曝光台 注意防骗
网曝天猫店富美金盛家居专营店坑蒙拐骗欺诈消费者
PDR – Preliminary Design Review
CDR – Critical Design Review
TRR – Test Readiness Review
CSU – Computer Software Unit
CSCI – Computer Software Configuration Item
PD – Preliminary Design
DD – Detailed Design
Concept Research &
Development
Design Deployment/
Operations
Disposition
Preliminary Hazard List
System Safety Program Plan (Initiated Conceptual Phase – updated remainder of system life cycle
Preliminary Hazard Analysis (PHA) System Hazard Analysis (SHA)
Subsystem Hazard Analysis (SSHA)
System
Safety
Process
Software
Acquisition
Process
Software Requirements Analysis PD DD
Code, CSCI
& CSU Test
System
Integration
Test
Operations
Maintenance &
Upgrade
SRR SDR SSR PDR CDR
Configuration Management
Software Safety Program Management
Development of Function Hazard List
Tailor Generic Software Safety Requirements
Preliminary Software Hazards Analysis (PSHA)
Derive System Specific Safety
Critical Requirements
Software Safety Architectural
Design Hazard Analysis (SSADHA)
Software Detailed Design Subsystem
Hazard Analysis (SSDDHA)
Software Safety Integration Test Planning
Software Safety Integration
Testing & Analysis
Validation of Software Operations & Support
Requirements
Systematic
Software
Safety
Process
TRR
- Link hazard causal factors to design
- Identify hazards that cross subsystem
boundaries
- Ensure hazards are mitigated in interfacing
subsystems or external systems
- Identify unresolved interface safety issues
Software Safety Planning
FAA System Safety Handbook, Chapter 13: Launch Safety
December 30, 2000
13 -5
13.4 SYSTEM SAFETY ENGINEERING PROCESS
13.4.1 Overview
The System Safety Engineering Process is the structured application of system safety engineering and
management principles, criteria, and techniques to address safety within the constraints of operational
effectiveness, time, and cost throughout all phases of a system’s life cycle. The intent of the System
Safety Engineering Process is to identify, eliminate, or control hazards to acceptable levels of risk
throughout a system’s life cycle.
This process is performed by the vehicle developer/operator. Because of the complexity and variety of
vehicle concepts and operations, such a process can help ensure that all elements affecting public safety
are considered and addressed. Without such a process, very detailed requirements would have to be
imposed on all systems and operations, to ensure that all hazards have been addressed which could have
the undesired effect of restricting design alternatives and innovation or could effectively dictate design
and operations concepts.
The process (as described in Mil Std 882C) includes a System Safety Program Plan (SSPP). The SSPP (or
its equivalent) provides a description of the strategy by which recognized and accepted safety standards
and requirements, including organizational responsibilities, resources, methods of accomplishment,
milestones, and levels of effort, are to be tailored and integrated with other system engineering functions.
The SSPP lays out a disciplined, systematic methodology that ensures all risks – all events and system
failures (probability and consequence) that contribute to expected casualty – are identified and eliminated,
or that their probability of occurrence is reduced to acceptable levels of risk.
The SSPP should indicate the methods employed for identifying hazards, such as Preliminary Hazards
Analysis (PHA), Subsystem Hazard Analysis (SSHA), Failure Mode and Effects Analysis (FMEA), Fault
Tree Analysis. Risk Mitigation Measures are likewise identified in the plan. These include avoidance,
design/redesign, process/procedures and operational rules and constraints.
The System Safety Engineering Process identifies the safety critical systems. Safety critical systems are
defined as any system or subsystem whose performance or reliability can affect public health and safety
and safety of property. Such systems, whether they directly or indirectly affect the flight of the vehicle,
may or may not be critical depending on other factors such as flight path and vehicle ability to reach
populated areas. For this reason, it is important to analyze each system for each phase of the vehicle
mission from ground operations and launch through reentry and landing operations. Examples of
potentially safety critical systems that may be identified through the system safety analysis process using
中国航空网 www.aero.cn
航空翻译 www.aviation.cn
本文链接地址:
System Safety Handbook系统安全手册上(32)
