Date post: | 20-May-2015 |
Category: |
Technology |
Upload: | nasapmc |
View: | 14,610 times |
Download: | 0 times |
National Aeronautics and Space Administration
Designing in Safety Through Early Safety
Requirements Management
John W. Lyver, IV, Ph.D. NASA Headquarters
Office of Safety & Mission Assurance
[email protected] 202/358-1155
February 22, 2012
National Aeronautics and Space Administration
2
NASA Core Values
To achieve mission success, program managers and institutional managers must balance a reliance on good engineering practices that are within the laws of physics yet apply sufficient caution to
limit risk and protect the workers and the public.
National Aeronautics and Space Administration
3
2010 National Space Policy
Page 1:“The growth and evolution of the global economy has ushered in an ever-increasing number of nations and organizations using space. … decades of space activity have littered Earth’s orbit with debris; and as the world’s space-faring nations continue to increase activities in space, the chance for a collision increases correspondingly.
Page 4:GOALS: (3) Strengthen Stability in Space… strengthening measures to mitigate orbital debris.
Page 7:Preserve the Space Environment. the United States shall: - Lead … policies to minimize debris …
http://www.whitehouse.gov/sites/default/files/national_space_policy_6-28-10.pdf
National Aeronautics and Space Administration
4
NASA Policy Documents
U.S. Government Laws/Regulations, Executive Orders, U.S. Government Interagency Requirements/Agreements
International Treaties/Policies/Agreements
NPD: NASA Policy Directives
NPR: NASA Procedural Requirements
NASA-STD: NASA Technical Standards
NASA-HDBK: NASA Handbooks NASA/SP: NASA Special Publications
VCS: Voluntary Consensus Standards
Joint Documents with Partners
(Formerly: NMI)
(Formerly: NPG)
(Formerly: NHB)
(Also: NASA/TP, NASA/TR, NASA-Pub)
National Aeronautics and Space Administration
5
Why should this be done early?
• Many requirements are required by higher authority and MUST be followed.
• The earlier in a program’s life-cycle requirements are implemented:– By knowing limitations, reduce early design options to investigate– Avoid designing in non-compliances which can not be ‘corrected’ later in life– Fewer redesign efforts needed– Easier to implement– Better definition of project at Preliminary Design Review
• NASA’s experience with early integration of Mission Success requirements:– Easier overall management planning– Lower cost– Fewer problems later in design– Lower risk– Higher likelihood of Mission Success
National Aeronautics and Space Administration
6
Example:Pre-Acquisition Orbital Debris Requirements
• Orbital Debris are relatively easy to determine applicability. All always apply.• Many OD requirement drive the base design of a spacecraft
– Altitude-of-operations produces different levels of risk shielding/self-protection– End of Life requirements Disposal method (controlled reentry or super-GEO)
• Materials used• Amount of fuel needed at EOM
– Use of Tethers– Generation of OD in normal operations
• Adding Pre-Acquisition OD Analysis Report (NASA-STD 8719.14A App A, A.4):– Intended to identify barriers to full compliance with US Gov’t OD Std Mitigation Practices
early enough in the process where overt decisions/changes can reasonably be made• Quick test of OD requirements that affect the design
– About 3-6 pages long• NPR 7120.5”E” & NPR 8715.6”B” (both currently in NODIS Review) Require:
– Used as a mandatory review point in Acquisition Strategy Meeting(ASM)– Show areas which my become non-compliant and by KDP A shall either:
• Have the problem corrected through design change, or• Have waiver approved, or• Have corrective action plan
National Aeronautics and Space Administration
7
Example: NASA’s Orbital Debris Requirements
EOMSRR PDR CDR SMSR Launch
Passivation & Disposal
Pre-EOM Notification
In-flight Reviews
EOMPInitialed Launch Draft
Periodic Updates Approved Final at Disposal
ODAR
Initial Draft
Updated Draft
NC Review
Approved Final
Reference Document
-45 days-30 to -60 days
PreAcquisition Questionnaire
National Aeronautics and Space Administration
8
Requirement Applicability and
Traceability
National Aeronautics and Space Administration
9
What is Traceability
• Traceability is:– Knowing the reason why a requirement exists– What higher level requirements are directing lower level requirements– Which level of management really controls the base requirement– Knowing which parent requirements are implemented – It is NOT verification that a requirement is being implemented/performed
• Definition: “Requirement” (aka: ”shall statement”)– A documented paragraph directing someone to do something– New requirements use: “shall” for Mandatory, and “may” (et al) for permission– A well written requirement is:
• 1 paragraph• 1 time period• 1 actionee• 1 action / product / outcome (or 1 set)• Verifiable • Clear & understandable
• How is Traceability established?– Can be traced at the document, and/or chapter, and/or requirement level– Formalized through an agreement between the levels of management involved in the
requirements
National Aeronautics and Space Administration
10
What do we get out of tracing requirements
1. >99% Program
2. Build History
3. Waiver/Exception Processing
4. Assist in Updating
5. Improved Auditing Capability
6. Feedback
National Aeronautics and Space Administration
11
Step 1: Determine Applicability
• Senior organization identifies the list of documents which they “own,” “control,” “implement,” “enforce,” …
• Determine which documents from the list of documents DO NOT APPLY to the lower level.
• For each remaining document, build a matrix of the requirements (aka: shall statements) and determine for each lower level organization whether the requirement is:– Directly applicable as written or with modification,– Not applicable– Indirectly applicable (somebody else will impose this requirement)
• Work done by Senior organization with help from lower orgs and is maintained by Senior org.
Not ApplApplNot Appl2-5QRST …5
ApplApplAppl2-4MNOP …4
Not ApplAppl with Mod:
IJ… without K & L
Appl with Mod:
IJL… without K
2-3IJKL …3
Not ApplNot ApplNot Appl2-2EFGH …2
ApplApplAppl2-1ABCD …1X
Project #3Project #2Project #1Req #TextPara #Doc
Example: Project #1 Applicability
National Aeronautics and Space Administration
12
Step 2: Identification of Traceability
Next the following work is done by the junior organization:
• Lower Level Org identifies the requirement(s) at THEIR level that implements each applicable requirement(s).
Note: This can be many-to-one, one-to-one, or one-to-many relationship.• Add traces to applicability matrix.
Note: This identification is done by Lower Level Org but MUST have participation from Senior Org for interpretation of senior requirements.
Project #1: Doc “Z”2-4MNOP …4
Project #1: Doc “Y”
2-3IJKL …3
Project #1: Doc “Y”2-1ABCD …1X
Project #1: DocReq #Sr Doc Text
Para #Doc
Example: Project #1 ApplicabilityProject #1: Paragraph
2.1 & 4.5
1.1
3.3
Project #1: Text
AABNOP …
IJxxKL …
AAABCD …
National Aeronautics and Space Administration
13
Step 3: Develop Acceptable Tailoring
• Senior Org reviews provided traces to check for meet/exceed of each of the applicable requirements.
• Senior organization checks to see if any changes ‘violate’ direction senior to them then processes waiver requests and updates applicability matrix with results.
• Senior organization issues report of the results of the Applicability/Traceability effort to list:– Non-applicable waivers granted– Indirectly applicable requirements– Directly applicable requirements– Traces to directly applicable requirements
• Senior organization maintains report under their configuration management system with copies available to lower level org.
NOTE: This process must be updated periodically as the documents within the Senior and Lower Organizations changes.
National Aeronautics and Space Administration
14
Who Determines Tailoring &
Applicability
National Aeronautics and Space Administration
15
Delegation of Authority
• NPR 1400.1 and NPD 8070.6 assigns responsibility to Chief, OSMA for SMA TA requirements:– Includes definition of requirements, maintenance of documents, and
waiver/deviation approval• Definition: Waiver
– (1) A written authorization to depart from a specific directive requirement (from NPR 1400.1)
– (2) A documented authorization releasing a program or project from meeting a requirement after the requirement is put under configuration control at the level the requirement will be implemented. (from NPR 7120.5 paragraph 3.6.1.1 and NASA-STD 0005)
• Definition: Deviation– A documented authorization releasing a program or project from meeting a
requirement before the requirement is put under configuration control at the level the requirement will be implemented. (from NPR 7120.5 paragraph 3.6.1.1 and NASA-STD 0005)
National Aeronautics and Space Administration
16
What is and is not Delegated?
• Anything NOT reserved for Chief, OSMA may be delegated
• Requirements ALWAYS reserved by Chief, OSMA (and may not be delegated)– All requirements in the following documents:
• Orbital Debris (NPR 8715.6 and NASA‑STD 8719.14),• Mishaps (NPR 8621.1), and• Human Rating (NPR 8705.2).
– All requirements in the following chapters of NPR 8715.3:• Nuclear Safety for Launching Radioactive Materials (Chapter 6),• Experimental Aerospace Vehicle (EAV) Indemnification (Chapter 10), and• Micrometeoroid Environment Program (Chapter 11).
– Requirements designated in writing from the Chief, OSMA as a result of audits, mishaps, or those of special interest to senior NASA management.
Note: This may be done for specific worksites, projects, programs, Agency-wide, one Center, or other, and may be designated for a specified period of time.
– All “Directed Requirements.”
(continued next page)
National Aeronautics and Space Administration
17
What is and is not Delegated?
• Requirements CONDITIONALLY reserved by Chief, OSMA (Continued)– When relief is requested for a Mandatory Standard which would relieve more that
50% of the Standard or would relieve whole Chapters either through tailoring or through another standard (aka: meet/exceed).
• IF NONE of the requirements in the NASA-STD are reserved for Chief, OSMA Adjudication then the relief authority is delegated, otherwise it is reserved.
• IF request is being requested for more than one Program or Center/Facility or non-tightly coupled project, then it is reserved.
– NASA Safety Standard 1740.12, NASA-Standard 8719.9, NASA-Standard 8719.12, and NASA-Standard 8719.17:
• The request shall be reviewed by the OSMA Occupational Safety Health Administration (OSHA) point of contact within the NASA Headquarters OSMA prior to adjudication of the request .
National Aeronautics and Space Administration
18
Who’s done Applicability Studies of SMA Requirements?
• Applicability Studies:– Constellation– Launch Services Program– (in work) Commercial Crew, MPCV/Orion, 21st Century Launch System– (in work) new JPL Contract
• OSMA can help with the Traceability through the use of SMARTS (Safety & Mission Assurance Requirements Tracking System)
Whole LSP Subdivisions of LSP What Applies?
National Aeronautics and Space Administration
19
Summary
• Many requirements are required by higher authority and MUST be followed.
• The earlier in a program’s life-cycle requirements are implemented:– By knowing limitations, reduce early design options to investigate– Avoid designing in non-compliances which can not be ‘corrected’ later in life– Fewer redesign efforts needed– Easier to implement– Better definition of project at Preliminary Design Review
• NASA’s experience with early integration of Mission Success requirements:– Easier overall management planning– Lower cost– Fewer problems later in design– Lower risk– Higher likelihood of Mission Success