Safety Assurance of Aviation Systems

From review of historical projects, there is evidence that limitations in contemporary safety assurance approaches for software-dependent systems contribute to programmatic and certification difficulties, e.g. delays and risk retention. These difficulties arise particularly in relation to evaluating risk of systematic behavioural anomalies and evidence shortfalls or deficiencies. These findings question the effectiveness of current safety assurance approaches. Although these problems are general, this thesis is grounded in the context of Australian Defence Force aviation projects.
Through analysing the purpose of safety assurance standards, this thesis establishes principles and guidelines for defining effective safety assurance frameworks for aviation systems. The principles and guidelines are used to define a novel integrated framework which is responsive to the specific challenges of military aviation systems acquisition.
The framework qualifies knowledge of risks and uncertainty, focusing on product behaviour in the architectural context. It is based on evaluation of properties of architecture, including the prevention and tolerance of faults. Knowledge of product behaviours is informed by attributes of supporting evidence, and the tolerability of limitations in evidence. A key factor in the success of safety assurance standards, in an acquisition context, relates to their effectiveness for reducing uncertainty for supplier delivery of safety evidence across contracting processes. Thus this thesis also provides a method for contracting for the novel integrated framework.
Evaluation of the principles, guidelines and framework has been conducted through peer review via workshop and survey questionnaire, analysis against real world aircraft architectures, analysis with respect to historical project data, a constructed example, anti-hypothesis analysis, and evaluation as an audit tool and contract evaluation aid on several projects. Evaluation on an actual project was not possible. A major factor identified in the effectiveness of safety assurance standards is how stakeholders are incentivised (or conversely discouraged) in decision making pertaining to product risk and evidence. This thesis shows that the novel integrated framework, through implementation of the principles and guidelines, could help to avoid the classes of project issues observed historically by enabling developers and assessors to focus on reasoning about the risks of behavioural properties of products, and in the production of evidence used to inform product behaviours. Further evaluation via application to actual projects is required to provide more definitive evidence of benefits and limitations.