EEMCS final report for the causal modeling for air transport safety (CATS) project

This document reports on the work realized by the DIAM in relation to the completion of the CATS model as presented in Figure 1.6 and tries to explain some of the steps taken for its completion. The project spans over a period of time of three years. Intermediate reports have been presented throughout the project’s progress. These are presented in Appendix 1. In this report the continuous‐discrete distribution‐free BBNs are briefly discussed. The human reliability models developed for dealing with dependence in the model variables are described and the software application UniNet is presente

New safety model for the commercial human spaceflight industry

The aviation and space domains have safety guidelines and recommended practices for Design Organisations (DOs) and Operators alike. In terms of Aerospace DOs there are certification criteria to meet and to demonstrate compliance there are Advisory Circulars or Acceptable Means of Compliance to follow. Additionally there are guidelines such as Aerospace Recommended Practices (ARP), Military Standards (MIL-STD 882 series) and System Safety Handbooks to follow in order to identify and manage failure conditions. In terms of Operators there are FAA guidelines and a useful ARP that details many tools and techniques in understanding Operator Safety Risks. However there is currently no methodology for linking the DO and Operator safety efforts. In the space domain NASA have provided safety standards and guidelines to follow and also within Europe there are European Co-operation of Space Standardization (ECSS) to follow. Within the emerging Commercial Human Spaceflight Industry, the FAA’s Office of Commercial Space Transportation has provided hazard analysis guidelines. However all of these space domain safety documents are based on the existing aerospace methodology and once again, there is no link between the DO and Operator’s safety effort. This paper addresses the problematic issue and presents a coherent methodology of joining up the System Safety effort of the DOs to the Operator Safety Risk Management such that a ‘Total System’ approach is adopted. Part of the rationale is that the correct mitigation (control) can be applied within the correct place in the accident sequence. Also this contiguous approach ensures that the Operator is fully aware of the safety risks (at the accident level) and therefore has an appreciation of the Total System Risk. The authors of this paper contend that it is better practice to have a fully integrated safety model as opposed to disparate requirements or guidelines. Our methodology is firstly to review ‘best practice’ approaches from the aviation and space industries, and then to integrate these approaches into a contiguous safety model for the commercial human spaceflight industry

The xSAP Safety Analysis Platform

This paper describes the xSAP safety analysis platform. xSAP provides several model-based safety analysis features for finite- and infinite-state synchronous transition systems. In particular, it supports library-based definition of fault modes, an automatic model extension facility, generation of safety analysis artifacts such as Dynamic Fault Trees (DFTs) and Failure Mode and Effects Analysis (FMEA) tables. Moreover, it supports probabilistic evaluation of Fault Trees, failure propagation analysis using Timed Failure Propagation Graphs (TFPGs), and Common Cause Analysis (CCA). xSAP has been used in several industrial projects as verification back-end, and is currently being evaluated in a joint R&D Project involving FBK and The Boeing Company

Integrated assurance assessment of a reconfigurable digital flight control system

The integrated application of reliability, failure effects and system simulator methods in establishing the airworthiness of a flight critical digital flight control system (DFCS) is demonstrated. The emphasis was on the mutual reinforcement of the methods in demonstrating the system safety

Safety level of airside, pre-take-off objects and processes

Preventive, proactive airside, pre-take-off safety in civil air traffic from a new viewpoint with a new toolset on a more exact way with sustaining all necessary principles - to explicate such and similar thoughts is the aim of the paper

Reliability Analysis of Complex NASA Systems with Model-Based Engineering

The emergence of model-based engineering, with Model- Based Systems Engineering (MBSE) leading the way, is transforming design and analysis methodologies. The recognized benefits to systems development include moving from document-centric information systems and document-centric project communication to a model-centric environment in which control of design changes in the life cycles is facilitated. In addition, a single source of truth about the system, that is up-to-date in all respects of the design, becomes the authoritative source of data and information about the system. This promotes consistency and efficiency in regard to integration of the system elements as the design emerges and thereby may further optimize the design. Therefore Reliability Engineers (REs) supporting NASA missions must be integrated into model-based engineering to ensure the outputs of their analyses are relevant and value-needed to the design, development, and operational processes for failure risks assessment and communication

A system safety model for developmental aircraft programs

Basic tenets of safety as applied to developmental aircraft programs are presented. The integration of safety into the project management aspects of planning, organizing, directing and controlling is illustrated by examples. The basis for project management use of safety and the relationship of these management functions to 'real-world' situations is presented. The rationale which led to the safety-related project decision and the lessons learned as they may apply to future projects are presented

Tree-Network Overrun Model Associated with Pilots’ Actions and Flight Operational Procedures

The runway excursions are defined as the exit of an aircraft from the surface of the runway. These excursions can take place at takeoff or at landing and consist of two types of events: veer off and overrun. This last one, which occurs when the aircraft exceeds the limits at the end of the runway, is the event of interest in the current study. This chapter aims to present an accident model with a new approach in aeronautical systems, based on the tasks of the pilots related to the operational procedures necessary for the approach and landing, in order to obtain the chain of events that lead to this type of accident. Thus, the tree-network overrun model (TNO model) was proposed, unlike most traditional models, which consider only the hardware failures or which do not satisfactorily explain the interrelationship between the factors influencing the operator. The proposed model is developed in a fault tree and transformed into a Bayesian network up to the level of the basic elements. The results showed the qualitative model of the main tasks performed by the pilots and their relation to the accident. It has also been suggested how to find and estimate the probability of factors that can impact on each of the tasks