System Safety & Mission Assurance (SS&MA) for Sub-Class D Missions Steve Jara NASA Ames System Safety & Mission Assurance Division

SS&MA: A set of system safety and quality management processes that minimize the risk associated with each system and phase of a project’s life cycle. They are normally executed by/with: Independent experts (not responsible for the project’s cost/schedule) A high degree of independent verification & validation (V&V) A flow-down of requirements throughout the supply chain A closed-loop root cause analysis based corrective action system A de-emphasis on their impact to project cost & schedule

Sub-Class D Missions: Low budget fast paced projects executed under a set of streamlined processes aimed at mitigating only the most significant risks to mission success. They are normally executed by/with: An atmosphere of innovation & creativity Cross-trained thinly spread teams (with limited oversight) A high percentage of COTS & low heritage parts A high degree of reliance on vendor SS&MA processes An open-loop “make-it-work” corrective action system An emphasis on cost & schedule

Why apply SS&MA on Sub-Class D Missions? Traditional arguments against: Stifles innovation & creativity (rules based) Too costly & time consuming Unnecessary when risk of mission failure is acceptable The real story; SS&MA is critical to mission success: Tailorable, flexible, & identifies where rules are good enough or where innovation is required Cost can be limited to initial risk assessments followed by the mitigation of the most significant risk Ensures projects allocate their limited resources judiciously and intelligently Mission failure is not acceptable due to blindly/poorly applied processes; SS&MA provides critical insight & intelligence

Specifically, with respect to safety, SS&MA Helps project’s understand & comply with applicable safety requirements Range Payload Safety Working Group Launch provider (via Interface Control Documents) Generates required safety documents Verifies supporting evidence and closure to supporting documents Champions a safe working environment during all phase of the project life cycle

Specifically, with respect to mission assurance, SS&MA Helps project’s understand & comply with applicable quality requirements, including but not limited to: ISO9001/AS9100 Quality Management Workmanship EEE parts Generates required quality documents Verifies supporting evidence and closure to supporting documents Champions a “do it right the first time” working environment during all phases of the project life cycle

SS&MA during hardware fabrication & assembly SS&MA supports hazard report verification and closure Supports inspections to verify controls required by hazard reports SS&MA helps determine areas that require additional oversight (prioritizing safety over mission success) Apply an “eyes wide open” SS&MA approach; mission success builds upon rather than undermines safety requirements Establish the level of risk the project while not compromising safety Creative thinking outside the box is acceptable after safety definitions and design are understood Workmanship standards are not mandatory for electronic assemblies and COTs unless project (based on SS&MA recommendation) deems necessary

SS&MA during environmental testing: Environmental testing closes many V&V requirements in interface ICD, safety compliance, range safety, and Payload Safety Review Panel (PSRP) documents SS&MA should witness each test (including the test set-up) and requirements closing; this ensures each applicable requirement is verified without unnecessary expenditure of time or resources This ensures that all questions and/or RIDs/RFAs generated during technical reviews are addressed such that open items and hazard reports can be closed without having to repeat a test

Fitting SS&MA within a Sub-Class D mission’s budget & schedule Embed/integrate SS&MA into all project elements & phases Cross-train key project personnel in basic SS&MA principles Hold everyone responsible for SS&MA Ensure SS&MA is a topic during all project meetings & reviews Use of peer reviews should be employed to compensate for the lack of independence (when a dedicated SS&MA lead is unavailable) Appoint one individual as the SS&MA lead May be independent & exclusive or a project member with other responsibilities (i.e., systems engineer, discipline lead, etc.) If not independent & exclusive, the project should use SMEs from the SS&MA organization as consultants and peer reviewers The SS&MA lead should work project-wide SS&MA issues Should assess & prioritize the order in & degree to which SS&MA actions are implemented based on project risk, phase, schedule, & budget

Lesson Learned (optimizing SS&MA) Documentation must be readable and easily understandable Streamlining and reducing the amount of documents will save time and can aid in their readability (i.e., omit all boiler plate and unnecessary information) Invest the effort to develop a high fidelity concept of operations description Shows how each subsystem of the design helps meet the mission goals Minimizes potential mismatches between system materials and the mission environment(s) Provides a mission-wide starting point for all hazard analyses Minimizes the possibility of designing and building to unverifiable requirements Research, understand, and plan to comply with the safety requirements early The requirements are defined and the process is clear (e.g., range, PSRP) Leverage the expertise of the groups the project must interface with to meet safety and design requirements PSRP, Range Safety, vehicle provider, and others can help clarify and understand requirements They do this all the time and can save a project from doing unnecessary work: ask for their lesson learned and best practices And most importantly it establishes their buy-in and support, making the task of presenting a compliance argument to them relatively easier