Model Based Mission Assurance: NASA's Assurance Future

Model Based Systems Engineering (MBSE) is seeing increased application in planning and design of NASAs missions. This suggests the question: what will be the corresponding practice of Model Based Mission Assurance (MBMA)? Contemporaneously, NASAs Office of Safety and Mission Assurance (OSMA) is evaluating a new objectives based approach to standards to ensure that the Safety and Mission Assurance disciplines and programs are addressing the challenges of NASAs changing missions, acquisition and engineering practices, and technology. MBSE is a prominent example of a changing engineering practice. We use NASAs objectives-based strategy for Reliability and Maintainability as a means to examine how MBSE will affect assurance. We surveyed MBSE literature to look specifically for these affects, and find a variety of them discussed (some are anticipated, some are reported from applications to date). Predominantly these apply to the early stages of design, although there are also extrapolations of how MBSE practices will have benefits for testing phases. As the effort to develop MBMA continues, it will need to clearly and unambiguously establish the roles of uncertainty and risk in the system model. This will enable a variety of uncertainty-based analyses to be performed much more rapidly than ever before and has the promise to increase the integration of CRM (Continuous Risk Management) and PRA (Probabilistic Risk Analyses) even more fully into the project development life cycle. Various views and viewpoints will be required for assurance disciplines, and an over-arching viewpoint will then be able to more completely characterize the state of the project/program as well as (possibly) enabling the safety case approach for overall risk awareness and communication

Prognostic Launch Vehicle Probability of Failure Assessment Methodology for Conceptual Systems Predicated on Human Causal Factors

Lessons learned from past failures of launch vehicle developments and operations were used to create a new method to predict the probability of failure of conceptual systems. Existing methods such as Probabilistic Risk Assessments and Human Risk Assessments were considered but found to be too cumbersome for this type of system-wide application for yet-to-be-flown vehicles. The basis for this methodology were historic databases of past failures, where it was determined that various faulty human-interactions were the predominant root causes of failure rather than deficient component reliabilities evaluated through statistical analysis. This methodology contains an expert scoring part which can be used in either a qualitative or a quantitative mode. The method produces two products: a numerical score of the probability of failure or guidance to program management on critical areas in need of increased focus to improve the probability of success. In order to evaluate the effectiveness of this new method, data from a concluded vehicle program (USAF's Titan IV with the Centaur G-Prime upper stage) was used as a test case. Although the theoretical vs. actual probability of failure was found to be in reasonable agreement (4.46% vs. 6.67% respectively) the underlying sub-root cause scoring had significant disparities attributable to significant organizational changes and acquisitions. Recommendations are made for future applications of this method to ongoing launch vehicle development programs

CUSTARD (Cranfield University Space Technology Advanced Research Demonstrator) - A Micro-System Technology Demonstrator Nanosatellite. Summary of the Group Design Project MSc in Astronautics and Space Engineering. 1999-2000, Cranfield University

CUSTARD (Cranfield University Space Technology And Research Demonstrator) was the group design project for students of the MSc in Astronautics and Space Engineering for the Academic Year 1999/2000 at Cranfield University. The project involved the initial design of a nanosatellite to be used as a technology demonstrator for microsystem technology (MST) in space. The students worked together as one group (organised into several subgroups, e.g. system, mechanical), with each student responsible for a set of work packages. The nanosatellite designed had a mass of 4 kg, lifetime of 3 months in low Earth orbit, coarse 3-axis attitude control (no orbit control), and was capable of carrying up to 1 kg of payload. The electrical power available was 18 W (peak). Assuming a single X-band ground station at RAL (UK), a data rate of up to 1 M bit s-1 for about 3000 s per day is possible. The payloads proposed are a microgravity laboratory and a formation flying experiment. The report summarises the results of the project and includes executive summaries from all team members. Further information and summaries of the full reports are available from the College of Aeronautics, Cranfield University

Study of application of space telescope science operations software for SIRTF use

The design and development of the Space Telescope Science Operations Ground System (ST SOGS) was evaluated to compile a history of lessons learned that would benefit NASA's Space Infrared Telescope Facility (SIRTF). Forty-nine specific recommendations resulted and were categorized as follows: (1) requirements: a discussion of the content, timeliness and proper allocation of the system and segment requirements and the resulting impact on SOGS development; (2) science instruments: a consideration of the impact of the Science Instrument design and data streams on SOGS software; and (3) contract phasing: an analysis of the impact of beginning the various ST program segments at different times. Approximately half of the software design and source code might be useable for SIRTF. Transportability of this software requires, at minimum, a compatible DEC VAX-based architecture and VMS operating system, system support software similar to that developed for SOGS, and continued evolution of the SIRTF operations concept and requirements such that they remain compatible with ST SOGS operation

Model-based spacecraft and mission design for the evaluation of technology

In order to meet the future vision of robotic missions, engineers will face intricate mission concepts, new operational approaches, and technologies that have yet to be developed. The concept of smaller, model driven projects helps this transition by including life-cycle cost as part of the decision making process. For example, since planetary exploration missions have cost ceilings and short development periods, heritage flight hardware is utilized. However, conceptual designs that rely solely on heritage technology will result in estimates that may not be truly representative of the actual mission being designed and built. The Laboratory for Spacecraft and Mission Design (LSMD) at the California Institute of Technology is developing integrated concurrent models for mass and cost estimations. The purpose of this project is to quantify the infusion of specific technologies where the data would be useful in guiding technology developments leading up to a mission. This paper introduces the design-to-cost model to determine the implications of various technologies on the spacecraft system in a collaborative engineering environment. In addition, comparisons of the benefits of new or advanced technologies for future deep space missions are examined

Unattended network operations technology assessment study. Technical support for defining advanced satellite systems concepts

The results are summarized of an unattended network operations technology assessment study for the Space Exploration Initiative (SEI). The scope of the work included: (1) identified possible enhancements due to the proposed Mars communications network; (2) identified network operations on Mars; (3) performed a technology assessment of possible supporting technologies based on current and future approaches to network operations; and (4) developed a plan for the testing and development of these technologies. The most important results obtained are as follows: (1) addition of a third Mars Relay Satellite (MRS) and MRS cross link capabilities will enhance the network's fault tolerance capabilities through improved connectivity; (2) network functions can be divided into the six basic ISO network functional groups; (3) distributed artificial intelligence technologies will augment more traditional network management technologies to form the technological infrastructure of a virtually unattended network; and (4) a great effort is required to bring the current network technology levels for manned space communications up to the level needed for an automated fault tolerance Mars communications network

Safety-driven system engineering process

Thesis (S. M.)--Massachusetts Institute of Technology, Dept. of Aeronautics and Astronautics, 2008.MIT Barker Library copy: leaves 82 to 106 bound upside-down.Includes bibliographical references (leaves 56-59).As the demand for high-performing complex systems has increased, the ability of engineers to meet that demand has not kept pace. The creators of the traditional system engineering processes did not anticipate modern complex systems, and the application of traditional processes to complex systems such as spacecraft has repeatedly led to disastrous results. Too often, system safety is considered late in the design process, after much of the design is set. This thesis presents an iterative safety-driven system engineering process to address this problem. The process integrates safety into the design process, ensuring that safety is designed into the system, rather than added on. The techniques used in this process are: I) Intent Specifications, a framework for organizing system development and operational information in a hierarchical structure; 2) the System-Theoretic Accident Modeling and Processes (STAMP) model of accident causation, a framework upon which to base powerful safety engineering techniques; 3) STAMP-based Hazard Analysis (STPA) a novel hazard analysis technique; and 4) SpecTRM-Requirements Language (SpecTRM-RL), a formal modeling language. Intent Specification is used to document the design with complete traceability from system goals, requirements, and constraints to the operational design and software code. The STAMP framework is used to apply concepts from control theory to system engineering. STPA is used to identify hazards and eliminate them or mitigate their effects to ensure a safe system design. Finally, SpecTRM-RL is used to create the blackbox behavior models. An example of this process applied to an outer moon exploration mission is presented (in the form of an intent specification) and discussed. The specification focuses on the design of the control system and functionality of the scientific instruments, while also including a high-level design of the entire spacecraft. The application of the process described in this thesis demonstrates that design decisions are safety-driven, and that the results of the hazard analysis are integrated into all aspects of the design.by Margaret Virginia Stringfellow.S.M

COBE's search for structure in the Big Bang

The launch of Cosmic Background Explorer (COBE) and the definition of Earth Observing System (EOS) are two of the major events at NASA-Goddard. The three experiments contained in COBE (Differential Microwave Radiometer (DMR), Far Infrared Absolute Spectrophotometer (FIRAS), and Diffuse Infrared Background Experiment (DIRBE)) are very important in measuring the big bang. DMR measures the isotropy of the cosmic background (direction of the radiation). FIRAS looks at the spectrum over the whole sky, searching for deviations, and DIRBE operates in the infrared part of the spectrum gathering evidence of the earliest galaxy formation. By special techniques, the radiation coming from the solar system will be distinguished from that of extragalactic origin. Unique graphics will be used to represent the temperature of the emitting material. A cosmic event will be modeled of such importance that it will affect cosmological theory for generations to come. EOS will monitor changes in the Earth's geophysics during a whole solar color cycle

Apollo experience report: Simulation of manned space flight for crew training

Through space-flight experience and the development of simulators to meet the associated training requirements, several factors have been established as fundamental for providing adequate flight simulators for crew training. The development of flight simulators from Project Mercury through the Apollo 15 mission is described. The functional uses, characteristics, and development problems of the various simulators are discussed for the benefit of future programs

A Component-Based Middleware for a Reliable Distributed and Reconfigurable Spacecraft Onboard Computer

Emerging applications for space missions require increasing processing performance from the onboard computers. DLR's project “Onboard Computer - Next Generation” (OBC-NG) develops a distributed, reconfigurable computer architecture to provide increased performance while maintaining the high reliability of classical spacecraft computer architectures. Growing system complexity requires an advanced onboard middleware, handling distributed (realtime) applications and error mitigation by reconfiguration. The OBC-NG middleware follows the Component-Based Software Engineering (CBSE) approach. Using composite components, applications and management tasks can easily be distributed and relocated on the processing nodes of the network. Additionally, reuse of components for future missions is facilitated. This paper presents the flexible middleware architecture, the composite component framework, the middleware services and the model-driven Application Programming Interface (API) design of OBC-NG. Tests are conducted to validate the middleware concept and to investigate the reconfiguration efficiency as well as the reliability of the system. A relevant use case shows the advantages of CBSE for the development of distributed reconfigurable onboard software