190 likes | 396 Views
Guide to the Identification of Safety-Critical Hardware Items for RLV Developers COMSTAC RLV Working Group Meeting Washington D.C. 25 May 2005. Outline. Project Overview WG Participation Current Status Document Overview Depth of analysis Safety-criticality guidelines Identification process
E N D
Guide to the Identification ofSafety-Critical Hardware Items forRLV DevelopersCOMSTAC RLV Working Group MeetingWashington D.C.25 May 2005
Outline • Project Overview • WG Participation • Current Status • Document Overview • Depth of analysis • Safety-criticality guidelines • Identification process • List of potentially safety-critical items • Future Work • Observations • Q & A COMSTAC RLV Working Group Meeting - Washington D.C.
Project Overview • Tasked by FAA/AST to form RLV industry working group in 2003 • The working group was originally formed to: • define criteria for identifying potentially safety-critical systems for RLVs • develop a list of potentially safety-critical RLV items • to identify risks and develop risk mitigation/elimination controls for RLV operations COMSTAC RLV Working Group Meeting - Washington D.C.
WG Participation • The following organizations actively participated in the project for the past two years: • The Boeing Company • Kistler Aerospace • Lockheed Martin • TGV Rockets • XCOR Aerospace • FAA/AST COMSTAC RLV Working Group Meeting - Washington D.C.
Current Status • Document released on 1 May 2005 • Brief announcement at Space Access meeting • Freely available at AST and AIAA websites • http://ast.faa.gov • http://www.aiaa.org/content.cfm?pageid=593 • One example remains to be discussed by working group • Document can be updated provided there is sufficient interest and involvement from affected parties COMSTAC RLV Working Group Meeting - Washington D.C.
Document Contents • Introductory material (foreword, scope, purpose, definitions) • Hazard contributors • Three-pronged approach to public safety • Depth of analysis examples • Risk assessment methodologies • Guidelines and process for identifying safety-critical items • List of potentially safety-critical hardware items • Risk mitigation strategies for safety-critical hardware items COMSTAC RLV Working Group Meeting - Washington D.C.
Depth of Analysis Examples • Provides developers with characterization of level of effort associated with identifying safety-critical items for different mission scenarios • Three scenarios presented • Sub-orbital launch in which dispersed IIP does not intersect populated area • Sub-orbital launch in which dispersed IIP intersects a small number of populated areas • Sub-orbital launch in which dispersed IIP intersects a large number of populated areas COMSTAC RLV Working Group Meeting - Washington D.C.
Safety-Criticality Guidelines (1/3) In general, if BOTH of the following conditions are true for a particular item, the item is potentially safety-critical and may require further analysis. (1) If the vehicle is over/in a populated area, or may reach a populated area as a result of failure, and (2) the item could credibly fail, with the failure resulting in one or more of the five described hazard conditions COMSTAC RLV Working Group Meeting - Washington D.C.
Safety-Criticality Guidelines (2/3) List of Hazard Conditions Failure causes vehicle breakupThe vehicle is broken into fragments. Failure causes vehicle loss of control:The vehicle can no longer be controlled by the crew (may be onboard crew or ground crew) or by autonomous means. Failure causes uncontrolled debris:The failure leaves the vehicle intact and controllable, but debris is ejected, without any means of controlling where the debris will impact. For example, an engine failure leaves the vehicle intact and in control, but may cause a fan blade to be ejected from the vehicle; or a structural failure may lead to the separation of a aerodynamic control surface. The intentional jettison of a component (e.g. drop tank) during normal or emergency operations in a designated area is not considered a failure. COMSTAC RLV Working Group Meeting - Washington D.C.
Safety-Criticality Guidelines (3/3) List of Hazard Conditions (continued) Failure causes uncontrolled discharge of hazardous material:The failure leaves the vehicle intact and controllable, but leads to the discharge of hazardous material (toxic, flammable, cryogenic, etc.). The controlled dumping of propellants in a designated area during an abort scenario is not considered a failure. Failure prohibits safe landingThe failure leaves the vehicle intact and controllable in flight, but prohibits the vehicle from either reaching a designated landing location where the public is not endangered (e.g. a missile range), or prevents the vehicle from performing a controlled emergency landing without endangering the uninvolved public (e.g. at a public airport). COMSTAC RLV Working Group Meeting - Washington D.C.
Identification Process (1/2) COMSTAC RLV Working Group Meeting - Washington D.C.
Identification Process (2/2) COMSTAC RLV Working Group Meeting - Washington D.C.
List of Safety-Critical Items (1/2) COMSTAC RLV Working Group Meeting - Washington D.C.
List of Safety-Critical Items (2/2) COMSTAC RLV Working Group Meeting - Washington D.C.
Future Work FY05: • Incorporate fourth example into “Depth of Analysis” section Possible Follow-On Activities: • Expand guidelines to cover hazard contributors other than hardware items • Update and correct first version as necessary • Any other suggested topics for gov’t/industry cooperation Any follow-on activities will depend on interest and involvement of affected parties COMSTAC RLV Working Group Meeting - Washington D.C.
Observations (1/2) • This effort established a neutral forum for industry/government to discuss safety concerns • The document could be used for meeting RLV regulations on the identification of safety-critical items • A considerable effort was made to ensure that this Guide will not place any undue regulatory burden on developers • Guidelines and process defined should be applicable to a wide-range of vehicles • A great deal of technical knowledge has been captured in this document COMSTAC RLV Working Group Meeting - Washington D.C.
Observations (2/2) • Model of industry/government working together seems to have been effective • Other regulatory topics could possibly be addressed in a similar manner • Reaching consensus between industry and government can be a struggle, but ultimately invaluable to both • Any future efforts would benefit from greater industry participation to ensure as broad a consensus as possible COMSTAC RLV Working Group Meeting - Washington D.C.
Contact Information Craig Day AIAA Standards Program Manager American Institute of Aeronautics and Astronautics 1801 Alexander Bell Drive, Suite 500 Reston, VA 20191-4344 Phone: 703-264-3849 Email: craigd@aiaa.org COMSTAC RLV Working Group Meeting - Washington D.C.