曝光台 注意防骗
网曝天猫店富美金盛家居专营店坑蒙拐骗欺诈消费者
· Proposed agenda items for the next SSWG meeting, if such groups are formed.
FAA System Safety Handbook, Chapter 7: Integrated System Hazard Analysis
December 30, 2000
Chapter 7:
Integrated System Hazard Analysis
7.1 INTEGRATED APPROACH........................................................................................................ 2
7.2 RISK CONTROL ....................................................................................................................... 11
7.3 USE OF HISTORICAL DATA.................................................................................................. 18
FAA System Safety Handbook, Chapter 7: Integrated System Hazard Analysis
December 30, 2000
7 - 2
7.0 Integrated System Hazard Analysis
The goal of System Safety is to optimize safety by the identification of safety-related risks, eliminating or
controlling them via design and/or procedures, based on the system safety Order of Precedence (See Table
3.2-1 in Chapter 3.) Hazard analysis is the process of examining a system throughout its life cycle to
identify inherent safety related risks.
7.1 Integrated Approach
An integrated approach is not simple, i.e., one does not simply combine many different techniques or
methods in a single report and expect a logical evaluation of system risks and hazards. The logical
combining of hazard analyses is called Integrated System Hazard Analysis. To accomplish integrated
system hazard analysis many related concepts about system risks should be understood. These are
discussed below.
In capsulated form, to accomplish Integrated System Hazard Analysis, system risks are identified as
potential system accident scenarios and the associated contributory hazards. Controls are then designed to
eliminate or control the risks to an acceptable level. The ISSWG may conduct this activity during safety
reviews and Integrated Risk/Hazard Tracking and Risk Resolution.
7.1.1 Analysis Concepts
A scenario becomes more credible or more appropriate as the hypothesized scenario is developed to reflect
reality, for example, an actual similar accident. Consistency and coherence are important during the
composition of a scenario. Scenario descriptions will vary from the general to the specific. Scenarios will
tend to be more specific as detailed knowledge is acquired. The completeness of the analysis also relates to
how scenarios are constructed and presented. Some specific examples of scenarios are discussed in the
next section.
The analyst should be concerned with machine/environment interactions resulting from change/deviation
stresses as they occur in time/space, physical harm to persons; functional damage and system degradation.
The interaction consideration evaluates the interrelations between the human (including procedures), the
machine and the environment: the elements of a system. The human parameter relates to appropriate
human factors engineering and associated elements: biomechanics, ergonomics, and human performance
variables. The machine equates to the physical hardware, firmware, and software. The human and machine
are within a specific environment. Adverse effects due to the environment are to be studied. One model
used for this analysis has been described earlier as the 5M model. See Chapter 3 for further elaboration.
Specific integrated analyses are appropriate at a minimum to evaluate interactions:
· Human - Human Interface Analysis
· Machine - Abnormal Energy Exchange, Software Hazard Analysis, Fault Hazard Analysis
· Environment - Abnormal Energy Exchange, Fault Hazard Analysis
The interactions and interfaces between the human, machine and the environment are to be evaluated by
application of the above techniques, also with the inclusion of Hazard Control Analysis; the possibility of
insufficient control of the system is analyzed.
FAA System Safety Handbook, Chapter 7: Integrated System Hazard Analysis
December 30, 2000
7 - 3
Adverse deviations will affect system safety. The purpose of analysis is to identify possible deviations that
can contribute to scenarios. Deviations are malfunctions, degradation, errors, failures, faults, and system
anomalies. They are unsafe conditions and/or acts with the potential for harm. These are termed
contributory hazards in this System Safety Handbook.
7.1.2 Hazards Identification and Risk Assessment
Throughout this handbook, reference is made to hazards and their associated risks. Hazards are the
potential for harm. They are unsafe acts and/or unsafe conditions that can result in an accident. An
accident is usually the result of many contributors (or causes) and these contributors are referred to as
either initiating or contributory hazards. Depending on the context of the discussion, either hazards or
中国航空网 www.aero.cn
航空翻译 www.aviation.cn
本文链接地址:
System Safety Handbook系统安全手册下(13)
