ebook img

Safety Report on the Treatment of Safety-Critical Systems in Transport Airplanes PDF

136 Pages·2006·1.2 MB·English
by  
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Safety Report on the Treatment of Safety-Critical Systems in Transport Airplanes

National Transportation Safety Board PRSRT STD Washington, D.C. 20594 Postage & Fees Paid OFFICIAL BUSINESS Penalty for Private Use, $300 NTSB Permit No. G-200 Safety Report on the Treatment of Safety-Critical Systems in Transport Airplanes Safety Report NTSB/SR-06/02 PB2006-917003 Notation 7752A National National Transportation Transportation Safety Board Safety Board Washington, D.C. Washington, D.C. Safety Report Safety Report on the Treatment of Safety-Critical Systems in Transport Airplanes NTSB/SR-06/02 PB2006-917003 National Transportation Safety Board Notation 7752A 490 L’Enfant Plaza, S.W. Adopted April 25, 2006 Washington, D.C. 20594 National Transportation Safety Board. 2006. Safety Report on the Treatment of Safety-Critical Systems in Transport Airplanes. Safety Report NTSB/SR-06/02. Washington, DC. Abstract: Certification of systems that are critical to the safety of flight has been the focus of several recently concluded National Transportation Safety Board accident investigations of transport-category airplanes: USAir flight 427 in 1999; TWA flight 800 in 2000; Alaska Airlines flight 261 in 2002; and American Airlines flight 587 in 2004. Each of these investigations raised questions about the certification process used by the FAA to determine compliance with airworthiness standards. The purpose of this safety report is to discuss the concerns about certification raised in those investigations and to identify process improvements to FAA’s type certification of safety-critical systems in transport-category airplanes. The report includes three recommendations in two areas. The first area concerns the ways in which hazards to safety of flight are identified, assessed, and documented during the type certification process. The Safety Board’s analysis considered how compliance with Federal regulations is demonstrated and how the safety assessment effort is documented. Of particular concern were assessments of safety-critical systems that do not include certain structural failure conditions and human/system interaction failures. The second area focused on the ongoing assessment of safety-critical systems throughout the life of the airplane. The Board concluded that a program must be in place, once the type certification process is completed, to ensure the ongoing assessment of risks to safety-critical systems. Such a program must recognize that ongoing decisions about design, operations, maintenance, and continued airworthiness must be done in light of operational data, service history, lessons learned, and new knowledge, for designs that are derivatives of previously certificated airplanes. The National Transportation Safety Board is an independent Federal agency dedicated to promoting aviation, railroad, highway, marine, pipeline, and hazardous materials safety. Established in 1967, the agency is mandated by Congress through the Independent Safety Board Act of 1974 to investigate transportation accidents, determine the probable causes of the accidents, issue safety recommendations, study transportation safety issues, and evaluate the safety effectiveness of government agencies involved in transportation. The Safety Board makes public its actions and decisions through accident reports, safety studies, special investigation reports, safety recommendations, and statistical reviews. Recent publications are available in their entirety on the Web at <http://www.ntsb.gov>. Other information about available publications also may be obtained from the Web site or by contacting: National Transportation Safety Board Records Management Division, CIO-40 490 L’Enfant Plaza, S.W. Washington, D.C. 20594 (800) 877-6799 or (202) 314-6551 Safety Board publications may be purchased, by individual copy or by subscription, from the National Technical Information Service. To purchase this publication, order report number PB2006-917003 from: National Technical Information Service 5285 Port Royal Road Springfield, Virginia 22161 (800) 553-6847 or (703) 605-6000 The Independent Safety Board Act, as codified at 49 U.S.C. Section 1154(b), precludes the admission into evidence or use of Board reports related to an incident or accident in a civil action for damages resulting from a matter mentioned in the report. iii SafetyReport Contents Contents .................................................................................................................................................... iii Acronyms and Abbreviations ........................................................................................................... v Executive Summary ........................................................................................................................... viii Introduction ............................................................................................................................................ 1 Certification Issues in Accident Investigation ........................................................................... 6 USAir Flight 427 ........................................................................................................................................... 6 Certification Issues .............................................................................................................................. 10 TWA Flight 800 ........................................................................................................................................... 11 Certification Issues .............................................................................................................................. 15 Alaska Airlines Flight 261 ........................................................................................................................... 16 Certification Issues .............................................................................................................................. 21 American Airlines Flight 587 ...................................................................................................................... 23 Certification Issues .............................................................................................................................. 29 Methodology for Examining Type Certification ..................................................................... 31 The FAA Certification Process .................................................................................................................... 31 Establishing the Type Certification Basis .................................................................................................... 33 Demonstrating Compliance ......................................................................................................................... 35 Fail-Safe Design Concept ............................................................................................................................ 37 Conducting Safety Assessments .................................................................................................................. 40 Post-Certification Processes ........................................................................................................................ 43 Other Efforts to Study Certification ............................................................................................ 46 FAA Commercial Airplane Certification Process Study ............................................................................. 46 RTCA Task Force 4 on Certification ........................................................................................................... 47 National Research Council Report on Improving Continued Airworthiness .............................................. 48 Analysis .................................................................................................................................................... 50 Identifying and Assessing Safety-Critical Systems ..................................................................................... 50 Excluding Structural Failures from Safety Assessments ............................................................................. 52 Excluding Human Error from Safety Assessments ..................................................................................... 53 Monitoring and the Ongoing Assessment of Safety-Critical Systems ........................................................ 55 Conclusions ............................................................................................................................................ 60 Recommendations ............................................................................................................................... 61 Resource Documents .......................................................................................................................... 62 Contents iv SafetyReport Appendixes A: Type Certification Process Description ...................................................................... 67 B: Certification Process Tables .......................................................................................... 100 C: Transport-Category Airplane-Related Accidents ................................................ 115 D: Status and Disposition of NTSB Safety Recommendations ............................. 120 v SafetyReport Acronyms and Abbreviations AAI Office of Accident Investigation AAM Office of Aerospace Medicine AAMP Advanced Aircraft Maneuvering Program AC advisory circular ACE-100 Small Airplane Directorate ACO Aircraft Certification Office ACSEP Aircraft Certification Evaluation System AD airworthiness directive AEG Aircraft Evaluation Group AFS Flight Standards AIR Aircraft Certification Service ANM-100 Transport Airplane Directorate APC aircraft-pilot coupling ARAC Aviation Rulemaking Advisory Committee ATM air traffic management ATOS Air Transportation Oversight System AVS Associate Administrator for Aviation Safety CDR critical design review CFR Code of Federal Regulations CIR conformity inspection report CM Condition Monitoring CMT Certificate Management Team CNS communications, navigation, surveillance CPS Commercial Airplane Certification Process Study CMR Certification Maintenance Requirement CWT center wing fuel tank DAR Designated Airworthiness Representative DER Designated Engineering Representative DMIR Designated Manufacturing Inspection Representative DoD Department of Defense DODD Department of Defense Directive DODI DoD Instruction Acronyms and Abbreviations vi SafetyReport EASA European Aviation Safety Authority ETEB Flight Control Engineering Test and Evaluation Board ETOPS Extended-Range Twin-Engine Operations FAA Federal Aviation Administration FAR Federal Aviation Regulation FDR flight data recorder FHA functional hazard assessment FMEA failure modes and effects analysis FMES failure modes and effects summary FOEB Flight Operations Evaluation Board FSB Flight Standardization Board FTA fault tree analysis FTA Federal Transit Administration GAO General Accounting Office HRA human reliability analysis HT Hardtime ICA instructions for continued airworthiness ISC industry steering committee JAA Joint Aviation Authority JAR Joint Aviation Requirement MED multiple element damage MRB Maintenance Review Board MSD multiple site damage MSG Maintenance Steering Group NAS National Airspace System NASA National Aeronautics and Space Administration NPRM Notice of Proposed Rule-Making NRC National Research Council NRC Nuclear Regulatory Commission NRS national resource specialist OAMP On-Aircraft Maintenance Planning OC On-Condition PCU power control unit PM project manager PO project officer PPH policy and procedures handbook Acronyms and Abbreviations vii SafetyReport PRA probabilistic risk assessment PSCP Project Specific Certification Plan PSE principal structural element PSP Partnership for Safety Plan PSSA preliminary system safety assessment SAE Society of Automotive Engineers SCR special certification review SSI Structural Significant Item TC type certificate TCB Type Certification Board TCDS Type Certificate Data Sheet TIA Type Inspection Authorization TIR Type Inspection Report V design maneuvering speed A WG working group viii SafetyReport Executive Summary Certification of systems that are critical to the safety of flight has been the focus of several recently completed National Transportation Safety Board accident investigations of transport-category airplanes: the rudder actuator in USAir flight 427 in 1999; the center wing fuel tank in TWA flight 800 in 2000; the horizontal stabilizer jackscrew in Alaska Airlines flight 261 in 2002; and the rudder system in American Airlines flight 587 in 2004. Each of these investigations raised questions about the certification process used by the FAA to determine compliance with airworthiness standards. The purpose of this safety report is to discuss the concerns about certification raised in those investigations and to identify process improvements to FAA’s type certification of safety-critical systems in transport-category airplanes. The Safety Board recognizes that the findings in this report are presented during one of the safest periods in commercial aviation history and acknowledges that FAA’s certification process has contributed significantly to that level of safety. However, the Board notes that there is room for improvement. The report includes three recommendations in two areas. The first area concerns the ways in which hazards to safety of flight are identified, assessed, and documented during the type certification process. The Safety Board’s analysis considered how compliance with Federal regulations is demonstrated and how the safety assessment effort is documented. Of particular concern were assessments of safety-critical systems that do not include certain structural failure conditions and human/system interaction failures. The second area focuses on the ongoing assessment of safety-critical systems throughout the life of the airplane. The Board concluded that a program must be in place, once the type certification process is completed, to ensure the ongoing assessment of risks to safety-critical systems. Such a program must recognize that ongoing decisions about design, operations, maintenance, and continued airworthiness must be done in light of operational data, service history, lessons learned, and new knowledge, for designs that are derivatives of previously certificated airplanes.

See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.