14 May 2002 Meeting Minutes

SRE Space Systems Reliability Tools Standards Working Group

The 4th meeting of the Space Systems Reliability Tools Standards Working
Group was held on Tuesday, May 14, !!, from "#$! %M to 11#$! %M &'T( The
meeting consisted of two separate teleconferences( )ne teleconference was mediated
at The %erospace *orporation in +l Segundo, *%, and the other teleconference was
mediated at 'S, ,nternational, in )range, *%( The meeting agenda is on page $(
The ob-ecti.e of the SSRT Standards WG is to de.elop a commercial standard
that pro.ides a single framework for linking different reliability assessment tools( This
framework shall be built by defining critical process addresses
1
and standard formats
for all data elements used in appropriate identification, analysis, and .erification of
Reliability, Maintainability, and %.ailability /RM%0 re1uirements for space systems( ,n
the conte2t of this standard, 3appropriate identification, analysis, and .erification45
means there would be negligible risk of ad.erse effects from using the results( The title
of the standard shall be, 3Standard Format for Space System Reliability Computer
Applications,5 and its scheduled completion date is $! September !!(
The WG is organi6ed into two teams( Team 1 is tasked with defining the data
elements and their critical process addresses( The members of Team 1 are all
Reliability +ngineering e2perts and their lead is Tyrone 7ackson( Team is tasked with
defining the standard formats for the data elements( The members of Team are all
reliability tool de.elopers and their lead is 'an 8artop(
&articipants at the May 14
th
meeting were#
NME !"M#N$ #%"NE E&M'(
Ste.e 8arbater TRW "9":9;:$4;! Ste.e(8arbater<trw(com
'an 8artop
/0
'S, ,ntl( =14:>$=:;$9 dhartop<dsiintl(com
7im Sketoe ?oeing 9$:==$:";1 7ames(+(Sketoe<boeing(com
%l 7ackson *S@A? +ng Grad *ollege $1!:4;$:=4>; -acksona<simanima(com
Tyrone 7ackson
/10
%erospace *orp( $1!:$$>:>1=! Tyrone(7ackson<aero(org
Buegao /'a.id0 So8ar ,nc( $$:>9$:4=1= Buegao<sohar(com
Walt Willing Corthrop Grumman 41!:=>9:=$= walterDeDwilling<md(northgrum(com
/10
Meeting coordinator and Team 1 lead
/0
Team lead
1
The critical process addresses may be defned using machine-readable alphanumeric symbols or
human-readable Extended Machine Language (XML) keywords.
1
The following indi.iduals are on regular distribution for the SSRT Standards WG
Meeting minutes#
NME !"M#N$ #%"NE E&M'(
Mike *anga C%S% 7S* "1:4"$:9$;9 michael(a(canga1<-sc(nasa(go.
7 * *antrell %erospace *orp( $1!:$$>:";; 7ohn(*(*antrell<%ero(org
Terry Einney Spectrum %stro =1;:99!:!$9 Terry(Einney<specastro(com
Robert &olt6 'esign %nalyt2 "==:$=:=99! getreliability<designanalyt2(com
Eamran Couri ,tem Software =14:;$9:;!! kamran<itemsoft(com
7ames Womack%erospace *orp( $1!:$$>:=>4= 7ames(M(Womack<aero(org
7ohn ,ngram:*otton %erospace *orp( $1!:$$>:14; 7ohn(,ngram:*otton<aero(org
'a.e 'ylis R%* $19:$$;:=!99 ''ylis<,,TR,()RG
+ric Gould 'S, ,ntl( =14:>$=:;$9 egould<dsiintl(com
7im Eallis Raytheon $1!:>4=:$>! -mkallis<west(raytheon(com
?ill Geimer Corthrop Grumman >>:"1:="$ William(Geimer<northropgrumman(com
Aeo F( Watkins Aockheed Martin "1=:;$9:449 Aeo(F(Watkins<AM*)(com
Marios Sa..a Reliasoft 9!:"">:!41! Marios(Sa..a<reliasoft(com
%damantios Mettas ReliaSoft 9!:"">:!$>> +2t( ; %damantios(Mettas<ReliaSoft(com
'oug )gden ReliaSoft 9!:"">:!$>> +2t( 41 'oug()gden<ReliaSoft(com
Rich &ugh &ratt Whitney pugh<pwfl(com
Een Murphy %R,C* 9!9:4":!>4! EM@R&8G<arinc(com
*huck %nderson GR* ,nternational "1:4"$:4!"= charlton(r(anderson1<-sc(nasa(go.
Myron 8echt Sohar ,nc( $$:>9$:4=1=B111 Myron<sohar(com
Rebecca Menes Sohar ,nc( $$:>9$:4=1=B1!1 ?ecky<sohar(com
?ob Miller TRW $1!:"1:"4! Robert(Miller<trw(com
Ee.in &( Han Fleet Rele2 Software =4:"$>:""!! 21!9 ke.in(.anfleet<rele2software(com
8unter Shaw Rele2 Software =4:"$>:""!! 8unter(Shaw<rele2software(com
*larence Meese SR+ cmeese<ny2(net
2
May 14
t)
Meeting genda
Time SRE Working Group dministrati*e Topics
"#$! : "#4! &'T Take roll
Hote to appro.e the minutes of the %pril $!th meeting
Remind participants to pay their SR+ membership dues
Time Team 1 +iscussion Topics
"#4! : ;#!! &'T 'iscuss Status of %ction ,tems from the %pril $!th Meeting I Tyrone
7ackson
;#!! : ;#! &'T 'iscuss the +lectrical Stress 'erating %nalysis Flow 'iagrams I Ste.e
8arbater
;#! : ;#9! &'T 'iscuss the Reliability &rediction &rocess Flow 'iagram for the
&reliminary 'esign &hase I 7im Sketoe
;#9! : 1!#!! &'T ?reak

1!#!! : 1!#49 &'T 'iscuss the First:*ut Standard Formats for Reliability 'ata I Tyrone
7ackson
Team 2 +iscussion Topics
"#$! : ;#9! &'T 'iscuss Status of %ction ,tems from the %pril $!th Meeting I 'an 8artop
;#9! : 1!#!! &'T ?reak

1!#!! : 1!#49 &'T ?egin 'e.eloping a 'raft )utline for the Standard, which is titled,
3Standard Format for Space System Reliability Computer Applications5 I
'an 8artop
Team 1 , 2 Summary
1!#49 : 11#$! &'T Summary and Re.iew of %ctions ,tems I %ll
11#$! &'T Meeting %d-ourn
3
Team 1 +iscussion Topics
Team 1 participants in the %pril $!
th
meeting were#
Tyrone 7ackson /Team Aead0
Ste.e 8arbarter
Walt Willing
7im Sketeo
The group did not meet the minimum number of participants re1uired for a Team
1 1uorum and decided to postpone the .ote on appro.al of the %pril $!
th
meeting
minutes until the ne2t scheduled meeting on May "
th
(
The group agreed that Hisio !!! diagrams should be con.erted to Hisio 9
format before distribution to the working group for re.iew(
The group re.iewed Ste.eJs Stress +lectrical 'erating &rocess Flow 'iagram
and accompanying write:up( Ste.e mentioned that sometimes the secondary
parameters are not included in the stress derating analysis to sa.e money(
Tyrone .olunteered to de.elop draft definitions for some of the electrical stress
derating parameters( 8e plans on using the Fortran source code for an old M,A:
8'?E:1= program to build a list of component:specific derated parameters(
The group re.iewed 7imJs Reliability &rediction &rocess 'iagram for the
&reliminary 'esign &hase( The group agreed that unit le.el and component
le.el trade studies are often performed during the &reliminary 'esign &hase(
Therefore, the use of reliability data to support trade studies should be added to
Reliability &rediction &rocess 'iagram( 7im will modify the diagram(
The group discussed the widespread trend away from piece part FM+*%( Walt
said that, at a minimum, FM+*% should be performed to identify the effects of
failures at the interfaces of a Aine Replaceable @nit /AR@0( 8e added that
identifying internal failure modes of an e2isting AR@ would not be efficient use of
an analystJs time, but identifying internal failure modes of a new or modified AR@
would be efficient use of an analystJs time( The group agreed with Walt(
The group agreed that FM+*% should be used to .alidate the Reliability ?lock
'iagram /R?'0, and both the FM+*% and R?' should begin at the same le.el
of indenture(
The group agreed on the following concepts#
o ,n an ideal world, where tools are a.ailable to apply all reliability methods
with e1ual effort to all items, the preferred order of reliability methods
would be#
1( Field data
( Test data
4
$( &hysics of failure /&oF0 e1uations if they were deri.ed from applicable
test data
4( 8andbook reliability prediction e1uations if they were deri.ed from
applicable field data
o The MT?F calculation for *)TS should be based on either field data or
test data(
o ,n the real world /at least for now0, handbook reliability prediction methods
are the most cost effecti.e choice for MT?F calculations because#
,nsufficient field and test data is a.ailable for all items in modern
space systems(
% key goal of the Responsible 'esign +ngineer /R'+0 should be
to eliminate all wearout mechanisms that can affect mission
success( Therefore, &oF would not be necessary if this goal is
met(
*ost effecti.e &oF tools are not a.ailable(
o Some of the problems associated with handbook reliability prediction
methods include#
@se of proprietary parameters
Failure rate e1uations that were not deri.ed from field data
@nknown confidence bonds for calculated failure rates
%ssumed e2ponential /constant0 failure rates for all items
Aack of a comprehensi.e set of ha6ard rate e1uations for non:
electronic parts
Aack of a comprehensi.e set of non:operating failure rate
e1uations for electronic parts
Tyrone discussed an e2ample for a standard reliability data format that he
deri.ed from the old ?1 and ? sheets in M,A:ST':1$"":%( The e2ample
consists of predefined keywords that ha.e origination points identified on critical
process flow diagrams( The points on the diagrams ser.e as data addresses(
To allow consistent identification of the data by different reliability assessment
tools, the keywords are arranged in an indentured configuration that is based on
data dependency( Take for e2ample, a spacecraft Mean Mission 'uration /MM'0
prediction( ,ts standard electronic data interchange format might look something
like this#
5
RE('-'('T$
#RE+'!T'"N
MM+
RWE'-.(( /Rayleig)&Truncated Weibull0
S!(E 1 2030
S%#E 1 1345
-WER".T /-egin Wearout0 1 62
MWER".T /Mean Wearout0 1 47
!"N8'+EN!E 1 035
.N'TS 1 M"NT%S
Team 2 +iscussion Topics
Team participants in the May 14
th
meeting were#
'an 8artop /Team Aead0
'a.id Buegao
%l 7ackson
The group met the minimum number of participants re1uired for a Team
1uorum(
The following tasks ha.e been completed#
o *reated, @pdated and Re.iewed ,nitial Schema
o 'ocumented @pdated Schema *onsiderations for re.iew by Team
o 'iscussed potential ,nteroperability paths and approach
%s a side note, 'S, will ultimately create an BSA style sheet /-ust a fancy BMA
document for automatically changing BMA into something useful0 for con.erting
a Fault Tree BMA /FTMA K0 document into an +2cel BMA Spreadsheet
/supported by +2cel !!0( This will be accomplished sometime o.er the ne2t
few months at 'S,Ls a.ailability( Therefore, we will commit to an %ction ,tem that
will not ha.e a definite date other than by September !!(
Team 2 8uture genda
o Team : *omplete re.iew of Gate Types, ensure consistent parsing
for e2isting tools
o Team : 'efine interoperability paths for Fault Tree and other
Schemas
o Team 1 : &ro.ide input to Team regarding current schema

ction 'tems
1( Team 1 %ction ,tems I
6
a( %ll I Re.iew the updated Fault Tree Schema that Team constructed(
Specifically, check for correctness, completeness, and compliance with
the stated ob-ecti.e of standard /see page 10(
b( 7im I @pdate the diagram for the Reliability &rediction &rocess during the
&reliminary 'esign &hase( Specifically add references to Reliability
Trade Studies and FM+*%(
c( Tyrone and Ste.e I Tackle the Team action item to begin de.eloping a
draft outline for the standard, which is titled, Standard Format for Space
System Reliability Computer Applications5(
d( Tyrone I *onstruct a flow diagram for Similarity %nalysis that shows how
indi.idual reliability assessment tasks might be integrated at the
Reliability &rogram le.el(
e( Tyrone I 'e.elop draft definitions for some of the more typical electrical
stress derating parameters(
f( Tyrone I Write a draft guide and construct Reliability %nalysis &rocess
Flow 'iagrams for the 'etailed 'esign &hase(
( Team %ction ,tems I
a( %ll : Re.iew the updated Fault Tree Schema( Specifically, check for
correctness, completeness, and compliance with the stated purpose of
standard /see page 10(
b( S)8%R : 'efine interoperability /inputs and outputs to e2isting tools0(
c( S)8%R : *omplete re.iew for completeness of Gate Types(
d( 7ohn : Re.iew and update schema documentation(
e( %ll : Re.iew Team 1 documentation M findings(

7
Ne9t Meeting
The ne2t SSRT Standards WG Meeting is scheduled for May ", !!, at "#$! %M
&'T( Team 1 and Team will hold separate teleconferences from "#$! %M to 1!#49 %M
&'T( %t 1!#49 %M &'T, Team 1 will -oin the Team teleconference to discuss progress
and actions( The following teleconference numbers are to be used#
Team 1 teleconference number : /"""0 99!:9;>;, pass code >4>$94
Team teleconference number : /"""0 99!:9;>;, pass code 1>!"!
%rrangements ha.e been made for Team 1 to use CetMeeting concurrently during the
teleconference( For those that prefer face:to:face discussions, meeting rooms ha.e
been reser.ed at the following locations#
Team 1 meeting room : The %erospace *orporation, ?uilding ':", !! C(
%.iation ?oule.ard, +l Segundo, *% ;!49:4>;1
Team meeting room : 'S, ,nternational, 19=4 C( ?ata.ia, Suite $, )range, *%
;">=

8
#lanned 8uture Meetings
(ocation: The %erospace *orporation, ?uilding ':", !! C( %.iation
?oule.ard, +l Segundo, *% ;!49:4>;1
+ate: 2002
9N" Teleconference
>N11 Teleconference
>N9 Teleconference
=N1> Teleconference
=N$! Teleconference
"N1$ Teleconference
"N= Teleconference
;N1! Teleconference
"N4 Teleconference
&lease direct all comments regarding these meeting minutes to#
Tyrone 7ackson
SSRT Standards Working Group *oordinator
Tyrone 7ackson
Reliability M Statistics )ffice
The %erospace *orporation
&h( /$1!0 $$>:>1=!
Fa2 /$1!0 $$>:9$>9
+mail# Tyrone3;ackson<aero3org
9
Top&10 problems t)at a==ect t)e Reliability #rograms o= Space Systems
as determined by an internal >orking group sur*ey:
1( Haluable reliability lessons learned often are not in a format that is readily useable by
the Reliability &rogram, or they ha.e become 3lessons forgotten5 or 3lessons ignored5(
( Some reliability critical items often are not identified at all or are not properly
controlled(
$( System reliability predictions often do not include probability of occurrence estimates
for all rele.ant failure modes, failure mechanisms, and failure causes( /&robability of an
induced fault during manufacture, or probability of damage during assembly often is not
included in reliability predictions(0
4( The percei.ed accuracy of high:precision system reliability predictions often is not
supported by the input data which is of lower precision that the result(
9( The steadily shrinking pool of 3e2perienced5 Reliability +ngineering specialists is
unable to meet the needs of a steadily growing number of space system de.elopment
pro-ects(
>( Many commercial reliability assessment tools ha.e ma-or shortcomings that may not
be ob.ious to the casual reliability analyst /e(g(, inaccurate e1uipment failure rate
models, use of un.erifiable parameters in e1uations, high misapplication rates, etc(0(
=( )ften, insufficient funding is pro.ided to perform all of the tasks necessary for a
8igh:Reliability &rogram( /Some customers and managers belie.e that high:reliability
can be tested:in more cost:effecti.ely than it can be designed:in(0
"( 'ifferent approaches are being used across the space industry to perform reliability
assessment tasks that are called by the same name, but which often ser.e different
purposes( /,nconsistency in reliability assessment practices has become a ma-or
problem since 'o' canceled military standards in the late ;!Js(0
;( Some customersJ belie.e that all dependability predictions for space .ehicle
constellations are too conser.ati.e( /The basis of this belief is rooted in historical
e.idence that shows contingency procedures of ground operations are .ery effecti.e for
e2tending the useful life of a space .ehicle far beyond itJs predicted mean:life( This
phenomenon has resulted in many customers buying more space .ehicles than
necessary to meet the dependability re1uirements of the constellation(0
1!( Sometimes the reliability analyst cannot take ad.antage of /or is unaware of0 some
of the critical data paths that link a particular task of the Reliability &rogram with#
10
a( )ther tasks within the Reliability &rogramO
b( Systems +ngineering &rocess functions outside the Reliability &rogramO
or
c( +2ternal product:related data sources(
d(
11