|
Paradigm 7: Perform a Transition Hazard Analysis
In the integration of subsystems and systems, it is key to understand the hazards that may exist in this integration. Astronauts at space stations must be aware of the total hazards when making changes to components and subsystems in space. Transition Hazard Analysis (THA) offers a knowledge base of hazards associated with each procedural item performed, allowing analysts to know what could occur in performing the procedure. With any error by the operator or maintainer in working the procedure, there is the potential for a transitional hazard to occur not only to the component and subsystem, but also to the total system. Without addressing the transition problems for both the build-up of a complex system, as well as operating and maintaining the system, potential catastrophic hazards could occur. Normally the documentation of the THA is in the Operating & Support Hazard Analysis (O&SHA), where human interface hazard risk problems are examined. In addition, use of the program human factor studies of the subsystems and system, along with the Computer Human Interface (CHI), is a major source of data for transitional hazards.
Paradigm 8: Develop a Comprehensive Safety Training Program to Include Handling of Systems-of-Systems Concerns
Development of a complete safety training program relates not only to recognizing the components and subsystems, but also to understanding the total method for certifying the operator and maintainer. Many safety training programs are focused only on subsystem training. When this occurs, certification of the person properly operating or maintaining the equipment is limited. The power failure that can affect a maintainer's work may be only one source of power so that the power is provided by back-up power and power may still be applied to the equipment. However, when all sources of power are lost (prime, secondary and emergency), the total system should degrade or fail safely until a correction is made. Safety training programs must include not only operation and equipment control by the operator and maintainer, but also total system training that addresses the worst potential secondary effect of hazards. The instructor must use scenarios with the student that address realistic failures and examine whether total system failure can occur. Safety training with comprehensive total system understanding represents a major mitigation method and ensures that full certification is made for correctly operating and maintaining the system at all times.
About the Authors
Dev Raheja, founder and president of Design for Competitiveness, Inc., has been an international
consultant and trainer in new product development since 1981. Prior to this, he served in management positions at Booz Allen Hamilton, General Electric and Cooper Industries.
He has received several awards, including the Scientific Achievement Award from the System Safety Society. An author of the book Assurance Technologies: Principles and
Practices, he also teaches courses in Practical Reliability Engineering and Designing for Safety.
Brian Moriarty is a product assurance staff engineer with more
than 43 years of experience in system safety, reliability, maintainability, quality assurance and human factors. Currently, he is Northrop Grumman’s Senior Safety Engineer for
the FAA En Route Automation Modernization (ERAM) system in Washington DC. A Fellow and Past President of the System Safety Society and a director of the Reliability and
Maintainability Symposium, he is also the co-author of the book System Safety Engineering and Management, which is used in safety programs throughout the world.
References
1. Raheja, Dev and Michael Allocco. Assurance Technologies Principles and Practices: A Product, Process, and System Safety Perspective, Appendix B, 2nd edition, Wiley, New York, 2006.
2. Speech by Dr. Douglas R. Farrow, Fifth International Workshop on Risk Analysis and Performance Measurement in Aviation sponsored by FAA and NASA, Baltimore, August 19-21, 2003.
3. Mann, Charles, C. Technology Review, MIT, July/August 2002.
« previous page
|
