Technology Risk Management

ISL has ongoing projects with the Safety and Assurance Requirements Division at the National Aeronautics and Space Administration (NASA) and the Advanced Concepts Branch at NASA’s Marshall Space Flight Center (MSFC). NASA depends on the services provided by ISL for developing methods to identify conditions that may be precursory to more serious accidents as well as innovative reliability analysis techniques for assessing and down-selecting competing design options to the optimal system solutions in a continuing effort to improve the safety of man-rated systems and reduce the risk of technology and systems development.



NASA Safety


Since the days of Mercury, Gemini, and Apollo, NASA has been a world leader in system safety and risk management, putting a man on the moon and enabling today’s world of global telecommunications and planetary exploration. ISL has played, and continues to play, a key role in helping to keep NASA on the cutting edge. In the area of system safety, ISL has led the effort to evolve the Agency’s system safety framework to cost-effectively focus on Agency objectives rather than on past practices, removing stovepipes and empowering safety practitioners to bring innovation to the task of developing safe systems. In the area of risk management, ISL has led the effort to transform Agency practice from the traditional approach of managing risks individually and locally, to a holistic approach where risk management is integrated across mission execution domains and across organizations throughout the NASA management hierarchy. ISL is a principal author of the NASA System Safety Handbook (Volumes 1 & 2), the NASA Accident Precursor Analysis Handbook, the NASA Risk-Informed Decision Making Handbook, and the NASA Risk Management Handbook.

ISL’s current system safety and risk management support to NASA is focused on the areas of Hazard Analysis, Integrated Safety Analysis, Human Rating Certification, Institutional Risk Management, and Enterprise Risk Management. As NASA continues to develop its next-generation Exploration Systems architecture to enable crewed exploration beyond Earth orbit for the first time since Apollo, foster a nascent Commercial Orbital Transportation Service industry that promises to revolutionize the cost of access to space, and explore the cosmos with rovers, landers, and other groundbreaking technologies, ISL will be there, providing critical state-of-the-art services to this historic organization.

ISL is a principal author on the following:

NASA System Safety Handbook Volume 1 CoverNASA System Safety Handbook Volume 2 CoverNASA Risk Management Handbook CoverNASA Risk-Informed Decision Making Handbook CoverNASA Accident Precursor Analysis Handbook Cover

Risked Based Design

acrobatWe wrote the NASA Risk Management Handbook !

The concept of risk-based design is relatively new and the benefits are just beginning to be understood. Historically, design development involves the application of safety margins and redundancy in the hope of ensuring that a system will be able to tolerate conditions at the extremes of its operating envelope as well as be resilient to potential subsystem failures or performance degradation. Computer-based simulations, however, have shown that the use of safety margins provides inconsistent levels of actual performance margin, and operational experience has shown that depending on the interaction between redundant subsystems, adding more back-ups may provide limited benefit while also using up design and operating costs.

ISL is a world-leader in the development and application of parametric reliability analysis methods which allow the explicit benefit of safety margins and redundancy to be assessed not only within a particular design but as a design variable that may be traded against system performance and life cycle cost. Not unlike these other system attributes, reliability may also be used as a point of comparison in making design selections. In some cases, the competing designs may include various levels of technology injection such that although one design may be shown as being more reliable, the realization of that reliability improvement may be dependent on the development of an underlying technology. In this case the developmental risk of that technology should be assessed as part of the overall design assessment and thus the term risk-based design.

Risk-Informed Decision Making

We wrote The NASA-Risk Informed Decision Making Handbook ! acrobat

Risk-informed decision making (RIDM) is the process of bringing risk into the decision-making environment to assure that the spectrum of possible outcomes associated with each decision alternative is understood at an appropriate level of consistency and specificity. The methods used to inform decisions varies as a function of the specific decision context, but in general RIDM involves the articulation of a top level goal (or goals) that an organization wishes to achieve; decomposition of that goal into domain-specific performance measures (PMs) that quantify specific sub-goals; analysis of each candidate decision alternative in terms of its PMs; consolidation of the PM results into an integrated statement of decision value; and effective communication of that value to the decision maker.

ISL is an industry leader in the application of RIDM techniques such as objectives hierarchies, influence diagrams, decision trees and multi-attribute utility functions. ISL provides its risk-informed decision making expertise to NASA, where it is helping to reshape existing risk management processes to include RIDM, improving NASA’s ability to achieve its ambitious objectives in a timely and affordable manner.

Accident Precursor Analysis

We wrote the NASA Accident Precursor Analysis Handbook !acrobat

In retrospect, major accidents are always found to be presaged by various indicators which were somehow undetected or misunderstood. For the complex high energy systems with which NASA works every day, such as rockets, a missed indication can quickly lead to a catastrophe of major proportions (for example, the Columbia Space Shuttle accident in 2003). For this reason ISL is working with NASA to develop methods that can be used to screen the slew of anomalous conditions that occur in its systems everyday, in an effort to effectively identify those that could portend a more serious condition that may, under the right circumstances, lead to catastrophic and deadly failures.

ISL has constructed an accident precursor process tailored to NASA’s needs and has also developed a software tool to guide and facilitate the process called the tool for Deliberative Anomaly Grading and Evaluation of Risk Significance (DAnGERS). A version of DAnGERS is currently being used in the implementation of the accident precursor analysis process within the Space Shuttle Program.

The methods are similar to those used by ISL in its support role to the NRC, so ISL is adopting the methods used by the NRC in evaluating nuclear plant safety and modifying them for application to NASA systems. In the future these methods could be applied to other discipline areas to identify leading indicators of situations as serious as a major power outage in a large city or as mundane as the need for routine car maintenance.