NASA Engineering Rules & Standards — Deep Report

Version: 1.0 | Date: 2026-04-25 | Scope: Full Engineering Standards Overview

Executive Summary

NASA's engineering standards are among the most rigorous in the world, forged through decades of space missions, successes, and failures. This report catalogs the critical rules, standards, and lessons that form the foundation of NASA's engineering excellence.

1. Foundational Principles

1.1 The NASA Way: "Failure Is Not an Option"

Principle	Description	Origin
Redundancy	Every critical system must have backup	Apollo 1 fire
Test as You Fly	Ground testing must replicate flight conditions	Mercury program
Simultaneous Independence	Critical systems designed by separate teams	Shuttle program
Margin Management	Design with safety margins, not to limits	Viking lander
Phased Approach	Stepwise verification at each phase	All programs

1.2 The Four Levels of Criticality

Level 1: Loss of Life / Loss of Mission          → Most rigorous (10⁻⁹ failure probability)
Level 2: Loss of Mission (no crew)              → Very rigorous (10⁻⁶)
Level 3: Degraded Mission Performance           → Rigorous (10⁻⁴)
Level 4: Minor Impact                           → Standard (10⁻²)

2. Technical Standards (NPDs & NPGs)

2.1 NASA Procedural Requirements (NPRs)

NPR	Title	Application
NPR 7120.5	NASA Program and Project Management	All programs/projects
NPR 7123.1	NASA Systems Engineering Processes	System lifecycle
NPR 8705.2	Human-Rating Requirements	Crewed missions
NPR 8610.1	Standardization and Parts Control	Hardware assurance
NPR 8715.3	NASA Reliability and Maintainability	R&M programs
NPR 8739.1	NASA Quality Assurance	Quality systems

2.2 Key Technical Standards (NASA-STD)

Standard	Title	Critical Aspects
NASA-STD-5001	Structural Design and Test Factors	1.4 safety factor for primary structure
NASA-STD-5002	Launch Vehicle Structures	Dynamic environments, fatigue
NASA-STD-5017	Design and Development Requirements	Mechanical components
NASA-STD-6016	Standard Materials & Processes	Approved materials list
NASA-STD-8719.13	Software Safety	Critical software classification
NASA-STD-8739.4	Crimping, Interconnecting Cables	Workmanship standards

3. The 10 Commandments of NASA Engineering

1. Thorough Testing

Rule: Every component must be tested beyond its expected operational envelope.
Implementation: Margin testing, acceptance testing, qualification testing.

2. Document Everything

Rule: Every decision, test, and anomaly must be documented.
Implementation: CRs (Change Requests), ARs (Anomaly Reports), Test Reports.

3. Independent Verification

Rule: Critical systems require independent review.
Implementation: IV&V (Independent Verification and Validation) teams.

4. Redundancy with Diversity

Rule: Backup systems must use different design approaches.
Implementation: Dissimilar redundancy (hardware, software, sensors).

5. Configuration Management

Rule: Every part and software version must be tracked.
Implementation: CCR (Configuration Control Board), COTS tracking.

6. Single Point of Failure Elimination

Rule: No single component failure can cause mission loss.
Implementation: FMEA (Failure Modes and Effects Analysis), FTA (Fault Tree Analysis).

7. Margin Requirements

Rule: Design to requirements, build to margins.
Implementation: Thermal, structural, power, and timing margins minimum 20-50%.

8. Human Factors Integration

Rule: Systems must account for human limitations.
Implementation: Human-in-the-loop testing, crew procedures.

9. Traceability Requirements

Rule: Every requirement must be traced to verification.
Implementation: Requirements traceability matrix (RTM).

10. Lessons Learned Integration

Rule: Past failures must inform current designs.
Implementation: LLIS (Lessons Learned Information System) mandatory review.

4. Software Engineering Rules (NPR 7150.2)

4.1 Software Criticality Classes

Class	Description	Failure Probability
A	Could cause loss of life or vehicle	< 10⁻⁹
B	Could cause loss of mission	< 10⁻⁶
C	Could cause mission degradation	< 10⁻⁴
D	Minor impact	< 10⁻²
E	No impact	Standard practice

4.2 Mandatory Software Practices

1. Static Analysis Required (Class A-C)
   - Tools: Coverity, CodeSonar, clang-tidy
   - Zero warnings threshold for Class A

2. Code Coverage Requirements
   - Class A: 100% statement, 100% branch
   - Class B: 100% statement, 90% branch
   - Class C: 90% statement, 80% branch

3. Formal Methods (Class A Critical Paths)
   - Model checking, theorem proving
   - Example: Space Shuttle flight software

4. Coding Standards
   - MISRA C (embedded systems)
   - JPL C Coding Standard (JPL ICD-200901)
   - Google C++ Style Guide (mission software)

5. Version Control
   - GIT with signed commits
   - Branch protection rules
   - PR review: minimum 2 approvers

6. Testing Hierarchy
   Unit Tests → Integration Tests → System Tests → Acceptance Tests

4.3 NASA-JPL "Power of 10" Rules for Safety-Critical Code

Restrict — Limit code to simple control flow
Examine — All code must be carefully reviewed
Limit — Use simple constructs when possible
Emulate — Prototypes must be built and tested
Clarify — Requirements must be unambiguous
Control — Restrict modules to single responsibility
Bind — Variables should have smallest possible scope
Check — All inputs must be validated
Assign — Variables should be initialized at declaration
Track — All code changes must be tracked and reviewed

5. Hardware Assurance Standards

5.1 Parts Control

Control Level	Description	Action
Grade 1	Flight-critical	Full traceability, radiation tested
Grade 2	Mission-critical	Lot traceability, screening
Grade 3	Non-critical	Commercial off-the-shelf (COTS)

5.2 Radiation Hardening Requirements

Total Ionizing Dose (TID):
    - LEO: > 20 krad
    - GEO: > 100 krad
    - Deep Space: > 300 krad

Single Event Effects (SEE):
    - SEL (Latch-up): Required protection
    - SEU (Upset): Error detection/correction
    - SEB (Burnout): Prohibited for power devices

5.3 Outgassing Control (NASA-STD-6016)

ASTM E595 Requirements:
    - Total Mass Loss (TML): < 1.0%
    - Collected Volatile Condensable Materials (CVCM): < 0.1%

6. System Engineering Lifecycle (NPR 7123.1)

┌─────────────────────────────────────────────────────────────┐
│                     PRE-PHASE A                             │
│               Concept & Technology Development              │
├─────────────────────────────────────────────────────────────┤
│  • Formulation Agreement                                     │
│  • Concept Studies                                           │
│  • Technology Readiness Level (TRL) Assessment              │
│  • Initial Mission Concept Review (IMCR)                    │
└─────────────────────────────────────────────────────────────┘
                           ↓
┌─────────────────────────────────────────────────────────────┐
│                       PHASE A                                │
│                  Concept & Technology                       │
├─────────────────────────────────────────────────────────────┤
│  • Preliminary Requirements Review (PRR)                    │
│  • System Definition Review (SDR)                           │
│  • TRL 4-6 required                                         │
└─────────────────────────────────────────────────────────────┘
                           ↓
┌─────────────────────────────────────────────────────────────┐
│                       PHASE B                                │
│                     Preliminary Design                       │
├─────────────────────────────────────────────────────────────┤
│  • Preliminary Design Review (PDR)                          │
│  • Critical Design Review (CDR) preparation                 │
│  • TRL 6 required                                           │
└─────────────────────────────────────────────────────────────┘
                           ↓
┌─────────────────────────────────────────────────────────────┐
│                       PHASE C                                │
│                        Final Design                          │
├─────────────────────────────────────────────────────────────┤
│  • Critical Design Review (CDR)                             │
│  • Flight Readiness Review (FRR) preparation                │
│  • TRL 7 required                                           │
└─────────────────────────────────────────────────────────────┘
                           ↓
┌─────────────────────────────────────────────────────────────┐
│                       PHASE D                                │
│                    Assembly & Test                          │
├─────────────────────────────────────────────────────────────┤
│  • System Integration Review (SIR)                          │
│  • Flight Readiness Review (FRR)                            │
│  • Mission Readiness Review (MRR)                           │
│  • TRL 8 required                                           │
└─────────────────────────────────────────────────────────────┘
                           ↓
┌─────────────────────────────────────────────────────────────┐
│                       PHASE E                                │
│                      Operations                              │
├─────────────────────────────────────────────────────────────┤
│  • Launch                                                    │
│  • Commissioning                                             │
│  • Nominal Operations                                       │
│  • Anomaly Response                                         │
│  • Decommissioning                                           │
└─────────────────────────────────────────────────────────────┘

7. Critical Reviews

Review	Purpose	Pass Criteria
MCR	Mission Concept Review	Concept feasible, requirements understood
PRR	Preliminary Requirements Review	Requirements complete, traceable
SDR	System Definition Review	System architecture defined
PDR	Preliminary Design Review	Design meets requirements, risks identified
CDR	Critical Design Review	Design complete, verification planned
SIR	System Integration Review	Integration complete, tested
FRR	Flight Readiness Review	System flight-ready, procedures validated
MRR	Mission Readiness Review	All systems GO for launch

8. Risk Management (NPR 8000.4)

8.1 Risk Matrix

         ┌─────────────────────────────────────────────────┐
         │                 PROBABILITY                      │
         │   1   │   2   │   3   │   4   │   5   │
         │  <10% │ 10-33%│ 33-66%│ 66-90%│ >90%  │
┌────────┼───────┼───────┼───────┼───────┼───────┤
│   I     │ Green │ Green │Yellow │Yellow │   Red │
│ <$100K  │       │       │       │       │       │
├────────┼───────┼───────┼───────┼───────┼───────┤
│   II    │ Green │Yellow │Yellow │  Red  │   Red │
│ $100K-$1M│      │       │       │       │       │
├────────┼───────┼───────┼───────┼───────┼───────┤
│  IMPACT│       │       │       │       │       │
│   III   │Yellow │Yellow │  Red  │   Red  │   Red │
│ $1M-$10M│       │       │       │       │       │
├────────┼───────┼───────┼───────┼───────┼───────┤
│   IV    │Yellow │  Red  │   Red  │   Red  │   Red │
│$10M-$100M│       │       │       │       │       │
├────────┼───────┼───────┼───────┼───────┼───────┤
│    V    │  Red  │   Red  │   Red  │   Red  │   Red │
│  >$100M │       │       │       │       │       │
└────────┴───────┴───────┴───────┴───────┴───────┘

8.2 Risk Response Strategies

Strategy	When to Use	Example
Avoid	High risk, alternative exists	Use proven technology instead of new
Mitigate	Risk can be reduced	Add redundancy, more testing
Transfer	Risk can be shared	Insurance, contractor responsibility
Accept	Low risk or unavoidable	Known environmental factors

9. Lessons Learned (LLIS) — Critical Failures

9.1 Apollo 1 (1967) — Fire

Factor	Root Cause	Prevention
Pure oxygen atmosphere	Flammability	Nitrogen-oxygen mix for ground
Emergency hatch	Opened inward	Outward-opening hatch
Wiring	Exposed insulation	Wire routing, inspection

9.2 Challenger (1986) — O-ring Failure

Factor	Root Cause	Prevention
O-ring material	Lost elasticity at cold	Temperature limits, material qualification
Launch decision	Management pressure	Technical authority independence
Communication	"Takeoff your engineering hat"	Speak-up culture, dissent channels

9.3 Columbia (2003) — Foam Strike

Factor	Root Cause	Prevention
Foam shedding	Known issue not fixed	Redesign, capture system
On-orbit inspection	Not requested	Request DoD imagery capability
Damage assessment	Incomplete models	Improve debris transport models

9.4 Mars Climate Orbiter (1998) — Unit Error

Factor	Root Cause	Prevention
Metric vs Imperial	Different contractor units	Unified units requirement
Verification	Gap in interface review	Interface Control Document (ICD)
Peer review	Missed unit mismatch	Independent verification team

9.5 Mars Polar Lander (1999) — Premature Shutdown

Factor	Root Cause	Prevention
Sensor bounce	False leg deployment signal	Debounce logic, sensor filtering
Testing	No full-scale drop test	End-to-end testing
Review	Inadequate anomaly review	Include past failures in review

10. Quality Assurance Requirements (NPR 8739.1)

10.1 Quality Levels

Level	Application	Requirements
A	Flight-critical hardware	100% inspection, traceability
B	Mission-critical hardware	Statistical sampling, traceability
C	Ground support equipment	Acceptance testing
D	Development hardware	Visual inspection

10.2 Inspection Methods

Method	Capability	Application
Visual	Surface defects	All parts
Radiographic (X-ray)	Internal defects	Welds, castings
Ultrasonic	Cracks, voids	Composites, bonds
Liquid Penetrant	Surface cracks	Metals
Magnetic Particle	Surface/subsurface cracks	Ferromagnetic materials
Eddy Current	Conductivity changes	Conductive materials

11. Human-Rating Requirements (NPR 8705.2)

11.1 Crew Survival Requirements

1. Abort Capability
   - Abort available from t=0 to orbit insertion
   - 1 abort success required per 100 missions
   - Crew survival probability: > 99.9%

2. Emergency Egress
   - Egress available on pad
   - Egress available on launch complex
   - Crew must egress within 120 seconds of command

3. Life Support
   - Minimum 24 hours survival after major failure
   - Redundant O₂, CO₂ scrubbing, thermal control

4. Radiation Protection
   - SPE (Solar Particle Event) detection and warning
   - Storm shelter capability
   - Cumulative dose tracking

11.2 Crew Interface Requirements

1. Displays and Controls
   - All critical displays in primary field of view
   - Controls fail-safe (return to safe on loss of power)
   - No single control action causes catastrophic event

2. Caution and Warning
   - Multi-level alerting (info, caution, warning)
   - Acknowledgement required for warnings
   - Master alarm with visual and aural indication

3. Workload
   - Peak workload ≤ 75% of capacity
   - Off-nominal procedures must be executable under stress

12. Verification and Validation (V&V)

12.1 Verification Methods (Does it meet requirements?)

Method	Description	When Used
Inspection	Visual examination	All phases
Analysis	Mathematical/physical models	Early design
Demonstration	Show operation under conditions	Components
Test	Quantitative measurement	Subsystems, systems

12.2 Validation Methods (Does it solve the problem?)

Method	Description	When Used
Operational Test	Full-up system test	Integration
Simulation	Physics-based modeling	All phases
Analogy	Comparison to similar systems	Early phases
Expert Review	Subject matter expert assessment	All phases

12.3 Test金字塔

                 ┌─────────────────────┐
                 │   System Tests      │  ← Few, end-to-end
                 │   (Acceptance)      │
                 └──────────┬──────────┘
                            │
                 ┌──────────┴──────────┐
                 │  Integration Tests  │  ← Verify interfaces
                 │   (Subsystems)      │
                 └──────────┬──────────┘
                            │
                 ┌──────────┴──────────┐
                 │    Unit Tests      │  ← Many, fast
                 │   (Functions)       │
                 └─────────────────────┘

13. Configuration Management (CM)

13.1 CM Levels

Level	Scope	Control
CM I	Flight hardware/software	Full change control, baseline
CM II	Ground support equipment	Change control, tracking
CM III	Development hardware	Tracking only

13.2 Change Control Process

1. Change Proposal (CP)
   - Description of change
   - Justification
   - Impact assessment
   - Cost/schedule impact

2. Engineering Review
   - Technical evaluation
   - Risk assessment
   - Recommendation

3. Configuration Control Board (CCB)
   - Approve/disapprove
   - Assign priority
   - Set implementation date

4. Implementation
   - Execute change
   - Verify change
   - Update documentation

5. Closeout
   - Lessons learned
   - Archive records

14. Reliability Engineering (NPR 8715.3)

14.1 Reliability Requirements

Criticality	Reliability (R)	Failure Rate (λ)
Level 1	R ≥ 0.999999999	λ ≤ 10⁻⁹ / hour
Level 2	R ≥ 0.999999	λ ≤ 10⁻⁶ / hour
Level 3	R ≥ 0.9999	λ ≤ 10⁻⁴ / hour
Level 4	R ≥ 0.99	λ ≤ 10⁻² / hour

14.2 Analysis Methods

Method	Input	Output
FMEA	Components, failure modes	Failure effects, criticality
FTA	Top-level failure	Contributing events, cut sets
RBD	System architecture	System reliability
Markov	States, transitions	Reliability, availability

14.3 FMEA Format

Item: [Component Name]
Function: [What it does]
Failure Mode: [How it can fail]
Failure Effect: [What happens]
Severity (S): [1-10, where 10 is worst]
Occurrence (O): [1-10, probability]
Detection (D): [1-10, likelihood of detection]
RPN = S × O × D [Risk Priority Number]
Recommended Action: [What to do]

15. Materials and Processes (NASA-STD-6016)

15.1 Approved Materials Categories

Category	Examples	Notes
Alloys	2219, 7075, Inconel	Heat treat certification
Composites	CFRP, GFRP	Cure cycle control
Adhesives	EA9394, Scotch-Weld	Shelf life tracking
Coatings	AZWITE, White Paint	Thickness verification
Lubricants	Braycote, Krytox	Outgassing verified

15.2 Prohibited Materials

Material	Reason
Cadmium plating	Stress corrosion cracking
Mercury	Toxic, contaminates
Beryllium (uncontrolled)	Toxic dust
Lead-based solder	ROHS exception only

16. Documentation Hierarchy

NASA Policy Directive (NPD)
    └─ NASA Procedural Requirement (NPR)
        └─ NASA Technical Standard (NASA-STD)
            └─ NASA Handbook (NASA-HDBK)
                └─ Center-level Procedures
                    └─ Project-level Procedures
                        └─ Work Instructions

16.1 Required Documentation

Document	Purpose	Owner
Project Plan	Overall approach	Project Manager
Systems Engineering Plan (SEP)	Technical approach	Systems Engineer
Verification Matrix	Requirements to tests	V&V Engineer
Interface Control Document (ICD)	Interfaces between systems	Lead Engineer
Risk Register	All risks with status	Risk Manager
Change Log	All approved changes	Configuration Manager

17. Modern NASA: New Space Integration

17.1 Commercial Crew Program (CCP) Standards

Aspect	Traditional NASA	Commercial Crew
Development	Cost-plus, NASA-led	Fixed-price, contractor-led
Certification	Process-based	Performance-based
Documentation	Extensive	Tailored
Oversight	Daily presence	Milestone reviews

17.2 COTS vs. NASA Hardware

Consideration	COTS	NASA-qualified
Cost	Lower	Higher
Availability	High	Low
Radiation tolerance	Unknown	Characterized
Heritage	Limited	Proven
Documentation	Variable	Complete

18. Summary: The NASA Mindset

┌─────────────────────────────────────────────────────────────┐
│                    NASA ENGINEERING DNA                      │
├─────────────────────────────────────────────────────────────┤
│  1. Test what you fly, fly what you test                     │
│  2. Never assume anything — verify everything                │
│  3. Document every decision, test, and anomaly              │
│  4. Redundancy is mandatory for critical functions           │
│  5. Margins are not optional — design with headroom          │
│  6. Past failures are our best teachers — study them         │
│  7. Requirements must be traceable from concept to test      │
│  8. Independent review catches what teams miss               │
│  9. Communication must be clear, complete, and timely        │
│ 10. The mission comes first — ego never                      │
└─────────────────────────────────────────────────────────────┘

19. References

Document	Number	Link
NASA Procedural Requirements	NPR 7120.5	nasa.gov
Systems Engineering	NPR 7123.1	nasa.gov
Human-Rating	NPR 8705.2	nasa.gov
Quality Assurance	NPR 8739.1	nasa.gov
Software Engineering	NPR 7150.2	nasa.gov
Risk Management	NPR 8000.4	nasa.gov
Structural Design	NASA-STD-5001	standards.nasa.gov
Materials	NASA-STD-6016	standards.nasa.gov
Software Safety	NASA-STD-8719.13	standards.nasa.gov
JPL Coding Standard	D-6712	jpl.nasa.gov

Document Control

Version	Date	Author	Changes
1.0	2026-04-25	Generated	Initial report

This report compiles NASA's engineering rules, standards, and lessons learned into a single reference document. For mission-specific requirements, consult the applicable NPRs and project documentation.

FilesExpand file tree

143.md

Latest commit

History