曝光台 注意防骗
网曝天猫店富美金盛家居专营店坑蒙拐骗欺诈消费者
FAA System Safety Handbook, Chapter 8: Safety Analysis/Hazard Analysis Tasks
December 30, 2000
8- 15
8.4.4 Activity 4: Subsystem Hazard Analysis
The Subsystem Hazard Analysis (SSHA) is performed if a system under development contained
subsystems or components that when integrated function together in a system. This analysis examines
each subsystem or component and identifies hazards associated with normal or abnormal operations and
is intended to determine how operation or failure of components or any other anomaly that adversely
affects the overall safety of the system. This analysis should identify existing and recommended actions
using the system safety precedence to determine how to eliminate or reduce the risk of identified hazards.
As soon as subsystems are designed in sufficient detail, or well into concept design for facilities
acquisition, the SSHA can begin. Design changes to components also need to be evaluated to determine
whether the safety of the system is affected. The techniques used for this analysis must be carefully
selected to minimize problems in integrating subsystem hazard analyses into the system hazard analysis.
The SSHA may be documented in a combination of text and/or tabular format.
A contractor may perform and document a subsystem hazard analysis to identify all components and
equipment, including software, whose performance, performance degradation, functional failure, or
inadvertent functioning could result in a hazard or whose design does not satisfy contractual safety
requirements. The analysis may include:
· A determination of the hazards or risks, including reasonable human errors as well as single
and multiple failures.
· A determination of potential contribution of software (including that which is developed by
other contractors) events, faults, and occurrences (such as improper timing) on the safety of
the subsystem
· A determination that the safety design criteria in the software specification(s) have been
satisfied
· A determination that the method of implementation of software design requirements and
corrective actions has not impaired or decreased the safety of the subsystem nor has
introduced any new hazards.
If no specific analysis techniques are directed, the contractor may obtain MA approval of technique(s) to
be used prior to performing the analysis. When software to be used in conjunction with the subsystem is
being developed under standards, the contractor performing the SSHA will monitor, obtain, and use the
output of each phase of the formal software development process in evaluating the software contribution
to the SSHA (See Chapter 10 for discussion of standards commonly used). Problems identified that
require the response of the software developer shall be reported to the MA in time to support the ongoing
phase of the software development process. The contractor must update the SSHA when needed as a
result of any system design changes, including software changes that affect system safety.
For work performed under contract details to be specified in the SOW shall include, as applicable:
· Minimum risk severity and probability reporting thresholds
· The specific subsystems to be analyzed
· Any selected risks, hazards, hazardous areas, or other items to be examined or excluded
· Specification of desired analysis technique(s) and/or format.
FAA System Safety Handbook, Chapter 8: Safety Analysis/Hazard Analysis Tasks
December 30, 2000
8- 16
8.4.5 Activity 5: System Hazard Analysis
A System Hazard Analysis (SHA) is accomplished in much the same way as the SSHA. However, as the
SSHA examines how component operation or risks affect the system, the SHA determines how system
operation and hazards can affect the safety of the system and its subsystems. The SSHA, when available,
serves as input to the SHA. The SHA should begin as the system design matures, at the preliminary
design review or the facilities concept design review milestone, and should be updated until the design is
complete. Design changes will need to be evaluated to determine their effects on the safety of the system
and its subsystems. This analysis should contain recommended actions, applying the system safety
precedence, to eliminate or reduce the risk of identified hazards. The techniques used to perform this
analysis must be carefully selected to minimize problems in integrating the SHA with other hazard
analyses. The SHA may be documented in text and/or tabular format or a combination of both text and
tables. (See Chapter 6, Integrated System Hazard Analysis Concepts)
A contractor may perform and document an SHA to identify hazards and assess the risk of the total
中国航空网 www.aero.cn
航空翻译 www.aviation.cn
本文链接地址:
System Safety Handbook系统安全手册下(31)
