* Preface

National Aeronautics and Space Administration (NASA)/

Department of Defense (DoD) policy is to achieve a consistent level of safety by applying reasonable criteria, giving the Space Shuttle Program (SSP) payload and ground support equipment (GSE) designer, operator, processor, and user the requirements to develop effective, efficient ground processing procedures usable at all SSP and cargo processing locations. This document aligns existing DoD and NASA ground safety criteria and establishes requirements for ground processing of SSP payloads and associated GSE. The requirements to assure payload mission success are the responsibility of the payload organization and are not within the scope of this document.

This document replaces the regular John F. Kennedy Space Center handbook requirement for a preface signed at the directorate level and authorizes subordinate elements to implement the joint safety policies established in the "Space Shuttle Payload Ground Safety Handbook."

The Director, Kennedy Space Center (KSC), and the Commander, 45th Space Wing (45 SW), will assure compliance with these policies and approve waivers to the provisions of this Handbook.

The Handbook will be reviewed annually and changes incorporated that are mutually agreeable to the Director, KSC, and the Commander, 45 SW.

This Handbook supersedes SAMTO HB S-100/KHB 1700.7B, September 1, 1992.

_______________________ _____________________________________

ROY D. BRIDGES, JR. F. RANDALL STARBUCK

DIRECTOR BRIG GEN, USAF

KENNEDY SPACE CENTER COMMANDER, 45th SPACE WING

Distribution:

Tech Doc Library

1.0 INTRODUCTION. . . . . . . . . . . . . . . . . . . 1-1

1.1 PURPOSE. . . . . . . . . . . . . . . . . . . . 1-1

1.2 SCOPE. . . . . . . . . . . . . . . . . . . . . 1-1

1.3 APPLICABILITY. . . . . . . . . . . . . . . . . 1-2

1.4 RESPONSIBILITY . . . . . . . . . . . . . . . . 1-2

1.4.1 DELEGATION. . . . . . . . . . . . . . . 1-3

1.5 CHANGES. . . . . . . . . . . . . . . . . . . . 1-3

2.0 PHASE SAFETY REVIEWS. . . . . . . . . . . . . . . . 2-1

3.0 DOCUMENTATION . . . . . . . . . . . . . . . . . . . 3-1

3.1 GENERAL. . . . . . . . . . . . . . . . . . . . 3-1

3.2 PHASE SAFETY REVIEW DOCUMENTATION. . . . . . . 3-1

3.3 LAUNCH SITE DOCUMENTATION. . . . . . . . . . . 3-2

3.3.1 PAYLOAD ORGANIZATION LAUNCH SITE

SAFETY PLAN . . . . . . . . . . . . . . 3-3

3.3.2 TECHNICAL OPERATING PROCEDURES (TOP's). 3-3

3.3.3 PAYLOAD SAFETY NONCOMPLIANCE

REPORTS . . . . . . . . . . . . . . . . 3-4

3.4 DOCUMENTATION CHANGES. . . . . . . . . . . . . 3-5

4.0 SAFETY REQUIREMENTS . . . . . . . . . . . . . . . . 4-1

4.1 OPERATIONAL CONSIDERATIONS . . . . . . . . . . 4-1

4.1.1 FAILURE TOLERANCE . . . . . . . . . . . 4-1

4.1.2 PERSONNEL POLICIES. . . . . . . . . . . 4-1

4.1.3 HAZARDOUS OPERATIONS. . . . . . . . . . 4-3

4.1.4 SAFETY INSPECTION . . . . . . . . . . . 4-4

4.1.5 SAFETY EQUIPMENT. . . . . . . . . . . . 4-4

4.1.6 TOOLS . . . . . . . . . . . . . . . . . 4-5

4.1.7 PHOTOGRAPHY . . . . . . . . . . . . . . 4-5

Table of Contents (Cont.)

4.2 PERSONNEL SAFETY . . . . . . . . . . . . . . . 4-5

4.2.1 HUMAN FACTORS . . . . . . . . . . . . . 4-6

4.3 PAYLOADS AND GROUND SUPPORT EQUIPMENT (GSE). . 4-8

4.3.1 BIOMEDICAL SUBSYSTEMS . . . . . . . . . 4-8

4.3.2 ELECTRICAL. . . . . . . . . . . . . . . 4-8

4.3.3 PRESSURE/VACUUM SYSTEMS . . . . . . . . 4-12

4.3.4 RADIATION . . . . . . . . . . . . . . . 4-22

4.3.5 ORDNANCE. . . . . . . . . . . . . . . . 4-30

4.3.6 MECHANICAL, ELECTROMECHANICAL DEVICES . 4-35

4.3.7 PROPELLANTS . . . . . . . . . . . . . . 4-35

4.3.8 CRYOGENICS. . . . . . . . . . . . . . . 4-41

4.3.9 GSE MATERIALS . . . . . . . . . . . . . 4-43

4.3.10 INDUSTRIAL HYGIENE. . . . . . . . . . . 4-44

4.3.11 OXYGEN. . . . . . . . . . . . . . . . . 4-46

4.4 ENVIRONMENTAL. . . . . . . . . . . . . . . . . 4-46

4.4.1 METEOROLOGICAL REQUIREMENTS . . . . . . 4-46

4.4.2 HAZARDOUS ATMOSPHERE. . . . . . . . . . 4-47

4.4.3 HUMIDITY. . . . . . . . . . . . . . . . 4-49

4.4.4 TOXIC MATERIALS . . . . . . . . . . . . 4-50

4.5 HANDLING AND TRANSPORTS. . . . . . . . . . . . 4-50

4.5.1 HOISTING AND HANDLING . . . . . . . . . 4-51

4.5.2 TRANSPORTERS. . . . . . . . . . . . . . 4-58

5.0 MISHAP INVESTIGATION AND REPORTING. . . . . . . . . 5-1

5.1 NASA MISHAP INVESTIGATION CONTROL. . . . . . . 5-1

5.2 USAF MISHAP INVESTIGATION CONTROL. . . . . . . 5-1

5.3 MISHAP REPORTING . . . . . . . . . . . . . . . 5-1

5.3.1 MISHAP CONTACTS . . . . . . . . . . . . 5-1

5.3.2 PAYLOAD ORGANIZATION INVOLVEMENT. . . . 5-2

5.3.3 PAYLOAD ORGANIZATION RESPONSIBILITIES . 5-2

5.3.4 INVESTIGATION BOARDS. . . . . . . . . . 5-3

5.3.5 MISHAP SCENE. . . . . . . . . . . . . . 5-3

Table of Contents (Cont.)

APPENDIX A - ACRONYMS, ABBREVIATIONS, AND

GLOSSARY OF TERMS . . . . . . . . . . . . . A-1

APPENDIX B - COMPLIANCE AND REFERENCE DOCUMENTS. . . . . B-1

APPENDIX C - GUIDELINES FOR THE PREPARATION OF

TECHNICAL OPERATING PROCEDURES (TOP's). . . C-1

APPENDIX D - ORDNANCE STORAGE AND HANDLING DATA

REQUIREMENTS. . . . . . . . . . . . . . . . D-1

APPENDIX E - PAYLOAD RELATED EMERGENCY PROCEDURES

DOCUMENTS AND FACILITY SAFETY PLANS . . . . E-1

TABLE 4-1 SLING REQUIREMENTS. . . . . . . . . . . . . . 4-54

* 1.0 INTRODUCTION

1.1 PURPOSE

1.2 SCOPE

* Denotes Change

1.3 APPLICABILITY

1. All organizations processing SSP payloads or experiments at the ER. This includes all government organizations (e.g., NASA, DoD, other domestic or foreign government, or alliance organizations) and independent foreign or domestic enterprises.
2. Contractors in direct support of the above organizations.
3. Other organizations or agencies providing direct personnel and equipment interface to payload or payload GSE support.
4. Any of the above organizations required to support SSP payload postlanding operations at any landing site.

1.4 RESPONSIBILITY

1. The officials of the LSSO responsible for implementing the safety policy and criteria for SSP payload activities are identified below:

1. For KSC, Director of Safety and Mission Assurance (EC).
2. For CCAS, 45 SW Director of Safety (SE).

1. The Chiefs, Biomedical and Bioenvironmental Engineering Offices, are responsible for certain activities as identified in this Handbook. Office contacts are identified below:

1. For KSC, Biomedical Office (JJ).
2. For CCAS, Bioenvironmental Engineering Office (45 AMDS/SGPB, Patrick AFB).

1.4.1 Delegation

1. Monitors LSSO-selected operations and has safety approval authority for procedural deviations.
2. Gives concurrence to start these selected operations.
3. May halt any operation deemed unsafe.

1.5 CHANGES

2.0 PHASE SAFETY REVIEWS

3.0 DOCUMENTATION

* 3.1 GENERAL

3.2 PHASE SAFETY REVIEW DOCUMENTATION

3.3 LAUNCH SITE DOCUMENTATION

3.3.1 Payload Organization Launch Site Safety Plan

* 3.3.2 Technical Operating Procedures (TOP's)

* 3.3.3 Payload Safety Noncompliance Reports

1. The payload name and the model of the payload or support equipment as applicable.
2. The specific component and the subsystem in which the component functions shall be identified.

* Denotes Change

3.4 DOCUMENTATION CHANGES

4.0 SAFETY REQUIREMENTS

4.1 OPERATIONAL CONSIDERATIONS

4.1.1 Failure Tolerance

4.1.2 Personnel Policies

1. Hazard types, recognition, causes, and effects.
2. Prevention and control measures.
3. Safe operating procedures.
4. Checklists.
5. Safeguards and safety devices.
6. Personal protective equipment (PPE).
7. Monitoring and warning devices.
8. Emergency and contingency procedures.

4.1.3 Hazardous Operations

1. A ground processing activity is classified as hazardous based on the following considerations:

1. Energy is involved and loss of control could result in injury to personnel or damage to equipment.
2. A significant change from ambient condition will occur; e.g., increase or decrease of oxygen content, pressure, or temperature.
3. Presence of hazardous materials or physical agents which presents potential exposure to personnel.

1. TOP's are required for any activity, either by itself or in combination with another, which can result in injury to personnel or damage to property involving, but not limited to, the following:

1. Work Area/Environment.
2. Ordnance.
3. Propellants.
4. Cryogenics.
5. Lifting/Handling.
6. Radiation.
7. Toxics/Combustibles/Corrosives.
8. Pressure.
9. Electrical.

1. All hazardous or LSSO designated procedures require notification of the LSSR at least 24 hours prior to their performance. The LSSR will monitor all or selected sections of these procedures.
2. Concurrent hazardous operations within the same hazard control area are prohibited.
3. Concurrent operations within a hazard control area require LSSR or LSSO approval.

1. Prior to payload/GSE installation in the facility.
2. Immediately after installation of payload/GSE.
3. Immediately before the start of LSSO selected hazardous operations.
4. After any facility or equipment modification which may affect hazard potential.

4.1.6 Tools

* 4.1.7 Photography

4.2 PERSONNEL SAFETY

* Denotes Change

4.2.1 Human Factors

4.2.1.4 Physical -

1. Accidental contact with sharp surfaces or protrusions shall be prevented by the use of ductile materials, energy absorbing devices, shields, rounded corners, and flush-mounted features. Sharp surfaces or protrusions include edges, crevices, points, burrs, wire ends, screw heads, corners, brackets, rivets, braided cable, cable swages, cable strands, clamps, pins, latches, lap joints, bolt ends, lock nuts, etc., which if contacted, could injure operating personnel.
2. Hazards shall not be created by the inaccessibility of flight or ground hardware. Physical access for safety critical operations or maintenance functions shall be provided. Protrusions which create a hazard such as hoses, wave guides, cables, brackets, etc., which cannot be eliminated by design, shall be made to be removable during service or maintenance functions.
3. Moving parts such as fans, belt drives, turbine wheels, and similar components that could cause personnel injury or equipment damage due to inadvertent contact or entrapment of floating objects shall be provided with guards or other protective devices.
4. Wherever possible, equipment requiring adjustment during its operation shall have external adjustment provisions and provide electrical shock protection when applicable.
5. GSE shall be designed to minimize the requirement for operations and maintenance personnel to wear protective clothing during normal operations and maintenance. Valves, gauges, levers, bolts, nuts, and any other item required to be moved, turned, manipulated, or monitored by personnel in protective equipment shall be sized to facilitate operation. Such items should be located to optimize access to the item while the operator is in a standing position. Sufficient clearance should be provided to preclude brushing against other surfaces. Suitable provisions to prevent damaging the protective equipment and to prevent personnel fatigue and discomfort shall be included in the GSE design.
6. All GSE designs should include a center-of-gravity analysis to ensure that the GSE/flight hardware does not tip, fall, slide, or allow for any type of sudden load shift.

4.3 PAYLOADS AND GROUND SUPPORT EQUIPMENT (GSE)

4.3.1 Biomedical Subsystems

4.3.2 Electrical

4.3.2.1 Electrical Requirements -

1. Electrical connectors shall be designed to make it physically impossible to inadvertently reverse a connection or mate the wrong connectors if a hazardous condition can be created. These connectors for energized circuits must also be of "scoop-proof" design so a partial inadvertent mismate will not provide pin-to-pin contact.
2. Electrical equipment shall not cause ignition of adjacent materials. The requirements for explosion/hazardproofing at the launch site are identified in Paragraphs 4.4.2.3 and 4.4.2.4.
3. Malfunction of the payload or GSE circuitry shall not induce overload into the Orbiter, GSE, or facility electrical systems.
4. Electrical equipment shall be designed to provide personnel protection from accidental contact with alternating current (AC) voltages in excess of 30 volts root mean square (rms) or 50 volts direct current (DC) or any lower voltage that could cause injury.
5. Construction of the payload and electrical GSE shall assure all conductive external parts and surfaces are at ground potential at all times.
6. Cables extending across work areas shall be protected against damage from personnel activity or equipment use.
7. Switches/controls which can create hazardous conditions if inadvertently operated shall be guarded, shielded, or otherwise protected against inadvertent switching.
8. Electrical fuse and switch boxes shall be labeled on the outside or inside cover to show the voltage present, rated fuse capacity, and equipment that the circuit controls.
9. Non-bypassable interlocks shall be used to prevent possible shock whenever a voltage in excess of 500 volts is exposed upon opening an access door, cover, or plate.
10. All GSE shall meet the requirements of the "National Electric Code (NEC), National Fire Protection Association 70 (NFPA 70)."
11. Dead-end wires shall be completely insulated.
12. Three-phase power sequencing must be verified in each KSC processing facility prior to connection.
13. Battery charging/conditioning shall be accomplished in the battery laboratories unless approval is granted from the LSSO to accomplish the charging elsewhere. Battery charging equipment shall be continuously monitored by personnel. Charging/conditioning performed in hazardous locations shall comply with paragraphs 4.4.2.4.1 and 4.4.2.4.2. The payload organization should consider incorporating voltage and current limiters, fuses, diodes, and temperature and pressure monitors in the charging/conditioning electrical GSE.
14. The payload should be assessed to determine if the loss of power during any phase of ground processing is a hazard to personnel or equipment. If so, an alternate or backup power source may be required.

1. The design, construction, and installation of equipment shall be such that all external parts, surfaces, and shields are at ground potential at all times.
2. Grounding and bonding schemes shall ensure proper interfacing between equipment and facility.
3. Power cords on GSE shall provide a non-current carrying ground conductor unless the unit is double insulated.
4. Grounding/bonding connections of GSE shall be designed to minimize the possibility of inadvertent disconnection.
5. Solder shall not be used for external connections.
6. Threaded fasteners shall use lock washers.
7. GSE external bonding straps and jumpers shall be capable of carrying the maximum expected fault current.
8. Additional grounding requirements for ordnance and propellant operations are included in the applicable sections.

1. Any accessible capacitor circuitry which presents a hazard to personnel shall be discharged prior to performing maintenance.
2. Protective equipment such as nonconducting fuse pullers, rubber gloves, nonconductive matting, etc., shall be used when working on energized circuits which could cause personal injury.
3. Procedures for tagging and lockout of control switches and circuit breakers shall be provided.
4. All grounds shall be verified to be intact.
5. Worn, abraded, or defective insulating material shall be repaired or replaced.
6. Only fuses of proper voltage and current ratings shall be used in circuits. No other material will be used in place of a fuse.

4.3.2.5 Energized Electrical Equipment -

1. Energized equipment will be manned or connected to the manned facility emergency power shut-off system. The electrical equipment will be powered down during non-working hours. All electrical equipment located outside a hazardous processing area will be inhibited from supplying power to electrical equipment located within the hazardous processing area during non-working hours.
2. Electrical equipment that must remain energized for hazardous operations (i.e., maintaining spacecraft thruster solenoid valves in an opened or closed state) shall be equipped with an uninterrupted power source such as a battery backup.

4.3.3 Pressure/Vacuum Systems

4.3.3.1 Pressure System Requirements -

1. To preclude personnel injury, provisions shall be made for accomplishing remotely controlled pressurization of the flight pressure system. Exception to this requirement is when the conditions of Paragraph 4.3.3.2.1 do not apply or when the payload operator provides a certification statement of system pressure testing to the LSSO in accordance with Paragraph 4.3.3.2.2. Normally, remote pressurization of GSE is not required.
2. Regulator failure shall not create a hazard to personnel or equipment during ground processing.
3. All items, including gauges, which come in contact with the service fluid shall be of compatible material.
4. All pressure system connectors shall be selected to make it physically impossible to mix fluid media if a hazardous condition can be created by mixing two fluids. Example: Fuels and oxidizers or GN2 and GHe in an LH2 system.

1. Pressure system lines (where the function of the line is not immediately apparent) shall be labeled with the MOP, fluid content, and direction of flow. Labeling should be in accordance with KSC-STD-SF-0004, "Color-coding of Fluid Systems Piping."
2. If used, color-coding should comply with KSC-STD-SF-0004.
3. Other system components shall be labeled with their manufacturer's name and part number, serial number (if applicable), pressure rating, and direction of flow.

1. Pressure systems components (excluding pressure vessels) shall have a design burst pressure (D.B.) of at least 4 times the MOP of the system (low carbon stainless steels shall have a D.B. of 4.5 times MOP) and should conform to either MIL-STD-1522, "A Standard General Requirement for Safe Design and Operation of Pressurized Missile and Space Systems," or JSC SW-E-0002, "Space Shuttle Program GSE General Design Requirements." Components shall be pressure tested at 1.5 times MOP unless otherwise approved by the LSSO.
2. Regulators shall be selected so that their working pressure falls within the center 50% of their total pressure range if susceptible to inaccuracies or creep.
3. Flight and GSE components downstream of a GSE regulator shall be designed to safely operate under full upstream pressure. Open-ended purge systems may be protected by flow restriction orifice devices.
4. If the requirements of Paragraph e (above) cannot be met, relief devices shall be provided in accordance with ASME/ANSI codes, and a minimum shall be provided as follows:

1. Downstream of last GSE regulator prior to flight hardware interface.
2. GSE pressure vessels.
3. Downstream of regulators where upstream pressure exceeds downstream design operating pressure.
4. Container purge systems using metal tubing or flexhose.
5. Container purge systems using plastic tubing when the failure of the tube provides sufficient margin of safety to the downstream equipment.
6. All relief devices shall be relief valves when pressure exceeds 149 psig.

1. Set pressure: Pressure relief valves shall be set to relieve at a pressure not to exceed the MAWP of the vessel or the design pressure of the system involved (including flight systems), and the set limits shall be specified in the Operation and Maintenance Requirements and Specifications Document (OMRSD) or other operating and maintenance documents. The setting of relief valves must always be sufficiently higher than the operating pressure to ensure that the valves will reclose above the operating pressure. See ASME Code, Section VIII, Division 1, paragraph UG-134, and Appendix M, paragraph M-11, and ANSI/ASME B31.3, paragraph 322.6.3.
2. Required relieving capacity: For pressure vessels, the required relieving capacity shall be determined in accordance with the ASME Code, Section VIII, Division 1, paragraph UG-133, or Division 2, paragraph AR-150.

For piping/tubing systems, the required relieving capacity shall be equal to or greater than the maximum flow capability of the upstream regulator or pressure source and shall prevent the pressure from rising above the limits specified in ANSI B31.3. See ASME Code, Section VIII, Division 1, paragraph UG-133, and Division 2, paragraph AR-150, and ANSI/ASME B31.3, paragraphs 301.2 and 322.6.3.

3. Relief devices shall be located so other components such as shut-off valves cannot render them inoperative. Relief devices and their associated discharge plumbing shall be adequately supported such that their discharge impulse will not cause structural failure.
4. Pressure relief for toxic liquids and/or vapors shall be designed and located so that gases and liquids or vapors will not enter any inhabited areas. Pressure relief for inert gases shall not be discharged into a confined, occupied area where oxygen content could be lowered below acceptable limits. Pressure reliefs for high pressure gases and liquids shall be located such that the discharge will not endanger personnel.
5. Pressure systems shall be equipped with gauges as follows:

1. Downstream of each regulator.
2. On any storage system.
3. On any section of the system where pressure trapped by isolation valves creates a hazard.

1. All pressure gauges shall comply with the following requirements:

1. Gauges shall be selected so that the operating pressure is not more than 75% of the highest graduation.
2. Pressure gauges shall be of one piece, solid front construction and shall have an optically clear shatterproof window. Gauges should be designed for bolted flush front panel mounting.
3. Gauges shall have blowout backs to allow unrestricted venting in the event the gauge sensing element ruptures.
4. All items which come in contact with the service fluid shall be constructed of compatible material. Use of material other than 316SS requires LSSO approval. Bourdon-tube bleed screws may be of any 300SS.
5. A due date calibration sticker shall be affixed to gauges used for safety-critical monitoring.
6. Gauges shall be equipped with a bourdon-tube bleeder or equivalent device to facilitate cleaning.

1. All GSE using flexhoses with pressures above 150 psig shall be designed to provide attachments for flexhose restraining devices.
2. Isolation valves shall be designed to permit flow or isolation in both directions at the valve's MAWP.
3. Pressure systems shall be designed so pressure cannot be trapped in any part of the system without bleed capability.
4. Manually operated valves and regulators shall be selected so over-torquing the valve stem or regulator adjustment cannot damage soft seats to the extent seat failure occurs. Designs using uncontained seats are unacceptable.

1. Pressure system elements which are not intended to be reversible shall be designed or marked such that they will not be connected in a reverse mode.
18. Lines, relief devices, and other pressure system elements shall be routed and/or located to provide for the protection of other systems and personnel.
19. Control stations shall have adequate instrumentation to allow personnel to monitor pressure levels and confirm initiated actions have occurred.
20. Control stations shall be designed so the operator does not have to leave the station to monitor hazard levels.
21. Systems shall have shut-off valves located as close to the supply vessel as practicable.
22. Check valves shall be provided where backflow of fluids would create a hazard.

1. Connection, disconnection, installation, inspection, maintenance, and testing shall be accomplished in accordance with the manufacturer's specifications and recommendations unless otherwise specified in this document.
2. Flexible hoses shall be installed so they do not carry any external mechanical load and are not subjected to tension, torsion, or overheating.
3. All flexible hoses shall have a design burst pressure equal to or greater than 4 times the MAWP.
4. All flexible hoses pressurized to 150.0 psig (10.34 bars) or greater shall be contained or restrained. Hose restraint shall be accomplished using a chain or cable securely anchored to a substantial object and to the hose assembly at the following points: 1) Hose end connector; 2) each union or hose splice; and 3) intervals not to exceed 6 feet (1.83 meters). Hose restraint devices and attachment methods shall be approved by the LSSO.
5. The payload organization shall establish criteria and obtain LSSO approval for periods of inspection and retest. Time in service, type of service, and pressure are factors for determining need of pressure test. LSSO approval shall be obtained prior to performing pressure testing at the launch site.
6. All flexible hoses shall be inspected prior to use. Flexible hoses which show signs of physical damage shall be replaced.
7. Flexible hose assemblies shall be pressure tested to 1.5 times their MAWP.
8. GSE flexible hoses shall be identified and marked. Each flexible hose assembly shall have a metal tag(s) attached which bears the following information:

1. Date of prooftest (month and year).
2. Dedicated fluid service; e.g., fuels, oxidizers, hydraulics.
3. MAWP.
4. Identifier (manufacturer/part number).

1. After each pressure test recertification, the old tag(s) will be removed and new ones attached.

1. Hoses shall be in accordance with MIL-H-25579, "Hose Assembly, Tetrafluoroethylene, High Temperature, Medium Pressure," Class 1, or "Society of Automotive Engineers (SAE) Standards," and shall be suitably protected against chafing where necessary to prevent damage to the hose or adjoining structure, tubing, wiring, and other equipment. (Systems over 3,000 psi will be handled on a case-by-case basis.)
2. Only system compatible lubricants shall be used on threaded fluid line connections.

1. The first time a flight system is pressurized above 25% of the design burst at the launch site. This pressure is designated the "initial pressurization level."
2. Any flight system pressurization above the initial pressurization level; this latter pressurization becomes the new initial pressurization level.
3. Any pressurization above MOP/MAWP.
4. Any pressurization of a system that has suspect integrity.

1. The assembled system has been pressure tested at a pressure which is at least 1.5 times the system MOP unless otherwise approved by the LSSO. Flight systems may be pressure tested at the component level if welds will be x-rayed after assembly.
2. The assembled system has been functionally leak tested at a pressure equal to or greater than MOP. The system logbook shall track system handling/movement in addition to pressurizations, maintenance, etc.
3. System configuration has not been modified or repaired subsequent to the above testing. Unwelded relief or sensing devices may be replaced after system pressure testing but not after system leak testing, in accordance with Paragraph 4.3.3.2.9.
4. A procedure has been written which requires inspection of the system upon arrival at the launch site for damage sustained during transportation and handling. The procedure shall also require a check of the pressure system logbook to verify that activity after the pressure test and leak test did not affect the integrity of the system. Provide procedure name and number, step numbers and tests which require the inspection, and any additional inspection criteria.

4.3.4 Radiation

* 4.3.4.1 Radiological Health -

1. Applicable radiological health program documents governing uses of ionizing and nonionizing radiation sources at ER include:

1. KHB 1860.1, "KSC Ionizing Radiation Protection Program"
2. KHB 1860.1, Appendix D, "Radiological Controls for Major Radiological Sources (MRS) and Nuclear Assemblies"
3. KHB 1860.2, "KSC Non-Ionizing Radiation Protection Program"
4. AFI 91-110, "Nuclear Safety Review and Launch Approval for Space or Missile Use of Radioactive Material and Nuclear Systems"
5. AFI 40-201, "Managing Radioactive Materials in the USAF"
6. 45 SWI 40-201, "Radiation Protection Program"
7. AFOSH STD 161-9, "Exposure to Radiofrequency Radiation"
8. AFOSH STD 161-10, "Health Hazards Control for Laser Radiation"

1. All uses of radiation sources require review and evaluation for approval by the appropriate launch site Radiation Protection Officer (RPO).
   Radioactive materials procurement, use, storage, and transportation at launch/landing sites are subject to specific requirements. Such activities must be coordinated with the launch/landing site RPO at least 60 days in advance of arrival to the launch site to assure compliance with applicable regulations. Identification of the launch/landing site RPO will be provided through the LSSO.

1. Radiation sources and associated equipment will be designed, constructed, installed, and utilized so as to assure personnel exposures and the potential for releases are kept as low as practicable and below applicable regulatory limits.
2. Flight radioactive sources should be installed as late in the countdown as practical.
3. Radiation sources shall be handled/operated utilizing only approved personnel, procedures, and equipment.
4. Inactive, unattended, or stored radiation sources shall be secured against unauthorized access or operation at all times.
5. Appropriate personnel access controls shall be established in all areas where radiation sources are used, operated, or installed.
6. PPE and/or dosimetry shall be approved or utilized as assigned.

1. The payload organization shall provide a detailed description of the launch/landing site processing flow not later than 6 months prior to initial arrival of an MRS at the launch site. The description shall include identification of activities directly associated with MRS's, other activities occurring in the presence of MRS's, and any GSE associated with such activities. The detailed processing flow shall be developed incorporating the following requirements:

1. The number and duration of MRS processing activities and associated personnel proximity to an MRS shall be minimized. Payload and launch vehicle activities involving personnel proximity to an MRS shall also be minimized.
2. The number of facilities utilized in MRS processing activities shall be minimized. Such facilities shall be utilized on a sole-use or noninterference basis.
3. Each processing activity shall be assessed on the basis of personnel exposure incurred versus mission benefit achieved by the activity.
4. MRS installation for flight shall be made as late as operationally feasible.
5. The payload organization shall provide for and utilize nonradioactive/passive high fidelity MRS models whenever feasible.

1. The payload organization shall provide a detailed baseline dose projection for payload organization personnel involved in launch/landing site MRS activities. This baseline must be provided no later than 6 months prior to initial arrival of an MRS at the launch site.
2. A description of proposed changes to the MRS processing flow (including GSE and operations) with supporting rationale must be submitted by the payload organization prior to implementation. The rationale shall include the reason for the change and an assessment of its impact on the safety analysis, the baseline dose projection, other processing activities, procedures, hardware, etc.
3. Payload organization activities involving radiological contingency planning and nuclear safety analyses shall be coordinated with the launch site RPO.
4. The payload organization must obtain final approval of their MRS radiation use authorization request from the launch site RPO not later than 6 months prior to launch or 90 days prior to MRS arrival at the launch site, whichever is earliest. Final approval is contingent upon closure of all open items by the payload organization to the satisfaction of the launch site RPO.

1. The payload organization shall document the design and maintain records of maintenance, checkout, and use of GSE systems utilizing radioactive gases at the launch sites. Such records shall be available to the LSSO and the launch site RPO.
2. Planned releases and the potential for accidental releases of radioactive gases shall be minimized. The launch site RPO may require recapture of radioactive gases prior to venting of residual quantities.
3. Vent outlets shall be placed at heights or locations inaccessible to personnel. The vents shall be located to prevent reentry of exhaust into habitable areas and shall be conspicuously identified.
4. Venting of radioactive gases will require favorable meteorological conditions and launch site RPO concurrence.
5. Operations involving flow of radioactive gases will not occur during normal working hours unless specifically authorized by the launch site RPO.

1. Radiation sources associated with payloads must be compatible with and have no adverse safety effects on ordnance items, propellants, high pressure systems, critical structure components, or systems of any other payload, the Space Shuttle, or its crew.
2. RTG's and other major radiological sources shall be provided with redundant ground cooling systems, if cooling is required to maintain safety, to assure adequate heat dissipation during prelaunch and postflight operations. Disposal of this coolant shall be coordinated with the appropriate Biomedical Office.
3. Radiation source shields, interlocks, fail-safe systems, and limit switches shall be checked for proper operation.
4. All radiating systems shall be designed, constructed, and operated to prevent exposure of personnel, facilities, and equipment to extreme temperatures, high voltages, toxic fumes and gases, and unnecessary radiant energy.

1. Hazardous optical radiation to include ultraviolet, infrared, and visible radiation.
2. Temperature extremes.
3. Shatterable materials.
4. Contamination from gases and cryogenics.
5. High voltage and x-rays.

1. Optical instruments shall be designed such that harmful light intensities and wavelengths cannot be viewed by operating personnel.
2. Quartz windows, apertures, or beam stops and enclosures shall be used for hazardous wavelengths and intensities unless other suitable protective measures are taken to protect personnel from ultraviolet and/or infrared burns or x-ray radiation.
3. Light intensities and spectral wavelengths at the eye piece of direct-viewing optical systems shall be limited to levels below the maximum permissible exposure (MPE).

1. Limit stops, interlocks, and shields shall be provided to ensure that a laser beam cannot be misdirected.
2. Laser power shall be locked out during all operations except laser testing.
3. Positive locking features shall be provided to preclude focus and/or directional changes due to vibrations or inadvertent contact by operating personnel.
4. Laser systems shall be designed so that all external components are at ground potential at all times.
5. Materials used must be able to withstand the stresses caused by repetitive laser pulsing for the duration of checkout and mission performance.
6. Laser systems shall incorporate a shutter system, beam stop, or attenuator capable of preventing output emissions in excess of the appropriate MPE level when the laser or laser system is on standby.
7. Provisions shall be made to measure power output and perform boresighting with the beam totally enclosed and without unnecessary exposure to operating personnel.
8. Laser target materials shall be nonreflective and fire resistant and shall not emit toxic contaminants.
9. Laser installations shall incorporate adequate means to prevent the accumulation of hazardous cooling fluids and their by-products.
10. Whenever toxic chemicals and/or cryogenic materials are utilized with laser systems, shut-off valves shall be provided to control leakage in the event of a line rupture.

1. Alignment of target, optics, filters, etc., shall be accomplished utilizing low-powered visible lasers.
2. Active beam or target viewing shall be done only by closed circuit television or an optical comparator with an appropriate filter.
3. Laser beams shall not be directed toward flammable or explosive materials.
4. Activated lasers shall not be left unattended.
5. Personnel whose occupation or assignment may involve exposure to laser radiation shall use laser safety goggles approved by the Biomedical Office. These goggles shall protect for the specific wavelength of the laser and be of optical density adequate for the energy levels involved.

* Denotes Change

4.3.5.3 Safe and Arm (S&A) Devices -

1. Transition from the SAFE to the ARM position shall require 90 degrees of rotation of the mechanical barrier.
2. The S&A device shall not be capable of propagating the ordnance train with the barrier rotated less than 50 degrees from the SAFE position.
3. The visual and remote SAFE position shall not be indicated unless the device is less than 10 degrees from the normal SAFE position.
4. Firing circuits of S&A devices shall be electrically connected after payload installation in the Orbiter. S&A devices without a direct interface with the Orbiter may be electrically connected after final ordnance electrical system checks and power is removed from the system. The S&A safing pin shall remain installed until final closeout of the payload bay.
5. S&A Rotation Tests: Rotation of S&A devices during ground test and processing shall be done with the explosive transfer assembly (ETA) disconnected from the S&A or at the point of ETA terminus. All rotation tests of S&A's shall be completed before firing circuits are electrically connected. If the firing circuits must be connected during a rotation test, a safety assessment shall be provided to show that inadvertent ignition of the detonators will not cause a hazardous condition. All rotations require LSSO approval.

1. Ordnance shall be processed only in those areas approved by the LSSO. Solid/liquid propellants designated for one payload shall not share an operating location with items designated for another payload except for payload integration activities.
2. Test equipment used to check component and circuit operation must be of a type that limits energy input and must be approved by the LSSO. See Paragraph 4.3.5.6 for additional requirements.
3. Electrical continuity and resistance checks of ordnance circuitry shall be performed using only in-calibration test equipment approved by the LSSO.
4. All ordnance deliveries to the launch site shall be coordinated with the LSSO.
5. All ordnance deliveries from storage to the payload organization shall be coordinated with the LSSR.
6. Electromagnetic interference (EMI) testing shall not be conducted with live EED's installed without approval of the LSSO.
7. Materials susceptible to the generation, collection, and holding of static electrical charges shall be selected from the LSSO-approved list.
8. Disposal of surplus or defective ordnance items shall be coordinated by the LSSO. Disposition shall be determined jointly by the LSSO and the payload organization.
9. Based upon the radio frequency (RF) and EED susceptibility, installation, removal, and electrical connection/disconnection may require RF silence. Local RF silence and no-switching periods are required. The periods of RF silence shall be requested by the payload organization and shall be identified by an LSSO-approved TOP.
10. Grounding/bonding is required to ensure that electro-static charges cannot build up to levels which can cause ignition of ordnance items.
11. EED faraday caps are required during storage, handling, and after mechanical installation. They shall not be removed until electrical connections are to be made.
12. All personnel within the hazard control area during ordnance operations shall wear nonstatic-producing, flame-retardant coveralls. Persons performing the work shall wear approved grounding devices.

4.3.5.5 Ordnance Marking -

1. Live ordnance and associated flight items (e.g., arm plugs) shall be the natural body color of the device.
2. Nonflight items shall be color-coded, and this color-coding shall be submitted to the LSSO as part of the ground safety data package.

1. EED Bridgewire Resistance Measurement Meters_

1. The meter shall be designed such that maximum available applied current does not exceed 10% of the no-fire current of the EED or 50 mA, whichever is less. It shall also be designed so that in a worst case (multiple) failure condition, the available applied current cannot exceed the no-fire current of the EED.
2. The optimum resistor location is adjacent to the output leads and inaccessible. Other locations are also acceptable, if it can be shown that bypassing the resistor is not credible. (Current-limiting resistors in the test leads, to meet the above requirements, are unacceptable.)
3. Meter leads shall be shielded and connector shell-to-shell contact shall precede pin-to-pin contact.
4. Calibration shall be at least annually. Calibration procedures shall verify the safe configuration; e.g., the proper voltage battery with the encapsulated current-limiting resistor installed.

1. No-Voltage Meters. No-voltage meters shall be designed to detect one-tenth of the no-fire level of the EED or 50 mV, whichever is less, at a pulse width of 1 millisecond. The use of computerized no-voltage meters is acceptable if proper current-limiting can be demonstrated.

4.3.6 Mechanical, Electromechanical Devices

4.3.7 Propellants

4.3.7.1 Propellant System Requirements -

1. Materials selected for use in propellant systems shall be compatible with propellants used. This should include compatibility under operating pressure, shock, vibration, and temperature loadings and include analysis of items such as stress corrosion. Refer to either Air Force Manual, AFM 161-30, "Chemical Rocket/Propellant Hazards," Volume II, or John Hopkins University, "Chemical Propulsion Information Agency (CPIA) Publication Number 394, Chemical Rocket/Propellant Hazards," Volume III, for specific propellant properties.
2. Propellants shall be separated so malfunction of either the oxidizer or fuel subsystems cannot cause mixing.
3. Incompatible system connections shall be keyed or sized so it is physically impossible to interconnect them.
4. For systems requiring nonmetallic materials, materials selected shall not result in hazardous reactions.
5. For systems requiring insulation or acoustic damping, nonabsorbent, nonflammable materials shall be used in compartments or spaces where fluids and/or vapors could invade the area.

1. A positive means of shutting off propellant flow from tanks shall be provided and shall be readily accessible.
2. The actuator for remotely controlled valves shall be capable of opening and closing the valve under design flow and pressure. Throttle capability shall be considered in the selection of remotely controlled valves. Ball and gate valves should not be used.
3. Remotely controlled valves shall provide for remote monitoring of open and closed positions.
4. Normally open or closed valves shall have a spring on the actuator capable of operating the valve to the fail-safe position without an external actuating force under system operating conditions.
5. Manually operated valves shall be capable of being opened or closed under full system pressure.
6. Balanced manual valves that utilize external balancing ports or vents open to the atmosphere shall not be used.
7. The payload organization shall describe their plans for controlling a propellant leak throughout the ground processing timeline up to, and including, installation into the Orbiter payload bay.
8. Provisions shall be made so propellants cannot be trapped in any part of the system without provisions for draining.
9. Hypergol equipment (e.g., valves, quick disconnects) must be designed to be compatible with and operated by personnel wearing PHE gloves.
10. Hazardous fluid vent system requirements are as follows:

1. Pressure relief vents for hazardous fluids shall be designed and located so vapors will not enter any inhabited areas.
2. Venting of toxic fluids shall be through a scrubber or neutralizing agent or by similar methods which would prevent unauthorized release.
3. Each line venting into a multiple use vent system shall be protected against back pressurization by means of a check valve if the upstream system cannot withstand the back pressure or where contamination of the upstream system cannot be tolerated.
4. Incompatible fluids shall not be discharged into the same vent or drain system.
5. Fuel or toxic fluid vent systems shall be equipped with a means of purging the system with an inert gas to prevent explosive mixtures and/or to maintain system cleanliness.
6. Vents shall be placed in a location normally inaccessible to personnel and at a height or location where venting will not normally be deposited into habitable spaces. Each vent shall be conspicuously identified using appropriate warning signs, labels, and markings approved by the LSSO.
7. Vent systems shall be sized to provide minimum back pressures consistent with required venting flow rates. In no case shall back pressures interfere with proper operation of relief devices.

1. Serviceable hypergolic components, such as quick disconnects, filters, hoses, valves, etc., shall be permanently marked by electroetch, metal impression stamp, or other permanent method to indicate the specific hypergolic fluid to which the component will be exposed.
2. Items used in any fuel or oxidizer system shall not be interchanged after exposure to the respective media.
3. Lubricants for hypergolic systems shall be restricted to Krytox 240AC or equivalent. Use of a lubricant other than Krytox 240AC shall be approved by the LSSO.
4. Hypergolic propellant pumps shall be specifically designed for the particular hypergolic fluid.
5. All components, including flow meters, used in hypergolic propellant systems shall be designed and qualified for hypergolic applications.
6. Flanged connections shall utilize the following types of flanges: slip-on, weldneck, lapped joint, or blind. Bonding straps shall be used across flanged connections.
7. Materials used in contact with fuels, oxidizers, or combustible gases shall be selected, tested, and certified in accordance with the requirements of NASA-STD-6001, "Flammability, Odor, Offgassing, and Compatibility Requirements and Test Procedures for Materials in Environments that Support Combustion."
8. All controls and adjustments shall be identified by component number, system function, and direction of operation. The direction of fluid flow shall be clearly indicated with permanent markings on the exterior of each component.

1. All calibration adjustments, locked or unlocked, shall be designed so the setting, position, or adjustment cannot be altered when the equipment is subjected to the service condition.
2. Sight glasses used for liquid level indicators shall be protected from physical damage.
3. The payload organization shall maintain records of the design, maintenance, checkout, and usage of GSE systems used at the launch sites. These records shall be available to the LSSO.
4. Check valves (one-way flow) shall be provided whenever a hazardous/contaminated substance can backflow into another system.

1. Liquid shall not be able to be trapped between valves if changes in ambient temperature can result in pressure rises above 110% of MOP. If the potential for this condition exists, automatic relieving is required.

1. New, modified, and/or repaired propellant storage or transfer systems must be validated by functional test prior to being certified for operational use. The following shall also be required as part of the certification procedure:

1. A leak test at MOP with an inert gas shall be performed.
2. Pressure control units shall be verified by use of certified, calibrated gauges.
3. Emergency shutdown systems and procedures shall be demonstrated using a referee fluid.
4. Proper operation of quick disconnects shall be demonstrated.

1. Simultaneous operations with hypergolic propellants are prohibited.
2. The payload and the propellant loading system must be commonly grounded and bonded during propellant transfer operations.
3. Prior to opening a toxic propellant system, it must be drained and flushed or purged to concentration levels approved by the LSSO.
4. Prior to replacement or storage of components or system repair, hypergolic or toxic system components shall be flushed and purged of all residual elements and appropriately capped or bagged and labeled prior to movement.
5. Disposal of propellants shall be coordinated with the LSSO.
6. Venting of toxic vapors to atmosphere shall only be done with LSSO approval.
7. Procedures shall contain emergency instructions developed by the payload organization to handle leaks and spills. These procedures shall be consistent with either AFM 161-30, Volume II, or CPIA #394, Volume III.
8. Propellant transfers shall be performed only in areas and at times approved by the LSSO. Personnel shall be limited to those needed in direct support of these operations.
9. PPE which provides full respiratory protection and body coverage shall be worn during any dynamic payload and/or GSE toxic propellant transfer operations, or whenever the toxic propellants are not in a sealed system. At all other times that toxic propellants are present, emergency escape breathing devices shall be available for all personnel. Full respiratory protection and body coverage is mandatory for the following:

1. Any connection/disconnection of a propellant transfer system if it contains toxic propellants.
2. Any connection/disconnection of a propellant transfer system that had contained toxic propellants and concentration levels have not been verified to be below safe concentration levels.
3. All toxic propellant sampling operations.
4. Any servicing/deservicing/internal circulation (dynamic flow) of toxic propellants until system integrity has been verified; i.e., no leakage is present.
5. Any application of pressure to the toxic propellant transfer system until a stabilization period of 15 minutes minimum has been achieved and system integrity has been verified.

1. Downgrading from air supplied respiratory and full body coverage in item j above requires the LSSR's concurrence.
2. All PPE shall be compatible with the toxic propellants involved, and their use shall be approved by the LSSO and the appropriate Bioenvironmental Engineering/Biomedical Office.
3. Toxic vapor monitoring is required during break-in to any propellant system which has been contaminated by propellants and during the handling of contaminated parts. Toxic vapor monitoring is also required at the conclusion of any hazardous operation listed in Item j of this Section prior to opening of the control area to unprotected personnel.

4.3.8 Cryogenics

* 4.3.8.1 Cryogenic Systems Requirements -

1. Source flow shall have throttling capability.
2. Pressure containing components within hydrogen systems shall be selected for minimum hydrogen blistering or hydrogen embrittlement susceptibility.
3. GSE cryogenic valves with extended stems shall be installed with the actuator approximately vertical above the valve.

1. Joints in piping systems shall be of either butt-welded, flanged, bayonet, or hub type.
2. Cryogenic systems shall provide for thermal expansion and contraction without imposing excessive loads on the system. Bellows, reactive thrust bellows, or other suitable load relieving flexible joints may be used.

1. GSE vacuum-jacketed systems shall be capable of having the vacuum verified.
2. Cryogenic systems shall be designed so anywhere a cryogen can be trapped between any valves in the system, automatic relief is incorporated to preclude excess pressure caused by conversion from liquid to gaseous state causing a rupture.
3. Cryogenic systems shall be insulated with an oxygen compatible material or be vacuum-jacketed to preclude liquefaction of air.

4.3.8.2 Cryogenic Systems Operations -

1. A list of materials shall be maintained for each piece of GSE which interfaces with hazardous fluids. Hazardous fluids include, but are not limited to, gaseous oxygen, liquid oxygen, gaseous hydrogen, liquid hydrogen, hydrazine, nitrogen tetroxide, monomethyl-hydrazine, Freon-21, ammonia, and potassium hydroxide. This list will be of sufficient detail to permit an evaluation of the compatibility of the GSE design with the environment in which it is to be used.
2. Mercury in liquid or vapor form shall not be used in GSE if a substitute of equivalent performance exists or an appropriate alternate design or method can be used. Mercury shall not be used in any applications where contamination of flight hardware or exposure to personnel could result.
3. Cleaning solvents and adhesive materials shall be contained in NFPA-approved safety containers. The use of and quantity allowed in the payload processing work area shall be approved by the LSSO. All users of these materials must comply with local fire, safety, and health regulations. Except where approved by the LSSO, the use of glass containers is prohibited in all payload processing work areas.
4. Use of flammable materials and static-producing materials shall be kept to a minimum in all payload processing areas. If any plastic film is to be used, the material shall be selected from the LSSO approved plastics list. The material, quantity, and location of use shall be included in the payload organization safety data package and approved by the LSSO. If a plastic film is not on the approved list, a sample (minimum 1 square yard) shall be submitted to the LSSO for test/evaluation and approval.
5. GSE containing components made of shatterable materials which is to be used inside the Orbiter, or in areas where it could fall into the Orbiter, shall be designed to provide positive containment to prevent fragments from entering the Orbiter.
6. GSE designed for use directly in the Orbiter crew cabin or payload bay must meet the same materials flammability requirements as the payload/experiment itself. For these requirements, see NSTS 1700.7, Paragraph 209, Subparagraphs 2 and 3.
7. GSE used in flight vehicle habitable areas or in the payload bay shall not be painted or coated with materials subject to chipping, flaking, or scaling.
8. Materials should be selected which are not nutrients for biological agents such as mold, mildew, fungus, etc. Experiments in habitable areas should not provide a source of contamination. Materials which are nutrients should be hermetically sealed or treated to render the exposed surfaces resistant to biological attack.

1. Descriptive information concerning proposed uses of hazardous materials and physical agents will be provided by the payload organization to the LSSO for review and evaluation by the Biomedical Office.
2. General Industrial Hygiene requirements include, but are not limited to, the following:

1. Equipment which contains, possesses, or emits hazardous materials and/or physical agents will be designed, constructed, installed, and operated in a manner to ensure the potential for exposure is kept as low as feasible.

1. The payload organization shall provide a list of all hazardous materials and physical agents containing names, quantities, locations, and proposed uses (reference Paragraph 3.2.i). The payload organization shall also submit to the LSSO one copy of the MSDS for each of these materials upon or before arrival at the ER. MSDS's must also be submitted if, at any time, additional materials (not previously identified) are introduced onto the ER.
2. Hazardous materials and physical agents shall be used only by properly trained personnel and in accordance with procedures reviewed by the Biomedical Office and approved by the LSSO.
3. Engineering or administrative controls shall be the primary means for preventing personnel exposures. When such controls are not feasible or adequate to control exposure, PPE will be required. PPE shall be approved by the Biomedical Office.
4. Planned releases of hazardous materials shall not be permitted without review and approval by the LSSO and the Biomedical Office. Supportive data shall be provided by the payload organization to identify maximum expected quantities and concentrations of planned releases.
5. All activities involving hazardous materials or physical agents are subject to monitoring by the Biomedical Office.

1. Specific Industrial Hygiene requirements are contained in the following documents:

1. KHB 1840.1, "Industrial Hygiene Handbook"
2. KMI 1800.1, "Environmental Health Program"
3. KMI 1800.2, "KSC Hazard Communication Program"
4. 29 CFR 1910, "Occupational Safety and Health Administration; General Industrial Standards"
5. AFOSH STD 48-8, "Controlling Exposures to Hazardous Materials"
6. "American Conference of Governmental Industrial Hygienists (ACGIH) Threshold Limit Values for Chemical Substances and Physical Agents in the Work Environment with Intended Changes"

4.4 ENVIRONMENTAL

4.4.1 Meteorological Requirements

1. Propellant operations shall not commence when the potential for passage of an electrical storm is within 5 miles. Propellant operations during storm passage shall be interrupted or expeditiously concluded at the discretion of the LSSR or supervisor in charge of the operation.
2. The supervisor responsible for the transfer/handling operations is responsible for obtaining the prevailing meteorological conditions, determining that the conditions meet those specified herein, and obtaining LSSR approval to proceed.
3. In order to protect personnel not involved in toxic propellant operations and the public domain, downwind concentrations of toxic propellant materials shall be controlled by limiting operations to certain meteorological conditions. Concentrations of toxic propellants shall be kept at or below Biomedical Office approved safe levels at the launch site boundaries in the public domain and in the launch site industrial areas.
4. Personnel shall be evacuated or provided with emergency escape breathing devices and communications equipment in areas potentially at risk from toxic propellant operations as determined by the LSSO.
5. Evacuation of personnel shall be used in those situations where the potential for injury/illness is present.
6. Local propellant operations shall require protection in the immediate downwind sector.

4.4.2 Hazardous Atmosphere

1. Flammable/Explosive Atmospheres - Hazardous atmospheres are defined as follows: A percentage of the lower explosive limit (LEL) shall be established to define a hazardous atmosphere for flammable/explosive gases or vapors by the LSSO on a case-by-case basis. Factors such as commodity involved, quantity, confinement area, the presence of oxygen-enriched atmospheres (greater than 25%), credible time for a hazardous condition to develop, and response time to complete emergency actions must be considered in establishing the percentage of the LEL. This percentage is usually 25% of the commodity LEL.
2. Oxygen Deficient Atmospheres - A hazardous oxygen-deficient atmosphere may develop in enclosed spaces where operations or processes consume oxygen or release asphyxiating gases or vapors into the atmosphere. Entry into any atmosphere containing less than 19.5% oxygen is considered hazardous.
3. Toxic/Corrosive Atmospheres - Hazardous toxic/corrosive atmospheres may be present where processes or operations generate airborne materials. Hazardous airborne materials include dusts, fibers, mists, fogs, smokes, fumes, gases, and vapors.

1. Service carts, drums, storage vessels, or payload tanks - 50 feet radially from the container or as specified by the LSSO.
2. Vents - 50 feet radially from the vent opening.
3. Transfer lines - 25 feet radially from the line.
4. All installation configurations shall be evaluated for approval by the LSSO.

1. The motor nozzle is not attached and the nozzle end does not have a cover that precludes propellant offgassing or,
2. The nozzle is attached but does not have a nozzle plug installed sufficient to preclude propellant offgassing or,
3. Unassembled motor segments that do not have front and rear covers that prevent offgassing.

4.4.3 Humidity

4.4.4 Toxic Materials

4.5 HANDLING AND TRANSPORTS

1. Lifting devices - slings, linkage, mechanisms, etc., that extend between a lifting hook on a hoist and the object being lifted. Only those items below the lifting hook are intended to be designed to the criteria contained in this Handbook. The requirements for the design of hoists, winches, and cranes are not included. Other systems, if required, shall comply with the NSS/GO-1740.9.
2. Ground handling/transportation devices - trucks, dollies, transporters on which an object is placed for subsequent transportation or rotation.
3. Work stand - work platforms, ladders, etc., that are fixed structures, are designed specifically to support personnel, and do not experience the dynamic loading associated with lifting and transportation.
4. Support stand - GSE structure designed to support flight or ground equipment.
5. Rated load - the maximum static weight that the basic equipment can safely support or lift.
6. Working (actual) load - the expected or measured weight of a piece of equipment that is to be supported, lifted, or transported.

4.5.1 Hoisting and Handling

1. All lifting and hoisting equipment must show evidence of the equipment having been tested in compliance with the above reference documents and the requirements of the paragraphs in this section. This must be accomplished within 1 year prior to use.
2. Records of all testing and inspections shall be maintained and shall be made available to the LSSO upon request.
3. Rated loads will be posted on all lifting and hoisting equipment and fixtures.
4. Magnetic particle, dye penetrant, radiography, or other suitable crack-detecting tests shall be performed on all load-bearing hooks, shackles, and eyebolts after the initial prooftest of the assembled sling but prior to use and annually thereafter. The nondestructive inspection (NDI) method selected will require approval by the LSSO during the phase safety review process. A defect-detecting method such as radiography or ultrasonics which evaluates the material through 100% of its depth shall be performed on all welds constituting a single point of failure (i.e., critical weld) after the initial prooftest of the assembled sling. Critical welds shall be eliminated where feasible. If the payload organization certifies that their lifting hardware is for a specific function, is properly controlled in terms of usage/misusage and the environment, and has undergone a thorough NDI prior to application of a protective coating, the LSSO may not require an annual NDI.
5. Thimbles, shackles, links, eyebolts, swaged fittings, wire ropes, and similar devices must be subjected to and comply with the testing, preoperational and periodic inspection, and maintenance requirements set forth in the applicable ANSI B30 Series or the NSS/GO-1740.9. Eyebolts which are permanently fixed to the load are to be considered exempt from proofloading and NDI requirements. However, the eyebolts must comply with the design requirements of Table 4-1.
6. Eyebolts that can be removed and replaced must have a positive means of determination of full thread engagement (e.g., shoulder, color marking, etc.).
7. Attach points to payloads for the purpose of ground handling shall be classified as either utilizing the flight structural interfaces to the Orbiter or having special attach fittings for the purpose of ground handling. When utilizing the flight attach fittings for ground handling, structural analysis shall not be required if this determination has been made for flight dynamics. When special fittings for ground handling are used, an analysis shall be conducted to ensure the load paths have adequate safety factors for ground handling. The attach points (S/C) and fittings (GSE) shall be adequately described in the safety data package, including single failure points, verification methods (e.g., prooftesting, NDI), and the methods used to assure proper connection during ground handling.
8. Proofloading and associated NDI will be reaccomplished for modified or repaired lifting equipment.
9. In accordance with 29 CFR, Part 1910, a load will not be lifted, suspended, or transported over personnel. This requirement should be considered during design of GSE for hardware integration and assembly.

1. Slings shall be designed and tested as an assembled unit (unless otherwise approved by the LSSO) which includes spreader beams and drop legs (ropes, chains, shackles, eyebolts, pins, turnbuckles, etc.) in accordance with Table 4-l. Proof or periodic load test shall be accomplished within 1 year prior to use.

1. All sling assemblies shall be visually inspected each day prior to use. A periodic inspection shall be performed by the using organization on a regular basis with frequency of inspection based on frequency of sling use, severity of service conditions, nature of lifts being performed, and experience gained on the service life of slings used in similar circumstances. Periodic inspections shall be performed by an authorized person. Any deterioration which could result in appreciable loss of original strength shall be carefully noted, and determination made whether further use of the sling would constitute a safety hazard. Periodic inspections shall be conducted annually, as a minimum.
2. Wire rope slings shall be immediately removed from service if any of the following conditions are present:

1. Ten randomly distributed broken wires in one rope lay or five broken wires in one strand in one rope lay.
2. Wear or scraping of one-third the original diameter of outside individual wires.
3. Kinking, crushing, bird caging, or any other damage resulting in distortion of the wire rope structure.
4. Evidence of significant heat damage.
5. End attachments that are cracked, deformed, or worn.
6. Hooks that have been opened more than 15% of the normal throat opening measured at the narrowest point or twisted more than 10 degrees from the plane of the unbent hook.
7. Significant corrosion of the rope or end attachment.

1. Structural sling inspection shall be performed at least annually. Discrepancies found during the following inspections shall be cause for replacement or repair:

1. Verify, overall, that there is no evidence of visual damage, gouges in metal, flaking paint, loose bolts, rivets, or connections, or deformation such as galling or gouges in pins, eyes, and end connections.
2. Ensure there are no bent, deformed, cracked, or excessively corroded support or main members.
3. Inspect load-bearing bolts and verify that there is no visual evidence of bending, cracking, gross wear, or improper configuration.
4. Inspect attached and lifting lugs for visual deformation and evidence of local yielding.
5. Ensure there are no elongated attach or lifting holes.
6. Inspect around fasteners for local yielding and deformation.
7. Remove and inspect load-bearing slip pins for visual deformation, evidence of bending, abnormal defects such as galling, scoring, brinelling, and diameters not within drawing tolerances. NDI shall be used when required by design requirements or when cracks are suspected.
8. Inspect pin bores visually for cracks, deformation, local yielding, scoring, galling, and brinelling. NDI shall be performed as required.
9. Inspect welds for cracks and evidence of deformation, deterioration, damage, or other defects by -

1. Visual inspection of all welds.
2. Magnetic particle, x-ray, or other suitable crack-detecting methods as appropriate for critical welds as identified on the drawings.

1. Inspect all parts, particularly bare metal, for corrosion. Corrosion-protect all surfaces that are to be painted, lubricated, or coated with strippable vinyl, as necessary. Do not paint over uninspected areas; do not paint over cracks, deformations, deterioration, or other damage until engineering assessment has been made.

1. For identification and onsite assurance purposes, equipment shall have a periodic recertification tag containing equipment identification, next required test date, and quality control stamp. Hoists/winches and slings shall have proofload tags containing rated load, proofload, and proofload date.
2. Slings which have components that are normally disassembled shall be either marked, coded, or tethered to assure proper assembly of verified hardware. Components not marked, coded, or tethered will invalidate the proofload/certification of the whole assembly. Removable lifting lugs used on flight hardware or GSE must be identified to ensure the lugs can be reinstalled in the proper location if necessary.
3. Synthetic or natural rope slings shall be derated by 50% after the proofload; this then becomes the rated load; i.e., manufacturer's rating x 1.0 (prooftest factor) x 0.50 (derating factor) = posted rated load.

4.5.1.6 Stands -

1. Ground handling devices and support stands shall have a safety factor of 3:1 against yield.
2. Personnel work stands shall have a safety factor of 4:1 against ultimate.
3. A one-time prooftest and NDI of support stands shall be required based upon hazard potential. The prooftest level shall be at least 1.25 times the rated load. An LSSO-approved NDI shall be performed after the prooftest. A prooftest and NDI shall be required after misuse or modification.

1. Prior to use, checks will be made to ensure -

1. Proper tire inflation.
2. An operable braking system.
3. Tow bar and safety chains are properly fastened.
4. Payload securing devices are properly tightened.
5. Availability of wheel chocks.
6. Availability of fire extinguisher(s).

* 5.0 MISHAP INVESTIGATION AND REPORTING

5.1 NASA MISHAP INVESTIGATION CONTROL

5.2 USAF MISHAP INVESTIGATION CONTROL

5.3 MISHAP REPORTING

5.3.1 Mishap Contacts

1. For NASA-sponsored payloads at the ELS: KSC Payloads, Space Station, and Industrial Safety Division (EI-F).
2. For DoD-sponsored payloads at the ER: 45 SW Systems Safety Office, Large Launch Systems Element (45 SW/SESL).
3. At contingency landing sites: The designated onsite LSSR.

* Denotes Change

1. Facility operators involved with or observing a mishap shall notify their safety point of contact.

5.3.3 Payload Organization Responsibilities

1. If government personnel/property, including contractors, are injured/damaged from or contribute to the mishap, then the payload organization shall report as follows:

1. A preliminary written report of the mishap to the LSSO mishap point of contact within one working day after the mishap occurs.
2. Further reporting and investigation will be conducted in accordance with KHB 1710.2, "Kennedy Space Center Safety Practices Handbook," Annex B or AFI 91-204, as appropriate. The payload organization may be requested to conduct its own investigation concurrently with the government investigation.
3. The payload organization will provide a copy of the final report to the LSSO mishap point of contact.

1. If only payload organization personnel/property, including payload organization contractors, are injured/damaged from or contribute to the mishap, and the mishap is not considered a near miss to government property/personnel, then the payload organization shall report as follows:

1. When the LSSO mishap point of contact is notified, the need for a preliminary written report will be determined.
2. Investigation shall be done by the payload organization using its own internal procedures.
3. A copy of the final report of the mishap investigation shall be sent to the LSSO mishap point of contact for Lessons Learned purposes.

5.3.4 Investigation Boards

5.3.5 Mishap Scene

ACRONYMS, ABBREVIATIONS, AND GLOSSARY OF TERMS

AC - Alternating Current.

ACGIH - American Conference of Governmental Industrial Hygienists.

AFI - Air Force Instruction.

AFMAN - Air Force Manual.

AFOSH - Air Force Occupational Safety and Health.

AFR - Air Force Regulation.

AFSC - Air Force Systems Command.

AFSCF - Air Force Satellite Control Facility.

ANSI - American National Standards Institute.

ASME - American Society of Mechanical Engineers.

AWG - American Wire Gauge.

BUDDY SYSTEM - The buddy system requires that two people be designated to be concerned with each other's safety in a hazardous situation. The system does not demand shoulder-to-shoulder contact, but rather visual contact and a proximity that allows each buddy to help the other in an emergency.

C - Centigrade.

CCAS - Cape Canaveral Air Station.

CFR - Code of Federal Regulations.

CLOSE CALL - An unplanned occurrence in which there is no injury/damage but under similar circumstances could have resulted in a reportable mishap.

cm2 - Centimeter Squared.

CPIA - Chemical Propulsion Information Agency.

* Denotes Change

CREDIBLE - A condition that can occur and is reasonably likely to occur. For the purpose of this document, failures of structure, pressure vessels, and pressurized lines and fittings are not considered credible failure modes if those elements comply with the applicable requirements.

CRITICAL WELD - A weld where a single failure of any portion could result in injury to personnel or damage to property or flight hardware.

DAMAGE - Breakage, mangling, mutilation, ruin of items, transmitted across system or component interfaces inadvertently by internal or external action, including component failure and human error which could cause obstruction of critical functions and requiring repair or replacements.

D.B. (DESIGN BURST PRESSURE) - A specified test pressure that pressurized components must withstand without rupture to demonstrate design adequacy in a qualification test.

dB - Decibel.

dBA - Decibel, A-scale.

DC - Direct Current.

DEVIATION - Granted use or acceptance of an article for more than one mission which does not meet the specified requirements.

DH - Design Handbook.

DoD - Department of Defense.

DOP - Detailed Operations Procedure.

EED - Electroexplosive Device.

ER - Eastern Range, including Kennedy Space Center and/or Cape Canaveral Air Station.

EMI - Electromagnetic Interference.

EPD - Emergency Procedures Document.

ETA - Explosive Transfer Assembly.

EXPLOSIONPROOF APPARATUS - Apparatus enclosed in a case that is capable of withstanding an explosion of a specified gas or vapor which may occur within it and of preventing the ignition of a specified gas or vapor surrounding the enclosure by sparks, flashes, or explosion of the gas or vapor within, and which operates at such an external temperature that a surrounding flammable atmosphere will not be ignited thereby.

EWR - Eastern and Western Range.

F - Fahrenheit.

FAILURE - The inability of a system, subsystem, component, or part to perform its required function within specified limits, under specified conditions for a specified duration.

FLUID - Liquids or gases.

GSE (GROUND SUPPORT EQUIPMENT) - The ground equipment and systems needed to support the payload such as propellant loading units, data recording, instrumentation, etc.

HAZARD - A risk of personnel exposure, injury, or death; or of hardware damage or loss.

HAZARDPROOF - Prevention of an explosive atmosphere penetrating electrical fixtures where sparking or arcing could occur.

HAZARDOUS FLUID - Any fluid that is toxic, cryogenic, flammable, or corrosive.

HAZARDOUS MATERIAL - Any solid, liquid, or gaseous material which meets the hazard reporting requirements of 29 CFR 1910.1200. This includes commodities which, under foreseeable conditions, are toxic, carcinogenic, cryogenic, explosive, flammable, pyrophoric, water-reactive, corrosive, an oxidizer, a compressed gas, a combustible liquid, or are chemically unstable.

HB - Handbook.

I.D. - Identification.

IMC - Interim Message Change.

IUS - Inertial Upper Stage.

JP - Jet Propellant.

JSC - Johnson Space Center, NASA, Houston, Texas 77058.

KHB - Kennedy Handbook.

KMI - Kennedy Management Instruction.

KSC - Kennedy Space Center, NASA, Florida 32899.

KSC-STD - KSC Standard.

LEL - Lower Explosive Level.

LSSO - Launch Site Safety Office.

LSSR - Launch Site Safety Representative.

mA - Milliampere.

MAWP (MAXIMUM ALLOWABLE WORKING PRESSURE) - The maximum pressure at which a component can continuously operate based on allowable stress values and functional capabilities. MAWP is synonymous with MDOP (Maximum Design Operating Pressure) or "Rated Pressure."

MDOP - Maximum Design Operating Pressure.

MIL - Military.

MIL-STD - Military Standard.

MISHAP - An unplanned event which results in personnel fatality, injury, or exposure; damage to or loss of the Space Shuttle, environment, public property, or private property; or could result in an unsafe situation or operational mode.

MOP (MAXIMUM OPERATING PRESSURE) - The maximum pressure at which the system or component actually operates in a particular application. MOP is synonymous with MEOP (Maximum Expected Operating Pressure) or maximum working pressure.

MPE - Maximum Permissible Exposure.

MRS - Major Radiological Sources.

MSDS - Material Safety Data Sheets.

mV - Millivolt.

mW - Milliwatt.

N/A - Not Applicable.

NASA - National Aeronautics and Space Administration.

NDI - Nondestructive Inspection.

NEC - National Electrical Code.

NFPA - National Fire Protection Association.

NHB - NASA Handbook.

NMI - NASA Management Instruction.

NPD - NASA Policy Directive.

NONCOMPLIANCE REPORT - The request form submitted by the payload organization to obtain a waiver or deviation for those technical safety requirements of this document that have not been met.

NSS - NASA Safety Standard.

OMD - Operations and Maintenance Documentation.

OMRSD - Operation and Maintenance Requirements and Specifications Document

OMI - Operations and Maintenance Instructions.

OSHA - Occupational Safety and Health Administration.

PAYLOAD - Any equipment or material carried by the Space Shuttle that is not considered part of the basic Space Shuttle itself. It, therefore, includes items such as free-flying automated spacecraft, individual experiments or instruments, payload support equipment, etc. As used in this document, the term payload also includes payload-provided GSE and systems and flight and ground systems software.

PAYLOAD BAY - The 15-foot diameter by 60-foot long enclosed volume within the Orbiter, designed to carry carriers, payloads, payload-support equipment, and associated mounting hardware.

PAYLOAD ELEMENTS - Experiments, instruments, or other individual payload items which are subsets of an integrated, multipayload cargo complement on missions such as Spacelab, etc.

PO (PAYLOAD ORGANIZATION) - The funding or sponsoring organization for the experiment, payload, or mission. This does not mean the principal investigator, payload contractor, designer, or developer except to the extent delegated by the sponsoring organization. For NASA-sponsored payloads, a NASA Headquarters payload program office is the sponsoring organization and usually delegates to a NASA Field Center the authority for formal interface with the SSP operator in the implementation of this document. Other payload organizations include, but are not limited to, the following: DoD, other U.S. Government agencies, non-U.S. Government public organizations, private persons or private organizations, international organizations, European Space Agency, foreign governments, etc.

PPE - Personal Protective Equipment

PHE - Propellant Handlers Ensemble.

PHYSICAL AGENT - Any environmental factor, such as noise, temperature extremes, vibrations, etc., which may cause harm or injury to personnel.

PRESSURE TEST - A test pressure which demonstrates that no part of a pressure system component shall fail, take any permanent set, or be damaged in any manner, when subjected to the applicable proof pressure.

psi - Pounds Per Square Inch.

psig - Pounds Per Square Inch Gauge.

RATED LOAD - The static weight that the basic equipment can safely support or lift.

REFEREE FLUID - A compatible fluid, other than that used during normal operation of a system, which is substituted for test purposes because it is safer due to characteristics such as being less toxic, less explosive, easier to detect, etc.

REM - Roentgen Equivalent, Man.

REQUIREMENT - A specified mandatory condition which must be complied with unless a noncompliance report is approved by the Center Commander/Director.

RF - Radio Frequency.

RH - Relative Humidity.

RHU - Radioisotope Heater Unit.

rms - Root Mean Square.

RP - Rocket Propellant.

RPO - Radiation Protection Officer.

RTG - Radioisotope Thermoelectric Generator.

S&A - Safe and Arm.

SAE - Society of Automotive Engineers.

SAFETY CRITICAL - Any condition, event, operation, process, equipment, or system with a potential for exposing personnel to a hazardous material, injury or death, or for causing damage to, or loss of, equipment or property.

SAFETY FACTOR - The ratio of a load that predicts a failure to a rated load.

S/C - Spacecraft.

SD - Space Division.

SDR - Space Division Regulation.

SHALL - Mandatory action.

SHOULD - Recommended action.

SW - Space Wing (45th Space Wing, Patrick Air Force Base, Florida 32925).

SWI - Space Wing Instruction.

SWR - Space Wing Regulation

SSP - Space Shuttle Program.

STD - Standard.

STS (SPACE TRANSPORTATION SYSTEM) - The Space Shuttle, Spacelab, Inertial Upper Stage (IUS), and the ground sites needed to support these elements.

SYSTEM CERTIFICATION PRESSURE - The maximum pressure that has been applied to a system; however, no system element can have its MAWP exceeded when the certification pressure has been applied.

TBD - To Be Determined.

T.O. - Technical Order or Technical Manual.

TOP's - Technical Operating Procedures (See Appendix C).

TP - Test Procedure.

UDS - Universal Documentation System.

USAF - United States Air Force.

WAIVER - Granted use or acceptance of an article for a single mission which does not meet the specified requirements.

WILL - Advising of future action.

COMPLIANCE AND REFERENCE DOCUMENTS

The following documents form a part of this document to the extent specified herein. In the event of a conflict between the reference documents and the contents of this document, the contents of this document shall be considered superseding requirements.

*Denotes Change

X = Compliance R = Reference Only

NOTE: For NASA-sponsored payloads at CCAS, the NASA required documents are also applicable. For USAF-sponsored payloads at KSC, the USAF required documents are also applicable.

GUIDELINES FOR THE PREPARATION OF

TECHNICAL OPERATING PROCEDURES (TOP's)

1. 24-hour notification prior to start of procedure.
2. LSSR concurrence prior to start of step/sequences or subtask TOP's containing hazardous operations.
3. Prior to opening the control area for controlled work at the conclusion of hazardous activities.

1. Prior to:

WARNING

1. Following:

NOTE

END OF HAZARDOUS STEPS/SEQUENCES

1. Contain specific actions necessary to cope with emergency/contingency conditions and identify the individual directing the actions.
2. Address hazards unique to the operation and shall provide steps for rendering safe (e.g., propellant flow shutdown, pressure relief, safe ordnance, mission/operation abort, etc.) to protect personnel and equipment.
3. Be located in an appendix and available to the test team at all times.

1. In red block letters at least 3/16 inches high:

THIS DOCUMENT CONTAINS HAZARDOUS OPERATIONS

2. In black block letters at least 3/16 inches high:

THIS DOCUMENT DOES NOT CONTAIN

HAZARDOUS OPERATIONS

1. Whenever there is insufficient time to make a formal change to a previously released TOP.
2. By an approved deviation or other documentation authorizing interim change(s).
3. Change shall be identified (select applicable term) as follows:

THIS CHANGE (DOES/DOES NOT) INCREASE

THE HAZARD LEVEL OF THIS DOCUMENT

DATA REQUIREMENTS

Payload Organization:

Item Identification/Name:

Item Manufacturer:

DoD Hazard Classification (Q.D. Class/Division):

DoD/UN Storage Compatibility Group:

DOT Classification:

DOT Markings:

Explosive Weight (Per Item):

Gross Weight (Including Container):

Gross Weight (Less Container):

Storage Container Dimensions (LxWxH):

Hook Height Required:

Quantity Per Container:

Quantity to be Stored:

Environmental Controls (Temp/RH Requirements):

Point of Contact (POC) - Name/Phone:

*APPENDIX E

PAYLOAD RELATED EMERGENCY PROCEDURES DOCUMENTS

AND FACILITY SAFETY PLANS

1. Orbiter Processing Facility (OPF), Emergency Procedures Document (EPD), OMI No. S9904, Rev. J, 3 Sep 87
2. NAVSTAR Processing Facility (NPF) Safety Plan, 1 Sep 87
3. Propellant Servicing Facility (PSF) Safety Plan, Jan 99
4. PGOC Emergency Preparedness Plan, BPY 1009, Rev. K, May 98
5. USA Ground Safety Operating Procedures, GSOP 5400, Vol. 1 and Vol. 2, Rev. A, 1 Dec 97