I wonder how you get get a number like "1 in 270" for the acceptable chance of death. It's not a number you'd choose as a starting point in a top-down calculation. It must be a bottom-up calculation from a sum of existing risks. I'd be curious if anyone knows more about it.
"The thing that drives the 1 in 270 is really micrometeorites and orbital debris … whatever things that are in space that you can collide with. So that’s what drops that number down, because you’ve got to look at the 210 days, the fact that your heat shield or something might be exposed to whatever that debris is for that period of time. NASA looks at Loss of Vehicle the same as Loss of Crew. If the vehicle is damaged and it may not be detected prior to de-orbit, then you have loss of crew.
Like any number of things, they probably want it to work at least as well as they did before.
I see this in product development all the time. A customer has performance requirements. You sell them a product that you've characterized and documented its performance. Then the next time the customer is doing RFQs, you get your product specification back as a requirements specification. Regressions are not allowed even if you previously exceeded their needs. In this case, I suspect the 270 is something similar based on historic failure rates.
Possibly Fault Tree Analysis. It’s commonly used in the aerospace industry, and SpaceX explicitly mentioned it while searching for the Amos 5 problem. Probably only one of several methods, though.
No, I think it’s the other way around, you make a target safety number as the customer, and the engineers use a fault tree to try to reach it. So this number can’t come from a fault tree ( unless it’s a weird comparison like “we had 1/90 on our fault tree in our internal projects last time, we want private companies to reach 3 times better”)
