POIC Safety Payload Operations & Integration Center Mitchell Moore Marshall Space Flight Center ARES Corporation POIC Safety 1
INTRODUCTION The Payload Operations Integration Center (POIC), at the Marshall Space Flight Center (MSFC), is chartered by the ISS program to perform payload operations safety responsibilities. The value of POIC, as the center of payload operations safety, is that decades of payload experience on manned space programs, combined with ISS payload-specific and safety training, yields an unparalleled base of knowledge and expertise from which to fulfill the safety functions 2
CONTACT INFORMATION POIC Safety – FD32 (Payload Operations &Integration Function) –Mitchell –Kristi –Bob –Raymond –Steven –POIC Safety Console
PRE-FLIGHT PAYLOAD OPERATIONS SAFETY Independent Safety Verification Review (ISVR): (For NASA sponsored payloads & all payloads operated in US elements) –Purpose is to provide a final, independent, top-to-bottom assessment that all operations controls defined in the payload hazard reports are correctly reflected in the crew procedures –As a station-wide payload function, the ISVR is also performed on all International Partner payloads, Lab Support Equipment, and integrated hazards. –The ISVR begins after Phase III hazard reports are signed and baseline crew procedures become available. –POIC Safety reviews and assesses the procedures and flight rules against the signed hazard reports, the PHCM (Payload Hazard Control Matrix), and the payload customer-provided operational hazard control references to ensure all operational controls are properly documented. 4
PRE-FLIGHT POIC SAFETY PRODUCTS SDP Procedures Crew Training PHCMs ISVR Payload Developer Verification Status Ops Control Documentation POIC Safety ISSP CoFR CREW FAMILIARIZATION TRAINING GSP Training Flight Rules Primary Verification Independent Verification 5
PRE-FLIGHT PAYLOAD OPERATIONS SAFETY The first step in the pre-flight operational safety process is the assessment of Safety Data Packages (SDPs): –The SDP goes through a series of phased reviews sponsored by the Payload Safety Review Panel (PSRP) at Johnson Space Center (JSC) –The payload customer defines known or conceived operational hazards in hazard reports included in the SDP –Each payload has a unique SDP –POIC Safety and other POIC flight controllers reviews and provides input to the SDPs 6
PRE-FLIGHT PAYLOAD OPERATIONS SAFETY The first step in the pre-flight operational safety process is the assessment of Safety Data Packages (SDPs): CONTINUED –Ops hazard controls are derived from hazard reports in SDPs. An operational hazard is controlled by : Crew Procedures, Flight Rules or Training Examples: Mate/Demate – Verify power is removed before connecting power cables. Touch Temperature – Verify temperature is less than 49 C before opening. Structural Failure – Verify 3 of 4 bolts are torque’d to 75 in-lbs for return. Crew Procedures - The payload customer develops the procedures and incorporates all procedural hazard controls Flight Rules- POIC Safety will assist the Payload Developer and the Payload Operations Director in developing the flight rule per hazard report inputs and verify that all flight rule hazard controls identified are properly documented. Training- This control is allowed only when a technique, skill or perception needed to control hazards cannot be captured by procedures or flight rules. The payload customer provides the crew training, and POIC Safety tracks the training hazard controls and ensures that the training activities are scheduled and completed –POIC Safety will independently verify operational hazard controls for effective and correct implementation. 7
PRE-FLIGHT PAYLOAD OPERATIONS SAFETY Payload Hazard Control Matrices (PHCM): –Documents all payload operational hazard controls in a single reference product –Compilation of all mission specific operational hazard controls, and it tracks the implementation and independent verification of the operational hazard controls. –The verification status of crew procedures, flight rules and training include the procedure reference and step, rule numbers, and course completion dates. –A control board approved product for reference in real- time operations. 8
PRE-FLIGHT PAYLOAD OPERATIONS SAFETY Payload On-Orbit MaintenancePayload On-Orbit Maintenance (OOM): –If applicable, after safety reviews POIC Safety builds OOM reports for Payloads approved to perform maintenance on-orbit. –Payloads may require maintenance activities, due to the longevity of ISS, in order to sustain hazard controls documented in hazard reports. –Any payload that plans on performing maintenance on-orbit, must submit a Maintenance Hazard Assessment to the PSRP to assess hazards applicable to opening non-nominal areas of the hardware. –POIC Safety submits this approved list into the Payload Regs. 9
Payload On-Orbit MaintenancePayload On-Orbit Maintenance (OOM): –Corrective Maintenance is only allowed on payloads with prior approval of their MHA (Maintenance Hazard Assessment) by the PSRP (Payload Safety Review Panel) and submittal/approval of their maintenance procedures to POIC. Corrective maintenance will only be approved for scheduling once maintenance procedures are approved by POIC. RationaleRationale –The purpose of this regulation is to maintain a safe access to all components of the payload’s hardware. The Maintenance Hazard Assessment is to control hazards that could result from access to nominally inaccessible components. This required assessment address’: –Safe Access- all potential access paths for contact hazards (such as sharp edges, touch temperature, stored energy and electrical shock, etc.) that may be present during maintenance activities. –Modification of Existing Safety Features-hazards that maintenance activities could create (contamination), this includes establishing why the maintenance tasks are safe and why it is acceptable to defeat any hazard controls during the maintenance activity. – Re-verification of Safety Critical Features-the approach to verify or re-verify any safety critical features that may be modified during maintenance and that will be required during subsequent operations. –Reference: Interpretation Letter MA , PSRP, NSTS/ISS B Rev B “Interpretations of NSTS/ISS Payload Safety Requirements”. PRE-FLIGHT PAYLOAD OPERATIONS SAFETY 10
ULF-1 Payload Reg for OOM PayloadMaintenance Operations Approved via MHA Procedure No.Procedure Title Approved for Scheduling MELFI Brayton Machine CARTRIDGE CHANGOUTMGULMELFC001Brayton Machine CARTRIDGE CHANGOUTYES ELECTRONICS UNIT ReplacementMGULMELFC002ELECTRONICS UNIT ReplacementYES Nitrogen ReplenishmentMGULMELFC003Nitrogen ReplenishmentYES RIU Fuse ReplacementMGULMELFC007RIU Fuse ReplacementYES COMPLETE DEWAR DE-ICINGMGULMELFC006COMPLETE DEWAR DE-ICINGYES MELFI NITROGEN Pressure CheckMGULMELFN008MELFI NITROGEN Pressure CheckYES WORF WORF FAILED RIC REPLACEMENTMGUEWORFC003WORF FAILED RIC REPLACEMENTYES WORF FAILED AAA REPLACEMENTMGUEWORFC004WORF FAILED AAA REPLACEMENTYES WORF FAILED SSPCM REPLACEMENTMGUEWORFC005WORF FAILED SSPCM REPLACEMENTYES WORF FAILED PEHB REPLACEMENTMGUEWORFC006WORF FAILED PEHB REPLACEMENTYES WORF FAILED BEMU REPLACEMENTMGUEWORFC007WORF FAILED BEMU REPLACEMENTYES WORF FAILED SMOKE DETECTOR REPLACEMENT MGUEWORFC012 WORF FAILED SMOKE DETECTOR REPLACEMENT YES PRE-FLIGHT PAYLOAD OPERATIONS SAFETY 11
PRE-FLIGHT PAYLOAD OPERATIONS SAFETY Integrated Experiment Hazard Analysis (IEHA): –A report generated by Missions Operations Directorate (MOD) at Johnson Space Center for integrated hazards. –Integrated hazards are defined as those hazards associated with the interaction of one payload to another, or the interaction of a payload with the ISS systems or other equipment. –The purpose of a IEHA is to document how integrated hazards are addressed for the payloads onboard the ISS for each stage and/or flight –POIC Safety is a Responsible Verification Organization (RVO) for mission-based IEHA reports –The mission-specific IEHAs are distributed in three stages: –Preliminary –Draft –Final 12
PRE-FLIGHT PAYLOAD OPERATIONS SAFETY ISS Hazardous Material (HAZMAT ) Database: –HAZMAT is information about the chemical and biological materials flown on the STS and ISS pressurized volumes at any given time. –The HAZMAT tables are submitted to POIC Safety from the Toxicology Office at JSC –It contents: Payload hardware containing toxic samples, toxicity hazard levels, IMS (barcode) location identifier, toxic sample name, toxic sample chemical/biological properties, concentration and volume –POIC Safety coordinates review of the HMST (Hazardous Materials Summary Tables) files. Included, is a review of proper Ops nomenclature, proper Bar Code & Part Numbers, and the complete list of payloads, verified against the manifest. –After the review, POIC Safety submits comments to the Toxicology Office and notes any discrepancies and/or approvals. Once the final version is given to POIC Safety, it is distributed to appropriate flight controllers for console operations 13
PRE-FLIGHT PAYLOAD OPERATIONS SAFETY Crew Payload Complement Training & Ground Support Training: –Crew Payload Complement Training (“Familiarization”): Familiarize the crew on all payload operational hazard controls POIC Safety presents at a one-on-one forum with the crew; the controls for the mission-specific payload hazards, including the operational hazard controls, and the fire detection method for payloads –Ground Support Personnel Training: Trains and educates the POIC real-time flight controllers on all mission-specific payload operational hazards/controls POIC Safety produces a detailed package of all the information about the payload hazards and payload hazard controls listing the hazard report number,verification method, any applicable flight rules, and a diagram or picture of the payload or rack pointing to the control mechanism This training is a required class for flight controller certification for real-time operations 14
PRE-FLIGHT PAYLOAD OPERATIONS SAFETY Certificate of Flight Readiness (CoFR): –The final step prior to real-time operations is to certify to the ISS Program through the CoFR process that all safety milestones have been met. –Payload operations supplies a CoFR statement endorsing that all products used in real-time operations have been verified for safety compliance. This includes procedures, Flight Rules, and the PHCM. –CoFR also includes certification of GSP training, including flight controller training on hazard controls. 15
REAL-TIME PAYLOAD OPERATIONS SAFETY Nominal Operations: –Overall real-time safety is the responsibility of the POIC cadre under the direction of the Payload Operations Director (POD). –POIC Flight Control team is responsible for making sure NASA payload activities conducted, either by crew or remotely from the ground, adhere to documented Flight Rules and other safety constraints. –Ops Controller (OC) is the responsible POIC flight controller to monitor and maintain cognizance of hazard controls and potential safety situations on-board. –POIC Safety works closely with the OC to ensure awareness about payloads that have operational hazards (On-Call….24x7) 16
REAL-TIME PAYLOAD OPERATIONS SAFETY Response to Anomalies: –The POIC Flight Control Team works with both the Mission Control Center- Houston team and the ISS MER Safety team on any payload safety problems, responses, and impacts –POD and OC work issues and responses with the ISS Mission Evaluation Room (MER) Safety team for all of the Safety of Flight (SOF) issues –OC Leads efforts for all payload operations response in an off-nominal situation involving SOF POIC Safety will be called in for off-nominal situation POIC Safety uses resources such as Safety Data Packs, signed Hazard Reports, and the PHCM to help resolve payload anomalies. Hazard Control Changes: –POIC Safety reviews crew procedures for changes to existing operational hazard controls, implementation of new hazard controls, or changes in the step number where the hazard controls are found 17
REAL-TIME PAYLOAD OPERATIONS SAFETY Hazard Control Changes - CONTINUED: If a change is made to an existing hazard control or implementation of a new hazard control, POIC Safety notifies the PSRP. Responsible for keeping real-time products current –Because of the changes that occur within crew procedures, The PHCM is updated to reflect changes that occur as a result of operations change requests (OCR’s). POIC Safety coordinates with Payload Engineering and Integration for anomalies involving integrated payload safety issues, and engineering assessments. POIC Safety notifies and coordinates payload safety issues/dispositions with MER Safety to ensure proper coordination of a payload SOF issue. 18
REAL-TIME POIC SAFETY INTERFACES POD POIC Safety OC MER/S&MA Safety Payload Developers (Users) PSRP Payload Engineering Integration On-Call Expertise Coordinate SOF issues Communicate: On-orbit payload hazard controls, maintenance items, payload safety assessments -Official Communication of safety issues and their resolution -Real-time response to anomalies Anomalies impacting safety, hazard control modifications Integrated payload safety issues, engineering assessments Real-time Response to anomalies Proposed ESA Interface 19
Questions What format will ESA’s “PHCM” utilize and how will that data be exchanged? Will ESA interface with the Toxicology Group in Houston and will they utilize the HAZMAT Database? How will POIC Safety get notification of anomalies on NASA sponsored payloads in the Columbus module? How will ESA document payloads that are approved for Maintenance on- orbit? 20
Acronyms CoFRCertification of Flight Readiness HMSTHazardous Material Summary Tables IEHAIntegrated Experiment Hazard Assessment ISSInternational Space Station ISVRIndependent Safety Verification Review MERMission Evaluation Room MODMissions Operations Directorate MSFCMarshall Space Flight Center OCOperations Controller OOM On-Orbit Maintenance PHCM Payload Hazard Control Matrix PODPayload Operations Director POIC Payload Operations Integration Center PSRP Payload Safety Review Panel RVOResponsible Verification Organization SDP Safety Data Packs SOFSafety of Flight 21