Design Considerations for Safe andReliable Human Rated Spacecraft Systems       Project Management Challenge 2008         ...
Background• In late 2005, the NASA Engineering and Safety Center  (NESC) was asked by the Astronaut Office to answer  the ...
Background• A multi-disciplinary team was established, consisting  of representatives from across NASA and industry   –   ...
Background• What does make a system safe?   –   Two failure tolerance?   –   Using COTS components that have never failure...
Background• Two-part report focused on safety and reliability  considerations     Volume 1 – Systems Engineering     Volum...
Top Level Conclusions• History indicates no subsystem, component, or  system element is immune from failure• There is no s...
Guiding Principles1. Define a clear and simple set of prioritized program needs,   objectives and constraints, including s...
Guiding Principles5. Conceive the right system conceptual design early in the life   cycle by thoroughly exploring risks f...
1. Defining Program Needs,                Objectives, and ConstraintsDefine a clear and simple set of prioritized program ...
2. Organizing and Managing the ProgramManage and lead the program with a safety focus, simpleand easy to understand manage...
3. Defining Safety and Reliability                 for Human Rated SystemsSpecify safety andreliabilityrequirementsthrough...
4. Managing ComplexityManage complexity by keeping the primary (mission)objectives as simple and minimal as possible and a...
5. Conceiving the Right SystemConceive the right systemconceptual design early in thelife cycle by thoroughlyexploring ris...
5. Conceiving the Right System“Build up” methodology for developing a design:   Step 1 - Define needs, objectives, and con...
5. Conceiving the Right System“Build up” methodology for developing a design (continued):   Step 5 - Make it reliable. Con...
5. Conceiving the Right System“Build up” methodology driven by a risk-based iterativedesign loop provides the rationale fo...
5. Conceiving the Right System        Engineering Excellence   17
6. Building the System RightBuild the system right by applying a multilayered, defensein-depth approach of following prove...
6. Building the System Right      Engineering Excellence   19
7. Integrating Risks Throughout the Life CycleSeek and collect warning signs and precursors to safety, missionsuccess, and...
Guiding Principles Applied to End-to-EndDevelopment of a Safe and Reliable System             Engineering Excellence      ...
Conclusions• Absent a prescription for a safe design, the challenge is  to always design the system for the minimum risk• ...
Conclusions• Full report available on-line at: nesc.nasa.gov• Volume 2 addresses discipline-specific best practices:     –...
Upcoming SlideShare
Loading in...5
×

Dawn.schaible

14,464

Published on

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
14,464
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
3
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Dawn.schaible

  1. 1. Design Considerations for Safe andReliable Human Rated Spacecraft Systems Project Management Challenge 2008 Daytona Beach, Florida February 26 - 27, 2008 Dawn M. Schaible NASA Engineering and Safety Center Engineering Excellence 1
  2. 2. Background• In late 2005, the NASA Engineering and Safety Center (NESC) was asked by the Astronaut Office to answer the basic question: "How do you know you have a safe and reliable system?" Engineering Excellence 2
  3. 3. Background• A multi-disciplinary team was established, consisting of representatives from across NASA and industry – Identified techniques, methodologies, and best practices from a wide variety of resources• The team set out to document: – How systems have performed historically – How to achieve a reliable spacecraft – How to know where redundancy is and isn’t required – How to determine if a design is reliable Engineering Excellence 3
  4. 4. Background• What does make a system safe? – Two failure tolerance? – Using COTS components that have never failure before? – Failure probability predictions of 1 in 10,000? – Meeting requirements?• The answer to each of these taken individually is “No” – No a priori prescription for the design of a safe human rated system – No single process or rule will assure safety and mission success – Hazards exist in context of a design and operational sequence – Unexpected interactions can occur when system elements operate together in the natural and induced environments with a flexible and variable operational scenario Engineering Excellence 4
  5. 5. Background• Two-part report focused on safety and reliability considerations Volume 1 – Systems Engineering Volume 2 – Discipline-specific best practices• Not intended to replace existing standards and policy or duplicate existing references• This presentation will focus on the Volume I – Systems Engineering. Subsequent presentations will focus on specific disciplines and case studies Engineering Excellence 5
  6. 6. Top Level Conclusions• History indicates no subsystem, component, or system element is immune from failure• There is no single requirement, method, or process, which, by itself, assures the “right stuff” for safety and reliability• System level safety and reliability is achieved by maintaining a vigilant focus on identifying and addressing risks throughout the DDT&E life cycle and during spacecraft operations Engineering Excellence 6
  7. 7. Guiding Principles1. Define a clear and simple set of prioritized program needs, objectives and constraints, including safety, that form the validation basis for subsequent work2. Manage and lead the program with a safety focus, simple and easy to understand management structures, and clear lines of authority and responsibility among the elements3. Specify safety and reliability requirements through a triad of fault tolerance, bounding failure probability, and adhering to proven practices and standards4. Manage complexity by keeping the primary (mission) objectives as simple and minimal as possible and adding complexity to the system only where necessary to achieve these objectives Engineering Excellence 7
  8. 8. Guiding Principles5. Conceive the right system conceptual design early in the life cycle by thoroughly exploring risks from the top down and using a risk-based design loop to iterate the operations concept, the design, and the requirements until the system meets mission objectives at minimum complexity and is achievable within constraints6. Build the system right by applying a multilayered, defense in depth approach of following proven design and manufacturing practices, holding independent reviews, inspecting the end product, and employing a “test like you fly, fly like you test” philosophy7. Seek and collect warning signs and precursors to safety, mission success and development risks throughout the life cycle, and integrate those into a total risk picture with appropriate mitigation activities Engineering Excellence 8
  9. 9. 1. Defining Program Needs, Objectives, and ConstraintsDefine a clear and simple set of prioritized program needs,objectives, and constraints, including safety, that form thevalidation basis for subsequent work – Primary requirements of the spacecraft and its related systems are derived from the mission objectives – Simple mission objectives are easier to validate and manage – Expansive and ill-defined mission objectives allow for all manner of add-ons that could eventually produce a system that either cannot be built or, if built, cannot be operated with a high degree of confidence Engineering Excellence 9
  10. 10. 2. Organizing and Managing the ProgramManage and lead the program with a safety focus, simpleand easy to understand management structures, and clearlines of authority and responsibility among the elements – Select the right objectives, organizational structure, and key personnel – Ensure that each manager’s authority and responsibility are unambiguous, co-aligned, and supported – Delegating authority and responsibility to a team that will be working under intense pressure for years, management must provide a safety net by maintaining discipline in execution of the Program Plan, ensuring transparency, and providing timely independent assessments of progress Engineering Excellence 10
  11. 11. 3. Defining Safety and Reliability for Human Rated SystemsSpecify safety andreliabilityrequirementsthrough a triad offault tolerance,bounding failureprobability, andadhering to provenpractices andstandards Engineering Excellence 11
  12. 12. 4. Managing ComplexityManage complexity by keeping the primary (mission)objectives as simple and minimal as possible and addingcomplexity to the system only where necessary to achievethese objectives – Complexity is the antithesis of reliability and should be limited to what is needed to accomplish the mission objective – Manage and integrate pieces into a cohesive whole – Understand the external and induced environments – Control implications of new technology – Apply heritage and COTS system elements with care Engineering Excellence 12
  13. 13. 5. Conceiving the Right SystemConceive the right systemconceptual design early in thelife cycle by thoroughlyexploring risks from the topdown and using a risk-baseddesign loop to iterate theoperations concept, design,and requirements until thesystem meets missionobjectives at minimumcomplexity and is achievablewithin constraints Engineering Excellence 13
  14. 14. 5. Conceiving the Right System“Build up” methodology for developing a design: Step 1 - Define needs, objectives, and constraints Step 2 - Define the minimum set of functions necessary to accomplish the mission objectives according to an operational sequence Step 3 - Make it work. Create the simplest conceptual design of the contemplated system that accomplishes the functions necessary to meet mission objectives with inherent safety Step 4 - Make it safe. Add simple elements to the system at the minimum performance necessary to assure safe crew return. A simple diverse system maximizes the independence from prime system faults and should be easier to understand and verify Engineering Excellence 14
  15. 15. 5. Conceiving the Right System“Build up” methodology for developing a design (continued): Step 5 - Make it reliable. Consider additional elements or other “legs,” preferentially an additional primary leg of equivalent performance but not necessarily identical design for mission success Step 6 - Make it Affordable. Estimate cost and schedule to develop, produce, and operate the system design Step 7 - Capture the Conceptual Design as the derived requirements, baseline operations concept, and baseline conceptual design Engineering Excellence 15
  16. 16. 5. Conceiving the Right System“Build up” methodology driven by a risk-based iterativedesign loop provides the rationale for the total systemdesign, including: – Existence of each system element and component – Chosen failure tolerance – Technical (mass, power) and programmatic resources Engineering Excellence 16
  17. 17. 5. Conceiving the Right System Engineering Excellence 17
  18. 18. 6. Building the System RightBuild the system right by applying a multilayered, defensein-depth approach of following proven design andmanufacturing practices, holding independent reviews andinspecting, and employing a “test like you fly, fly like youtest” approach to assure that the system is safe andreliable Engineering Excellence 18
  19. 19. 6. Building the System Right Engineering Excellence 19
  20. 20. 7. Integrating Risks Throughout the Life CycleSeek and collect warning signs and precursors to safety, missionsuccess, and development risks throughout the life cycle, andintegrate those into a total risk picture with appropriate mitigationactivities – Integrate a total risk picture from each contributory increment of risk – Provide a method of distinguishing, comparing, evaluating, and prioritizing risks with differing and sometimes competing consequences – Foster curiosity, skepticism, and imagination to identify risks, seek warning signs, and precursors to potential failures and problems – Start risk assessments early in the life cycle in a top down fashion – Validate system risk assessments with historical knowledge of failures and their causes in comparable systems – Identify residual risks, close calls, anomalies, or issues that do not have a definitive cause or corrective action Engineering Excellence 20
  21. 21. Guiding Principles Applied to End-to-EndDevelopment of a Safe and Reliable System Engineering Excellence 21
  22. 22. Conclusions• Absent a prescription for a safe design, the challenge is to always design the system for the minimum risk• These risks must be explored during the upfront design work which provides the most leverage in obviating or mitigating weakness of the design or operational approach• Exploring risks and obviating them must be approached with a flexible iterative design loop which seeks the simplest and least complex system necessary to accomplish mission objectives Engineering Excellence 22
  23. 23. Conclusions• Full report available on-line at: nesc.nasa.gov• Volume 2 addresses discipline-specific best practices: – Structures * – Electrical Systems * – Flight and Ground Software * – Guidance, Navigation and Control * – Propulsion – Environmental Control and Life Support – Mechanical Systems – Human Factors * – Materials and Processes * Topics of additional PM Challenge presentations Engineering Excellence 23
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×