The document discusses the importance of implementing safety requirements early in program development. Requirements related to orbital debris, mishaps, and human rating must be traced from higher-level documents down to implementation at lower levels. Conducting an applicability study can help determine which requirements apply at each level. Implementing requirements early through this process can reduce costs and risks and help ensure mission success. The NASA Office of Safety and Mission Assurance oversees requirement development and helps with requirement traceability.
1. National Aeronautics and Space Administration
Designing in Safety
Through Early Safety
Requirements Management
John W. Lyver, IV, Ph.D.
NASA Headquarters
Office of Safety & Mission Assurance
JLyver@NASA.GOV 202/358-1155
February 22, 2012
2. National Aeronautics and Space Administration
NASA Core Values
To achieve mission success, program managers and institutional
managers must balance a reliance on good engineering practices
that are within the laws of physics yet apply sufficient caution to
limit risk and protect the workers and the public.
2
3. National Aeronautics and Space Administration
2010 National Space Policy
Page 1:
“The growth and evolution of the global
economy has ushered in an ever-increasing
number of nations and organizations using
space. … decades of space activity have
littered Earth’s orbit with debris; and as the
world’s space-faring nations continue to
increase activities in space, the chance for a
collision increases correspondingly.
Page 4:
GOALS: (3) Strengthen Stability in Space
… strengthening measures to mitigate orbital
debris.
Page 7:
Preserve the Space Environment.
the United States shall:
- Lead … policies to minimize debris …
3
http://www.whitehouse.gov/sites/default/files/national_space_policy_6-28-10.pdf
4. National Aeronautics and Space Administration
NASA Policy Documents
U.S. Government Laws/Regulations, Executive Orders,
U.S. Government Interagency Requirements/Agreements
International Treaties/Policies/Agreements
NPD: NASA Policy Directives
(Formerly: NMI)
NPR: NASA Procedural Requirements Joint Documents with Partners
(Formerly: NPG)
NASA-STD: NASA Technical Standards VCS: Voluntary Consensus Standards
(Formerly: NHB)
NASA-HDBK: NASA Handbooks NASA/SP: NASA Special Publications
(Also: NASA/TP, NASA/TR, NASA-Pub)
4
5. National Aeronautics and Space Administration
Why should this be done early?
• Many requirements are required by higher authority and MUST be followed.
• The earlier in a program‟s life-cycle requirements are implemented:
– By knowing limitations, reduce early design options to investigate
– Avoid designing in non-compliances which can not be „corrected‟ later in life
– Fewer redesign efforts needed
– Easier to implement
– Better definition of project at Preliminary Design Review
• NASA‟s experience with early integration of Mission Success requirements:
– Easier overall management planning
– Lower cost
– Fewer problems later in design
– Lower risk
– Higher likelihood of Mission Success
5
6. National Aeronautics and Space Administration
Example:
Pre-Acquisition Orbital Debris Requirements
• Orbital Debris are relatively easy to determine applicability. All always apply.
• Many OD requirement drive the base design of a spacecraft
– Altitude-of-operations produces different levels of risk shielding/self-protection
– End of Life requirements Disposal method (controlled reentry or super-GEO)
• Materials used
• Amount of fuel needed at EOM
– Use of Tethers
– Generation of OD in normal operations
• Adding Pre-Acquisition OD Analysis Report (NASA-STD 8719.14A App A, A.4):
– Intended to identify barriers to full compliance with US Gov‟t OD Std Mitigation Practices
early enough in the process where overt decisions/changes can reasonably be made
• Quick test of OD requirements that affect the design
– About 3-6 pages long
• NPR 7120.5”E” & NPR 8715.6”B” (both currently in NODIS Review) Require:
– Used as a mandatory review point in Acquisition Strategy Meeting(ASM)
– Show areas which my become non-compliant and by KDP A shall either:
• Have the problem corrected through design change, or
• Have waiver approved, or
• Have corrective action plan
6
7. National Aeronautics and Space Administration
Example:
NASA‟s Orbital Debris Requirements
Pre-EOM Passivation
Notification & Disposal
SRR PDR CDR SMSR Launch In-flight EOM
Reviews
-45 days
-30 to -60 days
ODAR
PreAcquisition Initial Updated NC Approved
Reference Document
Questionnaire Draft Draft Review Final
EOMP
Initialed Periodic Updates Approved Final
Launch at Disposal
Draft
7
9. National Aeronautics and Space Administration
What is Traceability
• Traceability is:
– Knowing the reason why a requirement exists
– What higher level requirements are directing lower level requirements
– Which level of management really controls the base requirement
– Knowing which parent requirements are implemented
– It is NOT verification that a requirement is being implemented/performed
• Definition: “Requirement” (aka: ”shall statement”)
– A documented paragraph directing someone to do something
– New requirements use: “shall” for Mandatory, and “may” (et al) for permission
– A well written requirement is:
• 1 paragraph
• 1 time period
• 1 actionee
• 1 action / product / outcome (or 1 set)
• Verifiable
• Clear & understandable
• How is Traceability established?
– Can be traced at the document, and/or chapter, and/or requirement level
– Formalized through an agreement between the levels of management involved in
the requirements
9
10. National Aeronautics and Space Administration
What do we get out of tracing requirements
1. >99% Program
2. Build History
3. Waiver/Exception Processing
4. Assist in Updating
5. Improved Auditing Capability
6. Feedback
10
11. National Aeronautics and Space Administration
Step 1: Determine Applicability
• Senior organization identifies the list of documents which they “own,” “control,”
“implement,” “enforce,” …
• Determine which documents from the list of documents DO NOT APPLY to the lower
level.
• For each remaining document, build a matrix of the requirements (aka: shall
statements) and determine for each lower level organization whether the
requirement is:
– Directly applicable as written or with modification,
– Not applicable
– Indirectly applicable (somebody else will impose this requirement)
• Work done by Senior organization with help from lower orgs and is maintained by
Senior org.
Example: Project #1 Applicability
Doc Para # Text Req # Project #1 Project #2 Project #3
X 1 ABCD … 2-1 Appl Appl Appl
2 EFGH … 2-2 Not Appl Not Appl Not Appl
3 IJKL … 2-3 Appl with Mod: Appl with Mod: Not Appl
IJL… without K IJ… without K & L
4 MNOP … 2-4 Appl Appl Appl
5 QRST … 2-5 Not Appl Appl Not Appl
11
12. National Aeronautics and Space Administration
Step 2: Identification of Traceability
Next the following work is done by the junior organization:
• Lower Level Org identifies the requirement(s) at THEIR level that implements each
applicable requirement(s).
Note: This can be many-to-one, one-to-one, or one-to-many relationship.
• Add traces to applicability matrix.
Note: This identification is done by Lower Level Org but MUST have participation from Senior Org for
interpretation of senior requirements.
Example: Project #1 Applicability
Doc Para # Sr Doc Req # Project #1: Doc Project #1: Paragraph Project #1: Text
Text
X 1 ABCD … 2-1 Project #1: Doc “Y” 2.1 & 4.5 AAABCD
…
1.1 IJxxKL …
3 IJKL … 2-3 Project #1: Doc
“Y”
4 MNOP … 2-4 Project #1: Doc “Z” 3.3 AABNOP
…
12
13. National Aeronautics and Space Administration
Step 3: Develop Acceptable Tailoring
• Senior Org reviews provided traces to check for meet/exceed of each of the
applicable requirements.
• Senior organization checks to see if any changes „violate‟ direction senior to them
then processes waiver requests and updates applicability matrix with results.
• Senior organization issues report of the results of the Applicability/Traceability
effort to list:
– Non-applicable waivers granted
– Indirectly applicable requirements
– Directly applicable requirements
– Traces to directly applicable requirements
• Senior organization maintains report under their configuration management system
with copies available to lower level org.
NOTE: This process must be updated periodically as the documents within the Senior and Lower
Organizations changes.
13
15. National Aeronautics and Space Administration
Delegation of Authority
• NPR 1400.1 and NPD 8070.6 assigns responsibility to Chief,
OSMA for SMA TA requirements:
– Includes definition of requirements, maintenance of documents, and
waiver/deviation approval
• Definition: Waiver
– (1) A written authorization to depart from a specific directive requirement
(from NPR 1400.1)
– (2) A documented authorization releasing a program or project from meeting a
requirement after the requirement is put under configuration control at the level the
requirement will be implemented.
(from NPR 7120.5 paragraph 3.6.1.1 and NASA-STD 0005)
• Definition: Deviation
– A documented authorization releasing a program or project from meeting a
requirement before the requirement is put under configuration control at the level
the requirement will be implemented.
(from NPR 7120.5 paragraph 3.6.1.1 and NASA-STD 0005)
15
16. National Aeronautics and Space Administration
What is and is not Delegated?
• Anything NOT reserved for Chief, OSMA may be delegated
• Requirements ALWAYS reserved by Chief, OSMA (and may not be
delegated)
– All requirements in the following documents:
• Orbital Debris (NPR 8715.6 and NASA-STD 8719.14),
• Mishaps (NPR 8621.1), and
• Human Rating (NPR 8705.2).
– All requirements in the following chapters of NPR 8715.3:
• Nuclear Safety for Launching Radioactive Materials (Chapter 6),
• Experimental Aerospace Vehicle (EAV) Indemnification (Chapter 10), and
• Micrometeoroid Environment Program (Chapter 11).
– Requirements designated in writing from the Chief, OSMA as a result of audits,
mishaps, or those of special interest to senior NASA management.
Note: This may be done for specific worksites, projects, programs, Agency-wide, one Center,
or other, and may be designated for a specified period of time.
– All “Directed Requirements.”
(continued next page)
16
17. National Aeronautics and Space Administration
What is and is not Delegated?
• Requirements CONDITIONALLY reserved by Chief, OSMA (Continued)
– When relief is requested for a Mandatory Standard which would relieve more that
50% of the Standard or would relieve whole Chapters either through tailoring or
through another standard (aka: meet/exceed).
• IF NONE of the requirements in the NASA-STD are reserved for Chief, OSMA
Adjudication then the relief authority is delegated, otherwise it is reserved.
• IF request is being requested for more than one Program or Center/Facility or non-tightly
coupled project, then it is reserved.
– NASA Safety Standard 1740.12, NASA-Standard 8719.9,
NASA-Standard 8719.12, and NASA-Standard 8719.17:
• The request shall be reviewed by the OSMA Occupational Safety Health Administration
(OSHA) point of contact within the NASA Headquarters OSMA prior to adjudication of
the request .
17
18. National Aeronautics and Space Administration
Who‟s done Applicability
Studies of SMA Requirements?
• Applicability Studies:
– Constellation
– Launch Services Program
– (in work) Commercial Crew, MPCV/Orion, 21st Century Launch System
– (in work) new JPL Contract
• OSMA can help with the Traceability through the use of SMARTS
(Safety & Mission Assurance Requirements Tracking System)
Whole LSP Subdivisions of LSP What Applies?
18
19. National Aeronautics and Space Administration
Summary
• Many requirements are required by higher authority and MUST be followed.
• The earlier in a program‟s life-cycle requirements are implemented:
– By knowing limitations, reduce early design options to investigate
– Avoid designing in non-compliances which can not be „corrected‟ later in life
– Fewer redesign efforts needed
– Easier to implement
– Better definition of project at Preliminary Design Review
• NASA‟s experience with early integration of Mission Success requirements:
– Easier overall management planning
– Lower cost
– Fewer problems later in design
– Lower risk
– Higher likelihood of Mission Success
19