1、_ SAE Technical Standards Board Rules provide that: “This report is published by SAE to advance the state of technical and engineering sciences. The use of this report is entirely voluntary, and its applicability and suitability for any particular use, including any patent infringement arising there
2、from, is the sole responsibility of the user.” SAE reviews each technical report at least every five years at which time it may be revised, reaffirmed, stabilized, or cancelled. SAE invites your written comments and suggestions. Copyright 2011 SAE International All rights reserved. No part of this p
3、ublication may be reproduced, stored in a retrieval system or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording, or otherwise, without the prior written permission of SAE. TO PLACE A DOCUMENT ORDER: Tel: 877-606-7323 (inside USA and Canada) Tel: +1 724-776-497
4、0 (outside USA) Fax: 724-776-0790 Email: CustomerServicesae.org SAE WEB ADDRESS: http:/www.sae.org SAE values your input. To provide feedback on this Technical Report, please visit http:/www.sae.org/technical/standards/AIR6110 AEROSPACE INFORMATION REPORT AIR6110 Issued 2011-12 Contiguous Aircraft/S
5、ystem Development Process Example RATIONALE This document provides additional supporting material for the implementation of the processes described in ARP4754A/ED-79A. FORWARD ARP4754A/ED-79A contains information which places the information in this AIR in context. This AIR should be used in conjunc
6、tion with the main body and the appendices of ARP4754A/ED-79A. In addition, this example shows the interrelationships with ARP4761. 1. INTRODUCTION 1.1 Scope This AIR provides a detailed example of the aircraft and systems development for a function of a hypothetical S18 aircraft. In order to presen
7、t a clear picture, an aircraft function was broken down into a single system. A function was chosen which had sufficient complexity to allow use of all the methodologies, yet was simple enough to present a clear picture of the flow through the process. This function/system was analyzed using the met
8、hods and tools described in ARP4754A/ED-79A. The aircraft level function is “Decelerate Aircraft On Ground” and the system is the braking system. The interaction of the braking system functions with the aircraft are identified with the relative importance based on implied aircraft interactions and s
9、ystem availabilities at the aircraft level. This example does not include validation and verification of the aircraft level hazards and interactions with the braking system. However, the principles used at the braking system level can be applied at the higher aircraft level. The methodologies applie
10、d here are an example of one way to utilize the principles defined in ARP4754A/ED-79A. The function chosen was the braking system. Other formats may be used to accomplish the documentation, so long as the principles outlined in ARP4754A/ED-79A are followed. This example contains references to docume
11、ntation that a company may use to assure itself of the safety of its products but does not include the documentation that the Original Equipment Manufacturer (OEM) would be required to submit at the aircraft level for aircraft certification. Some of these documents are submitted to the regulatory ag
12、encies for the purpose of certification (e.g. the Wheel Brake System FHA). Other documents are internal to the company and not required to be submitted for certification. No implication is made that these documents should be submitted to a regulatory agency and none should be implied, although all d
13、ocuments should be available for submission if requested by the regulatory agency. Safety and Certification are not synonymous terms. The example shows the systems engineering process as applied to the development of an aircraft, including some processes that are beyond certification requirements. F
14、igure 1 depicts the flow of activities within this example. This figure provides a guide to the structure of this AIR and should allow the reader to quickly find specific areas within the example using the cross references. SAE AIR6110 Page 2 of 107 Figure 1 includes the top aircraft level tasks to
15、provide the reader a reference point. The detailed example in Section 3 of this AIR covers only the activities related to the braking system. Figure 1 presents a sequence of activities found in a typical development program. In a real development program, the development process is usually far more
16、complex. For example, in a real development program, development of the different levels (aircraft, system and item) often occurs concurrently, rather than serially as depicted in example flow. The top row of Figure 1 represents the activities that will occur within the aircraft development. The mid
17、dle row represents the activities that occur within the wheel brake system development. The bottom row represents the activities that are covered for the subsystem-level Brake System Control Unit (BSCU) development, as well as the integration and verification activities at the higher levels. The Fig
18、ure 1 example flow also shows where major artifacts from the System Safety Process (ARP4761) will be utilized. The example flow shows how the sections and artifacts are laid out and represents the step by step process detailed in ARP4754A/ED-79A. In a real development program, the System Safety Proc
19、ess occurs concurrently with ARP4754A/ED-79A, constantly receiving inputs from the ARP4754A/ED-79A process and providing feedback to ARP4754A/ED-79A processes. Figure 1 also shows a box titled Integral Processes to illustrate to the reader that the integral processes are utilized throughout the deve
20、lopment process. The reader is encouraged to use this example flow diagram to help navigate the example. This will allow the reader to either read the example in its entirety or use it as a quick reference guide in order to quickly find the desired section. 1.2 Document Format This AIR contains the
21、following sections and appendices: Section 1 is an introduction to the document, giving the scope, format, references to other documents, an acronym list, and a description of the example aircraft function being developed. Section 2 describes the overall example aircraft development process, focusin
22、g on activities leading to the development of the braking system. The hypothetical aircraft in this example is introduced and its basic requirements are given. Aircraft-level planning documents are identified. Top-level aircraft functions are decomposed to determine the functions required of the bra
23、king system. The aircraft level safety assessment process, including the aircraft FHA and the Preliminary Aircraft Safety Assessment (PASA), is conducted. The PASA assigns development assurance levels to aircraft functions. These functions are allocated to the braking system as part of the overall a
24、ircraft architecture. Aircraft requirements relevant to the braking system are validated. The braking system is integrated and validated with the other systems on the aircraft. (Note: PASA is introduced in ARP4754A/ED-79A, but detailed guidance for completing it awaits the release of ARP4761A. This
25、AIR does not conduct the PASA; it just uses its results). Section 3 contains the detailed example development process for the braking system. The system is introduced and its planning elements are identified. System functions and requirements are developed. The system safety assessment process, incl
26、uding the system FHA, PSSA and SSA, is conducted. The braking system architecture is developed and selected from among candidate architectures on which trade studies have been conducted. The PSSA leads to assignment of the development assurance levels for the Braking System Control Unit and the othe
27、r systems and items comprising the system architecture. Braking system requirements are captured and derived requirements are identified. Interface requirements are identified both external to the system and between the items of the system. Requirements are allocated to the items, and the system req
28、uirements are validated. System integration, process assurance and configuration management examples are given. Section 4 describes the verification of the braking system and the associated aircraft-level verification of the system as installed on the aircraft. Appendix A is an example of an aircraf
29、t-level development plan. Appendix B is an example of a braking system requirements management plan. SAE AIR6110 Page 3 of 107 Note: For the sake of brevity, the appendices contain only a subset of the plans which would be generated for an aircraft development program. This AIR contains a number of
30、artifacts (documents, tables, etc.) that would be produced by following the process in ARP4754A/ED-79A. These artifacts are enclosed in boxes to distinguish them from explanatory text. Editorial comments are provided in italics. Where necessary, the reader is directed to the appropriate section of A
31、RP4754A/ED-79A or ARP4761 for further guidance on the process involved. If there are any differences between this AIR and ARP4754A/ED-79A, ARP4754A/ED-79A will take precedence. 2. REFERENCES The following publications form a part of this document to the extent specified herein. The latest issue of S
32、AE publications shall apply. The applicable issue of the other publications shall be the issue in effect on the date of the purchase order. In the event of conflict between the text of this document and references cited herein, the text of this document takes precedence. Nothing in this document, ho
33、wever, supersedes applicable laws and regulations unless a specific exemption has been obtained. The following documents are referenced in this AIR. Reference to 14CFR herein implies reference to equivalent CS regulation. 2.1 SAE Publications Available from SAE International, 400 Commonwealth Drive,
34、 Warrendale, PA 15096-0001, Tel: 877-606-7323 (inside USA and Canada) or 724-776-4970 (outside USA), www.sae.org. ARP4754A Guidelines for Development of Civil Aircraft and Systems ARP4761 Guidelines and Methods for Conducting the Safety Assessment Process on Civil Airborne Systems and Equipment 2.2
35、Code of Federal regulations (CFR) Available from the United States Government Printing Office, 732 North Capitol Street, NW, Washington, DC 20401, Tel: 202-512-0000, www.gpoaccess.gov. 14CFR 25.1309 / CS 25.1309 14CFR 25.735 / CS 25.735 2.3 EUROCAE Publications Available from EUROCAE, 102 rue tienne
36、 Dolet, 92240 Malakoff, France, +33 1 40 92 79 30, . ED-79A Guidelines for Development of Civil Aircraft and Systems SAE AIR6110 Page 4 of 107 FIGURE 1 EXAMPLE FLOW SAE AIR6110 Page 5 of 107 2.4 Acronym List A/C Aircraft ACCU Accumulator ALT Alternate APU Auxiliary Power Unit AS Anti Skid ASA Aircra
37、ft Safety Assessment B Blue Hydraulic System BSCU Brake System Control Unit C Capacitor CAT IIIb Category 3b All Weather Landing System CCA Common Cause Analysis CI Configuration Item CMA Common Mode Analysis CMD Command COM Command (Channel) COMP Computation CPU Central Processing Unit CSMG Constan
38、t Speed Motor Generator ECS Environmental Control System ELEC Electric EMI Electromagnetic Interference FDAL Functional Development Assurance Level FFS Functional Failure Set FHA Functional Hazard Assessment F.R. Failure Rate FTA Fault Tree Analysis G Green Hydraulic System HIRF High Intensity Radia
39、ted Fields SAE AIR6110 Page 6 of 107 HYD Hydraulic IC Integrated Circuit ICD Interface Control Document IDAL Item Development Assurance Level I/O Input/Output L or LH Left or Left Hand LRU Line Replaceable Unit MLG Main Landing Gear MON Monitor MT Periodic Maintenance Task NLG Nose Landing Gear NORM
40、 Normal OEM Original Equipment Manufacturer PAMB Ambient Pressure PASA Preliminary Aircraft Safety Assessment PCU Power Control Unit POS Position P/S Power Supply PR Problem Report PRA Particular Risk Analysis PSSA Preliminary System Safety Assessment PTU Power Transfer Unit PWM Pulse Width Modulato
41、r PWR Power R or RH Right or Right Hand R Resistor R Right REF Reference RTO Rejected Takeoff SAE AIR6110 Page 7 of 107 SIT System Integration Test SSA System Safety Assessment STBY Standby SYS System VDC Volts Direct Current V1 Speed above which the aircraft cannot be safely stopped on remaining ru
42、nway WBS Wheel Brake System ZSA Zonal Safety Analysis 2.5 Description of the Example Function The aircraft function analyzed is: “Decelerate aircraft on the ground (stopping on the runway)”. This example acknowledges other aircraft systems involved in decelerating the aircraft, but for clarity conce
43、ntrates on the aircraft braking system, the details of which are evolved through the following example approximately as they would in a real life situation. The “Decelerate aircraft on the ground (stopping on the runway)” function, which is also used as the ARP4761 example, was intentionally selecte
44、d to show the interrelationships between ARP4754A/ED-79A (system development process) and ARP4761 (system safety assessment process). TABLE OF CONTENTS 1. INTRODUCTION. 1 1.1 Scope 1 1.2 Document Format . 2 2. REFERENCES 3 2.1 SAE Publications . 3 2.2 Code of Federal regulations (CFR) . 3 2.3 EASA P
45、ublications 3 2.4 Acronym List . 5 2.5 Description of the Example Function 7 3. AIRCRAFT DEVELOPMENT PROCESS . 10 3.1 Aircraft Introduction . 10 3.2 Aircraft Planning Documents 10 3.3 Aircraft Description 10 3.4 Aircraft Functions 11 3.4.1 Aircraft Functional Decomposition 12 3.5 Aircraft Requiremen
46、ts . 12 3.5.1 Sizing to Landing Distance Requirements 13 3.5.2 Aircraft Requirements Traceability 13 3.5.3 Aircraft Requirements Specification 15 3.6 Aircraft Level Safety Assessment Process . 15 3.6.1 ARP4754A Inputs to ARP4761 Aircraft Functional Hazard Assessment Process . 15 3.6.2 Aircraft Funct
47、ional Hazard Assessment (FHA) . 16 SAE AIR6110 Page 8 of 107 3.7 Aircraft Function Allocation . 17 3.8 Aircraft Architecture 18 3.9 Aircraft Architecture Trade Studies . 19 3.10 Preliminary Aircraft Safety Analysis (PASA) . 19 3.10.1 System Probability Allocations 20 3.10.2 Aircraft Functional Devel
48、opment Assurance Level (FDAL) (Documented in PASA) 20 3.10.3 Systems Interactions . 22 3.10.4 Safety Derived Requirements from PASA/Aircraft FHA . 24 3.11 Aircraft Requirements and Architecture Validation . 25 3.12 Aircraft Systems Architecture Integration and Validation . 26 4. BRAKING SYSTEM DEVEL
49、OPMENT PROCESS . 28 4.1 Braking System Introduction . 28 4.1.1 Braking System Description 28 4.2 Braking System Planning Elements 29 4.3 Braking System Development . 29 4.3.1 Braking System Functions 29 4.3.2 Wheel Brake System Requirements . 31 4.3.3 Wheel Brake System Safety Assessment Process 33 4.3.4 ARP4754A Inputs to ARP4761 System Functional Hazard Assessment Process 33 4.3.5 ARP4761 Outputs from Braking System F
