Safety analysis of aircraft systems In aviation safety

The principle of graceful degradation • In any system the failure of a single

Types of failure to be considered • • • Single active failure Passive and

Errors • • • Design errors Manufacturing errors Maintenance errors Pilot mismanagement Errors in

Dormant failure • Reverser is deployed! • Lauda Air B 767 , 26 -5

Common-mode failure • Whatever you do, keep us away from the city!” • UA

Cascade failure • THY 981, 3 -7 -1974, Paris • Inadequately closed lower deck

Failure rates in light single engined aircraft • Engine failure. A minimum demonstrated flying

A few examples • Cessna 172. Seat rails, flap system, elevator control • Piper

Current concerns for GA • • Inadequate training Inadequate currency Insufficient pilot ability Lack

Slides: 12

Download presentation

Safety analysis of aircraft systems • In aviation, safety is defined as the absence of accidents and incidents. • JAR 25 treats systems as a whole. • Acceptable accident rates must be established, 100% safety can never be guaranteed. • A relationship must be established between severity of effect and probability of occurrence.

Probability versus severity of effect

The principle of graceful degradation • In any system the failure of a single element, component or connection should not prevent continued safe flight and landing. • This single failure should also not lead to an unacceptable workload for the operating crew.

Types of failure to be considered • • • Single active failure Passive and undetected (dormant) failures Combinations of independent failures Common-mode failures Cascade failures Failures produced by the environment

Errors • • • Design errors Manufacturing errors Maintenance errors Pilot mismanagement Errors in manuals or checklists

Dormant failure • Reverser is deployed! • Lauda Air B 767 , 26 -5 -1991 • Design errors in the thrust reverser electric systems led to unobserved deterioration of the HIV valve

Common-mode failure • Whatever you do, keep us away from the city!” • UA 232, 19 -6 -1989, Sioux City, Iowa. • No. 2 engine fan disc disintegration severed all 3 hydraulic lines in the tail area. • Exceptional flying by the crew led to a landing at Sioux airport

Cascade failure • THY 981, 3 -7 -1974, Paris • Inadequately closed lower deck door opened, causing floor collapse • This blocked the flying control runs under the floor, causing catastrophic failure

Failure rates in light single engined aircraft • Engine failure. A minimum demonstrated flying speed must be 61 kts or below, to enable a succesful off-airport landing. • Instrument systems for IFR operations must be dual and independent. Vacuum pump MTBF 700 hrs. • Prevention of flap asymmetry must be adequate

A few examples • Cessna 172. Seat rails, flap system, elevator control • Piper PA 28 wing attachment • Robinson R 22 helicopter, mast bumping

Current concerns for GA • • Inadequate training Inadequate currency Insufficient pilot ability Lack of familiarity with the full flight envelope • Inadequate understanding of increasingly complex systems