This preview shows page 1. Sign up to view the full content.
Unformatted text preview: olicy Standards Resources Hazard Analyses Operations Reports Project Management
Hazard Analyses Progress Reports Safety−Related Changes Progress Reports Safety Standards Operations Management
Work Instructions Change requests Audit reports Problem reports Design, Documentation
Safety Constraints Standards Test Requirements Test reports Hazard Analyses Review Results Operating Assumptions Operating Procedures Operating Process
Human Controller(s) Implementation and assurance
Safety Reports Hazard Analyses Revised operating procedures Documentation Design Rationale Software revisions Hardware replacements Automated Controller Actuator(s) Physical Process Sensor(s) Manufacturing Management
Work Procedures safety reports audits work logs inspections Maintenance and Evolution Manufacturing Problem Reports Incidents Change Requests Performance Audits Note:
Does not imply need for a "controller" Component failures may be controlled through design e.g., redundancy, interlocks, fail−safe design or through process manufacturing processes and procedures maintenance procedures But does imply the need to enforce the safety constraints in some way. New model includes what do now and more Accidents occur when:
Design does not enforce safety constraints unhandled disturbances, failures, dysfunctional interactions Inadequate control actions Control structure degrades over time, asynchronous evolution Control actions inadequately coordinated among multiple controllers.
View Full Document
This note was uploaded on 11/07/2011 for the course AERO 16.36 taught by Professor Alexandremegretski during the Spring '09 term at MIT.
- Spring '09