Pursuit of Excellence - Value-Added auditing - SAE AS9100 Auditor Workshop
advertisement
Pursuit of Excellence - Value-Added auditing - SAE AS9100 Auditor Workshop July 30, 2009 Brian Hughitt, NASA Headquarters Office of Safety and Mission Assurance What has been done will be done again. There is nothing new under the sun. Is there anything of which one can say, “Look this is something new”? It was here already long ago. It was here before our time. King Solomon 1000 BC USS THRESHER First in her class She was fast, quiet, and deep diving The leading edge of US Submarine Technology Apollo 1 Command Module First in her class She was much larger & far more complex than any previous design The leading edge of US Spacecraft Technology Loss of the USS THRESHER On April 10, 1963, while engaged in a deep test dive 220 miles east of Cape Cod, MA, the USS THRESHER was lost at sea, settling at a depth of 8400 feet with all aboard The crew of 112 Naval Officers and Enlisted personnel and 7 civilians perished Loss of the Apollo 1 Command Module Contributing Causal Factors - Inadequate Workmanship THRESHER Improperly brazed pipe joint Apollo 1 “The board found numerous examples in the wiring of poor installation and poor workmanship”. Contributing Causal Factors Inadequate Fabrication Processes THRESHER Brazed piping joints exposed to full submergence pressure Apollo 1 Teflon wire coating could be easily damaged or penetrated by abrasion Contributing Causal Factors - Ineffective Quality Assurance USS THRESHER Portsmouth Naval Shipyard inspectors using newly developed ultrasonic testing techniques identified numerous instances of faulty brazed joints. Many brazed joints on the THRESHER were never UT’d. Apollo 1 Kennedy Space Center inspectors cited multiple instances of deficient parts, equipment, and workmanship. Contributing Causal Factors Vulnerable Design Inadequate Emergency Recovery Unforeseen Failure Mode THRESHER • Reactor shutdown • Impaired access to vital equipment • Compromised ballast tank blow Apollo 1 • Single gas atmosphere • Flammable materials • Inward opening hatch BP Refinery, Texas SL-1 Reactor, Idaho Vacuum Chamber thought to have been a pressure vessel Montana Big Dig, Boston All of these events were terrible tragedies All of these events were completely avoidable Quality System Weaknesses The marked boxes indicate ineffective QMS elements and a failure of quality assurance auditing to identify & correct these shortcomings. When Events Line Up, the Consequences Can Be Devastating Procedures and inspections are often added to “correct” issues that are symptoms, this is the often the least effective way to manage risk. Requirements Design Hazar d Quality Assurance Manufacturing Test Operations Mishap Adapted from : James Reason, Managing the Risks of Organizational Accidents, 1997, p. 12 Failure to effectively respond, failure to put cost or schedules aside to prevent risk, lack of communication, risk management plans, noncompliance or fear of raising issues are signs of a failing quality system. All quality professionals should be system health monitors. Three Rules: 1. Be attuned: Know your internal quality system weaknesses, and be continually working to remedy them. 2. Be attentive: Know your external quality risks, and be continually working to mitigate them. 3. Step back and connect the dots… Look for intangible influences on product quality. Become a student of quality system failures. Removed for copyright protection 19 Removed for copyright protection 20 The Two Modes of Mishap Prevention Become a student of quality system failures. NASA System Safety Case Studies http://pbma.nasa.gov/index.php?fuseaction=pbma.main&cid=584 23 External Quality Risks Zinc Whiskers on Hot Dip Galvanized Steel Pipe Tin Whisker on Electromagnetic Relay Shorting Terminal to Case “Unglamorous as the work sounds - and indeed is – the whole business of maintaining human life in the air comes down to thinking and rethinking about curious and fiddlesome problems of this order.” 25 Paul Eddy Destination Disaster To improve life here, To extend life to there, To find life beyond. Counterfeiting GIDEP Counterfeit Report Submissions Marking indicates an Op Amp from ADI… Device lead condition shows parts were used 50 R e p o rt s 40 … but contains die for a Voltage Reference from PMI 30 20 10 0 1976 1978 1980 1982 1984 1986 1988 1990 1992 1994 1996 1998 2000 2002 2004 2006 2008 Year Retopping Part number indicates a CLCC package, but this package is a CDP… Evidence of prior marking for a part with inferior performance … Remarking … accompanied by bogus test report 27 28 Separate the vital few from the trivial many Joseph Juran 29 … mitigate risks associated with noncompliance. Risk considers the likelihood of noncompliance and the consequences associated with noncompliance, including the maturity, complexity, criticality, and value of work performed … 30 … attain confidence levels that are commensurate with the severity of consequences that would be incurred in the event of noncompliance. 31 … periodically reevaluated and adjusted based on changes to risk factors. 32 AS9100: 2009 A New (and needed) Focus on Risk 7.1.2 Risk Management The organization shall establish, implement and maintain a process for managing risk to the achievement of applicable requirements, that includes as appropriate to the organization and the product a) b) c) d) e) 33 assignment of responsibilities for risk management, definition of risk criteria (e.g., likelihood, consequences, risk acceptance), identification, assessment and communication of risks throughout product realization, identification, implementation and management of actions to mitigate risks that exceed the defined risk acceptance criteria, acceptance of risks remaining after implementation of mitigating actions. critical items … key characteristics … special requirements The Stakes…. The Stakes 35 37 38 39 "The society which scorns excellence in plumbing because plumbing is a humble activity and tolerates shoddiness in philosophy because it is an exalted activity will have neither good plumbing nor good philosophy. Neither its pipes nor its theories will hold water." John Gardner Back-Up slides Counterfeit Parts Examples National Semiconductor does not use “ : ” in part numbers New versus Refurbished leads Dual Markings Acetone Swipe Backtop peeling away. Sand marks evident 42 Missing Serial Number BusinessWeek Video Clip http://www.businessweek.com/magazine/content/0 8_41/b4103034193886.htm?chan=top+news_to p+news+index+-+temp_top+story Product Impact GIDEP Counterfeit Case Summaries 44 Tools & Resources to Combat Counterfeiting Tools & Resources (cont)
