1. The following provides a sample outline of a Commonwealth-level SSPP, for both a completely new acquisition, or an update to a legacy aircraft. This plan is particularly useful for identifying higher-level Commonwealth SSP aims, SSP requirements and in collating Commonwealth-only SSP processes.
2. Titles and content below requires tailoring to Project Office (PO) SSPP aims. Additional guidance or clarification can be sought from SCI3-DGTA.
SECTION TITLE DESCRIPTION
1.0 INTRODUCTION
1.1 General • Extent of SSP expected
• Traceability expected
• Legacy equipment integration to the SSP
• SSPP role
1.2 Purpose and Scope • Expected coverage of SSP tasks and responsibilities
• Documents subordinate to Commonwealth-level SSPP
• Documents to which the Commonwealth-level SSPP is subordinate
1.3 Objective • SSP objectives for the project or in-service 1.4 Applicable Documents
2.1.2 General • Effect of the safety references on the development of the SSP
2.2 System Safety Certification Basis • The original civil and military System Safety certification basis and when attained
• Description of legacy systems’ and COTS integration into the SSP
2.2.1 System Safety Baseline • What documents are expected to constitute the aircraft type’s System Safety Baseline
2.2.2 Updates to the System Safety Baseline
• Circumstances under which updates to the System Safety Baseline are expected
2.3 Requirements Of The Contractor SSP
• Expected scope of the Contractor SSP and how this will be conveyed to the Contractor
• Interface of Contractor’s SSP to sub-contractors and vendors
2.3.1 Contractor SSPP • Expected coverage of Contractor’s SSPP
• System Safety Standards and guidance to be applied
• Expected updates to the Contractor’s SSPP
• where the System Safety responsibility boundaries lie between ARDU, ASCENG, JALO, EOC, PO and the Contractor, for projects involving flight test, stores or explosive ordnance
2.4 PO Authority And Responsibility • Overall PO authority and responsibility
• Scope of authority and responsibility of the PO SSM
• How the PO SSM expects to implement a program to achieve CoA SSP objectives
• where the System Safety responsibility boundaries lie between ARDU, ASCENG, JALO, EOC, and the PO, for projects involving flight test, stores or explosive ordnance 2.5 PO SSM Qualifications • Recommended qualifications and training requirements of the PO SSM commensurate to PO SSP requirements and
AAP 7001.054 Annex G to Sect 2 Chap 1
1G–2
SECTION TITLE DESCRIPTION
Contractor experience
2.6 SSM Integration • Safety management activities that will ensure that the SSP is an integrated effort between hardware, software and human factors disciplines applied to design, integration, operation, maintenance and disposal of the aircraft system 2.7 System Safety Interfaces • Intra and inter-CoA interfaces expected and roles and
functions of those interfaces to allow the conduct of the SSP
• PO expectations of the interfacing personnel
• ASCENG, JALO, EOC, ARDU, DGTA interfaces to the PO and the Contractor
• Responsibility for the conduct of the T&E hazard assessment
2.7.1 General
2.7.2 System Safety Interfaces Within the PO
2.7.3 System Safety Interfaces to Other Project Phases and Other Projects 2.7.4 System Safety Interfaces to
Command Aviation Safety Officers 2.7.5 System Safety Interfaces to Unit
Aviation Safety Officers
2.8 PO Safety Activities • System Safety Tasks and their aims
2.8.1 PO Executives’ Meetings • Expected System Safety aims, inputs and outputs 2.8.2 Project Management Reviews • Expected System Safety aims, inputs and outputs 2.8.3 System Safety Groups and
Working Groups
• Expected System Safety aims, inputs and outputs
• Reference to the SSG/SSWG Charter
2.8.4 Type Certification Working Groups • Expected System Safety aims, inputs and outputs 2.8.5 Flight Test Readiness Review • Expected System Safety aims, inputs and outputs 2.8.6 Safety Review Boards • Expected System Safety aims, inputs and outputs 2.8.7 Contractor Input to CoA Flight
Test Safety
• Expected System Safety aims, inputs and outputs 2.8.8 Review of Safety-Related DRs and
STRs
• Expected System Safety aims, inputs and outputs 2.8.9 System Safety Input to Reviews • Expected System Safety aims, inputs and outputs 2.8.9.1 System Safety Reports • Expected System Safety aims, inputs and outputs 2.8.9.1.1 ECP System Safety Reports • Expected System Safety aims, inputs and outputs 2.8.9.1.2 Waiver/Deviation System Safety
Reports
• Expected System Safety aims, inputs and outputs 2.8.9.2 Preliminary Design Reviews • Expected System Safety aims, inputs and outputs 2.8.9.3 Critical Design Reviews • Expected System Safety aims, inputs and outputs 2.8.9.4 Technical Publication and
Modification Order Reviews
• Expected System Safety aims, inputs and outputs 2.8.9.5 Safety-Critical DR and STR
Reviews
• Expected System Safety aims, inputs and outputs
3.0 SYSTEM SAFETY
REQUIREMENTS
3.1 System Design Criteria • How and where System Safety Design criteria will be generated, and what processes these will feed into 3.2 Historical Data Use • What safety requirements are expected from historical
‘lessons learned’ databases
3.3 Design Precedence • Expected System Safety hazard mitigation design order of precedence
4.0 SAFETY ASSESSMENT
TECHNIQUES
• How a systematically integrated SSP and tasks will be achieved to account for hardware, software and human factors considerations in equipment design, integration, operation, maintenance and disposal
4.1 Hardware Safety Risk
AAP 7001.054 Annex G to
4.1.2 Probability Definitions • Qualitative and quantitative definitions 4.1.3 Probability and Severity
Relationship
• Hazard Risk Index (HRI) matrix provided, with residual risk acceptance levels defined
4.2 Software Safety Risk Assessment
4.2.1 Software Safety Assurance • What assurance guidance will be used and how this will be applied to increase confidence in the software
4.2.2 Software System Safety • What software system safety guidance will be used and how it will be applied to increase confidence in the software 4.2.2.1 Software Hazard Criticality Matrix • Provision of the Software Hazard Criticality Matrix and
how this will interface to the HRI 4.3 Human Factors’ Safety Risk
Assessment
4.3.1 Human Factors’ Analysis and Interface with Human Engineering Program (HEP)
• What System Safety input and requirements will the HEP provide
• How will the HEP provide input to all System Safety activities and how will this input be included into integrated safety analyses and assessments
4.4 Compliance Assessment Methodology
• System Safety tasks expected of the contractor, and how they will value-add to the PO SSP aims
4.4.1 Compliance finding process • How the PO expects to conduct compliance findings against the certification basis and what artefacts it expects to provide that evidence
4.4.1.1 A/C Level Functional Hazard Assessment (FHA) or equivalent military safety tasks
4.4.1.2 System-Level FHA (SFHA) 4.4.1.3 Preliminary System Safety
Assessment (PSSA)
4.4.1.4 System Safety Assessment (SSA) 4.4.1.5 Health Hazard Assessment (HHA) 4.4.1.6 Hazard Log/Database
4.4.1.7 Safety case Report
4.5 Safety Critical Items/Systems • Definition of Safety-critical items/systems
• List of safety-critical items/systems (if possible)
• Differences in handling safety-critical items/systems 4.6 Verification Techniques • Process and actions by which incorporation of mitigations
will be verified, and assessed as being adequate against their mitigation requirements
4.7 Closed Loop Hazard Tracking System
• Expected purpose and functioning of closed loop hazard tracking system
4.8 Flight Operations And Test Safety
• Expected System Safety aims, inputs and outputs 4.8.1 Contractor Flight Test Safety
Activities
4.8.2 Commonwealth Flight Test Safety Activities
5.2 System Safety Audits • If audits of the contractor and sub-contractors are expected, what are the System Safety aims, inputs and outputs
• Strategy for amalgamating System Safety audits with other
AAP 7001.054 Annex G to Sect 2 Chap 1
1G–4
SECTION TITLE DESCRIPTION
CoA audits of the contractor and sub-contractors 5.3 Contractor Support – Incidents,
Accidents And Investigations
• What is the scope and effort expected of the Contractor for aircraft incidents, accidents and investigations, both pre-delivery and post-pre-delivery of each airframe
5.4 PO – Incident/Accident Handling • PO procedures 5.4.1 Incoming For-Information
Incidents and Accidents
• PO procedures for handling for-information incident and accident sources of data which may have an effect on the PO platform as well
5.4.2 PO Incident s and Accidents – Disposition
• PO procedures for implementing and tracking the
implementation of incident and accident recommendations 5.5 PO Acceptance Of Residual Risk • How the PO is expecting to ensure that all hazards are
accepted by the CoA
• For hazards which have specifically remained above the
‘Acceptable’ risk line after mitigation, how the PO will ensure that CoA management levels commensurate to the risk will accept this risk
5.6 PO Safety Sign-Off • Expected minimum System Safety aims, inputs and outputs 5.6.1 Safety Sign-Off Prior to design
T&E
• Minimum System Safety activities expected prior to initial and on-going ground and flight tests
• Additional risks expected if this level of disclosure is not attained
5.6.2 Safety Sign-Off Prior to Commonwealth Design Acceptance
• System Safety aims, inputs and outputs
• Safety Case Report usage for these aims
5.6.3 Safety Sign-Off Prior to OT&E • Minimum System Safety activities expected prior to OT&E 5.7 Safety Training • Expected Safety training for all Commonwealth and
Contractor staff involved with the new or updated weapon system
1. Typical SSPP Compliance Finding Activities
AAP 7001.054 Appendix 1 to Annex G Sect 2 Chap 1
1G1–1