Date post: | 04-Jan-2016 |
Category: |
Documents |
Upload: | corey-berry |
View: | 213 times |
Download: | 0 times |
1PFP IPDR 2010/6/14 - 16
Particles and Fields Package (PFP)Instrument Preliminary Design Review
Safety and Mission Assurance
Jorg Fischer, PFP SMA Manager
2PFP IPDR 2010/6/14 - 16
PFP QA Organization
Quality AssuranceQuality Assurance
Build ConfigurationVerification
Build ConfigurationVerification
ESD Control ESD Control
PFP SMA Manager
PFP SMA Manager
SafetySafety
ConfigurationManagementConfigurationManagement
Documentation and Records
Documentation and Records
PMPCB, FRB, MRBPMPCB, FRB, MRB
Training andCertification
Training andCertification
Personnel Safety
Personnel Safety
Flight HardwareSafety
Flight HardwareSafety
Lab InspectionsLab Inspections
ContaminationControl
ContaminationControl
Support Flight H/W& S/W QA Testing
Support Flight H/W& S/W QA Testing
Quality AssuranceEngineer Team
Quality AssuranceEngineer Team
PFP Project
ManagerLASP SMA ManagerLASP SMA Manager
CESR SMA Manager
CESR SMA Manager
GSFC SMA Manager
GSFC SMA Manager
Inspections, AuditsInspections, Audits
Support lessonsLearned
3PFP IPDR 2010/6/14 - 16
Responsibilities of Mission Assurance
• Non-Conformance Control – PFR Reporting and Review• Material: Selection, Procurement, Traceability Controls• Calibration Control• ESD Control• Configuration Management and Data Control• Manufacturing and Test Control• Internal and External Auditing• Contamination Control • Software Assurance• In-process Inspections, Test Monitoring• Integration Test Readiness Review / Test Witness• Verification and Environmental Test Review• Final Acceptance Data Package• Training and Lessons Learned
4PFP IPDR 2010/6/14 - 16
Mission Assurance Implementation Plans
Mission Assurance Implementation Plans (MAIP) Status
SSL, LASP, CESR have submitted a MAIP indicating how SSL will implement the MAVEN Mission Assurance Requirements– SSL: MAVEN_PF_QA_002– LASP/LPW: MAVEN-RSS-PLAN-0038– CESR/SWEA: SWEA-PL-32100-CESR-001-GEN– GSFC/MAG: pending– Result of many iterations between Project SMA & PFP– In review at Project– Includes a compliance verification matrix, deliverables list
5PFP IPDR 2010/6/14 - 16
SMA Requirements and Documentation
1. GENERAL1.1. Basis and Scope of the Plan1.1.1. CESR1.2. General Requirements1.3. Use of Previously Designed,
Fabricated, or Flown Hardware1.4. Flow-Down of MA Requirements1.5. Surveillance1.6. SR&QA Verification1.7. Status Reporting1.8. Applicable Documents (Appendix A)2. ASSURANCE REVIEW
REQUIREMENTS2.1. General Requirements2.2. GSFC Flight Assurance Review
Requirements2.3. Flight Assurance Review Program3. PERFORMANCE VERIFICATION
REQUIREMENTS3.1. General Requirements3.2. Documentation Requirements3.2.1. Verification Matrix3.2.2. Verification Test Plan3.2.3. Verification Test Procedures3.2.4. Verification Test Report3.3. Demonstration of Failure-Free
Operation3.4. Comprehensive Performance Test4. SAFETY4.1. General4.2. System Description and Safety
Assessment Report4.2.1. Preliminary Safety Assessment4.3. Procedure Approval4.4. Safety Noncompliance Requests4.5. Safety Working Group Meetings4.6. Safety Data Package, Launch Site
Safety Plan, and Orbital Debris Assessment
4.7. Mishaps4.8. Assessments
5.1. PARTS SELECTION5.1.1. EEE Parts Identification List5.2. Other Parts5.2.1. Magnetic Devices5.2.2. Plastic Encapsulated Microcircuits (PEMs)5.2.3. Units and Subassemblies5.2.4. Field Programmable Devices5.2.5. PIND Testing5.2.6. Destructive Physical Analyses (DPA)5.3. Ceramic Capacitors5.4. Derating5.5. Radiation Tolerance5.6. Alerts5.7. Parts Age Control5.8. Parts Control Board6. MATERIALS AND PROCESSES CONTROL
REQUIREMENTS6.1. Selection Requirements6.1.1. Compliant Materials6.1.2. Noncompliant Materials6.1.3. Conventional Applications6.1.4. Nonconventional Applications6.1.5. Inorganic and Metallic Materials6.1.6. Non-metallic Materials6.1.7. Fasteners6.1.8. Lubricants6.1.9. Consideration in Process Selection6.1.10.Shelf Life Controlled Items6.1.11.Magnetics Compatibility6.2. Documentation6.3. GIDEP Alerts6.4. Materials and Process Control Board7. DESIGN ASSURANCE AND RELIABILITY7.1. Requirements7.2. Implementation7.3. Failure Modes and Effects Analysis7.4. Limited Life Items7.5. Trending7.6. Parts Stress Analysis7.7. Worst Case Analyses
8. QUALITY ASSURANCE REQUIREMENTS8.1. Support of Design Reviews8.2. Configuration Management8.3. Identification and Traceability8.4. Procurement Controls8.4.1. Purchased Raw Materials8.4.2. Age Control and Limited-Life Products8.4.3. Inspection and Test Records8.4.4. Purchase Order Review8.4.5. Re-submission of Non-conforming Materials8.5. Receiving Inspection8.6. Fabrication Control8.6.1. Manufacturing Certification Log8.6.2. Workmanship8.6.3. Process Control8.6.4. Reuse of Parts and Materials8.6.5. Retention of Test Samples and Removed Parts8.7. ESD Control8.8. Non-conformance Control8.8.1. Discrepancies8.8.2. Failures8.8.3. Alert Information8.9. Inspections and Tests8.9.1. Inspection and Test Records8.9.2. Printed Wiring Boards Inspections and Tests8.10. Metrology8.11. Handling, Storage, Marking, Shipping...8.11.1. Handling8.11.2. Shipping8.12. Government Property Control8.13. End Item Acceptance8.14. Ground Support Equipment9. CONTAMINATION CONTROL9.1. Project Requirements9.2. PFP Concerns9.3. Control Plan9.4. PFP Requirements on S/C I&T and Ops10. SOFTWARE ASSURANCEGeneral, Software Development, Documentation,
Software Design Reviews, Configuration Management
6PFP IPDR 2010/6/14 - 16
PFP MAR Checklist
MAR compliance checked and approved MAVEN_PF_QA_001
7PFP IPDR 2010/6/14 - 16
Requirements and Safety
• Flow-Down of MAIP Requirements– SSL, LASP, CESR, GSFC
• Deviations– Materials and Processes requirements, Section 6 of MAIP– Compliance deviations are documented in the MAR checklist
• System Safety– Personnel, facility, and mission safety have been considered.– The Safety Plan has been generated and is in review MAVEN_PF_QA_005B_Safety Plan and MAIP section 4– The safety plan identifies all requirements, planned tailoring
approaches, intended non-compliances, and safety data submittals have been identified.
– There are no safety compliance issues.
8PFP IPDR 2010/6/14 - 16
Suppliers and Alerts
• Suppliers– SSL procures all active EEE flight parts from GSFC– SSL procures passive EEE parts directly from the manufacturer or
through authorized distributors.– SSL requires full traceability on all flight procurements.– Program requirements are flowed through procurement documentation.
Where necessary, procurement documentation may include source control documents (SCDs) and engineering documentation.
• GIDEP Status– SSL will respond to GSFC GIDEP evaluation requests– There are no current GIDEP impacts – no parts on MAVEN are currently
impacted by any Alert or Advisory.– Other Memos and Alerts will be Incorporated, for example: “The use of
brominated polyimide is unacceptable” (Polyimide board material)
9PFP IPDR 2010/6/14 - 16
Alerts Status DB
Alerts Status DB
10PFP IPDR 2010/6/14 - 16
Contamination and ESD Control
Contamination Control– Class 100,00 cleanrooms available– Contamination requirements and preliminary control plans have
been defined, MAIP section 9.– Laminar Flow Benches available– Nitrogen available (Oxygen Sensors fixed and portable)
ESD Control– ESD Control Procedure meets ANSI/ESD S20.20 requirements– SSL_QA_0003 ESD Control Plan– All applicable personnel trained and certified by RMV
Technology: Robert J. Vermillion, CPP-Lifetime Fellow, Certified ESD & Product Safety Engineer.
– Training certifications required for flight work
11PFP IPDR 2010/6/14 - 16
Calibration, Parts and Materials Control
Calibration Control– Calibration Data base– All tools used for PFP flight are under Calibration Control– Blanket PO for the MAVEN– ANSI/NCSL Z540
Receiving Inspection and EEE parts storage SMA implements parts and materials control
– Incoming Inspections (two)– Bonded Flight parts storage– All Flight parts are in a data base– Packaging and shipping provisions to maintain low contamination
exposure and ESD control during transport.
12PFP IPDR 2010/6/14 - 16
Workmanship
Manufacturing, Assembly, and Quality Control of Electronic System will be in compliance to the most recent version of the following technical standards:
NASA-STD-8739.1 Workmanship Standards for Staking and Conformal Coating of Printed Wiring Boards and Electronic Assemblies NASA-STD-8739.2 Workmanship Standard for Surface Mount Technology NASA-STD-8739.3 Soldered Electrical Connections NASA-STD-8739.4 Crimping, Interconnecting Cables, Harness, and Wiring ANSI/ESD 20.20 Electrostatic Discharge Control
13PFP IPDR 2010/6/14 - 16
Training and Certification
Training and Certification DB
14PFP IPDR 2010/6/14 - 16
EEE parts and Materials
• Parts selection, de-rating, screening, and qualification test criteria are defined
EEE Parts per GSFC-311-INST-002 add1, Level 2– Parts derating, Parts age control, Parts control board– Radiation tolerance per MAIP section 5.5– Alerts– Tests, Test Data & EIDP– Photos
Materials and Processes Controls– Hazardous materials requirements– Vacuum outgassing requirements– Approved Materials & Processes lists– Limited Life items List– Alerts, Shelf Life Controls– Material Certs
15PFP IPDR 2010/6/14 - 16
EEE parts and Materials
• EEE Parts DB
16PFP IPDR 2010/6/14 - 16
EEE parts and Materials
Materials List DB
17PFP IPDR 2010/6/14 - 16
Inspections and Audits
Audits and Mandatory Inspection Points
Audits Vendor Audits, Compliance Audits (Safety, ESD, Configuration
Control, Traceability, Non-Conformance, Calibration), Interface with External Audits, Assembly Traveler data package at each inspection point
Inspections Incoming/Receiving, Flight Kits, Pre-cap, Calibration, Acceptance
and Environmental Test, Software, Interface with External Inspections, Printed Wiring Assemblies, Polymerics, Cables, Harnesses, and Wirinig.
18PFP IPDR 2010/6/14 - 16
Non-conformance Control
Non-conformance Reporting Methods
- Non-Conformance – Problem Failure Report (PFR)- Dispositions include: scrap, rework, return to supplier,
refer to MRB- Processing of Repair or Rework
- Material Review Board (MRB) - PFP MRB - Customer participation and approval required- Dispositions include scrap, rework, return to supplier, repair
by standard or non-standard procedures, use-as-is, request for waiver
19PFP IPDR 2010/6/14 - 16
PFP PFR Process
20PFP IPDR 2010/6/14 - 16
Fault Tree Analysis
• MAVEN_PF_QA_004 Fault Tree Analysis submitted to Project
• Fault Tree based on ‘Instrument Resiliency’ analysis by PI (which flows out of Level 1 requirements)
• Mixture of redundancy (PFDPU, MAG) and the ability to meet mission objectives with backup measurements from other instruments leads to few critical faults
• STATIC is the only component whose failure would result in loss of a mission objective
21PFP IPDR 2010/6/14 - 16
PFP Fault Tree
Loss of MAVEN MissionObjective
Loss of PFDPUCommon Elements
DCBBoardFails
REG BoardFails
Loss ofMAG
MAGSensor
fails
MAGHarness
Fails
MAGHeaterFails
MAGElectronics
Fails
MAGConverter
Fails
Loss ofSEP
Loss ofSWIA
Loss ofSWEA
Loss ofLPW
Loss ofSTATIC
Loss ofNGIMS
White Box - Failure PropagationRed Colored Box - Single Point FailureGreen Colored Box - Redundancy FailureYellow Colored Box - Graceful Degradation
TransferGate
ANDGate
ORGate
Loss of SEPMeasurement
Loss of SWIMeasurement
Loss of SWEMeasurement
Loss of LPMeasurement
SEPSensorFails
SEPElectronics
Fails
SEPHarness
Fails
SEPConverter
Fails
SEP has 2 detectors with separateelectronics and harness, but commonconverter. Loss of one of the twochains results in degradation, but notloss of SEP measurement
SWIAAnalyzer
Fails
SWIA DoorActuator
Fails
SWIA MCPFails
SWIAAttenuator
Fails
SWIASweep
HVPS Fails
SWIADigital Fails
SWIAConverter
Fails
SWIA MCPHVPS Fails
SWIAAnode Fails
SWIAPreamps
Fail
SWIAHarness
Fails
SWEAAnalyzer
Fails
SWEADoor Act.
Fails
SWEAMCP Fails
SWEASweep
HVPS Fails
SWEADigital Fails
SWEAConverter
Fails
SWEAMCP HVPS
Fails
SWEAAnode Fails
SWEAPreamps
Fail
SWEAHarness
Fails
LPWDeployment
Fails
LPW Dep.Act. Fails
LPWHarness
Fails
LPWPreamp
Fails
LPW BoomUnit Fails
LPW BEBFails
LPW DFBFails
LPWConverter
Fails
LPW Has two booms. Loss of oneboom results in degradation but notloss of LPW measurement
PFDPU Backplane connectorsdesigned so that no open or short toan adjacent pin will result in the lossof more than one instrument
SEPSurvivalHeater
SWIASurvivalHeater
SWEASurvivalHeater
LPW DepHeaterFails
Loss of EUVMeasurement
Loss ofEUV
EUVDetector
Fails
EUV DoorFails
STATICAnalyzer
Fails
STATIC DoorActuator Fails
STATICMCP Fails
STATICAttenuator
Fails
STATICSweep
HVPS Fails
STATICDigital Fails
STATICConverter
Fails
STATICMCP HVPS
Fails
STATICAnode Fails
STATICAccel HV
Fails
STATICPreamp
Fails
STATICSurvivalHeater
STATICTDC Fails
No PF failureresults in loss of allMAVEN missionobjectives
22PFP IPDR 2010/6/14 - 16
PFP FMEA
• MAVEN_PF_QA_007 FMEA / CIL/ CICP submitted to Project
• Component-level FMEA performed on PFP, concentrating on the interfaces
• A total of 78 failure mechanisms were analyzed• No Criticality 1 failure modes found• Several criticality level 2R failure modes• Only STATIC had 2 critical failures modes
– STATIC was analyzed down to the subsystem level– An additional 22 failure modes were analyzed– Puts STATIC is on the Critical Items List for PFP
• A second STATIC was considered, but there were insufficient project resources to accommodate it
23PFP IPDR 2010/6/14 - 16
FMEA Criticality Definitions
Category Severity Description 1 Catastrophic Failure modes that could result in serious injury, loss of
life (flight or ground personnel), or loss of launch vehicle. 1R Failure modes of identical or equivalent redundant hardware items that
could result in Category 1 effects if all failed. 1S Failure in a safety or hazard monitoring system that could cause the
system to fail to detect a hazardous condition or fail to operate during such condition and lead to Category 1 consequences.
2 Critical Failure modes that could result in loss of one or more mission objectives as defined by the GSFC project office.
2R Failure modes of identical or equivalent redundant hardware items that could result in Category 2 effects if all failed
3 Significant Failure modes that could cause degradation to mission objectives
4 Minor failure modes that could result in insignificant or no loss to mission objectives.
24PFP IPDR 2010/6/14 - 16
FMEA Worksheet
MAVEN_PF_QA_006A_FEMA
25PFP IPDR 2010/6/14 - 16
Preliminary Hazard Analysis (PHA)
• MAVEN_PF_QA_009, PFP Preliminary Hazard Analysis submitted to Project
• High Voltage Hazard– SWEA, SWIA, STATIC have significant HV (up to 15kV)– Not a personnel safety issue (no exposed HV)– Can damage the instrument if HV powered on in Air– Green-tag enable plugs prevent accidental power-on
• Radiation Sources– Used for SEP CPT– Small hand-help low activity sources– Handled by trained and qualified personnel– Not used at launch site
• Non-explosive Actuators (NEA)– Use spacecraft pyro system to limit risk of accidental actuation– SWEA, SWIA, STATIC covers – risk of instrument contamination if
opened inadvertently on the ground– LPW – risk of damage to instrument, some small risk of harm to
personnel if deployed inadvertently on the ground– Red-tag safety pin prevents accidental deployment
26PFP IPDR 2010/6/14 - 16
Mission Assurance Summary
Experienced Personnel provide oversight and technical support across all elements of PFP Project
Mission Assurance Requirements are well defined and comprehensive.
These are traditional requirements for SSL Missions and they are understood.
Systems with experienced personnel are in place and operating.
The Mission Assurance team
is ready to support MAVEN PFP