曝光台 注意防骗
网曝天猫店富美金盛家居专营店坑蒙拐骗欺诈消费者
10. Provide managers, designers, test planners, and other affected decision makers with the
information and data needed to permit effective trade-offs
11. Conduct hazard tracking and risk resolution of medium and high risks. Verify that
recommendations and requirements identified in Step 9 have been implemented.
12. Demonstrate compliance with given safety related technical specifications, operational
requirements, and design criteria.
8.2.2 What are the Basic Elements of A Hazard Analysis?
The analytical approach to safety requires four key elements if the resulting output is to impact the system
in a timely and cost effective manner. They are:
Hazard identification
· Identification
FAA System Safety Handbook, Chapter 8: Safety Analysis/Hazard Analysis Tasks
December 30, 2000
8- 4
· Evaluation
· Resolution
Timely solutions
Verification that safety requirements have been met or that risk is eliminated or controlled to an
acceptable level
These concepts are described in detail below:
Identification of a risk is the first step in the risk control process. Identifying a risk provides no assurance
that it will be eliminated or controlled. The risk must be documented, evaluated (likelihood and severity),
and when appropriate, highlighted to those with decision making authority.
Evaluation of risks requires determination of how frequently a risk occurs and how severe it could be if
and accident occurs as a result of the hazards. A severe risk that has a realistic possibility of occurring
requires action; one that has an extremely remote chance may not require action. Similarly, a non-critical
accident that has a realistic chance of occurring may not require further study. Frequency may be
characterized qualitatively by terms such as "frequent" or "rarely." It may also be measured
quantitatively such as by a probability (e.g., one in a million flight hours). In summary, the evaluation
step prioritizes and focuses the system safety activity and maximizes the return-on-investment for safety
expenditures.
The timing of safety analysis and resulting corrective action is critical to minimize the impact on cost and
schedule. The later in the life cycle of the equipment that safety modifications are incorporated, the
higher the impact on cost and schedule. The analysis staff should work closely with the designers to feed
their recommendations or, at a minimum, objections back to the designers as soon as they are identified.
A safe design is the end product, not a hazard analysis. By working closely with the design team, hazards
can be eliminated or controlled in the most efficient manner. An inefficient alternate safety analysis
approach is when the safety engineer works alone in performing an independent safety analysis and
formally reports the results. This approach has several disadvantages.
Significant risks will be corrected later than the case where the design engineer is alerted to the problem
shortly after detection by the safety engineer. This requires a more costly fix, leads to program resistance
to change, and the potential implementation of a less effective control. The published risk may not be as
severe as determined by the safety engineer operating in a vacuum, or overcome by subsequent design
evolution.
Once the risks have been analyzed and evaluated, the remaining task of safety engineering is to follow the
development and verify that the agreed-upon safety requirements are met by the design or that the risks
are controlled to an acceptable level.
8.2.3 What is the Relationship Between Safety and Reliability?
Reliability and system safety analyses complement each other. They can each provide the other more
information than obtained individually. Neither rarely can be substituted for the other but, when
performed in collaboration, can lead to better and more efficient products.
Two reliability analyses (one a subset of the other) are often compared to hazard analyses. Performance
of a Failure Modes and Effects Analysis (FMEA) is the first step in generating the Failure Modes, Effects,
and Criticality Analysis (FMECA). Both types of analyses can serve as a final product depending on the
FAA System Safety Handbook, Chapter 8: Safety Analysis/Hazard Analysis Tasks
December 30, 2000
8- 5
situation. An FMECA is generated from a FMEA by adding a criticality figure of merit. These analyses
are performed for reliability, and supportability information.
A hazard analysis uses a top-down methodology that first identifies risks and then isolates all possible (or
probable) causes. For an operational system, it is performed for specific suspect hazards. In the case of
中国航空网 www.aero.cn
航空翻译 www.aviation.cn
本文链接地址:
System Safety Handbook系统安全手册下(24)
