曝光台 注意防骗
网曝天猫店富美金盛家居专营店坑蒙拐骗欺诈消费者
of stored information.
Voting A scheme in which the outputs of three of more channels of a system implementation are
compared with each other in order to determine agreement between two or more channels, and
to permit continued operation in the presence of a malfunction in one of the channels. A degree
of fault / malfunction tolerance is obtained.
Watchdog
Timer
A device that monitors a prescribed operation of computer hardware and / or software and
provides an indication when such operation has ceased.
Zero Energy
State
All energy within the system has been reduced to the lowest possible energy level, at “zero
energy level” if possible. All stored or residual energy, such as within capacitors, springs,
elevated devices, rotating flywheels, hydraulic systems, pneumatic systems, have been
dissipated.
It should be noted that it is not possible to dissipate / de-energize all energy within the system
additional controls should be implemented, i.e. lockout, repositioning, isolating, restraining,
guarding, shielding, relief, bleed off devices.
FAA System Safety Handbook, Appendix B: Comparative Risk Assessment (CRA) Form
December 30, 2000
B-1
Appendix B
Comparative Risk Assessment Form
FAA System Safety Handbook, Appendix B: Comparative Risk Assessment (CRA) Form
December 30, 2000
B-2
SEC TRACKING No: This is the number assigned
to the CRA by the FAA System Engineering Council
(SEC)
CRA Title: Title as assigned by the FAA SEC
SYSTEM: This is the system being affected by the change, e.g. National Airspace System
Initial Date: Date initiated SEC date: Date first reviewed by the SEC
REFERENCES: A short list or references. If a long list is used can be continued on a separate page.
SSE INFORMATION
SSE Name/Title:
Name and title of person who
performed or led team
Location:
Address and office symbol of
SSE
Telephone No.:
SUMMARY OF HAZARD CLASSIFICATION:
(worst credible case; see List of Hazards below for individual risk assessments)
Option A (Baseline): Place the highest risk
assessment code for the baseline here
Proposed Change
Option(s) B-X: Place the highest risk assessment
code for the alternatives here.
DESCRIPTION OF (Option A) BASELINE AND PROPOSED CHANGE(s)
Option A: Describe the system under study here in terms of the 5 M Model discussed in chapter 2.
Describe the baseline (or no change) system and each alternative. This section can be continued in an
appendix if it does not fit into this area. Avoid too much detail, but include enough so that the
decision-maker has enough information to understand the risk associated with each alternative.
SEVERITY:
1 CATASTROPHIC – Death, system or aircraft loss, permanent total
disability
2 HAZARDOUS - Severe injury or major aircraft or system damage PROBABILITY
3 MAJOR - Minor injury or minor aircraft or system damage SEVERITY A B C D
4 MINOR – Less than minor injury or aircraft or system damage 1
5 NO SAFETY EFFECT 2
PROBABILITY: 3
A PROBABLE - Likely to occur in lifetime of each system
(> 1E-5)
4
B REMOTE – Possible for each item, several for
system (< 1E-5 )
5 No risk
C EXTREMELY REMOTE – Unlikely for item, may occur few in
system (< 1E-7)
D EXTREMELY IMPROBABLE – so unlikely, not expected in system
(<1E-9)
FAA System Safety Handbook, Appendix B: Comparative Risk Assessment (CRA) Form
December 30, 2000
B-3
HAZARD LIST
No. Hazard Condition RISK ASSESSMENT CODE (RAC)
List the hazard conditions here. Enter the risk
assessment codes for each hazard – alternative
to the right.
Baseline
Option A
Option
B
Option
C
Option D Option E
1 Loss of communication between air traffic
controllers and aircraft (flight essential)
1D 1D 1C 1C 1B
2 Loss of communication between air traffic
controllers in different domains (ARTCC to
ARTCC, ARTCC to TRACON, etc.)
1D
3 Loss of communication between air traffic
controllers and flight service (flight plans, etc.)
4 Loss of communication between air traffic &
ground controllers and vehicles in the airport
movement area
5 Loss of the means for operator and flight
service to communicate information relative to
planned flight
6 Loss of the capability to detect, classify, locate,
and communicate adverse weather such as:
thunderstorms, rain and snow showers,
lightning, windshear, tornadoes, icing, low
visibility or ceilings, turbulence, hail, fog, etc.
7 Loss of navigation functions providing aircrew
中国航空网 www.aero.cn
航空翻译 www.aviation.cn
本文链接地址:
System Safety Handbook系统安全手册下(72)
