曝光台 注意防骗
网曝天猫店富美金盛家居专营店坑蒙拐骗欺诈消费者
in production, maintenance, handling, and similar processes generally preclude two or more pieces of
equipment being exactly alike. Minor changes in equipment have been known to cause failures and
accidents when the item was used. If an accident or failure occurs, correcting it by changing the
design, material, procedures, or production process immediately nullifies certain portions of the data.
Message: Consider the statistical nature of probabilities when formulating a conclusion.
· Sometimes data are valid only in special circumstances. For instance, a statistical source may
indicate that a specific number of aircraft accidents due to birdstrikes take place every 100,000 or
million hours. One may conclude from this data, that the probability of a birdstrike is comparatively
low. Hidden by the data analysis approach, is the fact that at certain airfields, such as Boston, the
FAA System Safety Handbook, Chapter 8: Safety Analysis/Hazard Analysis Tasks
December 30, 2000
8- 9
Midway Islands, and other coastal and insular areas where birds abound, the probability of a
birdstrike accident is much higher than the average. This example demonstrates that generalized
probabilities will not serve well for specific, localized areas. This applies to other environmental
hazards such as lightning, fog, rain, snow, and hurricanes. Message: Look for important variables
that may affect conclusions based on statistics.
· Reliability predictions are based upon equipment being operated within prescribed parameters over a
specific period of time. When the equipment's environment or operational profile exceeds those
design limits, the validity of the prediction is invalid. Safety analyses based on this data attempting to
predict safety performance under abnormal and/or emergency conditions may also be invalid.
Reliability predictions do not extend to performance of components or subassemblies following a
failure. That is, the failure rate or characteristics of failed units or assemblies are not accounted for in
reliability generated predictions. Design deficiencies are not accounted for in reliability predictions.
For example, a reliability prediction accounts for the failure rate of components, not the validity of
the logic. Message: Be clear on what conditions the probabilities used in the risk analysis represent.
· Human error can have damaging effects even when equipment reliability is high. For example, a
loaded rifle is highly reliable, yet many people have been killed or wounded when cleaning, carrying,
or playing with loaded guns. Message: Consider the impact of human error on accident probability
estimations.
· The confidence in a probability prediction, as in any statistic, is based on the sample size of the
source data. Predictions based on small sample sizes have a low confidence level; those based on a
large sample size provide a high degree of confidence. Message: Understand the source of prediction
data. Consider the confidence level of the data.
· Reliability predictions of electronic components could assume an exponential failure distribution.
This is a reasonable assumption for systems conservatively designed prior to wearout. The
confidence that the prediction represents either a newly fielded system or an old system is less. There
are recently developed approaches to reliability predictions that consider mechanical fatigue of
electronic components that account for wearout. Such an improved prediction is only more valuable
than the standardized approach when being applied to a specific unit when its history is known.
Message: Risk of systems that exhibit wearout are more difficult to quantify than those that do not.
When the limitations are understood, the use of probabilities permits a more precise risk analysis than the
qualitative approach. Calculated hazard risks can be compared to acceptable thresholds to determine
when redesign is necessary. They permit the comparison of alternate design approaches during tradestudies
leading to more thorough evaluations. Performing quantitative analyses requires more work than
qualitative analyses and therefore costs more. If the limitations of the numbers used are not clearly stated
and understood, the wrong conclusion may be reached. When care is taken, a quantitative analysis can be
significantly more useful than a qualitative one.
FAA System Safety Handbook, Chapter 8: Safety Analysis/Hazard Analysis Tasks
December 30, 2000
8- 10
8.4 Design and Pre-Design Safety Activities
The design and pre-design system safety engineering activities, are listed below:
Activity 1 - Preliminary Hazard List (PHL)
Activity 2 - Preliminary Hazard Analysis (PHA)
中国航空网 www.aero.cn
航空翻译 www.aviation.cn
本文链接地址:
System Safety Handbook系统安全手册下(27)
