Safety and Mission Assurance for In-House Design Lessons Learned from Ares I Upper Stage

This viewgraph presentation identifies lessons learned in the course of the Ares I Upper Stage design and in-house development effort. The contents include: 1) Constellation Organization; 2) Upper Stage Organization; 3) Presentation Structure; 4) Lesson-Importance of Systems Engineering/Integration; 5) Lesson-Importance of Early S&MA Involvement; 6) Lesson-Importance of Appropriate Staffing Levels; 7) Lesson-Importance S&MA Team Deployment; 8) Lesson-Understanding of S&MA In-Line Engineering versus Assurance; 9) Lesson-Importance of Close Coordination between Supportability and Reliability/Maintainability; 10) Lesson-Importance of Engineering Data Systems; 11) Lesson-Importance of Early Development of Supporting Databases; 12) Lesson-Importance of Coordination with Safety Assessment/Review Panels; 13) Lesson-Implementation of Software Reliability; 14) Lesson-Implementation of S&MA Technical Authority/Chief S&MA Officer; 15) Lesson-Importance of S&MA Evaluation of Project Risks; 16) Lesson-Implementation of Critical Items List and Government Mandatory Inspections; 17) Lesson-Implementation of Critical Items List Mandatory Inspections; 18) Lesson-Implementation of Test Article Safety Analysis; and 19) Lesson-Importance of Procurement Quality

An integrated aerospace requirement setting and risk analysis tool for life cycle cost reduction and system design improvement

In the early conceptual stage of the service orientated model, decisions regarding the design of a new technical product are largely influenced by Service Requirements. Those decisions, therefore, have to merge both technical and business aspects to obtain desired product reliability and reduced Whole Life Cost (WLC). It is, therefore, critical at that phase to define the risk of potential noncompliance of Service Requirements in order to ensure the right design choices; as these decisions have a large impact on the overall product and service development. This paper presents outcome of research project to investigate different approaches used by companies to analyse Service Requirements to achieve reduced Life Cycle Cost (LCC). Analysis using Weibull distribution and Monte Carlo principle have been proposed here; based on the conducted literature review these are considered as the most widely used techniques in product reliability studies. Based on those techniques, a methodology and its software tool for risk evaluation of failure to deliver a new product against Service Requirements are presented in this paper. This is part of the on-going research project which, apart from analysing the gap between the current Service Requirements achievements and the design targets for a new aircraft engine, it also facilitates an optimisation of those requirements at the minimum risk of nonconformity

Use of COTS functional analysis software as an IVHM design tool for detection and isolation of UAV fuel system faults

This paper presents a new approach to the development of health management solutions which can be applied to both new and legacy platforms during the conceptual design phase. The approach involves the qualitative functional modelling of a system in order to perform an Integrated Vehicle Health Management (IVHM) design – the placement of sensors and the diagnostic rules to be used in interrogating their output. The qualitative functional analysis was chosen as a route for early assessment of failures in complex systems. Functional models of system components are required for capturing the available system knowledge used during various stages of system and IVHM design. MADe™ (Maintenance Aware Design environment), a COTS software tool developed by PHM Technology, was used for the health management design. A model has been built incorporating the failure diagrams of five failure modes for five different components of a UAV fuel system. Thus an inherent health management solution for the system and the optimised sensor set solution have been defined. The automatically generated sensor set solution also contains a diagnostic rule set, which was validated on the fuel rig for different operation modes taking into account the predicted fault detection/isolation and ambiguity group coefficients. It was concluded that when using functional modelling, the IVHM design and the actual system design cannot be done in isolation. The functional approach requires permanent input from the system designer and reliability engineers in order to construct a functional model that will qualitatively represent the real system. In other words, the physical insight should not be isolated from the failure phenomena and the diagnostic analysis tools should be able to adequately capture the experience bases. This approach has been verified on a laboratory bench top test rig which can simulate a range of possible fuel system faults. The rig is fully instrumented in order to allow benchmarking of various sensing solution for fault detection/isolation that were identified using functional analysis

An Approach to Using Non Safety-Assured Programmable Components in Modest Integrity Systems

Programmable components (like personal computers or smart devices) can offer considerable benefits in terms of usability and functionality in a safety-related system. However there is a problem in justifying the use of programmable components if the components have not been safety justified to an appropriate integrity (e.g. to SIL 1 of IEC 61508). This paper outlines an approach (called LowSIL) developed in the UK CINIF nuclear industry research programme to justify the use of non safety-assured programmable components in modest integrity systems. This is a seven step approach that can be applied to new systems from an early design stage, or retrospectively to existing systems. The stages comprise: system characterisation, component suitability assessment, failure analysis, failure mitigation, identification of additional defences, identification of safety evidence requirements, and collation and evaluation of evidence. In the case of personal computers, there is supporting guidance on usage constraints, claim limits on reliability, and advice on “locking down” the component to maximise reliability. The approach is demonstrated for an example system. The approach has been applied successfully to a range of safety-related systems used in the nuclear industry

Expert Elicitation for Reliable System Design

This paper reviews the role of expert judgement to support reliability assessments within the systems engineering design process. Generic design processes are described to give the context and a discussion is given about the nature of the reliability assessments required in the different systems engineering phases. It is argued that, as far as meeting reliability requirements is concerned, the whole design process is more akin to a statistical control process than to a straightforward statistical problem of assessing an unknown distribution. This leads to features of the expert judgement problem in the design context which are substantially different from those seen, for example, in risk assessment. In particular, the role of experts in problem structuring and in developing failure mitigation options is much more prominent, and there is a need to take into account the reliability potential for future mitigation measures downstream in the system life cycle. An overview is given of the stakeholders typically involved in large scale systems engineering design projects, and this is used to argue the need for methods that expose potential judgemental biases in order to generate analyses that can be said to provide rational consensus about uncertainties. Finally, a number of key points are developed with the aim of moving toward a framework that provides a holistic method for tracking reliability assessment through the design process.Comment: This paper commented in: [arXiv:0708.0285], [arXiv:0708.0287], [arXiv:0708.0288]. Rejoinder in [arXiv:0708.0293]. Published at http://dx.doi.org/10.1214/088342306000000510 in the Statistical Science (http://www.imstat.org/sts/) by the Institute of Mathematical Statistics (http://www.imstat.org

A synthesis of logic and bio-inspired techniques in the design of dependable systems

Much of the development of model-based design and dependability analysis in the design of dependable systems, including software intensive systems, can be attributed to the application of advances in formal logic and its application to fault forecasting and verification of systems. In parallel, work on bio-inspired technologies has shown potential for the evolutionary design of engineering systems via automated exploration of potentially large design spaces. We have not yet seen the emergence of a design paradigm that effectively combines these two techniques, schematically founded on the two pillars of formal logic and biology, from the early stages of, and throughout, the design lifecycle. Such a design paradigm would apply these techniques synergistically and systematically to enable optimal refinement of new designs which can be driven effectively by dependability requirements. The paper sketches such a model-centric paradigm for the design of dependable systems, presented in the scope of the HiP-HOPS tool and technique, that brings these technologies together to realise their combined potential benefits. The paper begins by identifying current challenges in model-based safety assessment and then overviews the use of meta-heuristics at various stages of the design lifecycle covering topics that span from allocation of dependability requirements, through dependability analysis, to multi-objective optimisation of system architectures and maintenance schedules

Understanding construction delay analysis and the role of pre-construction programming

Copyright © 2013, American Society of Civil Engineers. This is the author's accepted manuscript. The final published article is available from the link below.Modern construction projects commonly suffer from delay in their completions. The resolution of time and cost claims consequently flowing from such delays continues to remain a difficult undertaking for all project parties. A common approach often relied on by contractors and their employers (or their representatives) to resolve this matter involves applying various delay analysis techniques, which are all based on construction programs originally developed for managing the project. However, evidence from literature suggests that the reliability of these techniques in ensuring successful claims resolution are often undermined by the nature and quality of the underlying program used. As part of a wider research carried out on delay and disruption analysis in practice, this paper reports on an aspect of the study aimed at exploring preconstruction stage programming issues that affect delay claims resolutions. This aspect is based on an in-depth interview with experienced construction planning engineers in the United Kingdom, conducted after an initial large-scale survey on delay and disruption techniques usage. Summary of key findings and conclusions include: (1) most contractors prefer to use linked bar chart format for their baseline programs over conventional critical path method (CPM) networks; (2) baseline programs are developed using planning software packages. Some of these pose difficulties when employed for most delay analysis techniques, except for simpler ones; (3) manpower loading graphs are not commonly developed as part of the main deliverables during preconstruction stage planning. As a result, most programs are not subjected to resource loading and leveling for them to accurately reflect planned resource usage on site. This practice has detrimental effects on the reliability of baseline programs in their use for resolving delay claims; and (4) baseline program development involves many different experts within construction organizations as expected, but with very little involvement of the employer or its representative. Active client involvement is however quite important as it would facilitate quick program approval/acceptance before construction, a necessary requirement for early delay claims settlement, which otherwise are often left unresolved long after the delaying events with the potential of generating into expensive disputes. The study results provide a better understanding of the key issues that need attention if improvements are to be made in delay claim resolutions. Additional research focusing on the testing of these results using a much larger sample and rigorous statistical analysis for generalization purposes would be helpful in advancing the limited knowledge of this subject matter

A synthesis of logic and biology in the design of dependable systems

The technologies of model-based design and dependability analysis in the design of dependable systems, including software intensive systems, have advanced in recent years. Much of this development can be attributed to the application of advances in formal logic and its application to fault forecasting and verification of systems. In parallel, work on bio-inspired technologies has shown potential for the evolutionary design of engineering systems via automated exploration of potentially large design spaces. We have not yet seen the emergence of a design paradigm that combines effectively and throughout the design lifecycle these two techniques which are schematically founded on the two pillars of formal logic and biology. Such a design paradigm would apply these techniques synergistically and systematically from the early stages of design to enable optimal refinement of new designs which can be driven effectively by dependability requirements. The paper sketches such a model-centric paradigm for the design of dependable systems that brings these technologies together to realise their combined potential benefits