Aircraft System Safety
   Search
Aircraft System Safety
You are here: Information » Tools and Techniques Register | Login
 An Introduction to Tools and Techniques Minimize

This table summarises some of the Safety Assessment Tools and Techniques available to the safety assessor. Each of these tools has its own advantages and disadvantages and the extent to which these can be used during various phases of the product lifecycle, and the degree to which they can be applied to safety assessments, vary. For a list of Advantages and Limitations of each, see Appendix A to Aircraft System Safety: Military and Civil Aeronautical Applications.

It is extremely important to note that as the complexity of the tool increases so does the degree of training required for the user and/or the need for an experienced evaluation team to conduct the evaluation. On the plus side, the data derived from the more complex methodologies may be more supportable. Unfortunately, the primary disadvantage of such tools is that "trained subject matter experts" may have limited experience in the actual operational environment and, therefore, their evaluations may not be entirely applicable to the certification process.

To hide this text and give you more room to view the table of tools and techniques, click the "minus" sign symbol at the top right of the container surrounding this introduction.
 Print   
 Tools and Techniques Minimize
 NameSorted By Name In Ascending OrderDescription
Cognitive Work Analysis (CWA)Traditional approaches to work analysis tend to emphasise centralised work organisations, whereas turbulent, dynamic environments tend to require more distributed work organisations. The focus of the CWA framework is on identifying the constraints that shape behaviour rather than trying to predict behaviour itself. Rasmussen's (1986) framework for Cognitive Work Analysis (CWA) provides separate descriptions of different classes of constraints: Work Domain (The functional structure of the work domain in which behaviour takes place); Control Tasks (The generic tasks that are to be accomplished); Strategies (The set of strategies that can be used to carry out those tasks); Social-Organisational (The organisation structure); Worker Competencies (The competencies required of operators to deal with these demands).
[Cognitive Engineering Laboratory, 5/9/05]
Common Cause Analysis (CCA)Generic term encompassing ZSA, PRA and CMA (see SAE ARP4761).

Although most systems employ redundancy techniques (i.e. fail safe design), it will be found on examination that many of them have a "single cause" (e.g. EMI/EMC), or "common point" (e.g. common bus-bar or common controller), that could cause multiple failures.

A Common Mode Failure is a failure which has the potential to fail more than one safety function and to possibly cause an initiating event or other event simultaneously. For instance:
  • Common Part Failure: For instance, three totally independent flying control systems may merge together in a common part - the pilots control column. A failure of this common part causes total system failure.
  • Common cause failure: For instance, a fire in a compartment might destroy all the channels of a system running through that compartment. Likewise, contaminated hydraulic fluid could cause all the channels of the hydraulic system to fail, or mechanical failures in an electrical loom.
  • Common mode failure: For instance, Identical software in a dual redundant system will fail when exposed to the same inputs; jamming of a mechanical system (either due to failure or due to FOD); overheating of avionic equipment; etc.
  • Cascade failures: For instance, a single failure may overload the remaining channels, thereby increasing the probability of their failure. Or, an initial minor failure (e.g. a deflated tyre) causes a cascade of events (e.g. Concord).
The CCA (consisting of the ZHA, PRA and the CMA) provides the tools to verify required independence, or to identify specific dependencies. It identifies failures which by-pass or invalidate redundancy/independency assertions.
Common Mode Analysis (CMA)Provides evidence that the failures assumed to be independent are truly independent in the actual implementation. Covers the effect of design, manufacturing and maintenance errors and the effects of common component errors (e.g. considers independence of duplicate systems due Design Errors (e.g. S/W), Lightning, HIRF, Cooling, Fire, contamination, etc) A common mode failure has the potential to fail more than one safety function and to possibly cause an initiating event or other abnormal event simultaneously.
Rare in technical systems, but typical in human actions (e.g. maintenance)
Comparison-To-CriteriaThe purpose of Comparison-To-Criteria is to provide a formal and structured format that identifies safety requirements. Comparison-To-Criteria is a listing of safety criteria that could be pertinent to any system. This technique can be considered in a Requirements Cross-Check Analysis. Applicable safety-related requirements such as OSHA, NFPA, ANSI, are reviewed against an existing system or facility. [FAA System Safety Handbook, Chapter 9: Analysis Techniques December 30, 2000]
Confined Space SafetyThe purpose of this analysis technique is to provide a systematic examination of confined space risks. Any confined areas where there may be a hazardous atmosphere, toxic fume, or gas, the lack of oxygen, could present risks. Confined Space Safety should be considered at tank farms, fuel storage areas, manholes, transformer vaults, confined electrical spaces, race-ways. [FAA System Safety Handbook, Chapter 9: Analysis Techniques December 30, 2000]
Consequence AnalysisInductive analysis, which takes a given event (usually a failure) as a starting point, and works forward to determine the possible outcome (see also Cause Consequence Analysis).

The Consequence Analysis will determine the relationship between hazards and the accidents to which they lead.

The forward looking part of HAZOPS, SWIFT and Functional FME(C)A are all Consequence Analyses. Includes ETA, Cause Consequence Diagrams, etc.
Contingency AnalysisContingency Analysis is a method of minimizing risk in the event of an emergency. Potential accidents are identified and the adequacies of emergency measures are evaluated.

Contingency Analysis should be conducted for any system, procedure, task or operation where there is the potential for harm. Contingency Analysis lists the potential accident scenario and the steps taken to minimize the situation. It is an excellent formal training and reference tool. [FAA System Safety Handbook, Chapter 9: Analysis Techniques December 30, 2000]
Continuous Safety Sampling Methodology (CSSM)This is a form of hazard analysis that uses observation (e.g. control charting) and work sampling techniques to
  • determine and maintain a pre-set level of the operator's physical safety within constraints of cost, time, and operational effectiveness.
  • observe the occurrence of conditions that may become hazardous in a given system.
These conditions, known as dendritics, may become hazards and could result in an accident or occupational disease. Continuous Safety Sampling Methodology performs a random sampling for the occurrence of these dendritics. The collected data are then used to generate a control chart. Based on the pattern of the control chart, a system "under control" is not disturbed whereas a system "out of control" is investigated for potential conditions becoming hazardous. Appropriate steps are then taken to eliminate or control these conditions to maintain a desired safe system. This tool is used to determine whether activities are within tolerable limits. If outside tolerable limits, corrective action is then derived. [Quintana and Nair, 1997]
Control Rating CodeControl Rating Code is a generally applicable system safety-based procedure used to produce consistent safety effectiveness ratings of candidate actions intended to control hazards found during analysis or accident analysis. Its purpose is to control recommendation quality, apply accepted safety principles, and priorities hazard controls. Control Rating Code can be applied when here are many hazard control options available. The technique can be applied toward any safe operating procedure, or design hazard control. [FAA System Safety Handbook, Chapter 9: Analysis Techniques December 30, 2000]
Cost Benefit AnalysisA weighing scale approach to decision making. All the plusses (e.g. cash savings, lives saved) are put on one side of the balance and all the minuses (e.g. costs, disadvantages) are put on the other. Whichever weigh the heavier wins.

Frequent made mistake is to use non-discounted amounts for calculating costs and benefits. A method like "Net Present Value (NPV)" and "Economic Value Added" is strongly recommended, because all these account for the time value of money.

Another frequent problem is that typically the costs are tangible, hard and financial, whilst the benefits are hard and tangible , but also soft and intangible. Care should be taken here against claims that "if you cannot measure it, then it does not exist/it has no value".
Page 3 of 18First   Previous   1  2  [3]  4  5  6  7  8  9  10  Next   Last   
 Print   

Copyright 2007 by Duane Kritzinger   Terms Of Use  Privacy Statement