Futron Corporation 400 Virginia Avenue,SW Suite 340 Washington, DC 20024-2730 Phone 202-488-2931 Fax 202-488-7863 NASA PRA Practices.

Slides:



Advertisements
Similar presentations
Integra Consult A/S Safety Assessment. Integra Consult A/S SAFETY ASSESSMENT Objective Objective –Demonstrate that an acceptable level of safety will.
Advertisements

Operation & Maintenance Engineering Detailed activity description
Reproduction interdite © ALMA EUROPEAN CONSORTIUM Reproduction forbidden Design, Manufacture, Transport and Integration in Chile of ALMA Antennas Page.
1)List and briefly describe the three project quality management processes. Quality Planning: Identify which quality standards are relevant to project.
Panel discussion on the future of software in support of microbial risk assessment.
Lecture 8: Testing, Verification and Validation
PROJECT RISK MANAGEMENT
Software Quality Assurance Plan
The Software Project Management Discipline Succes software projects require careful planning and good use of iterative approaches. Understanding risks.
Framework for comparing power system reliability criteria Evelyn Heylen Prof. Geert Deconinck Prof. Dirk Van Hertem Durham Risk and Reliability modelling.
Chapter 14 Schedule Risk Management Dr. Ayham Jaaron Second Semester 2010/2011.
International Energy Agency Hydrogen Implementing Agreement Proposed Task on Hydrogen Safety.
Software Quality Assurance (SQA). Recap SQA goal, attributes and metrics SQA plan Formal Technical Review (FTR) Statistical SQA – Six Sigma – Identifying.
5 december 2011 Living Probabilistic Asset Management Dr.ir. J.A. van den Bogaard.
Copyright © 2013 United Launch Alliance, LLC. Unpublished Work. All Rights Reserved. Civil Space 2013 Critical Challenges: Safety, Mission Assurance, and.
Human Rating Requirements for NASA’s Constellation Program Presented by Debbie Berdich Aerospace Medical Association (AsMA) 80 th Annual Scientific Meeting.
Introduction to Project Management Avneet Mathur
6/23/2015 Risk-Informed Process and Tools for Permitting Hydrogen Fueling Stations Jeffrey LaChance 1, Andrei Tchouvelev 2, and Jim Ohi 3 1 Sandia National.
Title slide PIPELINE QRA SEMINAR. PIPELINE RISK ASSESSMENT INTRODUCTION TO RISK IDENTIFICATION 2.
Annex I: Methods & Tools prepared by some members of the ICH Q9 EWG for example only; not an official policy/guidance July 2006, slide 1 ICH Q9 QUALITY.
Basics of Fault Tree and Event Tree Analysis Supplement to Fire Hazard Assessment for Nuclear Engineering Professionals Icove and Ruggles (2011) Funded.
Safety Management System Performance Based on Organizational Factors of “Seveso” sites Papadakis Georgios A., Kokkinos Konstantinos G. & Machaira Paschalia.
Project Management: Madness or Mayhem
Risk Assessment and Probabilistic Risk Assessment (PRA) Mario. H. Fontana PhD.,PE Research Professor Arthur E. Ruggles PhD Professor The University of.
Risk Management - the process of identifying and controlling hazards to protect the force.  It’s five steps represent a logical thought process from.
5-1 Constellation Space Suit System Government Capabilities and Facilities Crew and Thermal Systems Division.
OSMA2003 Center for Reliability Engineering 1 Integrating Software into PRA Presented by C. Smidts Center for Reliability Engineering University of Maryland.
ERT 312 SAFETY & LOSS PREVENTION IN BIOPROCESS RISK ASSESSMENT Prepared by: Miss Hairul Nazirah Abdul Halim.
ERT 322 SAFETY AND LOSS PREVENTION RISK ASSESSMENT
FCS - AAO - DM COMPE/SE/ISE 492 Senior Project 2 System/Software Test Documentation (STD) System/Software Test Documentation (STD)
Centro de Estudos e Sistemas Avançados do Recife PMBOK - Chapter 4 Project Integration Management.
Quick Recap Monitoring and Controlling. Phases of Quality Assurance Acceptance sampling Process control Continuous improvement Inspection before/after.
FAULT TREE ANALYSIS (FTA). QUANTITATIVE RISK ANALYSIS Some of the commonly used quantitative risk assessment methods are; 1.Fault tree analysis (FTA)
Robotics & Engineering Design Projective Management Chin-Sung Lin Eleanor Roosevelt High School.
M. Frize, Winter 2003 Reliability and Medical Devices Prof. Monique Frize, P. Eng., O.C. ELG5123/ February 2003.
Building Dependable Distributed Systems Chapter 1 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University
11th International Symposium Loss Prevention 2004 Prague Ľudovít JELEMENSKÝ Department of Chemical and Biochemical Engineering, STU BRATISLAVA, SLOVAKIA.
Safety-Critical Systems 5 Testing and V&V T
TACIS Project: R8.01/98 – TRANSLATION, EDITING AND DIFFUSION OF DOCUMENTS (Result Dissemination) Probabilistic Safety Analysis Technology (PSA) TACIS R3.1/91.
Why are Space Stations so Hard? Bill Dwyer, NASA-JSC ISS Command and Data Handling System Hardware System Manager Ex-Space Station Freedom Data Management.
1 DISTRIBUTION A. Approved for Public Release; Distribution Unlimited. 88ABW , 23 May Integrity  Service  Excellence ADT 101: Introduction.
Requirements Management with Use Cases Module 10: Requirements Across the Product Lifecycle Requirements Management with Use Cases Module 10: Requirements.
Software Architecture Risk Assessment (SARA) Tool Khader Shaik, Wallid Abdelmoez, Dr. Hanny Ammar Lane Department of Computer Science and Electrical Engineering,
Software Engineering1  Verification: The software should conform to its specification  Validation: The software should do what the user really requires.
Solar Probe Plus A NASA Mission to Touch the Sun March 2015 Instrument Suite Name Presenter's Name.
RLV Reliability Analysis Guidelines Terry Hardy AST-300/Systems Engineering and Training Division October 26, 2004.
Guide to the Identification of Safety-Critical Hardware Items for RLV Developers COMSTAC RLV Working Group Meeting Washington D.C. 25 May 2005.
Erman Taşkın. Information security aspects of business continuity management Objective: To counteract interruptions to business activities and to protect.
SAS-05-SpecTRM-TeamX- Meshkat 1 Infusing SpecTRM in the TeamX environment Leila Meshkat¹, Kathryn Weiss², Michael Luna¹, Nancy Leveson² 1: Jet Propulsion.
IAEA Training Course on Safety Assessment of NPPs to Assist Decision Making Diablo Canyon NPP Probabilistic Risk Assessment Program Workshop Information.
Probabilistic Risk Assessment and Conceptual Design Bryan C Fuqua – SAIC Diana DeMott – SAIC
IAEA Training Course on Safety Assessment of NPPs to Assist Decision Making PSA Quantification. Analysis of Results Workshop Information IAEA Workshop.
Initiating Event Analysis IAEA Training Course on Safety Assessment of NPPs to Assist Decision Making Workshop Information IAEA Workshop City, Country.
SwCDR (Peer) Review 1 UCB MAVEN Particles and Fields Flight Software Critical Design Review Peter R. Harvey.
IAEA Training Course on Safety Assessment of NPPs to Assist Decision Making Diablo Canyon NPP Maintenance Rule Program Workshop Information IAEA Workshop.
Toward a New ATM Software Safety Assessment Methodology dott. Francesca Matarese.
Phil Dempsey ISS Vehicle Office July 15, 2014 Inspection Considerations from the ISS Program NASA In-Space Inspection Workshop 2014.
Failure Modes, Effects and Criticality Analysis
ON “SOFTWARE ENGINEERING” SUBJECT TOPIC “RISK ANALYSIS AND MANAGEMENT” MASTER OF COMPUTER APPLICATION (5th Semester) Presented by: ANOOP GANGWAR SRMSCET,
Methodologies and Algorithms
Fault Trees.
PRA: Validation versus Participation in Risk Analysis PRA as a Risk Informed Decision Making Tool Richard T. Banke– SAIC
Project Integration Management
of Heritage and New Hardware For Launch Vehicle Reliability Models
Presented By: Daniel J. Brown, CQA
Quantitative Risk Assessment
Knowing When to Stop: An Examination of Methods to Minimize the False Negative Risk of Automated Abort Triggers RAM XI Training Summit October 2018 Patrick.
RISK MANAGEMENT MARKET & SOCIAL RESEARCH
From Space, Down to Earth
Preliminary Hazard Analysis of Bunker
Presentation transcript:

Futron Corporation 400 Virginia Avenue,SW Suite 340 Washington, DC Phone Fax NASA PRA Practices and Needs for the New Millennium International Space Station Probabilistic Risk Assessment Stage 7A October 25-26, 2000

October 23,2000 ISS PRA Purpose of ISS PRA Provide a decision support tool for the ISS program that evaluates safety and mission assurance risk Objectives  Provide risk data across ISS functions/systems (useful to operations planners as well as follow-on development managers)  Ensure synergy with ongoing safety, reliability, and risk management activities Scope  Develop the PRA in phases (allows for strategic/tactical changes to approach)  Consider only the catastrophic end states of loss of station, crew, module, or mission  Incorporate existing safety and reliability data

October 23,2000 ISS PRA PRA Products Risk model capable of assessing risks due to changes in ISS configuration, operations, or environmental factors Probability distribution functions (including median values, mean values and uncertainties) for the end states, events, and accident scenarios Trade and sensitivity analyses (i.e. effects of: system upgrades; risk mitigation strategies; modeling assumption changes etc.) Identification of any discrepancies found in existing safety and reliability analyses (provides independent check)

October 23,2000 ISS PRA Phased Approach

October 23,2000 ISS PRA Definitions Event Sequence Diagram (ESD) - ESDs show the progression of an initiating event to all the possible end states. Initiating Event - Initiating events begin the event sequences.  Single component failure or a combination of failures  Start of a procedure  Energetic external event Pivotal Event - Pivotal events are those that must occur in order to prevent the initiating event from propagating further. These may take the form of safety systems, procedural steps, crew or ground intervention, physical conditions, or time constraints. End States - Terminating point of an event sequence. An ESD can have multiple end states. Sequence - Accident scenario. A path through the ESD from initiator to a bad end state Basic Events - Lowest quantified part of the model

October 23,2000 ISS PRA Model Philosophy Stage 7A (including previous stages) is assembled correctly All equipment is operational at start of 7A Structural failures are not credible Spares noted in logistics plans are on station Repair actions incorporate  restoration of initiating events  restoration of onboard spared items Human errors are not initiating events  They do contribute to pivotal events Russian EVA resources not available  Procedures do not yet show the use of these assets Software is perfect for this iteration of the model

October 23,2000 ISS PRA Stage 7A Configuration Airlock is attached and functional Model includes:  3 Crew members  8 Months of operations  3 Progress dockings  3 Orbiter dockings  2 Soyuz dockings  1 Soyuz port change  1 Avoidance maneuvers  2 Reboost burns  3 EVAs

October 23,2000 ISS PRA End State Definitions Station and Crew are Functional (OK)  This end state signifies that the station is still working with the flight rule constraints Loss of Station and Crew (LOS/C)  Catastrophic loss of the station and crew Loss of Crew (LOC)  Resultant loss of a crew-member  Also includes the inability to evacuate the station due to evacuation end state and the unavailability of either Soyuz or Orbiter to perform such a task

October 23,2000 ISS PRA End State Definitions Evacuation End States (EVAC)  Emergency Evacuation An emergency situation exists and warrants station evacuation. These situations are characterized by short response times and are captured in Flight Rules.  Flight Rule Evacuation Evacuation as a set of conditions are met. Some Flight Rules state that certain conditions must be satisfied but do not identify further action, while others state that further discussion with the ground is required.  Medical Evacuation Evacuation of the station is dictated by a medical condition of one of the crewmembers. At Stage 7A all three crewmembers must evacuate together since only one Soyuz is available.

October 23,2000 ISS PRA End State Definitions Other Undesired End States (OUE)  Collection of end states, while neither catastrophic nor an evacuation, still represent a “bad day”. These include:  The shut down of any pressurized module as dictated by flight rule as result of MMOD  The loss of either US or RS distributed systems Electrical PowerAttitude ControlCommand & Data Handling Thermal ControlGuidance & NavCommunications Environmental Control and Life SupportPropulsion  Loss of a function such as ability for Orbiter, Progress, or Soyuz to dock ability to reboost insufficient O 2 or N 2 reserves

October 23,2000 ISS PRA ISS PRA Approach Flow Diagram Integrates operational models and hardware configuration to provide results

October 23,2000 ISS PRA Master Logic Diagram

October 23,2000 ISS PRA ISS PRA Model Continuous operations Per demand Occurrence frequency Housekeeping ESDs EPS TCS GNC C&DH ECLSS ACS Medical Procedural ESDs Orbiter Docking Soyuz Docking Progress Docking Reboost EVAs Energetic Hazard ESDs MMOD Radiation Fire Toxic ISS PRA Model End States Probabilities based on: Gathered across all ESDs Results Probabilities and dependency interactions PRA Stage 7A Model status 65 Event Sequence Diagrams ~450 Fault Trees ~1500 Basic Events 28 Unique Bad End States ~400 Sequences >2 million Cut-sets

October 23,2000 ISS PRA ESD Example - O 2 Generation Failure Path Initiator Pivotal Event End State

October 23,2000 ISS PRA Fault Trees - CDRA Fault trees trace failures into supporting systems such as the DDCUs

October 23,2000 ISS PRA Quantification For each Basic Event, the probability of failure is calculated within a given time period  Pr = e - t  where: = failure rate (failures/hours)  t = mission time Failure rates and probabilities  Derived from a number of sources to give a mean and distribution MADS - ISS logistics approved NPRD - Nonelectronic Parts Reliability Data EPRD - Electronic/Electrical Parts Reliability Data Russian R&M reports RE-03, R-10-R02  Probability distributions reflect the uncertainty in knowing the time of the next failure Typically 5 th and 95 th percentiles of log-normal failure rates

October 23,2000 ISS PRA Basic Event Quantification Many data points are combined to derive the mean failure rate and its distribution

October 23,2000 ISS PRA Quantification (Updating) Component failure rates are updated with actual failure experience on-orbit

October 23,2000 ISS PRA Significance of Results MMOD is > 90% of risk of LOS Majority of risks do not lead to catastrophic end states Numbers over estimate the risk of non-catastrophic end states since many options may still be available to the crew and ground once end states are reached  Not meeting flight rules triggers end states  Ops documentation still in development Several top sequences are driven by having no power jumper to the airlock  Failure of external US power channel 2B prevents an EVA and therefore power is not repairable  No Russian EVA (not in flight rules or procedures) Lacks fidelity on Russian segment