system safety in the military jet utilization stagessse.ch/sites/default/files/page_images/edit...
TRANSCRIPT
System Safety in the Military
Jet Utilization Stage
Marco Geering Department Manager
Military Jet&Missiles Engineering / CSEP
RUAG Aviation
Military Aircraft Division
ETH ZH, 01.09.14
06.10.2014 RUAG Division 2
CH Jet System Safety - Agenda
1. Introduction
2. Military System Safety
3. System Safety Requirements
4. Examples
6.1 Planing Link Failure
6.2 Operational Impact on Design
5. Summary
06/10/2014 2
06.10.2014 RUAG Division 3
CH Jet System Safety – Introduction
http://www.despotou.eu/
MIL-STD-882E
06.10.2014 RUAG Division 4
CH Jet System Safety – Introduction
06/10/2014 4
SSPP describes in details how RA as an contractor fulfils Swiss
Government system safety requirements throughout all phases of the
system life cycle.
SSPP does not cover operational issues which shall be managed by ORM
from the operator
06.10.2014 RUAG Division 5
CH Jet System Safety – MIL System Safety
06/10/2014 5
The system safety applied for military weapon systems is different from the
civilian approach due to:
The residual (mishap) risk acceptance by the appropriate authority is unique
to military. The “As Low As Reasonably Practicable” ALARP philosophy is
applied in Switzerland.
The level of safety
= f (situation)
Urgent Ops needs:
- SAR
- Intercept
- AAR etc
MIL Ops
- Recce
- Dog Fight
- Weapons etc
Unusual designs to
meet higher
performance
requirements
06.10.2014 RUAG Division 6
CH Jet System Safety – Requirements Process
06/10/2014 6
Hazard identification
Hazard/risk assessment Risk avoidance
Risk control
Risk transfer
Risk acceptance
Risk tracking and
monitoring
06.10.2014 RUAG Division 7
CH Jet System Safety – Requirements Process - Identify
06/10/2014 7
Laws
Regulations
etc
I-Level
Ops
OEM
FMS
OSTR
Example F/A-18 2013
• 112 technical ASR
• 1’515 OEM/USN/FMS Messages
• 2’233 defect reports (O-/I-/D-Level)
06.10.2014 RUAG Division 8
CH Jet System Safety – Requirements Process – Analyse - Hazard Risk Index
06/10/2014 8
06.10.2014 RUAG Division 9
CH Jet System Safety – Requirements Process - Analyse
06/10/2014 9
1. Review item failure mode
2. Assess the severity
3. Identify failure rates or
probabilities of occurence
4. Identify the critical
operational environment
and associated ops factors
5. Identify mitigating or
exacerbing factors
6. Select the worst credible
risk
06.10.2014 RUAG Division 10
CH Jet System Safety – Requirements Process - Treat
06/10/2014 10
Risk mitigation mesures are
1. Design changes
2. Incorporate safety devices
3. Provide warning devices
4. Develop procedures and training
Example: TEF Connecting Link Modification
06.10.2014 RUAG Division 11 06/10/2014 11
CH Jet System Safety – Requirements Process - Monitor
• System Monitoring
• SSWG
CH Jet System Safety – Example Planing Link Failure
06.10.2014 RUAG Division 12
06.10.2014 RUAG Division 13
CH Jet System Safety – Example Planing Link Failure
(Status 2008)
MLG PLF: If connecting or planing
link fails due to buckling than the
wheel axis is not blocked anymore =>
instable roll out
Probability Level is set to
probable (Swiss has a PLF rate
of 10 / 100k FH)
Severity is set to critical
HRI 5 (serious risk)
World wide issue
06.10.2014 RUAG Division 14
CH Jet System Safety – Example Planing Link Failure
Switzerland has done shock absorber flight tests to gave inputs to the correct
modelling of the MLG behaviour (static, dynamic). The following mitigation
actions have been taken:
• Re-design of planing link machanism
• New rigging procedures
• New shock absorber servicing tolerances
CH Jet System Safety – Example Operational Impact on Design
06.10.2014 RUAG Division 15
06.10.2014 RUAG Division 16
CH Jet System Safety – Example Operational Impact on Design
Hornet F/A-18C/D procurement Requirements
Improved Air-To-Air Load Factor Capability
Swiss G-Load > USN G-Load
Service Life Criteria
Swiss hours > USN Hours
Swiss usage spectrum about three times more
severe than USN usage (CH F/A-18 A/A ops,
shorter times to mil training area)
Design Change Center Fuselage
Titanium parts (Ti-6AI-4V) instead of
Aluminium (7075-T7351)
06.10.2014 RUAG Division 17
CH Jet System Safety – Example Operational Impact on Design
Swiss Full Scale Fatigue Test
Fracture and maintenance critical
parts meet 2 Swiss lifetimes of
durability life
Fracture critical parts (safety of
flight parts) meet 2 Swiss lifetimes
of damage tolerance life for the
mutual agreed initial flaw sizes
Results
Updated Swiss Fatigue Inspection
Schedule based on FSFT results
Structural Refurbishment Program:
re-design of critical areas such as
Crease Longeron, Fuel Cell Floor,
Fuel Barrier Web, Upper Outboard
Longeron etc.
06.10.2014 RUAG Division 18
CH Jet System Safety - Summary
Residual risk acceptance is the main difference between civil and
military safety
The system safety program is based on established processes
MIL-STD-882
Good collaboration between different stakeholder are a key factor
(ORM by Operator, system /usage monitoring by industry, acceptance
(technical) by Military Airworthiness Authority)
06.10.2014 RUAG Division 19
CH Jet System Safety - Summary
It takes a minute to write a safety rule
It takes a hour to hold a safety meeting
It takes a week to plan a safety program
It takes month to put it into operation
It takes a year to win a safety award
It takes a lifetime to make a safe worker
IT TAKES ONE SECOND TO DESTROY IT ALL WITH ONE ACCIDENT
RUAG Aviation 20
Thank you for your attention!
Questions