Title: On the safety of aircraft systems: A case study

An airplane is a highly engineered system incorporating control- and feedback-loops which often, and realistically, are non-linear because the equations describing such feedback contain products of state variables, trigonometric or square-root functions, or other types of non-linear terms. The feedback provided by the pilot (crew) of the airplane also is typically non-linear because it has the same mathematical characteristics. An airplane is designed with systems to prevent and mitigate undesired events. If an undesired triggering event occurs, an accident may process in different ways depending on the effectiveness of such systems. In addition, the progression of some accidents requires that the operating crew take corrective action(s), which may modify the configuration of some systems. The safety assessment of an aircraft system typically is carried out using ARP (Aerospace Recommended Practice) 4761 (SAE, 1995) methods, such as Fault Tree Analysis (FTA) and Failure Mode and Effects Analysis (FMEA). Such methods may be called static because they model an aircraft system on its nominal configuration during a mission time, but they do not incorporate the action(s) taken by the operating crew, nor the dynamic behavior (non-linearities) of the system (airplane) as a function of time. Probabilistic Safety Assessment (PSA), also known as Probabilistic Risk Assessment (PRA), has been applied to highly engineered systems, such as aircraft and nuclear power plants. PSA encompasses a wide variety of methods, including event tree analysis (ETA), FTA, and common-cause analysis, among others. PSA should not be confused with ARP 4761`s proposed PSSA (Preliminary System Safety Assessment); as its name implies, PSSA is a preliminary assessment at the system level consisting of FTA and FMEA.