ISO 20188:2018

INTERNATIONAL ISO
STANDARD 20188
First edition
2018-01
Space systems — Product assurance
requirements for commercial
satellites
Systèmes spatiaux — Exigences en matière d'assurance produit des
satellites commerciaux
Reference number
©
ISO 2018
© ISO 2018
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting
on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address
below or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva, Switzerland
Tel. +41 22 749 01 11
Fax +41 22 749 09 47
copyright@iso.org
www.iso.org
Published in Switzerland
ii © ISO 2018 – All rights reserved

Contents Page
Foreword .vi
Introduction .vii
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Abbreviated terms . 2
5 Product assurance . 3
5.1 PA management. 3
5.2 PA plan. 4
5.3 Audit . 4
5.4 Customer right of access . 5
5.5 PA progress reports . 5
5.6 Risk management . 5
5.7 Critical item management . 6
5.8 Subcontractor product assurance . 6
5.9 End item data package . 6
5.10 Organizational capability aspects . 7
6 Quality assurance . 7
6.1 Quality assurance program . 7
6.2 Equipment qualification status review . 7
6.3 Review meeting and control boards . 7
6.4 Design review . 8
6.5 Pre-shipment review . 8
6.6 Flight readiness review . 8
6.7 Procurement control . 8
6.7.1 General. 8
6.7.2 Sub-tier source selection and evaluation. 9
6.7.3 Sub-tier source surveillance . 9
6.7.4 Sub-tier source inspection. 9
6.7.5 Procurement document review . 9
6.7.6 Incoming inspection . 9
6.8 Manufacturing and storage control . 9
6.9 Manufacturing readiness review .10
6.10 In-process inspection .10
6.11 Process control.11
6.12 Mandatory inspection points .11
6.13 Workmanship standards .11
6.14 Personnel training and competence .11
6.15 Ground support equipment certification .12
6.16 Electrostatic discharge control plan .12
6.17 Contamination/cleanliness control plan .12
6.18 Testing .12
6.18.1 Test facilities and equipment .12
6.18.2 Test documentation .13
6.18.3 Test performance monitoring .13
6.19 Test reviews .13
6.20 Quality records and traceability . .13
6.21 Non-conformance control .14
6.21.1 Non-conformance reporting .14
6.21.2 Non-conformance definition .14
6.21.3 Non-conformance disposition .15
6.22 Alert system .15
6.23 Handling, storage, preservation, packaging and shipping .15
6.23.1 General.15
6.23.2 Handling, storage and preservation .15
6.23.3 Packaging and shipping .15
6.24 Preparation for delivery .16
6.25 QA role in configuration management.16
6.26 Configuration identification .17
6.27 Configuration control .17
6.28 Change classification . .17
6.29 Configuration status accounting .17
7 Dependability .18
7.1 General .18
7.2 Reliability prediction .18
7.3 Parts derating and application review analysis .18
7.4 Worst case analysis (WCA) .19
7.5 Wear-out assessment .19
7.6 Failure mode, effect and criticality analysis (FMECA) and single point failure
(SPF) summary .19
7.7 Hardware-software interaction analysis (HSIA) .20
7.8 Fault tree analysis (FTA) .20
7.9 Common-cause analysis .21
7.10 Failure detection isolation and recovery (FDIR) analysis .21
7.11 Availability analysis .21
7.12 Qualification status .21
8 Safety .21
8.1 System safety control .21
8.2 Safety and hazard analysis .22
8.3 Safety design .22
8.4 Training .23
9 EEE parts .23
9.1 Program plan .23
9.2 Parts control board.23
9.3 Parts selection .24
9.4 Parts screening.26
9.5 Lot acceptance test (LAT)/quality conformance inspection (QCI) .26
9.5.1 LAT/QCI for space qualified parts (MIL, EU, JAXA, etc.).26
9.5.2 LAT/QCI for non- space qualified parts .27
9.5.3 Radiation . .27
9.5.4 Destructive physical analysis (DPA) .27
9.6 Parts qualification .28
9.7 Incoming inspection and storage condition .28
9.8 Parts traceability and lot control .28
9.9 Lot transfer .28
9.10 Non-conforming parts .28
10 Materials, mechanical parts and processes (MMPP) .29
10.1 Policy of materials selection and control .29
10.2 Policy of mechanical parts selection and control .30
10.3 Policy of processes selection and control .30
10.4 Special processes .30
10.5 Materials, mechanical parts and processes control board .31
11 Software product assurance .31
11.1 General .31
11.2 Software development .31
11.3 Software configuration management .32
11.4 Software non-conformance reporting and corrective action .32
iv © ISO 2018 – All rights reserved

Annex A (informative) Parts approval document (PAD) .33
Bibliography .34
Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out
through ISO technical committees. Each member body interested in a subject for which a technical
committee has been established has the right to be represented on that committee. International
organizations, governmental and non-governmental, in liaison with ISO, also take part in the work.
ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of
electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular the different approval criteria needed for the
different types of ISO documents should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of
any patent rights identified during the development of the document will be in the Introduction and/or
on the ISO list of patent declarations received (see www.iso.org/patents).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation on the voluntary nature of standards, the meaning of ISO specific terms and
expressions related to conformity assessment, as well as information about ISO's adherence to the
World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT) see the following
URL: www.iso.org/iso/foreword.html
This document was prepared by Technical Committee ISO/TC 20, Aircraft and space vehicles,
Subcommittee SC 14, Space systems and operations.
vi © ISO 2018 – All rights reserved

Introduction
This document is useful to provide the product assurance (PA) activities from the standpoint of
commercial business on each phase of the project such as design, procurement, manufacturing,
assembly, integration, test, and at launch site. These product assurance requirements are requested by
customers for accomplishing the mission successfully and will lead to customer satisfaction.
Commercial satellites are designed, manufactured, assembled, integrated, tested and launched in
compliance with these PA requirements, which are applicable to prime contractor, subcontractors and
suppliers. The responsibility of the prime contractor is to allocate these requirements to subcontractors
and suppliers, and to ensure their implementation.
The prime objective of PA is to ensure that commercial satellites accomplish their defined mission
objectives and more specifically, that they are safe and reliable.
A further objective is to achieve more cost-effective space projects and thereby to promote
competitiveness by coordinating the development and implementation of appropriate PA methods and
standards.
PA requirements defined in this document have been established to prevent potential problems and
applicable to all phases of project up to launch of commercial satellite. PA programs also ensure that
hardware and software of ground support equipment are also safe, reliable and do not degrade the
flight hardware in any way.
The intent of this document is to clarify the best practices and typical requirements dealing with
product assurance activities in commercial business, prevent recurrence of problem and realize quality
improvement especially for customers having less experience.
The requirements described in this document are created by comparing and mixing experience and
practical management methodologies used by main actors of aerospace industry in the world. The
framework of PA policy and principles are based on ISO 14300-2, ISO 27025, ISO 14620-1, ISO 23460,
ISO 10794 and ISO 14621-2 and unified as one PA process. Detailed requirements of product assurance
(PA), quality assurance (QA), dependability, EEE parts, material, mechanical parts and processes,
software product assurance and ground support equipment are selected from relevant proven
standards.
INTERNATIONAL STANDARD ISO 20188:2018(E)
Space systems — Product assurance requirements for
commercial satellites
1 Scope
This document provides the recommended practices of product assurance (PA) requirements applicable
to commercial satellite.
2 Normative references
The following documents are referred to in the text in such a way that some or all of their content
constitutes requirements of this document. For dated references, only the edition cited applies. For
undated references, the latest edition of the referenced document (including any amendments) applies.
ISO 10007, Quality management — Guidelines for configuration management
ISO 10794:2011, Space systems — Programme management — Material, mechanical parts and processes
ISO 10795, Space systems — Programme management and quality — Vocabulary
ISO 14620-1:2002, Space systems — Safety requirements — Part 1: System safety
ISO 14621-1, Space systems — Electrical, electronic and electromechanical (EEE) parts — Part 1: Parts
management
ISO 14621-2, Space systems — Electrical, electronic and electromechanical (EEE) parts — Part 2: Control
programme requirements
ISO 14644-1, Cleanrooms and associated controlled environments — Part 1: Classification of air cleanliness
by particle concentration
ISO 15388, Space systems — Contamination and cleanliness control
ISO 27025, Space systems — Programme management — Quality assurance requirements
3 Terms and definitions
For the purpose of this document, the terms and definitions given in ISO 10795 and the following apply.
ISO and IEC maintain terminological databases for use in standardization at the following addresses:
— IEC Electropedia: available at http://www.electropedia.org/
— ISO Online browsing platform: available at http://www.iso.org/obp
3.1
commercial satellite
satellite used for private business
Note 1 to entry: Non-commercial satellite is military satellite or civil satellite developed on behalf of government
organization, space agency and/or research organization.
3.2
proto-flight level testing (PFT)
test of the flight quality product subjected to the qualification levels and acceptance duration
4 Abbreviated terms
AT Acceptance Test
CCB/CRB Configuration Control Board/Change Review Board
CDR Critical Design Review
CIL Critical Item List
DMPL Declared Mechanical Parts List
DPA Destructive Physical Analysis
EEE Electrical, Electronic, and Electromechanical
EIDP End Item Data Package
EQSR Equipment Qualification Status Review
ESD Electrostatic Discharge
FDIR Failure Detection Isolation and Recovery
FMECA Failure Mode, Effect and Criticality Analysis
FRR Flight Readiness Review
FTA Fault Tree Analysis
GSE Ground Support Equipment
HSIA Hardware-Software Interaction Analysis
LAT Lot Acceptance Test
MIP Mandatory Inspection Point
MMPP Materials, Mechanical Parts and Processes
MMPPCB Materials, Mechanical Parts and Processes Control Board
MRB Material Review Board
MRR Manufacturing Readiness Review
PAD Parts Approval Document
PCB Parts Control Board
PDA Percent Defective Allowable
PDR Preliminary Design Review
PIND Particle Impact Noise Detection
PSR Pre-Shipment Review
QCI Quality Conformance Inspection
QSL Qualification Status List
2 © ISO 2018 – All rights reserved

RVT Radiation Verification Test
SCCB Software Configuration Control Board
SCM Software Configuration Management
SCMS Software Configuration Management system
SEE Single Event Effect
SEU Single Event Upset
SET Single Event Transient
SDR Special Design Review
SOW Statement Of Work
TRB Test Review Board
TRR Test Readiness Review
WCA Worst Case Analysis
5 Product assurance
5.1 PA management
Product assurance management policy for commercial satellite project is that PA plan which is
implemented throughout all phases, coordinated with involved parties, and is managed in such a
way as to:
a) ensure that project and PA organization, requirements, methods, tools and resources are well-
defined before development and implemented at each level from system down to piece part;
b) ensure that aspects are identified, which could affect project requirements having major impacts
on safety, mission success and the related cost and schedule consequences;
c) ensure that adverse consequences of these aspects are prevented by the early detection,
characterization, elimination, minimization and containment of problem contributors and
initiators;
d) ensure that risks are assessed and controlled, and that acceptability of the residual ones is
evaluated;
e) provide at any time the necessary visibility of the quality status of the product;
f) ensure that the end product conforms to its specifications and that observed non-conformances
are properly disposed.
Contractor shall designate a PA manager who shall have prime responsibility for the management and
direction of the PA program.
The PA manager shall act as the focal point of contact within the project for customer.
The PA manager, irrespective of other responsibilities, shall have sufficient organizational authority
and independence:
a) to propose, establish and implement the product assurance program in accordance with project
product assurance requirements;
b) to have unimpeded access to top management through the company PA executive as necessary to
fulfill the duties.
Contractor shall report on a regular basis as specified in the applicable statement of work (SOW)
on the status of the product assurance program implementation. Contractor shall plan and perform
quality audits using established and maintained procedures. Contractor shall prepare and implement
a project product assurance plan that shall be maintained throughout the project life cycle.
The role of the PA manager is to provide to the top management and to the customer the guaranties (i.e.
confidence) of the compliance of the product at each stage of product life cycle (i.e. specified, designed,
manufactured, in use).
5.2 PA plan
The detailed implementation of this program shall be defined in PA plan which shall be based on normal
commercial practices and comply with the requirements defined herein. Conformity with AS 9100
[29] or equivalent standards should be indicated. This plan shall describe the task descriptions,
responsibilities and implementation methods in accordance with product assurance requirements
described in the applicable SOW. The plan shall also identify any relevant specifications, procedures,
standards and manuals that shall be applicable to the implementation of this plan. The plan shall clearly
identify and define contractor’s product assurance organization and its relationship with contractor’s
overall organizational interfacing functions and activities.
The PA plan should cover, as a minimum, the following disciplines:
a) product assurance management;
b) quality assurance;
c) dependability;
d) safety;
e) selection, procurement and control of materials, EEE parts, mechanical parts and processes;
f) software product assurance;
g) ground support equipment (design reviews and controls including dependability and safety).
5.3 Audit
Contractor shall perform internal and external audits to ensure appropriate implementation of the
requirements of the PA program. Customer shall be informed of the conclusion of the audits initiated in
the area of the project. Audit reports shall be delivered to customer for review on site.
Contractor shall perform external audits over the facilities of the supplier, sub-tier supplier,
parts/materials manufacturer, and/or outside manufacturer facilities to confirm that the procured
items are in compliance with PA requirements specified in the applicable SOW. The representative of
contractor shall confirm the following items as the surveillance:
1) contents of each design, quality assurance program task and performance meet these PA
requirements;
2) the activities of supplier satisfy the requirements in this document and SOW.
Contractor shall cooperate when customer personnel or its designated representatives perform
surveillance of contractor’s facilities. Contractor shall include provisions to accommodate such
representatives.
Contractor shall perform audits of subcontractors and suppliers to ensure that the required quality
standards and contractual requirements are appropriately implemented.
4 © ISO 2018 – All rights reserved

As necessary, customer may participate in the surveillance.
Contractor shall establish and maintain an audit plan for procurement activities on the project,
designating the lower tier subcontractors and suppliers to be audited, the current status and the
schedule for auditing. In addition to the planned audits, extra audits shall be performed when necessary
to overcome failure, inconsistent poor quality, or other problems.
5.4 Customer right of access
Authorized representatives of customer will have the right of access at any reasonable time to all areas
where the work is performed under the contract. This includes access to relevant documentation and
records. Proprietary and governmental protected areas will not be accessible in accordance with
contractual regulations.
If the contract is for the entire satellite system or subsystem level rather than a unit level, then a
visibility agreement which defines the implementation procedure of the customer’s right of access to
the test witness, document review and material review board will be identified project to project.
5.5 PA progress reports
Contractor shall prepare and submit a periodic progress report as defined in the applicable SOW.
PA progress report should include the following items:
a) current status of dependability and safety programs;
b) status summary of critical items control;
c) review board activities;
d) status of parts, materials, and processes concerns;
e) significant problems in hardware quality assurance, software development, design reviews,
configuration management and the safety program;
f) program product assurance audits and action items status;
g) class I (major) changes and waiver/deviation status;
h) summary of any planned activities in the forthcoming period.
PA progress status could be done by meetings and/or reviews, not only by reports, with project
manager, PA manager, customer participation, depending on the subjects under concern.
5.6 Risk management
Contractor shall perform a systematic risk assessment, reduction and control of risks in achievement
of required technical performance, within the project cost and schedule constraints. The methodology
for risk management shall cover all areas of the project such as technology, management, customer
relationship, supplier relationship, manufacturing, design, parts, materials, processes, qualification,
resources, etc.
Risk assessment, reduction and control process shall include inputs from all PA disciplines and shall
contribute to the overall project risk management process.
Risk management shall take into account the requirements defined in ISO 17666.
5.7 Critical item management
The following items will be classified as critical item for project:
a) items not qualified;
b) items with highly sensitive processes;
c) items which are difficult to test on ground;
d) items containing limited life parts;
e) items which are radiation-sensitive;
f) items using new technologies;
g) items causing critical or catastrophic hazards;
h) critical single point failures;
i) other items identified by the risk assessment analysis;
j) excessive long lead parts;
k) EEE components subject to export license constraints;
l) EEE components containing dangerous elements;
m) material with particular constraints for storage;
n) software critical items.
Contractor shall submit a critical item list (CIL) as required by the applicable SOW and update issues
periodically and at least for each design review. As part of the CIL, PA program shall be defined to
establish provisions which will ensure proper control of critical items.
5.8 Subcontractor product assurance
Contractor shall establish and maintain subcontractor PA program which shall ensure that the
subcontractors/suppliers requirements are clearly defined and consistent with the overall PA program
requirements. Subcontractors shall ensure that program PA requirements, including configuration
control requirements, are achieved during design, procurement, manufacture, assembly and test phases.
Subcontractors/suppliers shall be selected in accordance with the contractor’s requirements for quality
and management systems and facilities. When there is a change of subcontractor/supplier for critical
deliverable item, customer's formal concurrence shall be requested with respect to the contractor’s
intended choice of replacement.
5.9 End item data package
Contractor shall compile end item data package (EIDP) for each unit as defined in the applicable SOW.
These data packages shall be maintained during manufacturing and test activities and shall be delivered
to customer on satisfactory completion of testing after approval by PA. Each end item delivered to
customer shall be accompanied by EIDP containing the following as a minimum:
a) configuration identification list;
b) mate/de-mate log;
c) log sheets (including turn-on time for each unit);
d) non-conformance list and MRB;
6 © ISO 2018 – All rights reserved

e) deviations/waivers;
f) test data (includes electrical and mechanical test data);
g) MIP reports, photos and final inspection reports;
h) test procedures.
A copy of the original EIDP shall remain with the equipment at all times. Updates for EIDPs shall be
provided if units are returned for any modification/corrective action.
Contractor shall compile EIDP for each complete integrated commercial satellite, as defined in the
applicable SOW. These packages shall be delivered to customer on satisfactory completion of testing,
after approval by PA, following pre-shipment review (PSR), and an addendum shall be provided to cover
the launch site activities.
5.10 Organizational capability aspects
At least, prime contractor shall be certified to the applicable space standards (e.g. AS 9100, EN 9100
or JIS Q 9100) or equivalent standards. The certificate of registration or a current conformity status
relative to the standards will be closely monitored by prime contractor’s PA team.
6 Quality assurance
6.1 Quality assurance program
As part of the PA program, the contractor shall document and maintain an effective and timely quality
assurance program in accordance with ISO 27025 or equivalent standards (e.g. Reference [29]), which
will be planned in conjunction with other project functions. Quality program shall be implemented
in a manner which permits the detection and correction of deficiencies and other associated non-
compliances at the earliest practical point. Inclusion of provisions for ascertaining product quality from
procurement through fabrication and testing, and the delivery of the completed deliverable system,
as well as launch activities, shall be incorporated. Quality assurance program shall provide recorded
evidence of quality in the form of inspection and test results as well as systematic audit findings.
This record shall be documented in sufficient detail, accuracy and completeness to permit analysis.
Records of detected discrepancies shall include root causes and corrective actions implemented as
remedy. This record shall be made readily available for review by customer's representative upon
request. Subcontractor quality reports will be reviewed at subcontractor’s sites when not available at
contractor’s site.
6.2 Equipment qualification status review
Contractor shall convene equipment qualification status review (EQSR) to verify qualification status of
heritage designs with mission requirements. These reviews shall be held at the beginning of the project
after categorization of equipment has been determined according to the categories defined in 7.12.
The EQSR shall assess qualification status of equipment with particular attention given to any possible
design and process changes since the last qualification and to mission-specific requirements. When
mutually agreed, the requirement for a unit PDR and/or CDR may be waived by customer in exchange
of delivery of a data package and holding an EQSR with mutually acceptable contents. Qualification
or proto-flight test reports, and qualification by similarity reports shall be provided to customer in
accordance with the applicable SOW.
6.3 Review meeting and control boards
Contractor shall conduct a series of formal technical review meetings and establish control boards to
ensure the identification and resolution of issues and verify that appropriate controls are implemented.
These meetings shall include reviews and control boards such as design review,
Contractor PA shall participate in review meetings and control boards as required to verify appropriate
actions have been implemented to satisfy all quality issues and concerns. Control board and review
meetings records shall be recorded, signed off and appropriately distributed. The representative of
customer shall be invited to participate in all program-specific PA review meetings and control boards
in accordance with the applicable SOW.
6.4 Design review
Contractor shall conduct preliminary and critical design reviews. contractor PA shall participate
in all design reviews to verify that reliability, quality, and safety requirements under all expected
environments are appropriately addressed, and to assess that adequate evaluations of the hardware
capability in meeting the specified performance requirements have been conducted. Contractor
PA shall verify that, in accordance with the design review plan for the project, preliminary design
reviews (PDR) are basically conducted from system level down to unit level concurrently with the
release of design specifications to evaluate conformance of the conceptual design to performance and
environmental requirements. Critical design reviews
...