Rocket Telemetry Project Docs

ADR Master Index

This is the canonical registry for all unresolved and resolved architecture decisions across the rocket telemetry system.

ADR Status Summary

Total ADRs: 9 (5 system-wide + 4 node-scoped) Status: All Proposed (no decisions accepted yet)

Master ADR Tracking Table

IDTitleScopeStatusOwnerTarget DateDecision Type
ADR-001TLS Mutual AuthenticationSystem-wideProposedSecurity/SRE2026-04-05Security
ADR-002Schema Governance & CompatibilitySystem-wideProposedBackend/Integration2026-04-08Data contract
ADR-003Clock Authority & Time SyncSystem-wideProposedOperations/Hardware2026-04-10Operational
ADR-004Degraded-Mode & Failover PolicySystem-wideProposedOperations/Reliability2026-04-12Operational
ADR-005Per-Target Binding ResolutionSystem-wideProposedFrontend/MissionPlan2026-04-12Frontend
N-ADR-001Schema Validation StrictnessNode-scopedProposedNode firmware lead2026-04-03Data contract
N-ADR-002Decoder Backpressure PolicyNode-scopedProposedNode performance lead2026-04-05Performance
N-ADR-003GNSS Degradation & Time AuthorityNode-scopedProposedNode firmware lead2026-04-10Operational
N-ADR-004(Reserved)Node-scopedProposedArchitecture leadTBDTBD

System-Wide ADRs (5)

ADR-001: TLS Mutual Authentication

Status: Proposed
Location: ADR-001-TLS-Mutual-Auth
Originates from: System-Gaps-Deferred#security-and-trust-boundaries
Quick summary: Define mutual TLS, API key management, and credential rotation for node-central communication.

ADR-002: Schema Governance & Compatibility Policy

Status: Proposed
Location: ADR-002-Schema-Governance
Originates from: System-Gaps-Deferred#schema-governance-and-compatibility-policy
Quick summary: Payload schema versioning, backward compatibility guarantees, migration strategy.

ADR-003: Clock Authority & Time Synchronization

Status: Proposed
Location: ADR-003-Clock-Authority
Originates from: System-Gaps-Deferred#time-synchronization-and-clock-authority
Quick summary: GNSS vs. central clock authority, drift tolerance, degradation fallback.

ADR-004: Degraded-Mode & Failover Policy

Status: Proposed
Location: ADR-004-Degraded-Mode-Policy
Originates from: System-Gaps-Deferred#failure-domain-and-degraded-mode-policy
Quick summary: Node behavior when central is down, fallback priorities, operator alert thresholds.

ADR-005: Per-Target Parameter Binding Resolution

Status: Proposed
Location: ADR-005-PerTarget-Binding
Originates from: System-Gaps-Deferred#per-target-binding-fallback-and-resolution
Quick summary: Binding fallback scopes, missing binding handling, operator override capability.

Node-Scoped ADRs (4)

N-ADR-001: Schema Validation Strictness Policy

Status: Proposed
Location: N-ADR-001-SchemaValidation
Originates from: Node-Gaps-Deferred#schema-validation-strictness-policy
Quick summary: Strict vs. lenient field schema validation, allowable overlaps and gaps.

N-ADR-002: Decoder Failure Behavior & Backpressure

Status: Proposed
Location: N-ADR-002-Decoder-Backpressure
Originates from: Node-Gaps-Deferred#decoder-failure-behavior-and-backpressure
Quick summary: Drop policy under decode overload, buffer limits, error thresholds.

N-ADR-003: GNSS Degradation & Timestamp Authority

Status: Proposed
Location: N-ADR-003-GNSS-Degradation
Originates from: Node-Gaps-Deferred#timestamp-authority-during-gnss-degradation
Quick summary: Fallback clock hierarchy, drift tolerance, degraded-flag handling.

N-ADR-004: (Reserved)

Status: Proposed
Location: N-ADR-004-TBD
Quick summary: To be filled in as node design evolves.

ADR Entry Template

Each ADR document should follow this structure:

# ADR-NNN: Title

## Metadata

- **ADR ID**: ADR-NNN
- **Title**: [Decision title]
- **Status**: Proposed | Accepted | Rejected | Superseded
- **Date**: [YYYY-MM-DD]
- **Owner**: [Name/team]
- **Related to**: Section X of Architecture document

## Problem / Context

[Describe the problem statement and context]

## Decision

[State the proposed decision clearly]

## Alternatives Considered

[List at least 2-3 alternatives with brief pros/cons]

## Consequences

- **Positive**: ...
- **Negative**: ...
- **Neutral/Trade-off**: ...

## Implementation Impact

[How would implementation be affected?]

## Validation Plan

[How will we know if this decision was correct?]

## Rollback Plan

[If accepted but later found wrong, how would we revert?]

## Discussion Notes

[Any additional discussion, decision rationale, or context]

---

**Related ADRs**: [other ADR links if applicable]

Review Process

  1. Proposal: ADR created by domain owner as "Proposed"
  2. Discussion: Team reviews in weekly architecture meeting (or design review)
  3. Decision: Owner and stakeholders agree or request changes
  4. Acceptance: ADR changed to "Accepted", linked from architecture documents
  5. Implementation: Development team uses accepted ADR as guide
  6. Closure: If superseded, note replacement ADR and archive old one

Review Cadence

  • All "Proposed" ADRs reviewed at least weekly
  • ADRs in "Proposed" state >30 days must be escalated
  • Accepted ADRs reviewed during architecture quarterly reviews

Navigation: Return to Docs Home for full navigation by audience.

Control Plane and Data Plane

This document defines the transport split between control and telemetry paths, plus policy rules for TM-over-IP in the rocket telemetry system.

ADR-001: TLS Mutual Authentication

Decision record for TLS mutual authentication between node and central, covering bootstrap, rotation, and fallback.

On this page

ADR Status SummaryMaster ADR Tracking TableSystem-Wide ADRs (5)ADR-001: TLS Mutual AuthenticationADR-002: Schema Governance & Compatibility PolicyADR-003: Clock Authority & Time SynchronizationADR-004: Degraded-Mode & Failover PolicyADR-005: Per-Target Parameter Binding ResolutionNode-Scoped ADRs (4)N-ADR-001: Schema Validation Strictness PolicyN-ADR-002: Decoder Failure Behavior & BackpressureN-ADR-003: GNSS Degradation & Timestamp AuthorityN-ADR-004: (Reserved)ADR Entry TemplateReview ProcessReview Cadence