EUROCONTROL Safety Regulatory Requirements Practical Application - - PowerPoint PPT Presentation

eurocontrol safety regulatory requirements practical
SMART_READER_LITE
LIVE PREVIEW

EUROCONTROL Safety Regulatory Requirements Practical Application - - PowerPoint PPT Presentation

Mar 03, 2023 252 likes •369 views

EUROCONTROL Safety Regulatory Requirements Practical Application European Organisation for the Safety of Air Navigation 1 ESARRs - Overview 1. Requirements for safety regulation by State authorities 2. Safety monitoring and improvement 3.

slide-1
SLIDE 1

1

EUROCONTROL Safety Regulatory Requirements

European Organisation for the Safety of Air Navigation

Practical Application

slide-2
SLIDE 2

2

ESARRs - Overview

1. Requirements for safety regulation by State authorities 2. Safety monitoring and improvement 3. Implementation of SMSs 4. Risk assessment [predictive] 5. Competence of ATM personnel 6. Software assurance in ATM systems [ground elements]

All about process (how!), except ESARR 4, Appendix A which specifies design targets for product (what!) All about process ( All about process (how how! !), except ESARR 4, Appendix A ), except ESARR 4, Appendix A which specifies design targets for product ( which specifies design targets for product (what what! !) )

slide-3
SLIDE 3

3

The “Building Blocks”

Safety Achievement [Service Provision] Safety Regulation Safety Assessment [predictive] Safety Monitoring & Improvement Safety Management [and related] Processes Competent Personnel Software Assurance ESARR 4 ESARR 5 ESARR 2 ESARR 1 ESARR 3 ESARR 6

slide-4
SLIDE 4

4 Safety Considerations Operational Concept Initial Safety Argument FHA PSSA Implementation & Integration Migration Switchover Operational Service Safety Plan Project Safety Case Unit Safety Case Evidence Approval Evidence Evidence Evidence Evidence Update, if required Safety Monitoring Reports Update Update Evidence SSA

Safety Lifecycle

slide-5
SLIDE 5

5

Service Level Service Level Abstract Operational Level Abstract Operational Level System Logical Level System Logical Level

Safety Functions & Tolerable Hazard Occurrence Rates Safety Requirements

Physical System Level Physical System Level

Barrier Model Functional Model Logical Architecture/ User Roles Equipment, People, Procedures & Training Operational Concepts Operational Environment Safety Targets FHA PSSA SSA

ATM Hierarchy

slide-6
SLIDE 6

6

Safety Cases - Principles

Needed for on-going operation (Unit Safety Case) and major

changes to that operation (Project Safety Case)

Based on the idea of a Legal Case – presentation of Argument and

Evidence that a overall claim is true

Need to consider two viewpoints:

“Success Case” – is the service / system safe when it working to

specification?

“Failure Case” – is the service / system safe when it fails

Evidence comes mainly from:

Success Case: simulations, trials, analysis, expert operational judgement etc Failure Case: safety assessment processes – FHA, PSSA, SSA

Purposes:

primarily, for ANSPs to convince themselves that operations are safe

  • nly secondarily to convince the Regulator that operations are safe
slide-7
SLIDE 7

7 Figure 7 Overall Argument Structure Change_SGxy will be acceptably safe in operational service Arg 0

St 001 Specify safety criteria for each of the 4 main life-cycle stages and show that each stage is / will be acceptably safe – ie the safety criteria are sufficient to achieve the required level of safety, and are satisfied Change_SGxy Implementation is acceptably safe Arg 3 Change_SGxy Concept is acceptably safe, in principle Arg 1 A001 Current ATM service is accepted as being safe J001 Change_SGxy is being introduced to meet a legitimate operational need Cr001 The risk of an accident following Change_SGxy shall be: 1.Within the regulatory requirements – eg:

  • a. such that the whole ATM service

meets ESARR 4 Design Safety Targets (SAM-FHA ch3 GM E); OR

  • b. no greater (and preferably lower)

than currently exists. AND

  • 2. reduced as far as reasonably practicable.

Migration to Change_SGxy will be acceptably safe Arg 4 On-going Operation

  • f Change_SGxy will

be shown to be acceptably safe Arg 5 Fig [….] C001 Subject to declared Assumptions, Limitations and outstanding Issues Sufficient Guidance exists to enable complete and correct Implementation of the Safety Requirements Arg 2 Fig [….] Fig [….] Fig [….] Fig [….]

EUROCONTROL Safety Cases –Safety Argument

slide-8
SLIDE 8

8

Safety Cases – the Evidence

Provided only to the degree and extent necessary to support

the related Argument

Source – from safety analysis, design, simulation, test,

previous usage, compliance with standards etc – must be appropriate to the Argument

Two categories:

“Direct”: relates to outputs of processes (products) “Backing”: relates to adequacy of those processes

Must be clear, conclusive and, wherever possible, objective Rigour must be appropriate to the associated risk – Assurance

Levels

slide-9
SLIDE 9

9

Questions?

slide-10
SLIDE 10

10

Conclusions

ESARRs provide minimum regulatory requirements for managing safety Necessary but not sufficient for demonstrating safety Need to supplement ESARRs with processes and procedures that are an

Acceptable Means of Compliance – eg EUROCONTROL SAM

Need to present results of these applying theses processes and

procedures, in a convincing way – eg a Safety Case

Safety Cases should be based on rigorous Argument and conclusive

Evidence

Need to consider safety from:

Success viewpoint Failure viewpoint