Florida System Safety Society
The following guidelines have been adapted from the US Army Communication and Electronics Command Supplement (1992 version) 1to AR 385-16. The checklist is not meant to be comprehensive towards all disciplines, but is a good starting point for verifying the safety of a design.
A non-linkable version that is more current is also available. (Click here for MS Word version!) This version does not caontain references.
SYSTEM SAFETY DESIGN VERIFICATION CHECKLIST
Vehicles, Shelters, Trailers, and Vans
1.1 Are operating personnel protected from accidental contact with voltages in excess of 30 volts? (MILSTD454M, Rq 1 [4.4.3]; MILSTD1472D [5.13.7.1.4])
1.2 Does each contact, terminal or like device, having voltages between 70 and 500 volts, rms or DC, with respect to ground, have barriers or guards to minimize accidental contact by operating or maintenance personnel? (MILSTD454M, Rq 1 [4.4.3.1])
1.3 Are barriers or guards that protect terminals orlike devices exhibiting 70500 volts, clearly marked to indicate highest voltage encountered upon its removal? (MILSTD454M, Rq 1 [4.7b]; ANSI Z35.1, Class II; ANSI Z35.4)
1.4 Are portions of assemblies operating at potentials above 500 volts, RMS or DC, completely enclosed from the remainder of the assembly, and is the enclosure provided with nonbypassable interlocks? (MILSTD454M, Rq 1 [4.4.3.2 & 4.4.4.1c])
1.5 Are enclosures for potentials, which exceed 500 volts, marked "DANGER, HIGH VOLTAGE, XXX VOLTS", in white on a red background? (MILSTD454M, Rq 1, [4.7c]; ANSI Z35.1, Class II and Z35.4)
1.6 Do all circuits and capacitors discharge to 30 volts or less within no more than two seconds after power is removed? (MILSTD454M, Rq 1 [4.4.5.1])
1.7 If the answer to question 1.6 is NO, are the highvoltage capacitors or circuits automatically discharged when the case or rack is opened? (MILSTD454M, Rq 1 [4.4.5.1])
1.8 Are test points provided in equipment where measurement of potentials in excess of 300 volts is required? (MILSTD454M, Rq 1 [4.4.3.3])
1.9 Are test points designed to require plugin, not clampon, test instruments? (MILSTD1472D [5.13.7.1.3])
1.10 Are green indicator lamps provided to indicate "power on"? (MILSTD1472D [5.2.2.1.18d])
1.11 Is sufficient space provided between shield endings and exposed conductors to prevent shorting or arcing? (MILSTD454M, Rq 1 [4.4.2.4])
1.12 Are electrical conductors designed to prevent insertion of the wrong plug into a receptacle or other mating unit? (MILSTD454M, Rq 1 [4.4.6]; MILSTD1472D [5.9.14.2, 5.13.7.1.2])
1.13 Are plugs and receptacles coded and marked to clearly indicate mating connectors, where those of similar configuration are in close proximity? (MILSTD454M, Rq 1 [4.4.6]; MILSTD1472D [5.9.14.3])
1.14 Are plugs and receptacles designed to preclude electrical shock and burns while being disconnected? (MILSTD454M, Rq 1 [4.4.6])
1.15 Are male plugs deenergized when disconnected? (MILSTD454M, Rq 1 [4.4.6])
1.16 Are dissimilar plug/receptacle pairs used in units containing explosives? (MILSTD454M, Rq 1 [4.4.6])
1.17 When equipment is designed to operate on more than one type of input power, does the connector design prevent connection or use of improper power? (MILSTD454M, Rq 1 [4.4.6])
1.18 Are singlephase power cables properly color coded: black: hot white: neutral green: ground? (MILSTD686C [5.1.1.2.2b])
1.19 Are threephase power cables coded as in Question 1.18, above, with the second and third phases inred and blue, respectively? (MILSTD686C [5.1.1.2.2.d])
1.20 Are meter terminals protected from voltages of 70 volts or more?
1.21 Do probes that are part of or accessories to the equipment contain safety guards that prevent contact with the tip and is the length of the exposed portion of the tip not more than 0.75 inches? (This question does not apply if the voltages to be measured are less than (a) 30 volts rms, (b) 60 volts DC, or (c) 24.8 volts DC interrupted at a rate of 10 Hz to 200 Hz.) (MILT28800D [3.9.3.1d])
1.22 Are current and voltage overload protection devices provided? (MILSTD454M, Rq 8 [4.1.1])
1.23 Except for antennas and transmission line terminals, are all external parts, surfaces, and shields at ground potential at all times? (MILSTD454M, Rq 1 [4.4.2]; MILSTD1472D [5.13.7.1.5])
1.24 Is the path from the equipment to ground continuous and permanent? (MILSTD454M, Rq 1 [4.4.2.2a])
1.25 Is the ground wire color coded green or green with yellow stripes? (NFPA 7087 [400.23])
1.26 Does the ground have capacity to safely conduct any currents that might be imposed thereon? (MILSTD 454M, Rq 1 [4.4.2.2b])
1.27 Is the ground wire separate from electrical circuits, i.e., not tied to neutral? (MILSTD188124A [5.1.1.2.5.1])
1.28 Has a test been conducted to determine the amount of leakage current on the grounding conductor? If YES, indicate the amount of current, in milliamperes, that was measured. (NFPA 7087 [25021])
1.29 Is the impedance of the path from the equipment tie point to ground sufficiently low to limit the potential drop and to allow the operation of over current devices in the circuits? (MILSTD454M, Rq 1 [4.4.2.2c])
1.30 Does the path from the equipment tie point to ground have sufficient mechanical strength to minimize accidental ground disconnection? (MILSTD454M, Rq 1 [4.4.2.2d])
1.31 Is the ground connection to the chassis or frame secured by one of the following: Spot welded terminal lug, Soldering lug, Screw, nut, and lockwasher? (MILSTD454M, Rq 1 [5.2.3]
1.32 On transmitting equipment, is a grounding stud provided that permits attachment of a portable shorting rod? (MILSTD454M, Rq 1 [4.4.5.2])
1.33 Except for RF voltages, are antenna and transmission terminals at ground potential? (MILSTD454M, Rq 1 [4.4.2])
1.34 Do convenience outlets automatically ground the mated plugs of metalcased portable tools and equipment? (MILSTD454M, Rq 1 [4.4.2.2])
1.35 Are both the phase and neutral supply voltage lines not connected to the chassis? (MILSTD188124A [5.1.1.2.5.1])
1.36 Are wires and cables supported and terminated to prevent shock and fire? (29 CFR 1910.305)
1.37 Are DC power connections color coded and marked for polarity? (MILSTD686C [5.1.1.2.2a])
1.38 Does the main power switch cut off all power to the complete equipment? (MILSTD454M, Rq 1 [4.4.1])
1.39 Is the main power switch clearly identified? (MILSTD454M, Rq 1 [4.4.1])
1.40 Is the main power switch located on the front panel? (29 CFR 1910.303)
1.41 Is physical protection provided from accidental contact with the power input side of the main power switch and the incoming power line connections? (MILSTD454M, Rq 1 [4.4.3.5])
1.42 Are power switches located such that they cannot be operated by accidental contact? (MILSTD454M, Rq 1 [4.6.2])
1.43 Are switches provided to deactivate mechanical drive units without disconnecting other parts of the equipment? (MILSTD454M, Rq 1 [4.4.4.3])
1.44 Are means provided to cut off power while installing or replacing an item of equipment or an assemblyor part thereof? (MILSTD454M, Rq 1 [4.4.1])
1.45 Are emergency controls readily accessible and clearly identified? (MILSTD1472D [5.1.2.3.8])
1.46 Does the equipment use batteries? If YES, indicate whether batteries are the primary or backup power source.
1.47 Is the battery in the Government inventory? If YES, indicate the battery's nomenclature, e.g., BAxxx, BBxxx, etc.
1.48 Has U.S. Army Laboratory Command (LABCOM) approved the battery assignment? (AMCR 70083)
1.49 Can the battery enclosure or box prevent injury or damage in the event of a violent gas venting or rupture of the battery cells?
1.50 Are battery compartments vented? (29 CFR 1910.178(g)(2))
2.1 Are safety covers provided for exposed gears, cams, levers, fans, and belts? (MILSTD1472D [5.13.5.2; 5.13.7.2.1])
2.2 Are selflocking or other failsafe devices incorporated into expandable and collapsible structures, such as shelters, jacks, masts, and tripods, to prevent accidental or inadvertent collapsing or falling? (MILSTD1472D, [5.13.6.1])
2.3 Are positive means provided to prevent mismating of fittings; couplings; fuel, oil, hydraulic, and pneumatic lines; and mechanical linkages? (MILSTD454M, Rq 1 [4.6.1])
2.4 Are doors and drawers and associated catches, hinges, supports, fasteners, and stops designed to prevent accidental injury? (MILSTD454M, Rq 1 [4.6])
2.5 Is the installed equipment free of overhanging edges and corners that may cause injuries? (MILSTD454M, Rq 1 [4.6]; MILSTD1472D [5.13.5.4])
2.6 Is the equipment likely to remain upright under normal use and in strong wind, considering its means of support and center of gravity?
2.7 Does the weight of equipment that is designed to be carried by a single soldier not exceed the following limits? (MILSTD1472D [5.9.11.3.1])
Weight (lbs)
Handling Function M&F M
Equipment designed
to be lifted from 37 56
the floor to five feet
or less above the floor.
Equipment designed
to be lifted from 44 87
the floor to three feet
or less above the floor
Equipment designed
to be carried 33 feet 42 82
or less.
Male and female population
Male population only
2.8 Does the weight distribution allow easy handling, moving, and positioning? (MILSTD1472D [5.9.11.3])
2.9 Are suitable carrying handles provided? (MILSTD1472D [5.9.11.5.1])
2.10 Are lifting requirements labeled on equipment weighing over 37 lbs? (MILSTD1472D [5.9.11.3.9])
2.11 Are safety or relief valves provided for pressurized systems or components?
2.12 Is all glass of the nonshatterable type?
3.1 Is the temperature of all exposed parts less than 60oC, when the ambient temperature is 25oC, regardless of the condition of operation? (MILSTD454M, Rq 1 [4.3])
3.2 Is the temperature of front panels and operating controls less than 49oC, when the ambient tem perature is 25oC, regardless of the condition of operation? (MILSTD454M, Rq 1 [4.3])
3.3 Is the release of toxic, corrosive, or explosive fumes or vapors prevented? (MILSTD454M, Rq 1 [4.8.1])
3.4 Are the outer coverings of cables, wires, and other components free of glass fiber materials? (MILSTD454M, Rq 1 [4.8.4])
4.1 Are warning labels provided that indicate the hazardous range of microwave emissions for components that produce a power density in excess of the following limits?
Frequency (f) Power Density (MHz) mW/cm2
0.01 3 100
3 30 900/f2
30 100 1
100 1,000 100
1,000 300,000 10
(MILSTD1472D [5.13.2.1])
4.2 Have all devices that exceed 10,000 volts been evaluated for X radiation?
4.3 Are Xray producing devices shielded to reduce personnel exposure to 2.0 mr/hour or less? (MILSTD454M, Rq 1 [4.5.2])
4.4 Are Xray producing devices and the components in which they are located labeled with an Xradiation hazard warning symbol? (MILSTD1472 [5.13.2.1])
4.5 Have tests verified no radium or other radioactive materials are present? (MILSTD454M, Rq 1 [4.8.3])
4.6 Are all tubes, knobs, meters, dials, scales, markings, etc, free of radioactive material? If NO, indicate isotope and quantity on SEL Form 11831. (MILSTD454M, Rq 1 [4.8.3])
4.7 Are radiation markings and labels affixed to all parts or components containing radioactive material? (MILSTD1472D [5.13.2.1])
4.8 Are filters, goggles, or other protective devices provided, and are warning signs posted, for all sources of radio frequency, ultraviolet, infrared, highenergy visible, laser, and any other type of hazardous radiant energy? (MILSTD1472D [5.13.2.1])
4.9 Is either an FDA classification label or a DA Label 168 affixed to each laser device? (MILSTD454M, Rq 1 [4.7e])
5.1 Are there provisions to prevent injury from implosion of cathode ray tubes? (MILSTD454M[4.6.3])
5.2 Is equipment designed to prevent accidental ignition of hazardous atmospheres? (Applicable to equipment that is intended for use in atmospheres of explosive gas or vapors, combustible dusts, or ignitable fibers and flyings.) (NFPA 7087 [5002])
5.3 Is a shutdown device or an alarm provided to prevent injury or equipment damage?(MILSTD1472D [5.9.17.1.3])
5.4 Is there adequate separation between critical warning lights and other lights? (MILSTD1472D [5.2.1.4.9])
5.5 Are audible warning signals distinguishable from other sounds under normal operating conditions? (MILSTD1472D [5.3.3.2.1])
5.6 Are warning circuits separate from control circuits?
5.7 Is the display lighting of aircraft electronics (avionics) compatible to the use of night vision goggles? (MILSTD85762A)
5.8 Is the system or equipment free of software that (a) could create a hazard, (b) controls hazardous processes or outputs, or (c) controls information upon which the operator must rely in order to make safe decisions? If YES, then skip questions 5.9 through 5.16.
5.9 Does the software adequately control all hazardous routines and outputs?
5.10 Does the software allow the operator to take control over the hardware at any time? If the answer is YES, then skip question 5.11.
5.11 Does the software allow the operator to take control over the hardware when hazardous routines or outputs are involved?
5.12 Will operator have information needed in order to make safe decisions without reliance upon information generated by the software? If YES, skip 5.13.
5.13 Is the probability that the software will fail to provide information needed by the operator in order to make safe decisions at an acceptably low level?
5.14 Is the probability that the software will induce a critical hazard at an acceptably low level?
5.15 Can the failure of any input or output device cause a critical hazard?
5.16 Does the system assume or revert to a safe state upon a power failure or upon the failure of any hardware component, such as the primary computer?
6.1 Are antenna terminals insulated to prevent RF burns? (MILSTD454M, Rq 1 [4.4.3.4])
6.2 Are antenna tips designed to prevent puncture wounds? (TB 430129 [3a(8)])
6.3 Are labels provided to warn against contact with overhead electrical lines? (TB 430129 [3a(2)])
6.4 Are lockout devices provided for remotelyoperated antennas?
6.5 Are safety latches provided that prevent unintended release of the guy cable? (NFPA 7087 [81012])
6.6 Lightning Protection Adequacy (NFPA 7087 [81020, 81057]) If mast is electrically continuous, treat it as the down conductor.
a. If antenna acts as an aerial terminal, conductivity must equal or better that of #8 AWG solid copper. If YES, skip b.
b. If antenna does not act as aerial terminal, (e.g. dish antenna) does rod extend at least 6 inches above the antenna and meet criteria in a.?
c. Is down conductor equivalent to #8 AWG solid copper with a minimum strand size of #17 AWG?
d. Are joints mechanically strong & corrosion resistant?
e. Is resistance of joint less that that of 2 ft.(.6 m) of down conductor? [R=.002 ohms or less - negligible resistance]
f. Will the down conductor remain free of bends or kinks after repeated use?
g. Is down conductor straight as possible with any turns not less than 90 degrees with 8 inch radius of turn?
(NFPA 78-13 3-12.5)
h. Is ground rod at least 1/2 inch in diameter, 8 ft long, copper clad steel or equivalent? (NFPA 78-13 3-16.1)
i. Is ground rod free of paint?
j. Does antenna mast configuration during erection, storage, take-down or operation prevent any component of the lightning protection system from mechanical damage or wear?
If mast is electrically continuous and is acting as the down conductor, is the ground stud adequate?
Vehicles, Shelters, Trailers and Vans
7.1 Is the vehicle weight properly distributed and is the vehicle laterally stable? (SCL1280D [3.4.2.2])
7.2 Has the vehicle roadworthiness testing? (e.g. Munson road test)
7.3 Are entries and exits free of obstructions? (MILSTD1472D [5.13.4.2c])
7.4 Is an emergency exit provided and marked? (MILSTD1472D [5.13.4.2])
7.5 Are ladders, nonslip surfaces, and guardrails or chains provided for the shelter roof? (MILSTD1472D [5.13.6.2])
7.6 Do the entryway ladders or steps allow safe entrance and exit? (MILSTD1472D [5.13.4.3])
7.7 Are adequate instructions provided for placement of detached semitrailers?
7.8 Are safety chains provided to prevent the trailer from detaching from the towing vehicle?
7.9 Are accessories secured or stowed to prevent damage when the vehicle is moving?
7.10 Will the lifting rings support the total weight of the shelter and the installed equipment?
7.11 Are ground rods and straps provided? (MILHDBK419A, Vol. II [1.11.2.4.2])
7.12 Is a ground stud provided at the power entry box? (MILHDBK419A,
Vol. 2 [1.11.2.3.2.1])
7.13 Is the ground stud identified by a label or other marking?
7.14 Are the ground pins of the convenience outlets hard wired to the ground stud? (MILSTD188124A [5.1.1.2.5.3])
7.15 Are all outdoor receptacles connected to ground fault circuit interrupters (GFCIs)? If YES, skip question 7.16. (NFPA 7087 [2108])
7.16 Is the socket configuration of each outdoor receptacle that is not connected to a GFCI unique to its special application and unusable for other applications or as a convenience outlet?
7.17 Are all ground wires color coded green? (NFPA 7087 [2105B; 40023])
7.18 Has a test been conducted to determine the amount of leakage current on the grounding conductor?
If YES, indicate the amount of current, in milli amperes, that was measured. (NFPA 7087 [25021])
7.19 Except for generators, are all grounds, including GFE, isolated from neutral? (MILSTD188124A [5.1.1.2.5.1])
7.20 Is the power ground wire connected to the ground stud? (MILSTD188124A [5.1.1.1.1])
7.21 Proper color coding on indicators? (White:information; amber: caution; red: danger; green: power on.) (MILSTD1472D [5.2.2.1.1.8])
7.22 Are terminals, plugs, and other exposed parts that may exhibit over 70 volts (convenience outlets excluded), guarded against accidental contact during maintenance? (MILSTD454M, Rq 1 [4.4.3.1])
7.23 Are safety switches provided to disconnect remotelylocated assemblies? (No reference)
7.24 Does the floor surface prevent slipping? (29 CFR 1910.22a)
7.25 Are floor surfaces adequately insulated? (TB 3854 [15k])
7.26 Are there fire hazards present?
7.27 Are fire extinguisher accessible and located near exits? Are they of the proper rating for the application?
7.28 Are open hatches, covers, lids, and doors positively locked?
7.29 Are hinged or sliding components latched or otherwise secured to prevent unintended movement? (MILSTD1472D [5.9.9.2])
7.30 Do the racks or cabinets contain stops to prevent drawers from extending beyond their intended limits? (MILSTD1472D [5.9.12.7])
7.31 Are fuel lines that are inside the shelter made as short as possible?
7.32 Is there a heater fuel shutoff valve inside the shelter?
7.33 Is a fuel line and adapter provided for connection to the external fuel tank or container?
7.34 Is the heater exhaust pipe located as far as possible from the fuel intake valve?
7.35 Does the heater exhaust pipe routing prevent the concentration of carbon monoxide in the shelter?
7.36 Are fuel cans located outside the shelter and at a safe distance from the heater?
7.37 Are battery compartments forcedair ventilated to the outside?
7.38 Is a warning device provided to indicate when either the battery vent lid or door is closed orwhen the ventilation fan is inoperable?
7.39 Are warning labels provided to indicate possible explosive gas accumulations?
7.40 Is the vehicle exhaust sufficiently separated from shelter openings to avoid an accumulation of carbon monoxide in the shelter?
7.41 Is there adequate overhead clearance? (MILSTD1472D [5.7.4; 5.12.7.2a])
7.42 Are wall fastenings sufficient to prevent equipment from breaking away, falling, or accidently dislodging?
7.43 Are ceilings, walls, and other surfaces adjacent to aisles free of electrical switches that are vulnerable to breakage by accidental collision? If the answer is YES, then skip question 7.44.
7.44 Do such switches contain metal shafts that pose a shock hazard when exposed?
8.1.a. Are noise levels less than 85 dBA for steady state or 140dBP for impulse? (DA PAM 40-501,MIL-STD 1474C [5.1], MIL-STD 1472D [5.8.3]). If your response is no, answer question b.
b. Are appropriate warnings and/or safeguards provided on the equipment and in the technical manuals?
8.2.a. Are hazardous or potentially hazardous materials(e.g., toxics, flammables, ignitables, corrosives, reactives, explosives, oxidizers, carcinogens) used or required (operation, maintenance and/or storage)? (29 CFR 1910.1200, FED-STD 313C). If your response is yes, answer questions b, c, 8.3, and 8.4.
b. Have the proper forms been completed and submitted to the government?
c. Can non-hazardous materials be substituted?
8.3 Are potential exposures to hazardous materialsduring use, maintenance, and disposal controlled to levels below the Occupational Safety and Health Administration (OSHA) Permissible Exposure Limit (PEL), American Conference Of Governmental Industrial Hygienists (ACGIH) Threshold Limit Values (TLV), and/or National Institute of Occupational Safety and Health (NIOSH) Recommended Exposure Limits (REL) (use the most stringent standard)?
8.4 Is personal protective equipment (PPE) requiredfor use of hazardous materials listed in 8.2.b.
8.5 Is the shelter required to be occupied during normal operations?
8.6 Is the vehicle required to be occupied duringnormal operations of the shelter?
8.7.a. Is the shelter air conditioned and/or heated toprevent heat and cold stress to occupants? (ACGIH TLVs, MIL-STD 1472D [5.8.1]). If your response is yes, answer question b.
b. Is the system's ECU sufficient to maintain temperatures within the shelter between 60-86 degrees F?
8.8.a. Is lighting required within the shelter? (MIL-STD 1472D [5.8.2]). If yes, answer question b.
b. Are light levels within the shelter sufficient to conduct normal operations?
8.9.a. Is the shelter powered by a generator, vehicle,etc? (MIL-STD 1472D [5.8.1.2]). If your response is yes, answer question c.
b. Are personnel required to be in or near vehicleswith generators operating and/or the vehicle engine idling during normal operating conditions? (MIL-STD 1472D [5.8.1.2]). If your response is yes, answer question c.
c. Do the diesel exhaust levels within the shelter or vehicle exceed permissible limits of the following substances:?
Permissible Limits (PPM)
Substance 8 Hr TWA STEL
Carbon Monoxide 35 200
Formaldehyde 0.75 2
Sulfur Dioxide 2 5
Acrolein 0.1 0.3
Nitric Oxide 25 N/A
Nitrogen Dioxide N/A 1
8.10 Is insulating material (e.g., asbestos, fibrous glass, mineral wool, polystyrene foam, polyurethane foam) added or incorporated into the shelter, vehicle, or equipment? If your response is yes, answer question b.
b. Are appropriate warnings and/or safeguards provided on the equipment and in the technical manuals?
8.11.a. Are ozone-depleting substances (e.g., CFC-11, CFC-12, CFC-113, CFC-114, CFC-115, HCFC-22, HCFC-123, Halon 1211, Halon 1301, Halon 2402, Methyl Chloroform, Carbon Tetrachloride) required? (Clean Air Act, DoDD 6050.9). If your response is yes, answer questions b and c.
b. Are appropriate warnings and/or safeguards provided on the equipment and in the technical manuals?
c. Can substitute with an ozone depletion potential (OPD) of 0.05 or less be used?
Back to Tools Back to FLSSS Homepage