曝光台 注意防骗
网曝天猫店富美金盛家居专营店坑蒙拐骗欺诈消费者
interface with hydraulic power subsystems, but not so that they interface with electrical,
structural, and the display systems. The evaluator must be familiar with the system being
analyzed; if not, the evaluator cannot determine whether or not all interfaces were covered.
· How were the interfaces considered? For example did the analysis consider both mechanical
and electrical connections between two subsystems such as structure and hydraulic.
8.9 Evaluating an Operating and Support Hazard Analysis
The O&SHA identifies hazards/risks occurring during use of the system. It encompasses operating the
system (primarily procedural aspects) and the support functions (e.g., maintenance, servicing, overhaul,
facilities, equipment, training) that go along with operating the system. Its purpose is to evaluate the
effectiveness of procedures in controlling those hazards which were identified as being controlled by
procedures, instead of by design, and to ensure that procedures do not introduce new hazards.
Timing of the O&SHA is important. Generally, an Occupational Safety and Health Administration's
(OSHA) output (i.e., hazard control) is safety's blessing on "procedures." In most cases, procedures aren't
available for review until the system begins initial use or initial test and evaluation. As a result, the
O&SHA is typically the last formal analysis to be completed. Actually, the sooner the analysis begins,
the better. Even before the system is designed, an O&SHA can be started to identify hazards with the
anticipated operation of the system. Ideally, the O&SHA should begin with the formulation of the system
and not be completed until sometime after initial test of the system (which may identify additional
hazards). This is critical because design and construction of support facilities must begin far before the
system is ready for fielding, and all special safety features (e.g., fire suppression systems) must be
identified early or the costs to modify the facilities may force program managers and users to accept
unnecessary risks.
When evaluating an O&SHA, it is important to insure that the analysis considers not only the normal
operation of the system, but abnormal, emergency operation, system installation, maintenance, servicing,
storage, and other operations as well. Misuse and emergency operations must also be considered. In
other words, if anyone will be doing anything with the system, planned or unplanned, the O&SHA should
cover it.
The evaluator should consider the following support aspects of an O&SHA:
· Is there auxiliary equipment (e.g., loading handling, servicing, tools) that are planned to be
used with the system?
· Is there a training program? Who will do the training, when, and how? What training aids
will be used? Mock-ups and simulators may be needed for complex systems.
· Are there procedures and manuals? These must be reviewed and revised as needed to
eliminate or control hazards. This effort requires that the analyst have good working
relationships with the organization developing the procedures. If procedures are revised for
any reason, the safety analyst needs to be involved.
· Are there procedures for the handling, use, storage, and disposal procedures for hazardous
materials?
FAA System Safety Handbook, Chapter 8: Safety Analysis/Hazard Analysis Tasks
December 30, 2000
8- 31
Human factors are an important consideration for the O&SHA. The O&SHA should be done in concert
with the human factors organization since many accidents or accidents can be caused by operator error.
Equipment must be user friendly and the O&SHA is an appropriate tool to ensure this takes place.
Ideally, the O&SHA should be performed by both by system safety and human factors personnel.
O&SHAs are normally completed and submitted as a single document, typically in a matrix format. For a
complex system, this analysis is composed of several separate analyses, such as one for operation and
another for maintaining and servicing the system (sometimes called maintenance hazard analysis). The
latter might be performed for several different levels of maintenance. Maintenance analyses consider
actions such as disconnecting and re-applying power, use of access doors, panels, and hardstands.
The O&SHA should also include expanded operations, i.e., uses of the system for reasonable operations
not explicitly specified in the equipment specification. For example, an O&SHA should normally cover
the risks associated with aircraft refueling and engine maintenance. There may be some unusual
operational conditions (bad weather approaching) where an O&SHA may be necessary where refueling
中国航空网 www.aero.cn
航空翻译 www.aviation.cn
本文链接地址:
System Safety Handbook系统安全手册下(41)
