Trova il tuo prossimo libro preferito

Abbonati oggi e leggi gratis per 30 giorni
Safety Design for Space Operations

Safety Design for Space Operations

Leggi anteprima

Safety Design for Space Operations

Lunghezza:
1,950 pagine
18 ore
Pubblicato:
Mar 24, 2013
ISBN:
9780080969220
Formato:
Libro

Descrizione

Endorsed by the International Association for the Advancement of Space Safety (IAASS) and drawing on the expertise of the world’s leading experts in the field, Safety Design for Space Operations provides the practical how-to guidance and knowledge base needed to facilitate effective launch-site and operations safety in line with current regulations.

With information on space operations safety design currently disparate and difficult to find in one place, this unique reference brings together essential material on:

  • Best design practices relating to space operations, such as the design of spaceport facilities.
  • Advanced analysis methods, such as those used to calculate launch and re-entry debris fall-out risk.
  • Implementation of safe operation procedures, such as on-orbit space traffic management.
  • Safety considerations relating to the general public and the environment in addition to personnel and asset protection.

Taking in launch operations safety relating unmanned missions, such as the launch of probes and commercial satellites, as well as manned missions, Safety Design for Space Operations provides a comprehensive reference for engineers and technical managers within aerospace and high technology companies, space agencies, spaceport operators, satellite operators and consulting firms.

  • Fully endorsed by the International Association for the Advancement of Space Safety (IAASS), with contributions from leading experts at NASA, the European Space Agency (EASA) and the US Federal Aviation Administration (FAA), amongst others
  • Covers all aspects of space operations relating to safety of the general public, as well as the protection of valuable assets and the environment
  • Focuses on launch operations safety relating to manned and unmanned missions, such as the launch of probes and commercial satellites
Pubblicato:
Mar 24, 2013
ISBN:
9780080969220
Formato:
Libro

Correlato a Safety Design for Space Operations

Libri correlati
Articoli correlati

Anteprima del libro

Safety Design for Space Operations - Elsevier Science

Safety Design for Space Operations

Editor-in-Chief

Tommaso Sgobba

Editors

Firooz A. Allahdadi

Isabelle Rongier

Paul D. Wilde

Sponsored by

The International Association for the Advancement of space Safety

Table of Contents

Cover image

Title page

Dedication

Copyright

Preface

About the Editors and Contributors

Firooz A. ALLAHDADI, Ph.D

Isabelle RONGIER

Paul D. WILDE, Ph.D., P.E

Tommaso SGOBBA

William AILOR, Ph.D

Fernand ALBY

John B. BACON, Ph.D

Sayavur I. BAKHTIYAROV, Ph.D

Christophe BONNAL

Curt D. BOTTS

Bernard BRANDT

Kenneth BUTTON

Estelle CHAMPESTING

Jon CHROSTOWSKI

Nathalie COSTEDOAT

Robert DEMPSEY, Ph.D

John DOLLBERG

Melissa EMERY

Wigbert FEHSE, Ph.D

David FINKLEMAN, Ph.D

Jean-François GOESTER

Charles GRAY

Jerry HABER

Andrew HERD

Lark HOWORTH

Nicholas JOHNSON

Michael T. KEZIRIAN, Ph.D

Paul KIRKPATRICK

Steven L. KOONTZ, Ph.D

Georg KOPPENWALLNER, Ph.D. (1935–2012)

Leonard KRAMER, Ph.D

Udaya KUMAR, Ph.D

Erik LARSON Ph.D

Wim van LEEUWEN

Carine LEVEAU

Eugene LEVIN, Ph.D

Michael G. LUTOMSKI

Kelli MALONEY

Ronald R. MIKATARIAN

D. F. Kip MIKULA

Erwin MOOIJ, Ph.D

Randy NYMAN

Ron NOOMEN

Gary F. POLANSKI, Ph.D

Sandrine RICHARD

Karl U. SCHREIBER, Ph.D

Joseph A. SHOLTIS

Carlos E. SOARES

Richard G. STERN

Marc TOUSSAINT

Jean-Pierre TRINCHERO

Jérôme VILA

Gregory D. WYSS, Ph.D

Chapter 1. Introduction to Space Operations Safety

1.1 General

1.2 Safety Risk Management

1.3 Launch Site Safety

1.4 Launch Safety

1.5 Nuclear-Powered Payloads Safety

1.6 Orbital Safety

1.7 Re-Entry Safety

1.8 Aircraft Protection

Chapter 2. Spaceport Design for Safety

2.1 Introduction

2.2 Choice of Launch Site

2.3 Master Plan of a Spaceport

2.4 Ground Risk Control

2.5 Flight Risk Control

2.6 Safety Design for a Spaceport

2.7 Major Impacts of Safety Requirements on Spaceport Design

2.8 Specificity of Launch Pad Escape System Design for Human Spaceflight

2.9 Environment Protection

2.10 General Conclusion

Further Reading

Chapter 3. Ground Safety: Special Topics

3.1 Safety During Payload Ground Processing

3.2 Gases Storage and Handling Safety

Chapter 4. Safety in Launch Operations

4.1 Launch Operations Safety

4.2 Re-Entry of the Main Cryotechnic Stage of Ariane 5: Challenges, Modeling and Observations

Further Reading

Chapter 5. Other Launch Safety Hazards

5.1 Toxic Hazards

5.2 Distant Focusing Overpressure Risk Analysis

5.3 Other Launches and Platforms

Chapter 6. Nuclear-Powered Payload Safety

6.1 Introduction to Space Nuclear Systems

6.2 SNPS Launch History and Accidents

6.3 Launch Abort Environments Affecting SNPSs

6.4 Containment Design

6.5 Risk Assessment for Nuclear Missions

6.6 International Protocols and U.S. Environmental Review

6.7 Nuclear Mission Launch Approval

6.8 Nuclear Mission Launch Integration

6.9 Symbols and Acronyms

References

Chapter 7. On-Orbit Mission Control

7.1 Mission Control Center Design and Operations

7.2 Hazardous Commands Identification and Control

7.3 Flight Rules: Purpose and Use

Chapter 8. Orbital Operations Safety

8.1 Space Situational Awareness Systems and Space Traffic Control

8.2 Orbit Design for Safety

8.3 Conjunction Analysis

8.4 Collision Avoidance Maneuvers for the International Space Station (ISS)

8.5 Safe On-Orbit Manoeuvres Design

8.5.2 Risk Management of Jettisoned Objects in LEO

8.6 Spacecraft Charging Hazards

8.7 Spacecraft Contamination Hazard

8.8 End-of-Life Debris Mitigation Measures

8.9 Space Debris Removal

Chapter 9. Re-Entry Operations Safety

9.1 Introduction to Re-Entry Operations Safety Design

9.2 Re-Entry Trajectory Analyses

9.3 Re-Entry Breakup and Survivability Analyses

9.4 Evidence of Re-Entry Breakup and Survivability

9.5 Re-Entry Risk and Hazard Analyses

9.6 Design for Re-Entry Demise

Chapter 10. Air-Space Traffic Interface Management

10.1 Computing Risk to Aircraft

10.2 Aircraft Vulnerability

10.3 Typical Aircraft Risk Mitigation Approach

10.4 Alternative Approaches

10.5 Real-Time Management

10.6 Summary

References

Chapter 11. Safety of Ground-based Space Laser Application

11.1 Introduction

11.2 History of Satellite Laser Ranging

11.3 Concept of SLR Technology

11.4 International Laser Ranging Service and Mission Safety

11.5 In-Sky Laser Safety

11.6 Laser Safety in Space

11.7 Summary

References

Chapter 12. The Use of Quantitative Risk Assessment in the Operations Phase of Space Missions

12.1 Introduction

12.2 Communicating Risk to the Customer

12.3 Examples of PRA Applied to an Operational Program

12.4 Conclusion

References

Appendix A. Meteorology and Range Safety

Appendix B. Human and Structural Vulnerability

Human Vulnerability

Structure Vulnerability

Appendix C. Launch Chronology and Launch Failures

Introduction

Reference Documents and Sources

Database Description and Summary

Orbital Launch Attempts by Date

Orbital Launch Attempts by Launch Vehicle Family Type

Orbital Launch Attempts by Country/Launch Provider and by Launch Site

Derived Orbital Launch Attempt Failure Rate Data

Conclusion

Appendix D. Lightning Protection Systems

Introduction to Lightning

Charge Structure of a Thundercloud

Types of Lightning Discharge

Vehicle Triggered Lightning

Electrical Discharges above Thundercloud

Occurrence Probability

Events in a Cloud-to-Ground Lightning

Parameters Involved

General Threats

Lightning Protection System – Components of External Protection System

Lightning Protection System – Internal Protection

Lightning Launch Commit Criteria

Protection of Other Important Structures

Additional Issues

Further Reading

Appendix E. The Role of Economics in Spaceport Safety

Introduction

The Economics of Spaceports

Issues of Safety

Reactions to Safety Concerns

Demand-Side Design Considerations

Public Interest and Safety

The Institutional Context

Some Other Considerations

Conclusions

Appendix F. Re-Entry Risk Formulas

Index

Dedication

This book is dedicated to the memory of Jon Collins and Georg Koppenwallner

Copyright

Butterworth-Heinemann is an imprint of Elsevier

The Boulevard, Langford Lane, Kidlington, Oxford, OX5 1GB

225 Wyman Street, Waltham, Ma 02451, USA

First published 2013

Copyright © 2013 Elsevier Ltd. All rights reserved

Except Chapter 2.9; Chapter 8.4, 8.5.2, 8.6, 8.7 and 8.8; Chapter 12 which are in the US Public Domain

Portions of this book were prepared by U.S. government employees in connection with their official duties, and therefore copyright protection is not available in the United States for such portions of the book pursuant to 17 U.S.C. Section 105.

No part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or any information storage and retrieval system, without permission in writing from the publisher. Details on how to seek permission, further information about the Publisher’s permissions policies and our arrangement with organizations such as the Copyright Clearance Center and the Copyright Licensing Agency, can be found at our website: www.elsevier.com/permissions

This book and the individual contributions contained in it are protected under copyright by the Publisher (other than as may be noted herein).

Notices

Knowledge and best practice in this field are constantly changing. As new research and experience broaden our understanding, changes in research methods, professional practices, or medical treatment may become necessary.

Practitioners and researchers must always rely on their own experience and knowledge in evaluating and using any information, methods, compounds, or experiments described herein. In using such information or methods they should be mindful of their own safety and the safety of others, including parties for whom they have a professional responsibility.

To the fullest extent of the law, neither the Publisher nor the authors, contributors, or editors, assume any liability for any injury and/or damage to persons or property as a matter of products liability, negligence or otherwise, or from any use or operation of any methods, products, instructions, or ideas contained in the material herein.

British Library Cataloguing in Publication Data

A catalogue record for this book is available from the British Library

Library of Congress Cataloguing in Publication Data

A catalog record for this book is available from the Library of Congress

ISBN: 978-0-08-096921-3

For information on all Butterworth-Heinemann publications visit our website at store.elsevier.com

Printed and bound in the United Kingdom

13 14 15 16 10 9 8 7 6 5 4 3 2 1

Preface

The adventure of space exploration has come to a new crossroads in its history. After several decades of ambitious space programs that entailed cooperation between different states and space agencies, the industry is moving in new directions such as commercial access to space and new missions to explore other bodies in the solar system. It is impossible to imagine any of these programs going ahead unless safety is granted absolute priority for all aspects of the mission. I should like to quote Albert Einstein, who wrote "Concern for man and his fate must always form the chief interest of all technical endeavours." But good intentions alone will not suffice and, in view of the inherent dangers of the space environment and planetary exploration, risk mitigation is more critical than ever and must be supported with constant scientific and technical research.

There is consequently a need – but also an opportunity – to develop closer international cooperation both in terms of the players involved and the regulatory authorities, to guarantee the success of these new missions. In this field as in others, we must call on one of the most remarkable characteristics of space exploration, which has created a genuine international community prepared to share its experiences for the future benefit of all.

I see the publication of this book as a fine and promising example of the pooling of experience acquired in the safety issues surrounding space operations, for the benefit of public safety and the protection of the environment. I am certain that the relationships and the dynamic created during this project will contribute to future success in international scientific and technical cooperation in this field. It therefore gives me great pleasure to commend this work and I wish it the success it deserves.

Yannick d’Escatha, CNES President

About the Editors and Contributors

Firooz A. ALLAHDADI, Ph.D

Founding Fellow Member of the International Association for the Advancement of Space Safety (IAASS), and chairman of the IAASS Award Committee.

Dr. Firooz Allahdadi served (1998–2011) at the United States of America HQ Air Force Safety Center in multiple capacities. He was the Center’s Senior Technical Advisor, Director of Space Safety Division and the Department of Defense (DoD) representative in the presidentially mandated Inter-Agency Nuclear Safety Review Panel.

In 1998 Dr. Allahdadi employed rigorous scientific analysis to revamp the Air Force’s conventional weapons operational safety and guidelines. This undertaking produced measurable operational efficiency and considerable real estate savings. He pioneered the Directed Energy Weapons (DEW) Safety initiative leading teams of experts to identify and quantify the entire DEW hazards spectrum. He authored the governing DEW operation safety policies, AFPD 91-4, which has been benchmarked throughout US military.

As the DoD representative, Dr. Firooz Allahdadi oversaw special analysis, provided technical oversight and garnered Presidential Launch authorization for the two Martian launches Spirit and Opportunity in 2003, the New Horizons Mission, a journey to Pluto in 2005, and landing of the nuclear-powered Rover Curiosity on the surface of Mars in 2010.

He founded and directed the Space Kinetic Impact and Debris Division (1990–1998) at the Air Force Research Laboratory. He led teams of scientists and engineers to develop high-fidelity analytical tools to predict dynamics of the debris clouds created from any space engagements. This technology was employed to simulate specific space scenarios for national security planning.

Dr. Firooz Allahdadi lectured on transport phenomenon and conducted research on several nationally important programs as a faculty member at University of New Mexico. He is a member of the National Research Council, Chief Editor of the International Society for Optical Engineering and has authored over 75 scientific papers.

Isabelle RONGIER

Founding Associated Fellow Member of the International Association for the Advancement of Space Safety (IAASS), and member of the IAASS Board.

Isabelle Rongier is General Inspector, Director of General Inspection and Quality, of the French Centre National d’Etudes Spatiales (CNES) since April 2010, in charge of internal audit and risk assessment at agency level, and responsible for quality standards application in management processes and space projects. She’s also responsible for certifying technical conformity to the French Space Operation Act before each space operation (launch operations and in-orbit operations) is authorized. This certificate is then sent to French Ministry of Space on behalf of the President of CNES.

Previously (2005–2010), Isabelle Rongier was the Technical Director of CNES Launcher Directorate, dealing with all technical domains of a launcher design (solid, liquid and cryogenic propulsion, system and environment, mechanics and avionics). She has worked on all launchers operated from the European spaceport in French Guyana: Ariane 4 and 5, VEGA and Soyuz. She has always been deeply involved in safety methods and studies for all those launchers.

From 1997 to 2005, Isabelle Rongier served as head of system department and senior expert on flight management, including trajectory optimization, GNC algorithms design and validation, on-board flight software design and qualification and transient phases analysis. All these skills are necessary assets for performing safety analyses.

Paul D. WILDE, Ph.D., P.E

Founding Fellow Member of the International Association for the Advancement of Space Safety (IAASS).

Dr. Paul Wilde has 20 years of experience in space safety standards development, launch and re-entry safety evaluations, explosive safety analysis, and operations safety. He is currently a technical advisor for the Chief Engineer in Federal Aviation Administration’s (FAA’s) Office of Commercial Space Transportation and chairman of the Range Commander’s Council Risk Committee. He has performed leading roles for multi-organization projects in several high-profile situations. During the Columbia accident investigation, Dr. Paul Wilde was the principal investigator of public safety issues and provided technical oversight for the foam impact tests. He also performed key roles in the independent flight safety evaluations for the maiden flights of the ATV, Atlas V, Delta IV, Falcon 9-Dragon, Space Ship 1, and the Titan IVB.

Dr. Paul Wilde was a leader in the development of several major US regulations and standards on launch and re-entry risk management. For example, he was the lead author for five of the eleven chapters in the US national standard on range operations risk acceptability requirements, rationale, and implementation guidelines. Dr. Paul Wilde was co-chair of the Common Standards Working Group during the development of the FAA regulation on launch safety, and a principal author for the FAA’s Flight Safety Analysis Handbook. He has published over 100 technical reports and papers. He received the NASA Exceptional Achievement Medal, Special Congressional Recognition, and several other awards. He is a licensed professional engineer in Texas, with degrees in Mechanical Engineering from the University of California.

Tommaso SGOBBA

President and Founding Associated Fellow Member of the International Association for the Advancement of Space Safety (IAASS).

Until October 2012 Tommaso Sgobba has been responsible for flight safety at the European Space Agency (ESA), including human-rated systems, spacecraft re-entries, space debris, use of nuclear power sources, and planetary protection. He joined the European Space Agency in 1989, after 13 years in the aeronautical industry. Initially he supported the developments of the Ariane 5 launcher, several Earth observation and meteorological satellites, and the early phase of the Hermes spaceplane. Later he became product assurance and safety manager for all European manned missions on Shuttle, MIR station, and for the European research facilities for the International Space Station (ISS). For 10 years he chaired the ESA ISS Payload Safety Review Panel; he was also instrumental in setting up the ESA Re-entry Safety Review Panel.

Tommaso Sgobba holds an M.S. in aeronautical engineering from the Polytechnic of Turin (Italy), where he was also professor of space system safety (1999–2001). He has published several articles and papers on space safety, and co-edited the textbook Safety Design for Space Systems, published in 2009 by Elsevier, that was also published later in Chinese. He co-edited the book entitled The Need for an Integrated Regulatory Regime for Aviation and Space, published by Springer in 2011. He is a member of the editorial board of the Space Safety Magazine.

Tommaso Sgobba received the NASA recognition for outstanding contribution to the International Space Station in 2004, and the prestigious NASA Space Flight Awareness (SFA) Award in 2007.

William AILOR, Ph.D

Principal Engineer at the Center for Orbital and Re-entry Studies at The Aerospace Corporation in El Segundo, California. He has worked in the areas of space debris and re-entry hazard analyses for many years. He is Founding Fellow Member of the International Association for the Advancement of Space Safety (IAASS) and Chairman of the IAASS Space Hazards Technical Committee.

Fernand ALBY

Expert in space debris and responsible for space surveillance activities at the Centre National d’Etudes Spatiales (CNES), Toulose Center. He is member of the Steering Group of the IADC (Inter Agency Space Debris Coordination Committee) and is technical support to the French delegation to the United Nations Committee on the Peaceful Uses of Outer Space (UN-COPUOS) Scientific and Technical Sub-Committee. Author of numerous publications and member of the International Academy of Astronautics.

John B. BACON, Ph.D

Has worked at NASA in space systems integration for 23 years. Currently he integrates a variety of International Space Station environments issues, including orbital debris modeling and protection, ISS end-of-life disposal. He is a graduate of the California Institute of Technology (B.S. 1976) and of the University of Rochester (Ph.D. 1984)

Sayavur I. BAKHTIYAROV, Ph.D

Senior technical advisor of Space Safety Division at US Air Force Safety Center HQ, he is a US Department of Defense Coordinator for the Interagency Nuclear Safety Review Panel (INSRP) and an Associate Professor at New Mexico Tech. He participated in the US nuclear-powered Mars Science Laboratory-2011 mission.

Christophe BONNAL

Senior systems expert in the Technical Directorate of the Launcher Directorate of Centre National d’Etudes Spatiales (CNES). Since 1984, he has been in charge of numerous technical and project activities dealing with all current and future European launchers. Expert in space debris aspects, French delegate to the IADC (Inter Agency Space Debris Coordination Committee) and Chairman of the Space Debris Committee of the International Academy of Astronautics.

Curt D. BOTTS

Chief of Launch Safety of 45th Space Wing, US Air Force, examining anomalous event risks and developing criteria used to terminate flight of vehicles violating prescribed mission rules. As Interagency Nuclear Safety Review Panel (INSRP) Launch Abort Chairman he evaluates proposed launch of systems utilizing radioisotope sources. He has a Master’s degree in aeronautical engineering.

Bernard BRANDT

Assistant Director in charge of design and development of ground-based space facilities, he joined the Launcher Directorate of the Centre National d’Etudes Spatiales (CNES) 35 years ago. He has contributed to the development of the European spaceport in French Guiana, and in particular of the five launch pad complexes used for the Ariane 1 to 5, Soyuz and Vega launchers.

Kenneth BUTTON

Kenneth Button is a University Professor at George Mason University. He was formerly VSB Visiting Professor of Transport Economics and Policy at the Free University of Amsterdam, Professor of Applied Economics and Transport at Loughbough University, and Counsellor in the Secretary General’s Advisory Unit of the Organisation for Ecocomic Coordination and Development.

Estelle CHAMPESTING

CNES Safety Studies Engineer in Guiana Space Center Ground Safety Department since 2008. In charge of modeling and calculation of hazardous phenomena for spacecraft and launch activities. Graduated from the National Physic School of Strasburg with a specialization in microelectronics. She gained her first professional experience in Texas Instruments Inc. at Villeneuve-Loubet, as a Test and Product Engineer in the mobile phone field.

Jon CHROSTOWSKI

Specialist in explosion analysis, and effects of air blast and debris on buildings/windows as well as in determining the probability of occupant injury and fatality. He has developed fast-running explosion effects models for generic structures and windows that are being used by the United States Air Force, Navy, Defense Threat Reduction Agency (DTRA) and Department of Defense Explosives Safety Board (DDESB) to determine the risk from launch vehicle accidents, accidental vapor cloud explosions at explosive storage facilities, and terrorist attacks.

Nathalie COSTEDOAT

Expert in solid propellants design and engineering, pyrotechnics safety management for launchers and operations facilities. She acquired her experience in mathematical modeling development at the French company Société Nationale des Poudres et des Explosifs (SNPE), and in the field launchers operations and quality at the Centre National d’Etudes Spatiales (CNES).

Robert DEMPSEY, Ph.D

With a Ph.D. in astrophysics, he worked at the Max Planck Institute for Extraterrestrial Physics in Munich, Germany, and at the Space Telescope Science Institute, Baltimore, MD. Since 1997 Dr. Dempsey has worked on the International Space Station (ISS) program with over 6000 hours of real-time console experience.

John DOLLBERG

He has over 37 years of experience as a system safety engineer and has worked for NASA Kennedy Space Center since 1985. He holds a BS in Electrical Engineering from Valparaiso University and an MS in Industrial Engineering from Wayne State University. He also completed the US Army safety engineering intern training program.

Melissa EMERY

She has provided software integration and/or software safety support to the Space Shuttle program, International Space Station program, and several US Army programs. She is currently employed by APT-Research and provides airworthiness software support to the US Army. Melissa Emery holds a BS in Mathematics from the University of Houston, Clear Lake.

Wigbert FEHSE, Ph.D

He worked initially in industry in the development of gyroscopes and accelerometers, reaction and momentum wheels and control moment gyros. He joined the European Space Agency (ESA) in 1973, later becoming responsible for automated rendezvous and docking systems. He retired in 2002. He holds a Master’s degree in aeronautical engineering, and a degree of a Doktor-Ingenieur (Ph.D.) from the TU Berlin. He is the author of the textbook Automated Rendezvous and Docking of Spacecraft.

David FINKLEMAN, Ph.D

Internationally recognized expert in space system technology and operation, he served nearly 20 years as Chief Technical for the United States Space Command. He chairs the Space Operations and Ground Support Working Group of the International Organization for Standardization (ISO).

Jean-François GOESTER

Head of the Orbital Maneuvers Office at Centre National d’Etudes Spatiales (CNES), and expert in atmospheric re-entries and flight dynamics for various projects (Hermes spaceplane, Atmospheric Reentry Demonstrator, Automated Transfer Vehicle). He participated in the development of the ELECTRA tool for computation of potentials risks to the population due to spacecraft re-entry.

Charles GRAY

Works as an Aerospace Engineer at the NASA Johnson Space Center. Charles has worked in the International Space Station Program Office for five years, serving as primary expert on jettison policy and approval for three years and ISS altitude maintenance and propellant management for the past two years.

Jerry HABER

Leader in the development of mathematical models, performance of flight safety analyses, and in the development of risk acceptability standards for the US National Ranges over a period of more than 30 years. He was a key author of the Range Commanders Council Guidelines for debris risk analysis and risk acceptability.

Andrew HERD

Works at the European Space Agency (ESA) within the field of human spaceflight safety. He has some 15 years of space program experience, in which time he gained over 500 hours on-console, reviewed over 200 spaceflight systems (hardware and software), attended over 350 safety reviews, and, provided safety approval over 1000 flight rules and crew procedures.

Lark HOWORTH

Lead of the International Space Station Trajectory Operations Office in the Mission Operations Directorate at NASA/Johnson Space Center. He manages the group responsible for the protection of ISS from collisions with orbital debris, including conjunction risk assessments and the international coordination of debris avoidance manoeuvres. For over 15 years he has developed analytical and operational capabilities supporting collision avoidance for ISS, Space Shuttle, and other NASA programs.

Nicholas JOHNSON

As NASA Chief Scientist for Orbital Debris, he serves as the agency authority in the field of orbital debris, including all aspects of environment definition, present and future, and the operational and design implications of the environment to both manned and robotic space vehicles operating in Earth orbit. In July 2008 Nicolas Johnson was awarded the US Department of Defense Joint Meritorious Civilian Service Award.

Michael T. KEZIRIAN, Ph.D

Associate Technical Fellow with The Boeing Company, is a safety design engineer on the NASA Commercial Crew Program. He has 25 years experience in design and flight operations of space vehicles including Shuttle, International Space Station and communication satellites. He is an expert in Composite Overwrapped Pressure Vessels. He is Adjunct Associate Professor at the University of Southern California, he teaches the graduate course, Safety of Space Systems and Space Missions.

Paul KIRKPATRICK

Chairman of the International Space Station Program Ground Safety Review Panel at NASA Kennedy Space Center (KSC), he is responsible for the safety review and approval of ISS flight hardware processing through KSC. He also serves as the ground safety SME for the project Orion flight test management office.

Steven L. KOONTZ, Ph.D

BS in chemistry from the University of California at Berkeley, and a Ph.D. in chemistry from the University of Arizona. He has worked 30 years at NASA in materials research and environmental effects. Since 2000 he is ISS System Manager for Space Environments: ionizing radiation effects, spacecraft charging and plasma interactions, contamination/damage by visiting vehicle, out-gasing, and external surfaces degradation.

Georg KOPPENWALLNER, Ph.D. (1935–2012)

Late professor Koppenwallner worldwide recognized expert of aerothermodynamics and re-entries was owner and CEO of Hyperschall Technologie Göttingen (HTG). He taught courses on aerothermodynamics and satellite aerodynamics at TU Braunschweig for many years. He had close cooperation with the Institute of Fluid Mechanics in the areas of wind tunnel development and experimental methods. Without his bright ideas and initiatives, the hypersonic wind tunnel HLB and the icing wind tunnel of the Institute would not be there.

Leonard KRAMER, Ph.D

Scientist at The Boeing Company supporting the International Space Station program. He is trained as a Space Physicist with a doctorate from Rice University and specializes in the theoretical aspects of plasma interactions with space vehicles. Leonard has developed circuit models that simulate electrical current exposure to the human body.

Udaya KUMAR, Ph.D

Received Master’s and Ph.D. degrees in high voltage engineering at Indian Institute of Science, India. Currently an associate professor in the same institute. His research interests cover electromagnetics, lightning modeling and protection, and high voltage engineering. He was involved in the analysis and design of lightning protection systems of Indian launch pads.

Erik LARSON Ph.D

Received a Ph.D. in geophysics from Harvard University, and is now a senior scientist and program manager at ACTA, Inc, in Torrance, CA. He primarily supports the US Federal Aviation Administration and Department of Defense agencies in space vehicle risk software development and flight safety analysis.

Wim van LEEUWEN

Worked 32 years at European Space Agency (ESA) on different spacecraft projects, including Automated Transfer Vehicle and Columbus Module for ISS in the area of development checkout systems. He chaired the ESA manned projects Ground Segment Control Board (GSCB) and of the Security Control Board (SCB). He represented ESA in the ISS Security Assessment and Report Team (SART).

Carine LEVEAU

Leads the technical department of the Launcher Directorate of Centre National d’Etudes Spatiales (CNES) in charge of guidance, navigation and control (GNC), trajectory and safety during flight. She joined CNES in 2002 working for 3 years at the European Spaceport in Kourou, French Guiana. She managed technical activities related to Ariane 5 and VEGA stages re-entry, and was also responsible for the latest Ariane 5 main stage observation campaign.

Eugene LEVIN, Ph.D

Leading expert on space tether dynamics, the author of two books on the subject. He worked on various projects with NASA, and US Air Force and Navy. He is currently working with the US Naval Research Laboratory on the flight demonstration of electrodynamic propulsion.

Michael G. LUTOMSKI

Has worked for 27 years at NASA on Manned Spaceflight Programs. Currently he is risk manager for the International Space Station (ISS) program. He is responsible for defining and implementing the qualitative and quantitative risk management processes across the entire program to assist the ISS management in making risk-informed decisions.

Kelli MALONEY

Mechanical Design Engineer with NASA, Kennedy Space Center, Florida since 2002. Lead Design Engineer for the Constellation Program Ground Emergency Egress System and Crew Access Arm designs. Currently Lead Mechanical Designer for the new Space Launch System’s Crew Access Arm and the Ground Emergency Egress design engineering representative.

Ronald R. MIKATARIAN

BS in aeronautical engineering from Rensselaer Polytechnic Institute and an MS in mechanical engineering/fluid mechanics from the University of Santa Clara. He has worked for over 50 years in the areas of fluid dynamics, plasma physics and chemistry and is a member of Boeing Research and Technology. He is at present the Boeing Space Environments Manager on the International Space Station.

D. F. Kip MIKULA

System safety engineer at The Boeing Company, he has over 30 years experience in aerospace program system safety. Received a Bachelor of Science degree in mechanical engineering from the University of Michigan-Dearborn, a Master in Business Administration project management degree from National University, and a dual Master of Science degree in aeronautical sciences/operations from Embry-Riddle Aeronautical University.

Erwin MOOIJ, Ph.D

Received his M.Sc. and Ph.D. in Aerospace Engineering from Delft University of Technology, The Netherlands, in 1991 and 1998, respectively. From 1995 until mid 2007 he worked for the Dutch Space company on re-entry systems and real-time simulator development. Currently, he is an assistant professor in the Faculty of Aerospace Engineering, Delft University of Technology, working on launch and re-entry systems.

Randy NYMAN

Has 23 years of range safety experience and has supported toxic dispersion model development and analysis applications at the United States federal ranges. He contributed to the development of toxic hazard and risk screening methodologies adopted by the FAA for US commercial spaceport licensing applications.

Ron NOOMEN

Received his M.Sc. degree in 1983 with honors in aerospace engineering from Delft University of Technology, in The Netherlands. He analyzed satellite laser ranging data until 2006 and was the analysis coordinator of the International Laser Ranging Service from 1998 to 2006. Currently, he is an assistant professor at Delft University of Technology, coaching interplanetary optimization student projects.

Gary F. POLANSKI, Ph.D

Has worked for over 30 years at Sandia National Laboratories in national security, nuclear energy, and environmental programs. He has made key contributions in aerospace systems, space nuclear power and propulsion, terrestrial nuclear power, and nuclear materials management. He received a Ph.D. from the University of Texas.

Sandrine RICHARD

Environmental expert since 2005 at CNES/French Guiana Space Centre. Manages the measurement campaign for launchers in flight, the launch range activities and industrial activities. She is in charge of sustaining ISO 14001 certification with an environmental management plan, and research activities for knowledge of impacts, projects of waste reductions and energy consumption mitigation. Ph.D. in chemistry and environmental science.

Karl U. SCHREIBER, Ph.D

Received his Ph.D. in applied physics in Göttingen, Germany, in 1988. Since that time he has worked for the Technische Universitaet Muenchen in the field of Space Geodesy. His interests are in Satellite and Lunar Laser Ranging (SLR/LLR) and Sagnac Interferometry. He habilitated in 1999 and is Associate Professor at the Forschungseinrichtung Satellitengeodaesie. He is a member of the International Laser Ranging Service (ILRS).

Joseph A. SHOLTIS

LtCol, USAF (Ret) was system program manager (1970–93). Owner, Sholtis Engineering & Safety, 1993–Present. He managed SP-100 space reactor program (1983–87). Participated in every US nuclear-powered space mission since 1974: Viking I & II, Lincoln Experimental Satellites 8 & 9, Voyager I & II, Galileo, Ulysses, Mars Pathfinder, Cassini, Mars Exploration Rovers A & B, Pluto – New Horizons, and Mars Science Laboratory.

Carlos E. SOARES

BS in aerospace and ocean engineering from the Virginia Polytechnic Institute and State University, and an MS in aerospace and mechanical engineering from the University of Oklahoma. He has worked 22 years at Boeing Research and Technology in molecular contamination, plume effects and space environment effects. He is currently the Boeing Lead Engineer/Scientist for ISS External Contamination in the Space Environments Team.

Richard G. STERN

Mr. Richard G. Stern was Department Director of the Flight Mechanics Department at The Aerospace Corporation for 23 years. Mr. Stern joined The Aerospace Corporation after working at Space Technology Laboratories (Ramo Wooldridge) and Northrop Aircraft. Mr. Stern is the author of numerous technical papers and the co-holder of a patent for a passive satellite attitude control system.

Marc TOUSSAINT

Joined the European Space Agency (ESA) in 1986, after several years spent in the Belgian industry. He has covered many functions and responsibilities on different ESA programs, including Columbus module for the International Space Station and Ariane 5 launcher. He was responsible for the Ariane 5GS version and is currently working on Ariane 5ME version.

Jean-Pierre TRINCHERO

Senior range safety expert of the Centre National d’Etudes Spatiales (CNES) at the Europe’s spaceport in French Guiana in the fields of pyrotechnics and propulsion, chemical propellants and payloads preparation. He held operational responsibilities as payload safety officer, head of range safety (ground and flight) including operational responsibility for flight termination system (FTS). He has been also deeply involved in developing launchers safety policy in Europe.

Jérôme VILA

Joined the Centre National d’Etudes Spatiales (CNES) Launcher Directorate in 1997. He covered different positions throughout Ariane 5 design and development phase, finally leading the overall project from 2005 to 2009. Since 2009, he has been Technical Officer for the Ariane 5 Midlife Evolution launcher. He holds a Master’s degree in engineering from Ecole Centrale de Paris, France.

Gregory D. WYSS, Ph.D

Distinguished member of technical staff at Sandia National Laboratories. He led the Power Systems Working Group for the Mars Science Laboratory Interagency Nuclear Safety Review Panel, and was member for the Pluto New Horizons mission. He is Fellow of the International Association for the Advancement of Space Safety (IAASS).

Chapter 1

Introduction to Space Operations Safety

Tommaso Sgobba, Paul D. Wilde, Isabelle Rongier and Firooz A. Allahdadi

Chapter Outline

1.1 General

1.2 Safety Risk Management

1.3 Launch Site Safety

1.4 Launch Safety

1.5 Nuclear-Powered Payloads Safety

1.6 Orbital Safety

1.7 Re-Entry Safety

1.8 Aircraft Protection

1.1 General

The safety of any space system requires a deliberate and interdisciplinary integration of the flight hardware design with the design of its operations throughout the entire lifecycle of the system. This chapter introduces the subsequent chapters that more thoroughly address safety issues associated with the operations of space vehicles, from the design of the infrastructure on ground, through launch, on-orbit, and re-entry operations. This chapter begins with a discussion of safety and risk management at the conceptual level, including several fundamental goals and definitions. The balance of the chapter describes several seminal events and lays the foundation for a graduate level education in space operations safety.

1.2 Safety Risk Management

Risk Concepts, Metrics and Definitions

Webster’s Unabridged Dictionary defines safety as the condition of being free from undergoing or causing hurt, injury, or loss, and risk as the possibility of loss, injury, disadvantage, or destruction. Thus, complete safety can be thought of as an abstract ideal that equates to a zero risk or absolute protection from any possibility of adverse consequences, such as injury or damage.

In technical terms, risk is a metric that accounts for both consequence and probability over a specified interval of exposure. Launch or re-entry safety analyses typically attempt to quantify two important types of risk: individual risk and collective risk (both terms are formally defined below) that are expressed on an annual, or more commonly for space operations, on a per-mission basis. A common individual risk is the risk of a person being killed by lightning worldwide, which can be estimated as the average number of people killed by lightning per year divided by the total population of the world. A launch risk analysis typically computes the maximum individual risk as the highest probability any given individual has of suffering a serious injury or worse (i.e. becoming a casualty) as a result of the launch. The consequence implicit in any individual risk is an adverse outcome for a single individual, thus individual risk is a quantity that is bounded by zero and one. In other words, the maximum individual risk from an event is always bounded between no possibility and absolute certainty of an adverse consequence. In contrast, collective risk is the risk of an adverse outcome among a group of individuals. Collective risk is often expressed in terms of expected values: the average (generally the mean) consequences that occur as a result of an event if the event were to be repeated many times. The collective risk of fatality posed by lightning on an annual basis is the average number of people killed by lightning each year. Collective risk on a per-mission basis is analogous to an estimate of the average number of people injured by an earthquake, while individual risk would be the likelihood of an individual in a given location being injured by the earthquake.

Individual and collective risk criteria can be defined based on the total risks (also referred to as the aggregated risks) or accumulated risks. Accumulated risk refers to the risk from a single hazard throughout all phases of a mission, i.e. accumulated over all phases of the mission. Aggregated or total risk refers to the accumulated risk due to all hazard sources associated with a mission, which includes, but is not limited to, the risk due to any debris impact, toxic release, and distant focusing of blast overpressure. When multiple hazards exist, the aggregated risks (individual and collective) can always be estimated conservatively as the sum of the accumulated risk from each hazard. More sophisticated methods to compute the aggregated risks may be used to eliminate double counting, which can occur if a mission simultaneously poses multiple hazards to the same exposed populations.

Individual risk is an important measure of risk to the extent that most individuals are primarily concerned with their chance of being hurt or killed by an activity. Safety requirements often limit the maximum individual risk to ensure that individuals have an acceptably low probability of serious injury (or worse).

The government typically sets collective risk limits to ensure that the chance of an adverse consequence is acceptably low given an activity that subjects a group of individuals to potential hazards. In establishing the first federal law to define acceptable flight risk limits for commercial launches, the Federal Aviation Administration (FAA) noted that commercial launches should not expose the public to risk greater than normal background risk, which the FAA defined as those risks voluntarily accepted in the course of normal day-to-day activities.¹ Any discussion of the risk acceptability policies should clarify that no adverse consequences (e.g. serious injury or death) from a space operation will ever be acceptable, in the sense that a responsible authority would never regard such an event as routine or permissible. Thus, in an absolute sense, no adverse consequences as a result of a space operation are in fact acceptable. However, the possibility of accidents that might produce adverse consequences cannot always be entirely eliminated. The acceptable risks discussed here should be interpreted as tolerable risks. These are risks that society, via the authority vested in the government, tolerates to secure certain benefits from an activity with the confidence that the risks remain within well-defined limits and are managed properly using established procedures.

Risk measures for space operations often use one or two severity levels: casualties and fatalities. Casualties are people that suffer serious injuries or worse. Injuries severe enough to require hospitalization are commonly considered casualties. However, a precise technical definition of casualty is essential to enable quantitative launch and re-entry risk analyses. For the purposes of accident reporting, US federal law (49 CFR 830.2)² defined serious injury as any injury that (a) requires hospitalization for more than 48 hours, commencing within 7 days from the date the injury was received; or (b) results in a fracture of any bone (except simple fractures of fingers, toes, or nose); or (c) causes severe hemorrhages, nerve, muscle, or tendon damage; involves any internal organ; or (d) involves second- or third-degree burns, or any burns affecting more than 5% of the body surface. Although that definition is useful for accident reporting, the US uses an Abbreviated Injury Scale (AIS) level 3 or greater as the standard for distinguishing casualties from injuries of lesser severity in public risk assessments for launch.³ The US National Highway Traffic Safety Administration (NHTSA) also uses AIS level 3 injuries as the metric evaluating the effectiveness of occupant safety measures for automobiles⁴ and for estimating the costs associated with automobile accidents.⁵ An AIS level 3 injury is one that is reversible but requires overnight hospitalization.

The AIS of the Association for the Advancement of Automotive Medicine provides a useful means to define casualties in a technical way by distinguishing between serious injuries and those of lesser severity. The AIS is an anatomical scoring system that provides a means of ranking the severity of an injury and is used widely by emergency medical personnel. The full AIS codes consist of seven digits representing the affected body region, the type of anatomic structure affected, the specific anatomical structure affected, and injury severity level. In the context of launch and re-entry safety analyses the right most digit is the AIS severity level, a digit between 0 and 6 as shown in Table 1.1.

Table 1.1

AIS severity levels

For launch and re-entry, individual risks are often defined as the maximum probability that any person will be a casualty or by the maximum probability that any person will be a fatality as a result of the operation. The computation of the maximum considers all persons who may be credibly affected by the operation. Collective risk is the total risk to all individuals exposed to any hazard from a launch. Collective risks are often defined by the mean number of casualties (or fatalities), EC (EF) predicted to result from the launch. Casualty expectation or expected casualties, EC, is the statistically expected number of casualties that would occur if the launch were repeated many times under virtually identical conditions (i.e. the same conditions based on the available data from various measurement instruments). Thus, for example, if the casualty expectation is EC = 30 × 10–6 (30 in a million) then if the launch were repeated under identical conditions a million times an average of 30 casualties would occur. Catastrophic risk refers to the potential for multiple injuries or deaths from a single launch or re-entry operation. Catastrophic risk is typically characterized by risk profiles. Risk profiles depict the probability of N or more casualties (fatalities) for all values of N. Risk profiles can be used to establish the amount of insurance an operator should carry, as discussed in Chapter 9. Appendix F describes how the probability of one or more casualties can be used as a good measure of collective risk, particularly for a re-entry where very little debris survives to impact.

Safety Risk Management Goals

The initial goal of space operations safety engineering is complete containment of all hazards. Complete containment provides absolute safety through physical limitations that totally isolate the hazards posed by an operation from all surrounding populations and assets. Complete containment satisfies the primary tenet of space operations safety risk management: no hazardous condition is acceptable if the mission objectives can be attained with a safer approach. If hazards cannot be completely contained, then the goal of safety risk management is to minimize the risk posed by an operation to a level below a de minimis threshold. A de minimis threshold has been defined as a level of risk below which a hazard does not warrant any expenditure of resources to track or further mitigate. The term "de minimis" is derived from a Latin phrase (De minimis non curat lex), which translates to the law does not concern itself with trifles. The highly energetic nature of space launch and re-entry, especially to and from orbital conditions, generally prevents risk reduction to a de minimis level. Thus, space operations generally employ the safety risk management process described below.

An integrated strategy to ensure space operations safety typically uses Quantitative Risk Assessments (QRA), also referred to as Probabilistic Risk Assessment (PRA), system safety processes, and operational restrictions to identify hazards and risk drivers, mitigate risks, and ensure that any residual risks are maintained at an acceptable level. QRA/PRA, system safety and operational restrictions are equally important and interrelated elements of a sound safety risk management approach. In the US, government agencies that oversee potentially hazardous operations recognize that risk analysis is a tool – one of many, but nonetheless an important tool – in the regulatory tool kit and understand that the principles of risk management are intended to provide a general policy framework for evaluating and reducing risk, while recognizing that risk analysis is an evolving process and agencies must retain sufficient flexibility to incorporate scientific advances. QRAs/PRAs are best used to characterize the risks posed by a launch or re-entry in a manner consistent with the risk-informed approach to regulatory decision-making adopted by the Nuclear Regulatory Commission (NRC). In 1999, the NRC wrote that a ‘risk-informed’ approach to regulatory decision-making represents a philosophy whereby risk insights are considered together with other factors to establish requirements that better focus licensee and regulatory attention on design and operational issues commensurate with their importance to public health and safety."

QRA/PRA is also used in the International Space Station program to characterize the risks of on-orbit operations.

Safety Risk Management Process

Safety risk management is a systematic and logical process to identify hazards and control the risks they pose. This process should include the following elements (phases) which are depicted in Figure 1.1 and described below:

1. Mission definition and hazard identification.

2. Risk assessment.

3. Criteria comparison and risk reduction.

4. Risk acceptance.

FIGURE 1.1 Safety risk management process.

Mission definition and hazard identification

This is the problem definition step of the process. Information is assembled to identify mission characteristics, objectives and constraints. Potential hazard sources must be identified by evaluating the system to be flown and the safety constraints. Information sources typically include: safety data packages (sometimes called safety dossiers), system description documents, mission essential personnel locations, population data on the surrounding populations, data on facilities and transportation assets (including aircraft corridors and shipping lanes), meteorological data, data on the range safety system used, and lessons learned on similar missions. The output of this step provides a basis for hazard analysis and risk assessment, and is useful for evaluating options to mitigate the risks in ways that will minimize adverse mission impact.

Risk assessment

This step provides information needed to determine whether further risk reduction measures are necessary. Risk levels for identified hazards are expressed using qualitative and quantitative methods. This step produces basic measures of the risks posed by hazards of each phase of the operation, such as launch and re-entry. Typical hazards include inert, explosive and flammable conditions, debris impacts, explosive overpressure fields, exposure to toxic chemicals, and exposure to ionizing and non-ionizing radiation, as well as on-orbit collision hazard. In some cases, this step will provide sufficient information to support the decision-making without further analysis.

A valid risk assessment must account for all potential hazards posed by the operation to personnel, facilities, and other assets. It must be based on accurate data, scientific principles, and an application of appropriate mathematics. The assessment must be consistent with the safety controls that are planned for the mission. Valid calculations to assess risk typically use methods that produce conservative estimates; i.e., they produce a scientifically plausible result that characteristically overestimates risk given existing uncertainties. In all cases, the safety engineer is responsible for ensuring that their approach produces reasonable results. This assessment leads to mitigation measures needed to protect individuals, groups of people, critical facilities, and public assets.

Simplified risk models are often employed to make an initial determination of risk. They are also used when the identified hazards are known to result in low risks and the analyst is assured that the estimated risk is conservative. For example, simple models can be used when only inert debris impacts with relatively low values of kinetic energy can occur and shelters would provide protection from the debris. These models are generally less costly and minimize schedule impacts and have the following characteristics: simplified application of input parameters and assumptions, simplified measures of population estimation utilized, a basic injury model and associated casualty areas, and conservative assumptions of debris fragmentation and survivability. If the resulting risk estimate is conservative and well within acceptable limits then employing more costly and time consuming higher fidelity models is not necessary.

When the identified hazards are significant, or the initial risk estimates approach or exceed the acceptance criteria, more complex risk models are typically used. Higher fidelity models are often more costly and time consuming, demanding more sophisticated input data and assumptions such as detailed population and sheltering models, more complex human vulnerability models, and more realistic debris fragmentation and survivability models. High fidelity risk assessments require input parameters and assumptions to be supported by empirical evidence or expert elicitation. Complex launch and re-entry risk assessment models are typically used when significant size debris or explosive debris impacts are present that could compromise shelters and the associated population.

Criteria comparison and risk reduction

Risk measures are compared with criteria to determine the need or desirability for risk reduction. If the risks are initially unacceptable, measures should be considered to eliminate, control or mitigate them. Elimination is achieved by design or system changes that remove the hazard source, such as replacing a hazardous material with a non-hazardous one or moving a trajectory to achieve containment. Mitigation is achieved by reducing the consequences of an event or the probability of an event happening. For example, increasing system reliability of a vehicle or test article will increase the probability of success and lower risk. On the other hand, designing a mission to avoid flight over densely populated areas will decrease consequences of a vehicle failure (casualties) and thereby reduce the risk. Mitigation measures may include elements in the operation plan that reduce risk and are consistent with operational objectives, flight termination systems, containment policies, evacuation, sheltering, and other measures to protect assets from the hazards. Safety intervention criteria should be optimized by balancing the risk given a failure and intervention, such as flight or thrust termination, against the risk given a failure without a safety intervention. To evaluate the effectiveness of mitigation measures, risk must be reassessed assuming they have been implemented. These risk reduction procedures should be followed until risk levels are as low as reasonably practicable.

Risk acceptance

Presentations to the decision authority must be sufficient to support an informed decision. The Federal Tort Claims Act (FTCA) enjoins the US court system from second-guessing decisions made by properly authorized government officials in determining the acceptability of operational risks. A key test under the FTCA requires that the decision-making official be fully advised and informed of the known risks. Failure to fully advise the decision-making authority of known risks can result in liability of the US Government or its officials. Thus, the decision authority should be presented with all mandated risk control measures, residual risks, measures of catastrophic loss potential (e.g. maximum collective risk given a failure with safety intervention, maximum collective risk given failure of a safety intervention, and risk profiles), key analysis assumptions, and the protective measures that have been considered and implemented. The decision authority must approve proposed mission rules and should compare the operational risk to the pre-defined risk acceptability criteria. In general, higher-risk operations require a higher level of approval. The decision authority may tolerate risk levels within criteria to secure certain benefits from an operation with the confidence that the risk is properly managed and consistent with best practices. The outcome of these presentations to the decision authority is the acceptance of operational risks by a properly informed decision authority. This acceptance includes a determination that the residual operational risk is within tolerable limits. The risk acceptance decision affirms that the proposed conditions for allowing the operation to be initiated and the rules to allow the mission to continue to completion comply with best practices used to ensure that risk falls within accepted levels. The terms of this acceptance and required implementation conditions must be documented. The responsible safety office should document a risk assessment to demonstrate compliance with the risk management policy applied.

1.3 Launch Site Safety

On August 22, 2003, at 13:30 (local time) a massive explosion destroyed a Brazilian Space Agency VLS-1 rocket as it stood on its launch pad at the Alcantara Launching Center in northern Brazil. Twenty-one technicians close to the launch pad died when one of the rocket’s four first-stage motors ignited accidentally. The rocket had been scheduled to launch in just a few days and had two satellites on-board when the explosion occurred. The investigation report established that an electrical flaw triggered one of the VLS-1 rocket’s four solid fuel motors while it was undergoing final launch preparations. The report said that certain decisions made by managers long before the accident led to a breakdown in safety procedures, routine maintenance, and training. In particular, the investigation committee observed a lack of formal, detailed risk management procedures, especially in the conduct of operations involving preparations for launch.

In the history of humankind, every space adventure, great or small, has begun on the ground. Mission and flight hardware designers who have overlooked this fact have paid a high price, either in loss or damage to the hardware pre-launch, or in mission failure or reduction. Designers may not only risk their flight hardware; they may also risk their own lives, that of their co-workers, and even the safety of the general public by not heeding to calls for safety when designing spaceport facilities and establishing ground processes.

Chapter 2 of this book deals with ground safety topics related to spaceport design and infrastructure, starting with the presentation of the criteria for the selection of the geographical location of a launch site, then explaining how to master the development of the spaceport infrastructure. The European Spaceport in French Guyana is used as example.

Ground risk control concepts are introduced. There are general industrial safety regulations to be followed and specific safety rules to be determined and applied as an integral part of the assembly, integration and testing (AIT) activities performed at the launch site. Generally, rules concerning risk evaluation and accident prevention for explosives and pyrotechnics processing plants, and environment protection regulations drive the design of several facilities and the general layout (e.g., distance between buildings).

Flight risk controls as the execution of destruction or neutralization commands to stop a vehicle flight, lead to the establishment of danger zones on the launch site and all around it. We will see how to define the danger zones and how to limit the exposure of personnel. In reality, a wide group of areas is hazardous because of the space activity. The definition of hazardous effect zones is explained, as is their major impact on the design of a spaceport: buildings locations, design rules for roadways, lightning protection systems, fire protections, handling and lifting, command and control process for fluids, etc. We will see that the applicable safety design requirements basically depend on the locations of the buildings and associated roadways that define the operating flexibility (independence of activities, access and escape routes, growth potential). Other important aspects of spaceport safety design are that of launch pads lightning protection systems, and of launch pad escape systems in the case of crewed vehicles. Finally, an important topic closely linked to safety is the environment protection. Chapter 2 uses numerous examples to explain how action plans are used to protect the environment.

Chapter 3 deals with some topics that apply to several kinds of flight hardware, from the largest rockets to small experiment hardware, during ground processing. One, for example, is lack of recognition of the need for detailed ground safety documentation and rigorous technical safety reviews. Many hardware and mission designers assume that if the hardware is safe to fly, it will also be safe during ground processing. Some also assume that the industrial safety processes commonly used during development and manufacture are sufficient for use at the launch and landing sites.

Another topic is processing of pressurized gases. Propulsion, life support, and thermal management subsystems require the use of high pressures gases. Additionally, gases are critical to payloads including science experiments like those performed on the International Space Station (ISS). Special storage, use, and handling precautions are necessary in order to control the hazards introduced by the presence of pressurized gases. This chapter provides some basic energy considerations of stored gases, and describes the hazards and corresponding causes associated with compressed gases. Finally it discusses operational controls that should be followed to minimize the risks.

1.4 Launch Safety

On January 26, 1995, a Long March 2E rocket veered off course 2 seconds after take-off from Xichang Space Center and exploded, killing at least six on the ground. On February 14, 1996, a similar failure happened during the launch of Intelsat 708 telecommunication satellite. The rocket veered severely off course immediately after clearing the launch tower and crashed in a rural village. Xinhua News Agency eventually reported six deaths and 57 injuries.

Space access has become increasingly important to the nations of the world. Upon achieving the status of a space-faring nation, however, a key responsibility that devolves upon a state is to establish the technology and processes to protect life and property against the consequences of malfunctioning space systems. Moreover, at most launch ranges the emphasis is on protecting people against injuries resulting from a launch operation. The common practice is to attempt to achieve protection by isolating the hazardous condition from populations at risk. When this is not feasible, risk management can be used to provide an adequately high level of safety as described under the section on Safety Risk Management above.

Identification of launch hazard areas may range from simplistic rules of thumb to sophisticated analyses. When simple rules are applied, they commonly specify a hazard radius about a launch point, and planned impact points for stages, connected by some simple corridor. More sophisticated analyses attempt to identify credible rocket malfunctions, model the resulting trajectories, and determine the conditions that will result in debris due to exceeding the structural capacity of the rocket or a flight termination system activation by the range safety officer.

These analyses typically include failure analyses to identify how a launch vehicle will respond followed by failure response analyses to define the types of malfunction trajectories the vehicles will fly. The vehicle loads are assessed along the malfunction trajectory to determine whether structural limits will be exceeded. Vehicle position and velocity may be compared against abort criteria to assess whether the vehicle should be allowed to continue flight, terminate thrust, or be destroyed. Debris-generating events then become the basis for assessing the flux of debris falling through the atmosphere and the impact probability densities. The debris involved may be screened by size, impact kinetic energy, or other criteria to assess which fragments pose a threat to unsheltered people, people inside various types of shelters, people on ships, and people in aircraft. The resulting debris impact zones or impact probability isopleths are then commonly used as part of the basis for defining exclusion areas.

Other hazards associated with launch operations are frequently addressed in defining exclusion zones. Explosive hazards (overpressure and fragments thrown by an explosion) are an important component in the launch area. Toxic hazards from the rocket’s exhaust products are often an additional consideration in defining exclusion regions. Additional sections of the complex may be restricted to protect against radiation from radars and other support instrumentation. Although full hazard containment is considered to be the preferred protection policy, it is not always possible. The next line of protection after defining exclusion areas is real-time tracking and control of the rockets. Range safety systems are used for this purpose. They include a means of tracking a launch vehicle’s position and velocity (tracking system) and a means of terminating the flight of a malfunctioning vehicle (flight termination system).

Flight termination criteria are customarily designed based on the capability of the range safety system to limit the extent of the hazards from a malfunctioning launch vehicle. Frequently, ranges assume

Hai raggiunto la fine di questa anteprima. Registrati per continuare a leggere!
Pagina 1 di 1

Recensioni

Cosa pensano gli utenti di Safety Design for Space Operations

0
0 valutazioni / 0 Recensioni
Cosa ne pensi?
Valutazione: 0 su 5 stelle

Recensioni dei lettori