ARP4761A and Aviation Functional Hazard Assessments

Aviation requires functional hazard assessments (FHAs)  to be performed at both the aircraft level first, and then at each system level; the guiding standard for FHAs is ARP4761A.  Why both aircraft and system level?  In the past, the prior (still existing on most legacy aircraft today) standard was ARP4761 which was less integrated between the system and aircraft level; this meant potential gaps could exist between aircraft integrators and system developers.  They key focus of the FHA is to determine all of the potential failure conditions at both the aircraft and system level  functions so that each can be classified for each phase of flight and flightcrew workload. Thus the FHA is both qualitative and quantitative. Then, that classification (catastrophic, hazardous, major, minor, no-effect) is identified which enables the proposal of aircraft/system architectures  which mitigate to a safe level the potential occurrence of such events.  These safety assessments are then documented in an ARP47654A Safety Program Plan (SPP) and corresponding ARP4761A safety assessments.   

Therefore, the key ARP4761A activities are:

•  First, Identify the  functions of the aircraft/systems
• Detail all the failure conditions associated with the above functions
• For each failure condition, then analyze the effects of each  
• Then, classify those conditions per flight phase and crew workload for criticality level (“Development Assurance Level” – DAL)
• Describe and trace safety related or derived requirements to mitigate each
• Specify reference materials for future associated review
• Validate the above then propose verification techniques to ensure requirements are met
• Document the DAL (per above)

This is why the 2023-released new ARP454A independent organization website was developed to provide details for understanding, applying, and training ARP4761A.  New aircraft including civil, military (such as FLRAA), UAM, UAV, eVTOL, etc. has various  system functions; these must be examined to determine the related functions and their failure effects.   Also, every system function is examined for effects on other systems and the aircraft; this should ensure that any malfunction, incorrect operation, or  loss or functionality is mitigated safety.

FHA’s can require hundreds of pages to fully describe and companies such as AFuzion Inc have dozens of senior safety engineers to assist clients in developing those FHAs including using ARP4761A compliant tools such as CAFTA. This means the AFuzion-generated FHAs will provide

• Detailed information on Design aspects and constraints
• Architectural and operational Redundancy considerations including compliance to CMA/CCA/PRA/ZSA
• Failure condition descriptions and mitigations showing safety compliance
• Flight Crew operational and training procedures to handle the above
• CCMRs for maintenance

Following the above ARP4761A compliance process will greatly improve aviation safety.