Preface...xxiii Introduction...xxv About the Editors...xxvii About the Contributors... xxxi

Contents Preface...xxiii Introduction...xxv About the Editors...xxvii About the Contributors... xxxi CHAPTER 1 Introduction to Space Safety... 1 1.1 NASA and Safety... 2 1.2 Definition of Safety and Risk... 3 1.3 Managing Safety and Risk... 3 1.4 The Book... 5 References... 5 CHAPTER 2 The Space Environment: Natural and Induced... 7 2.1 The Atmosphere... 8 2.1.1 Composition... 8 2.1.2 Atomic Oxygen...13 2.1.3 The Ionosphere...15 2.2 Orbital Debris and Meteoroids... 18 2.2.1 Orbital Debris... 18 2.2.2 Meteoroids... 26 2.3 Microgravity... 31 2.3.1 Microgravity Defined...31 2.3.2 Methods of Attainment...34 2.3.3 Effects on Biological Processes and Astronaut Health...40 2.3.4 Unique Aspects of Travel to the Moon and Planetary Bodies... 41 Recommended Reading... 41 2.4 Acoustics... 43 2.4.1 Acoustics Safety Issues... 43 2.4.2 Acoustic Requirements...43 2.4.3 Compliance and Verification... 50 2.4.4 Conclusions and Recommendations... 51 Recommended Reading... 51 2.5 Radiation... 52 2.5.1 Ionizing Radiation...52 2.5.2 Radio Frequency Radiation... 67 Recommended Reading... 71 v

vi Contents 2.6 Natural and Induced Thermal Environments... 72 2.6.1 Introduction to the Thermal Environment... 72 2.6.2 Spacecraft Heat Transfer Considerations...72 2.6.3 The Natural Thermal Environment... 73 2.6.4 The Induced Thermal Environment...80 2.6.5 Other Lunar and Planetary Environment Considerations...85 2.7 Combined Environmental Effects... 86 2.7.1 Introduction to Environmental Effects...86 2.7.2 Combined Environments...87 2.7.3 Combined Effects...88 2.7.4 Ground Testing for Space Simulation... 92 References... 94 CHAPTER 3 Overview of Bioastronautics... 105 3.1 Space Physiology... 106 3.1.1 Muscular System...106 3.1.2 Skeletal System...107 3.1.3 Cardiovascular and Respiratory Systems...108 3.1.4 Neurovestibular System...110 3.1.5 Radiation...111 3.1.6 Nutrition...112 3.1.7 Immune System...113 3.1.8 Extravehicular Activity...114 3.2 Short and Long Duration Mission Effects... 115 3.2.1 Muscular System...115 3.2.2 Skeletal System...116 3.2.3 Cardiovascular and Respiratory Systems...117 3.2.4 Neurovestibular System...119 3.2.5 Radiation...120 3.2.6 Nutrition...121 3.2.7 Immune System...121 3.2.8 Extravehicular Activity...122 3.3 Health Maintenance... 123 3.3.1 Preflight Preparation...123 3.3.2 In-Flight Measures...126 3.3.3 In-Flight Medical Monitoring...139 3.3.4 Post-Flight Recovery...142 3.4 Crew Survival... 143 3.4.1 Overview of Health Threats in Spaceflight...143 3.4.2 Early Work...144

Contents vii 3.4.3 Crew Survival on the Launch Pad, at Launch, and During Ascent...145 3.4.4 On-Orbit Safe Haven and Crew Transfer...150 3.4.5 Entry, Landing, and Post-Landing...150 3.5 Conclusion... 152 Acknowledgment... 152 References... 153 CHAPTER 4 Basic Principles of Space Safety... 163 4.1 The Cause of Accidents... 163 4.2 Principles and Methods... 165 4.2.1 Hazard Elimination and Limitation...165 4.2.2 Barriers and Interlocks...166 4.2.3 Fail-Safe Design...167 4.2.4 Failure and Risk Minimization...167 4.2.5 Monitoring, Recovery, and Escape...169 4.2.6 Crew Survival Systems...169 4.3 The Safety Review Process... 170 4.3.1 Safety Requirements...170 4.3.2 The Safety Panels...171 4.3.3 The Safety Reviews...171 4.3.4 Nonconformances...173 References... 174 CHAPTER 5 Human Rating Concepts... 175 5.1 Human Rating Defined... 175 5.1.1 Human Rated Systems...175 5.1.2 The NASA Human Rating and Process...176 5.1.3 The Human Rating Plan...177 5.1.4 The NASA Human Rating Certification Process...178 5.1.5 Human Rating in Commercial Human Spaceflight...178 5.2 Human Rating Requirements and Approaches... 179 5.2.1 Key Human Rating Technical Requirements...179 5.2.2 Programmatic Requirements...182 5.2.3 Test Requirements...183 5.2.4 Data Requirements...184 Reference... 184 CHAPTER 6 Life Support Systems Safety... 185 6.1 Atmospheric Conditioning and Control... 188 6.1.1 Monitoring Is the Key to Control...188

viii Contents 6.1.2 Atmospheric Conditioning...190 6.1.3 Carbon Dioxide Removal...196 6.2 Trace Contaminant Control... 198 6.2.1 Of Tight Buildings and Spacecraft Cabins...198 6.2.2 Trace Contaminant Control Methodology...201 6.2.3 Trace Contaminant Control Design Considerations...209 6.3 Assessment of Water Quality in the Spacecraft Environment: Mitigating Health and Safety Concerns... 211 6.3.1 Scope of Water Resources Relevant to Spaceflight...211 6.3.2 Spacecraft Water Quality and the Risk Assessment Paradigm...212 6.3.3 Water Quality Monitoring...217 6.3.4 Conclusion and Future Directions...220 6.4 Waste Management... 220 6.5 Summary of Life Support Systems... 221 References... 222 CHAPTER 7 Emergency Systems... 225 7.1 Space Rescue... 225 7.1.1 Legal and Diplomatic Basis...226 7.1.2 The Need for Rescue Capability...226 7.1.3 Rescue Modes and Probabilities...229 7.1.4 Hazards in the Different Phases of Flight...231 7.1.5 Historic Distribution of Failures...232 7.1.6 Historic Rescue Systems...233 7.1.7 Space Rescue Is Primarily Self Rescue...243 7.1.8 Limitations of Ground Based Rescue...247 7.1.9 The Crew Return Vehicle as a Study in Space Rescue...249 7.1.10 Safe Haven...255 7.1.11 Conclusions...256 7.2 Personal Protective Equipment... 256 7.2.1 Purpose of Personal Protective Equipment...256 7.2.2 Types of Personal Protective Equipment...257 References... 265 CHAPTER 8 Collision Avoidance Systems... 267 8.1 Docking Systems and Operations... 268 8.1.1 Docking Systems as a Means for Spacecraft Orbital Mating...268

Contents ix 8.1.2 Design Approaches Ensuring Docking Safety and Reliability...270 8.1.3 Design Features Ensuring the Safety and Reliability of Russian Docking Systems...275 8.1.4 Analyses and Tests Performed for Verification of Safety and Reliability of Russian Docking Systems...278 Acknowledgment... 280 8.2 Descent and Landing Systems... 280 8.2.1 Parachute Systems...281 8.2.2 Known Parachute Anomolies and Lessons Learned...296 Acknowledgment... 299 References... 299 CHAPTER 9 Robotic Systems Safety... 301 9.1 Generic Robotic Systems... 301 9.1.1 Controller and Operator Interface...302 9.1.2 Arms and Joints...302 9.1.3 Drive System...303 9.1.4 Sensors...303 9.1.5 End Effector...303 9.2 Space Robotics Overview... 303 9.3 Identification of Hazards and Their Causes... 305 9.3.1 Electrical and Electromechanical Malfunctions...307 9.3.2 Mechanical and Structural Failures...307 9.3.3 Failure in the Control Path...307 9.3.4 Operator Error...307 9.3.5 Other Hazards...307 9.4 Hazard Mitigation in Design... 308 9.4.1 Electrical and Mechanical Design and Redundancy...308 9.4.2 Operator Error...308 9.4.3 System Health Checks...308 9.4.4 Emergency Motion Arrest...309 9.4.5 Proximity Operations...309 9.4.6 Built in Test...310 9.4.7 Safety Algorithms...310 9.5 Hazard Mitigation Through Training... 310 9.6 Hazard Mitigation for Operations... 312 9.7 Case Study: Understanding Canadarm2 and Space Safety... 313 9.7.1 The Canadarm2...313 9.7.2 Cameras...313 9.7.3 Force Moment Sensor...314

x Contents 9.7.4 Training...315 9.7.5 Hazard Concerns and Associated Hazard Mitigation...316 9.8 Summary... 317 References... 318 CHAPTER 10 Meteoroid and Debris Protection... 319 10.1 Risk Control Measures... 319 10.1.1 Maneuvering...319 10.1.2 Shielding...324 10.2 Emergency Repair Considerations for Spacecraft Pressure Wall Damage... 332 10.2.1 Balanced Mitigation of Program Risks...332 10.2.2 Leak Location System and Operational Design Considerations...337 10.2.3 Ability to Access the Damaged Area...337 10.2.4 Kit Design and Certification Considerations (1 is too many, 100 are not enough)...338 10.2.5 Recertification of the Repaired Pressure Compartment for Use by the Crew...338 References... 339 CHAPTER 11 Noise Control Design... 341 11.1 Introduction... 341 11.2 Noise Control Plan... 341 11.2.1 Noise Control Strategy...342 11.2.2 Acoustic Analysis...344 11.2.3 Testing and Verification...344 11.3 Noise Control Design Applications... 345 11.3.1 Noise Control at the Source...346 11.3.2 Path Noise Control...348 11.3.3 Noise Control in the Receiving Space...353 11.3.4 Post-Design Noise Mitigation...355 11.4 Conclusions and Recommendations... 355 Recommended Reading... 356 References... 356 CHAPTER 12 Materials Safety... 359 12.1 Toxic Offgassing... 360 12.1.1 Materials Offgassing Controls...361 12.1.2 Materials Testing...362

Contents xi 12.1.3 Spacecraft Module Testing...363 12.2 Stress-Corrosion Cracking... 363 12.2.1 What Is Stress-Corrosion Cracking?...364 12.2.2 Prevention of Stress-Corrosion Cracking...364 12.2.3 Testing Materials for Stress-Corrosion Cracking...366 12.2.4 Design for Stress-Corrosion Cracking...368 12.2.5 Requirements for Spacecraft Hardware...369 12.2.6 Stress-Corrosion Cracking in Propulsion Systems...371 12.3 Conclusions... 373 References... 373 CHAPTER 13 Oxygen Systems Safety... 375 13.1 Oxygen Pressure System Design... 375 13.1.1 Introduction...375 13.1.2 Design Approach...377 13.1.3 Oxygen Compatibility Assessment Process...386 13.2 Oxygen Generators... 392 13.2.1 Electrochemical Systems for Oxygen Production...392 13.2.2 Solid Fuel Oxygen Generators (Oxygen Candles)...398 References... 401 CHAPTER 14 Avionics Safety... 403 14.1 Introduction to Avionics Safety... 403 14.2 Electrical Grounding and Electrical Bonding... 404 14.2.1 Defining Characteristics of an Electrical Ground Connection...405 14.2.2 Control of Electric Current...406 14.2.3 Electrical Grounds Can Be Signal Return Paths...406 14.2.4 Where and How Electrical Grounds Should Be Connected...406 14.2.5 Defining Characteristics of an Electrical Bond...408 14.2.6 Types of Electrical Bonds...408 14.2.7 Electrical Bond Considerations for Dissimilar Metals...409 14.2.8 Electrical Ground and Bond Connections for Shields...410 Recommended Reading... 410 14.3 Safety Critical Computer Control... 411 14.3.1 Partial Computer Control...412 14.3.2 Total Computer Control: Fail Safe...413

xii Contents 14.4 Circuit Protection: Fusing... 414 14.4.1 Circuit Protection Methods...414 14.4.2 Circuit Protectors...416 14.4.3 Design Guidance...416 14.5 Electrostatic Discharge Control... 417 14.5.1 Fundamentals...418 14.5.2 Various Levels of Electrostatic Discharge Concern...420 Recommended Reading... 426 14.6 Arc Tracking... 428 14.6.1 A New Failure Mode...428 14.6.2 Characteristics of Arc Tracking...431 14.6.3 Likelihood of an Arc Tracking Event...432 14.6.4 Prevention of Arc Tracking...432 14.6.5 Verification of Protection and Management of Hazards...433 14.6.6 Summary...433 14.7 Corona Control in High Voltage Systems... 434 14.7.1 Associated Environments...434 14.7.2 Design Criteria...435 14.7.3 Verification and Testing...436 Recommended Reading... 437 14.8 Extravehicular Activity Considerations... 437 14.8.1 Displays and Indicators Used in Space...438 14.8.2 Mating and Demating of Powered Connectors...438 14.8.3 Single Strand Melting Points...439 14.8.4 Battery Removal and Installation...441 14.8.5 Computer or Operational Control of Inhibits...442 14.9 Spacecraft Electromagnetic Interference and Electromagnetic Compatibility Control... 442 14.9.1 Electromagnetic Compatibility Needs for Space Applications...443 14.9.2 Basic Electromagnetic Compatibility Interactions and a Safety Margin...444 14.9.3 Mission Driven Electromagnetic Interference Design: The Case for Grounding...445 14.9.4 Electromagnetic Compatibility Program for Spacecraft...446 14.10 Design and Testing of Safety Critical Circuits... 450 14.10.1 Safety Critical Circuits: Conducted Mode...450 14.10.2 Safety Critical Circuits: Radiated Mode...456

Contents xiii 14.11 Electrical Hazards... 461 14.11.1 Introduction...461 14.11.2 Electrical Shock...461 14.11.3 Physiological Considerations...462 14.11.4 Electrical Hazard Classification...463 14.11.5 Leakage Current...464 14.11.6 Bioinstrumentation...464 14.11.7 Electrical Hazard Controls...465 14.11.8 Verification of Electrical Hazard Controls...468 14.11.9 Electrical Safety Design Considerations...468 14.12 Avionics Lessons Learned... 469 14.12.1 Electronic Design...469 14.12.2 Physical Design...470 14.12.3 Materials and Sources...471 14.12.4 Damage Avoidance...472 14.12.5 System Aspects...472 References... 473 CHAPTER 15 Software System Safety... 475 15.1 Introduction... 475 15.2 The Software Safety Problem... 476 15.2.1 System Accidents...476 15.2.2 The Power and Limitations of Abstraction from Physical Design...477 15.2.3 Reliability Versus Safety for Software...479 15.2.4 Inadequate System Engineering...482 15.2.5 Characteristics of Embedded Software...484 15.3 Current Practice... 486 15.3.1 System Safety...487 15.4 Best Practice... 489 15.4.1 Management of Software-Intensive, Safety-Critical Projects...490 15.4.2 Basic System Safety Engineering Practices and Their Implications for Software Intensive Systems...491 15.4.3 Specifications...493 15.4.4 Requirements Analysis...494 15.4.5 Model-Based Software Engineering and Software Reuse...494 15.4.6 Software Architecture...496 15.4.7 Software Design...497 15.4.8 Design of Human-Computer Interaction...500

xiv Contents 15.4.9 Software Reviews...501 15.4.10 Verification and Assurance...502 15.4.11 Operations...503 15.5 Summary... 503 References... 503 CHAPTER 16 Battery Safety... 507 16.1 Introduction... 507 16.2 General Design and Safety Guidelines... 508 16.3 Battery Types... 508 16.4 Battery Models... 509 16.5 Hazard and Toxicity Categorization... 509 16.6 Battery Chemistry... 509 16.6.1 Alkaline Batteries...509 16.6.2 Lithium Batteries...512 16.6.3 Silver Zinc Batteries...523 16.6.4 Lead Acid Batteries...525 16.6.5 Nickel Cadmium Batteries...527 16.6.6 Nickel Metal Hydride Batteries...528 16.6.7 Nickel Hydrogen Batteries...533 16.6.8 Lithium-Ion Batteries...535 16.7 Storage, Transportation, and Handling... 544 References... 545 CHAPTER 17 Mechanical Systems Safety... 549 17.1 Safety Factors... 549 17.1.1 Types of Safety Factors...550 17.1.2 Safety Factors Typical of Human Rated Space Programs...551 17.1.3 Things That Influence the Choice of Safety Factors...551 17.2 Spacecraft Structures... 551 17.2.1 Mechanical Requirements...552 17.2.2 Space Mission Environment and Mechanical Loads...554 17.2.3 Project Overview: Successive Designs and Iterative Verification of Structural Requirements...557 17.2.4 Analytical Evaluations...559 17.2.5 Structural Test Verification...559 17.2.6 Spacecraft Structural Model Philosophy...561 17.2.7 Materials and Processes...562 17.2.8 Manufacturing of Spacecraft Structures...564 Recommended Reading...566

Contents xv 17.3 Fracture Control... 567 17.3.1 Basic Requirements...567 17.3.2 Implementation...567 17.3.3 Summary...568 17.4 Pressure Vessels, Lines, and Fittings... 568 17.4.1 Pressure Vessels...568 17.4.2 Lines and Fittings...574 17.4.3 Space Pressure Systems Standards...575 17.4.4 Summary...575 17.5 Composite Overwrapped Pressure Vessels... 576 17.5.1 The Composite Overwrapped Pressure Vessel System... 576 17.5.2 Monolithic Metallic Pressure Vessel Failure Modes...577 17.5.3 Composite Overwrapped Pressure Vessel Failure Modes...578 17.5.4 Composite Overwrapped Pressure Vessel Impact Sensitivity...579 17.5.5 Summary...581 17.6 Structural Design of Glass and Ceramic Components for Space System Safety... 581 17.6.1 Strength Characteristics of Glass and Ceramics...582 17.6.2 Defining Loads and Environments...586 17.6.3 Design Factors...588 17.6.4 Meeting Life Requirements with Glass and Ceramics...589 17.7 Safety Critical Mechanisms... 591 17.7.1 Designing for Failure Tolerance...591 17.7.2 Design and Verification of Safety Critical Mechanisms...594 17.7.3 Reduced Failure Tolerance...602 17.7.4 Review of Safety Critical Mechanisms...604 References... 605 CHAPTER 18 Containment of Hazardous Materials... 607 18.1 Toxic Materials... 610 18.1.1 Fundamentals of Toxicology...610 18.1.2 Toxicological Risks to Air Quality in Spacecraft...613 18.1.3 Risk Management Strategies...618 18.2 Biohazardous Materials... 621 18.2.1 Microbiological Risks Associated with Spaceflight...621 18.2.2 Risk Mitigation Approaches...622

xvi Contents 18.2.3 Major Spaceflight Specific Microbiological Risks...623 18.3 Shatterable Materials... 631 18.3.1 Shatterable Materials in a Habitable Compartment...631 18.3.2 Program Implementation...631 18.3.3 Containment Concepts for Internal Equipment...633 18.3.4 Containment Concepts for Exterior Equipment...636 18.3.5 General Comments About Working with Shatterable Materials...638 18.4 Containment Design Approach... 639 18.4.1 Fault Tolerance...639 18.4.2 Design for Minimum Risk...639 18.5 Containment Design Methods... 640 18.5.1 Containment Environments...640 18.5.2 Design of Containment Systems...640 18.6 Safety Controls... 643 18.6.1 Proper Design...643 18.6.2 Materials Selection...643 18.6.3 Materials Compatibility...643 18.6.4 Proper Workmanship...644 18.6.5 Proper Loading or Filling...644 18.6.6 Fracture Control...644 18.7 Safety Verifications... 644 18.7.1 Strength Analysis...645 18.7.2 Qualification Tests...645 18.7.3 Acceptance Tests...646 18.7.4 Proof Tests...647 18.7.5 Qualification of Procedures...647 18.8 Conclusions... 648 References... 649 CHAPTER 19 Failure Tolerance Design... 653 19.1 Safe... 653 19.1.1 Order of Precedence...653 19.2 Hazard... 655 19.2.1 Hazard Controls...655 19.2.2 Design to Tolerate Failures...656 19.3 Hazardous Functions... 658 19.3.1 Must Not Work Hazardous Function...658 19.3.2 Must Work Hazardous Function...659 19.4 Design for Minimum Risk... 659

Contents xvii 19.5 Conclusions... 660 References... 660 CHAPTER 20 Propellant Systems Safety... 661 20.1 Solid Propellant Propulsion Systems Safety... 662 20.1.1 Solid Propellants...662 20.1.2 Solid Propellant Systems for Space Applications...664 20.1.3 Safety Hazards...664 20.1.4 Handling, Transport, and Storage...670 20.1.5 Inadvertent Ignition...671 20.1.6 Safe Ignition Systems Design...672 20.1.7 Conclusions...673 20.2 Liquid Propellant Propulsion Systems Safety... 673 20.2.1 Planning...675 20.2.2 Containment Integrity...676 20.2.3 Thermal Control...677 20.2.4 Materials Compatibility...678 20.2.5 Contamination Control...678 20.2.6 Environmental Considerations...679 20.2.7 Engine and Thruster Firing Inhibits...679 20.2.8 Heightened Risk (Risk Creep)...680 20.2.9 Instrumentation and Telemetry Data...681 20.2.10 End to End Integrated Instrumentation, Controls, and Redundancy Verification...681 20.2.11 Qualification...681 20.2.12 Total Quality Management (ISO 9001 or Equivalent)...682 20.2.13 Preservicing Integrity Verification...682 20.2.14 Propellants Servicing...683 20.2.15 Conclusions...683 20.3 Hypergolic Propellants... 683 20.3.1 Materials Compatibility...683 20.3.2 Material Degradation...684 20.3.3 Hypergolic Propellant Degradation...685 20.4 Propellant Fire... 686 20.4.1 Hydrazine and Monomethylhydrazine Vapor...687 20.4.2 Liquid Hydrazine and Monomethylhydrazine...690 20.4.3 Hydrazine and Monomethylhydrazine Mists, Droplets, and Sprays...691 References... 691

xviii Contents CHAPTER 21 Pyrotechnic Safety... 695 21.1 Pyrotechnic Devices... 695 21.1.1 Explosives...696 21.1.2 Initiators...696 21.2 Electroexplosive Devices... 696 21.2.1 Safe Handling of Electroexplosive Devices...697 21.2.2 Designing for Safe Electroexplosive Device Operation...700 21.2.3 Pyrotechnic Safety of Mechanically Initiated Explosive Devices...702 References... 704 CHAPTER 22 Extravehicular Activity Safety... 705 22.1 Extravehicular Activity Environment... 705 22.1.1 Definitions...706 22.1.2 Extravehicular Activity Space Suit...708 22.1.3 Sensory Degradation...710 22.1.4 Maneuvering and Weightlessness...710 22.1.5 Glove Restrictions...711 22.1.6 Crew Fatigue...711 22.1.7 Thermal Environment...711 22.1.8 Extravehicular Activity Tools...712 22.2 Suit Hazards... 712 22.2.1 Inadvertent Contact Hazards...712 22.2.2 Area of Effect Hazards...715 22.3 Crew Hazards... 716 22.3.1 Contamination of the Habitable Environment...716 22.3.2 Thermal Extremes...716 22.3.3 Lasers...718 22.3.4 Electrical Shock and Molten Metal...718 22.3.5 Entrapment...719 22.3.6 Emergency Ingress...719 22.3.7 Collision...720 22.3.8 Inadvertent Loss of Crew...721 22.4 Conclusions... 722 References... 722 CHAPTER 23 Emergency, Caution, and Warning System... 725 23.1 System Overview... 725 23.2 Historic NASA Emergency, Caution, and Warning Systems... 726

Contents xix 23.3 Emergency, Caution, and Warning System Measures... 727 23.3.1 Event Classification Measures...727 23.3.2 Sensor Measures...728 23.3.3 Data System Measures...729 23.3.4 Annunciation Measures...730 23.4 Failure Isolation and Recovery... 731 Reference... 732 CHAPTER 24 Laser Safety... 733 24.1 Background... 733 24.1.1 Optical Spectrum...733 24.1.2 Biological Effects...734 24.2 Laser Characteristics... 735 24.2.1 Laser Principles...735 24.2.2 Laser Types...737 24.3 Laser Standards... 738 24.3.1 NASA Johnson Space Center Requirements...738 24.3.2 ANSI Standard Z136 1...739 24.3.3 Russian Standard...740 24.4 Lasers Used in Space... 740 24.4.1 Radars...741 24.4.2 Illumination...741 24.4.3 Sensors...741 24.5 Design Considerations for Laser Safety... 742 24.5.1 Ground Testing...742 24.5.2 Unique Space Environment...742 24.6 Conclusions... 744 References... 744 CHAPTER 25 Crew Training Safety: An Integrated Process... 745 25.1 Training the Crew for Safety... 746 25.1.1 Typical Training Flow...746 25.1.2 Principles of Safety Training for the Different Training Phases...752 25.1.3 Specific Safety Training for Different Equipment Categories...755 25.1.4 Safety Training for Different Operations Categories...761 25.2 Safety During Training... 770 25.2.1 Overview...770

xx Contents 25.2.2 Training, Test, or Baseline Data Collection Model Versus Flight Model: Type, Fidelity, Source, Origin, and Category...771 25.2.3 Training Environments and Facilities...775 25.2.4 Training Models, Test Models, and Safety Requirements...781 25.2.5 Training Model, Test Model, and Baseline Data Collection Equipment Utilization Requirements...795 25.2.6 Qualification and Certification of Training Personnel... 798 25.2.7 Training and Test Model Documentation...799 25.3 Training Development and Validation Process... 803 25.3.1 The Training Development Process...806 25.3.2 The Training Review Process...807 25.3.3 The Role of Safety in the Training Development and Validation Processes...809 25.3.4 Feedback to the Safety Community from the Training Development and Validation Processes...812 25.4 Conclusions... 815 References... 815 CHAPTER 26 Safety Considerations for the Ground Environment... 817 26.1 A Word About Ground Support Equipment... 818 26.2 Documentation and Reviews... 819 26.3 Roles and Responsibilities... 819 26.4 Contingency Planning... 819 26.5 Failure Tolerance... 820 26.6 Training... 820 26.7 Hazardous Operations... 821 26.8 Tools... 822 26.9 Human Factors... 822 26.10 Biological Systems and Materials... 823 26.11 Electrical... 824 26.12 Radiation... 824 26.13 Pressure Systems... 825 26.14 Ordinance... 825 26.15 Mechanical and Eelectromechanical Devices... 826 26.16 Propellants... 826 26.17 Cryogenics... 826 26.18 Oxygen... 826 26.19 Ground Handling... 827

Contents xxi 26.20 Software Safety... 827 26.21 Summary... 828 CHAPTER 27 Fire Safety... 829 27.1 Characteristics of Fire in Space... 830 27.1.1 Overview of Low Gravity Fire...830 27.1.2 Fuel and Oxidizer Supply and Flame Behavior...831 27.1.3 Fire Appearance and Signatures...832 27.1.4 Flame Ignition and Spread...836 27.1.5 Summary of Low Gravity Fire Characteristics...845 27.2 Design for Fire Prevention... 847 27.2.1 Materials Flammability...847 27.2.2 Ignition Sources...852 27.3 Spacecraft Fire Detection... 855 27.3.1 Prior Spacecraft Systems...855 27.3.2 Review of Low Gravity Smoke...858 27.3.3 Spacecraft Atmospheric Dust...859 27.3.4 Sensors for Fire Detection...860 27.4 Spacecraft Fire Suppression... 864 27.4.1 Spacecraft Fire Suppression Methods...864 27.4.2 Considerations for Spacecraft Fire Suppression...867 References... 877 CHAPTER 28 Safe Without Services Design... 885 CHAPTER 29 Probabilistic Risk Assessment with Emphasis on Design... 889 29.1 Basic Elements of Probabilistic Risk Assessment... 889 29.1.1 Identification of Initiating Events...890 29.1.2 Application of Event Sequence Diagrams and Event Trees...891 29.1.3 Modeling of Pivotal Events...893 29.1.4 Linkage and Quantification of Accident Scenarios...894 29.2 Construction of a Probabilistic Risk Assessment for Design Evaluations... 894 29.2.1 Uses of Probabilistic Risk Assessment...894 29.2.2 Reference Mission...896 29.3 Relative Risk Evaluations... 898 29.3.1 Absolute Versus Relative Risk Assessments...899

xxii Contents 29.3.2 Roles of Relative Risk Assessments in Design Evaluations...900 29.3.3 Quantitative Evaluations...902 29.4 Evaluations of the Relative Risks of Alternative Designs... 904 29.4.1 Overview of Probabilistic Risk Assessment Models Developed...904 29.4.2 Relative Risk Comparisons of the Alternative Designs...905 References... 911 Index... 913