john.lyver safety
TRANSCRIPT
![Page 1: John.lyver safety](https://reader035.vdocuments.us/reader035/viewer/2022070316/555caceed8b42ab2358b4fd9/html5/thumbnails/1.jpg)
National Aeronautics and Space Administration
Designing in Safety Through Early Safety
Requirements Management
John W. Lyver, IV, Ph.D. NASA Headquarters
Office of Safety & Mission Assurance
[email protected] 202/358-1155
February 22, 2012
![Page 2: John.lyver safety](https://reader035.vdocuments.us/reader035/viewer/2022070316/555caceed8b42ab2358b4fd9/html5/thumbnails/2.jpg)
National Aeronautics and Space Administration
2
NASA Core Values
To achieve mission success, program managers and institutional managers must balance a reliance on good engineering practices that are within the laws of physics yet apply sufficient caution to
limit risk and protect the workers and the public.
![Page 3: John.lyver safety](https://reader035.vdocuments.us/reader035/viewer/2022070316/555caceed8b42ab2358b4fd9/html5/thumbnails/3.jpg)
National Aeronautics and Space Administration
3
2010 National Space Policy
Page 1:“The growth and evolution of the global economy has ushered in an ever-increasing number of nations and organizations using space. … decades of space activity have littered Earth’s orbit with debris; and as the world’s space-faring nations continue to increase activities in space, the chance for a collision increases correspondingly.
Page 4:GOALS: (3) Strengthen Stability in Space… strengthening measures to mitigate orbital debris.
Page 7:Preserve the Space Environment. the United States shall: - Lead … policies to minimize debris …
http://www.whitehouse.gov/sites/default/files/national_space_policy_6-28-10.pdf
![Page 4: John.lyver safety](https://reader035.vdocuments.us/reader035/viewer/2022070316/555caceed8b42ab2358b4fd9/html5/thumbnails/4.jpg)
National Aeronautics and Space Administration
4
NASA Policy Documents
U.S. Government Laws/Regulations, Executive Orders, U.S. Government Interagency Requirements/Agreements
International Treaties/Policies/Agreements
NPD: NASA Policy Directives
NPR: NASA Procedural Requirements
NASA-STD: NASA Technical Standards
NASA-HDBK: NASA Handbooks NASA/SP: NASA Special Publications
VCS: Voluntary Consensus Standards
Joint Documents with Partners
(Formerly: NMI)
(Formerly: NPG)
(Formerly: NHB)
(Also: NASA/TP, NASA/TR, NASA-Pub)
![Page 5: John.lyver safety](https://reader035.vdocuments.us/reader035/viewer/2022070316/555caceed8b42ab2358b4fd9/html5/thumbnails/5.jpg)
National Aeronautics and Space Administration
5
Why should this be done early?
• Many requirements are required by higher authority and MUST be followed.
• The earlier in a program’s life-cycle requirements are implemented:– By knowing limitations, reduce early design options to investigate– Avoid designing in non-compliances which can not be ‘corrected’ later in life– Fewer redesign efforts needed– Easier to implement– Better definition of project at Preliminary Design Review
• NASA’s experience with early integration of Mission Success requirements:– Easier overall management planning– Lower cost– Fewer problems later in design– Lower risk– Higher likelihood of Mission Success
![Page 6: John.lyver safety](https://reader035.vdocuments.us/reader035/viewer/2022070316/555caceed8b42ab2358b4fd9/html5/thumbnails/6.jpg)
National Aeronautics and Space Administration
6
Example:Pre-Acquisition Orbital Debris Requirements
• Orbital Debris are relatively easy to determine applicability. All always apply.• Many OD requirement drive the base design of a spacecraft
– Altitude-of-operations produces different levels of risk shielding/self-protection– End of Life requirements Disposal method (controlled reentry or super-GEO)
• Materials used• Amount of fuel needed at EOM
– Use of Tethers– Generation of OD in normal operations
• Adding Pre-Acquisition OD Analysis Report (NASA-STD 8719.14A App A, A.4):– Intended to identify barriers to full compliance with US Gov’t OD Std Mitigation Practices
early enough in the process where overt decisions/changes can reasonably be made• Quick test of OD requirements that affect the design
– About 3-6 pages long• NPR 7120.5”E” & NPR 8715.6”B” (both currently in NODIS Review) Require:
– Used as a mandatory review point in Acquisition Strategy Meeting(ASM)– Show areas which my become non-compliant and by KDP A shall either:
• Have the problem corrected through design change, or• Have waiver approved, or• Have corrective action plan
![Page 7: John.lyver safety](https://reader035.vdocuments.us/reader035/viewer/2022070316/555caceed8b42ab2358b4fd9/html5/thumbnails/7.jpg)
National Aeronautics and Space Administration
7
Example: NASA’s Orbital Debris Requirements
EOMSRR PDR CDR SMSR Launch
Passivation & Disposal
Pre-EOM Notification
In-flight Reviews
EOMPInitialed Launch Draft
Periodic Updates Approved Final at Disposal
ODAR
Initial Draft
Updated Draft
NC Review
Approved Final
Reference Document
-45 days-30 to -60 days
PreAcquisition Questionnaire
![Page 8: John.lyver safety](https://reader035.vdocuments.us/reader035/viewer/2022070316/555caceed8b42ab2358b4fd9/html5/thumbnails/8.jpg)
National Aeronautics and Space Administration
8
Requirement Applicability and
Traceability
![Page 9: John.lyver safety](https://reader035.vdocuments.us/reader035/viewer/2022070316/555caceed8b42ab2358b4fd9/html5/thumbnails/9.jpg)
National Aeronautics and Space Administration
9
What is Traceability
• Traceability is:– Knowing the reason why a requirement exists– What higher level requirements are directing lower level requirements– Which level of management really controls the base requirement– Knowing which parent requirements are implemented – It is NOT verification that a requirement is being implemented/performed
• Definition: “Requirement” (aka: ”shall statement”)– A documented paragraph directing someone to do something– New requirements use: “shall” for Mandatory, and “may” (et al) for permission– A well written requirement is:
• 1 paragraph• 1 time period• 1 actionee• 1 action / product / outcome (or 1 set)• Verifiable • Clear & understandable
• How is Traceability established?– Can be traced at the document, and/or chapter, and/or requirement level– Formalized through an agreement between the levels of management involved in the
requirements
![Page 10: John.lyver safety](https://reader035.vdocuments.us/reader035/viewer/2022070316/555caceed8b42ab2358b4fd9/html5/thumbnails/10.jpg)
National Aeronautics and Space Administration
10
What do we get out of tracing requirements
1. >99% Program
2. Build History
3. Waiver/Exception Processing
4. Assist in Updating
5. Improved Auditing Capability
6. Feedback
![Page 11: John.lyver safety](https://reader035.vdocuments.us/reader035/viewer/2022070316/555caceed8b42ab2358b4fd9/html5/thumbnails/11.jpg)
National Aeronautics and Space Administration
11
Step 1: Determine Applicability
• Senior organization identifies the list of documents which they “own,” “control,” “implement,” “enforce,” …
• Determine which documents from the list of documents DO NOT APPLY to the lower level.
• For each remaining document, build a matrix of the requirements (aka: shall statements) and determine for each lower level organization whether the requirement is:– Directly applicable as written or with modification,– Not applicable– Indirectly applicable (somebody else will impose this requirement)
• Work done by Senior organization with help from lower orgs and is maintained by Senior org.
Not ApplApplNot Appl2-5QRST …5
ApplApplAppl2-4MNOP …4
Not ApplAppl with Mod:
IJ… without K & L
Appl with Mod:
IJL… without K
2-3IJKL …3
Not ApplNot ApplNot Appl2-2EFGH …2
ApplApplAppl2-1ABCD …1X
Project #3Project #2Project #1Req #TextPara #Doc
Example: Project #1 Applicability
![Page 12: John.lyver safety](https://reader035.vdocuments.us/reader035/viewer/2022070316/555caceed8b42ab2358b4fd9/html5/thumbnails/12.jpg)
National Aeronautics and Space Administration
12
Step 2: Identification of Traceability
Next the following work is done by the junior organization:
• Lower Level Org identifies the requirement(s) at THEIR level that implements each applicable requirement(s).
Note: This can be many-to-one, one-to-one, or one-to-many relationship.• Add traces to applicability matrix.
Note: This identification is done by Lower Level Org but MUST have participation from Senior Org for interpretation of senior requirements.
Project #1: Doc “Z”2-4MNOP …4
Project #1: Doc “Y”
2-3IJKL …3
Project #1: Doc “Y”2-1ABCD …1X
Project #1: DocReq #Sr Doc Text
Para #Doc
Example: Project #1 ApplicabilityProject #1: Paragraph
2.1 & 4.5
1.1
3.3
Project #1: Text
AABNOP …
IJxxKL …
AAABCD …
![Page 13: John.lyver safety](https://reader035.vdocuments.us/reader035/viewer/2022070316/555caceed8b42ab2358b4fd9/html5/thumbnails/13.jpg)
National Aeronautics and Space Administration
13
Step 3: Develop Acceptable Tailoring
• Senior Org reviews provided traces to check for meet/exceed of each of the applicable requirements.
• Senior organization checks to see if any changes ‘violate’ direction senior to them then processes waiver requests and updates applicability matrix with results.
• Senior organization issues report of the results of the Applicability/Traceability effort to list:– Non-applicable waivers granted– Indirectly applicable requirements– Directly applicable requirements– Traces to directly applicable requirements
• Senior organization maintains report under their configuration management system with copies available to lower level org.
NOTE: This process must be updated periodically as the documents within the Senior and Lower Organizations changes.
![Page 14: John.lyver safety](https://reader035.vdocuments.us/reader035/viewer/2022070316/555caceed8b42ab2358b4fd9/html5/thumbnails/14.jpg)
National Aeronautics and Space Administration
14
Who Determines Tailoring &
Applicability
![Page 15: John.lyver safety](https://reader035.vdocuments.us/reader035/viewer/2022070316/555caceed8b42ab2358b4fd9/html5/thumbnails/15.jpg)
National Aeronautics and Space Administration
15
Delegation of Authority
• NPR 1400.1 and NPD 8070.6 assigns responsibility to Chief, OSMA for SMA TA requirements:– Includes definition of requirements, maintenance of documents, and
waiver/deviation approval• Definition: Waiver
– (1) A written authorization to depart from a specific directive requirement (from NPR 1400.1)
– (2) A documented authorization releasing a program or project from meeting a requirement after the requirement is put under configuration control at the level the requirement will be implemented. (from NPR 7120.5 paragraph 3.6.1.1 and NASA-STD 0005)
• Definition: Deviation– A documented authorization releasing a program or project from meeting a
requirement before the requirement is put under configuration control at the level the requirement will be implemented. (from NPR 7120.5 paragraph 3.6.1.1 and NASA-STD 0005)
![Page 16: John.lyver safety](https://reader035.vdocuments.us/reader035/viewer/2022070316/555caceed8b42ab2358b4fd9/html5/thumbnails/16.jpg)
National Aeronautics and Space Administration
16
What is and is not Delegated?
• Anything NOT reserved for Chief, OSMA may be delegated
• Requirements ALWAYS reserved by Chief, OSMA (and may not be delegated)– All requirements in the following documents:
• Orbital Debris (NPR 8715.6 and NASA‑STD 8719.14),• Mishaps (NPR 8621.1), and• Human Rating (NPR 8705.2).
– All requirements in the following chapters of NPR 8715.3:• Nuclear Safety for Launching Radioactive Materials (Chapter 6),• Experimental Aerospace Vehicle (EAV) Indemnification (Chapter 10), and• Micrometeoroid Environment Program (Chapter 11).
– Requirements designated in writing from the Chief, OSMA as a result of audits, mishaps, or those of special interest to senior NASA management.
Note: This may be done for specific worksites, projects, programs, Agency-wide, one Center, or other, and may be designated for a specified period of time.
– All “Directed Requirements.”
(continued next page)
![Page 17: John.lyver safety](https://reader035.vdocuments.us/reader035/viewer/2022070316/555caceed8b42ab2358b4fd9/html5/thumbnails/17.jpg)
National Aeronautics and Space Administration
17
What is and is not Delegated?
• Requirements CONDITIONALLY reserved by Chief, OSMA (Continued)– When relief is requested for a Mandatory Standard which would relieve more that
50% of the Standard or would relieve whole Chapters either through tailoring or through another standard (aka: meet/exceed).
• IF NONE of the requirements in the NASA-STD are reserved for Chief, OSMA Adjudication then the relief authority is delegated, otherwise it is reserved.
• IF request is being requested for more than one Program or Center/Facility or non-tightly coupled project, then it is reserved.
– NASA Safety Standard 1740.12, NASA-Standard 8719.9, NASA-Standard 8719.12, and NASA-Standard 8719.17:
• The request shall be reviewed by the OSMA Occupational Safety Health Administration (OSHA) point of contact within the NASA Headquarters OSMA prior to adjudication of the request .
![Page 18: John.lyver safety](https://reader035.vdocuments.us/reader035/viewer/2022070316/555caceed8b42ab2358b4fd9/html5/thumbnails/18.jpg)
National Aeronautics and Space Administration
18
Who’s done Applicability Studies of SMA Requirements?
• Applicability Studies:– Constellation– Launch Services Program– (in work) Commercial Crew, MPCV/Orion, 21st Century Launch System– (in work) new JPL Contract
• OSMA can help with the Traceability through the use of SMARTS (Safety & Mission Assurance Requirements Tracking System)
Whole LSP Subdivisions of LSP What Applies?
![Page 19: John.lyver safety](https://reader035.vdocuments.us/reader035/viewer/2022070316/555caceed8b42ab2358b4fd9/html5/thumbnails/19.jpg)
National Aeronautics and Space Administration
19
Summary
• Many requirements are required by higher authority and MUST be followed.
• The earlier in a program’s life-cycle requirements are implemented:– By knowing limitations, reduce early design options to investigate– Avoid designing in non-compliances which can not be ‘corrected’ later in life– Fewer redesign efforts needed– Easier to implement– Better definition of project at Preliminary Design Review
• NASA’s experience with early integration of Mission Success requirements:– Easier overall management planning– Lower cost– Fewer problems later in design– Lower risk– Higher likelihood of Mission Success