曝光台 注意防骗
网曝天猫店富美金盛家居专营店坑蒙拐骗欺诈消费者
sufficient confidence. More detailed estimates should evaluate the size of the code to be stored in the
memory, and the additional space required for storing data and scratchpad space for storing interim and
final results of computations. Memory estimates in early program phases can be inaccurate, and the
estimates should be updated and based on prototype codes and simulations before they become realistic.
Dynamic Memory Allocation can be viewed as either a practical memory run time solution or as a
nightmare for assuring proper timing and usage of critical data. Any suggestion of Dynamic Memory
Allocation, common in OOD, CH environments, should be examined very carefully; even in “noncritical”
functional modules.
D.3.3.1 I/O channel usage (Load) versus capacity and availability
Address I/O for science data collection, housekeeping and control. Evaluate resource conflicts between
science data collection and safety critical data availability. During failure events, I/O channels can be
overloaded by error messages and these important messages can be lost or overwritten. (e.g. the British
“Piper Alpha” offshore oil platform disaster). Possible solutions includes, additional modules designed to
capture, correlate and manage lower level error messages or errors can be passed up through the calling
routines until at a level which can handle the problem; thus, only passing on critical faults or
combinations of faults, that may lead to a failure.
Execution times versus CPU load and availability. Investigate time variations of CPU load, determine
circumstances of peak load and whether it is acceptable. Consider multi-tasking effects. Note that
excessive multi-tasking can result in system instability leading to “crashes”.
D.3.3.2 Sampling rates versus rates of change of physical parameters
Analysis should address the validity of the system performance models used, together with simulation and
test data, if available.
FAA System Safety Handbook, Appendix E: System Safety Principles
December 30, 2000
E-1
Appendix E
System Safety Principles
FAA System Safety Handbook, Appendix E: System Safety Principles
December 30, 2000
E-2
System Safety
Principles
• System safety is a basic requirement of the total system.
• System safety must be planned
- Integrated and comprehensive safety engineering effort
- Interrelated, sequential, and continuing effort
- Plan must influence facilities, equipment, procedures, and
personnel
- Applicable to all program phases
- Covers transportation and logistics support
- Covers storage, packaging, and handling
- Covers Non-Development Items (NDI).
• MA provides management of system safety effort
Managerial and technical procedures to be used must be for
MA approval.
- Resolves conflicts between safety and other design
requirements
- Resolves conflicts between associate contractors.
• Design safety precedence:
- Design to minimum hazard
- Use safety devices
- Use warning devices
- Use special procedures.
• System Safety requirements must be consistent with other program
requirements.
Performance, cost, etc., requirements may have priority over safety
Requirements.
• System analyses are basic tools for systematically developing design
specifications.
Ultimate measure of safety is not the scope of analysis but in satisfied
Requirements.
- Analyses are performed to:
§ Identify hazards and corrective actions
§ Review safety considerations in tradeoffs
§ Determine/evaluate safety design requirements
§ Determine/evaluate operational, test, logistics
requirements
§ Validate qualitative/quantitative requirements
have been met.
- Analyses are hazard not safety analyses
FAA System Safety Handbook, Appendix E: System Safety Principles
December 30, 2000
E-3
• Level of risk assumption and criteria are an inherent part of risk
management.
• Safety Management
- Defines functions, authority, and interrelationships
- Exercises appropriate controls.
• Degree of safety effort and achievements are directly dependent
upon management emphasis by the FAA and contractors.
• Results of safety effort depend upon MA clearly stating safety
objectives/requirements.
• MA responsibilities:
- Plan, organize, and implement SSP
- Establish safety requirements for system design
- State safety requirements in contract
- Requirements for activities in Statement of Work (SOW)
- Review and insure adequate and complete system safety
program plan (SSPP)
中国航空网 www.aero.cn
航空翻译 www.aviation.cn
本文链接地址:
System Safety Handbook系统安全手册下(81)
