using the fast method of operations 2011 preliminary ... · content ¾ safety assessment of future...
TRANSCRIPT
Preliminary Hazard Analysis of EUROCONTROL Concept of Operations 2011
using the FAST method
presented byAlexander Krastev EUROCONTROL
Safety R & D seminar
25 – 27 October, Barcelona
Acknowledgments
Ian Ramsay, EUROCONTROLJacques Beaufays, EUROCONTROL Jose Varela, EUROCONTROLJos Kuijper, EUROCONTROLRandall De Garis, EUROCONTROLBrian Smith, FASTMichel Masson, FASTRudi den Hertog, FAST
Content
Safety assessment of future conceptsThe FAST and the FAST methodologyEurocontrol Concept of Operations for 2011ConOps 2011 hazard analysis using FAST methodologyMain FindingsSafety R & D needsConclusions
Safety Assessment of Future Concepts Key Questions
New operational concepts developed in response to the forecasted traffic growth
Are the new concepts inherently safe?Do the new concepts bring the required safety improvement?How do concept changes impact on safety of operations?Will SESAR Operational Concept achieve the safety target for 2020?
Safety Assessment of Future Concepts Difficulties
Concepts’ descriptions limited to the “ideal” world
Level of detail of available description not sufficient
Need for “out of box” thinking
Complex task that requires:Integrated view of changes across all aviation domains
Due consideration of interactions and interdependencies
Suitable methodology
The Future Aviation Safety Team (FAST)
FAST established in 1999 by the JSSI Steering Group
Objective: Develop and implement methods and processes to support the systematic identification and resolution of future hazards in the aviation system
All major aviation stakeholder groups and organisations represented
FAST developed a prognostic method for future hazards identification
The FAST Method
The global Air-Ground-Space system considered as a “system of systems”Focus on the “prognostic” time domain Augments existing hazard identification techniquesConcept of Areas of Change at the coreAoC list: 192 entries grouped in 11 categories, e.g.
AC_11 Proliferation of heterogeneous aircraft with widely-varying equipment and capabilities
FAST handbook available at: http://fast.jrc.it/
FA
ST
Cor
e T
eam
R
espo
nsib
ility
Commission Expert Teams
Advocate the FAST Philosophy
Guide FAST Facilitators
Cus
tom
er/
Sta
keho
lder
R
espo
nsib
ility
Exp
ert T
eam
R
espo
nsib
ility
Enhance the FAST Method
3. Assemble an Expert
Team
1.Responsible Party Proposes Change(s) to Global Aviation System; recognizes need for
systematic prediction of hazard(s) associated with
changes and need to design potential hazards out of system or avoid or mitigate hazard(s)
4.Understand Customer
Requirements and Future of Interest
10.Inform FAST &
Customers Regarding results
2.Define Scope
of Expert Team Hazard-
IdentificationStudy
9.Formulate
Recommendations& Identify Watch
Items
8. (optional)Identify Mitigations & Effects of Areas of
Change on Mitigations
7.Enrich Hazards by
Evaluating Interactions with Areas of Change
5. (optional)Identify Intrinsic Hazards Within
Future of Interest
6.Identify Areas of
Change Pertinent to Future of Interest
Enhance and/orModify Planned
Changes
Maintain Futures &
Watch Items
Maintain Areasof ChangeRepository
The FAST Process
Concept of Operations 2011Description of the ATM System in 2011 - the Main Changes
The ATM Components, OI’s and System EnablersThe ATM Operational Model
The Key Enablers – SWIM, the Network Operations Plan and Collaborative Decision Making
The Principles of the Layered Planning ProcessHigh-Level System Capabilities
Business Impact Statements
AnnexesThe Actors – Roles and Responsibilities
Operational Scenarios and Use cases
ConOps 2011 Content
Air Traffic Flow &
CapacityManagement
Airspace Organisation &Management
Airspace User
Operations
Airport Operations
Information Management &
Services
Separation Assurance
Synchronisation
ConOps 2011 The Change Directions
The ConOps 2011 defines the main change directions for the evolution of European ATM:
Gate to Gate Flight Management Enhanced Flexibility & EfficiencyResponsive Capacity Management to meet DemandCollaborative Airspace ManagementExtended Levels of Automation & CommunicationSystem Wide Information ManagementCollaborative Decision-Making
ConOps 2011 Hazard Analysis Objectives
Establish a comprehensive list of hazards that may be generated by the implementation of ConOps 2011
Identify hazards which may have a critical impact on ATM safety
Validate the applicability of FAST method to assessments of future ATM concepts
ConOps 2011 Hazard Analysis Approach
All FAST process steps covered except “Formulate recommendations and identify Watch Items
Tailored briefing packs for more efficient preparation
Two workshops held (6-9 June and 17-20 July 2006)
Excellent mix of expertise in the Expert team
Hazard identification performed by teams in break-out sessions lead by facilitators
ConOps 2011 Hazard Analysis WS 1 Focus
Teams analysed ConOps 2011 from three perspectives:AOM / ATFCMATC and Airport OperationsAirspace Users Operations
The three phases of the layered planning process addressed strategic pre-tactical tactical
Nominal (G2G) Operational scenario used to enrich hazard logOutput: ConOps/Scenario related hazard log
Network Operations Plan
ConOps 2011 Hazard Analysis WS 2 Focus
Three non-nominal scenarios used for hazard identificationScenario based team composition Brainstorming session for identification of potential mitigation meansWS output:
Scenario related hazard logsList of safety issues for further study and analysis
Oh God, please help me see the future!
Main Findings
The main ConOps 2011 concept elements could bring a significant safety benefit
Need of a balanced and safe in terms of frequency and complexity process of dynamic airspace changes
Diversity of aircraft equipment and capabilities is an importantsafety challenge
Safety aspects of human tasks automation deserve particular attention and efforts
Safety R&D Aspects (1)
Principles and requirements for safe transition planning
Diversity of systems and aircraft capabilities and performances
Degree of flexibility that can be safely accommodated by the future ATM system
Dynamic changes to ATM system components and environment of operation
Safety related architecture and functionality, integrity and security requirements and procedures for a G2G information management system for ATM
Design and real time control of complex distributed system with multiple actors
R & D needs Safety issues
Safety R&D Aspects (2)
Human reliability and performance limitations in operation of systems with different degree of automation: ranging from limited system support to automated decision making.
Impact of reallocation of safety roles and responsibilities
Assessment methods for advanced Human computer interaction
Automation and Human machine interaction
R & D needs Safety issues
Safety R&D Aspects (3)
Develop efficient mechanism for delivery of safety recommendations to concept designers enabling the shift from technology driven to safety driven automation
Proactive safety management in early stages of concept development.Safety afforded highest priority in ATM system planning and development
Develop method for integration of safety assessments (safety cases) performed on specific planned changes and concept elements
Consistency of planned changes, new concepts and supporting technologies
R & D needs Safety issues
Safety R&D Aspects (4)
Assess innovative SESAR Operational Concept components, e.g. new separation provision techniques
Ensure the achievement of the overall safety target for 2020
Improved methodologies for safety assessment of future operational concepts
Proactive safety management in early stages of concept development
R & D needs Safety issues
Conclusions Methodology
Objectives largely met - benefits of safety assessment of operational concepts demonstrated
Involvement of all ATM actors is essential: allowing for synergies and shared knowledge
Use of operational scenarios considered essential
FAST method can be used for safety analysis of future concepts; some fine tuning still needed
ConclusionsBenefits/Limitations of Concept Assessments
Anticipate safety issues right from the concept definition phase
“Validation” of new concepts from safety perspective
Source of recommendations for further analysis and research
Enable risk informed decision making in the planning and development phases
BUT, there are also limitations:Non-linear increase of uncertainties with time
New or modified hazards may emerge from specific implementation
High level of abstraction