Skip all navigation and jump to content Jump to site navigation Jump to section navigation
Jump to current event information
NASA - National Aeronautics and Space Administration    + NASA Homepage
Go
PM Perspectives banner image
Article Header ImageGo to the PM Challenge WebsiteGo to read the Articles for 2006Go to Print the magazine in pdf formatView the past volumes of PM PerspectivesPMC 2009 PostcardPMC Presentation Archive PagePM Perspectives Home Page
 
 
 
  Risk Driven Design image
 

Iterative Risk Driven Design Approach for CEV Avionics
- Michael Bay
By: Kevin Mock
Embry-Riddle Aeronautical University

As NASA designs, builds and tests the new spacecraft of the Constellation program, risk driven design approaches must be used to ensure safety of the crew and the reliability of the complex systems required for manned spaceflight. In the discussion of the Crew Exploration Vehicle (CEV) Avionics system design, Michael Bay, a chief engineer for Bay Engineering Innovations, showed the importance of using risk analysis to evaluate design alternatives. The approach to solving such a complex problem included the idea of the “building up” of the system from the simplest design to a point where the system is considered safe for human spaceflight. This build up approach assures resources are applied where they do the most good and controls complexity.

In this approach Bay started with the outlining of design requirements. He was very keen to point out that their goal was to only layout the minimum design from a functionality aspect. “Too many upfront design requirements prevent exploring of other designs,” said Bay and stressed that “upfront design requires flexibility creativity that can be over constrained by too many requirements.” From these minimalist design, a first iteration system was designed and mass estimates for the system were determined. The goal of the first iteration was to make the system as simple as possible and yet as safe as possible. This design was evaluated from a risk perspective to check for potential functional and safety related failures. Components and redundancies were then added or removed from the system on the basis of importance to safety and mission success and their mass penalties. It is of course the priority of these systems to bring the crew home safely, but they must also be simple, lightweight, and reliable.
 
During this iterative process, thorough risk analysis was conducted on each design. All possible known risks were studied and given a priority level of Safety Critical, Mission Critical, or Non critical. A majority of the time, safety and reliability can be solved by redundancy, however Bay advised against strictly using this approach. He instructed that diverse parallel systems should be used to ensure safety, citing that redundant systems can fail in exactly the same way. This is not normally the first thing that comes to mind when designing a system, as different parallel systems typically add complexity that is generally unwanted. However, when safety is the main priority such complexities must be tolerated. Additionally, Bay noted that redundancies and parallels should not be the only backup to primary systems. A safe mode system that provides the very basic functions for safety should be provided as well. Safe modes “are good protection against common cause failures,” Bay said.
Figure of Effectiveness Box
Figure 1 - Effectiveness Box
 

Since designing a human space vehicle that will carry men to the moon and beyond is such a complex, challenging, and expensive process, much more then just safety must be addressed. Three important criteria play heavily on the successful implementation of spacecraft design. Figure 1, shows a perspective where often competing needs must be considered to keep the ultimate solution “In the Box”. The goal of this approach is to place constraints on each of the three considerations to create an effectiveness box. A system is then designed to stay in the box in all three aspects of risk, cost, and performance. Appling the build up approach starts with cost and performance constraints in the box, but risk out side the box. As the system is built up, risk is reduced with attendant increases in cost and technical resources. Bay also stressed how important it was to provide a safety margin in all three aspects of design so that not one area approaches the constraints as the design matures.

Through this approach of build up iterations and risk analysis, NASA hopes to design a safe and efficient avionics system for the Crew Exploration Vehicle. The hopes are that this will eliminate any over complex systems that may jeopardize the safety of the crew or the success of the mission as we explore the moon and beyond.


FirstGov logo + NASA Privacy, Security, Notices NASA logo

Curator: Jennifer Poston
NASA Official: Dorothy Tiffany
Last Updated: April 16, 2008
 
 
NASA Home Page Goddard Space Flight Center Home Page