Your browser does not support javascript. Please use the navigation links below to the left.
NASA - National Aeronautics and Space Administration
Follow this link to skip to the main content
+ Contact NASA

Go
Skip over menu links
MAN-SYSTEMS INTEGRATION STANDARDS VOLUME 1 VOLUME 2 SEARCH CONTACT US

  + Home
 
MAN-SYSTEMS INTEGRATION STANDARDS
SECTION 1
SECTION 2
SECTION 3
SECTION 4
SECTION 5
SECTION 6
SECTION 7
SECTION 8
SECTION 9
SECTION 10
SECTION 11
SECTION 12
SECTION 13
SECTION 14
MAN-SYSTEMS INTEGRATION STANDARDS Print this page Click to print the page

Volume I, Section 12

12 DESIGN FOR MAINTAINABILITY

{A} For a description of the notations, see Acceleration Regimes.

This section contains the following topics:Skip Section listing

12.1  Introduction
12.2  Design for Maintainability Design Considerations
12.3  Design for Maintainability Design Requirements

See the video clips associated with this section.

12.1 INTRODUCTION

{A}

This section contains considerations and requirements for designing equipment and systems to facilitate maintenance.

Areas covered in this chapter include general equipment design requirements; physical access; visual access; removal, replacement, and modularity requirements; fault detection and isolation requirements; test point design; and requirements for a maintenance data management system.

12.2 DESIGN FOR MAINTAINABILITY DESIGN CONSIDERATIONS

{A}

Factors that should be considered when designing for maintainability are provided below.

a. Non-Interference of Preventive Maintenance - Preventive maintenance should be minimized and require as little crew time as feasible.

b. Flexible Preventive Maintenance Schedule - Preventive maintenance schedules should be sufficiently flexible to accommodate changes in the schedule of other mission activities.

c. Redundancy - If maintenance is necessary and system operations will be interrupted, redundant installations should be considered in order to permit maintenance without interrupting system operation.

d. Goals of Designing for Maintainability - The following are goals for optimizing crew involvement in both preventive and corrective maintenance.

1. Reduce training requirements of crew.

2. Reduce certain skill requirements of crew.

3. Reduce time spent on preventive and corrective maintenance.

4. Increase maintenance capabilities during mission (especially corrective maintenance).

e. Corrective Maintenance - The following factors should be considered when designing for corrective maintenance tasks.

1. The benefit gained from repair should be worth the time and effort expended on repair.

2. The time and effort involved in corrective maintenance should be weighed against the cost and feasibility of carrying replacement units.

3. Required calibration, alignment, or adjustment should be easily and accurately accomplished.

4. Automate fault detection and isolation tasks whenever possible.

12.3 DESIGN FOR MAINTAINABILITY DESIGN REQUIREMENTS

{A}

12.3.1 Equipment Design Requirements

{A}

All flight hardware and software shall be designed to facilitate on-orbit maintenance, check-out and shall be compatible with ground maintenance capabilities.

Equipment design shall minimize both complexity and time requirements for maintenance.

Equipment design for maintenance shall consider IVA as the prime resource; maintenance by EVA shall be contingency only.

12.3.1.1 General Maintainability Design Requirements

{A}

General requirements to be followed when designing for maintainability are presented below.

a. Growth and Update - Facilities, equipment, and software design shall allow reconfiguration and growth during the mission.

b. Independence - Systems and subsystems shall be as functionally, mechanically, electrically, and electronically independent as practical to facilitate maintenance.

c. Maintenance Support Services - Maintenance support services ( e.g., electrical outlets) shall be accessible at potential problem locations or at a designated maintenance location.

d. Reliability - Equipment design shall reduce to a minimum the incidence of preventive and corrective maintenance.

e. Simplicity - Equipment design shall minimize maintenance complexity.

f. Time Requirements - Equipment design shall minimize the time requirements for maintenance.

g. Equipment - Maintenance equipment and tools shall be kept to a minimum.

h. Hazardous Conditions - System design shall preclude the introduction of hazardous conditions during maintenance procedures.

i. Critical Operations - Critical systems shall be capable of undergoing maintenance without the interruption of critical services and shall be maintained.

j. Non-Critical Operations - Non-critical systems shall be designed to operate in degraded modes while awaiting maintenance. Degraded mode operation shall not cause additional damage to the system or aggravate the original fault.

k. Redundancy Loss - Notification of loss of operational redundancy shall be provided immediately to the crew.

l. Connectors - Quick-disconnect connectors shall be used.

(Refer to Paragraph 11.10.3, Connector Design Requirements, for specific requirements.)

m. Plug-In Installation - Plug-in type hardware installation and mounting techniques shall be employed.

(Refer to Paragraph 11.5.3, Mounting Hardware Design Requirements, for specific requirements.)

n. Quick Release Fasteners - Quick release fasteners shall be used where consistent with other requirements (e.g., strength, sealing).

(Refer to Paragraph 11.9.3, Fastener Design Requirements, for specific requirements.)

o. Replacement Capabilities - Capacity of replaceable or reserviceable items (filters, screens, desiccant units, battery power supplies, etc.) shall be higher than the minimum functional requirements of the system.

p. Automation - Fault isolation, inspection, and checkout tasks shall be automated to the extent practical.

q. Restraints - Personnel and equipment mobility aids and restraints shall be provided to support maintenance.

(Refer to Paragraph 11.7.2.3, Personnel Restraints Design Requirements, and Paragraph 11.7.3.3, Equipment Restraints Design Requirements, for specific requirements.)

r. Special Skills - Maintenance requiring special skills shall be minimized.

s. EVA - Maintenance requiring EVA shall be minimized.

t. Soldering, Welding, and Brazing - Soldering, welding, brazing, and similar operations during maintenance shall be minimized.

12.3.1.2 Physical Accessibility Design Requirements

{A}

Design requirements for physical access to equipment for the purpose of maintainability are provided below.

a. Relative Accessibility - Items most critical to system operation and which require rapid maintenance shall be most accessible. When relative criticality is not a factor, items requiring most frequent access shall be most accessible.

b. Access Dimensions - The minimum sizes for access openings for two hands, one hand, and fingers are shown in Figure 12.3.1.2-1.

c. Access - Access to inspect or replace an item (e.g., an ORU) shall not require removal of more than one access cover.

(Refer to Paragraph 11.4.3, Closures and Covers Design Requirements, for specific requirements.)

d. Mounted Components - When feasible, components shall be no more than one deep in a bay or rack.

(Refer to Paragraph 11.5.3.1, General Mounting Design Requirements, for specific requirements)

e. Environmental Control and Life Support Systems (ECLS) - Subsystem equipment supporting ECLS for safe **IVA** environment shall be accessible, removable, and repairable by an EVA suited crewmember.

(Refer to Paragraph 14.3.2.5, EVA Working Envelope, for additional information.)

f. Shape - Accesses shall be designed to the shape that will enable the crewmember to do his/her job and not be limited only to conventional shapes.

g. Number of Accesses - Whenever possible, one large access shall be provided rather than a number of small ones.

h. Protective Edges - Protective edges or fillets shall be provided on accesses that might injure crewmembers or their equipment.

(Refer to Paragraph 6.3.3, Mechanical Hazards, for specific requirements.)

i. Covers- - Where physical access is required, one of the following practices shall be followed, with the order of preference as given.

1. Provide a sliding, translating, or hinged cap or door where debris, moisture, or other foreign materials might otherwise create a problem.

2. Provide a quick-opening cover plate in a cap that will meet stress requirements.

j. self-supporting Covers - All access covers that are not completely removable shall be self-supporting in the open position.

k. Rear Access - Sliding, rotating, or hinged equipment to which rear access is required shall be free to open, translate or rotate its full distance.

l. Damage Inspection and Repair - Where feasible , the design of structures and equipment, including their interfaces and all portions of the pressure shell, bulkheads , and seals shall be accessible for damage inspection and repair. This shall apply to exterior as well as to interior surfaces.

m. Use of Tools and Test Equipment- Check points, adjustment points, test points, cables, connectors, and labels shall be accessible and visible during maintenance. Sufficient space shall be provided for the use of test equipment and other required tools without difficulty or hazard.

n. Fold-Out/Pull Out Drawers and Cabinets - Fold-out/pull-out drawers and cabinets shall be used where possible to provide ease of access.

o. Slide-Out Stops - Limit stops shall be provided on racks and drawers which are required to be pulled out of their installed positions for maintenance. The limit stop design shall permit convenient overriding of stops of or unit removal.

p. Service Points for Fluid Systems - Service points for filling, draining, and purging or bleeding shall be in accessible locations.

q. Plug Connectors - Full access shall be provided to plug connectors.

r. Cables:

1. Cable access - Cables shall be routed so as to be readily accessible for inspection and repair.

2. Cable trays - Wire harness and fluid lines mounted in cable trays shall be located for ready access.

3. Cable loops - Panel, console, and rack mounted components shall have slack cable lengths or maintenance loops sufficient for removal of the connectors after the component has been extracted from its installed location, unless adequate internal access (physical and visual) is provided.

4. Cable Routing - Cables shall not be routed external to the face of the equipment rack.

s. Fuses and Circuit Breakers - Fuses and circuit breakers shall be readily accessible for removal, replacement, and resetting. The condition of fuses (good or blown) shall be readily discernible without having to remove the fuse.

t. Structural Members - Structural components of units or chassis shall not prevent access to or removal of equipment.

u. Hazardous Conditions - If a hazardous condition exists behind an access, a safety indictor shall be provided. The access shall be equipped with an interlock that will de-energize the hazardous conditions when the barrier is opened or removed, and a manual override shall be provided.

v. Structural Loads and Deformations - Compartment doors, access panels, and structural attachments for equipment that is to be removed and reinstalled shall be designed to be operated in both ground and orbit environments, being insensitive to structural deformation caused by change in g-loading, pressure differential, etc

Figure 12.3.1.2-1 Minimum Sizes for Access Openings for Two Hands, One Hand and Fingers

Minimal two-hand access openings without visual access
Reaching with both hands to depth of 150 mm (5.0 in) to 490 mm (19.25 in): Reaching with both hands
Light clothing: Width: 200 mm (8.0 in) or the depth or reach
Height: 125 mm (5.0 in)
Reaching full arm's length (to shoulders) with both arms:
Light clothing: Width: 200 mm (8.0 in) or the depth or reach
Height: 125 mm (5.0 in)
Inserting box grasped by handles on the front: Inserting box grasped by handles on the front
13 mm (0.5 in) clearance around box, assuming adequate clearance around handles
Inserting box with hands on the sides: Inserting box with hands on the sides
Light clothing: Width: Box plus 115 mm (4.5 in)
±Height: 125 mm (5.0 in) or 13 mm (0.5 in) around box*
* Whichever is larger

± If hands curl around bottom, allow an extra 38 mm (1.5 in) for light clothing.
Minimal one-hand access openings without visual access
Height x Width
Empty hand, to wrist:
Bare hand, rolled 95 mm (3.75 in) sq or dia Empty hand, to wrist
Bare hand, flat 55 mm (2.25 in) x 100 mm (4in) or 100 mm (4 in) dia Bare hand, flat
Clenched hand, to wrist:
Bare hand 95 mm (3.75 in) x 125 mm (5.0 in) or 125 mm (5.0 in) dia Clenched hand
Arm to elbow:
Light clothing: 100 mm (4.0 in) x 115 mm (4.5 in) Arm to elbow
Arm to shoulder:
Light clothing 125 mm (5.0 in) sq or dia Arm to shoulder
Minimal finger-access to first joint
Push button access:
Bare hand: 32 mm dia (1.26 in) Push button access
Thermal gloved hand: 38 mm dia (1.5 in)
Two finger twist access:
Bare hand: object plus 50 mm (1.97 in) Two finger twist access
Thermal gloved hand: object plus 65 mm (2.56 in)

Reference: 2, pg 184; NASA-STD-3000 297

12.3.1.3 Visual Access Design Requirements

{A}

Requirements for visual access are provided below.

a. Visual Access - Where visual access only is required, the following practices shall be followed with the order of preference as given.

1. Provide an opening with no cover except where this might degrade system performance.

2. Provide a transparent window if dirt, moisture, or other foreign materials might create a problem.

3. Provide a quick-opening metal cover if a transparent cover will not meet stress or other requirements.

b. Visual and Manual Access - If the crewmember has to be able to see the task, design of the access shall be large enough to allow simultaneous visual as well as physical access; otherwise a separate window shall be provided for visual access to monitor task performance.

Refer to Paragraph 12.3.1.2, Physical Accessibility Design Requirements, for additional requirements.)

c. Labeling:

(Refer to Paragraph 9.5, Labeling and Coding, and Paragraph 9.4.4, Caution and Warning Displays, for related requirements.)

1. Access labeling - Each equipment access shall be labeled to indicate items visible or accessible through it.

2. Visibility - Relevant labels and mounting instructions shall be visible during all maintenance activities.

3. Identification labels - Each access shall be labeled with a number, letter, or other symbol which is directly cross-referenced to the maintenance procedures.

4. Plug configuration labels - When a plug-in device has to be inserted through a hole with limited visual access, a label adjacent to the access shall indicate how the pins on the device will align with the holes in the socket.

5. Component identification labels - Electrical cables, fluid lines, and other subsystem protective shields shall be labeled or otherwise coded to allow for positive identification.

6. Hazard labels - Accesses shall be labeled with appropriate hazard labels, advising of any hazard existing beyond the access and stating necessary precautions.

7. Hinged cover labels - If instructions applying to a covered item are lettered on a hinged door, the lettering shall be oriented to be read by the crewmember performing maintenance when the door is opened.

(Refer to Paragraph 9.5.3, Labeling and Coding Design Requirements, for additional requirements.)

d. Fluid and Gas Line Connectors - Where feasible, fluid and gas connectors shall be located and configured so they can be inspected, and so that any leakage is obvious

(Refer to Paragraph 11.10, Connector Design Requirements, for other connector requirements.)

12.3.1.4 Removal, Replacement and Modularity Design Requirements

{A}

Design requirements for removal, replacement, and modularity are provided below.

(Refer to Paragraph 11.5.3.2, Alignment Devices Design Requirements, and Paragraph 11.5.3.1, General Mounting Design Requirements, for additional requirements.)

a. Removal - Systems and subsystems shall be designed so that failed Orbital Replacement Units (ORUs) can be removed without damaging or disturbing other components.

b. Surface Removal - Replaceable units shall be designed for removal through the surface facing the crewmember as he works on the equipment.

(Refer to Paragraph 11.5.3.1, General Mounting Requirements, for other specific requirements)

c. Independence - Where feasible, it shall not be necessary to remove or disable an operable unit to obtain access to a defective replaceable unit.

d. Component Labeling - Each removable component and its position on the unit shall be labeled with corresponding numbers or other identification.

(Refer to Paragraph 9.5.3, Labeling and Coding Design Requirements, for specific requirements.)

e. Isolation Valves - Subsystems that contain liquids or high pressure gases (pressures exceeding 125 psia) and require maintenance shall be provided with isolation or disconnect valves to permit isolation and servicing and to aid in leak detection.

f. Spillage control - Replaceable units shall be designed to control spillage and the release of gases during removal or replacement.

g. Energized Units - Replaceable units and payloads which supply or receive energy shall be designed so that the power can be removed before repair, removal, or replacement is attempted. If stored energy can pose a hazard, provisions shall be made for its dissipation prior to maintenance.

(Refer to Paragraph 6.4, Electrical Hazards Design Requirements, for specific requirements.)

h. Fastener Coatings - Paint and/or coatings shall not adversely affect removal or installation of fasteners.

i. Short Life Components - Easy replacement shall be provided for components that fail frequently (e.g., lamps and fuses).

j. Guide Pins - For mounting and replacement of replaceable units, guides and guide pins shall be provided for alignment.

k. Replacement Specificity - All replaceable items shall be designed so that it will be physically impossible to insert the unit incorrectly.

l. Related Items - Items of the same or similar form which have different functional properties shall be readily identifiable and distinguishable, and shall not be physically interchangeable. This indication shall be readily discernible with the component in its installed position.

12.3.2 Testability Design Requirements

{A}

12.3.2.1 Fault Detection and Isolation Design Requirements

{A}

Design requirements for fault detection and isolation are provided below

(Refer to Paragraph 9.4.4.3, Caution and Warning Display Design Requirements, Paragraph 9.4.2.3, Visual Displays Design Requirements, and Paragraph 9.3.3, Control Design Requirements, for specific requirements.)

a. General - Equipment design shall facilitate rapid and positive fault detection and isolation of defective items.

b. Checkout - On-board fault detection/isolation shall be automated and pre-programmed for mission-critical and/or life support systems. On-demand system checkout shall also be available.

c. Diagnostic Capability - Equipment shall have an integrated diagnostic capability for all functional failures identified as known or expected to occur, in mission-critical and life support systems.

d. Replacement Unit Status - When feasible, REPLACEMENT UNIT design and configuration shall permit verification of operational status prior to installation without the need for disassembly.

e. Sensors - The status of sensors on replacement units shall be verifiable with respect to accuracy and proper operation.

f. Manual Override - A manual override capability for all automatic control functions shall be provided.

g. Portable Equipment - When built-in test equipment is not available, diagnostic tools and/or portable equipment shall be provided for fault isolation to the replacement unit level.

h. Critical Malfunction Alarm - If critical equipment is not regularly monitored an alarm (auditory, visual, or both) shall be designed to ensure detection.

i. Power Failure Indication - An indication shall be provided to reveal power failures.

j. Power Interrupt - A positive indication of an open circuit shall be provided by a fuse or circuit breaker.

k. Out of Tolerance - A positive indication shall be provided when equipment has failed or is not operating within tolerance limits.

l. Trouble-shooting Sequence - A sequence of trouble-shooting checks shall be specified to maximize trouble-shooting efficiency.

m. Test Equipment Verification - All electronic test equipment shall have built-in test capability.

n. Test Equipment Accuracy - The accuracy of all test equipment shall exceed that of the equipment being tested.

o. Adjustment Controls - Appropriate feedback shall be provided for all adjustment controls and shall be readily discernible to the person making the adjustment while making the adjustment. Adjustment controls shall be reversible without dead band, slop, hysteresis, or striction as reversal.

p. Calibration Damage - Calibration or adjustment controls shall be provided with appropriate stops to prevent damage to the system. Calibration controls shall provide an indication (visual or audible) when stops are reached.

12.3.2.2 Test Point Design Requirements

{A}

Design requirements for test points are provided below.

(Refer to Paragraph 9.2.3.2, C/D Placement and Integration - Design Requirements, Paragraph 9.4.4.3, Caution and Warning Design Requirements, and Paragraph 9.5.3, Labeling and Coding Design Requirements, for additional requirements.)

a. Self-Checking - Appropriate test points shall be provided where a unit is not completely self-checking.

b. Proximity - Test points shall be provided at or near maintenance locations.

c. Adjustment - Test points used in adjusting a unit shall be in physical and visual proximity of the controls and displays used in the instrument.

d. Labeling - Each test point shall be clearly labeled with a description of its function, or, at a minimum, with a code number keyed to the maintenance manual.

e. Warning Labels - Test points shall be marked with appropriate warning labels when the application of conventional test probes could cause damage to internal circuits (e.g., integrated circuits) or injury to personnel.

f. Troubleshooting - Sufficient test points shall be provided so that it will not be necessary to remove subassemblies to accomplish troubleshooting/fault diagnosis.

g. Test Cable Termination - If it is essential that test cables terminate on control and display panels, the panel test receptacles shall be located so that the test cables will not interfere with controls and displays.

h. Layout - Primary test points shall be grouped in a line or matrix that reflects the sequence of tests to be performed.

i. Grouping - A control panel or a series of functionally autonomous panels shall be used to group test points whenever possible.

j. Testing and Servicing - Rear plug connectors shall be accessible for testing and servicing except where precluded by potting, sealing, or other requirements

12.3.3 Maintenance Information Management Systems Design Requirements

{A}

Design requirements for maintenance information management systems are provided below.

(Refer to Paragraph 13.4.3, Information Management Design Requirements, for other specific requirements.)

a. System Capabilities - As a minimum, the on-board information systems shall provide:

1. Command and status indications to/from all subsystems for the purpose of system maintenance and trouble-shooting procedures.

2. Trend data acquisition and analysis.

3. Status of consumables.

4. Fault detection/isolation.

5. Scheduled maintenance data.

6. Repair/replacement information.

7. Replacement unit maintenance history and maintenance checklists.

b. Recording and Retrieval - The system shall provide for the recording and retrieving of maintenance information in near real-time.

c. Fail Operational Systems - All systems that incorporate an automated fail-operational capability shall be designed to provide crew notification and data management system cognizance of malfunctions until the faults have been corrected.

d. Replacement Unit Characteristics - A characteristic matrix of all replacement units shall be included in the data base containing such information as:

1. Replacement unit ID number.

2. Bite (replacement units containing built-in-test-equipment).

3. Hazardous system factors.

4. Critical system status.

5. Availability.

6. Shelf-life limits.

7. Serial number traceable to manufacturer.

8. Batch data.

9. Date of manufacture.

10. Storage constraints.

e. Sparing Status - Replacement unit sparing status shall be provided to ensure that procedures and on-board repair materials are adequate for each mission.

f. Spares Inventory - The automated information management system shall contain an on-orbit spares inventory to identify the numbers and locations of replacement units stowed in the space module.

(Refer to Paragraph 13.3.3, Inventory Control Design Requirements, for specific requirements.)

Return to Volume I Home
FirstGov - Your First Click to the US Government Skip over links
+ Web Privacy Policy | Accessibility
+ Human Health & Performance Directorate
+ Johnson Space Center
+ NASA 		NASA - National Aeronautics and Space Administration Skip over links
Curator: HHPIT AppDev Team
Content Manager: Jurine Adolf
NASA Official: Lucy Barnes-Moten
Last Updated: 02/27/2024
+ Contact Us