NASA Commercial Crew: Better Flying Through Software

By Steven Siceloff
NASA’s Kennedy Space Center, Fla.

The new approach NASA is taking to get its crews to low-Earth orbit with commercial partnerships requires the space agency to closely examine the plans companies have for their own space transportation systems to ensure they are as safe and reliable as can be.

Reviewing software, for example, has become increasingly important in aerospace as technology has become more complex, and computers are required to take on more and more of the operation of systems. Simply put, computer programs can detect the need to make adjustments then execute those adjustments in a fraction of the time it would take a person to even turn his or her head to read an instrument. Software also can handle the mundane, everyday aspects of a spacecraft to free up astronauts and crew for unique tasks.

That’s where a specialized team of software architecture analysts comes in. NASA’s Independent Verification and Validation Program evaluates spacecraft software for weaknesses and identifies ways to fix problems from a number of perspectives. The work is done so the agency can offer insight into company plans throughout their partnerships with the Commercial Crew Program, or CCP.

“The team has a very strong software background in a variety of areas,” said Norman Peters, one of the Safety and Mission Assurance project engineers working with CCP. “Whether it’s human flight or touching down on Mars, they’ve been involved. So they’ll look at a system like the environmental control system and if software is involved and it might be a cause of a problem they let us know.”

It’s a big task that involves analyzing sets of documents, scrutinizing each sentence and comparing it to NASA’s historically stringent requirements. From standards to hazard reports to examinations of testing regimens, the plans for each subsystem, system and the spacecraft as a whole see intense inspections.

“Hazard reports are anywhere from a few dozen pages to hundreds of pages, and we’ve had several hundred that we’ve had to review between all partners,” Peters said.

And that’s just for the software that will operate the systems. Another whole other set of requirements and reviews is used to survey the hardware.

“There’s no way one person could do it or know everything there is to know about these systems,” Peters said.

The software reviews to this point have not taken a deep dive into coding or running a company’s program through a simulator. Instead, the team has been looking over sets of standards each partner says it is using to guide software development and ensures they meet the intent of requirements NASA set up throughout the agency’s decades of spaceflight experience.

“In some respects it is like translating between foreign languages, but generally we look at the prime software standard, which has roughly 140 requirements, and compare partner standards to that,” Peters said. “And with multiple partners, we have to make sure we’re being fair and consistent and we’re looking at it the same way. We’re looking at it from a safety and mission assurance perspective rather than from an engineering perspective.”

Encouraged by NASA to add their own innovations into spacecraft systems, the partners developed everything from new thrusters and escape systems to different engineering guidelines specifically tailored to their corporate needs and culture.

“When a provider presents an alternate standard, we assess what they give us against what we believe is the intent of the NASA standards. We provide an analysis of the gap between the two and determine whether we think the alternate is meeting the intent of the standard,” said Kathy Malnick, team lead in the Safety and Mission Assurance Support Office group at NASA’s IV&V Program.

The evaluation criteria focuses on safety and reliability but is greatly reduced from the list NASA uses during its own spacecraft development because the commercial companies are not obligated to set up a management and related work force structure in the same manner NASA would.

“I think the total number of requirements levied has been reduced dramatically, so our job is to ensure that full level of intent has been met,” said Chad Schaffer, who is with contractor TASC and reviews the hazard reports from CCP’s aerospace partners. “CCP is definitely unique in that NASA’s really trying to take a different approach, reducing the amount of overhead to try to streamline and let commercial space add value at a cost point that’s going to work for the future.”

The small support team also includes Ken Costello, Ryan Schmitt, Rhonda Fitz, Pat Cuyno and Mel Rother.

“The first time I got reviews back I was amazed,” Peters said. “I never expected the quality of data that they provided, and later on, it got to be where I would call in and say we need something and I don’t have much time, and they’d come through every time.”

The group recently earned Spaceflight Awareness honors from the Safety and Mission Assurance branch at Kennedy Space Center, the parent organization for the group.

“The team provides invaluable expertise to the commercial crew safety and mission assurance effort with independent review and assessment of our commercial partner’s software standards, processes and hazard reports,” said Russ Deloach, deputy director of Safety and Mission Assurance at Kennedy. “Their work is extremely important to the overall safety and success of the program as software provides many critical control functions that could have catastrophic consequences if performed incorrectly. Their hard work and dedication is admirable.”

For more about NASA’s Independent Verification and Validation Program, go to