The statements contained herein are based on good faith assumptions are to be used for general information purposes only. These statements do not constitute an offer, promise, warranty or guarantee of performance. Steve Beland Associate Technical Fellow – BCA Flight Controls; Authorized Representative (FAA) March 27, 2014
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
1. Click placeholder box to add picture from file, or select placeholder box and paste image directly.
2. After image has been added, right-click it and select “Send to Back” in the menu option. THIS WILL ENSURE THAT THE GRAPHIC ELEMENTS STAY ABOVE THE IMAGE
DIRECTIONS FOR ADDING IMAGES
The statements contained herein are based on good faith assumptions are to be used for general information purposes only. These statements do not constitute an offer, promise, warranty or guarantee of performance.
Steve Beland Associate Technical Fellow – BCA Flight Controls; Authorized Representative (FAA) March 27, 2014
title line
subtitle line
content top margin
center
content bottom margin
title line
subtitle line
content top margin
center
content bottom margin
left margin center
right margin
left margin
center right margin
Intended Aircraft
Function
System Design
Information
Functional System
Function, Failure& SafetyInformation
Aircraft & System Development Processes
(ARP 4754 / ED-79)
Electronic Hardware Development Life-Cycle
(DO-254 / ED-80)
Safety Assessment of Aircraft in Commercial Service (ARP 5150 / 5151)
Operation
Guidelines for Integrated Modular Avionics (DO-297/ED-124)
Development Phase In-Service/Operational Phase
Software Development Life-Cycle
(DO-178B/ED-12B)
Safety Assessment Process
Guidelines & Methods(ARP 4761)
S-18
S-18
Aircraft and Systems Development and Safety Assessment Committee
SAE ARP4754A Figure 1
ADDITIONAL DOCUMENTS:: ARP5150 – Safety Assessment of Transport Airplanes in Commercial Service ARP5151 – Safety Assessment of General Aviation Airplanes and Rotorcraft in Commercial Service AIR6110 – Contiguous Aircraft/System Development Process Example AIR6218 – Constructing Development Assurance Plan for Integrated Systems AIR6219 – Incorporation of Atmospheric Neutron Single Event Effects Analysis into Safety Assessment (balloted) AIR6276 - Use Of Modeling And Tools For Aircraft Systems Development (in work)
March 27, 2018 2
Identification
Unit Verification
System Verification
Aircraft FHA
Aircraft FTA
Aircraft CCA
System CCA
Aircraft
Identification
Aircraft Verification
n
Uit
Allocation
Unit Int
egrat
ion
Systems
Integ
ration
Aircraft Verification
Systems Verification
DvA Process DsA Process
SYSTEM REQUIREMENTS IDENTIFICATION
ITEMREQUIREMENTS IDENTIFICATION
ITEMVERIFICATION
SYSTEMVERIFICATION
Aircraft FHA
PASA
Aircraft CCA
System CCA
AIRCRAFTREQUIREMENTSIDENTIFICATION
AIRCRAFTVERIFICATION
System FTA
System CMA
Software Design
Aircraft Verification
Systems Verification
DO-178B/DO-254 ProcessED-12B/ED-80 ProcessARP4754A Process
PSSA ItemAllocation
SystemAllocation
System FHA
Item
Integrat
ion
System
Integrat
ion
Hardware Design
Item Verification
System FMEA/FMES
System FTA
SystemCMA
System SSA
System CCA
ASA
Aircraft CCA
ITEM DESIGN
Validation ofrequirements atthe next highest
level
Validation ofrequirements atthe next highest
level
Validation ofrequirements atthe next highest
level
Bottom UpSafety
RequirementsVerification
Top DownSafety
RequirementsDevelopment &
Validation
I
4.1.4 4.1.5 & 4.3 4.1.7 & 4.5 4.6.2 & 4.6.3 5.5 5.5 5.5
System FMEA/FMES
SAE ARP4754A Figure 5
March 27, 2018 3
title line
subtitle line
content top margin
center
content bottom margin
title line
subtitle line
content top margin
center
content bottom margin
left margin center
right margin
left margin
center right margin
1. Scope 2. References 3. Safety Assessment Process 4. Safety Analysis Methods
SAFETY ASSESSMENTS: App A Aircraft Functional Hazard Assessment (AFHA) App B Preliminary Aircraft Safety Assessment (PASA) App C System Functional Hazard Assessment (SFHA) App D Preliminary System Safety Assessment (PSSA) App E System Safety Assessment (SSA) App F Aircraft Safety Assessment (ASA)
ANALYSIS METHODS: App G Fault Tree Analysis (FTA) App H Dependence Diagrams (DD) App I Markov Analysis (MA) App J Failure Modes & Effects Analysis (FMEA)
App Q Contiguous Safety Assessment Process Example (Wheel Braking System)
App K Zonal Safety Analysis (ZSA) App L Particular Risks Analysis (PRA) App M Common Mode Analysis (CMA) App N Model Based Safety Analysis (MBSA) App O Cascading Effects Analysis (CEA) App P FDAL/IDAL Assignment
Blue = New for Rev A
5. Safety Related Maintenance Tasks & Intervals 6. Master Minimum Equipment List 7. Time Limited Dispatch 8. In-service Safety Assessment
March 27, 2018 4
May use STPA in PASA & PSSA
title line
subtitle line
content top margin
center
content bottom margin
title line
subtitle line
content top margin
center
content bottom margin
left margin center
right margin
left margin
center right margin
Asks if proposed architecture can meet objectives & captures safety requirements
SAE ARP4761A Draft, Figure D-1
PSSAFailureConditionEvaluation(SecD.4)
FailureConditionFunctionalMapping
(SecD.3)
FDAL/IDALAssignment(SecD.4.1)
PSSAComplete(ArchitecturemeetsSafety
Objectives?)(SecD.5)
PSSAInputData(SecD.2)
· FailureConditionsandClassificationsfromSFHA
· Requirements· ProposedSystemArchitecture
includingSystemInterfaces
PSSAOutputs(SecD.6)
· FTAResults· UpdatedFCList(feedback)· Assumptions(feedback)· DerivedSafetyRequirements
· FDALs&IDALs· ArchitecturalConstraint
Requirements· IndependenceRequirements
NO
PreliminarySystemSafetyAssessment
YES
PSSAINPUTS EvaluateDesignAgainstSafetyRequirementsandSFHAObjectives
(SecD.4.2)
PSSASafetyRequirementsandAssumptions(SecD.4.3)
Feedbacksafetyissuestodevelopmentprocess
DevelopmentProcessRevisions
March 27, 2018 5
title line
subtitle line
content top margin
center
content bottom margin
title line
subtitle line
content top margin
center
content bottom margin
left margin center
right margin
left margin
center right margin
Layers of safety assessments interact with the development process
SAE ARP4761A Draft, Figure 2
March 27, 2018 6
title line
subtitle line
content top margin
center
content bottom margin
title line
subtitle line
content top margin
center
content bottom margin
left margin center
right margin
left margin
center right margin
The ARPs have included benefits similar to those in STAMP
STPA may fill an open area in these ARPs for some aspects such as complex automation and human interactions
Use of STPA is not (yet) deemed mature enough to include in these ARPs
Enable STPA as another tool in the overall safety assessment process: • Create requirements, catch missing/incorrect requirements in development • Anticipate safety issues in early stages of design / concept • Improve effectiveness of safety analysis for preliminary architectures
Authorities and companies are independently evaluating STPA for potential means of compliance with regulations (e.g. 14 CFR 25.1309)
An AIR will help standardize the usage and provide a common understanding of STPA relationship to ARP4761 & 4754.
March 27, 2018 7
title line
subtitle line
content top margin
center
content bottom margin
title line
subtitle line
content top margin
center
content bottom margin
left margin center
right margin
left margin
center right margin
Goal: capture how STPA can be applied to the development and safety assessment of civil aircraft: • Show how STPA relates to the ARP4754 and ARP4761 framework • Provide a basic understanding of STPA and its strengths and limitations for aerospace industry and the potential uses of STPA for certification credit
• Same intended audience as ARP4761 and ARP4754 (system & engineers) • Will assume working knowledge of these ARPs • Provide the STPA basics to achieve AIR goals, referring out to detailed sources
Describe how STPA can be used and include an example; an AIR is generally not used to provide “guidance”
New Aerospace Information Report charted by S-18 for STPA (Jan 2018)
S-18’s main ARPs are about to be updated, so will tie to these updates
Plan is to have the AIR closely follow release of ARP4761A & ARP4754B
Recognizing role for STPA use with ARP4754A and ARP4761
March 27, 2018 8
title line
subtitle line
content top margin
center
content bottom margin
title line
subtitle line
content top margin
center
content bottom margin
left margin center
right margin
left margin
center right margin
1) Introduction a) Purpose b) Definitions
2) STPA Overview (keep short, few pages) a) STPA High-Level Overview
i. STPA Inputs / Outputs b) STPA Strengths / Limitations c) STPA Steps
i. Defining STPA Scope ii. Control Structure iii. Identify Unsafe Control Actions iv. Identify Scenarios v. Creating Objectives & Requirements
3) Relationship between STPA and ARP4761 4) Relationship between STPA and ARP4754 5) STPA Example Application
a) Example of STPA in aircraft development and safety assessment context
Using STPA During Development and Safety Assessment of Civil Aircraft
March 27, 2018 9
S18 Committee Website: http://www.sae.org/servlets/works/committeeHome.do?comtID=TEAS18
EUROCAE: http://www.eurocae.net/
More Questions? [email protected]
March 27, 2018 10
left margin
two-column gutter
right margin three-column
gutter three-column
gutter four-column
gutter four-column
gutter
left margin
two-column gutter
right margin three-column
gutter three-column
gutter four-column
gutter four-column
gutter
title line
subtitle line
title overflow line
content top margin
center
copyright line
content bottom margin
title line
subtitle line
title overflow line
content top margin
center
copyright line
content bottom margin
Title block bottom edge
Callout box top edge (two-row text)
Callout box top edge (three-row text)
Callout box top edge (one-row text)
Related Documents
