曝光台 注意防骗
网曝天猫店富美金盛家居专营店坑蒙拐骗欺诈消费者
term “reduction” still implies the existence of residual risk, which is the risk left over after the controls
are applied. For example, residual risk can be controlled in a manner described in Table 4-3. This table
describes the NAS System Function, NAS System Hazard, and NAS System Control.
1. Determine potential
severity of each hazard
in the OHA.
2. Map severity to this
chart to determine
probability requirement
(minimum) and
objective (desired)
Target Level of Safety
(TLS)
3. Allocate the safety
objectives and
requirements (ASOR)
from the TLS to air
and/or
ground elements
Steps Hazard Classification
Likelihood
Sever
ity
Probable
A
Major
3
Catastrophic
1
Hazardous
2
Minor
4
No Safety
Effect
5
Remote
B
Extremely
Remote
C
Extremely
Improbable
D
High Risk
Medium Risk
Low Risk
FAA System Safety Handbook, Chapter 4: Pre-Investment Decision Safety Assessments
December 30, 2000
4 -
8
Table 4-3: Development of Controls for Hazards in the NAS
NAS System function
NAS System hazard
NAS System Controls
Provide air - ground
communications.
Loss of air – ground
communication.
Multiple communication channels.
Multiple radios. Procedures for loss of
communication. Phase dependent:
communication is not always critical.
Provide CSA precision
approach instrument
guidance to runways.
Loss of precision instrument
guidance to the runway.
Reliability. Alternate approaches
available. Procedures for alternate
airport selection. Fuel reserve
procedures. System detection and alert
to CSA. Phase and condition (IMC vs.
VMC) dependent.
Provide En Route Flight
Advisories of severe
weather.
Lack EFAS warning of severe
weather to CSA flight crew.
Early detection systems (satellite) for
severe weather. Multiple dissemination
means. Procedures (condition
dependent) require alternate airports.
Fuel reserve procedures.
As the engineer performs the assessment, controls that do not yet exist can be identified and listed. These
controls are included in the requirements of the OSA. This is done by turning the controls into
measurable and testable requirements or “shall” statements. A critical function of System Engineering is
the determination and allocation of requirements early in the concept and definition phase. System
Safety’s function in this process is to develop safety-related requirements early in the design to facilitate
System Engineering. A primary source of safety requirements is the OSA. The controls identified, both
existing and recommended, should be translated into a set of system level requirements. For example,
Table 4-4 lists the same hazards and controls that were examined in Table 4-3. The requirements are
examples only and are meant for illustration.
FAA System Safety Handbook, Chapter 4: Pre-Investment Decision Safety Assessments
December 30, 2000
4 -
9
Table 4-4: Examples of Controls and Requirements
NAS System
Function
NAS System Hazard
NAS System Controls
NAS System Requirements
Provide air to
ground
communications
and
control.
Loss of air to ground
communication and
control.
Multiple communication
channels. Multiple radios.
Procedures for loss of
communication. Phase
dependent: communication
is not always critical.
The NAS system shall provide
for multiple communication
modes in the enroute structure,
at least 2 channels in each
region being in the VHF
frequency spectrum, and one
available through the satellite
communication system. The
total Mean Time Between
Failure (MTBF) of these
systems may not be less than X
hours.
Provide CSA
precision
approach
instrument
guidance to
runways.
Loss of precision
instrument guidance
to the runway.
Reliability. Alternate
approaches available.
Procedures for alternate
airport selection. Fuel
reserve procedures. System
detection and alert to CSA.
Phase and condition (IMC
vs. VMC) dependent.
The NAS shall provide at least
two backup non-precision
approaches at each airport with
a precision approach capability.
The NAS procedures shall
require part 121 operators to
select an alternate destination if
the forecast weather at the
中国航空网 www.aero.cn
航空翻译 www.aviation.cn
本文链接地址:
System Safety Handbook系统安全手册上(94)
