A New Approach to Safety in Software-Intensive Systems
|
|
- Nickolas Wood
- 6 years ago
- Views:
Transcription
1 A New Approach to Safety in Software-Intensive Systems Nancy G. Leveson Aeronautics and Astronautics Dept. Engineering Systems Division MIT
2 Why need a new approach? Without changing our patterns of thought, we will not be able to solve the problems we created with our current patterns of thought. Albert Einstein Traditional safety engineering approaches developed for relatively simple electro-mechanical systems Accidents in complex, software-intensive systems are changing their nature Role of humans in systems is changing We need more effective techniques for these new systems
3 It s still hungry and I ve been stuffing worms into it all day.
4 Chain-of-Events Model Explains accidents in terms of multiple events, sequenced as a forward chain over time. Simple, direct relationship between events in chain Events almost always involve component failure, human error, or energy-related event Forms the basis for most safety-engineering and reliability engineering analysis: e,g, FTA, PRA, FMECA, Event Trees, etc. and design: e.g., redundancy, overdesign, safety margins,.
5 It s never what we don t know that stops us; it s what we do know that just ain t so Assumptions: Accidents are caused only by system component failure(s) Safety is increased by increasing the reliability of the individual system components. If components do not fail, then accidents will not occur. Software can be treated just like hardware (with perhaps a few minor changes). Highly reliable software is safe. Human error can be treated like hardware failure.
6 Accident with No Component Failures
7 Types of Accidents Component Failure Accidents Single or multiple component failures Usually assume random failure Component Interaction Accidents Arise in interactions among components Related to interactive complexity and tight coupling Exacerbated by introduction of computers and software New technology introduces unknowns and unk-unks
8 Interactive Complexity Critical factor is intellectual manageability A simple system has a small number of unknowns in its interactions (within system and with environment) Interactively complex (intellectually unmanageable) when level of interactions reaches point where can no longer be thoroughly Planned Understood Anticipated Guarded against
9 It s only a random failure, sir! It will never happen again.
10 Safety = Reliability Safety and reliability are NOT the same Sometimes increasing one can even decrease the other. Making all the components highly reliable will have no impact on system accidents. For relatively simple, electro-mechanical systems with primarily component failure accidents, reliability engineering can increase safety. But this is untrue for complex, software-intensive sociotechnical systems.
11 Software-Related Accidents Are usually caused by flawed requirements Incomplete or wrong assumptions about operation of controlled system or required operation of computer Unhandled controlled-system states and environmental conditions Merely trying to get the software correct or to make it reliable will not make it safer under these conditions.
12 Software-Related Accidents (2) Software may be highly reliable and correct and still be unsafe: Correctly implements requirements but specified behavior unsafe from a system perspective. Requirements do not specify some particular behavior required for system safety (incomplete) Software has unintended (and unsafe) behavior beyond what is specified in requirements.
13 Fumbling for his recline button Ted unwittingly instigates a disaster
14 STAMP: An Extended Causality Model Accidents arise from interactions among humans, machines, and the environment Not simply chains of events or linear causality, but more complex types of causal connections (non-linear, feedback, ) Safety is an emergent property that arises when system components interact with each other within a larger environment A set of constraints related to behavior of system components enforces that property Accidents occur when interactions violate those constraints (a lack of appropriate constraints on the interactions)
15 STAMP (2) Treat safety as a dynamic control problem rather than a component failure problem. O-ring did not control propellant gas release by sealing gap in field joint of Challenger Space Shuttle Software did not adequately control descent speed of Mars Polar Lander Temperature in batch reactor not adequately controlled in system design Public health system did not adequately control contamination of the milk supply with melamine Financial system did not adequately control the use of financial instruments Events are the result of the inadequate control Result from lack of enforcement of safety constraints in system design and operations
16 A change in emphasis: STAMP (3) prevent failures enforce safety constraints on system behavior Losses are the result of complex dynamic processes, not simply chains of failure events Most major accidents arise from a slow migration of the entire system toward a state of high-risk Need to control and detect this migration
17 STAMP (4) Includes component failures and what do now but extends to include new types of accident causes Compatible with MIL-STD-882 No changes to current military standards required to use it No harder than what we do now and in some ways easier
18 Example Safety Control Structure
19 Control processes operate between levels of control Controller Control Actions Model of Process Feedback Process models must contain: - Required relationship among process variables - Current state (values of process variables - The ways the process can change state Controlled Process Explains software errors, human errors, component interaction accidents
20 Uses for STAMP More comprehensive accident/incident investigation and root cause analysis Basis for new, more powerful hazard analysis techniques (STPA) Safety-driven design (physical, operational, organizational) Can integrate safety into the system engineering process Assists in design of human-system interaction and interfaces Organizational and cultural risk analysis Identifying physical and project risks Defining safety metrics and performance audits Designing and evaluating potential policy and structural improvements Identifying leading indicators of increasing risk ( canary in the coal mine ) New holistic approaches to security
21 Technical Does it work? Is it practical? Safety analysis of new missile defense system (MDA) Safety-driven design of new JPL outer planets explorer Safety analysis of the JAXA HTV (unmanned cargo spacecraft to ISS) Incorporating risk into early trade studies (NASA Constellation) Orion (Space Shuttle replacement) Safety of maglev trains (Japan Central Railway) NextGen (for NASA, just starting) Accident/incident analysis (aircraft, petrochemical plants, air traffic control, railway accident, )
22 Analysis of the management structure of the space shuttle program (post-columbia) Risk management in the development of NASA s new manned space program (Constellation) NASA Mission control re-planning and changing mission control procedures safely Food safety Does it work? Is it practical? Social and Managerial Safety in pharmaceutical drug development Risk analysis of outpatient GI surgery at Beth Israel Deaconess Hospital Analysis and prevention of corporate fraud
23 Evaluation (1) Performed a non-advocate risk assessment for inadvertent launch on new BMDS Deployment and testing of BMDS held up for 6 months because so many scenarios identified for inadvertent launch. In many of these scenarios: All components were operating exactly as intended E.g., missing cases in software, obscure timing interactions Could not be found by fault trees or other standard techniques Complexity of component interactions led to unanticipated system behavior STPA also identified component failures that could cause inadvertent launch (most analysis techniques consider only these failure events) Now being used proactively as changes made to system
24 Evaluation (2) Joint research project between MIT and JAXA to determine feasibility and usefulness of STPA for JAXA projects Comparison between STPA and FTA for HTV Problems identified? Resources required?
25 Comparison between STPA and FTA ISS component failures Crew mistakes in operation Crew process model inconsistent Activation missing/inappropriate Activation delayed HTV component failures HTV state changes over time Out of range radio disturbance Physical disturbance t, x feedback missing/inadequate t, x feedback delayed t, x feedback incorrect Flight Mode feedback missing/inadequate Flight Mode feedback incorrect Visual Monitoringmissing/inadequate Identified by both (STPA and FTA) Identified by STPA only Wrong information/directive from JAXA/NASA GS
26 Conclusions Traditional system safety techniques based on assumptions no longer true for the systems we are building Trying to add software and human error to them is hopeless New, more sophisticated causality models are needed to handle the new causes of accidents New, more powerful hazard analysis techniques, like STPA, work better than the traditional techniques for complex systems Software that is correct (satisfies its specifications) and reliable is NOT necessarily safe.
A New Systems-Theoretic Approach to Safety. Dr. John Thomas
A New Systems-Theoretic Approach to Safety Dr. John Thomas Outline Goals for a systemic approach Foundations New systems approaches to safety Systems-Theoretic Accident Model and Processes STPA (hazard
More informationIntro to Systems Theory and STAMP John Thomas and Nancy Leveson. All rights reserved.
Intro to Systems Theory and STAMP 1 Why do we need something different? Fast pace of technological change Reduced ability to learn from experience Changing nature of accidents New types of hazards Increasing
More informationWelcome to the STAMP/STPA Workshop
Welcome to the STAMP/STPA Workshop Introduction Attendance: Nearly 250 attendees From 19 countries And nearly every industry Sponsored by Engineering Systems Division, Aeronautics and Astronautics Department
More informationEngineering a Safer World. Prof. Nancy Leveson Massachusetts Institute of Technology
Engineering a Safer World Prof. Nancy Leveson Massachusetts Institute of Technology Why Our Efforts are Often Not Cost-Effective Efforts superficial, isolated, or misdirected Too much effort on assuring
More informationWeek 2 Class Notes 1
Week 2 Class Notes 1 Plan for Today Accident Models Introduction to Systems Thinking STAMP: A new loss causality model 2 Accident Causality Models Underlie all our efforts to engineer for safety Explain
More informationEngineering a Safer World
Engineering a Safer World Nancy Leveson MIT Presentation Outline Complexity in new systems reaching a new level (tipping point) Old approaches becoming less effective New causes of accidents not handled
More informationMy 36 Years in System Safety: Looking Backward, Looking Forward
My 36 Years in System : Looking Backward, Looking Forward Nancy Leveson System safety engineer (Gary Larsen, The Far Side) How I Got Started Topics How I Got Started Looking Backward Looking Forward 2
More informationEngineering a Safer and More Secure World
Engineering a Safer and More Secure World Nancy Leveson MIT Bottom Line Up Front (BLUF) Complexity is reaching a new level (tipping point) Old approaches becoming less effective New causes of mishaps appearing
More informationEngineering a Safer and More Secure World
Engineering a Safer and More Secure World Nancy Leveson MIT Topics What is the problem? Why do we need something new? Applying systems theory to system safety engineering STAMP: a new model of accident
More informationSafety-Driven Design for Software-Intensive Aerospace and Automotive Systems
Safety-Driven Design for Software-Intensive Aerospace and Automotive Systems The MIT Faculty has made this article openly available. Please share how this access benefits you. Your story matters. Citation
More informationSoftware Challenges in Achieving Space Safety
Software Challenges in Achieving Space Safety The MIT Faculty has made this article openly available. Please share how this access benefits you. Your story matters. Citation As Published Publisher Leveson,
More informationApplying systems thinking to safety assurance of Nuclear Power Plants
Applying systems thinking to safety assurance of Nuclear Power Plants Francisco Luiz de Lemos Instituto de Pesquisas Energeticas/ Comissao Nacional de Energia Nuclear IPEN/CNEN _ Brazil IMPRO Dialog Forum
More informationA New Accident Model for Engineering Safer Systems
A New Accident Model for Engineering Safer Systems Nancy Leveson Aeronautics and Astronautics Dept., Room 33-313 Massachusetts Institute of Technology 77 Massachusetts Ave., Cambridge, Massachusetts, USA
More informationrones-vulnerable-to-terrorist-hijackingresearchers-say/
http://www.youtube.com/v/jkbabvnunw0 http://www.foxnews.com/tech/2012/06/25/d rones-vulnerable-to-terrorist-hijackingresearchers-say/ 1 The Next Step: A Fully Integrated Global Multi-Modal Security and
More informationThe Need for New Paradigms in Safety Engineering
The Need for New Paradigms in Safety Engineering The MIT Faculty has made this article openly available. Please share how this access benefits you. Your story matters. Citation As Published Publisher Leveson,
More informationAn Integrated Approach to Requirements Development and Hazard Analysis
An Integrated Approach to Requirements Development and Hazard Analysis John Thomas, John Sgueglia, Dajiang Suo, and Nancy Leveson Massachusetts Institute of Technology 2015-01-0274 Published 04/14/2015
More informationEngineering Spacecraft Mission Software using a Model-Based and Safety-Driven Design Methodology
JOURNAL OF AEROSPACE COMPUTING, INFORMATION, AND COMMUNICATION Vol. 3, November 2006 Engineering Spacecraft Mission Software using a Model-Based and Safety-Driven Design Methodology Kathryn Anne Weiss
More informationLecture 13: Requirements Analysis
Lecture 13: Requirements Analysis 2008 Steve Easterbrook. This presentation is available free for non-commercial use with attribution under a creative commons license. 1 Mars Polar Lander Launched 3 Jan
More informationFocusing Software Education on Engineering
Introduction Focusing Software Education on Engineering John C. Knight Department of Computer Science University of Virginia We must decide we want to be engineers not blacksmiths. Peter Amey, Praxis Critical
More informationIntroduction. 25 th Annual INCOSE International Symposium (IS2015) Seattle, WA, July 13 July 16, 2015
25 th Annual INCOSE International Symposium (IS2015) Seattle, WA, July 13 July 16, 2015 Integrating Systems Safety into Systems Engineering during Concept Development Cody Harrison Fleming Aeronautics
More informationSafety in large technology systems. Technology Residential College October 13, 1999 Dan Little
Safety in large technology systems Technology Residential College October 13, 1999 Dan Little Technology failure Why do large, complex systems sometimes fail so spectacularly? Do the easy explanations
More informationConstellation Systems Division
Lunar National Aeronautics and Exploration Space Administration www.nasa.gov Constellation Systems Division Introduction The Constellation Program was formed to achieve the objectives of maintaining American
More information4 th European STAMP Workshop 2016
4 th European STAMP Workshop 2016 STPA Tutorial - Part 1 Introduction Objectives and Content Overview 2 Objectives and Organization The goal of this tutorial is to give you an overview of STPA. Targeted
More informationResilience Engineering: The history of safety
Resilience Engineering: The history of safety Professor & Industrial Safety Chair MINES ParisTech Sophia Antipolis, France Erik Hollnagel E-mail: erik.hollnagel@gmail.com Professor II NTNU Trondheim, Norge
More informationWHAT WILL AMERICA DO IN SPACE NOW?
WHAT WILL AMERICA DO IN SPACE NOW? William Ketchum AIAA Associate Fellow 28 March 2013 With the Space Shuttles now retired America has no way to send our Astronauts into space. To get our Astronauts to
More informationManaging the risk of major accidents
Transatlantic Science Week - Synergies between Space and Offshore Exploration Hans A. Bratfos, DNV Major accidents happens We learn from them, but can we avoid them? Three Mile Island - 1979 Alexander
More informationDesigning for recovery New challenges for large-scale, complex IT systems
Designing for recovery New challenges for large-scale, complex IT systems Prof. Ian Sommerville School of Computer Science St Andrews University Scotland St Andrews Small Scottish town, on the north-east
More informationMSL Lessons Learned Study. Presentation to NAC Planetary Protection Subcommittee April 29, 2013 Mark Saunders, Study Lead
MSL Lessons Learned Study Presentation to NAC Planetary Protection Subcommittee April 29, 2013 Mark Saunders, Study Lead 1 Purpose Identify and document proximate and root causes of significant challenges
More informationDesign and Operation of Micro-Gravity Dynamics and Controls Laboratories
Design and Operation of Micro-Gravity Dynamics and Controls Laboratories Georgia Institute of Technology Space Systems Engineering Conference Atlanta, GA GT-SSEC.F.4 Alvar Saenz-Otero David W. Miller MIT
More informationA system-theoretic, control-inspired view and approach to process safety
A system-theoretic, control-inspired view and approach to process safety The MIT Faculty has made this article openly available. Please share how this access benefits you. Your story matters. Citation
More informationIncluding Safety during Early Development Phases of Future ATM Concepts
Including Safety during Early Development Phases of Future ATM Concepts Cody H. Fleming & Nancy G. Leveson 23 June 2015 11 th USA/EUROPE ATM R&D Seminar Motivation Cost, Effectiveness 1 80% of Safety Decisions
More informationAddressing System Boundary Issues in Complex Socio-Technical Systems CSER 2007
Paper #63 Addressing System Boundary Issues in Complex Socio-Technical Systems CSER 2007 Joseph R. Laracy Engineering Systems Division Massachusetts Institute of Technology 70 Pacific St. #241 A Cambridge,
More information4. OPE INTENT SPECIFICATION TRACEABILITY...
Application of a Safety-Driven Design Methodology to an Outer Planet Exploration Mission Brandon D. Owens, Margaret Stringfellow Herring, Nicolas Dulac, and Nancy G. Leveson Complex Systems Research Laboratory
More informationSTPA FOR LINAC4 AVAILABILITY REQUIREMENTS. A. Apollonio, R. Schmidt 4 th European STAMP Workshop, Zurich, 2016
STPA FOR LINAC4 AVAILABILITY REQUIREMENTS A. Apollonio, R. Schmidt 4 th European STAMP Workshop, Zurich, 2016 LHC colliding particle beams at very high energy 26.8 km Circumference LHC Accelerator (100
More informationDesign Principles for Survivable System Architecture
Design Principles for Survivable System Architecture 1 st IEEE Systems Conference April 10, 2007 Matthew Richards Research Assistant, MIT Engineering Systems Division Daniel Hastings, Ph.D. Professor,
More informationPREFERRED RELIABILITY PRACTICES. Practice:
PREFERRED RELIABILITY PRACTICES PRACTICE NO. PD-AP-1314 PAGE 1 OF 5 October 1995 SNEAK CIRCUIT ANALYSIS GUIDELINE FOR ELECTRO- MECHANICAL SYSTEMS Practice: Sneak circuit analysis is used in safety critical
More informationSystem Safety Engineering
System Safety Engineering Nancy Leveson John Thomas 1 What were some of the causal factors in the Uberlingen accident? 2 Uncoordinated Control Agents SAFE STATE TCAS provides coordinated instructions to
More informationNASA s Exploration Plans and The Lunar Architecture
National Aeronautics and Space Administration NASA s Exploration Plans and The Lunar Architecture Dr. John Olson Exploration Systems Mission Directorate NASA Headquarters January 2009 The U.S. Space Exploration
More informationLesson 1: Technology to the Rescue. Why do you need it?
Engineering Design Notebook: Grade 6 Name: Hour Day Lesson 1: Technology to the Rescue Why do you need it? Sketch a picture of something that you need or want, that is not a living thing, and that you
More informationTestimony to the President s Commission on Implementation of the United States Space Exploration Policy
Testimony to the President s Commission on Implementation of the United States Space Exploration Policy Cort Durocher, Executive Director American Institute of Aeronautics and Astronautics NTSB Conference
More informationModelling and Hazard Analysis for Contaminated Sediments Using STAMP Model
Publications 5-2011 Modelling and Hazard Analysis for Contaminated Sediments Using STAMP Model Karim Hardy Mines Paris Tech, hardyk1@erau.edu Franck Guarnieri Mines ParisTech Follow this and additional
More informationFault Management Architectures and the Challenges of Providing Software Assurance
Fault Management Architectures and the Challenges of Providing Software Assurance Presented to the 31 st Space Symposium Date: 4/14/2015 Presenter: Rhonda Fitz (MPL) Primary Author: Shirley Savarino (TASC)
More informationThe NASA-ESA. Comparative Architecture Assessment
The NASA-ESA Comparative Architecture Assessment 1. Executive Summary The National Aeronautics and Space Administration (NASA) is currently studying lunar outpost architecture concepts, including habitation,
More informationFailure And Avoiding It In Space Vehicle Mechanisms
Failure And Avoiding It In Space Vehicle Mechanisms Walter Holemans, PSC Don Gibbons, Lockheed Martin Virginia Polytechnic Institute and State University Aerospace and Ocean Engineering Department Blacksburg,
More informationA systems approach to risk analysis of maritime operations
A systems approach to risk analysis of maritime operations Børge Rokseth 1*, Ingrid Bouwer Utne 1, Jan Erik Vinnem 1 1 Norwegian University of Science and Technology (NTNU), Department of Marine Technology
More informationPerspectives on human and robotic spaceflight. Steve Squyres Chairman, NASA Advisory Council Cornell University
Perspectives on human and robotic spaceflight Steve Squyres Chairman, NASA Advisory Council Cornell University The NASA Advisory Council Eight committees: Aeronautics Audit, Finance, and Analysis Commercial
More informationA RENEWED SPIRIT OF DISCOVERY
A RENEWED SPIRIT OF DISCOVERY The President s Vision for U.S. Space Exploration PRESIDENT GEORGE W. BUSH JANUARY 2004 Table of Contents I. Background II. Goal and Objectives III. Bringing the Vision to
More informationThe Preliminary Risk Analysis Approach: Merging Space and Aeronautics Methods
The Preliminary Risk Approach: Merging Space and Aeronautics Methods J. Faure, A. Cabarbaye & R. Laulheret CNES, Toulouse,France ABSTRACT: Based on space industry but also on aeronautics methods, we will
More informationUnderstanding STPA-Sec Through a Simple Roller Coaster Example
Understanding STPA-Sec Through a Simple Roller Coaster Example William Young Jr PhD Candidate, Engineering Systems Division Systems Engineering Research Lab Massachusetute of Technology 2016 STAMP
More informationAssurance Cases The Home for Verification*
Assurance Cases The Home for Verification* (Or What Do We Need To Add To Proof?) John Knight Department of Computer Science & Dependable Computing LLC Charlottesville, Virginia * Computer Assisted A LIMERICK
More informationUsing STPA in the Design of a Nuclear Power Plant Control Room
Using STPA in the Design of a Nuclear Power Plant Control Room A. Lucas STEPHANE MS Business Intelligence MS Experimental Psychology Research Assistant Florida Institute of Technology April 19, 2012 MIT
More informationHuman Factors of Standardisation and Automation NAV18
Human Factors of Standardisation and Automation NAV18 Mal Christie Principal Advisor Human Factors Systems Safety Standards Australian Maritime Safety Authority S-Mode Guidelines Standardized modes of
More informationFocus on Mission Success: Process Safety for the Atychiphobist
Focus on Mission Success: Process Safety for the Atychiphobist Mary Kay O Connor Process Safety International Symposium Bill Nelson and Karl Van Scyoc October 28-29, 2008 First: A Little Pop Psychology
More informationDesign for Affordability in Complex Systems and Programs Using Tradespace-based Affordability Analysis
Design for Affordability in Complex Systems and Programs Using Tradespace-based Affordability Analysis Marcus S. Wu, Adam M. Ross, and Donna H. Rhodes Massachusetts Institute of Technology March 21 22,
More informationApplication of STPA in Radiation Therapy: a Preliminary Study
Application of STPA in Radiation Therapy: a Preliminary Study Natalia Silvis-Cividjian Wilko Verbakel Marjan Admiraal MIT STAMP Workshop 2018 VU medical center Vrije Universiteit (VU) campus Amsterdam,
More informationCredits. National Aeronautics and Space Administration. United Space Alliance, LLC. John Frassanito and Associates Strategic Visualization
A New Age in Space The Vision for Space Exploration Credits National Aeronautics and Space Administration United Space Alliance, LLC John Frassanito and Associates Strategic Visualization Coalition for
More informationFundamentals of Systems Engineering
Fundamentals of Systems Engineering Prof. Olivier L. de Weck Session 9 Verification and Validation 1 General Status Update A5 is due next week! 2 3 Outline Verification and Validation What is their role?
More information10/29/2018. Apollo Management Lessons for Moon-Mars Initiative. I Have Learned To Use The Word Impossible With The Greatest Caution.
ASTR 4800 - Space Science: Practice & Policy Today: Guest Lecture by Apollo 17 Astronaut Dr. Harrison Schmitt on Origins and Legacy of Apollo Next Class: Meet at Fiske Planetarium for guest lecture by
More informationEthics in Materials Engineering
Ethics in Materials Engineering Dr. Parviz Yavari Dr. Ehsan Barjasteh Picture : https://www.linkedin.com/topic/ethical-reasoning Contents 1.Ethics/ Morality/Laws 2.Ethics in Engineering 3.Ethics in material
More informationELECTRIC SHOCK FAULT TREE STUDY VANCOUVER, BRITISH COLUMBIA
ELECTRIC SHOCK FAULT TREE STUDY Final Report Date Issued: July 31, 2018 Prepared for: Technical Safety BC VANCOUVER, BRITISH COLUMBIA Prepared by: Jeff Dancey Date of Workshop April 26-27, 2018 BakerRisk
More informationIntroduction To Cognitive Robots
Introduction To Cognitive Robots Prof. Brian Williams Rm 33-418 Wednesday, February 2 nd, 2004 Outline Examples of Robots as Explorers Course Objectives Student Introductions and Goals Introduction to
More informationA RENEWED SPIRIT OF DISCOVERY
A RENEWED SPIRIT OF DISCOVERY The President s Vision for U.S. Space Exploration PRESIDENT GEORGE W. BUSH JANUARY 2004 Report Documentation Page Form Approved OMB No. 0704-0188 Public reporting burden for
More informationSystems Engineering Overview. Axel Claudio Alex Gonzalez
Systems Engineering Overview Axel Claudio Alex Gonzalez Objectives Provide additional insights into Systems and into Systems Engineering Walkthrough the different phases of the product lifecycle Discuss
More informationNextGen Aviation Safety. Amy Pritchett Director, NASA Aviation Safety Program
NextGen Aviation Safety Amy Pritchett Director, NASA Aviation Safety Program NowGen Started for Safety! System Complexity Has Increased As Safety Has Also Increased! So, When We Talk About NextGen Safety
More informationNASA Keynote to International Lunar Conference Mark S. Borkowski Program Executive Robotic Lunar Exploration Program
NASA Keynote to International Lunar Conference 2005 Mark S. Borkowski Program Executive Robotic Lunar Exploration Program Our Destiny is to Explore! The goals of our future space flight program must be
More informationASTRA ERA and Future Robotics (for Exploration)
ASTRA 2017 - ERA and Future Robotics (for Exploration) Philippe Schoonejans 20/06/2017 ESA UNCLASSIFIED - For Official Use Overview European Robotic Arm for ISS Deep Space Gateway (DSG) Lunar surface missions
More informationNASA s Down- To-Earth Principles Deliver Positive Strategic Outcomes
CASE STUDY NASA CASE STUDY NASA s Down- To-Earth Principles Deliver Positive Strategic Outcomes Not every organization is preparing for future trips to Mars or searching for planets well beyond our solar
More informationlinks humans and space Japan Manned Space System Corporation
links humans and space www.jamss.co.jp Tokyo Office Otemachi Bldg., 1-6-1, Otemachi, Chiyoda-ku, Tokyo 100-0004, Japan TEL +81-3-3211-2002 FAX +81-3-3211-2004 Tsukuba Office Tsukuba Center Inc., 2-1-6,
More informationC. R. Weisbin, R. Easter, G. Rodriguez January 2001
on Solar System Bodies --Abstract of a Projected Comparative Performance Evaluation Study-- C. R. Weisbin, R. Easter, G. Rodriguez January 2001 Long Range Vision of Surface Scenarios Technology Now 5 Yrs
More informationDon t shoot until you see the whites of their eyes. Combat Policies for Unmanned Systems
Don t shoot until you see the whites of their eyes Combat Policies for Unmanned Systems British troops given sunglasses before battle. This confuses colonial troops who do not see the whites of their eyes.
More informationASSEMBLY - 35TH SESSION
A35-WP/52 28/6/04 ASSEMBLY - 35TH SESSION TECHNICAL COMMISSION Agenda Item 24: ICAO Global Aviation Safety Plan (GASP) Agenda Item 24.1: Protection of sources and free flow of safety information PROTECTION
More informationA SPACE STATUS REPORT. John M. Logsdon Space Policy Institute Elliott School of International Affairs George Washington University
A SPACE STATUS REPORT John M. Logsdon Space Policy Institute Elliott School of International Affairs George Washington University TWO TYPES OF U.S. SPACE PROGRAMS One focused on science and exploration
More informationBackground T
Background» At the 2013 ISSC, the SAE International G-48 System Safety Committee accepted an action to investigate the utility of the Safety Case approach vis-à-vis ANSI/GEIA-STD- 0010-2009.» The Safety
More informationGetting to Mars Psychological needs/concerns By: Elisabeth Ambrose
Getting to Mars Psychological needs/concerns By: Elisabeth Ambrose Taking a trip to Mars would be unlike anything ever experienced by humans before. As they travel away at thousands of kilometers per hour
More informationThe Global Exploration Roadmap International Space Exploration Coordination Group (ISECG)
The Global Exploration Roadmap International Space Exploration Coordination Group (ISECG) Kathy Laurini NASA/Senior Advisor, Exploration & Space Ops Co-Chair/ISECG Exp. Roadmap Working Group FISO Telecon,
More informationThe Lunar Split Mission: Concepts for Robotically Constructed Lunar Bases
2005 International Lunar Conference Renaissance Toronto Hotel Downtown, Toronto, Ontario, Canada The Lunar Split Mission: Concepts for Robotically Constructed Lunar Bases George Davis, Derek Surka Emergent
More informationASSEMBLY AND SERVICING OF SPACE TELESCOPES
ASSEMBLY AND SERVICING OF SPACE TELESCOPES NASA MIRROR TECH DAYS 2017 HAWTHORNE, CALIFORNIA 16 NOVEMBER 2017 REVIRESCO LLC howard.macewen@hmacewen.com 1 The Astrophysics Advisory Council (APAC) also recognizes
More informationIntroduction to ILWS. George Withbroe. Office of Space Science Sun Earth Connection Division NASA Headquarters
Introduction to ILWS George Withbroe Office of Space Science Sun Earth Connection Division NASA Headquarters GOAL: Stimulate and strengthen research in solar-terrestrial physics to improve understanding
More informationMr. Mike Pley. President and CEO,
Interview with CEO Mr. Mike Pley President and CEO, COM DEV, Toronto Canada I n our interview, COM DEV President and CEO Mr. Mike Pley speaks passionately about his business strategies for worldwide satellite
More informationA Call for Boldness. President Kennedy September 1962
A Call for Boldness If I were to say, we shall send to the moon a giant rocket on an untried mission, to an unknown celestial body, and return it safely to earth, and do it right and do it first before
More informationNATIONAL AERONAUTICS AND SPACE ADMINISTRATION
NATIONAL AERONAUTICS AND SPACE ADMINISTRATION AT A GLANCE: 2006 Discretionary Budget Authority: $16.5 billion (Increase from 2005: 2 percent) Major Programs: Exploration and science Space Shuttle and Space
More informationExecutive Summary. Chapter 1. Overview of Control
Chapter 1 Executive Summary Rapid advances in computing, communications, and sensing technology offer unprecedented opportunities for the field of control to expand its contributions to the economic and
More informationRobot: Robonaut 2 The first humanoid robot to go to outer space
ProfileArticle Robot: Robonaut 2 The first humanoid robot to go to outer space For the complete profile with media resources, visit: http://education.nationalgeographic.org/news/robot-robonaut-2/ Program
More informationBreaking News English.com Ready-to-Use English Lessons by Sean Banville
Breaking News English.com Ready-to-Use English Lessons by Sean Banville 1,000 IDEAS & ACTIVITIES FOR LANGUAGE TEACHERS breakingnewsenglish.com/book.html Thousands more free lessons from Sean's other websites
More informationNational Aeronautics and Space Administration
National Aeronautics and Space Administration 2013 Spinoff (spin ôf ) -noun. 1. A commercialized product incorporating NASA technology or expertise that benefits the public. These include products or processes
More informationThe Role of Software in Spacecraft Accidents
The Role of Software in Spacecraft Accidents Nancy G. Leveson Aeronautics and Astronautics Department Massachusetts Institute of Technology Abstract: The first and most important step in solving any problem
More informationUnderstand that technology has different levels of maturity and that lower maturity levels come with higher risks.
Technology 1 Agenda Understand that technology has different levels of maturity and that lower maturity levels come with higher risks. Introduce the Technology Readiness Level (TRL) scale used to assess
More informationProduct Safety and RF Energy Exposure Booklet for Portable Two-Way Radios
Product Safety and RF Energy Exposure Booklet for Portable Two-Way Radios The information provided in this document supersedes the general safety information contained in user guides published prior to
More informationThe Future of the US Space Program and Educating the Next Generation Workforce. IEEE Rock River Valley Section
The Future of the US Space Program and Educating the Next Generation Workforce IEEE Rock River Valley Section RVC Woodward Tech Center Overview of NASA s Future 2 Space Race Begins October 4, 1957 3 The
More informationINTRODUCTION TO STAMP
INTRODUCTION TO STAMP Dr. Robert J. de Boer Aviation Academy, Amsterdam Euro Stamp Workshop Reykjavik, September 13th, 2017 Presentation based on: - STPA Primer, Version 1.0; Leveson N. (2015). STAMP Tutorial,
More informationRequirements and Safety Cases
Requirements and Safety Cases Prof. Chris Johnson, School of Computing Science, University of Glasgow. johnson@dcs.gla.ac.uk http://www.dcs.gla.ac.uk/~johnson Introduction Safety Requirements: Functional
More informationA Software Perspective on GNSS Receiver Integration and Operation
Satellite Navigation Systems: Policy, Commercial and Technical Interaction A Software Perspective on GNSS Receiver Integration and Operation J. L. Goodman, United Space Alliance, 600 Gemini Avenue, Houston,
More informationGAO INTERNATIONAL SPACE STATION
GAO United States Government Accountability Office Report to Congressional Committees December 2011 INTERNATIONAL SPACE STATION Approaches for Ensuring Utilization through 2020 Are Reasonable but Should
More informationLeveraging 21st Century SE Concepts, Principles, and Practices to Achieve User, Healthcare Services, and Medical Device Development Success
Leveraging 21st Century SE Concepts, Principles, and Practices to Achieve User, Healthcare Services, and Medical Device Development Success Charles Wasson, ESEP Wasson Strategics, LLC Professional Training
More informationPutting the Systems in Security Engineering An Overview of NIST
Approved for Public Release; Distribution Unlimited. 16-3797 Putting the Systems in Engineering An Overview of NIST 800-160 Systems Engineering Considerations for a multidisciplinary approach for the engineering
More informationFocus Session on Commercial Crew
National Aeronautics and Space Administration Focus Session on Commercial Crew Technical Feasibility Panel for the Human Spaceflight Study February 4, 2013 Philip McAlister NASA HQ The Future State The
More informationESA Human Spaceflight Capability Development and Future Perspectives International Lunar Conference September Toronto, Canada
ESA Human Spaceflight Capability Development and Future Perspectives International Lunar Conference 2005 19-23 September Toronto, Canada Scott Hovland Head of Systems Unit, System and Strategy Division,
More informationNASA Mission Directorates
NASA Mission Directorates 1 NASA s Mission NASA's mission is to pioneer future space exploration, scientific discovery, and aeronautics research. 0 NASA's mission is to pioneer future space exploration,
More informationThe Value of Simple Checks
The Value of Simple Checks Conference on Quality in the Space and Defense Industries March 19, 20, 2012 Joe Nieberding Simple Checks Can Be Very Effective Frequently, engineers believe that checking anything
More informationPSAS. Welcome!! And thanks to our sponsors: Akamai Technologies Liberty Mutual Insurance General Motors Corp.
Welcome!! And thanks to our sponsors: Akamai Technologies Liberty Mutual Insurance General Motors Corp. Statistics 264 registered from 13 countries and 5 continents USA Brazil Japan China Netherlands Germany
More information