曝光台 注意防骗
网曝天猫店富美金盛家居专营店坑蒙拐骗欺诈消费者
developed by NLR (see Chapter 6) [R5.9].
The last group, the Human Reliability Family, consists of techniques that account for
human factors. These techniques are helpful in the context of collision risk analysis, where
pilots and controllers play major roles. This family includes Action Error Analysis (AEA),
Human Error Assessment and Reduction Technique (HEART), Technique for Human
Error Rate Prediction (THERP), Human Interaction Timeline (HITLINE), Operator
Action Trees (OATS), Human Cognitive Reliability model (HCR), Empirical Technique to
Estimate Operator Errors (TESEO), Absolute Probability Judgment (APJ), Paired
SEPARATION SAFETY MODELING
5-6
Comparisons (PC), Success Likelihood Index Methodology (SLIM), and Influence
Diagram Approach (IDA).
AEA is a technique to study potential mistakes in individual actions, leaving aside human
behavior and reasons for mistakes. HEART allows quantification of human errors in
operator tasks, while THERP predicts human error probabilities and evaluates the
degradation of man-machine systems caused by or connected to human errors. HITLINE
is a methodology to incorporate errors of commission in probabilistic assessments; it is
well-suited to systematically analyzing operator errors in following emergency operating
procedures. In the same line, OATS deals with operator errors during abnormal
conditions and provides error types and associated probabilities. HCR, in addition, takes
into account skill-based, rule-based, and knowledge-based performance. TESEO
evaluates the probability of operator failure, but is more oriented towards comparison
between different man-machine systems, rather than absolute probabilities. APJ, PC, and
SLIM are all techniques to estimate human error probabilities, and IDA is designed for
assessing the dependencies between the influences of the different factors intervening in
human reliability.
5.2.2 Some Applications of Hazard Analysis for ATC Systems
A 1996 survey [R5.9, R5.10] identified three studies applying hazard analysis techniques
to en route ATM. The first one is due to Fota [R5.11], the second one to the UK CAA
[R5.12, R5.13, R5.14], and the third one to Smith [R5.15]. Fota’s work is a global safety
analysis study of an ATC en route center. Event Tree Analysis is combined with Fault
Tree Analysis to perform a Probabilistic Safety Assessment of the en route center. This
study is not directed towards a collision risk analysis, but part of the results obtained
might be used for the safety assessment of the subsystems forming a collision risk
model/analysis. The UK CAA study also provides a PSA of en route air traffic operations.
It makes use, in particular, of Preliminary Hazard Identification, Failure Mode and Effect
Analysis, and Hazard Identification (a variation on HazOp) to identify human errors and
equipment failures in two upper airspace sectors. A Fault Tree Analysis is then
performed, starting with the loss of air traffic control as a top event. The Human Error
Assessment and Reduction Technique is also used in the fault tree to quantify human
errors. Finally, the midair collision probability is estimated from the probability of loss of
air traffic control, the probability of failure of some equipment (ACAS), and the
probability of a midair collision given an ATC and ACAS failure (obtained from a collision
risk model based on a simple scenario). This study illustrates how classical hazard analysis
techniques may be applied to subsystems of a complex, man-in-the-loop system, and then
combined to obtain the collision risk. The Smith study [R5.15] also performs an FTA and
ETA, in a simpler way, on en route ATM situations. Some of the methodologies and
results used in these three studies can probably be used in developing a collision risk
model/analysis methods for intervention ATC environments. Detailed examples of FTA
and ETA applied to en route ATM, and, to some extent, to collision risk can be found in
[R5.9, R5.10].
APPROACHES TO COLLISION RISK ANALYSIS
5-7
The Reduced Aircraft Separation Risk Assessment Model (RASRAM) is another ATCrelated
FTA [R5.16]. In this case, the application is the evaluation of risk for reduced
terminal area separations, including parallel approach operations. Fault tree models are
constructed that represent two collision risk scenarios: 1) In-Trail Separation, and 2)
Lateral Separation. The In-Trail scenario is subdivided into Runway Occupancy and
Wake Vortex Encounter scenarios. For the Lateral Separation, three possible types of
collision risk are posited: collision risk for aircraft on parallel approaches; risk of midair
collision following a breakout; and risk of collision with terrain following a breakout. The
中国航空网 www.aero.cn
航空翻译 www.aviation.cn
本文链接地址:
a concept paper for separation safety modeling(22)
