Sofema Aviation Services (SAS) www.sassofia.com considers the requirements for Safety Assessment reference CS 25-1309 as Part of the Regulatory Approval and Continued Airworthiness Process.
Introduction
EASA (European Union Aviation Safety Agency) certification is an important process that aircraft manufacturers and operators must go through to ensure the safety and airworthiness of their products. As part of this process, there are specific requirements for Safety Assessment, outlined in section 25-1309 of the regulations.
These requirements aim to assess and mitigate potential safety risks associated with the design, manufacture, and operation of aircraft. In this discussion, we will explore the underlying principles, regulatory drivers, steps involved, primary challenges, and best practices related to the Safety Assessment process for EASA certification.
To discuss the underlying principles applied by EASA and to identify the regulatory drivers as well as the steps to be taken.
Consider Primary Challenges affecting the Safety Assessment process for EASA certification, including:
- Aircraft systems are becoming increasingly complex, requiring a comprehensive understanding of interdependencies and potential risks.
- Access to accurate and reliable data for risk assessment and decision-making purposes can be a challenge, especially during the early stages of aircraft development.
- Ensuring consistent application of Safety Assessment requirements across different aircraft types, manufacturers, and regulatory authorities.
- Keeping pace with rapid technological advancements and addressing the safety implications associated with new and emerging technologies.
Underlying Principles
The underlying principles of Safety Assessment for EASA certification are rooted in the concept of ensuring the safety of aviation operations, consider the following:
- The process of identifying possible hazards that could lead to an accident or an unsafe condition.
o Adopting a systematic approach to identify, analyze, and mitigate safety risks throughout the lifecycle of the aircraft.
o This includes the identification of potential failure modes, the effects of environmental conditions, and the influence of human factors.
- An assessment to evaluate the aircraft’s equipment and systems to determine their compliance with safety objectives.
o To consider the probability of failure and the possible outcomes.
- Once potential hazards have been identified, a risk assessment is performed to evaluate the likelihood and severity of each risk.
o Assessing risks associated with hazards, events, and conditions related to the design, manufacture, and operation of the aircraft.
o If the risk is unacceptable, it must be mitigated to an acceptable level.
o The design should aim for risk reduction ‘As Low As Reasonably Practicable’ (ALARP).
- Continuous monitoring of the aircraft’s safety performance to ensure it maintains its safety level during its operational life.
o This includes scheduled inspections, maintenance, and modifications based on service experience and safety studies.
o Establishing processes to continuously monitor and manage safety risks throughout the aircraft’s life cycle.
I.A.W. CS25-1309 The aeroplane equipment and systems must be designed and installed so that:
- Those required for type certification or by operating rules, or whose improper functioning would reduce safety, perform as intended under the aeroplane operating and environmental conditions.
- Other equipment and systems are not a source of danger in themselves and do not adversely affect the proper functioning of “essential systems”
The aeroplane systems and associated components, considered separately and in relation to other systems, must be designed so that –
- Any catastrophic failure condition
o Is extremely improbable; and
o Does not result from a single failure; and
- Any hazardous failure condition is extremely remote; and
- Any major failure condition is remote; and
- Any significant latent failure is eliminated as far as practical, or, if not practical to eliminate, the latency of the significant latent failure is minimized; and
- For each catastrophic failure condition that results from two failures, either one of which is latent for more than one flight, it must be shown that:
o It is impractical to provide additional redundancy; and
o given that a single latent failure has occurred on a given flight, the failure condition is remote; and
o The sum of the probabilities of the latent failures which are combined with each evident failure does not exceed 1/1 000.
Next Steps
Follow this link to our Library to find & Download related documents for Free
Sofema Aviation Services (www.sassofia.com) offers training to cover CS 25 System Safety Assessments
For additional questions or comments – please email team@sassofia.com
Tags:
Continued Airworthiness Process, EASA (European Union Aviation Safety Agency), EASA Certification, EASA Regulatory Approval, environmental conditions, Human Factors, I.A.W. CS25-1309, lifecycle of the aircraft., Risk Assessment, Safety Assessment, Safety Objectives, SAS blog, SAS Library, section 25-1309
