Dickey.alan
-
Upload
nasapmc -
Category
Technology
-
view
13.237 -
download
0
description
Transcript of Dickey.alan
Determining Requirements Compliance During the Design Phase for a System of Systems
February 10, 2011
Alan Dickey, Wyle Integrated Science and Engineering
Stephen Chan, NASA JSC
Shana McElroy, Booz Allen Hamilton
Page 2Requirements Design Compliance
Outline
Introduction and Background
Purpose and Objectives
Methodology Details
Influencing Design
Connecting to Verification
Making it Work for a System of Systems Architecture
- -
Page 3Requirements Design Compliance
Introduction – Project Life Cycle Phases
SRR SDR PDR CDR SAR
KeySRR – System Requirements ReviewSDR – System Definition ReviewPDR – Preliminary Design ReviewCDR – Critical Design ReviewSAR – System Acceptance Review
Requirements Development/ Achievability
Design Qualification and Verification
DesignFocus on establishing program requirements that demonstrate capability to meet Agency goals and
objectives
Period of time used to define the detailed design
of the systemFocus on developing confidence that the integrated system will be
able to satisfy technical requirements
Page 4Requirements Design Compliance
Introduction - How Requirements Design Compliance Fits
Design
Requirem
ents
Risk and Safety Operatio
ns
The design phase must adeptly balance the interplay between hardware/software design and the requirements while managing an acceptable level of safety/risk, all within the context of the defined operations concepts
Page 5Requirements Design Compliance
Introduction - Why Requirements Design Compliance?
A system of systems is complex and has many variables – making an objective decision to proceed from one design phase to the next is hard and Requirements Design Compliance is a systematic method to bring more objectivity into that decision making process
Risk can be found early by measuring the requirement achievability of design concepts with the same measuring stick that will be used in the final product
Requirement verification is the finish-line by which we declare success for product delivery, therefore requirement compliance assessments can be used to provide periodic dry-runs for verification
NPR 7123 Success Criteria (as it relates to requirements design compliance):
At PDR: The preliminary design is expected to meet the requirements at an acceptable level of risk
At CDR: The detailed design is expected to meet the requirements with adequate margins at an acceptable level of risk
Introduction – Constellation Program Structure
Page 6Requirements Design Compliance
Constellation (Cx) Program Office
Page 7Requirements Design Compliance
Background - Requirement Flow Down and Decomposition
ISS Crew Capacity
Orion
Ares 1
Orion Element
EVAMission Systems
Ex-0010-01Cx
Orion Habitable Volume
Orion Low Earth Orbit Crew Capability
Mission Systems Crew Training
CA0426-PO
CA1000-PO
CA5129-PO
EVA1067
CA0447-PO
CV0085
SS-SC-2256
CV0874
Orion Automated De-Orbit from Low Earth Orbit
Low Earth Orbit Capability
Orion Un-Crewed Flight Configuration
CA0447-PO Orion Automated Rendezvous, Prox Ops, Dock/Undock
EVA System Crew Size
Ares 1 Lift Mass for ISS Missions
Requirement decomposition, flow down and traceability of top level Architecture requirements set the stage for Requirements Design Compliance● For Cx, Architecture requirements are implemented through Program and allocated
to Projects (systems), and flowed down to the design implementation level● All Cx requirements are assigned owners and mapped to stakeholders
Exa
mp
le
Page 8
Requirements Design Compliance Purpose & Objectives
Purpose of Requirements Design Compliance is to identify and establish resolution paths for integrated architectural performance/design issues as early in the design cycle as possible Proactively manage ‘acceptable level of risk’ Early issue resolution/prevention reduces cost and schedule impacts End-to-End mission architecture perspective
Key objectives of Requirements Design Compliance include: Early identification of design aspects that are at high risk to meet the established
requirements and perform end-to-end Utilize objective design evidence to determine success of design cycle, from
architecture perspective of the design reference mission (DRM) and operations concepts (ops con)
Facilitate vertical integration of design compliance data with Projects and horizontal integration across Program (i.e. provide bigger picture for lower level requirements)
Resolve, report and track significant architecture compliance issues (includes impact analysis based on lover level non-compliances)
Engage architecture requirement owners in how the design will be verified and create a relationship between the tools/process for compliance with that used for verification (‘get their hands dirty’ early)
Requirements Design Compliance
Connects the beginning (requirements) to the end (verification) and provides a means to track the health of the architecture and minimize risk
Requirements Design Compliance Methodology
Page 9
ProjectDCMs
ProjectDCMs
ProjectDCMs
ProjectDCMs
Page 10Requirements Design Compliance
Requirements Design Compliance Methodology - Issue Handling Processes
Reqmt Owners
ProjectData
RequirementStakeholders
Risk Plans
TPMs
Analyses
Requirement Owners Design
Compliance Assessments
New issue handling measures created to mitigate new issues
Status used as assessment input
Change Request
Technology
Requirement Owners use objective data provided by projects, stakeholders, architecture analyses and issue handling processes to conduct requirement design compliance assessments as an integrated team/process activity. Issues fed back to
architecture or system issue resolution processes as appropriate.
Architecture/System Processes
Page 11Requirements Design Compliance
Requirements Design Compliance Methodology, continued
Requirements Design Compliance relies on objective evidence to identify issues that could impact verifying the architecture requirements
• Objective evidence helps limit subjectivity when assessing realistic level of risk; however, objective evidence must be combined with sound judgment – design phase data may be incomplete and sound judgment is needed to help bridge the gap
• As the Project moves forward through its life cycle, more objective data is necessary to lead to verification compliance
• Lack of any objective evidence indicative of either non-compliant design or design behind schedule
Acceptable objective evidence can be of many types, such as:• Analysis and Independent Assessment Results – approved and peer reviewed• Technical Performance Metric (TPM) Reports – e.g., monthly mass status• Inspection and Demonstration Reports• Test Reports• Design Data Deliverables • Engineering judgment based on historical similarity
Traceability permits objective evidence to be readily linked to requirements
Objective evidence is key to Requirements Design Compliance but thinking must stay in the equation
Requirements Design Compliance Methodology - Definitions
Architecture Compliance Definitions Compliant (Green) – The overall technical design is expected to meet the
requirement at an acceptable level of risk.
Watch (Yellow) – The overall technical design does not currently meet the requirement,
but an acceptable mitigation plan has been identified and documented. There exists a specific significant threat(s) that requires additional
mitigation plans to be developed – actions assigned and accepted.
Non-Compliant (Red) – The overall technical design is not expected to meet the requirement and an acceptable mitigation plan has not been identified. In addition, the requirement has systemic threats that permeates the overall design compliance.
Acceptable Level of Risk - No known technical issues exist which will impact meeting the requirement; or, appropriate issue management processes (risk mitigation plans, Technical Performance Measures, etc.) are in place and indicate issue(s) will be mitigated to meet program baseline schedule. See graphic on next chart.
Page 12Requirements Design Compliance
Page 13
Requirements Design Compliance Methodology - Acceptable Level of Risk
3.5
3.0
2.5
2.0
1.5
1.0
0.5
0.0
Task 1Task 2
Task 3 Task 4
Task 5Task 6
Time
RiskLevel
High
Moderate
Low
The Approved Mitigation Plan – Day 0kg (1000)*
Requirement*
Current Design
Level of risk is acceptable if: • A technically feasible/funded path forward exists to provide a compliant design prior to a required date
• Plan is executed and remains on schedule
Required Date
Predicted path forward should be described via a Risk Plan, TPM, or other project plan and statused in the appropriate forum.
Jul 1
1
Jan
12
Jul 1
2
Jan
13
Jul 1
3
Jul 1
4
Jan
14
Requirements Design Compliance
*Hypothetical requirement
Page 14Requirements Design Compliance
Requirements Design Compliance Methodology -Tools Used
Requirements Design Compliance embedded in Architecture requirement database (Cradle)
Full linkages between requirements and assessments
Assessment reports and requirement traceability reports exported to Excel
Any database/excel can be used as tool
+
An intuitive, uncomplicated tool which links directly to requirements database will yield the best results
Using Requirements Design Compliance to Influence Design - Example
Requirement Design Compliance at Ares PDR proved effective at identifying significant integrated requirement non-compliances
Page 15Requirements Design Compliance
Example 1 – analysis revealed the liftoff clearance between the integrated stack vehicle and the launch facility was insufficient and caused pad re-contact & plume damage Requirement validation and model refinement (e.g.
cantilever vehicle, thrust misalignment update) did not resolve issue
Implemented thrust vector control (TVC) on liftoff to preclude re-contact (e.g. command to counter deterministic TVC bias, command to bias to the South)
Example 2 – GN&C team analysis indicated a roll attitude error build up during First Stage flight that exceeded the 27 deg requirement Defined forward work such as evaluating OML
changes to improve aero roll torques, re-working CFD, and re-examining vehicle performance using Monte Carlo Flight simulations to gain compliance
Combined hardware (aerodynamic strake) and software (load relief algorithms) options to optimize resolution of roll attitude error issue Example from Ares I-X Roll Control System
CFD Analysis
Page 16Requirements Design Compliance
Connecting Requirements Design Compliance to Verification
During PDR phase, verification planning is in early development● The Requirements Design Compliance effort is separate from verification
planning due to disparate maturity levels between the two efforts– Verification and requirements compliance have a lot of overlaps– Requirements compliance helps clarify verification planning aspects
During CDR phase, verification is in final planning stage● Requirements design compliance combined with verification pre-work
– Capture objective evidence in same database – Look for and capture requirements compliance data that could be used as part of
verification closure data For example, integrated verification starts at CDR – integrated analyses to be
used for verification are often complete; you validate that the systems are performing as you expected through qualification
Requirements design compliance can help identify constraints for verification work and/or potential operational constraints due to verification limitations
Assessments supporting Requirements Design Compliance can provide the integrated analysis for verification, leaving only validation of the system to
be done through qual
Page 17Requirements Design Compliance
Making it Work for a System of Systems Architecture
The integration effort is easily underestimated, with specific integration needed to● Agree on roles and responsibilities between architecture and systems
– System data is needed at specific points in time to determine architecture compliance at major milestones
– Many of the pieces from this effort came from collaboration with system implementers– Agree on both the what and the how– Create an overall community of practice focused on overall architecture requirements
design compliance
● Clarify that it isn’t just filling in a database with compliance data – it is a technical assessment
– Time must be allocated for the technical team members to perform the assessment
● Learn from the different system engineering perspectives in order to improve the success of the effort
– Ares was first system to be assessed - provided significant insight into what to do and not do
● Communicate definitions and objectives across all teams
Page 18Requirements Design Compliance
Making it Work for a System of Systems Architecture, cont.
Showing design is compliant to requirements is needed by all systems to move from one phase to the next – communicate value/purpose at all levels
It always takes more time than you think it should – maximize time for stakeholders and requirement owners assessment
The earlier in the project lifecycle you start, the easier it is to implement● Starting during requirements development/achievability phase using available data
enables full PDR phase implementation and facilitates understanding of requirements achievability
Page 19Requirements Design Compliance
Making it Work for a System of Systems Architecture, cont.
Simplicity should be a high priority – people/teams get frustrated by complicated processes and tools● The objective is not to have a process/tool that does the engineer’s thinking, but
to have a simple enough process/tool that it enables the engineers to think
Requirement traceability is a factor in the accuracy of the effort
Acceptable level of risk has different meanings to different people
It is not a panacea of all integration – it is more like a periodic health report to catch anything integration missed● While such a process can be intuitive for a small project, for a large Project you
don’t want to leave it to chance
Page 20Requirements Design Compliance
Questions
Page 21Requirements Design Compliance
If you would like further information…
Alan Dickey: [email protected], 281-244-5680
Stephen Chan: [email protected], 281-483-1083
Shana McElroy: [email protected], 281-483-9580
Page 22Requirements Design Compliance
Backup
Page 23
Why Integration Is Needed
As proposed by the
customer.As specified by the
Program.Design as interpreted
by Project A.
Design as interpreted by Project B.
Design as interpreted by Project C.
What was really needed.
Requirements Design Compliance
- -
CxP PDR Architecture Metrics - Example
Page 24
Color Definition
Green Compliant
Yellow Watch items
Red Non-compliant
Cx Architecture Requirement Owner Green Yellow Red TOTAL
DIO (Architecture Integration) 2 1 3
Environments & Constraints 7 1 8
Flight Performance 10 2 12
Ground and Mission Operations 17 3 1 21
Human Systems 1 1
Integrated Systems Performance 2 4 6
Integrated Loads, Structures and Mechanisms 4 2 1 7
Integrated Power 1 1
Integrated Thermal/ECLSS 1 2 3
Software and Avionics 16 8 2 26
Safety, Reliability & Quality Assurance 2 2 4
Supportability, Operability, and Affordability 3 3
TOTAL CORE REQUIREMENTS 58 32 5 95
Requirements Design Compliance
Requirements Design Compliance (RDC) Lifecycle
CustomerConstellation
Program, NASA
Headquarters
PDR Products
Weekly RDC Planning Meeting
SOA SIG
T/ECLSS SIG
ILSM SIG
Power SIG
E&C SIG
HSIG
FP SIG
HTI
Trai
ned
Sta
ff
Exp
erie
nce
Best
Practices
Subject
Matter
Experti
se
RIDsProjects
Orion
Altair
Ares
MS
GS
EVA
Level IIIPDR Board Actions
Analyses Risks
CxP PDR RDC
Report
Projects
Orion
Altair
Ares
MS
GS
EVA
GOALTo objectively determine if the preliminary design
can be expected to meet requirements to an acceptable level of risk.
Official Path of Issue Resolution
GMO SIG
SR&QA
SAVIO
SIG/Project Community of Practice Efforts
ASET
SIG/Project Community of Practice Efforts
RIDsAnalysis Cycles
Level II Actions
DIO
TraceVerific
ation
Page 25Requirements Design Compliance
NASA Center and Project Locations
Page 26Requirements Design Compliance