Space product assurance
Product assurance management
Foreword
This Standard is one of the series of ECSS Standards intended to be applied together for the management, engineering and product assurance in space projects and applications. ECSS is a cooperative effort of the European Space Agency, national space agencies and European industry associations for the purpose of developing and maintaining common standards. Requirements in this Standard are defined in terms of what shall be accomplished, rather than in terms of how to organize and perform the necessary work. This allows existing organizational structures and methods to be applied where they are effective, and for the structures and methods to evolve as necessary without rewriting the standards.
This Standard has been prepared by the ECSS-Q-ST-10C Rev.1 Working Group, reviewed by the ECSS Executive Secretariat and approved by the ECSS Technical Authority.
Disclaimer
ECSS does not provide any warranty whatsoever, whether expressed, implied, or statutory, including, but not limited to, any warranty of merchantability or fitness for a particular purpose or any warranty that the contents of the item are error-free. In no respect shall ECSS incur any liability for any damages, including, but not limited to, direct, indirect, special, or consequential damages arising out of, resulting from, or in any way connected to the use of this Standard, whether or not based upon warranty, business agreement, tort, or otherwise; whether or not injury was sustained by persons or property or otherwise; and whether or not loss was sustained from, or arose out of, the results of, the item, or any services that may be provided by ECSS.
Published by: ESA Requirements and Standards Division
ESTEC, P.O. Box 299,
2200 AG Noordwijk
The Netherlands
Copyright: 2016 © by the European Space Agency for the members of ECSS
Change log
|
ECSS-Q-ST-10A
|
Never issued
|
|
ECSS-Q-ST-10B
|
Never issued
|
|
ECSS-Q-ST-10C
|
First issue
|
|
ECSS-Q-ST-10C Rev.1
|
First issue, Revision 1
|
Scope
The ECSS standards of the Q branch describe a set of requirements for a Product Assurance programme to be implemented throughout the phases of a space project.
This document defines the Product assurance management requirements for space projects.
This document is structured in two main parts, the first part presenting the principles of Product Assurance management and the second providing the detailed requirements.
In addition, the expected content of the Product Assurance plan is specified in Annex A. Information on the expected delivery of ECSS PA management discipline documents per review is provided in Annex D.
This Standard is applicable to all space projects.
This standard may be tailored for the specific characteristic and constrains of a space project in conformance with ECSS-S-ST-00.
Normative references
The following normative documents contain provisions which, through reference in this text, constitute provisions of this ECSS Standard. For dated references, subsequent amendments to, or revision of any of these publications do not apply, However, parties to agreements based on this ECSS Standard are encouraged to investigate the possibility of applying the more recent editions of the normative documents indicated below. For undated references, the latest edition of the publication referred to applies.
|
ECSS-S-ST-00-01
|
ECSS system – Glossary of terms
|
|
ECSS-Q-ST-10-04
|
Space product assurance – Critical-item control
|
|
ECSS-Q-ST-10-09
|
Space product assurance – Nonconformance control system
|
Terms, definitions and abbreviated terms
Terms and definitions from other standards
For the purpose of this Standard, the terms and definitions from ECSS-ST-00-01 apply, in particular for the following terms:
acceptance
alert
approval
assembly
audit
component
configuration item
conformance
critical item
customer
dependability
failure
function
nonconformance
performance
planetary protection
procedure
process
product
product assurance
project
qualification
quality assurance
review
risk
safety
space mission
supplier
system
traceability
waiver
Abbreviated terms
For the purpose of this Standard, the abbreviated terms from ECSSSST-0001 and the following apply:
|
Abbreviation
|
Meaning
|
|
EEE
|
electrical, electronic, electromechanical
|
|
MIP
|
mandatory inspection point
|
|
PA
|
product assurance
|
|
QA
|
quality assurance
|
|
QSL
|
qualification status list
|
Principles
General principles
The prime objective of Product Assurance is to ensure that space products accomplish their defined mission objectives in a safe, available and reliable way.
Commitment to quality of the entire organization is key to the Quality of the product and success of the space mission. The management of Product Assurance is fully embedded in the management of the project and receives the highest priority from the organization management.
The early identification of aspects potentially detrimental for safety and mission success, and the cost-effective prevention of any adverse consequence of such aspects are the basic principles for the ECSS Product Assurance requirements.
Product Assurance Management ensures the integration of activities from the Product Assurance disciplines defined in the other ECSS standards of the Q branch, namely:
Q-20 Quality assurance
Q-30 Dependability
Q-40 Safety
Q-60 Electrical, electronic, electromechanical (EEE) components
Q-70 Materials, mechanical parts and processes
Q-80 Software product assurance
PA programme planning
The requirements for Product Assurance planning specified in clause 5.1 address the following aspects:
Definition of a Product Assurance organization with the allocation of adequate resources, personnel and facilities
Definition of Product Assurance requirements for lower tier suppliers
Definition of a Product Assurance Plan describing the Product Assurance programme and how it fulfils project objectives and requirements
PA programme implementation
The requirements for Product Assurance programme implementation specified in clause 5.2 address the following aspects:
Management and control of the PA tasks performed by the PA disciplines
Progress reporting of all Product Assurance matters
Management of audits, critical items, nonconformances and alerts,
Support to the risk management, in coordination with the Project Management functions
Support to the documentation and data control , quality records and to configuration management.
Lower-tier supplier control for ensuring implementation of PA requirements by the suppliers
Requirements
PA programme planning
Product Assurance organization and responsibilities
Organization
The supplier shall identify the personnel responsible for implementing and performing PA management and other PA disciplines.
The supplier shall assign a project PA manager reporting to the project manager and having unimpeded access to higher management.
The appointed project PA manager, irrespective of other responsibilities, shall have organizational authority to establish and implement a product assurance programme in accordance with the project product assurance requirements.
The project PA Manager shall act as the focal point of contact within the project concerning Product Assurance matters.
The project PA manager is referred to as “PA manager” in the rest of this document.
Responsibility and authority
The supplier shall define and document the responsibility, the authority and the interrelation of personnel who manage, perform and verify work affecting product assurance.
The supplier shall define and document the responsibilities and the interfaces of the PA functions, either external or internal, involved in a project.
When the supplier's PA organization delegates product assurance tasks to another organization it shall be done in a documented and controlled way monitored by the PA organization.
The supplier PA organization retains the responsibility towards the Customer
Resources
The supplier shall identify the PA resources needed to implement the PA programme.
The supplier shall provide resources capable to perform the PA tasks identified in the PA programme.
Reviews and audits of the product assurance programme, of processes or of product shall be carried out by personnel not directly involved in the work being performed.
PA management interfaces
The PA manager shall interface with project management, ensuring that the contractual provision and schedule planning for the definition and phasing of PA activities are met.
The PA manager shall interface with risk management, configuration management, engineering, procurement and AIV for the definition and execution of tasks in which PA activities are involved.
The PA manager shall interface with the customer regarding all Product Assurance matters.
The PA manager shall interface with lower-tier suppliers regarding all Product Assurance matters.
PA plan
The supplier shall prepare, maintain and implement a plan of the PA activities in accordance with the customer PA requirements.
The Product Assurance plan shall be prepared in conformance with DRD in Annex A.
The Product Assurance plan shall be submitted to the customer for approval.
- 1 The Product Assurance plan can refer to Clauses of the Company Quality Manual and to in-house procedures.
- 2 Information on the schedule for delivery of PA management documents is given in Annex D.
PA programme implementation
Product assurance management
The PA manager shall ensure that PA disciplines are organized at the beginning of the project according to customer contractual requirements.
The PA manager shall ensure that the inputs used by the PA disciplines are consistent and complete, and available in line with the project schedule.
The PA manager shall ensure that the PA disciplines perform the tasks described in the PA Plan in line with the project schedule.
The PA manager shall ensure that the outputs produced by the PA disciplines are consistent and complete, and delivered in line with the project schedule.
The PA manager shall ensure the application of processes defined in applicable project plans and documents.
The PA manager shall control the quality of his supplier’s products by:
- issuing product assurance requirements applicable to the supplier
- ensuring the implementation of the PA requirements by the supplier.
The PA manager shall ensure that PA contributions to verification are defined and provided.
The PA manager shall ensure that a qualification programme is defined, approved and maintained by the relevant organization.
Requirement for the qualification programme are addressed in ECSS-Q-ST-20, ECSS-Q-ST-60, ECSS-Q-ST-70, ECSS-Q-ST-80, ECSS-E-ST-10-02 and ECSS-E-ST-10-03.
The PA manager shall ensure that the qualification programme is implemented and the qualification results are recorded, evaluated and documented.
The PA manager shall ensure that a Qualification Status List of the programme items is maintained in conformance with Annex B.
The PA manager shall review and approve the achieved qualification status.
The PA manager shall approve the product acceptance during the Acceptance or Delivery Review.
The PA manager approval is based on the outputs of the Acceptance or Delivery Review.
For Launch Segment perimeter, the PA manager shall ensure that Qualification Certificates, identifying the qualified configuration, are issued for all ground and flight programme items in accordance with DRD in Annex C.
For Launch Segment perimeter, the PA manager shall sign and approve the certificates specified in req. 5.2.1m. before final programme manager acceptance.
The PA manager shall ensure that a Technology Plan is defined, approved and maintained by the relevant organization.
The technology plan (TP) supports evaluation of a critical technology to meet the intended requirements, and ensure effective preparation of the technologies necessary for the relevant product. Technology Plan contents are defined in ECSS-E-ST-10 Annex E.
The PA manager shall ensure that a Technology Readiness Status List (TRSL) is defined, approved and maintained by the relevant organization.
The contents of Technology Readiness Status List are defined in ECSS-E-ST-10 Annex E.2.1<5>.
PA reporting
The supplier shall report on the status and progress of the product assurance program implementation.
The PA report shall include at least the following items for the reporting period:
Progress and accomplishment of each major product assurance task including resolved and new problems, future planning of major activities and events
Status of PA reviews, Audits and MIPs, Waiver requests, Non conformances (minor and major), Critical items (including mitigation action plan status), Qualification status, EEE component status, Material and processes status, Alerts status.
The PA progress report may be part of the project progress report.
The general contents of the project progress report are detailed in ECSS-M-ST-10 Annex E.
Project PA audits
The supplier shall perform audits on his own performance to verify the implementation and effectiveness of the provisions defined in the PA plan.
- 1 Audits can be performed by sampling on various projects or by periodic audits of the supplier quality system.
- 2 The general contents of project audits are detailed in ECSS-M-ST-10 clause 5.2.3.
The supplier shall establish and maintain an audit plan for procurement activities on the project, designating the lower tier suppliers to be audited, the current status and the schedule for auditing.
In addition to the planned audits, extra audits shall be performed when necessary to overcome failure, consistent poor quality, or other problems.
The supplier shall plan and perform audits using established and maintained procedures.
Critical items control and PA interfaces to project risk management
The supplier shall establish a critical items control programme in conformance with ECSS-Q-ST-10-04.
The PA manager shall identify and evaluate critical items in support of the overall project risk management activities.
The PA manager shall ensure that a critical item control programme is implemented to eliminate or mitigate associated risks.
Documentation and data control
The PA manager shall ensure that the applicable issues of all documents and data are available at all locations where activities required for the implementation of the PA programme are performed.
The PA manager shall ensure that invalid or obsolete documents and data are removed from all points of issue or use, or assured against unintended use.
The PA manager shall ensure that obsolete documents and data retained for legal or knowledge preservation purposes are identified as such.
The PA manager shall identify the project documents requiring approval including those requiring approval by PA.
Quality records
The supplier shall establish and maintain quality records to provide objective evidence of complete and successful performance of all PA discipline tasks and to demonstrate compliance with requirements.
Requirements for the storage, retrieval and archiving of quality records are addressed in ECSS-M-ST-40.
PA contribution to configuration management
The PA manager shall verify during Configuration Control Boards the suitability for release of drawings, plans, specifications, procedures and changes thereto.
The operation of Configuration Control Boards is detailed in ECSS-M-ST-40
The PA manager shall ensure that:
- the as designed status is defined and released prior to manufacturing;
- the as-built documentation is properly defined, identified and maintained in order to reflect approved modifications; and
- items delivered comply with the as-built documentation.
Nonconformance control
The supplier shall establish and maintain a nonconformance control system in conformance with ECSS-Q-ST-10-09.
Management of alerts
The supplier shall notify its customer of preliminary information on failures or problems that can result in an alert.
- 1 The above is applicable to failure or problems detected by the supplier or by one of his lower tier suppliers.
- 2 The above is only applicable to failures or problems meeting all of the following criteria:
- The item with the observed failure or problem has multiple applications, which can have implications for more than one project, thus requiring prompt action.
- The failure or problem has occurred in the application of an item within the specified design and usage limitations.
- Failures or problems due to usage within reasonably expected limits of performance, but where these limits were not specified precisely.
- A preliminary investigation has provided evidence of the root cause of the failure or problem.
- Failure or problems are confirmed not to be of a random nature.
The supplier shall investigate in cooperation with the originator of the failure or problem to define the immediate measures to be taken, to identify the causes, and to recommend corrective actions for similar items.
The PA manager shall ensure: - the assessment of any failure having the potential to lead to an alert by the customer,
- the investigation, until disposition of the items subject of the potential alert, and
- the assessment of incoming alerts for the definition, implementation and follow-up of necessary actions. The supplier shall participate in the alert system organized by the customer or other sources, by:
- assessment of the impact of incoming alerts to project work, and definition, implementation and follow-up of necessary corrective actions at any contractual level.
- distribution of incoming alerts to the possible affected users within the project.
The alert system is set up for the prompt interchange of information on failures or problems which can affect more than one user, or can recur in other projects or circumstances, if no preventive actions are taken.
Pre-tailoring matrix per space product types and project phases
The Matrix of Table 61 presents the pre-tailoring of ECSS-Q-ST-10C Rev. 1 per space product type.
For the terminology and definitions of the nine space product types see ECSS-S-ST-00-01. Attention of the reader is drawn to the importance of the precise meaning of these terms for an appropriate application of the present table.
The applicability of a requirement is specified as follows:
“A” when applicable,
“A#” when requirement is applicable with supplementary information in the “Comment” column
“X#” when the applicability is to be decided on a case by case basis, with explanation in the “Comment” column, or
“NA” when not applicable
The number assigned for comments relating to each relevant column marked with A# or X# starts at 1 and increases incrementally left to right across the columns, and then starts afresh on the next row.
Table 61: Pre-Tailoring matrix for ECSS-Q-ST-10C Rev.1
|
ECSS req. number
|
Space product types
| |||||||||
|
Space system
|
Space segment element and sub-system
|
Space segment equipment
|
Launch segment element and sub-system
|
Launch segment equipment
|
Ground segment element and sub-system
|
Ground segment equipment
|
Ground support equipment
|
Software
|
Comments
| |
|
5.1.1.1a
|
A
|
A
|
A
|
A
|
A
|
A
|
A
|
NA
|
NA
|
For Software, covered by clause 5.1.4 of ECSS-Q-ST-80
|
|
5.1.1.1b
|
A
|
A
|
A
|
A
|
A
|
A
|
A
|
NA
|
NA
|
For Software, covered by clause 5.1.4 of ECSS-Q-ST-80
|
|
5.1.1.1c
|
A
|
A
|
A
|
A
|
A
|
A
|
A
|
NA
|
NA
|
For Software, covered by clause 5.1.4 of ECSS-Q-ST-80
|
|
5.1.1.1d
|
A
|
A
|
A
|
A
|
A
|
A
|
A
|
NA
|
A
|
|
|
5.1.1.2a
|
A
|
A
|
A
|
A
|
A
|
A
|
A
|
NA
|
NA
|
For Software, covered by clause 5.1.2 of ECSS-Q-ST-80
|
|
5.1.1.2b
|
A
|
A
|
A
|
A
|
A
|
A
|
A
|
NA
|
NA
|
For Software, covered by clause 5.1.2.1 of ECSS-Q-ST-80
|
|
5.1.1.2c
|
A
|
A
|
A
|
A
|
A
|
A
|
A
|
NA
|
NA
|
For Software, covered by clause 5.1.2.3 of ECSS-Q-ST-80
|
|
5.1.1.3a
|
A
|
A
|
A
|
A
|
A
|
A
|
A
|
NA
|
NA
|
For Software, covered by clause 5.1.3 of ECSS-Q-ST-80
|
|
5.1.1.3b
|
A
|
A
|
A
|
A
|
A
|
A
|
A
|
NA
|
NA
|
For Software, covered by clause 5.1.3 of ECSS-Q-ST-80
|
|
5.1.1.3c
|
A
|
A
|
A
|
A
|
A
|
A
|
A
|
NA
|
NA
|
For Software, covered by clause 5.1.3 of ECSS-Q-ST-80
|
|
5.1.2a
|
A
|
A
|
A
|
A
|
A
|
A
|
A
|
NA
|
A
|
|
|
5.1.2b
|
A
|
A
|
A
|
A
|
A
|
A
|
A
|
NA
|
A
|
|
|
5.1.2c
|
A
|
A
|
A
|
A
|
A
|
A
|
A
|
NA
|
A
|
|
|
5.1.2d
|
A
|
A
|
A
|
A
|
A
|
A
|
A
|
NA
|
A
|
|
|
5.1.3a
|
A
|
A
|
A
|
A
|
A
|
A1
|
A1
|
NA
|
NA
|
1 Except for suppliers of catalogue OFF-THE-SHELF items such as standard laboratory equipment, work stations, from whom a dedicated PA plan is not required
|
|
5.1.3b
|
A
|
A
|
A
|
A
|
A
|
A
|
A
|
NA
|
NA
|
For Software, replaced by ECSS-Q-ST-80 Annex B which contains the Software PA Plan DRD
|
|
5.1.3c
|
A
|
A
|
A
|
A
|
A
|
A
|
A
|
NA
|
A
|
|
|
5.2.1a
|
A
|
A
|
A
|
A
|
A
|
A
|
A
|
NA
|
A
|
|
|
5.2.1b
|
A
|
A
|
A
|
A
|
A
|
A
|
A
|
NA
|
A
|
|
|
5.2.1c
|
A
|
A
|
A
|
A
|
A
|
A
|
A
|
NA
|
A
|
|
|
5.2.1d
|
A
|
A
|
A
|
A
|
A
|
A
|
A
|
NA
|
A
|
|
|
5.2.1e
|
A
|
A
|
A
|
A
|
A
|
A
|
A
|
NA
|
A1
|
1 For Software, processes are defined in clause 5.7 "Assessment and improvement process" and clause 6 "Software process assurance" of ECSS-Q-ST-80
|
|
5.2.1f
|
A
|
A
|
A
|
A
|
A
|
A
|
A
|
NA
|
NA
|
For Software, covered by clause 5.4.2 of ECSS-Q-ST-80
|
|
5.2.1g
|
A
|
A
|
A
|
A
|
A
|
A
|
A
|
NA
|
A
|
|
|
5.2.1h
|
A
|
A
|
A
|
A2
|
A2
|
A1
|
A1
|
NA
|
NA
|
1 Except for catalogue OFF-THE-SHELF. Qualification items related to catalogue OFF-THE-SHELF are covered at a higher level.
|
|
5.2.1i
|
A
|
A
|
A
|
A
|
A
|
A
|
A
|
NA
|
NA
|
For Software, covered by clause 6.3.5 "Testing and validation" of ECSS-Q-ST-80
|
|
5.2.1j
|
A
|
A
|
A
|
A1
|
A1
|
A1
|
A1
|
NA
|
A12
|
1 For Launch Segment, Ground Segment and Software, the Annex B is Informative
|
|
5.2.1k
|
A
|
A
|
A
|
A
|
A
|
A
|
A
|
NA
|
A1
|
1 Note: for Software, qualification is generally replaced by the word "Validation"
|
|
5.2.1l
|
A
|
A
|
A
|
A
|
A
|
A
|
A
|
NA
|
A
|
|
|
5.2.1m
|
NA
|
NA
|
NA
|
A
|
A
|
NA
|
NA
|
NA
|
NA
|
|
|
5.2.1n
|
NA
|
NA
|
NA
|
A
|
A
|
NA
|
NA
|
NA
|
NA
|
|
|
5.2.1o
|
A
|
A
|
A
|
A
|
A
|
A
|
A
|
NA
|
NA
|
|
|
5.2.1p
|
A
|
A
|
A
|
A
|
A
|
A
|
A
|
NA
|
NA
|
|
|
5.2.2a
|
A
|
A
|
A
|
A
|
A
|
A
|
A
|
NA
|
NA
|
For Software, covered by clause 5.2.2 of ECSS-Q-ST-80
|
|
5.2.2b
|
A
|
A
|
A
|
A
|
A
|
A
|
A
|
NA
|
NA
|
For Software, covered by clause 5.2.2 of ECSS-Q-ST-80
|
|
5.2.2c
|
A
|
A
|
A
|
A
|
A
|
A
|
A
|
NA
|
A1
|
1 For Software, see also clause 5.2.2.1 of ECSS-Q-ST-80
|
|
5.2.3a
|
A
|
A
|
A
|
A
|
A
|
A
|
A
|
NA
|
A1
|
1 ECSS-Q-ST-10 requirement declared applicable in ECSS-Q-ST-80
|
|
5.2.3b
|
A
|
A
|
A
|
A
|
A
|
A
|
A
|
NA
|
A1
|
1 ECSS-Q-ST-10 requirement declared applicable in ECSS-Q-ST-80
|
|
5.2.3c
|
A
|
A
|
A
|
A
|
A
|
A
|
A
|
NA
|
A1
|
1 ECSS-Q-ST-10 requirement declared applicable in ECSS-Q-ST-80
|
|
5.2.3d
|
A
|
A
|
A
|
A
|
A
|
A
|
A
|
NA
|
A1
|
1 ECSS-Q-ST10 requirement declared applicable in ECSS-Q-ST-80
|
|
5.2.4a
|
A
|
A
|
A
|
A
|
A
|
A1
|
A1
|
NA
|
A2
|
1 the list of criteria in ECSS-Q-ST-10-04 tailored for applicability to ground products
|
|
5.2.4b
|
A
|
A
|
A
|
A
|
A
|
A
|
A
|
NA
|
A1
|
1 ECSS-Q-ST-10 requirement declared applicable in ECSS-Q-ST-80 clause 5.3.1
|
|
5.2.4c
|
A
|
A
|
A
|
A
|
A
|
A
|
A
|
NA
|
A1
|
1 ECSS-Q-ST-10 requirement declared applicable in ECSS-Q-ST-80 clause 5.3.2
|
|
5.2.5a
|
A
|
A
|
A
|
A
|
A
|
A
|
A
|
NA
|
A1
|
1 ECSS-Q-ST-10 requirement declared applicable in ECSS-Q-ST-80 clause 6.2.4.7
|
|
5.2.5b
|
A
|
A
|
A
|
A
|
A
|
A
|
A
|
NA
|
A1
|
1 ECSS-Q-ST-10 requirement declared applicable in ECSS-Q-ST-80 clause 6.2.4.7
|
|
5.2.5c
|
A
|
A
|
A
|
A
|
A
|
A
|
A
|
NA
|
A1
|
1 ECSS-Q-ST-10 requirement declared applicable in ECSS-Q-ST-80 clause 6.2.4.7
|
|
5.2.5d
|
A
|
A
|
A
|
A
|
A
|
A
|
A
|
NA
|
A1
|
1 ECSS-Q-ST-10 requirement declared applicable in ECSS-Q-ST-80 clause 6.2.4.7
|
|
5.2.6a
|
A
|
A
|
A
|
A
|
A
|
A
|
A
|
NA
|
NA
|
For Software, covered by clauses 6.2.1, 7.2.2 and 7.2.3, Annex A and F of ECSS-Q-ST-80
|
|
5.2.7a
|
A
|
A
|
A
|
A
|
A
|
A
|
A
|
NA
|
NA
|
For Software, covered by clause 6.2.4 of ECSS-Q-ST-80
|
|
5.2.7b
|
A
|
A
|
A
|
A
|
A
|
A
|
A
|
NA
|
NA
|
For Software, covered by clause 6.2.4 of ECSS-Q-ST-80
|
|
5.2.8a
|
A
|
A
|
A
|
A1
|
A1
|
A
|
A
|
NA
|
A2
|
1 ECSS-Q-ST-10-09 clause 6 (Special nonconformance control requirements) has to be tailored for Launchers
|
|
5.2.9a
|
A
|
A
|
A
|
A
|
A
|
A
|
A
|
NA
|
A1
|
1 ECSS-Q-ST-10 requirement declared applicable in clause 5.2.4 of ECSS-Q-ST-80
|
|
5.2.9b
|
A
|
A
|
A
|
A
|
A
|
A
|
A
|
NA
|
A1
|
1 ECSS-Q-ST-10 requirement declared applicable in clause 5.2.4 of ECSS-Q-ST-80
|
|
5.2.9c
|
A
|
A
|
A
|
A
|
A
|
A
|
A
|
NA
|
A1
|
1 ECSS-Q-ST-10 requirement declared applicable in clause 5.2.4 of ECSS-Q-ST-80
|
|
5.2.9d
|
A
|
A
|
A
|
A
|
A
|
A
|
A
|
NA
|
A1
|
1 ECSS-Q-ST-10 requirement declared applicable in clause 5.2.4 of ECSS-Q-ST-80
|
|
A.2.1<1>a
|
A
|
A
|
A
|
A
|
A
|
A
|
A
|
NA
|
NA
|
ECSS-Q-ST-80 Annex B contains the Software PA Plan DRD
|
|
A.2.1<2>a
|
A
|
A
|
A
|
A
|
A
|
A
|
A
|
NA
|
NA
|
ECSS-Q-ST-80 Annex B contains the Software PA Plan DRD
|
|
A.2.1<3.1>a
|
A
|
A
|
A
|
A
|
A
|
A
|
A
|
NA
|
NA
|
ECSS-Q-ST-80 Annex B contains the Software PA Plan DRD
|
|
A.2.1<3.2>a
|
A
|
A
|
A
|
A
|
A
|
A
|
A
|
NA
|
NA
|
ECSS-Q-ST-80 Annex B contains the Software PA Plan DRD
|
|
A.2.1<4>a
|
A
|
A
|
A
|
A
|
A
|
A
|
A
|
NA
|
NA
|
ECSS-Q-ST-80 Annex B contains the Software PA Plan DRD
|
|
A.2.1<5>a
|
A
|
A
|
A
|
A
|
A
|
A
|
A
|
NA
|
NA
|
ECSS-Q-ST-80 Annex B contains the Software PA Plan DRD
|
|
A.2.1<6>a
|
A
|
A
|
A
|
A
|
A
|
A
|
A
|
NA
|
NA
|
ECSS-Q-ST-80 Annex B contains the Software PA Plan DRD
|
|
A.2.1<7>a
|
A
|
A
|
A
|
A
|
A
|
A
|
A
|
NA
|
NA
|
ECSS-Q-ST-80 Annex B contains the Software PA Plan DRD
|
|
A.2.1<8>a
|
A
|
A
|
A
|
A
|
A
|
A
|
A
|
NA
|
NA
|
ECSS-Q-ST-80 Annex B contains the Software PA Plan DRD
|
|
A.2.1<9>a
|
A1
|
A1
|
A1
|
A1
|
A1
|
A1
|
A1
|
NA
|
NA
|
1 ECSS-Q-ST-80 Annex B contains the Software PA Plan DRD
|
|
A.2.1<10>a
|
A
|
A
|
A
|
A
|
A
|
A
|
A
|
NA
|
NA
|
ECSS-Q-ST-80 Annex B contains the Software PA Plan DRD
|
|
A.2.2a
|
A
|
A
|
A
|
A
|
A
|
A
|
A
|
NA
|
A
|
|
|
A.2.2b
|
A
|
A
|
A
|
A
|
A
|
A
|
A
|
NA
|
NA
|
|
|
B.2.1a
|
A
|
A
|
A
|
NA
|
NA
|
NA
|
NA
|
NA
|
NA
|
For Launch Segment, Ground Segment and Software, the Annex B is Informative
|
|
B.2.2a
|
A
|
A
|
A
|
NA
|
NA
|
NA
|
NA
|
NA
|
NA
|
For Launch Segment, Ground Segment and Software, the Annex B is Informative
|
|
C.2.1a
|
NA
|
NA
|
NA
|
A
|
A
|
NA
|
NA
|
NA
|
NA
|
|
ANNEX(normative)Product Assurance Plan (PAP) - DRD
DRD identification
Requirement identification and source document
This DRD is called by the ECSS-Q-ST-10, requirement 5.1.3b.
Purpose and objective
The objective of the PAP is to describe the activities to be performed by the supplier to assure the quality of the space product with regard to the specified mission objectives and to demonstrate compliance to the applicable PA requirements.
Expected response
Scope and content
Introduction
The PAP shall introduce the purpose, objective and the reason prompting its preparation.
For example: programme or project reference and phase.
Applicable and reference documents
The PAP shall list the applicable and reference documents in support of the generation of the document.
Product assurance management
PA Planning
The PAP shall describe the organization (including responsibilities and authorities), the activities, processes and procedures to be applied by the supplier to fulfil the applicable product assurance planning requirements defined in clause 5.1 of ECSS-Q-ST-10.
PA implementation
The PAP shall describe the activities, processes and procedures to be applied by the supplier to fulfil the applicable product assurance implementation requirements defined in clause 5.2 of ECSS-Q-ST-10.
Quality assurance
The PAP shall describe the activities, processes and procedures to be applied by the supplier to fulfil the applicable quality assurance requirements.
Dependability
The PAP shall describe the activities, processes and procedures to be applied by the supplier to fulfil the applicable dependability requirements.
Safety
The PAP shall describe the activities, processes and procedures to be applied by the supplier to fulfil the applicable safety requirements.
EEE components
The PAP shall describe the activities, processes and procedures to be applied by the supplier to fulfil the applicable EEE Component requirements.
Materials and processes
The PAP shall describe the activities, processes and procedures to be applied by the supplier to fulfil the applicable Material and Processes requirements.
Software product assurance
The PAP shall describe the activities, processes and procedures to be applied by the supplier to fulfil the applicable Software product assurance requirements.
Other PA requirements
The PAP shall describe the activities, processes and procedures to be applied by the supplier to fulfil all other applicable PA requirements not covered in the clause A.2.1<3> to clause A.2.1<9>.
- 1 The order of the sections is not mandatory.
- 2 For example: Security, Planetary protection, Off-The-Shelf, Customer furnished equipment, Integrated logistic support, Production preparation, Launch system exploitation, Involvement of relevant Surveillance Authority Representatives, National Surveillance Organizations for Launch Segment.
Special remarks
The response to this DRD may be combined with the response to the project management plan, as defined in ECSS-M-ST-10.
The response to this DRD may be performed by reference to separate discipline plans addressing some of the above clauses of this DRD.
ANNEX(normative)Qualification Status List - DRD
DRD identification
Requirement identification and source document
This DRD called by the ECSS-Q-ST-10, requirement 5.2.1j
Purpose and objective
A Qualification Status List (QSL) is issued at equipment, subsystem and system levels.
The purpose and objective if this QSL document is to summarize for each configuration item the status achieved with respect to the planned qualification.
Expected response
Scope and content
The QSL shall include or refer to the following information:
- Equipment, Subsystem, Element designation:
- Identification of hardware by name,
- Configuration Item number and model.
- Next higher assembly level :
- Identification of next higher assembly.
- Manufacturer's name :
- Identification of Item Supplier.
- Reference of requirements documents
- Reference numbers of applicable requirement specifications.
- Design heritage:
- Specify if the design is “New”, otherwise identification of the project in which the design was used.
- Summary of current qualification status:
Basis for qualification (qualification test results, heritage, and qualification on other projects) programme on which the qualification test was conducted;
Project on which the test was conducted.
- Proposed category A, B, C, or D (related to Design heritage):
Qualification approach as defined in the ECSS-E-ST-10-02.
- Reference of Qualification plan document:
- Current qualification status/screening and applicability of qualification test versus requirements.
- Reference numbers of Qualification Plan(s).
- Identification of developments models (EM, EQM, QM, PFM) to be manufactured and tested for the project.
- Reports:
- Reference to Verification Control Document and/or reference to Analyses, Test and Inspection Reports;
- Qualification Authority: Organization in charge of the item qualification (if any).
- The qualification status: QUALIFIED,
TO BE QUALIFIED,
QUALIFICATION IN PROGRESS
- Open Actions / Due dates/Remarks:
- For an open action: summary of missing qualification actions and planned dates for the closure of such actions.
- List of major NCRs and associated waivers to the qualification items
Special remarks
The form may be a table which contains the here above information of B.2.1 or reference to separate document.
An example of such a table is shown in Figure B-1.
|
Item Designation
|
Next Higher Assembly
|
Manufacturer's name
|
Requirements Specifications
|
Design Heritage
|
Qualification
| |||||
|
Summary data
|
Category
|
Development Model
|
Plans/ Procedures
|
Reports
|
Status
|
Open actions / Due dates/ Remarks
| ||||
|
(1)
|
(2)
|
(3)
|
(4)
|
(5)
|
(6)
|
(7)
|
(7)
|
(8)
|
(9)
|
(10)
|
Figure: Example of a Qualification status list (QSL)
ANNEX(normative)Qualification Certificate for Launch Segment - DRD
DRD identification
Requirement identification and source document
This DRD called by the ECSS-Q-ST-10, requirement 5.2.1m.
Purpose and objective
The Qualification Certificate for launch segment is the document that formalises the qualification and identifies the qualified configuration.
A product or subsystem can only be formally declared as qualified and thus be allocated a Qualification Certificate, once all the residual actions (e.g. arising from qualification reviews) have been dealt with.
The purpose and objective of this document is to certify the qualification, and in particular that the product or subsystem meets the agreed initial requirements.
In signing the certificate, the signing entities certify:
That the definition meets the requirements defined in the technical specification including the general design rules and applicable interface control requirements, as specified in the justification file;
That the definition of the first item representative of recurrent production does not call into question the qualification of the product and its production process.
That, within the framework of the qualification certificate, all the qualification-blocking reservations, raised at the end of the Qualification Review or during other First Article configuration reviews, have been resolved.
Expected response
Scope and content
The Qualification Certificate shall include or refer to at least the following information:
-
Scope of the “Qualification Certificate” and its use in exploitation phase:
- Clarification of the potential verification activities to be performed and completed in the exploitation phase in order to maintain the qualification status.
-
Qualification acceptance status:
- Statement regarding the acceptance of the Qualification Certificate.
-
Product identification:
- Product identification reference;
- Design authority;
- Qualification acceptance responsible;
- Contractor;
- Development contracts reference.
-
Development key points performed:
- Reviews;
- Tests.
-
Reference documentation product:
- List of documentation related to the definition of the “product”, with the indication of acceptance by customer (issue, revision) when relevant;
- Other relevant documents related to the justification of the “product”, with the indication of acceptance by customer (issue, revision) when relevant.
-
Declaration of conformity by the supplier
-
Product Breakdown Structure
-
Status of elementary subsystem products Qualification Certificates
-
Reserves to qualification and limitation of use, including:
- Open critical points;
- Technical reserves to qualification;
- Deviations to Design Rules;
- Documentary reserves;
- Other reserves.
-
Qualification perimeter:
- Applicable configuration status.
-
Open points:
- open actions (e.g. arising from development) to be carried out in order to close the identified reservations.
-
1 Examples of verification activities as per point 1: Verification of the deviations w.r.t. the applicable configuration, of the open critical points.
-
2 Non-exhaustive list of the Reference documentation product includes as per point 5: Requirements such as Applicable documents and Technical Specifications, Dimensioning cases file and margin policy, Definition documentation such as Functional File, Industrial File and User manuals, Spécifications de Mise en Oeuvre (SMO), Configuration Register.
Non-exhaustive list of other relevant documents to be indicated includes: Critical Point Log, Justification File. -
3 Example of a Declaration of Conformity by the supplier as per point 6:
“It is hereby certified: -
That the product production definition is fully and solely defined by the Functional and Industrial Files referred and configuration register to above.
-
That the definition meets the requirements (specified in the Technical Specification, etc.) as identified in the Justification File (DJ) and checked by the Qualification Board with the exception of waiver and/or reservation.
-
That the definition of ‘First Article’ representative of recurrent production in no way calls into question the qualification neither of the product nor of its production process.
-
It is certified that the above mentioned points are verified, except for blocking reserves identified in appendix.”
Special remarks
In accordance with requirement 5.2.1m., Qualification Certificates are issued for all ground and flight subsystems within the Launch Segment perimeter, and endorsed by the PA manager.
ANNEX(informative)PA document delivery with respect to milestones
Table D-1 presents the reviews at which the different issues of the Product Assurance plan and the critical item list are expected.
Other PA deliverable document requirement lists are contained in the ECSS-Q-Series Level 2 documents.
Table: PA document requirement list with respect to milestones
|
Document Title
|
Review
|
DRD Ref.
| |||||||||||
|
MDR
|
PRR
|
SRR
|
PDR
|
CDR
|
QR
|
AR
|
ORR
|
FRR
|
LRR
|
CRR
|
ELR
| ||
|
Product Assurance Plan
|
|
(X)
|
(X)
|
X
|
X
|
|
|
(XX)
|
|
|
|
|
ECSS-Q-ST-10, Annex A
|
|
Critical-Item List
|
|
|
(X)
|
X
|
X
|
X
|
X
|
|
X
|
X*
|
|
|
ECSS-Q-ST-10-04, Annex A
|
|
Qualification Status List
|
|
(X)
|
|
X
|
X
|
X
|
X
|
|
|
|
|
|
ECSS-Q-ST-10, Annex B
|
|
(X): Preliminary version
| |||||||||||||
Bibliography
|
ECSS-S-ST-00
|
ECSS system – Description, implementation and general requirements
|
|
ECSS-E-ST-10-02
|
Space engineering – Verification
|
|
ECSS-E-ST-10-03
|
Space engineering – Testing
|
|
ECSS-M-ST-10
|
Space project management – Project planning and implementation
|
|
ECSS-M-ST-40
|
Space project management – Documentation and information management
|
|
ECSS-Q-ST-20
|
Space product assurance – Quality assurance
|
|
ECSS-Q-ST-30
|
Space product assurance – Dependability
|
|
ECSS-Q-ST-40
|
Space product assurance – Safety
|
|
ECSS-Q-ST-60
|
Space product assurance – Electrical, electronic, electromechanical (EEE) components
|
|
ECSS-Q-ST-70
|
Space product assurance – Materials, mechanical parts and processes
|
|
ECSS-Q-ST-80
|
Space product assurance – Software product assurance
|