Download presentation
Presentation is loading. Please wait.
Published byHarvey Waters Modified over 9 years ago
1
Futron Corporation 400 Virginia Avenue,SW Suite 340 Washington, DC 20024-2730 Phone 202-488-2931 Fax 202-488-7863 http://www.futron.com NASA PRA Practices and Needs for the New Millennium International Space Station Probabilistic Risk Assessment Stage 7A October 25-26, 2000
2
October 23,2000 ISS PRA 00-34 2 Purpose of ISS PRA Provide a decision support tool for the ISS program that evaluates safety and mission assurance risk Objectives Provide risk data across ISS functions/systems (useful to operations planners as well as follow-on development managers) Ensure synergy with ongoing safety, reliability, and risk management activities Scope Develop the PRA in phases (allows for strategic/tactical changes to approach) Consider only the catastrophic end states of loss of station, crew, module, or mission Incorporate existing safety and reliability data
3
October 23,2000 ISS PRA 00-34 3 PRA Products Risk model capable of assessing risks due to changes in ISS configuration, operations, or environmental factors Probability distribution functions (including median values, mean values and uncertainties) for the end states, events, and accident scenarios Trade and sensitivity analyses (i.e. effects of: system upgrades; risk mitigation strategies; modeling assumption changes etc.) Identification of any discrepancies found in existing safety and reliability analyses (provides independent check)
4
October 23,2000 ISS PRA 00-34 4 Phased Approach
5
October 23,2000 ISS PRA 00-34 5 Definitions Event Sequence Diagram (ESD) - ESDs show the progression of an initiating event to all the possible end states. Initiating Event - Initiating events begin the event sequences. Single component failure or a combination of failures Start of a procedure Energetic external event Pivotal Event - Pivotal events are those that must occur in order to prevent the initiating event from propagating further. These may take the form of safety systems, procedural steps, crew or ground intervention, physical conditions, or time constraints. End States - Terminating point of an event sequence. An ESD can have multiple end states. Sequence - Accident scenario. A path through the ESD from initiator to a bad end state Basic Events - Lowest quantified part of the model
6
October 23,2000 ISS PRA 00-34 6 Model Philosophy Stage 7A (including previous stages) is assembled correctly All equipment is operational at start of 7A Structural failures are not credible Spares noted in logistics plans are on station Repair actions incorporate restoration of initiating events restoration of onboard spared items Human errors are not initiating events They do contribute to pivotal events Russian EVA resources not available Procedures do not yet show the use of these assets Software is perfect for this iteration of the model
7
October 23,2000 ISS PRA 00-34 7 Stage 7A Configuration Airlock is attached and functional Model includes: 3 Crew members 8 Months of operations 3 Progress dockings 3 Orbiter dockings 2 Soyuz dockings 1 Soyuz port change 1 Avoidance maneuvers 2 Reboost burns 3 EVAs
8
October 23,2000 ISS PRA 00-34 8 End State Definitions Station and Crew are Functional (OK) This end state signifies that the station is still working with the flight rule constraints Loss of Station and Crew (LOS/C) Catastrophic loss of the station and crew Loss of Crew (LOC) Resultant loss of a crew-member Also includes the inability to evacuate the station due to evacuation end state and the unavailability of either Soyuz or Orbiter to perform such a task
9
October 23,2000 ISS PRA 00-34 9 End State Definitions Evacuation End States (EVAC) Emergency Evacuation An emergency situation exists and warrants station evacuation. These situations are characterized by short response times and are captured in Flight Rules. Flight Rule Evacuation Evacuation as a set of conditions are met. Some Flight Rules state that certain conditions must be satisfied but do not identify further action, while others state that further discussion with the ground is required. Medical Evacuation Evacuation of the station is dictated by a medical condition of one of the crewmembers. At Stage 7A all three crewmembers must evacuate together since only one Soyuz is available.
10
October 23,2000 ISS PRA 00-34 10 End State Definitions Other Undesired End States (OUE) Collection of end states, while neither catastrophic nor an evacuation, still represent a “bad day”. These include: The shut down of any pressurized module as dictated by flight rule as result of MMOD The loss of either US or RS distributed systems Electrical PowerAttitude ControlCommand & Data Handling Thermal ControlGuidance & NavCommunications Environmental Control and Life SupportPropulsion Loss of a function such as ability for Orbiter, Progress, or Soyuz to dock ability to reboost insufficient O 2 or N 2 reserves
11
October 23,2000 ISS PRA 00-34 11 ISS PRA Approach Flow Diagram Integrates operational models and hardware configuration to provide results
12
October 23,2000 ISS PRA 00-34 12 Master Logic Diagram
13
October 23,2000 ISS PRA 00-34 13 ISS PRA Model Continuous operations Per demand Occurrence frequency Housekeeping ESDs EPS TCS GNC C&DH ECLSS ACS Medical Procedural ESDs Orbiter Docking Soyuz Docking Progress Docking Reboost EVAs Energetic Hazard ESDs MMOD Radiation Fire Toxic ISS PRA Model End States Probabilities based on: Gathered across all ESDs Results Probabilities and dependency interactions PRA Stage 7A Model status 65 Event Sequence Diagrams ~450 Fault Trees ~1500 Basic Events 28 Unique Bad End States ~400 Sequences >2 million Cut-sets
14
October 23,2000 ISS PRA 00-34 14 ESD Example - O 2 Generation Failure Path Initiator Pivotal Event End State
15
October 23,2000 ISS PRA 00-34 15 Fault Trees - CDRA Fault trees trace failures into supporting systems such as the DDCUs
16
October 23,2000 ISS PRA 00-34 16 Quantification For each Basic Event, the probability of failure is calculated within a given time period Pr = e - t where: = failure rate (failures/hours) t = mission time Failure rates and probabilities Derived from a number of sources to give a mean and distribution MADS - ISS logistics approved NPRD - Nonelectronic Parts Reliability Data EPRD - Electronic/Electrical Parts Reliability Data Russian R&M reports RE-03, R-10-R02 Probability distributions reflect the uncertainty in knowing the time of the next failure Typically 5 th and 95 th percentiles of log-normal failure rates
17
October 23,2000 ISS PRA 00-34 17 Basic Event Quantification Many data points are combined to derive the mean failure rate and its distribution
18
October 23,2000 ISS PRA 00-34 18 Quantification (Updating) Component failure rates are updated with actual failure experience on-orbit
19
October 23,2000 ISS PRA 00-34 19 Significance of Results MMOD is > 90% of risk of LOS Majority of risks do not lead to catastrophic end states Numbers over estimate the risk of non-catastrophic end states since many options may still be available to the crew and ground once end states are reached Not meeting flight rules triggers end states Ops documentation still in development Several top sequences are driven by having no power jumper to the airlock Failure of external US power channel 2B prevents an EVA and therefore power is not repairable No Russian EVA (not in flight rules or procedures) Lacks fidelity on Russian segment
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.