The Safety Engineering & Analysis Center SEAC · Engineering; BS Mechanical Engineering Megan Stroud • 10+ years experience in safety engineering and analyses • APT Training Coordinator

A-P-T Research, Inc. | 4950 Research Drive, Huntsville, AL 35805 | 256.327.3373 | www.apt-research.com ISO 9001:2008 Certified S-16-00100 | 1

The Safety Engineering & Analysis Center

SEAC


The Safety Engineering & Analysis Center

SEAC

• Officer in ISSS, member of executive committee

• Extensive experience with US Army and MDA development programs

• Current Director of SEAC • 20+ years of experience

Saralyn Dwyer, VP, SEAC Director

Selected Profiles

Dusty Nix • 10+ years systems

engineering experience

• MS Aerospace Engineering; BS Mechanical Engineering

Megan Stroud • 10+ years

experience in safety engineering and analyses

• APT Training Coordinator

• MS Engineering Management, BS Engineering

The mission of the SEAC is to support the discipline of safety engineering with nine specific mission areas: 1. Provide world class SMA training 2. Conduct workshops to advance

safety disciplines 3. Conduct independent (third-party)

safety assessments 4. Support professional societies 5. Develop and apply analytical

protocols and tools 6. Assist in developing standards;

maintain library of up-to-date standards

7. Conduct research and publish books, proceedings, and relevant documents

8. Prove subject matter expertise to internal and external customers

9. Host customer safety meetings


#1: TRAINING

System Safety (3.6 CEUs*) • Concepts in Risk Management • Principles of

System Safety • Working with the Risk Assessment

Matrix • Energy Flow-Barrier Analysis • Hazard Analyses • The Operating & Support Hazard

Analysis (O&SHA) • Failure Modes and

Effects Analysis • Fault Tree Analysis • Event Tree Analysis • Cause-Consequence Analysis • Intro to Markov Analysis • Making Component Failure

Probability Estimates • Sneak Circuit Analysis • Intro to Software

System Safety • Human Factors & Operator Errors • Guidelines for Writing Operating

Procedures • Initiating the System Safety Effort • Risk Acceptance • Furry Slurry Processing • The Fast Asp™ Missile • Automated Inspection Kick-Out

System

Explosives Safety (2.4 CEUs) • Explosives Basics • Hazardous Stimuli • Basic Storage & Transport

Principles • Hazard Classification • Quantity-Distance • Explosives Item Recognition &

Safety • Personnel Protection • Reaction Effects • Insensitive Munitions • Electrostatic Discharge Protection • Lightning Protection • Electromagnetic Radiation

Protection • Standing Operating Procedures for

A&E Operations • Quantitative Risk Assessment • Explosives Models • Intro to Explosive Testing

Range Safety (0.8 CEUs) • Introduction to Flight Safety • The Hazards • Mitigating and Controlling Hazards • Flight Safety Modeling • Flight Safety Systems • Real-Time Operations

Software System Safety (2.4 CEUs) • Risk Management Concepts and

Risk Acceptance • Principles of

System Safety • Hazard Analyses • Human Factors & Operator Errors • Software Development Overview • Intro to Software

System Safety • Software System Safety Analyses • System Concepts Refinement

Phase • Software Requirements

Architecture Development Phase • Software Design

and Code Phase • Software Test, Verification and

Validation Phase • SwSS for Software Release • Initiating a System

Safety Program • Software System Safety Technical

Review Panels and Boards • Airworthiness • Software System Safety Lessons

Learned & Summary • System Safety SSPP Exercise • Traffic Control System at a Major

Intersection

IMESAFR (2.4 CEUs) • QD Concepts & Background • QRA Concepts & Background • Software Features & Interface • Risk Management • Architecture – Parts 1& 2 • Linking Architecture to Testing • Advanced Tools • Approval Process • Input Decisions • Protocols

SAFER (1.6 CEUs) • Risk Management Context • Risk Assessment • Introduction to SAFER • Input Decisions • Protocols • SAFER Features • Risk Reduction • Risk Acceptance • Approval Process • Practice – Defining the Group • Architecture Overview • Architecture – Science

Algorithms • Architecture – Aggregation and

Uncertainty

*CEU = Continuing Education Unit


#2: WORKSHOPS

One of the SEAC missions is to advance the state of the discipline in SMA. This is accomplished by hosting workshops wherein experts in the field are invited to collaborate. Workshops have been attended by personnel from NASA, MDA, AMCOM Safety, DoD, Industry, as well as other agencies.

“Good System Safety Practices” Workshop, 2006

“The System Safety Performance Level Model” Workshop, 2007

“Web-Based Risk Assessment Tool” Workshop, 2008

“Risk Summing” Workshop, 2010 IAASS Launch Risk Workshop #1, 2010 “Safety Case” Workshop, 2013 IAASS Launch and Re-Entry

Workshop #7, 2016


#3: INDEPENDENT SAFETY ASSESSMENTS

Complex Systems: SEAC conducts numerous independent safety analyses of large, technically complex facilities

Example Independent Study Sponsors: Disneyland Air Force Safety Center Raytheon – Tucson

Chemical Safety Board NASA Shannon Explosives, Ltd.

NASA Plum Brook Spacecraft

Propulsion Facility

Typical Products: Hazard Analyses Event/Fault Trees Quantitative Risk Assessment (QRA)/

Probabilistic Risk Assessment (PRA)

Explosive

Effects Models Flight Safety

Modeling Training

APT Analysis Process: Applies multiple state-of-the-art methods

Safety Engineering and Analysis Center

PROCESS: ANALYSIS

SEAC-PROC-001

Date: 21 June 2005

Revision: Original

APT Corporate Analysis Process Revision: Original

SEAC-PROC-001 Revision Date: 21 Jun 05 Develop

Plan Collect

Data Define Question

Clarify: Suspense, Products

Assign RA Security ID Protocol ID Data Rqts ID Tool Mods Draft Schedule Kick Start

Meeting

Finalize Rqts Availability Collection Development Verification Data Review

Review Tools ID Mod Rqts Verification

Rqts Modify Tools Verify Mods Config Mgt Tool Review Use Release

Format Data Build Inputs Run Codes

per Protocol Build Archive Sanity Checks Post-process

Review: Archive, Question, Inputs/ Outputs

Form Conclusions

Internal Review

Complete Customer Products

Compile Archive

Prepare Tools

Conduct Analysis

Interpret Results

Document Findings


#4: PROFESSIONAL SOCIETIES

A substantial responsibility for any professional is to give back to the profession via their ideas for improvement. APT encourages this involvement via at least four substantial investments.

G-48 System Safety Committee (currently under the Aerospace Council of SAE International). The G-48’s mission is to develop, publish, promote, and improve best

practices in system safety.

G-48 members are key system safety leaders from industry, military, and civilian government agencies, including NASA.

APT and SAIC have been active G-48 contributors for over 10 years.

APT led the G-48’s development of ANSI/GEIA-STD-0010, “Standard Best Practices for System Safety Program Development and Execution.”

APT collaborates with G-48 and represented organizations on workshops and initiatives that advance the state-of-the-art in system safety.

For the ISSS, APT hosted the “Bringing Discipline to Our Discipline” panels at the International System Safety Conference from 2004 to 2009.

APT is collaborating with the ISSS to produce a volume entitled The System Safety Handbook.

For the IAASS, APT chairs the Launch and Re-entry Safety Committee. This committee hosts international workshops every nine months as part of its charter to publish a text documenting the quantitative methods of achieving risk basis of launch and reentry risk management.

Standard Best Practices for System Safety Program Development and Execution (G-48)

“Bringing Discipline to Our Discipline” expert panels held at the ISSC 2004-2009

1st IAASS International Experts Workshop on Public Safety Risk of Space Missions, 2010


#5: TOOLS

Risk Management Tools

Range Safety Tools Classical System Safety Tools

Tailored RAC Matrix Options

•NASA •FAA

•Failure Mode and Effects Analysis •Fault Tree Analysis •Event Tree Analysis

•FaulTrease

•Saphire

• IRAS

•Event Trees

RAPIEC TRAX STK FRANG SHOCK RFHAZ MUDEMIMP

RAFIP FAIL DispDR DeBRA FRAG RSIP GRM

KIDD CORAL CORiDOR Auspex Aurora IMPACT SAFER

BREEZE DAMP PIRAT TRAILDISP SARA Horizons

Tailored Risk Management Applications Probability

Sev

erity

High

High

Medium

Low

Explosives Safety Tools

• IMESAFR •SAFER •DIRE

Flight Safety Tools

•DebRA •STK •SARA •SDZ Calc •GRM •BREEZE •Others

Analysis Tools

•RF Analysis •Toxic Analysis •Laser Analysis

1. Enter explosives data2. Enter PES, activity data,

calculate Pe

3. Select ES data, exposure data, calculate Ep

IMESAFR Software Architecture

26-Step Process

All cases done?

All ESs done?

User done?

Next yield

Next ES

Next PES

Input, P(e), Exposure Branch

Effects and Consequence Branch

Pressure, Impulse Branch

Glass and Building Failure Branch

Debris Branch

Temperature Branch

Risk Aggregation Branch

22. Assess Pf(t)

The lethality of thermal effects is calculated.

5. Determine open-air P, IValues for open-air pressure and impulse are based on simplified Kingery-Bulmash hemispherical TNT equations.

6. Adjust P, I (due to PES)The Blast Effects Computer (BEC) is used to determine the pressure and impulse values outside of the PES. The damage to the PES is also assessed.

7. Adjust P, I (due to ES)

The pressure and impulse is adjusted again taking into account the exposed site.

8. Assess Pf(o)

The lethality due to lung rupture, whole body displacement, and skull fracture is based on Dutch probit functions.

9. Determine P, I effect on ES (building

failure and glass hazard)Lethality from glass shards and building collapse is determined. The percentage of the exposed site damaged is assessed.

10. Assess Pf(b)

The lethality of glass fragments and building collapse is summed.

23. Sum Pf|e

)1)(1)(1)((

)1)(1)((

)1)((

)()()(

)()(

)()(

)(

/

)(

)(

ofdftf

ofdf

ofbf

of

ef

PPPP

PPP

PP

P

P

bf

bf

Blast, glass, building collapse, debris, and thermal lethality mechanisms are summed.

11. Describe primary fragments

The number of primary fragments and the maximum throw range is determined IAW with DDESB Technical Paper #16 “Methodologies for calculating primary fragment characteristics.”

14. Describe secondary fragments

and crater ejectaThe number of secondary fragments (by PES component) and the maximum throw range (by PES component) is calculated.

15. Define expected arriving debris

table

The primary, secondary, and crater debris are distributed using a bivariate normal distribution function and stored in arriving debris tables.

17. Reduce debris due to ES

The amount of primary, secondary, and crater debris that penetrates the ES is calculated.

24. Calculate P(f)

pefeESf EPPE /)(

peopleofNo

EP

ESf

ESf.

)(

)(

The individual and group risk for a PES/ES pair is calculated.

18. Assess Pf(d)

0.0

0.1

0.2

0.3

0.4

0.5

0.6

0.7

0.8

0.9

1.0

1 10 100 1000

Kinetic Energy, ft-lbf

Prob

abilit

y of

Fat

ality

Average

The lethality of the penetrating fragments is determined using the RCC debris lethality S-curve.

12. Calculate primary fragment containment by PES

(post P, I)The percentage of primary fragments contained by the PES is calculated considering the percentage of the PES that is intact after the blast wave.

13. Reduce number of primary fragments (due to PES)

The number of primary fragments that exit the PES are calculated based on the percentage of the fragments that were contained within the PES.

16. Combine PES debris

The arriving fragment Kinetic Energy (KE) tables are summed to form one arriving debris table.

19. Determine nominal thermal hazard

factorA thermal hazard factor based on the yield and distance between the PES and the ES is calculated.

20. Adjust thermal hazard factor (due to

PES)An adjusted thermal hazard factor is calculated that considers the presence of the PES.

21. Determine ES protection

A thermal blocking factor that describes the thermal protection provided by the ES is calculated.

The potential Explosion Site (PES) inputs include the PES building number, type, and operating hours. The probability of event is calculated.

The Exposed Site (ES) inputs include the ES building number, building type, roof type, the percentage and type glass, and the number of persons present. The personnel exposure is calculated.

The explosives data includes the explosives type, the hazard division, storage compatibility group, and the explosives weight.

4. Calculate yield(s)

25. Sum E(f) from single PES.

Search for maximum P(f) for

PES.

sitesES

ESfPESf EE )()(

The individual and group risk for a PES is calculated.

26. Sum E(f) for site. Search for

maximum P(f) for site.

sitesPES

PESfsitef EE )()(

The individual and group risk for a site is calculated.

NEW x K Exp Type

Input

Science

Summation

CM-08500

•NASA •ARMY

•SMDC •Others

•MIL-STD-882E •Others

ART – APT Risk Management Tool

HTS – Hazard Tracking System


#5: TOOLSET

System Safety Tools ART – APT Risk Tool HTS – Hazard Tracking

System

APT Internal Launch Area Risk Models TRIAL – Trajectories for

Risk Investigations at Launch

FRAG – Solid Rocket Motor Fragmentation

FAIL – Vehicle Failure Filter

PADPOP – Pad Populations

RAFIP – Random-Attitude Failure Impact Points

SHAPE5 – Shaping Constants for Mode 5 Impact Distribution

DAMP – Facility Damage and Personnel Injury

DISP – Impact Locations and Dispersions for DAMP

Contour – Generate Equi-valued Contour Lines

GenDeb – Generates Debris Classes for Liquid-Propellant

APT Internal Overflight Risk Models CORAL – Collective Overflight

Risk Analysis Tool CORIDORE GIS – Corridor Risk

Estimation RAPIEC – Random-Attitude PI

and EC TRAX – Trajectories for Risk

Analysis Extended GreenN – Computations of

Green Numbers AC-HIT – Aircraft Hazards from

Impact HITP – Ship Hit Probability

Computations PIRAT – Propellant Impact

Response Assessment Team INCCA – Interactive Coordinate

Calculator

3rd Party Overflight Risk Models POST – Program To Optimize

Simulated Trajectories ALE3D – Arbitrary

Lagrange/Eulerian Hydrodynamics Code

TAOS – Trajectory Analysis and Optimization Software

Secondary Flight Safety Models DBRISK – Distribution-Based Risk Minimax – A process of minimizing the maximum

risk VeSA – Velocity Search Algorithm ASAP – Artificial Satellite Analysis Program Test Requirements Allocation Database CASA – Casualty areas for impacting debris

Flight Safety Utilities PACISLD – A plot file of Pacific islands to

supplement existing world map plot files. POPDb – Population Database is a database of

Pacific islands which complements the PACISLD plot file.

Ground Safety Models RF Hazards FaulTrease – Supports Fault Tree Analyses for

use in safety and reliability analyses

Secondary Explosives Safety Models FRANG MUDEMIMP – The Multiple Debris Missile Impact

Simulation model SHOCK

Environmental Engineering Models SATT – Site Assessment of Tornado Threat

GIS Mapping ArcView GIS – Computer Aided Design package

by Autodesk Inc. used widely throughout government and industry

APT Explosives Safety Models IMESAFR – Institute of Makers of

Explosives Safety Analysis for Risk SAFER – Safety Assessment for

Explosives Risk DIRE – Analysis of Deaths and Injuries

Resulting from Explosions

Primary Flight Safety Models SAFELAB – Range Safety Toolkit DebRA – Debris Risk Assessment KIDD – Kinetic Intercept Debris

Distribution MILS – Multiple Impact Location

Simulator GenCon – Aircraft Risk Assessment STK – Satellite Toolkit SARA – Satellite Risk Assessment Risk Based Range Assessment Tool Surface Danger Zone (SDZ) Calculator DASP – Debris Analysis for Satellite

Programs TVIP – Turning Vehicle Impact

Predictor Ascent – Trajectory Modeling, End

Condition Targeting, Optimization Capabilities

LiMAns – Link Margin Analysis GRM – Debris Risk Assessment BREEZE – Toxic effects model AFTOX – Air Force toxics model


#5: SPECIAL PROJECTS

The Defense Safety Oversight Council (DSOC) Acquisition and Technology Programs Task Force funded the following projects through the SEAC:

System Safety Performance Level Model (2007): The model serves as a useful tool to gauge the health of a safety program at any stage of the program’s lifecycle.

Risk Summing Guide (2009): A guidebook that enables risk acceptance authorities to judge risk acceptability on the basis of its true total value rather than on a view of the many individual risks embedded within a system.

Tolerance Limit

Ris

k =

Sev

erity

x P

roba

bilit

y

r1 r2 r3

r4 r5 rn

Total System Risk is disguised by this paradigm.

*rrrrrrrR n54321

ni

1i

iT

True Total System Risk

r1 r2 r3 r4 r5

CREATe (2012): Composite Risk Evaluation and Assessment Tool electronic (CREATe) is a web-based software tool to be used by safety analysts to perform hazard analyses and risk assessments. The tool provides standardization of data tracked and allows management real-time visibility into risk assessments.


#6: STANDARDS DEVELOPMENT

RBESCT. Assisted in gaining consensus for evolving practices of risk-based methods for explosives safety in DoD.

Yuma Risk-Based Approach. Assisted in policy development for risk-based analysis of test events.

NATO. Assisted in the development of Allied Ammunition and Storage Publication (AASTP)-4, Part I (Risk Analysis Manual), and Part II (Explosives Safety Risk Analysis).

RCC. Technical secretariat in the development of Range Commanders Council (RCC) 321-97 and updated RCC 321-00.

G-48. Major contributor and technical secretariat for Standard Best Practices for System Safety Program Development and Execution (G-48).

TM5-1300. Compiled comments from government and industry for rewrite.

Common Risk Criteria for National Test

Ranges Subtitle:

Inert Debris

RangeCommandersCouncil

Supplement to Standard 321-97

Common Risk Criteria for National Test

Ranges Subtitle:

Inert Debris

RangeCommandersCouncil

Standard 321-97

Allied Ammunition Storage and Transport Publication

(AASTP)

AASTP-4 “Explosives Safety

Risk Analysis” Part II


Recent Publications Using Explosive Risk Assessment Tools for

Emergency Operations Planning, 2015

Fragmentation Characteristics of Steel Structures with Low Loading Density for Fast-Running Models, 2015

“Safety Case Workshop,” in Journal of System Safety, 2014

Use of Unified Modeling Language (UML) in Model Based Development (MBD) for Safety-Critical Applications, 2013

What Would Pascal Think About Space Safety?, 2013

Fleet Failure “Clusters” Can Belie Truth, 2013

Preparing to Undertake the System Safety Analysis, 2013

The Science of Quantitative Risk Assessment for Explosives Safety, 2012

Defining a “Safety Center of Excellence, 2009

Do QRAs Produce Music or Noise?, 2009

“U.S. Department of Defense Launch Safety Standards.” in Space Safety Regulations and

Standards, 2009

The 8 Important Ideas Imbedded in the ANSI Standard, 2009

#7: RESEARCH AND PUBLICATIONS

APT conducts substantial internal and customer funded research into safety methods and emerging practices.

Applications Vary Widely


#7: OTHER PUBLICATIONS

The URS addresses “How safe is safe enough?” Risk tolerance for warnings and stoppages System Safety Scrapbook Standard Best Practices for System Safety

Program Development and Execution (G-48) Component Failure Probability Information

Handbook


SMEs with National Recognitions Two time ASAP member on Board of Directors (John Frost) Former Chief Engineers at AFSC (Eric Olson, Paul Price) Former Chiefs of Safety MICOM, SMDC

(Max Tomlin, Phil Owen) Directors/Officers in ISSS

(Saralyn Dwyer, Melissa Emery, Barry Hendrix) Fellows in ISSS (Tom Pfitzer, Barry Hendrix) Board Member on IAASS, Chair of Launch Safety

Committee (Tom Pfitzer) Former Lockheed Martin Technical Fellow for System

Safety (Barry Hendrix) Former Director of Safety, Quality & Mission Assurance for

USA Space Shuttle Operations (Jimmy Rudolph) Former Explosives Hazard Classification Authority for US

Army (Pete Yutmeyer) and US Air Force (Eric Olson) International experts in modeling explosives effects, and

range safety (Dr. Frank Tatom, Mike Swisdak, Bob Baker)

SEAC Fellows with MS or PhD and Deep Expertise Name Expertise Background

Max Tomlin System safety Chief Safety SMDC

Tom DeLong System & missile safety US Army

Barry Hendrix SMA management LMCO SMA Fellow

Tom Pfitzer Risk management, QRA Range Safety Officer

Pete Yutmeyer Hazard classification Army/DDESB

Bob Baker Aerospace math models APT Chief Analyst

Dr. John Hall Quality APT Technical Director

John Frost Risk management NASA ASAP

Dr. Tyler Ross Risk management US Navy

Eric Olson Weapons safety Top civilian at AFSEC

Mike Swisdak Explosion effects US Navy

Paul Lahoud Structural effects of blast USACE Chief, Facility design

Dr. Frank Tatom Modeling explosions Chief engineer SAIC

The SEAC is recognized as a national Center of Excellence providing deep expertise to multiple SMA needs.

#8: SUBJECT MATTER EXPERTISE


#9: FACILITIES

The SEAC facility, located in Huntsville’s Cummings Research Park, provides substantial meeting amenities and is used by our customers to host technical working meetings and training courses.

Approximately 170 technical meetings per year are held at the SEAC at no charge to our customers.

The SEAC provides local safety professionals with references, training, and meeting space to resolve safety issues.

Documents

The Safety Engineering & Analysis Center SEAC · Engineering; BS Mechanical Engineering Megan Stroud • 10+ years experience in safety engineering and analyses • APT Training Coordinator