Boeing Research and Technology Europe Boeing Research and Technology IN THE NEIGHBOURS GARDEN: Contrasting Safety Assurance Approaches in the Flight Deck & ATM Domains Lars Fucke, New Programs and Safety Richard J. Kennedy, New Programs and Safety EUROCONTROL Safety R&D Seminar, Munich, 21 st & 22nd October 2009
Overview Boeing Research and Technology Europe _ The ATM Safety Case approach How is Human Reliability treated in the ATM Safety Case? _ Airplane Certification and Airworthiness process Human Reliability in Certification _ How do the two approaches compare? _ Challenges of increasing ATM / Airborne integration EUROCONTROL Safety R&D Seminar, Munich, 21 st & 22 nd October 2009 2 / 13
ATM Safety Assurance Approach Boeing Research and Technology Europe _ Operator Responsibility Evidence Evidence Safety Safety Operational Operational Considerations Considerations Concept Concept _ Safety Case-based Evidence Evidence _ Covering complete system FHA FHA Initial Initial Project Project Safety Safety Argument Argument life cycle Evidence Evidence Update, if required Update, if required PSSA PSSA Safety Safety _ ESARR 4 compliant SSA SSA Safety Safety Case Case Plan Plan Evidence Evidence Implementation Implementation _ Process and Methods proposed by Evidence Evidence Integration Integration EUROCONTROL ANS Update Update Unit Unit Transfer into Transfer into Approval Approval Safety Safety SAM Operation Operation Case Case Safety Safety _ Mandatory / Voluntary Evidence Evidence Update Update Operation & Operation & Monitoring Monitoring Maintenance Maintenance Reports Reports Occurrence Reports EUROCONTROL Safety R&D Seminar, Munich, 21 st & 22 nd October 2009 3 / 13
Human Reliability in the ATM Safety Case Boeing Research and Technology Europe Task Analysis Human Involvement in Accident Detailed Task Detailed Operation/ system Sequences Analysis Description Problem Scoping Select GTT EPC PSF Error Probabilities Representation Calculation Calculation � Integral part of failure / event analysis Evaluation � Quantification of Human Reliability Remedial Measures (CARA, etc.) Final docum ent CARA Process EUROCONTROL Safety R&D Seminar, Munich, 21 st & 22 nd October 2009 4 / 13
Airplane Safety Assurance Process Boeing Research and Technology Europe _ Manufacturer responsibility (Type Certification) _ FAR, CS & national regulations and Means of Compliance (FAR/CS 25 for Transport category) _ Operators (FAR 125), part manufacturers, maintenance, training organizations and personnel require certification _ In-service reports to regulator & manufacturer EUROCONTROL Safety R&D Seminar, Munich, 21 st & 22 nd October 2009 5 / 13
Safety in Type Certification Boeing Research and Technology Europe _ AMC 25.1309, System Design and Analysis Fail-Safe Design Concept: Minor? redundancy, isolation, proven reliability, checkability, failure warning, Similar? crew procedures Simple? Major? Qualitative evaluation of failure condition: Redundant? effect on airplane, crew and pax Airplane / system level safety Simple & analysis: conventional? qualitative or quantitative EUROCONTROL Safety R&D Seminar, Munich, 21 st & 22 nd October 2009 6 / 13
How to demonstrate a system is safe? Boeing Research and Technology Europe 25.1309: e.g. stall 10 -3 _ Qualitative 10 -5 FHA, design and installation appraisal, service history of 10 -7 similar equipment, FMEA, fault 10 -9 trees (redundancy) _ Quantitative Fault tree analysis, Markov analysis, system dependency analysis Effects on _ A/C _ Occupants _ Flight crew EUROCONTROL Safety R&D Seminar, Munich, 21 st & 22 nd October 2009 7 / 13
How is flight crew action considered? Boeing Research and Technology Europe “… quantitative assessments of crew errors are not considered feasible. …” (AMC 25.1309) Which tasks? _ Alleviating failure conditions _ Periodic checks _ Discovery of obvious failures Under which conditions? _ Tasks assumable to be executed correctly (full credit only!) _ No exceptional skill or strength required _ Not compromising other safety related tasks _ Workload and time permits EUROCONTROL Safety R&D Seminar, Munich, 21 st & 22 nd October 2009 8 / 13
Design Guidance Provided Boeing Research and Technology Europe _ AMC 25.1309, System Design and Analysis Presence of suitable alerting indications (additional guidance in 25.1322, Warning, Caution, and Advisory Lights) Guidance in AFM if not normal airmanship Placing and protection of switches (high workload!) Monitoring systems preferred over periodic checks for identification of latent failures _ CS 25.1302, Installed Systems and Equipment for Use by the Flight Crew Human factors guidance on design of controls, displays, systems behavior EUROCONTROL Safety R&D Seminar, Munich, 21 st & 22 nd October 2009 9 / 13
How do ATM & airplane approaches compare? Boeing Research and Technology Europe ATM Airplanes _ Approval to operate, safety case _ Certification / continued covering complete life-cycle airworthiness process _ Manufacturer _ Operator _ Quantitative Human Reliability _ Full credit for crew actions only assessment (conditions) _ Guidance on methods and depth of _ Freedom of choice for SSA methods SSA _ Severity based on effect on ATC / a/c _ Based on effects on a/c, pax, crew _ Detailed design guidance _ Greater design freedom EUROCONTROL Safety R&D Seminar, Munich, 21 st & 22 nd October 2009 10 / 13
Challenges of ATM / Airborne integration? Boeing Research and Technology Europe Does increased integration pose new challenges in � certification and require increased communication between ANSPs and aircraft OEMs? � Is a harmonization of ATM and airplane regulations required? ATM AIRCRAFT Operator OEM Approval to Certification Pre- implementation Operate Operational Continued Post- Reporting Airworthiness implementation EUROCONTROL EASA SRC EUROCONTROL Safety R&D Seminar, Munich, 21 st & 22 nd October 2009 11 / 13
We should spend more time in the neighbour’s garden! Boeing Research and Technology Europe EUROCONTROL Safety R&D Seminar, Munich, 21 st & 22 nd October 2009 12 / 13
Boeing Research and Technology Europe EUROCONTROL Safety R&D Seminar, Munich, 21 st & 22 nd October 2009 13 / 13
Recommend
More recommend
