1 / 146

TREINAMENTO COMPLEMENTAR DE RCE

TREINAMENTO COMPLEMENTAR DE RCE. PROCESSO DE “SYSTEM SAFETY ASSESSMENT”. 26 DE OUTUBRO DE 2004. OBJETIVO:. Tecer comentários sobre o Processo de Avaliação de Segurança de Sistemas na Certificação de Aeronaves de Transporte. (Enfoque da Autoridade Certificadora). OBJETIVO:.

imani-warner
Télécharger la présentation

TREINAMENTO COMPLEMENTAR DE RCE

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. TREINAMENTO COMPLEMENTAR DE RCE PROCESSO DE “SYSTEM SAFETY ASSESSMENT” 26 DE OUTUBRO DE 2004

  2. OBJETIVO: Tecer comentários sobre o Processo de Avaliação de Segurança de Sistemas na Certificação de Aeronaves de Transporte. (Enfoque da Autoridade Certificadora).

  3. OBJETIVO: DEIXAR A SEGUINTE MENSAGEM: A AUTORIDADE CERTIFICADORA DEVE ENTENDER SEGURANÇA DE SISTEMA COMO UM ASSUNTO MUITO MAIS VASTO DO QUE O CUMPRIMENTO DE REQUISITOS. O APOIO CADA VEZ MAIOR DO RCE É FUNDAMENTAL

  4. COMO GARANTIR A SEGURANÇA? 1. COMPROMETIMENTO GERENCIAL ? 2. AUMENTO DA CONFIABILIDADE? 3. REQUISITOS DE CERTIFICAÇÃO MAIS SEVEROS? 4. MELHOR CONTROLE DA QUALIDADE? 5. IDENTIFICAÇÃO DOS RISCOS?

  5. NÃO SE TRATA DE UMA AULA, MAS DE UMA TROCA DE IDÉIAS. COMENTÁRIOS SÃO MUITO BEM VINDOS.

  6. COMO GARANTIR A SEGURANÇA? AVALIAÇÃO DE SEGURANÇA DE SISTEMAS GERENCIAMENTO DE SEGURANÇA DE SISTEMAS PROGRAMA DE SEGURANÇA DE SISTEMAS DEVELOPMENT ASSURANCE

  7. OVERVIEW: 1 CONSIDERAÇÕES GERAIS 2 SYSTEM SAFETY ASSESSEMENT 3 ONGOING SAFETY ASSESSMENT 4 OBJETIVOS DE SEGURANÇA 5 ENGENHARIA DE CONFIABILIDADE 6 SSA: UMA NOVA ABORDAGEM 7 ARP 4754 8 RISCO ESPECÍFICO

  8. REFERÊNCIAS: 1 ARP 4761:Guidelines and Methods for Conducting the Safety Assessment Process on Civil Airborne Systems and Equipment 2 ARP 4754:Certification Considerations for Highly-Integrated or Complex Aircraft Systems 3 ARP 5150:Safety Assessment of Transport in Commercial Service 4 RTCA/DO-178 Software Considerations in Airborne Systems and Equipment Certification, 5 RTCA/DO-254 Design Assurance Guidance for Airborne Electronic Hardware 6 BASE DE CERTIFICAÇÃO: ERJ 170/190

  9. Considerações Gerais

  10. COMO GARANTIR A SEGURANÇA? SISTEMA É um agregado de organizações, pessoas, infraestrutura, equipamentos, procedimentos, regras e informações usadas para garantir o produto ou serviço cumpram a função esperada

  11. Safety:Freedom from unacceptable risk. COMO GARANTIR A SEGURANÇA? SEGURANÇA

  12. COMO GARANTIR A SEGURANÇA? SEGURANÇA DE SISTEMAS The application of engineering and management principles, criteria, and techniques to optimize all aspects of safety within the constraints of operational effectiveness, time, and cost throughout all phases of the system life cycle. (MIL-STD-882C STANDARD PRACTICE FOR SYSTEM SAFETY 3.2.18).

  13. COMO GARANTIR A SEGURANÇA? ENGENHARIA DE SEGURANÇA DE SISTEMAS An engineering discipline requiring specialized professional knowledge and skills applying scientific and engineering principles, criteria, and techniques to identify and eliminate hazards, in order to reduced the associated risk. (MIL-STD-882C, 3.2.20).

  14. COMO GARANTIR A SEGURANÇA? GERENCIAMENTO DE SEGURANÇA DE SISTEMAS An management discipline that defines the system safety program requirements and ensures the planning, implementation, and accomplishment of system safety tasks and activities consistent with the overall program requirements. (MIL-STD-882C, 3.2.22).

  15. COMO GARANTIR A SEGURANÇA? PROGRAMA DE SEGURANÇA DE SISTEMAS The combined tasks and activities of system safety management and system safety engineering implemented by acquisition project managers. (MIL-STD-882C, 3.2.24).

  16. COMO GARANTIR A SEGURANÇA? SYSTEM SAFETY MANAGEMENT DECISION MAKING PROCESS How much does it cost ? Is it safe ?

  17. COMO GARANTIR A SEGURANÇA? SEGURANÇA DE SISTEMAS PRODUTO e seu CICLO DE VIDA A ORGANIZAÇÃO

  18. GERENCIAMENTO DA SEGURANÇA (Safety Management) “The goals of system safety can be achieved only with the support of management: A sincere commitment to safety by management is perhaps the most important factor in achieving it.” An Air Force study of system safety concluded: “Air Force top management support of system safety has not gone unnoticed by contractors (...) IMPORTÂNCIA DA SEGURANÇA DE SISTEMAS An example of how this results was accomplished was the B-1B program, in which the Program Manager or Deputy Manager chaired the meetings of the group where safety decisions were made.

  19. GERENCIAMENTO DA SEGURANÇA (Safety Management) SEGURANÇA DE SISTEMAS E SEU POSICIONAMENTO NA ESTRUTURA ORGANIZACIONAL Link direto com os tomadores de decisão Independência de outras disciplinas suportes como Reliability e Quality Assurance Canais de Comunicação Direta com a maioria das partes da organização. Deve ter Influência na tomada de decisões Deve ter foco e coordenação

  20. Project engineering Quality assurance System safety Operations Contracting Manufacturing Industrial safety Reliability engineering GERENCIAMENTO DA SEGURANÇA (“Safety Management”) System safety needs direct communication paths to most parts of the organization

  21. Man Man Machine Machine Medium Medium Management Management Money Money MISSION

  22. SYSTEM SAFETY ASSESSMENT

  23. SYSTEM SAFETY ASSESSMENT PROCESS The complete process applied during the design of the system to establish safety objectives and to demonstrate compliance with RBHA/FAR/JAA 25.1309 and other safety related requirement. (ARP 4761) 1. SAFETY OBJECTIVES 2. SHOW COMPLIANCE WITH 3. SAFETY RELATED REQUIREMENTS

  24. THE SSA PROCESS IN A NUTSHELL CRITICALITY VALIDATION FFS, A/C, SITS, FTs Performance& Flight Dynamics Analysis Cert. Plan and CCD (requirements) FHA Aircraft Systems Software and Complex hardware Hirf/Lightning CASCADE FAILURE PROPAGATION (CMA) HIRF/Lightning Certif. Process Analysis and Testing (actual A/C, Iron Bird, SITS, Electric Rig) SA Aircraft Systems (including Flight Controls and propulsion Dormant faults (1309 §9.c.(6), P<10E-3 for flight controls) SW/ Complex HW Certif. Process

  25. Identificação de todas as condições de falha juntamente com a Argumentação para sua classificação. SYSTEM SAFETY ASSESSMENT A saída do FHA é usado como ponto de partida para conduzir a PSSA

  26. PSSA é um exame sistemático das as arquiteturas propostas para os sistemas para determinar como elas podem causar os hazard funcionais identificados na FHA e não satisfazer os Safety Objectives. O Objetivo é estabelecer requisitos de segurança para sistemas, itens, HW/SW (é realizada em múltiplos estágios). SYSTEM SAFETY ASSESSMENT

  27. FHA

  28. SYSTEM SAFETY ASSESSMENT Aircraft FHA Loss of deceleration capability Top-down CONCEPT AND ARCHITECTURE Aircraft FTA Loss of deceleration capability Loss of effective wheel braking Loss of thrust reverser Loss of speed brakes in wet runway Loss of wheel braking Relationship between FHA, FTA and FMEA

  29. SSA é uma avaliação sistemática, completa dos sistemas implementados para mostrar que os Safety Objectives da FHA e os Safety Requirements derivados da PSSA são cumpridos O SSA é baseado nas FTA da PSSA e usa valores quantitativos obtidos das FMEA. Também inclui resultados das CCA. SYSTEM SAFETY ASSESSMENT

  30. SYSTEM SAFETY ASSESSMENT System FHAs Ldg gear Hydraulic Electric Braking PRELIMINARY DESIGN Top-down LOSS OF WHEEL BRAKING System PFTAs Electric Hydraulic Braking system Loss of wheel braking Loss of normal braking Loss of normal braking Loss of alternate braking

  31. SYSTEM SAFETY ASSESSMENT CONCEPT AND ARCHITECTURE DETAILED DESIGN PRELIMINARY DESIGN quantitative quantitative System FHAs Component FMEAs Aircraft FHA Accumulator Ldg gear Brake metering valve Loss of deceleration capability Pneumatic Anti-skid computer Bottom-up Top-down Top-down Electric Brake control valve Hydraulic Braking LOSS OF WHEEL BRAKING Aircraft FTA System PFTAs Loss of deceleration capability Systems FMEAs Electric Pneumatic Hydraulic Electric Braking system Hydraulic Loss of wheel braking Loss of thrust reverser Loss of effective wheel braking Braking Loss of normal braking Loss of normal braking Loss of alternate braking Loss of wheel braking Loss of speed brakes in wet runway Final SSA FTAs Closes the loop Loss of wheel braking Relationship between FHA, FTA and FMEA Loss of normal braking Loss of normal braking Loss of alternate braking

  32. SYSTEM SAFETY ASSESSMENT Design process System concept

  33. SYSTEM SAFETY ASSESSMENT

  34. FAULT TREE ANALYSIS • Método amplamente usado na indústria aeroespacial, eletrônica e nuclear. • Originalmente desenvolvido em 1961 para avaliar o “Minuteman Launch Control System”. • Os “top event” considerados eram três: • Ignição acidental do motor e • Falha no lançamento. • Lançamento inadvertido (inesperado),

  35. ARP 4761: GUIDANCE AND METHODS FOR CONDUCTING THE SAFETY ASSESSMENT PROCESS ON CIVIL, AIRBORNE SYSTEMS AND EQUIPMENT SYSTEMS Métodos de Análise usados em SSA • Fault Tree Analysis/Dependence Diagrams/Markov Analysis (FT/DD/MA) • Failure Mode and Effect Analysis (FMEA) • Failure Mode and Effect Sudmmary (FMES) • Common Cause Analysis (CCA) Zonal Safety Analysis (ZSA) Particular Risk Analysis (PRA) Common Mode Analysis (CMA)

  36. FAULT TREE ANALYSIS TOP EVENT (T): “no flow of water to reactor”

  37. FAULT TREE ANALYSIS TOP EVENT (T): “no flow of water to reactor” C = “valve V fails closed” A = “pump 1 fails to run” B = “pump 2 fails to run”

  38. FAULT TREE ANALYSIS CONJUNTOS DE CORTE MÍNIMOS: (MINIMAL CUTSETS): • MINIMAL CUTSETS: • C (de um componente) • A.B (de dois componentes) TOP EVENT (T): “no flow of water to reactor” C = “valve V fails closed” A = “pump 1 fails to run” B = “pump 2 fails to run” A menor combinação de falhas que, se ocorrerem, farão o evento topo ocorrer.

  39. ONGOING SAFETY ASSESSMENT

  40. COMO GARANTIR A SEGURANÇA ? PROJETO FABRICAÇÃO  OPERAÇÃO • MÉTODOS QUANTITATIVOS (necessários para Condições de Falha “Hazardous” e Catastróficas). ARP 4761 Análise de Árvores de Falha (FTA) Diagramas de Dependência (DD) Análise de Markov (MA) (Não estudada neste curso) Análise de Modos de Falha e Efeitos (FMEA) Esta publicação não cobre aspectos importantes da Engenharia de Confiabilidade, como, por exemplo, Modelamento e Previsão de Confiabilidade (“Reliability Prediction”).

  41. COMO GARANTIR A SEGURANÇA ? PROJETO FABRICAÇÃO  OPERAÇÃO Controle da Qualidade Teoria da Amostragem, Estatística

  42. COMO GARANTIR A SEGURANÇA ? PROJETO FABRICAÇÃO  OPERAÇÃO Teoria de Man(u)tenabilidade e Disponibilidade Incorporação de Requisitos de Manutenção no Projeto ARP 5150: Safety Assessment of Transport Airplanes in Commercial Service

  43. COMO GARANTIR A SEGURANÇA ? PROJETO FABRICAÇÃO  OPERAÇÃO ARP 5150: Safety Assessment of Transport Airplanes in Commercial Service Guidelines, methods and tools used to perform the ongoing safety assessment process, intended to support an overall safety management program. Addresses the “Is it safe” part of a safety management Provides a systematic process to measure and monitor safety to help determine safety priorities and focus available resources in areas tha offer the greatest potential to improve avaition safety. Compendium of best safety practices gathered togheter as reference

  44. COMO GARANTIR A SEGURANÇA ? PROJETO FABRICAÇÃO  OPERAÇÃO ONGOING SAFETY ASSESSMENT PROCESS Safety Assessment is the monitoring, identification, assessment and prioritization according to hazard level and probability of occurrence of risks associated with operations in a company. A process dedicated to assuring that risk is identified and managed properly within established limits; a process of identifying, and estimating, and prioritizing each risk; assessment of accident and injury, and determining if action should be considered.

  45. ESTABLISH MONITOR PARAMETERS MONITOR FOR EVENTS ASSESS EVENT & RISK DEVELOP ACTION PLAN DISPOSTION ACTION PLAN 1 2 3 4 5 ONGOING SAFETY ASSESSMENT PROCESS

  46. ESTABLISH MONITOR PARAMETERS MONITOR FOR EVENTS ASSESS EVENT & RISK DEVELOP ACTION PLAN DISPOSTION ACTION PLAN 1 2 3 4 5 ONGOING SAFETY ASSESSMENT PROCESS Appendix A Safety Significant Event Reference Lists Appendix C Qualitative Risk Assessment Appendix D Quantitative Risk Assessment Appendix E Root Cause (Event Tree) Analysis Appendix F Weibull Analysis Appendix G Monte Carlo Analysis Appendix H Relaibility Growth Modeling Appendix N Hazard Tracking Appendix O Lessons Learned Appendix K Operator Service Bulletin Process Appendix L Manufacturer Service Bulletin Process Appendix M Airworthiness Directive Development Process Appendix B Data Sources and Programs Appendix I Flight Perational Quality Assurance (FOQA) Appendix J Maintenance Error Decision Aid (MEDA)

  47. MÉTODOS QUANTITATIVOS When conducting quantitative FT/DD/MA, the probabilities are estimated from the failure rates, and exposure times of the events. Probability calculations for civil aircraft certifications are based on the probabilities calculated for all the aircraft of the same type. For the purpose of these analysis, the failure rates are usually assumed to be constant over time and are estimates of mature failure rats after infantmortality and prior to wear-out. If wear-out or infant mortality is to a consideration then other methods would need to be employed, for example life limitations or enhanced burn-in. Failing that, other distributions (e.g. Weibull) have to be applied or Monte Carlo simulation could be used. But this is beyond the scope of this document. The analysis should calculate average probability of occurrence per flight hour for the failure condition assuming a typical flight of average duration and considering the appropriate exposure and at risk times (ARP 4761).

  48. Distribuição Weibull

  49. Linkage BETWEEN SYSTEM SAFETY ASSESSMENT AND ICA During the safety assessment process associated with § 25.1309 compliance, useful information or instructions associated with the continued airworthiness of the airplane might be identified. This information should be made available to those compiling the Instructions for Continued Airworthiness covered by § 25.1529 VAI 11.1 EMB-190 SSA-ICA Process

  50. Objetivos de Segurança

More Related