8300.10 CHG XXATTACHMENT 1DATE
Definitions of Safety and Risk. Safety is not defined in statutory law (i.e., 49 U.S.C. § 447) or in administrative law (i.e., 14 CFR). The dictionary defines safety as, “freedom from danger, risk, or injury.” MIL-STD-882D, often used as a source of fundamental system safety information, defines safety in similar terms: “freedom from those conditions that can cause death, injury, damage to or loss of equipment or property, or damage to the environment.” Similarly, dictionaries define “risk” essentially as the converse of safety—“[risk is] the possibility of suffering harm or loss.” The U.S. Supreme Court, in a 1980 ruling involving occupational safety, stated that, “safe is not the equivalent of risk free.” The court concluded, “Congress [in the case of the Occupational Safety and Health Act] was concerned, not with absolute safety, but with the elimination of significant harm.” In this context, safety is equivalent to minimizing risk. It is reasonable to assume that the authors of 49 U.S.C. § 44702 had similar reasoning in mind when they delineated the duty of an air carrier to “provide service with the highest possible degree of safety.” For this reason, the concept of risk provides a means to measure safety management efforts. Risk is an expression of the relative severity of hazard-related consequences and their likelihood of occurrence. Consequently, success in safety management and the “level of safety” achieved are measurable in terms of how well factors that influence the severity or likelihood of injurious or loss-producing events are eliminated or controlled.
System Safety. System safety is the philosophical underpinning of ATOS. As defined above, safety is managed by minimizing risk and is an outcome of properly designed systems. Properly designed systems control hazards by eliminating or mitigating associated risks before they result in accidents or incidents. As discussed above, air carriers have a statutory obligation to minimize risk through the design of their operating systems. These concepts provide the foundation for ATOS verification and validation processes.
The System Safety Process Model.
(1)An important part of system safety is to consider the system in a structured fashion. The System Safety Process Model above, if carefully applied, could provide such a structure. This structured review of an operation should identify “what” controls are needed to eliminate hazards associated with the operation or to mitigate them to an acceptable level.
(2)The concept of this process is universal and can be used by the CMT to develop, implement, and track oversight activities of an air carrier, or by the air carrier when it develops its policies and procedures necessary to conduct its day-to-day activities. Many of the policies and procedures required to be in the air carrier’s manual are necessitated by regulation. These requirements came about by accumulating safety related information from all entities involved in air transportation. From the manufacturing of the aircraft to the analysis of the aviation accidents, we encounter failures but we learn from these failures and we try to ensure that these failures are eliminated or at least mitigated to an acceptable level. We (FAA) mitigate or control these risks with our rule making process when the need arises, and to ensure that the regulations are imparted equally and fairly, our policy