sae s 18 aircraft safety assessment committee l.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
SAE S-18 Aircraft Safety Assessment Committee PowerPoint Presentation
Download Presentation
SAE S-18 Aircraft Safety Assessment Committee

Loading in 2 Seconds...

play fullscreen
1 / 22

SAE S-18 Aircraft Safety Assessment Committee - PowerPoint PPT Presentation


  • 948 Views
  • Uploaded on

SAE S-18 Aircraft Safety Assessment Committee. Special Thanks to Linh Le. Safety Assessment Program Manager, ANM-117, for developing this presentation Contact him at linh.le@faa.gov. Acronyms. AC – Advisory Circular ARAC – Aviation Rulemaking Advisory Committee

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'SAE S-18 Aircraft Safety Assessment Committee' - daniel_millan


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
special thanks to linh le
Special Thanks to Linh Le

Safety Assessment Program Manager, ANM-117, for developing this presentation

Contact him at linh.le@faa.gov

acronyms
Acronyms
  • AC – Advisory Circular
  • ARAC – Aviation Rulemaking Advisory Committee
  • ARP – Aerospace Recommended Practice
  • CTA – Centro Tecnico Aerospacial
  • DAL – Development Assurance Level
  • DGAC – Direction Gnrale de l’Aviation Civile
  • FAA – Federal Aviation Administration
  • FAR – Federal Aviation Regulations
  • MCDC – Multiple Condition Decision Coverage
  • HIRF – High Intensity Radiated Field
  • SAE – Society of Automotive Engineers
  • SOW – Statement of Work
s 18 committee charter
S-18 Committee Charter
  • Develop and maintain recommended practices for accomplishing initial design and in-service safety assessment of aircraft, and related systems and equipment to support effective safety management.
s 18 committee members
Airbus

Boeing

Rockwell Collins

Honeywell International

Cessna

Raytheon

B.F. Goodrich

Hamilton Sundstrand

Pratt & Whitney

Rolls-Royce

FAA

DGAC

Brazilian CTA

Embraer

Gulfstream

more

S-18 Committee Members
statement of work sow
Statement of Work (SOW)
  • Proactively provide state-of-the-art guidance material for aircraft & system safety assessment:
    • Review & maintain ARP 4761, “Guidelines and Methods for Conducting the Safety Assessment Process on Civil Airborne Systems andEquipment” (1st publication 1996,) as state-of-the-art guidance document for aircraft safety assessment.
    • Review & maintain ARP 4754, “Certification Considerations for Highly-Integrated or Complex Aircraft Systems” (1st publication 1996,) as state-of-the-art guidance document for aircraft integration, requirements development, verification and validation.
    • Develop new safety guidance material to meet industry needs.
sow cont
SOW (cont)
  • Completion plan: 1st Qtr 2007
  • Committee meets 4 times a year.
    • Next meeting: week of July 25, 2005
  • Contacts:
    • Chair: John Dalton, john.c.dalton@boeing.com
    • Co-chair: Eric Peterson, eric.peterson6@honeywell.com
  • FAA Voting Members:
    • Linh Le, ANM-117
    • Lee Nguyen, AIR-120
why change
Why Change?
  • Industry has evolved and recognized that existing documents do not fully represent current practices and will not meet future needs
  • ARPs have a mandatory 5-year review cycle
why change cont
Why Change? (cont)
  • Trends toward more integrated system designs create needs for system engineering approach.
  • New rulemaking
    • Most notably FAR/CS 25.1309. The ARAC proposed AC material describes applications of ARP4754 and ARP4761.
    • For proposed rule/AC, see http://www.faa.gov/avr/arm/arac/aractasks/aracsysdesrecommendation.cfm?nav=6
why change cont10
Why Change? (cont)
  • Publication of new industry guidance
    • DO-254, “Design Assurance Guidance for Airborne Electronic Hardware”, 4/2000.
    • ARP5150, “Safety Assessment of Transport Airplanes in Commercial Service”, 11/2003. (S18 is also the author of this ARP.)
  • Incorporate lessons learned.
proposed changes to arp4754
Proposed Changes to ARP4754
  • New title “Guidance for Development, Validation, and Verification of Aircraft Systems”
    • Reflects true intent and wider application.
    • Not limited to “highly-integrated” or “complex” systems.
    • Implies relationship to in-service safety.
proposed changes to arp475412
Proposed Changes to ARP4754
  • Content is more system-engineering oriented:
    • Encompasses end-to-end airplane life cycle, including post-certification modification
    • Adds guidance on airplane-level safety plan
    • Adds guidance on airplane-level safety assessment (v.s. system-level)
    • Generically describes safety assessment process and refers to ARP4761 for details
    • Provides additional details on Configuration Management
proposed changes to arp475413
Proposed Changes to ARP4754
  • Content may be reorganized to
    • Clarify and guide thought process
    • More closely reflect the logical process flow
      • e.g. safety assessment comes before development assurance level assignment
proposed changes to arp475414
Proposed Changes to ARP4754
  • An integral approach to assignment of development assurance levels (DAL)
    • DAL is a system safety requirement to be captured at the outset of the system development life cycle, and then iterates as system definition matures.
    • DAL is mapped starting from airplane-level function, through system architecture definition, and finally to software/hardware component definitions.
proposed changes to arp475415
Proposed Changes to ARP4754
  • DAL assignment philosophy:
    • Uphold “architectural considerations” philosophy of existing ARP4754
    • Focus on finding the correct DALs, not on reducing the DAL
    • Integrates experience with DO-178B and DO-254
    • Be mindful of limitations of assurance process
proposed changes to arp475416
Proposed Changes to ARP4754
  • Unlike the current section 5.4, the proposed process does not pre-assign the DAL’s.
    • Avoids “shoehorning” (forcing the design, or the interpretation of the design, to match one of the 5 example architectures in Table 5.2)
    • Relies primarily on the mature and generic safety assessment process. Agreement on the safety assessment results often eliminates DAL assignment controversies.
    • Takes into account the capabilities of the existing software and electronic hardware assurance processes (DO-178B and DO-254, respectively.)
    • Maximizes flexibility for system engineers
proposed changes to arp475417
Proposed Changes to ARP4754
  • In most cases, results are very similar or identical to those given by today’s ARP4754:
    • At least one component under the “AND” gate will usually have its DAL directly correlate to the hazard classification of the top failure condition.
    • In cases where dissimilarity and independence between redundant failure paths are substantiated, and the top failure is caused by loss of function (as opposed to malfunction), the failure paths can be assured at a DAL lower than the top failure effect (e.g. level A system objective is satisfied by level B components)
proposed changes to arp475418
Proposed Changes to ARP4754
  • However, in (rare) situations where the top failure condition can only be caused by malfunctions, one of the redundant paths would be commensurate with the top failure effect, to ensure the necessary error finding assurance activities (i.e., MCDC for catastrophic conditions, verification independence for hazardous conditions, etc.)
in store for arp4754
In Store for ARP4754
  • Recognize that “high severity” design errors (i.e., may cause catastrophic or hazardous consequences) in complex systems (particularly software driven systems) are often traced to requirement errors, rather than implementation (development) errors.
  • Put more emphasis on requirement specification and validation.
arp4761 update
ARP4761 Update
  • So far, no major changes have been proposed
  • Minor corrections and clarifications of existing materials.
in store for arp4761
In Store for ARP4761
  • Committee plans to address:
    • Validation and Verification, traceability of safety requirements
    • Integration with DO-254 (most notably the “decomposition” process for level A and B functions)
    • Considerations for human errors in safety assessment
    • Operational reliability
    • Software safety assessment
    • Shared resources
    • Addition of HIRF to Particular Risk Analysis
    • Wiring failures
conclusion
Conclusion
  • S-18 Aircraft Safety Assessment Committee:
    • Published “Safety Assessment of Transport Airplanes in Commercial Service” (ARP5150) in 2003
    • Plans to complete revision in early 2007:
      • “Guidance for Development, Validation, and Verification of Aircraft Systems”(ARP-4754)
      • “Guidelines and Methods for Conducting the Safety Assessment Process on Civil Airborne Systems andEquipment”(APR-4761)
  • Questions?? Please contact committee chairs (see slide 7)
  • Thanks again to Linh Le for his help. 