iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty.
SIST

SIST EN 16603-70-11:2015

(Main)

Space engineering - Space segment operability

Space engineering - Space segment operability

This Standard contains provisions for the design of on­board functions for unmanned space segments in order to ensure that the space segment can be operated in­flight in any nominal or predefined contingency situation.
The requirements in this Standard are grouped in two clauses, containing general operability requirements and detailed operability requirements, respectively. The general operability requirements can be applied to all missions, whilst the detailed operability requirements are only applicable if the corresponding on­board function is implemented.
The operability of the space segment to meet mission­specific requirements is outside the scope of this standard.
To support the users of this Standard in tailoring the requirements to the needs of their particular mission, Annex B contains a table that indicates, for each requirement, the potential impact of its omission.
This standard may be tailored for the specific characteristics and constraints of a space project, in conformance with ECSS-S-ST-00.

Raumfahrttechnik - Raumsegment-Bedienbarkeit

Ingénierie spatiale - Opérabilité du segment spatial

Vesoljska tehnika - Obratovalnost vesoljskega segmenta

Ta standard vsebuje določbe za zasnovo funkcij na plovilih v okviru vesoljskih segmentov brez posadke, da bi se zagotovilo, da se lahko vesoljski segment upravlja med poletom v katerem koli nominalnem ali vnaprej določenem primeru nepredvidenih dogodkov. Zahteve iz tega standarda so razdeljene na dve točki, ki vsebujeta splošne zahteve glede obratovalnosti in podrobne zahteve glede obratovalnosti. Splošne zahteve glede obratovalnosti se lahko uporabljajo za vse misije, podrobne zahteve glede obratovalnosti pa veljajo le, če se izvede ustrezna funkcija na plovilu. Obratovalnost vesoljskega segmenta, da se izpolnijo zahteve, specifične za misijo, je zunaj področja uporabe tega standarda. Dodatek B v podporo uporabnikom tega standarda pri prilagajanju zahtev potrebam njihove določene misije vsebuje preglednico, ki za vsako zahtevo navaja morebitni učinek njenega neizpolnjevanja. Ta standard se lahko prilagodi posameznim lastnostim in omejitvam vesoljskega projekta v skladu s standardom ECSS-S-ST-00.

General Information

Status
Published
Public Enquiry End Date
19-Oct-2014
Publication Date
04-Mar-2015
ICS
49.140 - Space systems and operations
Technical Committee
I13 - Imaginarni 13
Current Stage
6060 - National Implementation/Publication (Adopted Project)
Start Date
19-Feb-2015
Due Date
26-Apr-2015
Completion Date
05-Mar-2015
Mandate
M/496 - Mandate addressed to CEN, CENELEC and ETSI to develop standardisation regarding space industry (Phase 3 of the process)
Ref Project
EN 16603-70-11:2015 - Space engineering - Space segment operability

Buy Standard

EN 16603-70-11:2015EN 16603-70-11:2015
PreviousNext
Standard
EN 16603-70-11:2015
English language
75 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day
k FprEN 16603-70-11:2014k FprEN 16603-70-11:2014
PreviousNext
Draft
k FprEN 16603-70-11:2014
English language
75 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day

Standards Content (Sample)

SLOVENSKI STANDARD
SIST EN 16603-70-11:2015
01-april-2015
Vesoljska tehnika - Obratovalnost vesoljskega segmenta
Space engineering - Space segment operability
Raumfahrttechnik - Raumsegment-Bedienbarkeit
Ingénierie spatiale - Opérabilité du segment spatial
Ta slovenski standard je istoveten z: EN 16603-70-11:2015
ICS:
49.140 Vesoljski sistemi in operacije Space systems and
operations
SIST EN 16603-70-11:2015 en
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

---------------------- Page: 1 ----------------------

SIST EN 16603-70-11:2015

---------------------- Page: 2 ----------------------

SIST EN 16603-70-11:2015


EUROPEAN STANDARD
EN 16603-70-11

NORME EUROPÉENNE

EUROPÄISCHE NORM
January 2015
ICS 49.140

English version
Space engineering - Space segment operability
Ingénierie spatiale - Opérabilité du segment spatial Raumfahrttechnik - Raumsegment-Bedienbarkeit
This European Standard was approved by CEN on 24 November 2014.

CEN and CENELEC members are bound to comply with the CEN/CENELEC Internal Regulations which stipulate the conditions for giving
this European Standard the status of a national standard without any alteration. Up-to-date lists and bibliographical references concerning
such national standards may be obtained on application to the CEN-CENELEC Management Centre or to any CEN and CENELEC
member.

This European Standard exists in three official versions (English, French, German). A version in any other language made by translation
under the responsibility of a CEN and CENELEC member into its own language and notified to the CEN-CENELEC Management Centre
has the same status as the official versions.

CEN and CENELEC members are the national standards bodies and national electrotechnical committees of Austria, Belgium, Bulgaria,
Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece,
Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia,
Slovenia, Spain, Sweden, Switzerland, Turkey and United Kingdom.






CEN-CENELEC Management Centre:
Avenue Marnix 17, B-1000 Brussels
© 2015 CEN/CENELEC All rights of exploitation in any form and by any means reserved Ref. No. EN 16603-70-11:2015 E
worldwide for CEN national Members and for CENELEC
Members.

---------------------- Page: 3 ----------------------

SIST EN 16603-70-11:2015
EN 16603-70-11:2015 (E)
Table of contents
Foreword . 5
Introduction . 5
1 Scope . 7
2 Normative references . 8
3 Terms, definitions and abbreviated terms . 9
3.1 Terms from other standards . 9
3.2 Terms specific to the present standard . 9
3.3 Abbreviated terms. 14
3.4 Conventions. 14
4 General requirements. 15
4.1 Introduction . 15
4.2 Observability . 15
4.3 Commandability . 15
4.4 Compatibility . 16
4.5 Safety and fault tolerance . 16
4.6 Flexibility . 17
4.7 Testability . 18
4.8 Deactivation . 18
5 Detailed requirements . 19
5.1 Introduction . 19
5.2 Mission-level . 19
5.2.1 Security . 19
5.2.2 Control functions . 20
5.2.3 Uplink and downlink . 20
5.3 Telemetry . 21
5.3.1 Telemetry design . 21
5.3.2 Diagnostic mode . 23
5.4 Datation and synchronization . 24
5.5 Telecommanding . 25
2

---------------------- Page: 4 ----------------------

SIST EN 16603-70-11:2015
EN 16603-70-11:2015 (E)
5.5.1 Telecommand design . 25
5.5.2 Critical telecommands . 27
5.5.3 Telecommand transmission and distribution. 27
5.5.4 Telecommand verification . 28
5.6 Configuration management . 29
5.6.1 Modes . 29
5.6.2 On-board configuration handling . 30
5.7 On-board autonomy . 31
5.7.1 Introduction . 31
5.7.2 General autonomy. 31
5.7.3 Autonomy for execution of nominal mission operations . 32
5.7.4 Autonomy for mission data management . 33
5.7.5 On-board fault management . 33
5.8 Requirements specific to the telemetry and telecommand packet utilization
standard . 38
5.8.1 Application process and service design . 38
5.8.2 Statistical data reporting . 39
5.8.3 Memory management . 40
5.8.4 Function management . 41
5.8.5 On-board operations scheduling . 41
5.8.6 On-board monitoring . 42
5.8.7 Large data transfer . 44
5.8.8 Telemetry generation and forwarding . 44
5.8.9 On-board storage and retrieval . 44
5.8.10 On-board traffic management . 46
5.8.11 On-board operations procedures . 46
5.8.12 Event-to-action coupling . 47
5.9 Equipment- and subsystem-specific . 47
5.9.1 On-board processors and software . 47
5.9.2 Power supply and consumption. 49
5.9.3 Telemetry, tracking and command (TT&C) . 49
5.9.4 Attitude and orbit control . 50
5.9.5 Mechanisms . 50
5.9.6 Thermal control . 51
5.9.7 Payload . 51
Annex A (informative) Mission constants . 52
Annex B (informative) Tailoring guide . 54
3

---------------------- Page: 5 ----------------------

SIST EN 16603-70-11:2015
EN 16603-70-11:2015 (E)
Bibliography . 75

Tables
Table 5-1: Mission execution autonomy levels . 32
Table 5-2: Mission execution autonomy levels . 33
Table 5-3: Mission execution autonomy levels . 34

Table B-1 : Tailoring guide . 55


4

---------------------- Page: 6 ----------------------

SIST EN 16603-70-11:2015
EN 16603-70-11:2015 (E)
Foreword
This document (EN 16603-70-11:2015) has been prepared by Technical
Committee CEN/CLC/TC 5 “Space”, the secretariat of which is held by DIN.
This standard (EN 16603-70-11:2015) originates from ECSS-E-ST-70-11C.
This European Standard shall be given the status of a national standard, either
by publication of an identical text or by endorsement, at the latest by July 2015,
and conflicting national standards shall be withdrawn at the latest by July 2015.
Attention is drawn to the possibility that some of the elements of this document
may be the subject of patent rights. CEN [and/or CENELEC] shall not be held
responsible for identifying any or all such patent rights.
This document has been prepared under a mandate given to CEN by the
European Commission and the European Free Trade Association.
This document has been developed to cover specifically space systems and has
therefore precedence over any EN covering the same scope but with a wider
domain of applicability (e.g. : aerospace).
According to the CEN-CENELEC Internal Regulations, the national standards
organizations of the following countries are bound to implement this European
Standard: Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic,
Denmark, Estonia, Finland, Former Yugoslav Republic of Macedonia, France,
Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania,
Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania,
Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and the United
Kingdom.
5

---------------------- Page: 7 ----------------------

SIST EN 16603-70-11:2015
EN 16603-70-11:2015 (E)
Introduction
The operability of the space segment has an impact on total life cycle cost
inasmuch as increased operability can increase development costs, but certainly
decreases operations and maintenance costs. Therefore, the adoption of specific
operability goals for a given mission is decided by careful balancing of costs,
risks, and schedules for both the development and the operations and
maintenance phases.
The objective of this standard is to define operability requirements that:
• ensure that the space segment can be operated in a safe and cost-effective
manner;
• facilitate the tasks of preparation for, and execution and evaluation of,
space segment check-out and mission operations activities;
• facilitate the tasks of space segment suppliers when preparing a proposal
in response to a request for proposal (RFP).
6

---------------------- Page: 8 ----------------------

SIST EN 16603-70-11:2015
EN 16603-70-11:2015 (E)
1
Scope
This Standard contains provisions for the design of on-board functions for
unmanned space segments in order to ensure that the space segment can be
operated in-flight in any nominal or predefined contingency situation.
The requirements in this Standard are grouped in two clauses, containing
general operability requirements and detailed operability requirements,
respectively. The general operability requirements can be applied to all
missions, whilst the detailed operability requirements are only applicable if the
corresponding on-board function is implemented.
The operability of the space segment to meet mission-specific requirements is
outside the scope of this standard.
To support the users of this Standard in tailoring the requirements to the needs
of their particular mission, Annex B contains a table that indicates, for each
requirement, the potential impact of its omission.
This standard may be tailored for the specific characteristics and constraints of a
space project, in conformance with ECSS-S-ST-00.
7

---------------------- Page: 9 ----------------------

SIST EN 16603-70-11:2015
EN 16603-70-11:2015 (E)
2
Normative references
The following normative documents contain provisions which, through
reference in this text, constitute provisions of this ECSS Standard. For dated
references, subsequent amendments to, or revisions of any of these
publications, do not apply. However, parties to agreements based on this ECSS
Standard are encouraged to investigate the possibility of applying the most
recent editions of the normative documents indicated below. For undated
references the latest edition of the publication referred to applies.

EN reference Reference in text Title
EN 16601-00-01 ECSS-S-ST-00-01 ECSS system – Glossary of terms
EN 16603-50-03 ECSS-E-ST-50-03 Space engineering – Space data links – Telemetry
transfer frame protocol
EN 16603-50-04 ECSS-E-ST-50-04 Space engineering – Space data links – Telecommand
protocols, synchronization and channel coding
EN 16603-70-41 ECSS-E-ST-70-41 Space engineering – Telemetry and telecommand
packet utilization

8

---------------------- Page: 10 ----------------------

SIST EN 16603-70-11:2015
EN 16603-70-11:2015 (E)
3
Terms, definitions and abbreviated terms
3.1 Terms from other standards
For the purpose of this Standard, the terms and definitions from
ECSS-S-ST-00-01 apply.
3.2 Terms specific to the present standard
3.2.1 Categories of operability
3.2.1.1 commandability
provision of adequate control functions to configure the on-board systems for
the execution of nominal mission operations, failure detection, identification,
isolation, diagnosis and recovery, and maintenance operations
3.2.1.2 compatibility
ability of two or more systems or components to perform their specified
functions without interference
3.2.1.3 deactivation
capability to undertake planned operations to terminate the mission at the end
of its useful lifetime
NOTE Terminate can mean to deactivate the spacecraft, to
de-orbit it, or both.
3.2.1.4 flexibility
capability to configure and make optimum use of existing on-board functions,
the capacity of the space-Earth communications links, and any redundancy
built into the design in order to meet the reliability targets
3.2.1.5 observability
availability to the ground segment and to on-board functions of information on
the status, configuration and performance of the space segment
3.2.1.6 testability
capability to test the on-board functions of the space segment including those
that are “off-line”
NOTE “Off-line” means functions that do not form part of
the current operational configuration.
9

---------------------- Page: 11 ----------------------

SIST EN 16603-70-11:2015
EN 16603-70-11:2015 (E)
3.2.2 Terms pertaining to critical functions
3.2.2.1 commandable vital function
vital function that is commandable by high-priority commands without the
involvement of on-board software
3.2.2.2 high priority command
pulse command that is routed directly to hardware by means of an on-board
command pulse distribution unit (CPDU)
3.2.2.3 high priority telemetry
telemetry that enables a reliable determination of the current status of vital
on-board equipment and which is available under all circumstances
NOTE High priority telemetry can be managed by a
mechanism that is independent of the one used for
standard housekeeping telemetry and normally
without any microprocessor involvement.
3.2.2.4 locally-critical function
function that, when executed in the wrong context (e.g. at the wrong time), can
cause temporary or permanent degradation of the associated local functions,
but does not compromise higher level functionality
3.2.2.5 mission-critical function
function that, when executed in the wrong context (e.g. at the wrong time), or
wrongly executed, can cause permanent mission degradation
3.2.2.6 permanent degradation of space segment function
situation where a given on-board function cannot be achieved either on the
nominal or on any redundant chain for the remainder of the mission lifetime
3.2.2.7 permanent mission degradation
situation where space segment functions or performances affecting mission
product generation or primary mission objectives cannot be achieved either on
the nominal or on any redundant chain for the remainder of the mission
lifetime
3.2.2.8 temporary degradation of space segment function
situation where a given on-board function cannot be achieved either on the
nominal or on any redundant chain for a limited period of time
3.2.2.9 temporary mission degradation
situation where space segment functions or performance affecting mission
product generation or primary mission objectives cannot be achieved either on
the nominal or on any redundant chain for a limited period of time
NOTE For example, a mission outage following transition
to survival mode.
3.2.2.10 vital function
function that is essential to mission success and that can cause permanent
mission degradation if not executed when it should be, or wrongly executed, or
executed in the wrong context
10

---------------------- Page: 12 ----------------------

SIST EN 16603-70-11:2015
EN 16603-70-11:2015 (E)
3.2.2.11 vital telecommand
telecommand that activates a commandable vital function
3.2.3 Other terms
3.2.3.1 application process
on-board entity capable of generating telemetry source data and receiving
telecommand data
3.2.3.2 authorization
right of an authenticated entity to perform a function or access a data item or
data stream
3.2.3.3 chain
set of hardware or software units that operate together to achieve a given
function
NOTE For example, an attitude and orbit control
subsystem (AOCS) processor and its software and
a set of AOCS sensors and actuators together
constitute an AOCS chain.
3.2.3.4 confidentiality
property that information is not made available or disclosed to unauthorized
individuals, entities or processes
3.2.3.5 control function
mechanism to maintain a parameter or a set of parameters within specified
limits
NOTE A control function normally consists of a set of
measurements and responses (commands) related
according to a function, algorithm, or set of rules.
3.2.3.6 data integrity
property that the data has not been altered or destroyed in an unauthorized
manner
3.2.3.7 data origin authentication
corroboration that the source of the data received is as claimed
3.2.3.8 datation
attachment of time information to telemetry data
NOTE This includes payload measurement data.
3.2.3.9 device telecommand
telecommand that is routed to and executed by on-board hardware
NOTE For example, a relay switching telecommand, a
telecommand to load an on-board register.
3.2.3.10 housekeeping telemetry
telemetry provided for the purposes of monitoring the health and functioning
of the space segment
11

---------------------- Page: 13 ----------------------

SIST EN 16603-70-11:2015
EN 16603-70-11:2015 (E)
3.2.3.11 loss of mission
state where the ground segment can no longer control the space segment (e.g.
due to loss of contact), or where the space segment can no longer achieve the
mission goals (e.g. due to anomalies)
3.2.3.12 memory
on-board data storage area
NOTE 1 This includes main memory and storage memory.
NOTE 2 Examples of memory are disk, tape, and
bubble-memory.
3.2.3.13 mode
operational state of a spacecraft, subsystem or payload in which certain
functions can be performed
3.2.3.14 mode transition
transition between two operational modes
3.2.3.15 on-board autonomy
capability of the space segment to manage nominal or contingency operations
without ground segment intervention for a given period of time
3.2.3.16 on-board monitoring
on-board application of checking functions to a set of on-board parameters in
conformance with predefined criteria
NOTE Monitoring functions include limit-checking,
expected-value-checking and delta-checking.
3.2.3.17 on-board operations procedure
monitoring and control procedure that is stored on-board and whose activation
is under ground segment control
3.2.3.18 on-board operations schedule
on-board facility for storing and releasing telecommands that were loaded in
advance from the ground
NOTE In its simplest form, the on-board operations
schedule stores time-tagged telecommands loaded
from the ground and releases them to the
destination application process when their
on-board time is reached.
3.2.3.19 operability
capability of the space segment to be operated by the ground segment during
the complete mission lifetime, whilst optimizing the use of resources and
maximizing the quality, quantity, and availability (or timeliness of delivery) of
mission products, without compromising space segment safety
12

---------------------- Page: 14 ----------------------

SIST EN 16603-70-11:2015
EN 16603-70-11:2015 (E)
3.2.3.20 operations
activities undertaken by the ground and space segments in order to ensure the
timely provision of mission products or services, recover from on-board
contingencies, carry out routine maintenance activities and manage on-board
resources in order to maximize the provision of mission products or services
and the mission lifetime
3.2.3.21 parameter
lowest level of elementary data item on-board
3.2.3.22 parameter validity
condition that defines whether the interpretation of a telemetry parameter is
reliable and meaningful
NOTE The angular output of a gyro only has a valid
engineering meaning if the power to the gyro is
“on”, while at other times the output is random.
Such a parameter is deemed conditionally valid,
with its validity determined from the power status.
3.2.3.23 peer-entity authentication
corroboration that a peer entity in an association is the one claimed
3.2.3.24 safe state
safe condition for a system, subsystem or payload
3.2.3.25 space segment status
information from which the operational status of the space segment is assessed
and the criteria driving operational decisions are determined
3.2.3.26 survival mode
configuration of a spacecraft in which it can remain safely without ground
segment intervention for a specified period
3.2.3.27 telecommand function
operationally self-contained control action initiated by telecommand that can
comprise or invoke one or more lower level control actions
13

---------------------- Page: 15 ----------------------

SIST EN 16603-70-11:2015
EN 16603-70-11:2015 (E)
3.3 Abbreviated terms
For the purpose of this Standard, the abbreviated terms from ECSS-S-ST-00-01
and the following apply:
Abbreviation Meaning
attitude and orbit control subsystem
AOCS
application process identifier
APID
command pulse distribution unit
CPDU
central processor unit
CPU
cyclic redundancy check
CRC
electrically erasable programmable read-only memory
EEPROM
failure detection, isolation and recovery
FDIR
global positioning system
GPS
input/output
I/O
identifier
ID
multiplexed access point
MAP
on-board time
OBT
random access memory
RAM
radio frequency
RF
radio frequency interference
RFI
request for proposal
RFP
telemetry, tracking and command
TT&C
universal time coordinated
UTC

3.4 Conventions
Some requirements introduce quantities for which values cannot be defined
across the board, but only on a mission-by-mission basis (e.g. time intervals or
response times). These are termed mission constants and are identified within
this Standard in angular brackets.
NOTE For example, 
Example values are indicated in some cases. These mission constants are
summarized in Annex A.

14

---------------------- Page: 16 ----------------------

SIST EN 16603-70-11:2015
EN 16603-70-11:2015 (E)
4
General requirements
4.1 Introduction
This clause contains general (high-level) requirements that pertain to the
different categories of operability identified in clause 3.2.1. The requirements
can be applied to missions of all classes (e.g. science, telecommunications or
Earth observation) and orbit-type (e.g. geostationary, low-Earth orbiting or
interplanetary).
4.2 Observability
a. The space segment shall provide visibility of its internal status,
configuration and performance to the ground segment in conformance
with the level of detail and the time delays specified for all routine and
specified contingency operations, including subsequent diagnostic
activities.
NOTE 1 For detailed operability requirements reflecting
these objectives, refer to clause 5.2.
NOTE 2 Specified contingency operations are derived
during the failure analysis performed in the
mission development process (e.g. the failure
modes, effects and criticality analysis (FMECA).
4.3 Commandability
a. The control functions (telecommands) provided at each level of the
system hierarchy shall be capable of achieving the mission objectives
under all specified circumstances.
NOTE 1 This can include the use of redundant equipment
to meet the overall system reliability requirements.
NOTE 2 Detailed operability requirements reflecting these
objectives appear in clause 5.5.
15

---------------------- Page: 17 ----------------------

SIST EN 16603-70-11:2015
EN 16603-70-11:2015 (E)
4.4 Compatibility
a. The space segment shall conform to all on-board design standards
specified for the mission in order to ensure compatibility with the
specified ground systems.
b. The space segment design shall be such that its operation is not
constrained by, nor adversely constrains, the availability or capacity of
the space-Earth communications links.
4.5 Safety and fault tolerance
a. No single command function executed at the wrong time or in the wrong
configuration shall lead to the loss of the mission.
NOTE For a mission-critical command function, this can
be ensured by the provision of two independent
commands, both to be executed (e.g. ARM and
FIRE).
b. Except for explicitly agreed single point failures, the capability shall be
provided to recover all on-board functions after a single failure within a
specific function.
NOTE The impact of several non-correlated failures
occurring at the same time has to be assessed at
mission-level.
c. No single unintentional ground command or failure in one space
segment element shall cause a failure in another space segment element.
d. The design of the space segment failure detection, isolation and recovery
(FDIR) function shall be such that all anticipated on-board failures can be
overcome either by autonomous on-board action or by clear,
unambiguous and timely notification of the problem to the ground
segment.
e. The FDIR design shall ensure that the space segment is safe without
ground segment intervention for the specified duration in the presence of
a single failure.
f. No reconfiguration of the spacecraft shall lead to a configuration where
new single point failures are introduced.
NOTE With the exception of reconfigurations that are
triggered on-board as the result of genuine
failures.
16

--------------
...

SLOVENSKI STANDARD
kSIST FprEN 16603-70-11:2014
01-oktober-2014
Vesoljska tehnika - Obratovalnost vesoljskega segmenta
Space engineering - Space segment operability
Raumfahrttechnik - Raumsegment-Bedienbarkeit
Ingénierie spatiale - Opérabilité du segment spatial
Ta slovenski standard je istoveten z: FprEN 16603-70-11
ICS:
49.140 Vesoljski sistemi in operacije Space systems and
operations
kSIST FprEN 16603-70-11:2014 en,fr,de
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

---------------------- Page: 1 ----------------------

kSIST FprEN 16603-70-11:2014

---------------------- Page: 2 ----------------------

kSIST FprEN 16603-70-11:2014


EUROPEAN STANDARD
FINAL DRAFT
FprEN 16603-70-11
NORME EUROPÉENNE

EUROPÄISCHE NORM

May 2014
ICS 49.140

English version
Space engineering - Space segment operability
Ingénierie spatiale - Opérabilité du segment spatial Raumfahrttechnik - Raumsegment-Bedienbarkeit
This draft European Standard is submitted to CEN members for unique acceptance procedure. It has been drawn up by the Technical
Committee CEN/CLC/TC 5.

If this draft becomes a European Standard, CEN and CENELEC members are bound to comply with the CEN/CENELEC Internal
Regulations which stipulate the conditions for giving this European Standard the status of a national standard without any alteration.

This draft European Standard was established by CEN and CENELEC in three official versions (English, French, German). A version in any
other language made by translation under the responsibility of a CEN and CENELEC member into its own language and notified to the
CEN-CENELEC Management Centre has the same status as the official versions.

CEN and CENELEC members are the national standards bodies and national electrotechnical committees of Austria, Belgium, Bulgaria,
Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece,
Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia,
Slovenia, Spain, Sweden, Switzerland, Turkey and United Kingdom.

Recipients of this draft are invited to submit, with their comments, notification of any relevant patent rights of which they are aware and to
provide supporting documentation.

Warning : This document is not a European Standard. It is distributed for review and comments. It is subject to change without notice and
shall not be referred to as a European Standard.



CEN-CENELEC Management Centre:
Avenue Marnix 17, B-1000 Brussels
© 2014 CEN/CENELEC All rights of exploitation in any form and by any means reserved Ref. No. FprEN 16603-70-11:2014 E
worldwide for CEN national Members and for CENELEC
Members.

---------------------- Page: 3 ----------------------

kSIST FprEN 16603-70-11:2014
FprEN 16603-70-11:2014 (E)
Table of contents
Foreword . 5
Introduction . 6
1 Scope . 7
2 Normative references . 8
3 Terms, definitions and abbreviated terms . 9
3.1 Terms from other standards . 9
3.2 Terms specific to the present standard . 9
3.3 Abbreviated terms. 14
3.4 Conventions. 14
4 General requirements. 15
4.1 Introduction . 15
4.2 Observability . 15
4.3 Commandability . 15
4.4 Compatibility . 16
4.5 Safety and fault tolerance . 16
4.6 Flexibility . 17
4.7 Testability . 18
4.8 Deactivation . 18
5 Detailed requirements . 19
5.1 Introduction . 19
5.2 Mission-level . 19
5.2.1 Security . 19
5.2.2 Control functions . 20
5.2.3 Uplink and downlink . 20
5.3 Telemetry . 21
5.3.1 Telemetry design . 21
5.3.2 Diagnostic mode . 23
5.4 Datation and synchronization . 24
5.5 Telecommanding . 25
2

---------------------- Page: 4 ----------------------

kSIST FprEN 16603-70-11:2014
FprEN 16603-70-11:2014 (E)
5.5.1 Telecommand design . 25
5.5.2 Critical telecommands . 27
5.5.3 Telecommand transmission and distribution. 27
5.5.4 Telecommand verification . 28
5.6 Configuration management . 29
5.6.1 Modes . 29
5.6.2 On-board configuration handling . 30
5.7 On-board autonomy . 31
5.7.1 Introduction . 31
5.7.2 General autonomy. 31
5.7.3 Autonomy for execution of nominal mission operations . 32
5.7.4 Autonomy for mission data management . 33
5.7.5 On-board fault management . 33
5.8 Requirements specific to the telemetry and telecommand packet utilization
standard . 38
5.8.1 Application process and service design . 38
5.8.2 Statistical data reporting . 39
5.8.3 Memory management . 40
5.8.4 Function management . 41
5.8.5 On-board operations scheduling . 41
5.8.6 On-board monitoring . 42
5.8.7 Large data transfer . 44
5.8.8 Telemetry generation and forwarding . 44
5.8.9 On-board storage and retrieval . 44
5.8.10 On-board traffic management . 46
5.8.11 On-board operations procedures . 46
5.8.12 Event-to-action coupling . 47
5.9 Equipment- and subsystem-specific . 47
5.9.1 On-board processors and software . 47
5.9.2 Power supply and consumption. 49
5.9.3 Telemetry, tracking and command (TT&C) . 49
5.9.4 Attitude and orbit control . 50
5.9.5 Mechanisms . 50
5.9.6 Thermal control . 51
5.9.7 Payload . 51
Annex A (informative) Mission constants . 52
Annex B (informative) Tailoring guide . 54
3

---------------------- Page: 5 ----------------------

kSIST FprEN 16603-70-11:2014
FprEN 16603-70-11:2014 (E)
Bibliography . 75

Tables
Table 5-1: Mission execution autonomy levels . 32
Table 5-2: Mission execution autonomy levels . 33
Table 5-3: Mission execution autonomy levels . 34

Table B-1 : Tailoring guide . 55


4

---------------------- Page: 6 ----------------------

kSIST FprEN 16603-70-11:2014
FprEN 16603-70-11:2014 (E)
Foreword
This document (FprEN 16603-70-11:2014) has been prepared by Technical
Committee CEN/CLC/TC 5 “Space”, the secretariat of which is held by DIN
(Germany).
This document (FprEN 16603-70-11:2014) originates from ECSS-E-ST-70-11C.
This document is currently submitted to the Unique Acceptance Procedure.
This document has been developed to cover specifically space systems and will
the-refore have precedence over any EN covering the same scope but with a
wider do-main of applicability (e.g. : aerospace).
5

---------------------- Page: 7 ----------------------

kSIST FprEN 16603-70-11:2014
FprEN 16603-70-11:2014 (E)
Introduction
The operability of the space segment has an impact on total life cycle cost
inasmuch as increased operability can increase development costs, but certainly
decreases operations and maintenance costs. Therefore, the adoption of specific
operability goals for a given mission is decided by careful balancing of costs,
risks, and schedules for both the development and the operations and
maintenance phases.
The objective of this standard is to define operability requirements that:
• ensure that the space segment can be operated in a safe and cost-effective
manner;
• facilitate the tasks of preparation for, and execution and evaluation of,
space segment check-out and mission operations activities;
• facilitate the tasks of space segment suppliers when preparing a proposal
in response to a request for proposal (RFP).
6

---------------------- Page: 8 ----------------------

kSIST FprEN 16603-70-11:2014
FprEN 16603-70-11:2014 (E)
1
Scope
This Standard contains provisions for the design of on-board functions for
unmanned space segments in order to ensure that the space segment can be
operated in-flight in any nominal or predefined contingency situation.
The requirements in this Standard are grouped in two clauses, containing
general operability requirements and detailed operability requirements,
respectively. The general operability requirements can be applied to all
missions, whilst the detailed operability requirements are only applicable if the
corresponding on-board function is implemented.
The operability of the space segment to meet mission-specific requirements is
outside the scope of this standard.
To support the users of this Standard in tailoring the requirements to the needs
of their particular mission, Annex B contains a table that indicates, for each
requirement, the potential impact of its omission.
This standard may be tailored for the specific characteristics and constraints of a
space project, in conformance with ECSS-S-ST-00.
7

---------------------- Page: 9 ----------------------

kSIST FprEN 16603-70-11:2014
FprEN 16603-70-11:2014 (E)
2
Normative references
The following normative documents contain provisions which, through
reference in this text, constitute provisions of this ECSS Standard. For dated
references, subsequent amendments to, or revisions of any of these
publications, do not apply. However, parties to agreements based on this ECSS
Standard are encouraged to investigate the possibility of applying the most
recent editions of the normative documents indicated below. For undated
references the latest edition of the publication referred to applies.

EN reference Reference in text Title
EN 16601-00-01 ECSS-S-ST-00-01 ECSS system – Glossary of terms
EN 16603-50-03 ECSS-E-ST-50-03 Space engineering – Space data links – Telemetry
transfer frame protocol
EN 16603-50-04 ECSS-E-ST-50-04 Space engineering – Space data links – Telecommand
protocols, synchronization and channel coding
EN 16603-70-41 ECSS-E-ST-70-41 Space engineering – Telemetry and telecommand
packet utilization

8

---------------------- Page: 10 ----------------------

kSIST FprEN 16603-70-11:2014
FprEN 16603-70-11:2014 (E)
3
Terms, definitions and abbreviated terms
3.1 Terms from other standards
For the purpose of this Standard, the terms and definitions from
ECSS-S-ST-00-01 apply.
3.2 Terms specific to the present standard
3.2.1 Categories of operability
3.2.1.1 commandability
provision of adequate control functions to configure the on-board systems for
the execution of nominal mission operations, failure detection, identification,
isolation, diagnosis and recovery, and maintenance operations
3.2.1.2 compatibility
ability of two or more systems or components to perform their specified
functions without interference
3.2.1.3 deactivation
capability to undertake planned operations to terminate the mission at the end
of its useful lifetime
NOTE Terminate can mean to deactivate the spacecraft, to
de-orbit it, or both.
3.2.1.4 flexibility
capability to configure and make optimum use of existing on-board functions,
the capacity of the space-Earth communications links, and any redundancy
built into the design in order to meet the reliability targets
3.2.1.5 observability
availability to the ground segment and to on-board functions of information on
the status, configuration and performance of the space segment
3.2.1.6 testability
capability to test the on-board functions of the space segment including those
that are “off-line”
NOTE “Off-line” means functions that do not form part of
the current operational configuration.
9

---------------------- Page: 11 ----------------------

kSIST FprEN 16603-70-11:2014
FprEN 16603-70-11:2014 (E)
3.2.2 Terms pertaining to critical functions
3.2.2.1 commandable vital function
vital function that is commandable by high-priority commands without the
involvement of on-board software
3.2.2.2 high priority command
pulse command that is routed directly to hardware by means of an on-board
command pulse distribution unit (CPDU)
3.2.2.3 high priority telemetry
telemetry that enables a reliable determination of the current status of vital
on-board equipment and which is available under all circumstances
NOTE High priority telemetry can be managed by a
mechanism that is independent of the one used for
standard housekeeping telemetry and normally
without any microprocessor involvement.
3.2.2.4 locally-critical function
function that, when executed in the wrong context (e.g. at the wrong time), can
cause temporary or permanent degradation of the associated local functions,
but does not compromise higher level functionality
3.2.2.5 mission-critical function
function that, when executed in the wrong context (e.g. at the wrong time), or
wrongly executed, can cause permanent mission degradation
3.2.2.6 permanent degradation of space segment function
situation where a given on-board function cannot be achieved either on the
nominal or on any redundant chain for the remainder of the mission lifetime
3.2.2.7 permanent mission degradation
situation where space segment functions or performances affecting mission
product generation or primary mission objectives cannot be achieved either on
the nominal or on any redundant chain for the remainder of the mission
lifetime
3.2.2.8 temporary degradation of space segment function
situation where a given on-board function cannot be achieved either on the
nominal or on any redundant chain for a limited period of time
3.2.2.9 temporary mission degradation
situation where space segment functions or performance affecting mission
product generation or primary mission objectives cannot be achieved either on
the nominal or on any redundant chain for a limited period of time
NOTE For example, a mission outage following transition
to survival mode.
3.2.2.10 vital function
function that is essential to mission success and that can cause permanent
mission degradation if not executed when it should be, or wrongly executed, or
executed in the wrong context
10

---------------------- Page: 12 ----------------------

kSIST FprEN 16603-70-11:2014
FprEN 16603-70-11:2014 (E)
3.2.2.11 vital telecommand
telecommand that activates a commandable vital function
3.2.3 Other terms
3.2.3.1 application process
on-board entity capable of generating telemetry source data and receiving
telecommand data
3.2.3.2 authorization
right of an authenticated entity to perform a function or access a data item or
data stream
3.2.3.3 chain
set of hardware or software units that operate together to achieve a given
function
NOTE For example, an attitude and orbit control
subsystem (AOCS) processor and its software and
a set of AOCS sensors and actuators together
constitute an AOCS chain.
3.2.3.4 confidentiality
property that information is not made available or disclosed to unauthorized
individuals, entities or processes
3.2.3.5 control function
mechanism to maintain a parameter or a set of parameters within specified
limits
NOTE A control function normally consists of a set of
measurements and responses (commands) related
according to a function, algorithm, or set of rules.
3.2.3.6 data integrity
property that the data has not been altered or destroyed in an unauthorized
manner
3.2.3.7 data origin authentication
corroboration that the source of the data received is as claimed
3.2.3.8 datation
attachment of time information to telemetry data
NOTE This includes payload measurement data.
3.2.3.9 device telecommand
telecommand that is routed to and executed by on-board hardware
NOTE For example, a relay switching telecommand, a
telecommand to load an on-board register.
3.2.3.10 housekeeping telemetry
telemetry provided for the purposes of monitoring the health and functioning
of the space segment
11

---------------------- Page: 13 ----------------------

kSIST FprEN 16603-70-11:2014
FprEN 16603-70-11:2014 (E)
3.2.3.11 loss of mission
state where the ground segment can no longer control the space segment (e.g.
due to loss of contact), or where the space segment can no longer achieve the
mission goals (e.g. due to anomalies)
3.2.3.12 memory
on-board data storage area
NOTE 1 This includes main memory and storage memory.
NOTE 2 Examples of memory are disk, tape, and
bubble-memory.
3.2.3.13 mode
operational state of a spacecraft, subsystem or payload in which certain
functions can be performed
3.2.3.14 mode transition
transition between two operational modes
3.2.3.15 on-board autonomy
capability of the space segment to manage nominal or contingency operations
without ground segment intervention for a given period of time
3.2.3.16 on-board monitoring
on-board application of checking functions to a set of on-board parameters in
conformance with predefined criteria
NOTE Monitoring functions include limit-checking,
expected-value-checking and delta-checking.
3.2.3.17 on-board operations procedure
monitoring and control procedure that is stored on-board and whose activation
is under ground segment control
3.2.3.18 on-board operations schedule
on-board facility for storing and releasing telecommands that were loaded in
advance from the ground
NOTE In its simplest form, the on-board operations
schedule stores time-tagged telecommands loaded
from the ground and releases them to the
destination application process when their
on-board time is reached.
3.2.3.19 operability
capability of the space segment to be operated by the ground segment during
the complete mission lifetime, whilst optimizing the use of resources and
maximizing the quality, quantity, and availability (or timeliness of delivery) of
mission products, without compromising space segment safety
12

---------------------- Page: 14 ----------------------

kSIST FprEN 16603-70-11:2014
FprEN 16603-70-11:2014 (E)
3.2.3.20 operations
activities undertaken by the ground and space segments in order to ensure the
timely provision of mission products or services, recover from on-board
contingencies, carry out routine maintenance activities and manage on-board
resources in order to maximize the provision of mission products or services
and the mission lifetime
3.2.3.21 parameter
lowest level of elementary data item on-board
3.2.3.22 parameter validity
condition that defines whether the interpretation of a telemetry parameter is
reliable and meaningful
NOTE The angular output of a gyro only has a valid
engineering meaning if the power to the gyro is
“on”, while at other times the output is random.
Such a parameter is deemed conditionally valid,
with its validity determined from the power status.
3.2.3.23 peer-entity authentication
corroboration that a peer entity in an association is the one claimed
3.2.3.24 safe state
safe condition for a system, subsystem or payload
3.2.3.25 space segment status
information from which the operational status of the space segment is assessed
and the criteria driving operational decisions are determined
3.2.3.26 survival mode
configuration of a spacecraft in which it can remain safely without ground
segment intervention for a specified period
3.2.3.27 telecommand function
operationally self-contained control action initiated by telecommand that can
comprise or invoke one or more lower level control actions
13

---------------------- Page: 15 ----------------------

kSIST FprEN 16603-70-11:2014
FprEN 16603-70-11:2014 (E)
3.3 Abbreviated terms
For the purpose of this Standard, the abbreviated terms from ECSS-S-ST-00-01
and the following apply:
Abbreviation Meaning
attitude and orbit control subsystem
AOCS
application process identifier
APID
command pulse distribution unit
CPDU
central processor unit
CPU
cyclic redundancy check
CRC
electrically erasable programmable read-only memory
EEPROM
failure detection, isolation and recovery
FDIR
global positioning system
GPS
input/output
I/O
identifier
ID
multiplexed access point
MAP
on-board time
OBT
random access memory
RAM
radio frequency
RF
radio frequency interference
RFI
request for proposal
RFP
telemetry, tracking and command
TT&C
universal time coordinated
UTC

3.4 Conventions
Some requirements introduce quantities for which values cannot be defined
across the board, but only on a mission-by-mission basis (e.g. time intervals or
response times). These are termed mission constants and are identified within
this Standard in angular brackets.
NOTE For example, 
Example values are indicated in some cases. These mission constants are
summarized in Annex A.

14

---------------------- Page: 16 ----------------------

kSIST FprEN 16603-70-11:2014
FprEN 16603-70-11:2014 (E)
4
General requirements
4.1 Introduction
This clause contains general (high-level) requirements that pertain to the
different categories of operability identified in clause 3.2.1. The requirements
can be applied to missions of all classes (e.g. science, telecommunications or
Earth observation) and orbit-type (e.g. geostationary, low-Earth orbiting or
interplanetary).
4.2 Observability
a. The space segment shall provide visibility of its internal status,
configuration and performance to the ground segment in conformance
with the level of detail and the time delays specified for all routine and
specified contingency operations, including subsequent diagnostic
activities.
NOTE 1 For detailed operability requirements reflecting
these objectives, refer to clause 5.2.
NOTE 2 Specified contingency operations are derived
during the failure analysis performed in the
mission development process (e.g. the failure
modes, effects and criticality analysis (FMECA).
4.3 Commandability
a. The control functions (telecommands) provided at each level of the
system hierarchy shall be capable of achieving the mission objectives
under all specified circumstances.
NOTE 1 This can include the use of redundant equipment
to meet the overall system reliability requirements.
NOTE 2 Detailed operability requirements reflecting these
objectives appear in clause 5.5.
15

---------------------- Page: 17 ----------------------

kSIST FprEN 16603-70-11:2014
FprEN 16603-70-11:2014 (E)
4.4 Compatibility
a. The space segment shall conform to all on-board design standards
specified for the mission in order to ensure compatibility with the
specified ground systems.
b. The space segment design shall be such that its operation is not
constrained by, nor adversely constrains, the availability or capacity of
the space-Earth communications links.
4.5 Safety and fault tolerance
a. No single command function executed at the wrong time or in the wrong
configuration shall lead to the loss of the mission.
NOTE For a mission-critical command function, this can
be ensured by the provision of two independent
commands, both to be executed (e.g. ARM and
FIRE).
b. Except for explicitly agreed single point failures, the capability shall be
provided to recover all on-board functions after a single failure within a
specific function.
NOTE The impact of several non-correlated failures
occurring at the same time has to be assessed at
mission-level.
c. No single unintentional ground command or failure in one space
segment element shall cause a failure in another space segment element.
d. The design of the space segment failure detection, isolation and recovery
(FDIR) function shall be such that all anticipated on-board failures can be
overcome either by autonomous on-board action or by clear,
unambiguous and timely notification of the problem to the ground
segment.
e. The FDIR design shall ensure that the space segment is safe without
ground segment intervention for the specified duration in the presence of
a single failure.
f. No reconfiguration of the spacecraft shall lead to a configuration where
new single point failures are introduced.
NOTE With the exception of reconfigurations that are
triggered on-board as the result of genuine
failures.
16

---------------------- Page: 18 ----------------------

kSIST FprEN 16603-70-11:2014
FprEN 16603-70-11:2014 (E)
4.6 Flexibility
a. All authorized combinations of prime and redundant equipment shall
exhibit the same operational characteristics.
NOTE 1 This requirement does not prevent a change of
calibration data, but it precludes different
operational procedures.
NOTE 2 This does not include any reduced redundancy
that exists following a failure.
b. The capability shall be provided for the ground segment to allocate
which of t
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

SIST
SIST EN 16602-60-13:2023(Main)
Space product assurance - Commercial electrical, electronic and electromechanical (EEE) components
EN 16602-60-13:2023

2021-04-21: This EN is based on ECSS-Q-ST-60-13C Rev.1

  • Standard
    106 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    123 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN 16602-60:2023(Main)
Space product assurance - Electrical, electronic and electromechanical (EEE) components
EN 16602-60:2023

The Scope of the Standard remains unchanged.
This standard defines the requirements for selection, control, procurement and usage of EEE components for space projects.
This standard differentiates between three classes of components through three different sets of standardization requirements (clauses) to be met.
The three classes provide for three levels of trade-off between assurance and risk. The highest assurance and lowest risk is provided by class 1 and the lowest assurance and highest risk by class 3. Procurement costs are typically highest for class 1 and lowest for class 3. Mitigation and other engineering measures may decrease the total cost of ownership differences between the three classes. The project objectives, definition and constraints determine which class or classes of components are appropriate to be utilised within the system and subsystems.
a.   Class 1 components are described in Clause 4.
b.   Class 2 components are described in Clause 5
c.   Class 3 components are described in Clause 6.
The requirements of this document apply to all parties involved at all levels in the integration of EEE components into space segment hardware and launchers.

  • Standard
    103 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    126 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN 16602-70-40:2023(Main)
Space product assurance - Processing and quality assurance requirements for hard brazing of metallic materials for flight hardware
EN 16602-70-40:2023

2021-04-21: This EN is based on ECSS-Q-ST-70-40C

  • Standard
    39 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    38 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN 16602-70-61:2022(Main)
Space product assurance - High-reliability soldering for surface mount, mixed technology and hand-mounted electrical connections
EN 16602-70-61:2022

This standard defines:
- the basic requirements for the verification and approval of automatic machine w ave soldering for use in spacecraft hardware. The process requirements for w ave soldering of doublesided and multilayer boards are also defined.
- the technical requirements and quality assurance provisions for the manufacture and verification of manuallysoldered, high-reliability electrical connections.
- the technical requirements and quality assurance provisions for the manufacture and verification of high-reliability electronic circuits based on surface mounted device (SMD) and mixed technology.
- the acceptance and rejection criteria for high reliability manufacture of manually-soldered electrical connections intended to w ithstand normal terrestrial conditions and the vibrational g-loads and environment imposed by space flight.
- the proper tools, correct materials, design and w orkmanshipt. Workmanship standards are included to permit discrimination betw een proper and improper work.
SCOPE
This Standard defines the technical requirements and quality assurance provisions for the manufacture and verification of high-reliability electronic circuits of surface mount, through hole and solderless assemblies.
The Standard defines w orkmanship requirements, the acceptance and rejection criteria for high-reliability assemblies intended to withstand normal terrestrial conditions and the environment imposed by space flight.
The mounting and supporting of components, terminals and conductors specified in this standard applies only to assemblies designed to continuously operate over the mission w ithin the temperature limits of -55 °C to +85 °C at solder joint level.
Requirements related to printed circuit boards are contained in ECSS-Q-ST-70-60 (equivalent to EN 16602-70-60) and ECSS-Q-ST-70-12 (equivalent to EN 16602-70-12).
This Standard does not cover the qualification and acceptance of the EQM and FM equipment w ith high-reliability electronic circuits of surface mount, through hole and solderless assemblies.
This Standard does not cover verification of thermal properties for component assembly.
This Standard does not cover pressfit connectors.
The qualification and acceptance tests of equipment manufactured in accordance w ith this Standard are covered by ECSS-EST-10-03 (equivalent to EN 16603-10-03).

  • Standard
    253 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    247 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN 16603-20-07:2022(Main)
Space engineering - Electromagnetic compatibility
EN 16603-20-07:2022

EMC policy and general system requirements are specified in ECSS-E-ST-20 (equivalent to EN 16603-20).
This ECSS-E-ST-20-07 (equivalent to EN 16603-20-07) Standard addresses detailed system requirements (Clause 4), general test conditions, verification requirements at system level, and test methods at subsystem and equipment level (Clause 5) as w ell as informative limits (Annex A).
Associated to this standard is ECSS-E-ST-20-06 (equivalent to EN 16603-20-06) "Spacecraft charging", w hich addresses charging control and risks arising from environmental and vehicle-induced spacecraft charging w hen ECSS-E-ST-20-07 addresses electromagnetic effects of electrostatic discharges.
Annexes A to C of ECSS-E-ST-20 document EMC activities related to ECSS-E-ST-20-07: the EMC Control Plan (Annex A) defines the approach, methods, procedures, resources, and organization, the Electromagnetic Effects Verification Plan (Annex B) defines and specifies the verification processes, analyses and tests, and the Electromagnetic Effects Verification Report (Annex C) document verification results. The EMEVP and the EMEVR are the vehicles for tailoring this standard.

  • Standard
    103 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    100 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN 16603-10-03:2022(Main)
Space engineering - Testing
EN 16603-10-03:2022

This standard addresses the requirements for performing verification by testing of space segment elements and space segment equipment on ground prior to launch. The document is applicable for tests performed on qualification models, flight models (tested at acceptance level) and protoflight models.
The standard provides:
• Requirements for test programme and test management,
• Requirements for retesting,
• Requirements for redundancy testing,
• Requirements for environmental tests,
• General requirements for functional and performance tests,
NOTE Specific requirements for functional and performance tests are not part of this standard since they are defined in the specific project documentation.
• Requirements for qualification, acceptance, and protoflight testing including qualification, acceptance, and protofight models’ test margins and duration,
• Requirements for test factors, test condition, test tolerances, and test accuracies,
• General requirements for development tests pertinent to the start of the qualification test programme,
NOTE Development tests are specific and are addressed in various engineering discipline standards.
• Content of the necessary documentation for testing activities (e.g. DRD).
Due to the specific aspects of the follow ing types of test, this Standard does not address:
• Space system testing (i.e. testing above space segment element), in particular the system validation test,
• In-orbit testing,
• Testing of space segment subsystems,
NOTE Tests of space segment subsystems are often limited to functional tests that, in some case, are run on dedicated models. If relevant, qualification tests for space segment subsystems are assumed to be covered in the relevant discipline standards.
Testing of hardware below space segment equipment levels (including assembly, parts, and components),
• Testing of stand-alone software,
NOTE For verification of flight or ground softw are, EN 16603-40 (ECSS-E-ST-40) and EN 16602-80 (ECSS-Q-ST-80) apply.
• Qualification testing of tw o-phase heat transport equipment,
NOTE For qualification testing of tw o-phase heat transport equipment, EN 16603-31-02 (ECSS-E-ST-31-02) applies.
• Tests of launcher segment, subsystem and equipment, and launch facilities,
• Tests of facilities and ground support equipment,
• Tests of ground segment.
This activity will be the update of EN16603-10-03:2014
NOTE: Parallel development of update of EN Standard and the new European TR17603-10-03.

  • Standard
    132 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    127 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST-TP CEN/CLC/TR 17603-10-03:2022(Main)
Space engineering - Testing guidelines
CEN/CLC/TR 17603-10-03:2022

This handbook provides additional information for the application of the Testing standard EN 16603-10-03.
This handbook will be the guideline for all space projects, related equipment and complete systems, by providing background information that aids the reader to better understand and meet the requirements of the standard.
The document would follow the flow of the Testing standard and in particular w hatever is excluded from the testing standard (see Scope of EN 16603-10-03) should also be excluded.
NOTE: EN 16603-10-03:2014 will be in parallel also updated to take into account the new TR.

  • Technical report
    267 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    265 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN 16603-35-06:2022(Main)
Space engineering - Cleanliness requirements for spacecraft propulsion hardware
EN 16603-35-06:2022

EN 16603-35-06 (equivalent of ECSS-E-ST-35-06) belongs to the Propulsion field of the mechanical discipline, and concerns itself with the cleanliness of propulsion components, sub-systems and systems
The standard
- defines design requirements which allow for cleaning of propulsion components sub-systems and systems and which avoid generation or unwanted collection of contamination,
- identifies cleanliness requirements (e.g. which particle / impurity / wetness level can be tolerated),
- defines requirements on cleaning to comply with the cleanliness level requirements, and the requirements on verification,
- identifies the cleanliness approach, cleaning requirements, (e.g. what needs to be done to ensure the tolerable level is not exceeded, compatibility requirements),
- identifies, specifies and defines the requirements regarding conditions under which cleaning or cleanliness verification takes place (e.g. compatibility, check after environmental test).
The standard is applicable to the most commonly used propulsion systems and their related storable propellant combinations: Hydrazine (N2H4), Mono Methyl Hydrazine (CH3N2H3), MON (Mixed Oxides of Nitrogen), Nitrogen (N2), Helium (He), Propane (C3H8), Butane (C4H10) and Xenon (Xe).
This standard is the basis for the European spacecraft and spacecraft propulsion industry to define, achieve and verify the required cleanliness levels in spacecraft propulsion systems.
This standard is particularly applicable to spacecraft propulsion as used for satellites and (manned) spacecraft and any of such projects including its ground support equipment.
External cleanliness requirements, e.g. outside of tanks, piping and aspects such as fungus and outgassing are covered by ECSS-Q-ST-70-01.
This standard may be tailored for the specific characteristic and constraints of a space project in conformance with ECSS-S-ST-00.

  • Standard
    71 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    71 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN 16603-50-25:2022(Main)
Space engineering - Adoption Notice of CCSDS 232.0-B-3, TC Space Data Link Protocol
EN 16603-50-25:2022

This document identifies the clauses and requirements modified w ith respect to the standard CCSDS 131.0-B-3, TM Synchronization and Channel Coding, Issue 3, September 2017 for application in ECSS.

  • Standard
    19 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    19 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN 16603-50-22:2022(Main)
Space engineering - Adoption Notice of CCSDS 132.0-B-2, TM Space Data Link Protocol
EN 16603-50-22:2022

In the standard CCSDS 132.0-B-2, TM Space Data Link Protocol, CCSDS specifies a data link layer protocol for the
efficient transfer of space application data of various types and characteristics over space links.
This Adoption Notice adopts and applies CCSDS 132.0-B-2 w ith a minimum set of modifications, identified in the present
document, to allow for reference and for a consistent integration in the ECSS system of standards.
The TM Transfer Frame specified in CCSDS 132.0-B-2 is similar to the TM Transfer Frame specified in the EN 16603-50-
03:2014 (ECSS-E-ST-50-03), that is superseded by the follow ing tw o Adoption Notices: EN 16603-50-22 (ECSS-E-AS-
50-22) and EN 16603-50-23 (ECSS-E-AS-50-23).
Differences betw een these tw o standards that are not covered by the normative modifications in clause 4 are described in
the informative Annex A.

  • Standard
    12 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    12 pages
    English language
    sale 10% off
    e-Library read for
    1 day