PURPOSE
|
The purpose of Task 204 is to perform and document a Subsystem Hazard Analysis (SSHA) to: verify subsystem compliance with safety requirements contained in subsystem specifications and other applicable documents; identify previously unidentified hazards associated with the design of subsystems including component failure modes, critical human error inputs, and hazards resulting from functional relationships between components and equipment comprising each subsystem; recommend actions necessary to eliminate identified hazards or control their associated risk to acceptable levels.
| |
TASK DESCRIPTION
|
The contractor shall perform and document a subsystem hazard analysis to identify all components and equipment that could result in a hazard or whose design does not satisfy contractual safety requirements.. This will include government furnished equipment, nondevelopmental items, and software. Areas to consider are performance, performance degradation, functional failures, timing errors, design errors or defects, or inadvertent functioning. The human shall be considered a component within a subsystem, receiving both inputs and initiating outputs, during the conduct of this analysis.
| |
The analysis shall include a determination:
| |
Of the modes of failure including reasonable human errors as well as single point and common mode failures, and the effects on safety when failures occur in subsystem components.
| |
Of potential contribution of hardware and software (including that which is developed by other contractors/sources) events, faults, and occurrences (such as improper timing) on the safety of the subsystem
| |
That the safety design criteria in the hardware, software, and facilities specification(s) have been satisfied.
| |
That the method of implementation of hardware, software, and facilities design requirements and corrective actions has not impaired or decreased the safety of the subsystem nor has it introduced any new hazards or risks.
| |
Of the implementation of safety design requirements from top level specifications to detailed design specifications for the subsystem. The implementation of safety design requirements developed as part of the PHA and SRCA shall be analyzed to ensure that it satisfies the intent of the requirements.
| |
Of test plan and procedure recommendations to integrated safety testing into the hardware and software test programs.
| |
That system level hazards attributed to the subsystem are analyzed and that adequate control of the potential hazard is implemented in the design.
| |
If no specific analysis techniques are directed or if contractor recommends that a different technique than specified by the MA should be used, the contractor shall obtain MA approval of technique(s) to be used prior to performing the analysis.
| |
When software to be used in conjunction with the subsystem is being developed under other development documents; the contractor performing the SSHA shall monitor, obtain and use the output of each phase of the formal software development process in evaluating the software contribution to the SSHA. Problems identified which require the reaction of the software developer shall be reported to the MA in time to support the ongoing phase of the software development process.
| |
The contractor shall update the SSHA as a result of any system design changes, including software design changes, which affect system safety
| |
REPORT REQUIREMENTS
|
The contractor shall prepare a report that contains the results from the work task described by paragraph "TASK DESCRIPTION" above to include the following information
| |
System Description
|
This will consist of summary descriptions of the physical and functional characteristics of the system and its components. Reference to more detailed system and component descriptions, including specifications and detailed review documentation shall be supplied when such documentation is available. The capabilities, limitations and interdependence of these components shall be expressed in terms relevant to safety. The system and components shall be addressed in relation to its mission and its operational environment. System block diagrams or functional flow diagrams may be used to clarify system descriptions. Software and its role(s) shall be included in this description.
| |
Data
|
This will consist of summaries of data used to determine the safety aspects of design features.
| |
Hazard Analysis Results
|
This will consist of a summary or a total listing of the results of hazard analysis. Contents and formats may vary according to the individual requirements of the program. The following are the content and format requirements for Hazard Analysis Results:
| |
A summary of the results.
| |
A listing of identified hazards, in narrative or matrix (sometimes called columnar or tabular) format, to include the following information:
| |
Component(s) Failure Mode(s)
|
All component failure modes which can result in a hazard. Failure modes generally answer the question of "how" it fails.
| |
System Event(s) Phase
|
The configuration or phase of the mission the system is in when the hazard is encountered; for example, during maintenance, during flight, during pre-flight, full-power applied, etc., or it could be encountered in all system events.
| |
Description
|
A complete description of the potential/actual hazards inherent in the item being analyzed, or resulting from normal actions or equipment failure, or handling of hazardous materials
| |
Effect of Hazard
|
The detrimental effects which could be inflicted on the subsystem, system, other equipment, facilities or personnel, resulting from this hazard. Possible upstream and downstream effects shall also be described.
| |
Risk Assessment.
|
A risk assessment for each hazard (classification of severity and probability of occurrence). This is the assessment of the risk prior to taking any action to eliminate or control the hazard.
| |
Recommended Action
|
The recommended action required to eliminate or control the hazard. Sufficient technical detail is required in order to permit the design engineers and the customer to adequately develop and assess design criteria resulting from the analysis. Include alternative designs and life cycle cost impact where appropriate.
| |
Effect of Recommended Action
|
The effect of the recommended action on the assigned risk assessment. This is the risk assessment after taking action to eliminate or control each hazard. If the recommended action will result in cost/schedule/performance penalties to the extent that the contractor requires government approval prior to incorporation, then these considerations shall be addressed.
| |
Remarks
|
Any information relating to the hazard not covered in other blocks; for example, applicable documents, previous failure data on similar systems, or administrative directions
| |
Status
|
The status of actions to implement the recommended, or other, hazard controls. The status shall include not only an indication of "open" or "closed," but also reference to the drawing(s), specification(s), procedure(s), etc., that support closure of the particular hazard.
| |
DETAILS TO BE SPECIFIED IN THE SOW
|
Imposition of Tasks 101 and 204.
| |
Minimum hazard severity and probability reporting thresholds
| |
The specific subsystems to be analyzed.
| |
Any selected hazard, hazardous areas, or other specific items to be examined or excluded.
| |
Specification of desired analysis technique(s) and/or format.
| |
The MA shall provide the technical data on GFE to enable the contractor to accomplish the defined tasks.
| |