1、Lessons Learned Entry: 1398Lesson Info:a71 Lesson Number: 1398a71 Lesson Date: 2004-01-02a71 Submitting Organization: GSFCa71 Submitted by: Dennis S. Lee/Joe DezioSubject: SWIFT Power Control Board Harness Wire Reversal Abstract: Serious damage to an instruments heater control electronics resulted f
2、rom incorrect wiring within the interface harness. Efforts to expedite the I however, risks were expected to be mitigated by the Safe-to-Mate procedure, which was expected to verify compliance with the ICD. These “time saving” decisions and acceptance of excess risk resulted not only in damage to th
3、e instrument but also a 4-month schedule delay.Description of Driving Event: During instrument integration, a GSE power harness seriously damaged SWIFT heater control electronics. This mishap occurred on the Burst Alert Telescope (BAT) Power Control Board (PCB). The failure investigation identified
4、the root cause as a manufacturing error (miswire) in the GSE power interface harness. The PCB GSE harness was built and tested with a 28-volt reversed polarity in the power interface. The SWIFT Project desired to expedite the hardware I&T schedule. As a result, the PCB GSE power harness was accepted
5、 “as is” from the harness fabrication and test facility, without the proper documentation and QA review. At the time, it was rationalized that the Safe-To-Mate procedure would verify compliance to the Interface Control Document (ICD) and the safe flight hardware integration activities. As another ti
6、me saving approach, review and sign-off requirements for SWIFT integration work orders were reduced to accelerate schedule. This approach eliminated the need for system and discipline engineering signatures. Changing work order signature authority is inconsistent with GSFC policy for the control and
7、 authorization of flight hardware work orders. Following the PCB power-on fault, the GSFC policy was reinstated with signatures from quality assurance, systems Provided by IHSNot for ResaleNo reproduction or networking permitted without license from IHS-,-,-engineer and flight hardware leads. During
8、 the GSE electrical integration to the SWIFT PCB, the Safe-To-Mate procedure was performed, but not completed due to problems with a separate flight component, the Image Processor. To accelerate the integration schedule, the SWIFT Image Processor was being integrated in parallel with the PCB. Confus
9、ion ensued between the two integration procedures, and the PCB, GSE electrical Safe-To-Mate was not entirely finished. As a result of the application of reverse power, the SWIFT flight PCB sustained significant damage, which required a component rework cycle and a 4-month project schedule delay. The
10、re were several important situations and conditions, which resulted the SWIFT PCB power-on fault. These circumstances are the basis of the lessons learned. Each of these situations contributed to the PCB flight hardware damage, and individually, each could have prevented the failure condition. Overa
11、ll, a disciplined and careful system engineering and quality assurance approach can preclude damage to flight hardware electronic during power interface harness testing. Lesson(s) Learned: 1. During flight hardware integration, priority and precedence must be given to completion of the electrical po
12、wer interface Safe-To-Mate procedures. Priority and precedence for testing flight hardware implies that Safe-To-Mate is the first test procedure during integration. No other electrical integration procedures should commence until Safe-To-Mate procedure is completed. Incorrect power interfaces have c
13、ause more flight hardware damage than any other electronic hardware failure mode.2. The initial application of power is a continuous process. This process proceeds from component acceptance through flight instrument hardware and systems level integration and test. It cannot be understated the risk a
14、ssociated with the initial application of power to flight hardware. Particularly, when the test configuration is changed from component to subsystem or systems level testing, which involves a change in the power cable and harness interface. 2. There is an inherent, and potentially grave, risk with c
15、hanging existing and established NASA policies and procedures. This is especially true during flight hardware integration, when the intent is to expedite an accelerated schedule. Project management must exercise extreme care and diligence during integration, since there is a significant risk is asso
16、ciated with damaging hardware and/or physical injury.3. Project systems engineering and quality assurance must be responsible for ensuring the correctness of power interface harness prior to the application of flight hardware power. A system of checks and balances, which verifies flight hardware int
17、egration readiness, should be supported by both reviews and audits of power interface harnesses.Recommendation(s): Provided by IHSNot for ResaleNo reproduction or networking permitted without license from IHS-,-,-It is recommended that serious attention and care must be taken by project and systems
18、engineering management to ensure that all Safe-To-Mate procedures are given significant priority during the component electrical integration. The key elements to successful application flight hardware power are continual diligence and a detailed understanding of the risks involved with an initial po
19、wer-on integration operation. This attentive diligence is particularly necessary during early flight hardware integration efforts, because the hardware test configuration is continually changing. In addition, it is recommended that changes to NASA operating procedures, which would affect the safety
20、of personnel or flight hardware, must be approved at the Program management level or above. As applied to this lessons learned, the recommendation would involve signatory authority on a flight hardware integration work orders Finally, authority for managing successful integration effort should be gi
21、ven to systems engineering and quality assurance. It is recommended that systems engineering verify the power harness with both design wire lists and Failure Mode Effects Analysis (FMEA). Furthermore, quality assurance should ensure that the power harness acceptance test is complete and that all pap
22、erwork is finished and signed off by the proper review personnel. Evidence of Recurrence Control Effectiveness: N/ADocuments Related to Lesson: N/AMission Directorate(s): a71 Exploration Systemsa71 Sciencea71 Space Operationsa71 Aeronautics ResearchAdditional Key Phrase(s): a71 Administration/Organi
23、zationa71 Configuration Managementa71 Hardwarea71 Program and Project Managementa71 Risk Management/Assessmenta71 Safety & Mission Assurancea71 SpacecraftProvided by IHSNot for ResaleNo reproduction or networking permitted without license from IHS-,-,-a71 Test & VerificationAdditional Info: Approval Info: a71 Approval Date: 2004-05-20a71 Approval Name: Al Galloa71 Approval Organization: GSFCa71 Approval Phone Number: 301-286-3756Provided by IHSNot for ResaleNo reproduction or networking permitted without license from IHS-,-,-
