![[NASA Logo]](../Images/nasaball.gif)
| |
NASA Procedures and Guidelines |
This Document is Obsolete and Is No Longer Used.
|
|
P.1 Purpose
P.2 Applicability
P.3 Authority
P.4 Applicable Documents
P.5 Measurement/Verification
P.6 Cancellation
1.1 Introduction
1.2 Payload Safety Program Purpose
1.3 ELV Payload Safety Program Roles and Responsibilities
1.4 Tailoring, Equivalent Level of Safety (ELS), and Waiver Processes
1.5 Auxiliary Payloads Ridesharing on Launch Services Program Contracted Launch
1.6 Payloads Not Using Launch Services Program Procured Launch Vehicle Services
1.7 Missions Involving Payload Recovery
2.1 Introduction
2.2 Payload Safety Working Group
2.3 General Safety Process Requirements
2.4 Flow of Activities and Deliverables
2.5 Reserved
2.6 Data Submittals
Figure 2-1, ELV Payload Safety Review Process Interfaces
Figure 2-2, Timeline of ELV Payload Safety Reviews
Change Log
Change # |
Date |
Description |
1 |
6/19/2018 |
Updated to correct hyperlinks in Paragraph 1.4.5 Note; Paragraph 1.4.7 and Paragraph 2.4.2b.(2) Note. |
This NASA Procedural Requirements (NPR) defines the Agency ELV Payload Safety Program. This NPR contains NASA's policy, roles and responsibilities, and safety review process requirements for safeguarding people and resources (including flight hardware and facilities) from hazards associated with payloads that will fly on uninhabited Expendable Launch Vehicles (ELVs) (i.e., ELV payloads), including hazards associated with payload to launch vehicle integration, multiple payloads, payload-related Ground Support Equipment (GSE), and ground processing. This NPR provides for implementation of Safety and Mission Assurance (SMA) Technical Authority with regard to safety concerns associated with ELV payload projects.
Note: The Agency ELV Payload Safety Program focuses on what launch ranges have traditionally called ground safety (i.e., protection of people and resources from hazards associated with payload testing, processing, integration to the launch vehicle components, and launch). However, to ensure safe payload ground processing, this program provides payload safety requirements related to payload design, production, processing and testing, vehicle integration, launch through payload separation from the launch vehicle, and planned return-to-Earth recovery or sample return. This program ensures coordination with the range flight safety process to address any payload-related public safety concerns. For NASA ELV missions, in-flight operational payload/spacecraft safety after payload separation from the launch vehicle is addressed by the mission assurance process and not by this program. The mission assurance process incorporates various aspects of system safety for the payload's entire life cycle, including the in-flight operational phase. The mission assurance process typically involves mission success risk, cost, and schedule trades. The mission success and any scientific objectives of the payload are the responsibility of the Payload Project Office and are outside the scope of the Agency ELV Payload Safety Program. The Agency ELV Payload Safety Program uses safety review processes and safety requirements to identify and abate hazards. Organizations with resources at risk are represented and involved in the hazard abatement and risk reduction processes.
a. This NPR is applicable to NASA Headquarters and NASA Centers, including Component Facilities and Technical and Service Support Centers. This language applies to the Jet Propulsion Laboratory (JPL), a Federally Funded Research and Development Center (FFRDC), other contractors, grant recipients, non-Government entities, or parties to agreements only to the extent specified or referenced in the appropriate contracts, grants, or agreements. Unless otherwise specified, the term "Center" throughout the rest of this document is meant to include NASA Component Facilities and JPL (an FFRDC).
b. This NPR applies to uninhabited orbital and uninhabited deep space payloads that fly onboard ELVs (including aircraft-assisted ELVs such as Pegasus) and are managed by NASA, whether developed by NASA or any NASA contractor or independent agency in a partnership with NASA. This NPR does not apply to payloads flown on crewed launch vehicles or payloads that will interface with the International Space Station (ISS). NASA human space flight programs have payload safety concerns beyond those addressed by this NPR. Such programs typically have specific payload safety processes that satisfy the Agency payload safety policy contained in NPR 8715.3, NASA General Safety Program Requirements, and NPR 1800.1, NASA Occupational Health Program Procedures. Human space flight programs (including any program supporting the ISS), after consultation with the NASA ELV Payload Safety Manager, may elect to implement aspects of this NPR as applicable to their operations.
c. This NPR contains requirements that apply to each ELV payload and its design, fabrication, testing, vehicle integration, spacecraft processing, launch, and planned return-to-Earth payload recovery or sample return; payload-provided upper stages flown on ELVs; interface hardware that is flown as part of a payload; and GSE used to support payload-related operations. This NPR does not address spacecraft operations after payload separation from the launch vehicle with the exception of return-to-Earth payload recovery or sample return.
d. This NPR applies to ELV payloads developed under a NASA grant or cooperative agreement (to the extent specified in the grant or agreement) to ensure compliance with Federal, State, and local requirements relating to safety as specified in NPR 5800.1, Grant and Cooperative Agreement Handbook (14 CFR 1260.37) (see paragraph 1.3.7 of this NPR).
e. This NPR does not apply to payloads that will fly on suborbital launch vehicles (such as sounding rockets, balloons, or aeronautical vehicles). Suborbital payloads are subject to the policies and requirements of NPR 8715.3 and applicable local processes and requirements. For example, suborbital launches conducted by Wallops Flight Facility are subject to the Wallops Range Safety Manual (RSM 2002).
f. This NPR does not apply to non-NASA payloads launched from Wallops Flight Facility where NASA is just providing range services, such as for Department of Defense missions or payloads launched under a Federal Aviation Administration commercial launch operator license. Such missions are subject to the local Wallops Range Safety Process and requirements and the regulations and requirements of the other agencies involved.
g. This NPR may apply to small satellites (e.g., CubeSats, Nano-Satellites, Picosatellites) that are easily accommodated and rideshare as auxiliary payloads on a launch vehicle with a primary payload in a non-interference manner (see paragraphs 1.5 and 1.6 of this NPR).
a. The National Aeronautics and Space Act, as amended 51 U.S.C. § 20113(a).
b. NPD 8700.1, NASA Policy for Safety and Mission Success.
a. NASA-STD 8719.24, NASA Expendable Launch Vehicle Payload Safety Requirements.
Compliance with the requirements contained within this NPR is continuously monitored by the ELV Payload Safety Agency Team, Centers, and by the SMA Technical Authority. Compliance may also be verified as part of selected life-cycle reviews and by assessments, reviews, and audits of the requirements and processes defined within this NPR.
This NPR cancels NPR 8715.7, Expendable Launch Vehicle Payload Safety Program, dated May 30, 2008.
Terrence W. Wilcutt
Chief, Safety and Mission Assurance
NASA ELV payloads often incorporate hazards which can pose significant risk to life and property. NASA ELV payload missions require the coordination of efforts among a diverse group of participants who have varying responsibilities and authorities. These missions can present unique challenges to the payload safety assurance process, which often involves numerous organizations internal and external to the Agency. The Office of Safety and Mission Assurance (OSMA) has established the NASA ELV Payload Safety Program to assist ELV payload projects in achieving safety design objectives, obtaining the necessary safety approvals, and assuring that the objectives are satisfied for all ELV payload missions. This chapter describes the general roles, responsibilities, and requirements of the NASA ELV Payload Safety Program.
Note: NPR 8715.3, NASA General Safety Program Requirements, Chapter 3, contains safety policy applicable to all types of payloads controlled by NASA. The following is consistent with that general Agency policy.
1.2.1 Consistent with its policies in NPD 8700.1, NASA Policy for Safety and Mission Success, NASA has a responsibility to safeguard people and resources (including flight hardware and facilities) from hazards associated with ELV payloads, payload to launch vehicle integration, multiple payloads, and payload-related GSE by eliminating the hazards or reducing associated risks to an acceptable level.
1.2.2 As part of this responsibility, NASA maintains the ELV Payload Safety Program to:
a. Establish and maintain technical and procedural safety requirements applicable to NASA ELV payload design, production, processing and testing, vehicle integration, launch through payload separation, and planned return-to-Earth recovery or sample return.
Note: The ELV Payload Safety Program's involvement with payload system safety during launch and the ascent flight phase through payload separation from the launch vehicle is to ensure that a payload does not cause a launch failure with potential public safety consequences.
b. Coordinate with U.S. and foreign entities that participate in NASA ELV payload projects as needed to identify and ensure compliance with tailored safety requirements that apply to each payload.
Note: The requirements of this NPR (including requirements incorporated by reference) apply to all NASA ELV payloads. Most NASA ELV payloads of high priority and national significance are launched through the NASA Launch Services Program. Special cases may include NASA payload launches on Department of Defense or foreign launch vehicles. Other NASA payloads of lower priority are often for space technology gains and may not use NASA Launch Services Program. The requirements tailoring process defined in this NPR and NASA-STD 8719.24, NASA Expendable Launch Vehicle Payload Safety Requirements, is designed to address typical NASA missions as well as special cases (see paragraph 1.5 and 1.6 of this NPR).
c. Ensure that relevant safety requirements are incorporated into the overall requirements for each NASA ELV payload, the contracts for any related procurements, and any related cooperative and grant agreements.
Note: It is the intent of this NPR to ensure adherence to applicable safety requirements that provide an equivalent level of safety for all NASA ELV payloads, other resources, and personnel regardless of where the payload is being processed, including commercial facilities.
d. Maintain an independent payload safety review and approval process designed to ensure that each NASA ELV payload project properly implements all applicable safety requirements as part of its risk management process.
1.3.1 The Chief, Safety and Mission Assurance:
a. Oversees and provides funding for administration of the ELV Payload Safety Program.
b. Approves and promulgates Agency-level ELV payload safety policy and requirements, including the provisions of this NPR and associated implementation documents.
c. Designates (or assures the flow down of) SMA Technical Authority per NPR 7120.5 as applicable to ELV payload missions and the requirements of this NPR.
Note: For most NASA ELV payload projects, there is an SMA Technical Authority with overall SMA responsibility for the project who would generally be located within the responsible Center SMA organization. There is also an SMA Technical Authority with responsibility for the launch area processing activities, who is generally the SMA Technical Authority for ELV launches conducted under the NASA Launch Services Program. It is possible for a safety issue to overlap two areas of SMA responsibility. In this case, both SMA Technical Authorities would participate in resolving the issue.
d. Designates, in writing, the NASA ELV Payload Safety Manager (see paragraph 1.3.3 of this NPR).
e. Designates, in writing, the members of the ELV Payload Safety Agency Team (see paragraph 1.3.4 of this NPR).
f. Resolves any conflicts within the ELV payload safety process requiring an Agency-level decision.
1.3.2 Each SMA Technical Authority responsible for a payload:
a. Approves tailoring of safety requirements and Equivalent Level of Safety (ELS) determinations per paragraph 1.4 of this NPR.
Note: In accordance with NPD 1000.0, NASA Governance and Strategic Management Handbook, any delegation of the Technical Authority role is traceable to the Administrator and funded independent of Programmatic Authority.
b. Concurs on waivers to safety requirements per paragraph 1.4.3 of this NPR.
Note: The Technical Authorities for Engineering and Health and Medical may also be involved in the tailoring, ELS, and waiver processes as applicable.
c. Concurs on the issuance of the Certificate of ELV Payload Safety Compliance per paragraph 2.4.2 of this NPR.
1.3.3 The NASA ELV Payload Safety Manager leads the ELV Payload Safety Program. In this capacity, the NASA ELV Payload Safety Manager:
a. Serves as the Agency focal point for matters involving ELV payload safety.
b. Assists the OSMA in developing, maintaining, and overseeing the implementation of Agency-level ELV payload safety requirements.
c. Maintains the safety review and approval process for NASA ELV payloads.
Note: The ELV Payload Safety Review and Approval Process is defined in Chapter 2 of this NPR. The NASA ELV Payload Safety Manager's responsibilities specific to the process are provided in paragraph 2.3.5 of this NPR.
d. Provides input and guidance to NASA officials responsible for development of ELV payload-related contracts, grants, and cooperative agreements with entities internal and external to NASA, including foreign entities.
e. Reports to the OSMA on any ELV payload safety concern requiring an Agency-level decision.
f. Ensures, for NASA payloads and payload contributions, the establishment of both a Payload Safety Working Group (PSWG) and a safety review and approval process.
g. Participates as an element of the NASA Headquarters Safety and Mission Assurance Audits, Reviews, and Assessments program defined by NPR 8705.6 for the area of ELV payload safety.
(1) Participates in appropriate assessments of payload safety processes at NASA Centers, component and range facilities, payload processing facilities (including contractor facilities used to process NASA ELV payloads), and launch sites.
(2) Coordinates independent assessments of payload safety processes with the audits, reviews, and assessments performed by the OSMA to ensure an effective and efficient overall safety assessment process.
h. Coordinates with the Office of International and Interagency Relations (OIIR) to open and further enhance communications with U.S. and international governments, foreign entities, and space agency partnerships regarding NASA ELV payload safety.
i. Ensures that safety review activities and actions are coordinated with the NASA Centers, ELV payload projects, launch vehicle contractors, ELV Payload Safety Agency Team, and appropriate approving authorities (including the SMA Technical Authority when appropriate) to resolve payload safety concerns in support of overall mission success.
j. Establishes and maintains ELV payload safety training courses addressing NASA ELV payload safety requirements, safety review and approval process, and related activities.
k. Provides a forum for payload safety technical interchange and lessons learned, including educational workshops for the benefit of the ELV payload community.
l. Tracks and implements recommended improvements regarding the safety review process and updates processes and requirements as needed.
m. Develops and maintains a NASA ELV Payload Safety Web site as a tool that may be used by ELV payload projects and other involved organizations to provide access to applicable documents, schedules, notices of special events, and other project and ELV Payload Safety Program information.
n. Develops, tracks, documents, and reports metrics data on the success of the ELV Payload Safety Program and develops recommendations for continuous improvement and areas of emphasis.
o. Ensures, in coordination with the OIIR, that appropriate agreements exist with Air Force Range Safety and other external organizations for their participation in ELV Payload Safety Program activities.
p. Leads the NASA ELV Payload Safety Agency Team (Agency Team) which:
(1) Establishes and documents the activities and processes needed for the Agency Team to satisfy the responsibilities identified in paragraph 1.3.4 of this NPR.
(2) Ensures decisions have been coordinated with all Agency Team members.
q. Coordinates with the Agency Team and each PSWG Chairperson as necessary to ensure consistent tailoring, waivers, and ELS approaches for all NASA ELV payload requirements.
1.3.4 The ELV Payload Safety Agency Team's role is to provide Agency-wide perspective and insight on ELV payload safety-related activities and requirements in support of Payload Safety Working Groups (PSWG), (see paragraph 2.2 of this NPR), OSMA, and SMA Technical Authorities. The Agency Team:
a. Promotes the consistent implementation of the policy and requirements of this NPR (including requirements incorporated by reference) throughout the Agency.
b. Remains cognizant of payload safety concerns and disseminates related information to applicable payload projects.
c. Establishes positions regarding concerns, guidance, or comments applicable to a payload project and provides those positions to the project's PSWG (see paragraph 2.2 of this NPR) as early as possible in the safety review process.
d. Provides advice to the Chief, Safety and Mission Assurance, and the SMA Technical Authorities on ELV payload safety concerns, including any issues requiring an Agency-level decision.
e. Provides consistent interpretation of payload safety requirements (including determination of requirements applicability) and guidance on the proper implementation of those requirements.
f. Issues interim guidance to the NASA ELV payload community on safety requirements, processes, and specific payload design concerns as needed to assure the policy and requirements of this NPR are satisfied.
g. Coordinates with the PSWG as needed to provide the SMA Technical Authorities with assessments of alternative approaches proposed as part of tailoring, ELS determination, and waivers of requirements in accordance with paragraphs 1.4.1 through 1.4.9 of this NPR.
h. Evaluates the need for improvements of ELV payload safety-related practices or requirements necessitated or made possible by technological and methodological advances or organizational changes.
i. Coordinates with other SMA programs and disciplines to assure consistency of practices and requirements and efficiency of processes.
j. Reports annually to OSMA on the state of the ELV Safety Program, including the effectiveness of program elements and near- and long-term challenges and objectives.
1.3.5 Each Center Director responsible for a Payload, Payload Processing Facility, or Launch Site shall support the ELV Payload Safety Program (Requirement). The Center Director (or designee):
a. Establishes the Center-level processes and associated requirements needed to ensure that the policy in paragraph 1.2 of this NPR is satisfied for each ELV payload project that uses the Center's resources.
b. Supports safety assessments of ELV payload activities and responds to all findings and recommendations for which the Center is responsible.
c. Ensures that relevant Center personnel working on or with the NASA ELV payload safety requirements, safety review and approval process, and related activities are qualified and able to perform their associated duties.
Note: The ELV Payload Safety Manager is responsible for developing an ELV payload safety training program per paragraph 1.3.3.j of this NPR.
d. Ensures that Center institutional resources (including any GSE and facilities) provided to the payload project to support the processing, testing, vehicle integration, launch, and planned return-to-Earth payload recovery or sample-return activities of NASA ELV payloads comply with applicable NASA and Center technical and procedural requirements.
1.3.6 Each NASA Center SMA Director responsible for a Payload, Payload Processing Facility, or Launch Site shall support the ELV Payload Safety Program (Requirement). The SMA Director (or designee):
a. Ensures implementation of this NPR for each ELV payload project that uses the Center's resources.
b. Provides each payload project with the SMA expertise needed to ensure the project successfully completes the safety review and approval process defined in Chapter 2 of this NPR.
1.3.7 Mission Directorates and Programs shall ensure (Requirement):
a. Funding and other resources needed are available to meet the requirements of this NPR regardless of the launch vehicle provider or launch vehicle procurement method.
b. Contract, Grant, Cooperative Agreement, or Other Agreement Officers are provided with the requirements documentation and provisions to satisfy the requirements of NASA-STD 8719.24 and this NPR for incorporation into contracts and agreement(s).
c. The ELV Payload Safety Program, through the PSWG, is provided adequate information to meet the requirements of this NPR, including:
(1) Information on payload/launch vehicle interface safety concerns.
(2) Notification of project and program meetings to include design, launch vehicle coordination, ground operations, and others.
1.3.8 NASA Contract, Grant, Cooperative Agreement, or Other Agreement Officers shall ensure that requirements documentation provided by the program manager, project manager, or their designee that is necessary to comply with this NPR and obtain the approval of relevant authorities is incorporated in the contracts and agreement(s) governing each payload (Requirement).
1.4.1 The overall intent of the ELV payload safety requirements tailoring process is to ensure appropriate oversight of Agency requirements while providing the Centers and project managers with the authority and flexibility needed to accomplish their tasks. There are three levels of requirement relief with respect to the requirements in this NPR and NASA-STD 8719.24: tailoring, equivalent level of safety, and waiver.
a. Tailoring. For the purposes of this NPR, tailoring is defined as the process of assessing the applicability of safety requirements within this NPR and NASA-STD 8719.24 and other documents applicable to a payload project and evaluating the project's potential implementation in order to generate a set of specific safety requirements for the project.
(1) Tailoring may result in the deletion of a requirement, a change to a requirement, or an approach that differs from the stated requirement.
(2) The Payload Project Office shall coordinate with their mission PSWG as soon as the project identifies a potential noncompliance with a safety requirement (Requirement). A noncompliance may result in an Equivalent Level of Safety (ELS) or a waiver.
b. ELS. For the purposes of this NPR, an ELS determination is a noncompliance with a requirement where, as part of the tailoring process, the cognizant authorities concur on an alternate approach that does not provide additional risk as determined by qualitative or quantitative means.
c. Waiver. For the purpose of this NPR, a waiver is defined as a written authorization granting relief from an applicable requirement and documenting the acceptance of associated safety risk.
Note: The waiver terminology and process defined in this NPR are consistent with that of the launch range and payload processing community generally involved in NASA ELV payload missions. This consistency is considered essential to allow clear communication and resolution of waiver issues with the ELV payload community, which includes numerous organizations internal and external to NASA. There may be other Agency policy and terminology related to waivers that are exclusively internal to NASA. The ELV Payload Safety Program remains cognizant of NASA policy related to waivers and works with the payload projects and PSWGs to resolve any implementation concerns. In general, the Tailoring Process, coupled with the ELS and Waiver Processes, meet the overall intent of NASA policy to provide for appropriate oversight of Agency safety requirements while allowing the flexibility to accept reasonable risks necessary to accomplish ELV payload missions.
1.4.2 The Payload Project Office, in coordination with the PSWG, shall tailor NASA-STD 8719.24 Annex into a set of mission-specific payload safety requirements (Requirement).
1.4.3 The Payload Project Office, in coordination with the PSWG, shall ensure that ELS determinations that are part of the tailoring are clearly identified in the project-specific payload safety requirements and that the documentation contains or references approval rationale for each ELS determination that makes it credible that the determination does not result in additional risk (Requirement).
1.4.4 The Payload Project Office, with concurrence from the PSWG, shall obtain approval of the project-specific payload safety requirements, including ELS determinations, from the SMA Technical Authority and other relevant authorities, as determined by the PSWG, in accordance with NASA-STD 8719.24 (Requirement).
1.4.5 Following completion and signature of the project-specific payload safety tailored requirements, the Payload Project Office, with concurrence from the PSWG, shall obtain approval for any changes to the project-specific payload safety requirements and post-tailoring ELS determinations from the original signatures and, if appropriate, any authorities newly impacted by the change, as determined by the PSWG (Requirement).
Note: Post-tailoring ELS determinations are documented on the NASA Form NF1826 NASA ELV Payload Safety Post Tailoring Equivalent Level of Safety (ELS) Request found on the NASA ELV Payload Safety Web site at https://kscsma.ksc.nasa.gov/ELVPayloadSafety under the "ELV Payload Safety Forms" button.
1.4.6 The Payload Project Office shall request a waiver (per paragraph 1.4.7 and 1.4.8 of this NPR) when the PSWG determines that noncompliance with or changes to a requirement result in an increased safety risk (Requirement).
1.4.7 The Payload Project Office shall obtain waivers from the SMA Technical Authorities and other relevant authorities, as determined by the PSWG and ELV Payload Safety Manager, using the NASA ELV Payload Safety Waiver Request NF1827 found on the NASA ELV Payload Safety Web site at https://kscsma.ksc.nasa.gov/ELVPayloadSafety under the "ELV Payload Safety Forms" button (Requirement). Other relevant authorities may include, but are not limited to, the following:
a. Engineering, Health and Medical Technical Authorities, as applicable.
b. The NASA Center Director (or NASA designee) responsible for the payload project and any additional NASA Center Director (or NASA designee) responsible for people or property subject to additional risk due to the noncompliance.
c. The Project Manager (or designee) responsible for the Payload Project requesting the waiver.
d. Non-NASA officials responsible for ranges or facilities utilized by the project.
Note: The required NASA signatures are in addition to any local approvals required when utilizing a non-NASA range or facility, such as approval by the Air Force Range Commander for payload missions utilizing an Air Force range. Such local approvals may be documented on the same waiver document as the NASA signatures or on a separate equivalent document depending on local agreements and procedures.
1.4.8 Prior to submitting a waiver request to relevant authorities, the Payload Project Office shall obtain concurrence for the request from the PSWG and the ELV Payload Safety Program Manager (Requirement). Concurrence indicates a determination that:
a. The waiver request and accompanying data are correct and complete.
b. Safety risks and related cost, schedule, and performance considerations are properly characterized and the increase in risk is identified and acceptable to the Agency.
c. Effects the waiver might have on other projects, resources, or requirements are properly characterized.
d. The Payload Project Office intends to request concurrences or consents, as appropriate, for the waiver from all relevant NASA and non-NASA authorities.
1.4.9 In the event that a relevant authority does not concur with or consent to Tailoring, an ELS, or a Waiver, and the issue cannot be resolved through coordination with the PSWG, the Agency Team, or the SMA Technical Authority or Authorities, all interested parties shall brief their position to the Chief, Safety and Mission Assurance to identify the best approach to achieve resolution (Requirement).
1.5.1 For small satellites that are easily accommodated as auxiliary payloads ridesharing on a launch vehicle procured by the NASA Launch Services Program for a primary mission, the auxiliary payload provider shall obtain a determination from the SMA Technical Authority for the ELV, based on an evaluation of energy sources and other potential hazards, whether the safety review and approval process for the small satellite must be in accordance with Chapter 2 of this NPR and NASA Standard 8719.24 (Requirement).
Note: This requirement applies to so-called CubeSats, Nano-satellites, Picosatellites, and other small research satellites launched by LSP with a primary payload.
1.5.2 The ELV SMA Technical Authority shall inform the NASA ELV Payload Safety Manager of any determination and associated rationale concerning the safety review and approval process made in accordance with paragraph 1.5.1 in this NPR (Requirement).
1.5.3 For small auxiliary satellites for which the safety review and approval process is not required to be in accordance with Chapter 2 of this NPR and NASA Standard 8719.24, per section 1.5.1 of this NPR, the Payload Project Office shall plan and implement an alternate safety review and approval process with the concurrence from the ELV SMA Technical Authority (Requirement).
Note: Safety for NASA small satellites is implemented per their Program or Project SMA Plan, as required by NPR 8715.3, NASA General Safety Program Requirements, with inclusion of safety requirements as dictated by the payload processing facility, launch vehicle, range safety organizations, and local safety authorities.
1.6.1 For payload projects not using the NASA Launch Services Program to procure launch vehicle services, the SMA Technical Authority responsible for the payload, in consultation with the project and the NASA ELV Payload Safety Program Manager, shall determine whether the project follows the safety review and approval process in this NPR (Requirement).
1.6.2 For payload projects that do not follow the safety review and approval process in this NPR per paragraph 1.6.1, the project, with concurrence from the SMA Technical Authority responsible for the payload and in consultation with the ELV Payload Safety Program Manager, shall plan, document, and implement an alternate process that meets the objectives of paragraph 1.2.2 (Requirement).
1.7.1 For missions involving payload recovery operations, the Payload Project Office, with concurrence from the project SMA Technical Authority, shall plan and implement a process to address hazards and safety requirements associated with recovery operations (Requirement).
1.7.2 The project SMA Technical Authority, in consultation with the ELV Payload Safety Manager, shall ensure the implementation of an independent safety review process, at PDR, CDR, PSR, and during the mission, and involving relevant authorities, to evaluate the mitigation of hazards associated with recovery operations (Requirement).
This chapter identifies the requirements that are specific to the NASA ELV payload safety review and approval process, including the required sequence of activities and associated deliverables. For each NASA ELV payload project, the overall goals of this process are to:
a. Assure the appropriate representation and involvement of all organizations that support the mission.
b. Identify and resolve any safety concerns as early as feasible during the project timeline.
c. Assure that the project obtains the formal approval of all required approving authorities for the mission (internal and external to the Agency).
NASA ELV payload missions involve various combinations of payload organizations, payload contractors, launch vehicles, payload processing sites, and launch sites. To address this situation, a key aspect of the safety review process is the establishment of a unique PSWG for each payload. Each PSWG and its required activities are designed to ensure the appropriate involvement and coordination of all organizations and stakeholders that support the associated mission and share safety responsibility for the mission (internal and external to the Agency). PSWGs provide guidance on tailoring project-specific safety requirements from NASA-STD 8719.24 Annex, assist in the development of any waiver requests, and help the payload project ensure safety submittals are complete, reviewed, and approved per this NPR. PSWGs ensure compliance with safety requirements that apply to their payload and provide clear and useful guidance to the Payload Project Office. PSWGs also work proactively with the project to identify potential hazards and safety issues and their impact on the resources of the organizations at risk. The PSWGs advise their respective payload project organizations on strategies for early hazard abatement, mitigation, or resolution. Paragraph 2.3.2.a of this NPR identifies the organizations represented in each PSWG.
Figure 2-1, Typical ELV Payload Safety Review Process Interfaces
2.3.1 Each NASA ELV Payload Project Manager (or designee) shall:
a. Ensure that Contract, Grant, Cooperative Agreement, or other Agreement Officers are provided with NASA-STD 8719.24 and other requirements documentation and provisions to satisfy the requirements of NASA-STD 8719.24 and this NPR for incorporation into contracts and agreement(s) (Requirement).
b. Implement a System Safety Program that complies with this NPR, NPR 8715.3, and NASA-STD 8719.24, properly implement the applicable safety requirements, and successfully complete the payload safety review and approval process (Requirement).
Note: This includes funding for additional safety support or the involvement of subject matter experts.
c. Ensure that all project technical development, design, test, and review processes incorporate system safety engineering throughout all project phases and in accordance with NPR 7120.5, NPR 7123.1, NPR 8715.3, NASA-STD 8719.24 and the project's System Safety Plan (Requirement).
d. Ensure that the design and operations of flight hardware, software, and associated GSE provide for safety through the use of approved design, analysis, and verification techniques (Requirement).
e. Ensure that the payload project's timeline provides for compliance with the established payload safety review and approval process (Requirement).
f. Assign a Payload Project System Safety Engineer for the project (see paragraph 2.3.2 of this NPR) (Requirement).
g. Notify the NASA ELV Payload Safety Manager of the new project and provide contact information for the appointed Payload Project System Safety Engineer (Requirement).
h. Ensure all project personnel involved in the ELV payload safety review process understand the process, understand their associated roles and responsibilities, and have experience commensurate with the complexity of the project (Requirement).
i. Establish and implement any project-level processes and requirements needed to satisfy safety requirements and to ensure that the project fully participates in, and supports, the safety review and approval process activities identified in paragraph 2.4 of this NPR regardless of the launch vehicle provider or launch vehicle procurement method (Requirement).
j. Ensure that all requirements contained in the project's tailored requirements document developed per paragraphs 1.4.1 of this NPR are implemented for its payload and associated GSE or that the project obtains an approved ELS determination or waiver per paragraphs 1.4.7 and 1.4.8 of this NPR for any requirement not satisfied (Requirement).
k. Ensure spacecraft contractor oversight is defined in the Project Safety and Mission Assurance Plan required by NPR 7120.5 and the project's System Safety Plan required by NASA-STD 8719.24 and performed and documented to enable safe integration, testing, and other processing of the payload and prevent the transfer of unanticipated hazards (Requirement).
l. Ensure safety information (including safety review status and any safety concerns associated with each subsystem and integrated system) is presented at appropriate project reviews, including (but not limited to) System Requirement Reviews, Preliminary Design Reviews (PDR), Critical Design Reviews (CDR), Pre-Environmental Reviews, and Pre-Ship Reviews (Requirement).
Note: The Payload Project System Safety Engineer typically presents the safety information at the various project reviews (see paragraph 2.3.2).
m. Approve all safety review and approval process deliverables per paragraph 2.4 of this NPR prior to submittal to the PSWG (Requirement).
n. Obtain all safety approvals and ensure safety review activities are completed in accordance with paragraph 2.4 in this NPR as needed to accomplish project management requirements per NPR 7120.5 and accomplish mission processing (Requirement).
o. Ensure that the project fully implements all safety plans and procedures required by this NPR and NASA-STD 8719.24 and as approved by the PSWG (Requirement).
p. Ensure that the payload design process incorporates system safety engineering activities integral to identifying hazards, developing solutions to mitigate or eliminate the hazards, verifying the implementation of these solutions, and ensuring compliance with this NPR (Requirement).
q. Ensure that all open hazard control safety verification actions are completed and that the status of any open items in the Safety Verification Tracking Log and any payload safety issues that could impact major project milestones are briefed during safety and project reviews (Requirement).
r. Ensure that the PSWG Chairperson is notified of any mishaps or close calls that take place during launch area payload processing and ground operations (Requirement).
s. Ensure that when the project includes a planned return-to-Earth payload recovery or sample return, the following actions are accomplished (Requirement):
(1) All potential hazards associated with the payload or sample recovery are identified and controlled.
(2) A safety plan is developed addressing roles, responsibilities, interfaces, safety requirements, processes, and activities to be applied in ensuring safe payload or sample recovery.
(3) Documented procedures are developed.
(4) The project's Mishap Preparedness and Contingency Plan addresses payload or sample recovery.
(5) A safety representative for the return-to-Earth payload or sample-return participates on the project???s PSWG as necessary.
Note: These payload or sample-recovery documents must be reviewed and approved by the appropriate authorities.
2.3.2 The Payload Project System Safety Engineer for a payload project performs as the project's primary member of the PSWG including serving as the project's lead for preparation and submittal of safety review and approval process deliverables specified in paragraphs 2.4 of this NPR and NASA-STD 8719.24. The Payload Project System Safety Engineer shall:
a. Coordinate with the NASA ELV Payload Safety Manager to ensure establishment of the project's PSWG and that it includes the following members as applicable to each mission (Requirement):
(1) PSWG Chairperson (see paragraph 2.3.4 of this NPR).
(2) Payload Project System Safety Engineer.
(3) Payload contractor safety representative(s).
(4) Launch site range safety organization representative(s).
(5) Launch vehicle contractor system safety engineer.
(6) Payload processing facility safety representative.
(7) NASA Kennedy Space Center (KSC) Safety and Mission Assurance Launch Services Division System Safety Engineer or equivalent.
(8) Payload or sample-recovery organization safety representative (as needed).
Note: The NASA ELV Payload Safety Manager will coordinate with the KSC Safety and Mission Assurance Launch Services Division in establishing the project's PSWG for projects using Launch Services Program services. For these projects, the NASA KSC Safety and Mission Assurance Launch Services Division System Safety Engineer typically serves as the PSWG Chairperson.
For projects not acquiring a launch vehicle via the NASA Launch Services Program, the ELV Payload Safety Manager coordinates with the Payload Project Office to establish a PSWG. Composition of the PSWG and member participation may vary based on project activities, technical issues, multi-Center project involvement, or operational requirements.
If there is a planned return-to-Earth payload or sample recovery, the recovery operations are often handled by a separate organization. It may or may not be beneficial for the recovery organization to have a safety representative on the PSWG depending on the level of impact the recovery hardware and operations have on payload design and processing prior to launch.
(9) Other subject matter experts as appropriate.
b. Keep the Payload Project Manager informed of mission safety status (Requirement).
c. Ensure that a Safety Verification Tracking Log is established, maintained, and made available for viewing electronically by the project, PSWG, and Agency Team (Requirement).
Note: The Safety Verification Tracking Log is a deliverable for Safety Review III per paragraph 2.4.2.e.(2).(b) of this NPR and is used to track closure of each open hazard control verification identified in the hazard reports until all verifications have been completed.
d. Ensure that technical operating procedures are submitted for review and approval by local safety authority and other responsible organizations in accordance with the safety requirements of the specific operating location (Requirement).
e. In coordination with the PSWG Chairperson, establish and maintain an integrated schedule of PSWG activities and all relevant project, launch, and other mission milestones, reviews, or meetings that address the topic of payload safety to include place, time, and date for each activity (Requirement).
2.3.3 Each PSWG member participates in the safety review and approval process to ensure compliance with all safety requirements for their area of responsibility and authority. Each PSWG member shall:
a. Review and provide comments or a "No Comments" statement to the PSWG Chairperson on all payload project safety review deliverables within 30 days after submittal and on meeting minutes within five days after distribution (Requirement).
b. In response to requests for concurrence per paragraph 1.4 of this NPR, determine the acceptability of project-specific payload safety requirements, including ELS determinations, and requests for waivers to safety requirements that are within their scope of responsibility or may be a concern to their organization (Requirement).
Note: PSWG members obtain their management's determination as needed.
c. Coordinate with the PSWG and, if needed, with the Agency Team, to resolve payload safety concerns (Requirement).
d. Ensure that payload, facility, and payload/launch vehicle integration issues are disseminated to their organization and to other PSWG members (Requirement).
e. Participate in all PSWG activities associated with their areas of responsibility, including, but not limited to, meetings, mission safety reviews, design reviews, ground operations reviews, and others activities as required by the PSWG Chairperson (Requirement).
f. Assess and concur on plans and hazard reports for operations in facilities that fall under their safety responsibility as needed to receive and process the payload (Requirement).
2.3.4 The PSWG Chairperson for a payload project shall:
a. Coordinate with the Payload Project System Safety Engineer to schedule and conduct PSWG meetings (Requirement).
b. Ensure that PSWG activities and decisions include the collective input and participation from all PSWG members (Requirement).
c. Ensure that the PSWG signature on official correspondence indicates documented concurrences from the PSWG members (Requirement).
d. Ensure all required safety review deliverables are made available to the PSWG members and others as needed (Requirement).
e. Ensure that the PSWG, the Agency Team, and the Launch Services Program representative (or equivalent) are invited to all PSWG activities and have access to all deliverables in accordance with applicable export control requirements (see paragraph 2.6.5 of this NPR) (Requirement).
f. Ensure all comments to safety review submittals are consolidated, coordinated, and furnished to the Payload Project System Safety Engineer no later than 35 days after data submittal (Requirement).
g. Ensure PSWG activities are documented to include notices, scheduling, data receipt and distribution, minutes, data/document review comments, action items, key issues, decisions, and overall project status regarding completion of the safety review and approval process (Requirement).
h. Ensure documentation of actions and major decisions from each PSWG meeting are reviewed for concurrence by attendees at the end of the meeting and draft minutes are available for review following the meeting (Requirement).
i. Ensure distribution of final minutes within seven business days after each PSWG meeting (Requirement).
j. Ensure availability/distribution/timely notification of the project safety schedule and changes to all parties involved in the safety review and approval process (Requirement).
k. Ensure PSWG participation by appropriate PSWG members, as required, at payload/launch vehicle integration working group meetings (e.g., Ground Operations Working Groups, Mission Integration Working Groups) (Requirement).
l. In coordination with all PSWG members, schedule and conduct PSWG meetings concurrently with major project reviews (e.g., PDR and CDR) and as required to meet the safety milestones in this NPR (Requirement).
Note: Throughout this NPR, "PDR" and "CDR" refer to theproject's mission PDR and CDR.
Note: The PSWG has the flexibility to hold meetings in conjunction with any of the design or readiness reviews (e.g., mission, system, instrument, ground systems).
m. Ensure the NASA ELV Payload Safety Manager is informed of any important safety issues to include potential risk issues that may impede the safety review process, waiver issues, and safety requirements interpretation issues (Requirement).
n. Ensure that all mission support and safety-related documents are made available to the PSWG members, Agency Team, the NASA ELV Payload Safety Manager, or other subject matter experts or technical authorities (Requirement).
Note: The preferred approach is to use a secure Web site for this purpose.
o. Coordinate with the NASA ELV Payload Safety Manager to establish a resolution approach if the PSWG cannot reach concurrence on an issue (Requirement).
p. Coordinate with the PSWG and the project to ensure implementation of recommendations, interpretations, and resolutions of any safety concern provided by the Agency Team (Requirement).
Note: The PSWG Chairperson also has responsibilities under the Tailoring Process per paragraph 1.4.1 of this NPR.
2.3.5 The NASA ELV Payload Safety Manager (or designee) shall:
a. Track the status of each payload project as it proceeds through the safety review and approval process and provide guidance on the associated activities, tools, and deliverables as needed (Requirement).
b. Notify the Payload Project Manager and other authorities of any concern that may adversely impact the project and provide guidance on how the project should proceed (Requirement). For example:
(1) A major safety-related risk is identified during the safety review process.
(2) The required safety review activities or deliverables of this NPR are not met (or product quality is inadequate for that phase of the project life cycle) and fail to fulfill the required safety gate products prior to the project's Key Decision Points (KDP) per NPR 7120.5.
c. Sign the Certificate of ELV Payload Safety Compliance upon ensuring that all Agency Team concerns have been addressed (Requirement).
d. Issue a letter forwarding the Certificate of ELV Payload Safety Compliance to the Payload Project Manager and others signifying the successful completion of the ELV Payload Safety Review III and that the ELV Payload Safety Program does not have any constraints to the continued processing of the spacecraft (Requirement).
Note: The NASA ELV Payload Safety Manager's overall responsibilities for the ELV Payload Safety Program are provided in paragraph 1.3.3 of this NPR.
2.4.1 In accordance with paragraph 2.3 of this NPR, the Payload Project Manager or designee and the PSWG Chairperson ensure that the payload safety review and approval activities take place as required in paragraph 2.4.2 of this NPR regardless of the launch vehicle provider or launch vehicle procurement method. The Payload Project System Safety Engineer ensures the preparation and submittal of the associated deliverables for review. Requirements regarding the contents of the deliverables are specified in NASA-STD 8719.24.
Note: The safety review and approval activities are designed to coincide with and provide safety input to the project management reviews required by NPR 7120.5; e.g., PDR, CDR, and Pre-ship Review. The safety review and approval activities identified below may also provide safety input to other required project, Center, and NASA Headquarters reviews; e.g., Peer Reviews, Launch Readiness Reviews, and Safety and Mission Success Reviews.
2.4.2 The Payload Project System Safety Engineer, in coordination with other payload project personnel, as needed, and the PSWG shall ensure that the safety review and approval process incorporates the following sequence of activities and associated deliverables, including compliance with the associated required schedule timing of deliverables (Requirement).
Exception: The Payload Project Office and the PSWG may alter process and deliverable dates required by this NPR through a formal agreement reached and documented before the original deliverable dates provided that safe processing, project schedule, and safety review input to KDPs as defined in NPR 7120.5 are not impacted.
Figure 2-2, Timeline of ELV Payload Safety Review Process
Note: The ELV Payload Safety Review Process shown in Figure 2-2 is conducted by a project's PSWG in order to provide necessary safety status and input to the Mission Project Reviews and the project's KDPs. Each Safety Review typically consists of several PSWG meetings spanning over a period of time versus a single meeting at a single point in time (see paragraphs 2.4.2b, c, and e of this NPR).
a. A Payload Safety Introduction Briefing is typically the first meeting of the PSWG (see definition in Appendix A).
(1) The Payload Project Office ensures that the Payload Safety Introduction Briefing occurs as early as possible, but no later than, midpoint of the Preliminary Design Phase (Phase B as defined in NPR 7120.5 and depicted in Figure 2-2).
(2) The Payload Project Office shall submit the following material for presentation, review, and discussion and be prepared to present the items listed in the Annex to NASA-STD 8719.24, Volume 1, Attachment 5 during the Payload Safety Introduction Briefing (Requirement):
(a) A list of nonapplicable chapters and sections using the Annex to NASA-STD 8719.24 Table of Contents, Volumes 3 and 6, as they relate to payload systems, instruments, operations and hazards known to date.
(b) A list of any known tailoring issues, previously approved waivers, and previously approved alternative approaches.
(c) Draft System Safety Plan that, as a minimum, provides a conceptual overview of the System Safety Program in accordance with NASA-STD 8719.24, Volume 3, Paragraph 4.1.1.
(d) Identification of known spacecraft/payload systems and a preliminary assessment of potential hazards documented in a preliminary hazard list.
(e) A high-level Ground Operations Flow Overview providing the location and relative timeline of major payload activities and tasks (e.g. payload arrival, special testing, fueling, payload integration, roll-out to pad, any known hazardous operations) as best known at the time of the Payload Safety Introduction Briefing.
Note: This briefing provides a forum for the project to introduce the mission to the PSWG and other authorities and allows for early identification of any safety concerns associated with the payload. The information provided at this briefing should be as complete as the technical maturity of the conceptual design and operations allow.
b. Safety Review I begins with the submittal of data no later than 30 days prior to the PDR per paragraph 2.4.2.b.(3) and shall be completed no later than 60 days after the project's PDR and no later than necessary to provide the PSWG's input to the project's KDP C as defined in NPR 7120.5 and depicted in Figure 2-2, whichever date comes first (Requirement).
(1) Safety Review I shall include a PSWG meeting held no later than 60 days after the PDR (Requirement).
(2) During Safety Review I, the PSWG shall approve the final System Safety Plan, discuss the resolution of comments to the Safety Data Package (see Appendix A for definition), address requirements issues through the review of the tailored requirements (project-specific NASA-STD 8719.24 Annex), assess the Preliminary Hazard Analysis and any Hazard Reports, and address any safety issues identified during the PDR (Requirement).
Note: Hazard Reports are to be documented on NF 1825 NASA ELV Payload Safety Hazard Report and Instructions found on the NASA ELV Payload Safety Web site at https://kscsma.ksc.nasa.gov/ELVPayloadSafety under the "ELV Payload Safety Forms" button. See NASA-STD 8719.24 Volume 1, Attachment 2 for further information on documenting Hazard Analysis.
(3) The payload project shall submit the following material no later than 30 days prior to the PDR (Requirement):
(a) Final System Safety Plan in accordance with NASA-STD 8719.24, Volume 3, Paragraph 4.1.2.
(b) Draft of tailored payload safety requirements using NASA-STD 8719.24 Annex with rationale for proposed tailoring using NASA-STD 8719.24 Annex.
(c) Safety Data Package I (as complete as possible) (see NASA-STD 8719.24, Volume 3, Paragraph 4.2.2 and Volume 3, Attachment 1).
(4) The PSWG Chairperson shall provide the Payload Project Manager with the status of Safety Review I including any safety concerns following the PDR meeting (Requirement).
(5) Safety Review I shall culminate with the PSWG Chairperson providing the Payload Project Manager with an assessment of the project's safety efforts and identification of any safety concerns to support the project's KDP C (as defined in NPR 7120.5) (Requirement).
c. Safety Review II begins with the submittal of data no later than 30 days prior to the project's CDR per paragraph 2.4.2.c.(3) and shall be completed no later than 60 days after the project's CDR to provide the PSWG's input to the project's KDP D as defined in NPR 7120.5 and depicted in Figure 2-2 (Requirement).
(1) Safety Review II shall include a PSWG meeting held no later than 60 days after the CDR (Requirement).
(2) During the Safety Review II, the PSWG shall discuss the resolution of comments to the Safety Data Package I, discuss any safety issues identified during the CDR, and review the project for any changes to the design, processing, or interfaces for new or increased hazards or safety issues (Requirement).
(3) The payload project shall submit the following material no later than 30 days prior to the CDR (Requirement):
(a) Safety Data Package II (see NASA-STD 8719.24 Annex, Volume 3, Attachment 1).
(b) If not yet completed, the final tailored payload safety requirements with sufficient rationale, derived from tailoring NASA-STD 8719.24 Annex.
(c) A Draft Ground Operations Plan (GOP) in accordance with NASA-STD 8719.24, Volume 6, Attachment 1, as a stand-alone document or included as part of Safety Data Package II.
(4) Safety Review II shall culminate with the PSWG Chairperson providing the Payload Project Manager with an updated assessment of the project's safety efforts and identification of any safety concerns to support the project's KDP D (as defined in NPR 7120.5) (Requirement).
d. If the payload will undergo processing at a NASA-owned facility or any facility where NASA personnel control the operation or are actively involved in performing work prior to the Safety Review III (see paragraph 2.4.2.e of this NPR), the project shall coordinate to define the applicable requirements and processes for safe payload processing at the host Center that meet the intent of the requirements defined in this NPR and NASA-STD 8719.24 (Requirement).
e. Safety Review III begins with the submittal of data per subparagraph (2), below, of this NPR and shall be completed at a PSWG meeting held at least 30 days prior to payload shipment to the processing site (Requirement).
(1) During Safety Review III, the PSWG shall verify that all safety requirements have been or will be satisfied at the appropriate time and any associated waivers have been approved (Requirement).
(2) The payload project shall submit the following material no later than 90 days prior to the payload shipment to the processing site (Requirement):
(a) Safety Data Package III (see NASA-STD 8719.24 Annex, Volume 3, Attachment 1).
(b) A Safety Verification Tracking Log identifying the open verifications from the Hazard Reports as required in Task 1 of the project's SSP (see NASA-STD 8719.24 Annex, Volume 1, Paragraph A2.2.1.8.1).
(c) A final GOP, in accordance with NASA-STD 8719.24, Volume 6, Attachment 1, as a stand-alone document or included as part of Safety Data Package III.
(3) Safety Data Package III shall be finalized, resolving all PSWG comments at least 30 days before the intended shipment of hardware to the prelaunch payload processing site (Requirement).
(4) The project shall provide a Certificate of ELV Payload Safety Compliance, signed by the Project Manager, with signature blocks for the PSWG Chairperson, Project SMA Technical Authority, and the ELV Payload Safety Manager (see Appendix D) (Requirement).
(5) PSWG Chairperson will obtain concurrence signatures and provide the ELV Payload Safety Manager with the Certificate of ELV Payload Safety Compliance and attachments. Then, the PSWG Chairperson will provide the Payload Project Manager with the status of Safety Review III including any safety concerns.
2.4.3 Upon receiving the Certificate of ELV Payload Safety Compliance, the ELV Payload Safety Manager shall provide the Payload Project Manager with a copy of the signed Certificate via a letter indicating successful completion of Safety Review III and the project's PSWG safety review and approval process (Requirement).
2.4.4 After transportation of the payload to the launch area processing facility, the project shall update the Safety Verification Tracking Log at least weekly (more frequently if the open items must be closed to remove operational constraints) and make the current Safety Verification Tracking Log available to all officials involved in the mission (Requirement).
2.6.1 Each payload project shall work with the PSWG chair to determine how the data submittals will be accomplished (Requirement).
2.6.2 The Payload Project Office shall manage the submission of data to ensure NASA information technology requirements are met; where applicable, it will ensure access by the PSWG, Agency Team, and others as designated; and that submittals are legible and uploaded in English (Requirement).
2.6.3 The security of electronic safety data submittals is governed by NPR 2810.1, Security of Information Technology.
2.6.4 Export Controlled Data
a. The export control data submittal requirements apply to U.S. Payload Project Offices only in accordance with NPR 2190.1, NASA Export Control Program.
b. Foreign Payload Project Offices are not normally required to provide the U.S. export control classification of their deliverables.
c. In the event that a foreign deliverable requires a U.S. export control classification, NASA export control resources shall be used to classify it (Requirement).
2.6.5 Proprietary and Sensitive But Unclassified (SBU) Data
a. The Payload Project Office and source of data shall determine the necessary requirements for SBU and proprietary data (Requirement).
b. The Payload Project Office shall implement the requirements and provide appropriate instruction (Requirement).
c. The Payload Project Office shall ensure that SBU and proprietary data are distributed only to persons who have a need to review such data in support of the safety review process (Requirement).
Note: Typically, the PSWG, NASA ELV Payload Safety Manager, Agency Team, and all other participating parties, as deemed necessary by the PSWG Chairperson or NASA ELV Payload Safety Manager, will have access to the secure project safety data. It is the responsibility of all parties to follow NPR 1600.1, NASA Security Program Procedural Requirements, and use NASA Form NF 1686 as required for controlling the data.
d. If the Payload Project Office discovers that the classification of data has changed, the Payload Project Office shall inform the PSWG and Agency Team in writing (Requirement).
Approving authority or authorities. The organization(s) (internal and/or external to NASA) having the responsibility to grant approval/concurrence to perform processing and/or launch activities in their respective facilities, including acceptance of any associated risk.
Assessment. Review or audit process, using predetermined methods, that evaluates hardware, software, procedures, technical and programmatic documents, and the adequacy of their implementation.
Audit. A formal review to assess compliance with hardware or software requirements, specifications, baselines, safety standards, procedures, instructions, codes, and contractual and licensing requirements.
Auxiliary Payload. A small satellite (e.g., CubeSats, Nanosatellites, Picosatellites) that does not interfere with the primary payload mission.
Catastrophic hazard. A hazard, condition or event that could result in a mishap causing fatal injury to personnel and/or loss of spacecraft (payload), launch vehicle, or ground facility.
Critical hazard. A hazard, condition or event that may cause severe injury or occupational illness, or major property damage to facilities, systems, or flight hardware.
Equivalent Level of Safety. An alternate approach to meet the intent of a requirement that provides no additional risk as determined by qualitative or quantitative means.
ELV Payload Safety Agency Team. An Agency group appointed by the Chief, Safety and Mission Assurance that performs as an element of the NASA OSMA and provides guidance to the NASA Chief, Safety and Mission Assurance, the NASA ELV Payload Safety Manager, and NASA ELV payload projects. The Agency Team works with the Payload Safety Working Group to resolve any safety concerns associated with a project. The Agency Team also works to ensure that NASA ELV payload safety policy and requirements are adequate and consistently implemented throughout the Agency.
ELV Payload Safety Manager. A position appointed by the Chief, Safety and Mission Assurance that leads the ELV Payload Safety Program, ensuring Agency policy, requirements, and processes are developed, maintained, and implemented to safeguard people and resources from hazards associated with payload to launch vehicle integration, multiple payloads, and payloads and related GSE. This individual also leads the Agency Team.
Flight Hardware. Hardware designed and fabricated for ultimate use in a vehicle intended to fly.
Ground Operations Plan. A detailed description of the hazardous and safety critical operations associated with a payload (spacecraft) and its associated ground support equipment. It contains the payload project's ground processing information providing the basis by which payload safety approval is obtained from the PSWG and Range Safety, along with the Safety Data Package. A flow chart of operations (hazardous and non-hazardous) is usually included. The Ground Operations Plan may be a stand-alone document or part of the payload project's Safety Data Package.
Ground Support Equipment. Ground-based equipment used to store, transport, handle, test, check out, service, and control aircraft, launch vehicles, spacecraft, or payloads.
Hazard. A state or a set of conditions, internal or external to a system, that has the potential to cause harm.
Hazard Analysis. Identification and evaluation of existing and potential hazards and the recommended mitigation for the hazard sources found.
Hazard Control. Means of reducing the risk of exposure to a hazard.
Hazardous Material. Defined by law as "a substance or materials in a quantity and form which may pose an unreasonable risk to health and safety or property when transported in commerce" (49 U.S.C § 5102, Transportation of Hazardous Materials; Definitions). The Secretary of Transportation has developed a list of materials that are hazardous which may be found in 49 CFR Part 172.101. Typical hazardous materials are those that may be highly reactive, poisonous, explosive, flammable, combustible, corrosive, radioactive, produce contamination or pollution of the environment, or cause adverse health effects or unsafe conditions.
Hazardous Operation. Any operation involving material or equipment that has a high potential to result in loss of life, serious injury to personnel, or damage to systems, equipment, or facilities.
Hazard Report. Hazard reports are an efficient means of summarizing for each identified hazard, the ways by which it can be caused, what controls are in place to prevent each cause, and the methods used to verify the performance of the hazard controls and compliance with associated safety design requirements. A hazard report is often used to document the results of a hazard analysis.
Inhibit. An independent and verifiable mechanical and/or electrical device that prevents a hazardous event from occurring; the device has direct control and is not the monitor of such a device.
Key Decision Point. (Per NPR 7120.5) An event where the Decision Authority (the Agency's responsible individual who authorizes the transition of a program/project to the next life-cycle phase) determines the readiness of a program/project to progress to the next phase of the life cycle. As such, Key Decision Points serve as gates through which programs and projects must pass.
Noncompliance. An instance of failure to satisfy a requirement.
Operational Safety. That portion of the total NASA safety program dealing with safety of personnel and equipment during launch vehicle ground processing, normal industrial and laboratory operations, use of facilities, special high hazard tests and operations, aviation operations, and use and handling of hazardous materials and chemicals from a safety viewpoint.
Payload. The object(s) within a payload fairing carried or delivered by a launch vehicle to a desired location or orbit includes but is not limited to satellites, other spacecraft, experimental packages, reentry vehicles, dummy loads, cargo, and any motors attached to them in the payload fairing.
Payload Safety Introduction Briefing. The first meeting of a payload project's PSWG where the Payload Project briefs the payload to the safety community. This meeting is also referred to as the Concept Briefing with respect to AFSPCMAN 91-710, Range Safety User Requirements.
Payload Safety Working Group. A working group formed for each NASA ELV payload with a primary purpose to ensure (1) a project's compliance with applicable safety requirements and (2) that the safety risk is identified, understood, and adequately controlled (see paragraph 2.2 of this NPR).
Programs. For the purposes of this NPR, the term "programs" includes programs, projects, and acquisitions.
Projects. For the purposes of this NPR, the term "projects" means an ELV payload mission having defined requirements, a life cycle, a beginning, and an end. A project also has a management structure and may interface with other projects, agencies, non-Government entities, and international partners. A project yields new or revised products that directly address NASA's strategic needs.
Range Safety. Application of safety policies, principles, and techniques to ensure the control and containment of flight vehicles to preclude an impact of the vehicle or its pieces outside of predetermined boundaries from an abort which could endanger life or cause property damage. Where the launch range has jurisdiction, prelaunch preparation is included as a safety responsibility. Additionally, the term "Range Safety" is informally used to refer to the organization responsible for implementing/enforcing range safety requirements (e.g., USAF 30th or 45th Space Wings' Safety Offices and the Wallops Flight Facility Safety Office).
Risk (Safety) Assessment. Process of qualitative risk categorization or quantitative risk (safety) estimation, followed by the evaluation of risk significance.
Safety. Freedom from those conditions that can cause death, injury, occupational illness, damage to or loss of equipment or property, or damage to the environment. In a risk-informed context, safety is an overall mission and program condition that provides sufficient assurance that mishaps will not result from the mission execution or program implementation, or, if they occur, their consequences will be mitigated. This assurance is established by means of the satisfaction of a combination of deterministic criteria and risk-informed criteria.
Safety Analysis. Generic term for a family of analyses, which includes but is not limited to, preliminary hazard analysis, system (subsystem) hazard analysis, operating hazard analysis, software hazard analysis, sneak circuit, and others.
Safety Critical. Term describing any condition, event, operation, process, equipment, or system that could cause or lead to severe injury, major damage, or mission failure if performed or built improperly, or allowed to remain uncorrected.
Safety Data Package. A data submittal that provides a detailed description of hazardous and safety critical flight hardware equipment, systems, components and materials that comprise the payload. Includes hazard reports, safety assessments, inhibits, and mitigations. Known as a Missile System Prelaunch Safety Package (MSPSP) with respect to AFSPCMAN 91-710, Range Safety User Requirements.
Safety Program. The implementation of a formal comprehensive set of safety procedures, tasks, and activities to meet safety requirements, goals, and objectives.
Secondary Payload. Often payloads are launched with excess performance capability due to large spacecraft being "volume limited" rather than "mass limited." To fully utilize this excess capability, secondary payloads can be launched along with the primary, providing a means to economically launch small spacecraft. These are generally independent missions that minimally impact the primary payload.
System Safety. Application of engineering and management principles, criteria, and techniques to optimize safety and reduce risks within the constraints of operational effectiveness, time, and cost throughout all phases of the system life cycle.
System Safety Plan. A written plan defining the approach to accomplish the project safety activities, including safety management, identification of safety tasks, roles and responsibilities, and the coordination and communication with project/systems engineers and approving authorities. It is also known as the System Safety Technical Plan as defined in NPR 8715.3, and the Systems Safety Program Plan defined in Air Force Space Command Manual 91-710, Range Safety User Requirements Manual, Volume III, Chapter 4.
Tailoring. The process of assessing the applicability of requirements and evaluating the project's potential implementation in order to generate a set of specific requirements for the project.
Waiver. A written authorization granting relief from an applicable requirement and documenting the acceptance of any associated risk. For NASA ELV payload projects, waivers typically are approved for a single mission and have a specific duration. However, a waiver identified early in the design or specification/requirement review(s) may apply throughout the project or to multiple missions that use a common upper stage and/or a common spacecraft bus.
| AFSPCMAN | Air Force Space Command Manual |
| Agency Team | NASA ELV Payload Safety Agency Team |
| CDR | Critical Design Review |
| CERR | Critical Events Readiness Review |
| CFR | Code of Federal Regulations |
| DR | Decommissioning Review |
| ELS | Equivalent Level of Safety |
| ELV | Expendable Launch Vehicle |
| FAD | Formulation Authorization Document |
| FRR | Flight Readiness Review |
| GOP | Ground Operations Plan |
| GSE | Ground Servicing/Support Equipment |
| GSFC | Goddard Space Flight Center |
| JPL | Jet Propulsion Laboratory (a Federally Funded and Research Development Center) |
| KDP | Key Decision Point |
| KHB | Kennedy Handbook |
| KSC | Kennedy Space Center |
| LRR | Launch Readiness Review |
| MCR | Mission Concept Review |
| MDR | Mission Definition Review |
| MIL-STD | Military Standard |
| MSPSP | Missile System Prelaunch Safety Package |
| NASA | National Aeronautics and Space Administration |
| NASA-STD | NASA Standard |
| NODIS | NASA Online Directives Information System |
| NPD | NASA Policy Directive |
| NPR | NASA Procedural Requirements |
| ORR | Operational Readiness Review |
| OSMA | Office of Safety and Mission Assurance |
| PDR | Preliminary Design Review |
| PLAR | Post-Launch Assessment Review |
| PRE-SHIP | Review prior to shipment to launch site. |
| PSWG | Payload Safety Working Group |
| RSM | Range Safety Manual |
| SBU | Sensitive but Unclassified |
| SIR | System Interface Review |
| SMA | Safety and Mission Assurance |
| SRR | System Requirements Review |
| USAF | United States Air Force |
| WFF | Wallops Flight Facility |
Note: Throughout this NPR, "PDR" and "CDR" refer to the project's mission PDR and CDR.
C.1 NPD 1000.0, Governance and Strategic Management Handbook.
C.2 NPR 1800.1, NASA Occupational Health Program Procedures.
C.3 NPR 2190.1, NASA Export Control Program.
C.4 NPR 2810.1, Security of Information Technology.
C.5 NPR 5800.1, Grant and Cooperative Agreement Handbook (14 CFR 1260).
C.6 NPR 7120.5, NASA Space Flight Program and Project Management Requirements.
C.7 NPR 7123.1, NASA Systems Engineering Processes and Requirements.
C.7 NPR 8705.6, Safety and Mission Assurance (SMA) Audits, Reviews, and Assessments.
C.8 NPR 8715.3, NASA General Safety Program Requirements.
C.9 NPR 8715.5, Range Flight Safety Program.
C.10 NPR 8715.6, NASA Procedural Requirements for Limiting Orbital Debris.
C.11 Range Safety Manual for Goddard Space Flight Center (GSFC)/Wallops Flight Facility (WFF) (RSM-2002).
C.12 NASA Form NF 1825, NASA ELV Payload Safety Hazard Report.
C.13 NASA Form NF 1826, NASA ELV Payload Safety Post-Tailoring Equivalent Level of Safety (ELS) Request.
C.14 NASA Form NF 1827, NASA ELV Payload Safety Waiver Request.
C.15 Air Force Space Command Manual (AFSPCMAN) 91-710, Range Safety User Requirements Manual.
INSTRUCTIONS FOR COMPLETION OF
CERTIFICATE OF ELV PAYLOAD SAFETY
COMPLIANCE FORM
Block A: Payload Mission: Insert the name of the payload and/or mission here.
Block B: Launch Vehicle: Identify the launch vehicle that will be carrying the payload.
Block C: Certification Statement.
Block D: List of Approved post-tailoring Equivalent Level of Safety (ELS) and Safety Waivers: List any approved post-tailoring ELS and Safety Waivers for which the ELV Payload Safety ELS/Waiver Form has been completed.
Block E: Payload Project Manager Signature and Date.
Block F: NASA SMA Technical Authority responsible for the payload Signature and Date.
Block G: PSWG Chairperson Concurrence Signature: The PSWG Chairperson signs and dates concurrence. This concurrence is based on the PSWG's review of safety submittals per NPR 8715.7, and the project's approved tailored version of NASA-STD 8719.24 Annex and represents, to the best of their knowledge, that the safety requirements are or are planned to be met. This concurrence signature represents the PSWG members and may be contingent upon certain conditions, actions, or constraints. These conditions, actions, or constraints shall be listed in Block G. Additionally, all safety-related actions shall be tracked on the mission's Safety Verification Tracking Log.
Block H. List all conditions, actions, or constraints not annotated on the Safety Verifications Tracking Log (attached) if necessary.
Block I. The NASA ELV Payload Safety Program Manager signature signifies that Payload Project and PSWG have adhered to or are planning to adhere to the processes and requirements of NPR 8715.7, and the project's approved tailored version of NASA-STD 8719.24 Annex. This signature also represents concurrence from the ELV Payload Safety Agency Team.