entry always currently
counting down in a timer register, and
41:25 - 41:30

LST2 contains a pair of PC and BB for each
task. There are subroutines to create a
41:30 - 41:35

new task and end the current task. The
timer that controls the wait list has a
41:35 - 41:39

granularity of 10 milliseconds. Other
timers can fire at the same rate, but are
41:39 - 41:43

offset, and the work triggered by them is
designed to be short enough to never
41:43 - 41:47

overlap with the next potential timer
triggered work. This is complicated by
41:47 - 41:51

device interrupts, which can come in at
any time. The duration of an interrupt
41:51 - 41:56

handler causes latency and the maximum
duration will reduce the allowed time for
41:56 - 41:59

the timer handlers. The core system
software makes no guarantees about the
41:59 - 42:04

timing, it's all up to components to...
it's up to all the components to cooperate
42:04 - 42:10

so the real time goal can be met. The
PINBALL program is the shell of the AGC.
42:10 - 42:14

Key press interrupts schedule a job, that
collects the digits for the command and
42:14 - 42:18

updates an in-memory representation of
what should be on the display. The 120
42:18 - 42:23

millisecond timer triggers the display
update code. When the command is complete
42:23 - 42:28

PINBALL schedules a new job. Mission
Control has a remote shell in form of a
42:28 - 42:34

DSKY connected through the s-band radio.
System software that supports human life
42:34 - 42:38

has to be able to communicate malfunctions
and be able to recover from them.
42:38 - 42:41

The alarm subroutine takes the following
word from the instruction stream,
42:41 - 42:45

displays it, and illuminates the prog
light. This should be interpreted as
42:45 - 42:49

a warning or an error message.
The AGC software is full of validity and
42:49 - 42:52

plausibility checks that help to find
bugs during development and help
42:52 - 42:54

better understanding potential issues
during the mission.
42:54 - 42:58

Some kinds of failures triggered by
various hardware watchdogs or by code
42:58 - 43:02

make it impossible for normal operations
to continue. In addition to showing
43:02 - 43:06

the error code, they also cause a hardware
reset but the system software also offers
43:06 - 43:10

recovery services. A job can have recovery
code for its different phases.
43:10 - 43:15

During execution it sets the respective
phase and if an abort happens in any
43:15 - 43:21

job or task, the currently set up recovery
routine gets executed which could
43:21 - 43:25

for example clean up and try the work
again, or skip to a different phase, or
43:25 - 43:30

cancel the job altogether. The phase
change call sets the current phase for a
43:30 - 43:34

job in the recovery table, for example
phase 5 for job 4. Each phase is
43:34 - 43:40

associated with a descriptor of a task or
a job with or without a VAC. So during
43:40 - 43:44

normal execution with several jobs and
tasks scheduled, if an abort happens, the
43:44 - 43:48

core set and wait list are cleared, the
contents of the recovery table are
43:48 - 43:52

activated, scheduling tasks and jobs for
all jobs that set up recovery code.
43:52 - 43:57

Sometimes a failure though, like corrupted
memory, are not recoverable. They cause a
43:57 - 44:00

fresh start, meaning a full initialization
of the system without running any recovery
44:00 - 44:05

code.
And that was the AGC system software.
44:08 - 44:11

C: As we now have a good overview on
architecture, hardware, peripherals, and
44:11 - 44:15

system software of the Apollo Guidance
Computer, it's time briefly view on it's
44:15 - 44:19

practical use on a mission to the moon. We
will look at the user interface, the
44:19 - 44:23

launch sequence, and, once in orbit, the
attitude in orbit determination. Further
44:23 - 44:26

we will understand how the digital
autopilot works, and how powered flight is
44:26 - 44:30

being performed. As soon as we've reached
the moon, we look at the lunar landing and
44:30 - 44:34

the lunar rendezvous after liftoff and
finally re-entry into Earth's atmosphere.
44:34 - 44:38

Last but not least contingencies, or as we
like to call them, "fun issues".
44:38 - 44:42

Let's start with the user interface.
It is like any command-line interface but
44:42 - 44:45

since there are only numbers and no letters,
key words have to be encoded.
44:45 - 44:49

On a normal system you might say
'display memory', 'enter'.
44:49 - 44:52

Display is the verb, memory is the noun.
On the Apollo guidance computer you say
44:52 - 44:57

verb '0 1', which means 'display', noun
'0 2' - 'memory' - 'enter'.
44:57 - 45:01

Subroutine asks for an argument. On a
normal system it might display a prompt,
45:01 - 45:04

you enter the number, press 'enter'.
On the Apollo Guidance Computer, flashing
45:04 - 45:09

'verb' and 'noun' indicate that is waiting
for input. So you type '2 5', 'enter';
45:09 - 45:13

an octal address, and the Apollo Guidance
Computer displays the result.
45:13 - 45:17

The memory contents at the address octal
'2 5'. The Apollo Guidance Computer uses
45:17 - 45:20

the same concept of verb and noun when
it proactively asks for input.
45:20 - 45:24

Verb '6', noun '11' asks for the CSI
ignition time. CSI meaning
45:24 - 45:28

Coelliptic Sequence Initiation, we will
come to that later. Special case is when
45:28 - 45:31

the Apollo Guidance Computer asks a
yes-or-no question. Verb 99 has the
45:31 - 45:35

astronaut confirm engine ignition
with a proceed key.
45:35 - 45:38

The astronauts have a complete reference of
all verbs and nouns on paper,
45:38 - 45:41

as well as cue cards were the most
important information.
45:41 - 45:46

Let's now go through each of the phases
of the mission, starting with a liftoff.
45:46 - 45:50

So, we are on our way.
The Apollo Guidance Computer is
45:50 - 45:54

in passive monitoring mode. With the
cutting of the umbilical cables, which you
45:54 - 45:58

see right about ... now, it has started
the mission clock. In case this trigger
45:58 - 46:02

fails, one DSKY is always prepared with
verb 75 and just waiting for 'enter' to
46:02 - 46:05

manually start the mission timer. We can
display the mission elapsed time at any
46:05 - 46:11

time with verb 16, noun 65. During the
flight with the SaturnV, the Apollo
46:11 - 46:14

Guidance Computer is only performing
passive monitoring of the flight. Control
46:14 - 46:17

of the SaturnV is with its own launch
vehicle digital computer, and the
46:17 - 46:21

instrument unit ring. The DSKY
automatically shows verb 16, noun 62,
46:21 - 46:24

which is velocity in feet per second.
Altitude change rate in feet per second,
46:24 - 46:28

and altitude above pad and nautical miles.
Note that the units and the position of
46:28 - 46:32

the decimal point are implicit, and yes
the whole system was working in metric
46:32 - 46:35

internally but for the benefit of the
American astronauts the display procedures
46:35 - 46:42

converted everything to imperial units.
laughter and applause
46:42 - 46:46

In case of problems with the Saturn
computer, the Apollo Guidance Computer can
46:46 - 46:49

take over full control of the launch
vehicle, in extreme cases astronauts could
46:49 - 46:53

even steer the whole stack into orbit
themselves with the hand controller. In
46:53 - 46:56

case you ever wanted to fly... to manualyl
control a 110 meter tall rocket with more
46:56 - 46:59

than 30 million Newton of thrust, this is
your chance.
46:59 - 47:02

laughter
In less than 12 minutes we've gone through
47:02 - 47:05

the first and second stage and are using a
small burn from the third stage to get us
47:05 - 47:09

into a 185 kilometer orbit which circles
the earth every 88 minutes.
47:11 - 47:14

But how do we know where ...
we are in the right orbit?
47:14 - 47:17

Well the Apollo guidance computer, as well
as Mission Control, are monitoring
47:17 - 47:20

position and velocity, because to get
where we want to be, we first need to know
47:20 - 47:24

where we are. To be able to navigate in
space, we need to maintain our
47:24 - 47:27

three-dimensional position, and our
three-dimensional velocity,
47:27 - 47:30

the so-called state vector. Let's start
with the determination of the position.
47:30 - 47:35

For this we need a telescope and a space
sextant. The space sextant is very similar
47:35 - 47:37

to an 18th century nautical sextant.
Position is determined by measuring
47:37 - 47:41

the angle between the horizon and a
celestial body. As an horizon we can
47:41 - 47:45

either take that of Earth or Moon and
celestial bodies - well we are in orbit,
47:45 - 47:49

we are surrounded by them. So let's just
pick one. Luckily the Apollo guidance
47:49 - 47:53

computer already knows the position of 45
of them. The whole optics hardware and the
47:53 - 47:56

command and service module can be moved to
point in the general direction of Earth
47:56 - 47:59

and moon. With the launch of program 52,
we command the Apollo guidance computer to
47:59 - 48:03

rotate the spacecraft to point one axis of
the sextant, the so-called landmark line-
48:03 - 48:07

of-sight, LLOS, to the nearest body, which
is earth or moon. The astronaut then used
48:07 - 48:12

the optics systems to exactly align the
horizon to the LLOS. With the telescope
48:12 - 48:14

the astronaut looks for one of the known
stars, points the star line to it and lets
48:14 - 48:18

the Apollo guidance computer read the
tuning and shaft angle. Repeating this one
48:18 - 48:21

or more times in a different plane gives a
three-dimensional position of the vehicle
48:21 - 48:25

in space. In the lunar module on the other
hand, the optics hardware was trimmed down
48:25 - 48:28

for weight reduction. Any alignment
requires rotation of the lunar module.
48:28 - 48:32

This is mostly used to determine the
landing site and support the rendezvous
48:32 - 48:36

maneuvre. It even lacks the software to
perform positioning in translunar space.
48:36 - 48:40

As we are moving, our position changes all
the time. But after 2 location fixes, as
48:40 - 48:43

long as we're coasting, we are able to
establish our speed and can determine
48:43 - 48:47

future positions by dead reckoning. As
position and velocity are known, future
48:47 - 48:51

positions can be extrapolated.
Unfortunately the near extrapolation
48:51 - 48:54

doesn't work in space as we have
gravitational forces which bend our path.
48:54 - 48:57

Thankfully there are two mathematical
models implemented in the Apollo Guidance
48:57 - 49:00

Computer: Conic integration based on the
Keplerian orbit model on the left, which
49:00 - 49:05

assumes one perfectly round gravitational
body influencing our flight path, and
49:05 - 49:08

Encke's integrating method for
perturbation considering multiple bodies
49:08 - 49:12

with gravitational imbalances. I think
this helps to understand why we need a
49:12 - 49:16

computer on board and can't just fly to
the moon with a hand controller. As we
49:16 - 49:19

see, the Apollo spacecraft was perfectly
capable to fly on its own, but in the end
49:19 - 49:22

NASA decided that the primary source for
state vector updates shall be Mission
49:22 - 49:26

Control in Houston, measured with three
ground stations. Remote programming is
49:26 - 49:29

done with the Apollo guidance Computer in
idle, and running program 27. Mission
49:29 - 49:33

Control can use its link via s-band to
update the state vector. But there's one
49:33 - 49:36

thing Mission Control doesn't know better
than us, and that's attitude. Attitude is
49:36 - 49:40

the orientation of the spacecraft in its
three axis. Starting from a known
49:40 - 49:44

attitude, we have to ensure that we can
measure any rotation on any axis.
49:44 - 49:48

That's what gyros are for. They are one of
the major component of the IMU,
49:48 - 49:52

the inertial measurement unit. Three
gyroscopes, one per axis measure any
49:52 - 49:55

rotation and provide their data to the
Apollo Guidance Computer to keep track of
49:55 - 49:59

the attitude of the spacecraft. Before we
leave Earth orbit, let's quickly discuss
49:59 - 50:02

the digital autopilot. It is the single
biggest program in the Apollo Guidance
50:02 - 50:06

Computer, with about 10% of all the source
code both in the command and service
50:06 - 50:09

module as well as the lunar module. The
implementations for each vehicle are
50:09 - 50:12

significantly different though, due to
different flight modes, thruster sets,
50:12 - 50:17

and symmetry of vehicle. As there's no
friction in space, the tiniest event would
50:17 - 50:21

constantly make the spacecraft rotate. The
digital autopilot of the Apollo Guidance
50:21 - 50:24

Computer uses the jets to maintain the
attitude within certain thresholds,
50:24 - 50:28

so-called dead bands. The autopilot is
also used in case the astronauts ever need
50:28 - 50:32

to use the hand controllers for thrusters.
Basically both the command service module
50:32 - 50:35

and the lunar module have fly-by-wire
control. As any thruster could break at
50:35 - 50:39

any time, the autopilot is capable of
calculating the ideal burn mode even with
50:39 - 50:43

a reduced number of thrusters. It has some
simple algorithms for center of gravity and
50:43 - 50:46

weight distribution as well, which are
taken into account when calculating
50:46 - 50:50

thruster maneuvers. It can do more than
that, though. Give it a new attitude and
50:50 - 50:54

it will calculate the most efficient
transfer vector to reach the new attitude.
50:54 - 50:58

In certain flight modes it might be
required to have a stable rotation, be it
50:58 - 51:01

for temperature control, monitoring of the
landing site, or other reasons. The
51:01 - 51:06

autopilot supports stable constant
rolling, which can be directly activated.
51:06 - 51:08

The autopilot does not only control
attitude, it also supports the crew in
51:08 - 51:12

performing powered flight maneuvers. It
calculates a potential solution, which
51:12 - 51:16

obviously can be overwritten by ground as
usual, but still, after confirmation the
51:16 - 51:19

autopilot automatically fires the engines
and keeps a timer for the correct length
51:19 - 51:24

of time. It does not measure the results
of the burn though. For powered flight
51:24 - 51:27

obviously dead reckoning isn't correct
anymore, so the Apollo Guidance Computer
51:27 - 51:31

contains a subroutine called average G,
which takes the input from the IMU,
51:31 - 51:36

meaning gyro and accelerometer, to compute
the change to the state vector. Now that
51:36 - 51:39

we know how to orient ourselves, and how
to control the spaceship, it's time we fly
51:39 - 51:42

to the moon. Usually the translunar
injection happens in the middle of the
51:42 - 51:46

second orbit around the earth, so around 2
hours 45 minutes into the flight. This is
51:46 - 51:50

still performed by the third stage of the
SaturnV so the Apollo Guidance Computer
51:50 - 51:52

once again should only have a passive role
here by monitoring the translunar
51:52 - 51:56

injection with the dedicated program P 15.
After separation from the S-IV-B
51:56 - 51:59

we are on our way. Since the next
interesting phase is the lunar
51:59 - 52:04

landing, let's skip to that one. Once in
lunar orbit, separation between the
52:04 - 52:07

command and service module and lunar
module happens four hours and 45 minutes
52:07 - 52:11

before landing. On the lunar module,
directly afterwards, rendezvous equipment
52:11 - 52:15

like radar, strobe and VHF are tested, as
well as the IMU, which is realigned.
52:15 - 52:19

Additionally there's lots of preparation
work on the lunar module. One of the main
52:19 - 52:23

tasks is to prepare the abort guidance
system, AGS, which is another, more
52:23 - 52:25

simpler computer, that is able to get the
lunar module with the astronauts back into
52:25 - 52:30

orbit and safely docked with the CSM in
case of an emergency. Let's get back to
52:30 - 52:33

powered descent. The lunar module AGC has
a special program for that one, P 63,
52:33 - 52:38

braking phase. The landing radar has
switched on and updates the state vector.
52:38 - 52:40

The Apollo Guidance Computer controls the
burn to reach the correct corridor towards
52:40 - 52:45

the surface with a minimal amount of fuel.
This is fully automatic, the astronauts
52:45 - 52:48

just sit along for the ride. The lunar
module is oriented with its descent engine
52:48 - 52:52

towards the moon, visibility for the
astronauts is close to zero. The second
52:52 - 52:56

program, P 64, starts automatically at
around 8,000 feet. Lunar module is pitched
52:56 - 52:59

so that the astronauts can actually see
the ground and the lunar module commander
52:59 - 53:02

is getting a better understanding of the
landing site and can search for a suitable
53:02 - 53:07

spot. The third program, P 68, keeps the
lunar module in a stable attitude above
53:07 - 53:11

the surface and the commander manually
adjusts the height in one feet per second
53:11 - 53:14

increments, to slowly descend to the
surface. Ideally at that point, the
53:14 - 53:17

horizontal movement of the lunar module
should be zero. After touchdown the crew
53:17 - 53:21

manually activates program 68, which
confirms to the Apollo guidance computer
53:21 - 53:25

that yes, we have indeed landed, and
ensures that the engine is switched off,
53:25 - 53:28

terminates the average G routine, and sets
the autopilot in a very forgiving setting,
53:28 - 53:32

to avoid any corrections when it measures
the rotation of the moon. The autopilot is
53:32 - 53:36

not completely switched off though, as the
astronaut might need it in case of an
53:36 - 53:39

emergency ascent. Well we are on the moon,
we do the usual stuff, small step for man,
53:39 - 53:43

jump around plant the flag, and we then
skip directly to the interesting bits
53:43 - 53:47

which is liftoff and rendezvous. The
rendezvous technique was developed in the
53:47 - 53:51

Gemini project. Here you can see the Agena
rendezvous target in Earth orbit. It
53:51 - 53:54

follows the principle of an active
vehicle, in this case the lunar module,
53:54 - 53:57

which follows the command and service
module and approaches it from below at
53:57 - 54:01

slightly faster orbit. There were actually
two different ways for rendezvous. A more
54:01 - 54:04

conservative method called Coelliptic
rendezvous which required one and a half
54:04 - 54:07

orbits for the lunar module to reach the
command and service module, but gave ample
54:07 - 54:12

opportunity for monitoring progress, mid-
course corrections, and orbit scenarios.
54:12 - 54:15

And a more risky direct rendezvous method
which directly aimed the lunar module
54:15 - 54:19

towards the command and service module,
taking less than one orbit until docking.
54:19 - 54:22

This one was used starting from the Apollo
14 mission, as Mission Control had more
54:22 - 54:28

experience and aimed for the shorter, less
fuel intensive method. Preparation had to
54:28 - 54:32

start two hours before liftoff. We have to
align the IMU and we visually monitor the
54:32 - 54:36

orbit of the CSM and calculate the
rendezvous data. The Apollo Guidance
54:36 - 54:40

Computer has program 22, CSM tracking, for
this purpose. At liftoff minus one hour,
54:40 - 54:44

we start program 12, powered ascent, and
feed it with the necessary data, liftoff
54:44 - 54:49

time and velocity target. The Apollo
Guidance Computer performs the countdown,
54:49 - 54:52

and ask for confirmation, we proceed and
we have liftoff.
54:52 - 54:55

The trip into orbit takes only seven and a
half minutes but depending on which method
54:55 - 54:58

for reaching the target orbit was used, it
takes us either one and a half, or three
54:58 - 55:02

and a half hours to come up behind the
command and service module. During that
55:02 - 55:05

time, program 20 is running all the time,
measuring the state vector of the other
55:05 - 55:08

vehicle, the command and service module,
via various peripherals like rendezvous
55:08 - 55:12

radar, VHF antenna, and the optic system
for visual alignment. It calculates the
55:12 - 55:16

necessary corridor and respective
maneuvers required to get the lunar module
55:16 - 55:19

into an interception course. Multiple
other programs run in parallel to perform
55:19 - 55:23

the necessary mid-course burn maneuvers.
On the commander of service module, the
55:23 - 55:26

pilot is actively tracking the lunar
module the whole way up to orbit. The
55:26 - 55:29

command and service module's computer is
calculating the state vector of the lunar
55:29 - 55:32

module, to take over the role of the
active vehicle, in case anything goes
55:32 - 55:35

wrong. The approach of the lunar module
stops at 50 meter distance, at which point
55:35 - 55:39

it rotates to point its docking target on
top towards the command and service
55:39 - 55:43

module. At that point in time the command
service module takes over the active role
55:43 - 55:47

and activates program 79, final
rendezvous, which slows down the command
55:47 - 55:50

and service module to close the distance
until docking. Seconds before contact, the
55:50 - 55:55

autopilot on both spacecraft is switched
off to avoid both trying to correct the
55:55 - 55:59

attitude of the combined spacecraft. So
far so good, time to go home with the
55:59 - 56:02

trans-earth injection. We feed the Apollo
guidance computer with Earth orbit
56:02 - 56:06

parameters and let it calculate the burn
which is then activated and controlled.
56:06 - 56:09

Any kind of potential mid-course
corrections are performed the exact same
56:09 - 56:14

way. Once in orbit around Earth, re-entry
parameters are calculated on ground and
56:14 - 56:17

transferred to the Apollo guidance
computer via a S-band uplink. The first
56:17 - 56:22

entry program, P 61, entry preparation,
starts at entry minus 25 minutes. Various
56:22 - 56:25

landing parameters are requested, like
latitude and longitude of the splash zone,
56:25 - 56:29

as well as the velocity and angles to
enter the atmosphere. Entering and
56:29 - 56:32

confirming these values completes program
61, and starts program 62, which basically
56:32 - 56:36

asks the astronaut to perform a checklist
for manual command module - service module
56:36 - 56:39

- separation, which is not controlled by
the Apollo guidance computer. After that
56:39 - 56:43

has been performed it switches
automatically to program 63, entry
56:43 - 56:48

initialization. At that point, the
autopilot is taking care of thruster
56:48 - 56:51

control to break the command module out of
its orbit into Earth's atmosphere. The
56:51 - 56:57

main program for re-entry is program 64,
entry, which starts automatically. Program
56:57 - 57:00

64 monitors the trajectory, and splashdown
location, and determines the best entry
57:00 - 57:05

solution and potential velocity reduction
by invoking two specific programs, either
57:05 - 57:09

P 65, entry up control, which basically
makes the current module surf on the
57:09 - 57:13

atmosphere to reduce speed and extend the
range, or program 66, entry ballistic,
57:13 - 57:16

throwing us through the atmosphere like a
cannonball. The right mixture of the two
57:16 - 57:22

is decided by program 64. The last
program, program 67, final phase, performs
57:22 - 57:25

the final maneuvers to the splash down.
The following steps, like parachute
57:25 - 57:29

deployment and so on, are not done by the
Apollo guidance computer but by the ELSC,
57:29 - 57:32

the Earth Landing Sequence Controller. The
drop of the Apollo guidance computer is
57:32 - 57:37

done before deploying the parachutes. So
this was a beautiful nominal mission, what
57:37 - 57:42

can go wrong? Well let's start with Apollo
11, which had a 12 02 program alarm during
57:42 - 57:46

powered descent. Normally programs during
powered descent use about 85% of the
57:46 - 57:50

processing power of the computer, but due
to an incorrect power supply design, the
57:50 - 57:53

rendezvous... of the rendezvous radar
generated an additional twelve thousand
57:53 - 57:57

eight hundred involuntary instructions per
seconds, ironically amounting to the exact
57:57 - 58:01

additional 15 percent load.
Due to the co-operative multitasking, a
58:01 - 58:08

queue of jobs build up, which resulted in
executive overflow and the 12 02 alarm.
58:08 - 58:11

The operating system automatically
performed a program abort, all jobs were
58:11 - 58:15

cancelled and restarted. All of this took
just a few seconds, and landing could
58:15 - 58:20

commence. Next, Apollo 13. They had an
explosion of the oxygen tank in the
58:20 - 58:25

service module at 55 hours 54 minutes 53
seconds and it will ... yep, correct,
58:25 - 58:29

320,000 kilometers from Earth. Fortunately
they could make use of the free return
58:29 - 58:32

trajectory to get the astronauts back to
earth but they had to move to the lunar
58:32 - 58:36

module to survive, as the command and
service module was completely shut down,
58:36 - 58:39

including its Apollo Guidance Computer.
The IMU settings needed to be transferred
58:39 - 58:42

to the lunar module system first, adapted
to the different orientations of the
58:42 - 58:46

spacecraft. The manual burns and the mid-
course corrections were actually done with
58:46 - 58:49

the abort guidance system on the lunar
module, due to power constraints with the
58:49 - 58:52

Apollo Guidance Computer. Successful
reboot of the command and service module
58:52 - 58:58

computer was luckily done hours before re-
entry. And last but not least, Apollo 14,
58:58 - 59:01

which had a floating solder ball in the
abort button, which might lead to an
59:01 - 59:03

unwanted activation of abort, therefore
putting the lunar module back into orbit.
59:03 - 59:07

This was solved within hours, by
reprogramming the Apollo Guidance
59:07 - 59:10

Computer, to spoof the execution of a
different program, which was not listening
59:10 - 59:13

to the abort button during the powered
descend. Real abort activation though
59:13 - 59:19

would have to be manually activated via
the DSKY. So this was an overview and how
59:19 - 59:23

the mission software was used on a flight
to the moon and back.
59:23 - 59:32

applause
59:32 - 59:36

M: Now you probably want to run your own
code on a real Apollo Guidance Computer,
59:36 - 59:41

so you need to know where to find one.
42 computers were built total.
59:41 - 59:46

Seven lunar module computers crashed onto
the moon. Three lunar module AGC's burned
59:46 - 59:50

up in the Earth's atmosphere, 11 command
module computers returned.
59:50 - 59:56

They're all presumably parts of museum
exhibits. And 21 machines were not flown.
59:56 - 59:59

Little is known about those. One is on
display at the Computer History Museum
59:59 - 60:02

in Mountain View, California, but it is
missing some components.
60:02 - 60:07

Luckily several emulation solutions are
publicly available, as well as a tool chain.
60:07 - 60:12

And the complete mission source, originally
the size of a medium-sized suitcase,
60:12 - 60:17

is available on github.
laughter
60:17 - 60:26

applause
60:26 - 60:29

It takes a village to create a presentation.
We would like to thank everyone who
60:29 - 60:33

helped and supported us. This includes
the indirect contributors, who wrote
60:33 - 60:36

the books, the original documentation,
the websites, and the software.
60:36 - 60:40

Thank you very much for your attention.
C: Thank you.
60:40 - 60:53

applause and cheering
60:53 - 60:58

Herald: Wow that was a densely packed talk.
laughter
60:58 - 61:06

Thanks Michael, and thanks Christian, for
this amazing information overload.
61:06 - 61:11

Please give a warm hand of applause,
because we can't have a Q&A, unfortunately.
61:11 - 61:20

applause
61:20 - 61:35

postroll music
61:35 - 61:41

subtitles created by c3subtitles.de
in the year 2018

Title:: 34C3 - The Ultimate Apollo Guidance Computer Talk
Description:: https://media.ccc.de/c/34c3/34c3-9064-the_ultimate_apollo_guidance_computer_talk

The Apollo Guidance Computer ("AGC") was used onboard the Apollo spacecraft to support the Apollo moon landings between 1969 and 1972. This talk explains "everything about the AGC", including its quirky but clever hardware design, its revolutionary OS, and how its software allowed humans to reach and explore the moon.

Michael Steil Christian Hessmann

https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9064.html

more » « less
Video Language:: English
Duration:: 01:01:42

	Schnapspraline edited English subtitles for 34C3 - The Ultimate Apollo Guidance Computer Talk
	BeefyMiracle edited English subtitles for 34C3 - The Ultimate Apollo Guidance Computer Talk
	BeefyMiracle edited English subtitles for 34C3 - The Ultimate Apollo Guidance Computer Talk
	BeefyMiracle edited English subtitles for 34C3 - The Ultimate Apollo Guidance Computer Talk
	BeefyMiracle edited English subtitles for 34C3 - The Ultimate Apollo Guidance Computer Talk
	BeefyMiracle edited English subtitles for 34C3 - The Ultimate Apollo Guidance Computer Talk
	BeefyMiracle edited English subtitles for 34C3 - The Ultimate Apollo Guidance Computer Talk
	BeefyMiracle edited English subtitles for 34C3 - The Ultimate Apollo Guidance Computer Talk

Show all

English subtitles

Revisions

Revision 11 Edited

Schnapspraline

34C3 - The Ultimate Apollo Guidance Computer Talk

Revisions

Our website uses cookies

Operating cookies (Required)