曝光台 注意防骗
网曝天猫店富美金盛家居专营店坑蒙拐骗欺诈消费者
suitable mishap risk assessment procedures. Listed below are examples of safety performance
statements.
a. Quantitative requirements. Quantitative requirements are usually expressed as a
failure or mishap rate, such as "The catastrophic system mishap rate shall not exceed x.xx X 10-y
per operational hour."
b. Mishap risk requirements. Mishap risk requirements could be expressed as "No
hazards assigned a Catastrophic mishap severity are acceptable." Mishap risk requirements
could also be expressed as a level defined by a mishap risk assessment (see A.4.4.3.2.3), such as
"No Category 3 or higher mishap risks are acceptable."
c. Standardization requirements. Standardization requirements are expressed relative to
a known standard that is relevant to the system being developed. Examples include: "The system
will comply with the laws of the State of XXXXX and be operable on the highways of the State
of XXXXX" or "The system will be designed to meet ANSI Std XXX as a minimum."
A.4.3.3 Safety design requirements. The program manager, in concert with the chief
engineer and utilizing systems engineering and associated system safety professionals, should
establish specific safety design requirements for the overall system. The objective of safety
design requirements is to achieve acceptable mishap risk through a systematic application of
design guidance from standards, specifications, regulations, design handbooks, safety design
checklists, and other sources. Review these for safety design parameters and acceptance criteria
applicable to the system. Safety design requirements derived from the selected parameters, as
well as any associated acceptance criteria, are included in the system specification. Expand these
requirements and criteria for inclusion in the associated follow-on or lower level specifications.
See general safety system design requirements below.
a. Hazardous material use is minimized, eliminated, or associated mishap risks are
reduced through design, including material selection or substitution. When using potentially
hazardous materials, select those materials that pose the least risk throughout the life cycle of the
system.
MIL-STD-882D
APPENDIX A
13
b. Hazardous substances, components, and operations are isolated from other activities,
areas, personnel, and incompatible materials.
c. Equipment is located so that access during operations, servicing, repair, or adjustment
minimizes personnel exposure to hazards (e.g., hazardous substances, high voltage,
electromagnetic radiation, and cutting and puncturing surfaces).
d. Protect power sources, controls, and critical components of redundant subsystems by
physical separation or shielding, or by other acceptable methods.
f. Consider safety devices that will minimize mishap risk (e.g., interlocks, redundancy,
fail safe design, system protection, fire suppression, and protective measures such as clothing,
equipment, devices, and procedures) for hazards that cannot be eliminated. Make provisions for
periodic functional checks of safety devices when applicable.
g. System disposal (including explosive ordnance disposal) and demilitarization are
considered in the design.
h. Implement warning signals to minimize the probability of incorrect personnel reaction
to those signals, and standardize within like types of systems.
i. Provide warning and cautionary notes in assembly, operation, and maintenance
instructions; and provide distinctive markings on hazardous components, equipment, and
facilities to ensure personnel and equipment protection when no alternate design approach can
eliminate a hazard. Use standard warning and cautionary notations where multiple applications
occur. Standardize notations in accordance with commonly accepted commercial practice or, if
none exists, normal military procedures. Do not use warning, caution, or other written advisory
as the only risk reduction method for hazards assigned to Catastrophic or Critical mishap severity
categories.
j. Safety critical tasks may require personnel proficiency; if so, the developer should
propose a proficiency certification process to be used.
k. Severity of injury or damage to equipment or the environment as a result of a mishap
is minimized.
l. Inadequate or overly restrictive requirements regarding safety are not included in the
system specification.
m. Acceptable risk is achieved in implementing new technology, materials, or designs in
an item’s production, test, and operation. Changes to design, configuration, production, or
mission requirements (including any resulting system modifications and upgrades, retrofits,
insertions of new technologies or materials, or use of new production or test techniques) are
中国航空网 www.aero.cn
航空翻译 www.aviation.cn
本文链接地址:
System Safety Handbook系统安全手册下(118)
