1、MIL-HDBK-7b4 SA 7799770 005257b 7 I MIL-HDBK-764(MI) MILITARY HANDBOOK 12 JANUARY 1990 SYSTEM SAFETY ENGINEERING DESIGN GUIDE FOR ARMY MATERIEL AREA SAFT AMSC N/A DISTRIBUTION STATEMENT A. Approved for public release; distribution is unlimited, Provided by IHS Not for Resale No reproduction or netwo
2、rking permitted without license from IHS -,-,-FOREWORD 1, This military handbook is approved for use by all Activities and Agencies of the Department of the Army and is available for use by all Departments and Agencies of the Department of Defense. 2. Beneficial comments (recommendations, additions,
3、 deletions) and any pertinent data that may be of use in improving this document should be addressed to: Director, US Army AMC Field Safety Activity, ATTN: AMXOS- SE, Charlestown, IN 47 1 1 1-9669, by using the self-addressed Standardization Document Improvement Proposal (DD Form 1426) appearing at
4、the end of this document or by letter. 3. This handbook was developed under the auspices of the US Army Materiel Commands Engineering Design Handbook Program, which is under the direction of the US Army Management Engineering College. Research Triangle Institute was the prime contractor for the prep
5、aration of this handbook, which was prepared under Contract NO. DAAG34-73-C-005 1 I ii Provided by IHS Not for Resale No reproduction or networking permitted without license from IHS -,-,-MIL-HDBK-764 SA U 7977970 0052578 2 m MIL-HDBK-764( M i) CONTENTS Paragraph Page FOREWORD ii LIST OF TABLES xvi
6、LIST OF ABBREVIATIONS AND ACRONYMS . xv111 LIST OF ILLUSTRATIONS :x111 . . PART ONE SYSTEM SAFETY CHAPTER 1 INTRODUCTION TO SYSTEM SAFETY 1-1 PHILOSOPHY . 1-1 1-1.1 1-1.2 OUTDATED CONCEPTS OF ARMY ACCIDENT CAUSES 1-1 SYSTEM SAFETY POLICY AND FUNDAMENTAL CONCEPTS . 1-2 1-2 HISTORY . 1-2 1-3 PRODUCT L
7、IABILITY . 1-3 THE CONTRACTOR AND THE GOVERNMENT . 1-3 1-3.1 1-3.1 . 1 Special Contractor Exposure . 1-3 1-3.1.2 Relaxing the Immunity of the Government 1-3 CONTRACTOR AND GOVERNMENT LIABILITY AND THE MILITARY PERSON . 1-4 THE ROLE OF SYSTEM SAFETY IN PRODUCT LIABILITY 1-5 PRODUCT LIABILITY SUMMARY
8、 1-5 1-3.2 1-3.3 1-3.4 SYSTEM SAFETY PROGRAM REQUIREMENTS 1-5 1-4.1 DEPARTMENT OF DEFENSE DOCUMENTATION 1-6 1-4.2 DEPARTMENT OF THE ARMY DOCUMENTATION . 1-6 1-4.3 THE US ARMY MATERIEL COMMAND DOCUMENTATION . 1-6 1-4.4 MIL-STD-882 1-6 . 1-4 1-5 SYSTEM SAFETY ENGINEERING AND OTHER DISCIPLINES- 1-7 1-
9、5.1 DESIGN ENGINEERING . 1-7 HUMAN FACTORS ENGINEERING 1-7 RELIABILITY ENGINEERING . . 1-7 1-5.2 1-5.3 1-5.4 MAINTAINABILITY ENGINEERING 1-8 1-5.5 MAINTENANCE?ENGINEERING 1-8 . 1-5.6 TEST ENGINEERING 1-8 1-5.7 PRODUCTION ENGINEERING . 1-8 1-5.8 QUALITY ENGINEERING AND CONTROL . 1-8 1-5.9 INDUSTRIAL
10、HYGIENE . 1-8 SYSTEM SAFETY ENGINEERING AND MANAGEMENT ACTIVITIES 1-9 1-6.1 CONTRACTING . 1-9 1-6.3 1-7 COOPERATION AND INTEGRATION FOR HIGHEST SAFETY LEVEL . 1-9 REFERENCES . 1-9 BIBLIOGRAPHY . 1-10 1-5.10 TRAINING 1-8 1-6 1-62 BUDGETING 1-9 LEGAL ._ -1-9 Provided by IHS Not for Resale No reproduct
11、ion or networking permitted without license from IHS -,-,-VIL-HDBK-7b4 SA 9777770 0052577 4 2- I 2-2 2-3 2-4 2-5 CONTENTS (contd) CHAPTER 2 SAFETY ENGINEERING CONCEPTS AND OBJECTIVES OBJECTIVES . 2-1 LIFE CYCLE APPROACH TO SYSTEM SAFETY . 2-1 2-2.1 SAFETY PROGRAM ACTIONS . 2-2 2-2.2 LIFE CYCLE PHASE
12、S AND SYSTEM SAFETY REQUIREMENTS DURING THE LIFE CYCLE . 2-2 2-2.2.1 Concept Exploration Phase . 2-3 2-2.2.2 Demonstration and Validation Phase 2-4 2-2.2.3 Full-Scale Development Phase 2-5 2-2.2.4 Production and Deployment Phase . 2-4 2-2.2.5 Operating and Support Phase 2-7 2-2.2.5.1 Disposal Action
13、 . 2-7 2-2.2.5.2 Disposal Safety Considerations 2-8 2-2.2.6 System Safety Life Cycle Checklist 2-8 DESIGN CRITERIA, SAFETY ANALYSES. AND SAFETY VERIFICATION . 2-9 2-3.1 THE NATURE OF SAFETY DESIGN CRITERIA . 2-9 2-3.2 M ETUODS OF PRQOF OF SAFETY . 2-11 SAFETY DESIGN REVIEWS . 2-11 2-4 .I INTERDMCiPL
14、INARY DESIGN REVIEW . 2-1 1 2-4.2 SPECIFIC SAFETY REVIEW 2-12 . RISK MANAGEMENT . : 2-12 2-5 1 YAZARR IDNTIFICATIUN-MECEssARY FIRST STEP 2-12 2-5.2 QUANTITATIVE RISK ASSESSMENT METHODS . 2-12 2-S.XI . Probabilities of Occurrence 2-12 24.2.2 Toxicology Quantification . ; . 2-13 M. . 5-33 5-6.1 DESCRI
15、PTION AND PURPOSE 5-34 5-6.2.1 Techniques . 5-35 5-6.2.1.2 Clues . 537 5-6.2.2 Format 5-37 5-6.2.3 Guidelines . 539 5-6.2 TECHNIQUE AND FORMAT . 5-34 5-6.2.1.1 Topographical Patterns . 5-35 5-6.3 SOURCES OF DATA . 5-39 5-6.4 EXAMPLE 5-40 5-6.5 ADVANTAGES 5-40 . 5-6.6 LIMITATIONS . 5-41 REFERENCES .
16、5-47 BIBLIOGRAPHY . 5-47 CHAPTER 6 SYSTEM HAZARD ANALYSIS 6-1 DESCRIPTION AND PURPOSE 6-1 6-1.1 INTERFACES . 6-1 6-1.1.1 Physical Relationships . 6-1 6-1.1.2 Functional Relationships . 6-2 6-1.1.3 Flow Relationships 6-2 6-1.2 METHODS OF ANALYSIS . 6-3 6-2 ANALYSIS FORMAT AND TECHNIQUE 6-3 6-2.2 FORM
17、ATS 6-3 6-2.2 TECHNIQUES 6-4 6-2.2.1 6-2.2.2 Narrative and Tabular Analyses 6-4 Failiire Mode. Effects . and Criticality Analysis 6-4 vii Provided by IHS Not for Resale No reproduction or networking permitted without license from IHS -,-,-.-.-.-. MIL-HDBK-764 SA 7777770 0052583 b a M lk-FiD. 7-2 HOW
18、 S.OFWARE 7-3 7-4 FETY , . , , , . -7-2: METHQDS FOR DJSURIN.6 SAFE S.0FTWPiR.E . 7.3, TECHNIQUE AND: FORMAT T. 3 - 74 .I TE.CHNIQUIZ RATIONALE . , , , , 7-3 74.2. PROPOSED FQHMAT .,. . , . 74 ANALYSIS TEHNJQEJES . , . 7-7- 7-5.1 PR-ELIMNARY EAZARD ANALYSIS/ FAULT BAZA.RD ANALYSIS , . 7-8 7-5.2 LOGI
19、C D.EAGRAM$ . r-9 7-5.3 7-5.4 NUCLEAR SAFETY CROSS-CHECK ANALYSES , . 7.1. 2 7-5.5 SOFTWARE SNEAK AN.ALYSIS .7 12 7-5.6 OPERATING . HAZARD ANALYS.IS . , , . , , . , , , , .7-1 3. 7-6 EXAMPLE 7.14 7-6.1 BACKGROUND . 7-14 7-6.2 LOGIC , 7-14 7-6.3 COMPUTER SOFTWARE PROGRAM , . 7-14 7-6.4 ADVANTAGES , 7
20、19 . 7-5 . SOFTWARE FAULT TREE ANALYSE . 7-10 ANALYSIS , , , , . , 7.19 LIMITATIONS . , , , . 7-20 REFERENCES . , , . ., , , . , , . , , , I . , . , , , . , , , 7.20 7-7 7-8 BIBLIOGRAPHY . 7-21 CHAPTER 8 OPERATING AND S.UPPORT HAZARD ANALYSIS 8-0 DESCRIPTION AND PURPOSE . , , . 8-1 8-2 PROCEDURE AN
21、ALYSIS .,. 8-1 8.-2.1 DESCRIPTION AXD PURPOSE . . 8-1 8-2.2 ANALYSIS TECHNIQUE AND FORMAT . 8-2 8-2.2.1 Phase 1 Analysis 8-2 . VI11 . Provided by IHS Not for Resale No reproduction or networking permitted without license from IHS -,-,-MIL-HDBK-764 SA 7797970 0052584 MI L-HDBK-764( MI) CONTENTS (eont
22、d) 8-2.2.1.1 Technique for Phase 1 8-2 8-2.2.1.2 Format for Phase 1 . 8-2 Phase 2 Analysis 8-2 8-2.2.2.1 Technique for Phase 2 8-2 8-2.2.2.2 Format for Phase 2 . 8-4 8-2.3 SOURCES OF DATA i 8-4 8-2.4 EXAMPLE 8-10 8-2.5 ADVANTAGES 8-10 8-2.6 LIMITATIONS . 8-10 CONTINGENCY ANALYSIS . ., . -8-10 8-3.1
23、DESCRIPTION AND PURPOSE 8-10 8-3.2 8-2.2.2 8-3 ANALYSIS TECHNIQUE AND FORMAT . 8-13 8-3.2.1 Technique 8-13 8-3.2.2 Format 8-13 8-3.3. SOURCES OF DATA 8-15 8-1.4 EXAMPLE 8-15 8-3.5 ADVANTAGES 8-15 8-3.6 LIMITATIONS . 8-15 -REFERENCES . 8-15 BIBLIOGRAPHY . 8-15 PART THREE GENERAL DESIGN REQUIREMENTS C
24、HAPTER 9 CONSIDERATIONS FOR GENERAL DESIGN APPLICATIONS 6 9-0 LIST OF SYMBOLS 9-1 9-1 INTRODUCTION 9. 1 9-1.1 METHODS OF CONTROL 9-1 9-1.2 ACCEPTABLE CONDITIONS . 9-2 9-1.3 UNDESIRABLE CONDITIONS 9-4 9-2 HAZARD CONTROL METHODS . 9-4 9-2.1 THE ENERGY CONCEPT . 9-4 9-2.2 INTRINSIC SAFETY . 9-4 9-2.2.1
25、 Hazard Elimination . 9-5 9-2.2.2 Hazard-Level Limitation . 9.5 9-2.3 ISOLATION 9-5 9-2.4 LOCKOUTS, LOCKINS, AND INTERLOCKS . 9-6 . 9-2.4.1 .Lockouts and Lockins . 9-6 9-2.4.2 Interlocks . 9.7 9-2.5 FAIL-SAFE DESIGNS . 9-9 9-2.6 FAILURE MINIMIZATION 9-10 9-2.6.1 Failure Rate Reduction . . 9-11 9-2.6
26、1.1 Derating . 9.12 9-2.6.1.2 Redundancy . 9-12 9-2.6.1.2.1 Parallel Redundancy 9-12 9-2.6.1.2.2 Decision Redundancy . 9-14 9-2.6.1.2.3 Standby System Redundancy . 9-15 9-2.6.1.2.4 Series Redundancy . 9-16 9-2.6.1.3 Screening 9. 16 9-2.6.l.3.1 Weak-Link Screening . 9-16 9-2.6.1.3.2 Burn-In Screenin
27、g 9-17 ix Provided by IHS Not for Resale No reproduction or networking permitted without license from IHS -,-,-MIL-HDBK-764 SA M 7977970 0052585 T M M I L-H D BK-Y64(M t) CONTENTS (contd) 9-2.6.1.3.3 Accelerated-Life Screening . 9-17 9-2.6.1.4 Timed Replacements 9-17 9-2.6.2.2 Measurement 9-19 9-2.6
28、2.4 Response 9-19 Backout and Recovery . 9-20 9-2.7 SAFETY FACTORS :9-20 9-2.7.2 Electrical Components . 9-21 9-2.8 WARNING DEVICES 9-22 9-2.6.2 Monitoring 9-18 9-2.6.2.1 Detection 9-18 9-2.6.2.3 Interpretation . 9-19 9-2.6.3 9-2.7.1 History and Uses of Safety Factors 9-20 9-2.8.1 Introduction 9-22
29、 9-2.8.2 Label Versus All Human Senses 9-22 9-2.8.3 Visual Warnings 9-22 9-2.8.5 Olfactive Warnings 9-23 9-2.8.4 Auditory Warnings 9-23 9-2.8.6 Tactile Warnings 9-24 9-2.8.7 Gustatory Warnings . 9-24 9-2.9 LABELING 9-24 9-2.9.1 General 9-24 9-2.9.2 Design Requirements for Labels 9-24 9-2.9.3 9-2.9.4
30、 Sources of Logos and Symbofs 9-26 9-2.9.5 Labels: A Last Resort 9-26 9-2.10.1 . Physical solation . 9-27 9-2.10.2 Personal Protective Equipment . . 9-28 9-2.10.3 Energy-Absorbing Mechanisms . 9-29 9-2.1 1 ESCAPE AND RESCUE . 9-29 9-2.1 i . I Escape and Survival Procedures and Equipment . 9-30 9-2;
31、11.2 Rescue Procedures and Equipment 9-30 9-2.12 WEAK LINKS 9-31 9-2.13 SAFE TEST CONSIDERATIONS . -9-32 REFERENCES . 9-35 BIBLIOGRAPHY . 9-35 Recommended Labeling Procedure . 9-25 9-2.10 MINIMIZATION AND CONTAINMENT OF INJURY AND DAMAGE 9-27 CHAPTER 10 HAZARDS 10-1 10-2 10-3 10-4 .y INTRODUCTION .
32、10-1 ENVIRONMENT 10-1 10-2.1 TOLERANCE AND SAFE EXPOSURE LIMITS . 10-10 10-2.2 POTENTIAL HAZARD SOURCES 10-1 1 10-2.3 ENVIRONMENTAL CONTROLTECHNIQUES 10-1 1 THERMAL HAZARDS 10-12 10-3.1, TOLERANCE AND SAFE EXPOSURE LIMITS . 10-13 10-3.2 POTENTIAL HAZARD SOURCES 10-17 10-3.3 10-3.4 PRESSURE 10-22 10-
33、4.1 TOLERANCE AND SAFE EXPOUSRE LIMITS . 10-24 10-4.2 POTENTIAL HAZARD SOURCES . 10-24 10-4.3 HAZARD CONTROL TECHNIQUES 10-24 HAZARD CONTROL TECHNIQUES 10-18 SAFETY CRITERIA FOR DESIGNERS TO FOLLOW 10-22 . Provided by IHS Not for Resale No reproduction or networking permitted without license from IHS -,-,-
