Download presentation
Presentation is loading. Please wait.
1
How S-18 processes help make systems trustworthy
SAE 2018 Aerospace Standards Summit, October 2, 2018 Presenter: Robert Voros Regulatory Compliance Lead – Development Assurance & System Safety Civil Certification & ODA, Textron Aviation Flight Controls ODA-UM SAE S-18 Committee Chair S-18: Aircraft & Systems Development and Safety Assessment Committee
2
SAE S-18 Committee Scope/Charter
The S-18 Committee brings together qualified specialists for the advancement of aerospace safety and to support effective safety management. It provides a resource for other committees and organizations with common interests in safety and development processes. The committee develops Aerospace vehicle and system: Safety assessment processes Development assurance processes Practices for accomplishing in-service safety assessments S-18’s Core Objective: Assure an inverse relationship between the severity of an aircraft’s failure conditions’ effects and the probability of their occurrences. S-18
3
Guidelines and methods of performing the safety assessment for the aircraft.
S-18 Documents S-18 S-18 S-18 Guidelines for the development, validation, and verification of aircraft systems requirements. Guidelines, methods, and tools to perform the ongoing safety assessment process in service. AIR6110–Contiguous Aircraft/System Development Process Example AIR6218–Constructing Development Assurance Plan for Integrated Systems AIR6219–Incorporation of Atmospheric Neutron Single Event Effects Analysis into Safety Assessment AIR6276–Use Of Modeling And Tools For Aircraft Systems Development (in work) AIR6913 –Using STPA During Development and Safety Assessment of Civil Aircraft (in work) S-18
4
S-18 Processes Accommodate a Wide Range of Vehicles
ARP4754A Process S-18 Processes are structured around aircraft and system functions Function: Intended behavior of a product based on a defined set of requirements regardless of implementation. Therefore, the process can adapt, based on the set of a vehicle’s intended behaviors. Based on AIR6110, Figure 2 S-18
5
Systematic Assessments of Functions Determines Safety Criticality
ARP4761 Process Once the conditions of the aircraft operation are defined, each function is systematically assessed to understand that function’s: Failure conditions, the effects of those conditions, and the severity of those effects Functional Hazard Assessment ARP4761 Process Loss of the Function Effects of Loss on the Aircraft, Crew and Passengers Catastrophic Hazardous Major Minor FUNCTION Failure Condition: A condition having an effect on the aircraft and/or its occupants, either direct or consequential, which is caused or contributed to by one or more failures or errors, considering flight phase and relevant adverse operational or environmental conditions or external events (AMC ). Malfunction Effects of Malfunction on the Aircraft, Crew and Passengers Catastrophic Hazardous Major Minor ARP4754A Process S-18
6
The Architecture Informs the Safety Requirements
ARP4754A Process Function Procedures System Behaviors Mechanism Definition The balance of these attributes depends on the aircraft. Procedures System Behaviors Mechanism Definition Procedures Mechanism Definition System Behaviors A system architecture is established including the definition of the mechanisms which will produce the functionality, the behaviors they will provide, and the procedures necessary for appropriate operation. Procedures Mechanism Definition System Behaviors S-18
7
Safety Requirements are Used to Reduce the Occurrence of Failure Conditions Based on their Severity
ARP4761 Process Procedures System Behaviors Mechanism Definition Preliminary System Safety Assessment Flight Maintenance Development Assurance Levels Independence Probability of Failure ARP4761 Process Severity Development Assurance Levels Activity per Severity Independence per Severity Probability of Failure Catastrophic A Assure Correctness and Completeness, Implementation Verification Validation Activity Independence, Verification Activity Independence, No single failures 1E-9 Hazardous B Validation Activity Independence, Verification Activity Independence 1E-7 Major C 1E-5 Minor D As negotiated 1E-3 S-18
8
How S-18 Processes Help make Systems Trustworthy
S-18 processes provide a flexible framework within which a variety of configurations can be developed, assessed, and demonstrated to be safe. These processes provide assurance that: all functions, no matter their complexity, provided by an aircraft are systematically and comprehensively assessed; the most safety critical aspects of the aircraft’s systems are identified; that criticality drives both the aircraft’s systems’ architecture and its development process; and the final design can be shown to address these critical safety aspects S-18
9
How does Artificial Intelligence and Big Data Fit in to S-18 Processes?
Procedures Mechanism Definition System Behaviors The S-18 Processes work on the idea that the aircraft functions are defined and knowable, and unintended behaviors are identifiable. Depending on implementation, this premise can be challenged by Artificial Intelligence. How can we address this? Define objectives, requirements, and constraints of Artificial Intelligence, Assure the AI is bound by constraints (what it shouldn’t be doing), and Show that the constraints cannot be overridden by the AI. This is conceptually similar to the treatment of the flight crew in a Full Fly-By-Wire system, which is bound based on human/machine interfaces S-18
10
Contact Information Bob Voros Regulatory Compliance Leader - Development Assurance & System Safety Civil Certification & ODA Textron Aviation OFFICE MOBILE Committee Website: S-18
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.