provide drive (EVA) for joint and LEE latch mechanisms
• Reconfigurations
alternate data path/transmission
reconfiguration time less than 271 seconds
• The purpose for these measures
when the failure occurs, the software, and hardware engineers must know what their systems are to do. This is the best way to get all to agree.
• operation failure of computational units may include,
invoking off-line bit checks with error checking algorithms
operator visual inspections via cameras, etc.
analysis of units memory through data dumps, etc.
ground support failure isolation analysis
exercising equipment with known algorithms
• Note: in the case of SSRMS the operator may use EVA units to move the arm away from contact.
• Operators may always elect to replace failed units, if extras available.
• A diagram of the MSS Failure Management Concept is shown below, [Brimley]. This depicts a scheme for dealing with faults once they are detected. Some of the acronyms used are,
FD: Failure Detection
FI: Failure Isolation
C&W: Caution & Warning
CRIT: Failure Criticality
EVA: Extra Vehicular Activity
BIT: Built-In-Test
• There is also a scheme for estimating when a system has erred. This is based on a bottom up approach where the checks for errors are made in the specific modules, and then error reports are propagated up to the high level software/hardware. The diagram below depicts the system used in the SSRM.
13.1.2 Case Studies In Failure
13.1.2.1 - Apollo 204
• Three astronauts were burned to death on the launch pad (1967)
• General Electric (GE) and other companies were commissioned to develop safety programs.
• These were developed based on combinations of existing programs for risk managements, such as those used by the Air Force, and Department of Defense.
13.1.2.2 - Apollo 13
• a definitive example of failure management
• the mission objective was to land on the surface of the moon, and return.
• the mission had four major components,
1. The booster (a Saturn V rocket) was used for the initial launch, and was discarded after use.
2. The lunar module (dubbed Aquarius) was to be used for descent and ascent from the lunar surface, and to be discarded after use.
3. The service module was to be used for the trip to and from the moon.
4. The command module was equipped with a heat shield, and would be the only module to return to earth.
• In basic terms the mission had to be aborted as a result of an oxygen tank rupture. The fact that the astronauts managed to return back safely is a tribute to the quality of design in the space program.
• The events are chronicled below,
PRELAUNCH
the shuttle is wheeled out to the launch pad. Rain has frozen on the launch pad, and may have gotten into the SRB joints and frozen there also.
Jan., 28th, 1986: The shuttle director gives the OK to launch, without having been informed of the Thiokol concerns. The temperature is 36°F.
11:39 am: The engines are ignited, and a puff of black smoke can be seen blowing from the right SRB. As the shuttle rises the gas can be seen blowing by the o-rings. The vibrations experienced in the first 30 seconds of flight are the worst encountered to date.
11:40 am: A flame jet from the SRB starts to cut into the liquid fuel engine tank, and a support strut.
11:40:15 am: the strut gives way, and the SRB pointed nose cone pierces the liquid fuel tank. The resulting explosion totally destroys the shuttle and crew.
11:40:50 am: the SRB’s are destroyed by the range safety officer.
13.1.3 Glossary
AFSCN Air Force Satellite Control Network
A/L Approach and Landing
ALT Approach and Landing Test
AMU Astronaut Maneuvering Unit
AOA Abort Once Around
APS Alternate Payload Specialist
APU Auxiliary Power Unit
ASE Airborne Support Equipment
ATE Automatic Test Equipment
ATO Abort to Orbit
BFC Backup Flight Control
BOC Base Operations Contract
CAPCOM Capsule Communicator
CCAFS Cape Canaveral Air Force Station
CCMS Checkout, Control and Monitor Subsystem
CCTV Closed Circuit Television
CDMS Command & Data Management Systems Officer
CDR Commander
CDS Central Data System
CFES Continuous Flow Electrophoresis System
CIC Crew Interface Coordinator
CIE Communications Interface Equipment
CITE Cargo Integration Test Equipment
CTS Call to Stations
DCC Data Computation Complex
DCS Display Control System
DFI Development Flight Instrumentation
DFRF Hugh L. Dryden Flight Research Facility
DIG Digital Image Generation
DMC Data Management Coordinator
DMOS Diffusive Mixing of Organic Solutions
DOD Department of Defense
DOP Diver Operated Plug
DPS Data Processing System
EAFB Edwards Air Force Base
ECLSS Environmental Control & Life Support System
EECOMP Electrical, Environmental & Consumables Systems Engineer
EI Entry Interface
EMU Extravehicular Mobility Unit
ESA European Space Agency
ESMC Eastern Space and Missile Center
ET External Tank
EVA Extravehicular Activity
FAO Flight Activities Officer
FAWG Flight Assignment Working Group
FBSC Fixed Base Crew Stations
F/C Flight Controller
FCT Flight Crew Trainer
FCTS Flight Crew Trainer Simulator
FD Flight Director
FDF Flight Data File
FDO Flight Dynamics Officer
FOD Flight Operations Directorate
FOE Flight Operations Engineer
FOPG Flight Operations Planning Group
FOSO Flight Operations Scheduling Officer
FR Firing Room
FRC Flight Control Room
FRCS Forward Reaction Control System
FRF Flight Readiness Firing
FRR Flight Readiness Review
FSE Flight Simulation Engineer
FSS Fixed Service Structure
GAS Getaway Special
GC Ground Control
GDO Guidance Officer
GLS Ground Launch Sequencer
GN Ground Network
GNC Guidance, Navigation & Control Systems Engineer
GPC General Purpose Computer
GSE Ground Support Equipment
GSFC Goddard Space Flight Center
HAC Heading Alignment Circle
HB High Bay
HMF Hypergolic Maintenance Facility
HPPF Horizontal Payloads Processing Facility
HUS Hypergolic Umbilical System
IECM Induced Environment Contamination Monitor
IG Inertial Guidance
ILS Instrument Landing System
IMF In Flight Maintenance
IMU Inertial Measurement Unit
INCO Instrumentation & Communications Officer
IRIG Interrange Instrumentation Group
ISP Integrated Support Plan
IUS Inertial Upper Stage
IVA Intravehicular Activity
JPL Jet Propulsion Laboratory
JSC Lyndon B. Johnson Space Center
KSC John F. Kennedy Space Center
LC Launch Complex
LCC Launch Control Center
LCS Launch Control System
LDEF Long Duration Exposure Facility
LETF Launch Equipment Test Facility
LOX Liquid Oxygen
LPS Launch Processing System
LSA Launch Services Agreement
LWG Logistics Working Group
MBCS Motion Base Crew Station
MCC Mission Control Center
MD Mission Director
MDD Mate/Demate Device
ME Main Engine
MECO Main Engine Cutoff
MET Mission Elapsed Time
MLP Mobile Launch Platform
MLR Monodisperse Latex Reactor
MLS Microwave Landing System
MMACS Maintenance, Mechanical Arm & Crew Systems Engineer
MMPSE Multiuse Mission Payload Support Equipment
MMSE Multiuse Mission Support Equipment
MMU Manned Maneuvering Unit
MOD Mission Operations Directorate
MOP Mission Operations Plan
MPGHM Mobile Payload Ground Handling Mechanism
MPPSE Multipurpose Payload Support Equipment
MPS Main Propulsion System
MS Mission Specialist
MSBLS Microwave Scanning Beam Landing System
MSC Mobile Servicing Centre
MSCI Mission Scientist
MSFC George C. Marshall Space Flight Center
MSS Mobile Service Structure
MST Mobile Service Tower
MTE Mobile Transporter Element
MUM Mass Memory Unit Manager
NASCOM NASA Communications Network
NBT Neutral Buoyancy Facility
NIP Network Interface Processor
NOCC Network Operations Control Center
NSRS NASA Safety Reporting System
NSTL National Space Technology Laboratories
NSTS National Space Transportation System
OAA Orbiter Access Arm
OAST Office of Aeronautics & Space Technology
OC Operations Coordinator
O&C Operations and Checkout (Building)
OFI Operational Flight Instrumentation
OFT Orbiter Flight Test
OMBUU Orbiter Midbody Umbilical Unit
OMRF Orbiter Maintenance & Refurbishment Facility
OMS Orbital Maneuvering System
OPF Orbiter Processing Facility
OSF Office of Space Flight
OSS Office of Space Science
OSSA Office of Space Science and Applications
OSTA Office of Space and Terrestrial Applications
OV Orbiter Vehicle
PACE Prelaunch Automatic Checkout Equipment
PAM Payload Assist Module
PAYCOM Payload Command Coordinator
PCR Payload Changeout Room
PDRS Payload Deployment & Retrieval System
PGHM Payload Ground Handling Mechanism
PHF Payload Handling Fixture
PIP Payload Integration Plan
PLSS Portable Life Support Subsystem
PLT Pilot
POCC Payload Operations Control Center
POD Payload Operations Director
PRC Payload Changeout Room
PRF Parachute Refurbishment Facility
PRSD Power Reactant Storage & Distribution
PS Payload Specialist
R&D Research Development
RCS Reaction Control System
RMS Remote Manipulator System
RPS Record Playback Subsystem
RSS Rotating Service Structure
RTLS Return to Launch Site
SAEF Spacecraft Assembly & Encapsulation Facility
SAIL Shuttle Avionics Integration Laboratory
SCA Shuttle Carrier Aircraft
SCAMMA Station Conferencing & Monitoring Arrangement
SCAPE Self-Contained Atmospheric Protection Ensemble
SID Simulation Interface Device
SIP Standard Interface Panel
SIT Shuttle Interface Test
SL Spacelab
SLF Shuttle Landing Facility
SMAB Solid Motor Assembly Building
SMCH Standard Mixed Cargo Harness
SMS Shuttle Mission Simulator
SN Space Network
SPDM Special Purpose Dextrous Manipulator
SPIF Shuttle Payload Integration Facility
SPOC Shuttle Portable On-Board Computer
SRB Solid Rocket Booster
SRBDF Solid Rocket Booster Disassembly Facility
SRM&QA Safety, Reliability, Maintainability and Quality Assurance
SSC John C. Stennis Space Center
SSCP Small Self-Contained Payload
SSIP Shuttle Student Involvement Project
SSME Space Shuttle Main Engines
SSP Standard Switch Panel
SSRMS Space Station Remote Manipulator System
SST Single System Trainer
STA Shuttle Training Aircraft
STS Space Transportation System
T Time
TACAN Tactical Air Navigation
TAEM Terminal Area Energy Management
TAL Trans-Atlantic Abort Landing
TDRS Tracking and Data Relay Satellite
TPAD Trunnion Pin Acquisition Device
TPS Thermal Protection System
TSM Tail Service Mast
UHF Ultra high Frequency
UV Ultraviolet
VAB Vehicle Assembly Building
VLF Very Low Frequency
VPF Vertical Processing Facility
WCS Waste Collection System
WSMC Western Space & Missile Center
WSSH White Sands Space Harbor
13.1.4 References and Bibliography
13.1 American Institute of Chemical Engineers, Guidelines for hazard evaluation procedures: with worked examples, 2nd edition, 1992.
13.2 Brimley, W., “Spacecraft Systems; Safety/Failure Tolerance Failure Management”, part of a set of course note for a course offered previously at the University of Toronto, 199?.
13.3 Dhillon, B.S., Engineering Design; a modern approach, Irwin, 1996.
13.4 Dorf, R.C. (editor), The Electrical Engineering Handbook, IEEE Press/CRC Press, USA, 1993, pp. 2020-2031.
13.5 Leveson, N., Safeware: system safety and computers, Addison-Wesley Publishing Company Inc., 1995.
13.6 Rasmussen, J., Duncan, K., and Leplat, J., New Technology and Human Error, John Wiley & Sons Ltd., 1987.
13.7 Ullman, D.G., The Mechanical Design Process, McGraw-Hill, 1997.