Spacecraft Design II: Conceptual Intuition and Analogies

Abstract

Spacecraft design follows a structured decomposition-and-verification framework that mirrors the engineering principle of "measure twice, cut once." This article examines how the System Engineering V Diagram organizes the design process, how design reviews serve as quality gates, and how the concept of a "build-to baseline" enforces configuration discipline. Rather than treating these as bureaucratic overhead, we explore the intuitive reasoning behind each checkpoint and the cost-avoidance logic that justifies formal design control.

Background

Spacecraft design is fundamentally a problem of translating mission needs into hardware and software specifications under constraints of cost, schedule, and technical risk. Unlike many engineering domains, spacecraft cannot be easily recalled or repaired once deployed. This irreversibility creates a strong incentive for front-loaded verification and design maturity assessment.

The design process in aerospace follows a structured sequence of reviews and baselines. Each review represents a gate where the project team must demonstrate that a certain level of maturity has been achieved before proceeding to the next phase. This structure is not arbitrary; it reflects decades of experience with cost overruns and schedule delays caused by late discovery of design flaws.

Key Results

The V-Diagram as a Conceptual Framework

The System Engineering V Diagram ^{[system-engineering-v-diagram]} provides the overarching structure for spacecraft development. The left side of the V represents decomposition: the process of breaking down mission needs into system requirements, then into subsystem specifications, and finally into detailed component designs. The right side represents integration and verification: the process of testing components, assembling them into subsystems, verifying subsystems, and validating the complete system against original mission objectives.

The key insight is that the V-shape enforces a symmetry: every requirement defined on the left must have a corresponding verification activity on the right. This prevents the common pitfall of building something that technically meets specifications but fails to achieve the original mission intent. The diagram is not merely a flowchart; it is a traceability map that ensures no requirement is lost during implementation.

Design Reviews as Quality Gates

The spacecraft design process includes four major review milestones, each serving a distinct purpose:

System Requirement Review (SRR). ^{[system-requirement-review]} This early checkpoint validates that high-level mission needs have been correctly translated into derived system requirements. The intuition is straightforward: catching a misinterpreted requirement at SRR costs far less than discovering it after detailed design is complete. SRR acts as a quality gate before significant design investment.

System Design Review (SDR). ^{[system-design-review]} Following SRR, the SDR examines how system requirements have been allocated across subsystems and configuration items. It assesses manufacturing feasibility and confirms that the proposed architectural decomposition is sound. SDR bridges the gap between abstract requirements and concrete design decisions.

Preliminary Design Review (PDR). ^{[preliminary-design-review]} By PDR, the design team has completed trade studies and selected technologies for all major subsystems. PDR demonstrates that the proposed approach is feasible and mature enough to justify proceeding to final detailed design. It is the last major review before the design is "locked down" for implementation.

Critical Design Review (CDR). ^{[critical-design-review]} CDR is the final design review before manufacturing begins. It certifies that the "build-to" baseline contains complete hardware and software specifications capable of meeting all functional and performance requirements. After CDR approval, the design is frozen and becomes the authoritative reference for manufacturing.

The progression from SRR through CDR reflects an increasing level of design maturity and commitment. Each review reduces risk by catching errors at progressively lower cost. The cost of correcting a requirement misinterpretation at SRR is measured in days of rework; the same error discovered during manufacturing could cost months and millions of dollars.

The Build-to Baseline and Configuration Control

Once CDR is complete and approved, the detailed design specifications become the "build-to baseline." ^{[build-to-baseline]} This baseline is the single source of truth for manufacturing and assembly teams. All drawings, specifications, and interface definitions are locked and controlled through formal change management processes.

The intuition behind the build-to baseline is that manufacturing requires unambiguous specifications. If multiple versions of a drawing exist, or if specifications are vague, manufacturing teams will make different interpretations, leading to incompatible parts and costly rework. The baseline prevents this by establishing a single, approved reference document. Any changes after CDR must go through formal change control to assess impacts and maintain configuration integrity.

Provisional Specifications: TBD and TBC

Not all design details can be determined simultaneously. Two markers are used to flag provisional items:

To Be Decided (TBD). ^{[to-be-decided-tbd]} A TBD indicates that the decision-making process itself is still pending. The outcome is uncertain. TBDs are tracked rigorously because unresolved decisions can cascade into schedule delays and design conflicts.

To Be Confirmed (TBC). ^{[to-be-confirmed-tbc]} A TBC indicates that an item is not yet finalized but is expected to be confirmed during development. Unlike TBD, TBC assumes that a provisional value exists and will be validated later through analysis, testing, or vendor feedback.

The distinction is subtle but important. A TBD on a critical component selection signals that the design team has not yet committed to a direction; a TBC on a component's thermal performance indicates that the team has selected the component but must confirm its performance through testing.

Design reviews, particularly CDR, require that TBDs be minimized and justified. Unresolved decisions at CDR indicate that the design is not mature enough for manufacturing, and the project cannot proceed to the build phase.

Worked Example: Requirement Traceability Through the V-Diagram

Consider a hypothetical mission requirement: "The spacecraft shall maintain attitude knowledge to within 0.1 degrees during science operations."

At SRR, this requirement is decomposed into derived requirements for the attitude determination subsystem:

• The star tracker shall achieve 0.05-degree accuracy
• The gyroscope drift shall not exceed 0.02 degrees per hour
• The Kalman filter algorithm shall fuse star tracker and gyroscope data with a 1-second update rate

At SDR, these derived requirements are allocated to specific components and subsystems, and manufacturing constraints are assessed. For example, the star tracker requirement is allocated to a commercial off-the-shelf (COTS) component, and the team confirms that the component's performance specification meets the derived requirement.

At PDR, the design team has selected the specific star tracker model, confirmed its availability, and performed preliminary analysis showing that the integrated attitude determination system will meet the 0.1-degree requirement.

At CDR, the detailed design is complete. The build-to baseline includes:

• The exact star tracker model and its performance specification
• The gyroscope model and calibration procedure
• The Kalman filter algorithm, including tuning parameters
• Interface specifications between components
• Test procedures to verify that the integrated system meets the 0.1-degree requirement

On the right side of the V, the verification plan includes:

• Unit testing of the star tracker and gyroscope
• Subsystem testing of the attitude determination system
• System-level testing of the spacecraft's attitude knowledge during integration
• Validation testing during pre-flight operations

This traceability ensures that the original mission requirement is not lost during implementation and that every design decision can be traced back to a specific requirement.

References

• ^{[system-engineering-v-diagram]}
• ^{[system-requirement-review]}
• ^{[system-design-review]}
• ^{[preliminary-design-review]}
• ^{[critical-design-review]}
• ^{[build-to-baseline]}
• ^{[to-be-decided-tbd]}
• ^{[to-be-confirmed-tbc]}

AI Disclosure

This article was drafted with the assistance of an AI language model based on class notes from Spacecraft Design II. The AI was used to organize notes, structure the narrative, and generate explanatory text. All factual claims are cited to the original notes. The author reviewed the output for technical accuracy and made revisions to ensure clarity and correctness. No claims are made that are not supported by the source material.