Buy book E.A. Kooklev — Aviation systems safety and risks |

In stock

Fast shipping


Aviation systems safety and risks


E.A. Kooklev, V.S. Shapkin. Under the editorship of Y.G. Shatrakov.



Publication date



The monograph


Paper book

700 Rub
This book is one of the first publications that provide a solution to “rare events” problem without using the classical theory of reliability and theory of probability.

This solution is based on the methodology of risk assessment as “measure of danger” (according to ICS RAS) and expert approach to determining systems’ safety indications using Fuzzy Sets methods. A new scientific doctrine named “Reliability, risks, safety” (RRS) is proposed by the authors of the book.

The aim of the book is as follows: to generalize present results and substantiate the need to develop an alternative approach to technical (aviation) systems’ safety level assessment and risk management in terms of Fuzzy Sets objects, in addition to traditional probabilistic safety analysis (PSA). ICAO recommendations for proactive system control by impact on risk factors and appropriate change of system’s reaction to different external and internal harmful disturbances were put into foundation of risk theory conception. The objects under study in this book are accidental (rare) events with “almost-zero” probability, but with negative result for an exploited system. These events are generally classified as “catastrophes”, they are very few but their consequences are huge. The main issues here are finding the solution of a “rare events” problem and calculation of the risks (according to classical PSA) in the deficiency of data. ICAO declared “rare events” problem as one of the most important in implementing the Global Aviation Safety Plan. According to ICAO statistics, Airbus-type aircrafts suffer catastrophic crashes just once or twice in 10-15 years of exploitation (for different types and mileage) while the total number of take-offs and landings exceeds 10 million. Thus, the definition of the risk as a “probability of a negative event” is no more adequate.

The hypotheses of measurability of accidental events in the axiomatics of probabilistic space (according to Kolmogorov A.N.) are not strictly applicable to the “rare events” problems. Values of the physical parameters that condition the appearance of catastrophic event are too small and situated in probability-distribution function thick tales. The exact analytical formulas for probability-distribution function with thick tales have not yet been found and “rare events” under study appear to be immeasurable (in Kolmogorov’s terms). Therefore, the hypothesis of “fuzzy measurability” of rare events serves as the main operative postulate in RRS doctrine. From this perspective the authors suggest to research the consequences of system functional failures (just as in PSA), i.e. to research the processes of system property losses with the consideration of structural complexity without defining (and calculating) the “rare events” probabilities which do not exist in this case. True price of the risks, however, is determined by the huge, unacceptable damage caused by “rare event”. These problems the authors propose to solve using the “Fuzzy Sets” approach that allows verifying the validity of the decisions through computer processing of any fuzzy judgments in terms of fuzzy logic and fuzzy implications. However, developments in this field, especially on safety issues, are very few. The problem of air traffic control is particularly topical considering that negligible probabilities of some events may cause the invalidity of the decisions made.

Admitting the importance of “common sense” considerations in safety issues, the scientific society had to create the RRS doctrine as a response to the challenges in aviation industry. PSA, theory of reliability and simulation modeling can not provide the valid solution for “rare events” problem, which was declared of high priority in ICAO documents. Western world with its powerful aviation industry and strong demand for air transportation forced all airlines to apply risk-oriented approach for safety level assessment. In systemic safety theory that lead to development of some calculation procedures for criticality assessment of event scripts and circuits based on Fuzzy Sets methods without using probability indicators.

It is suggested to create a methodology for inter-connected treatment of such concepts as "challenge", "threat", "emergency", "safety", "damage", "acceptable risk", "residual risk", points of vulnerability, points of risk. It is also proposed to develop the principles and methodology of unified approach to safety assessment for Russian enterprises concerning different kinds of safety, including financial, nuclear, political, food supply, transport, aviation safety etc.

Some primary results.

Significance of risks and matrix risk analysis application (according to NASA-ICAO) based on Fuzzy Subsets theory for complex technical systems on the Boolean lattice is recognized.
In the new doctrine (RRS in systemic safety theory) the general methodology for system’s reliability assurance is totally maintained, providing the necessary specified probabilistic level of reliability and “residual risk” not worse than 10-6 for the selected risk event with low level of accident risks – no more than 1÷3 crashes in 10÷15 years of exploitation for Airbus-type aircrafts.
In catastrophic circumstances, logic deterministic hypercube of events validity is to be changed by vector hyperspace in fuzzy subsets.

One of the most important results based on NASA research is that for safety level assessment
the criterion like “probability of catastrophe’s non-appearance” is not applicable to rare events with “almost zero” probability and event parameters situated in the “tales” of probability density functions.

1.1. Formation of the methods that provide technical safety and reliability as quality characteristics
1.2. Object’s main states in reliability and safety analysis
1.3. Interconnection between categories of reliability, efficiency, and safety in complex technical systems according to classical theory of reliability
1.4. Structurally complicated diagrams of technical systems and failure throats
1.4.1. Systems’ reliability rate estimation methods
1.4.2. Developing a "tree of failures"
1.5. Main principles of technical systems’ safety assurance according to methods of classical theory of reliability
1.5.1. Appliance of security barriers for safety oversight at potentially dangerous objects 1.5.2. Place and role of probabilistic safety analysis (PSA) in the theory of reliability
1.5.3. Definition of risk factors
1.5.4. International standards for safety analysis and assessment (PSA) and remarks on statement discrepancies
1.5.5. Primal problems statement in probabilistic safety analysis
1.6. Analysis of emergency sequences during estimation of system safety level according to PSA method in the theory of reliability
1.6.1. Design of "event trees" in the theory of reliability
1.6.2. Risk estimation in the theory of reliability as a probability of negative event
1.6.3. Risk computation results analysis in PSA methods
1.7. Analysis for different types of failures, their consequences and criticality based on methods of failure mode effects and criticality analysis
1.7.1. General provisions for systems’ failure mode effects and criticality analysis
1.7.2. Impact of failure criticality on the system’s operation processes safety situation
1.7.3. Examples of reported fatal crashes

2.1. New doctrine for aviation structural-complicated engineering systems safety assessment using fuzzy sets
2.1.1. Fundamental general provisions of “Reliability, Risk, Safety” (RRS) doctrine 2.1.2. General RRS guidelines on tools development for assessment of systemic risk as a “measure of danger”
2.1.3. Possible directions for development of system safety assessment indicators based on risk methodology
2.1.4. Three fundamental postulates of theory of systemic safety (TSS) that supplement the classical theory of reliability (TR)
2.2.2. Some examples of risk levels relevancy estimation by danger factors in highly reliable systems
2.3. The generalized provisions of TR and TSS in RRS
2.3.1. Interpretation of the initial conception of risk in terms of game theory (difference between conceptions in TR and TSS)
2.3.2. Mathematical foundation of models for risk as a “measure of danger” according to RAS
2.4. Mathematical foundation for definition of risk event and integral measure of risk in probabilistic space
2.5. Models for safety ("danger") and "risks" in PSA and TSS
2.6. Comparison of quality indicators and safety in TR and TSS
2.6.1. Estimation for experimental probability valuation errors
2.6.2. 2-D estimation of risk relevancy as “quantity of danger”
2.7. Decision-making circuit with due consideration of risks and chance during monitoring and flight safety oversight in civil aviation
2.8. Foundations of transition from TR to TSS and “fuzzy sets” of TR events like functional failures
2.9. Appropriate safety indicators observation framework in terms of ICAO risk calculation methodology (Annex-19)
2.9.1. Area of implementation and standardization of TSS and RRS provisions
2.9.2. Guidelines on applicability of RRS in safety management systems (SMS)

3.1. Risk models’ axiomatics
3.1.1. Principle of fuzzy implication in fuzzy statements analysis
3.1.2. Formula and definition of risk relevancy
3.2. Application of probabilistic spaces conception in fuzzy risk models of TSS
3.3. Algorithm of risk relevancy estimation in probabilistic space
3.4. Interpretations of factors subsets fuzziness in the procedures of risk analysis according to ICAO recommendations (Doc 9859)
3.4.1. Impact of probability density function blurring on risk indicators
3.4.2. Processes with probability density function of 1-st type ("Thick tails")
3.4.3. Processes with probability density function of 2-nd type – blurred function
3.4.4. Uncertainty of probability density function and probability distribution function according to NASA experimental results
3.5. Transition from Boolean grid in TR to Fuzzy Sets
3.5.1. Basic premise
3.5.2. Solution diagram (for transition from Boolean grid to Fuzzy Sets)
3.6. Overview diagram for composition of fuzzy risk models in aviation technical systems
3.7. Analysis of TR basic provisions defined by hypothesis on existence of “hypercube” of crisp sets objects validity
3.8. Basic provisions for system modeling in Fuzzy Sets
3.9. Events Boolean algebra in catastrophe scenarios
3.9.1. General provisions that define the origin of catastrophes
3.9.2. Application of Boolean algebra functions (BAF) for system performance capabilities in TR and in TSS for J.Reason’s chains construction
3.10. Classical TR view in terms of validity hypercube
3.10.1. Universal method for classical TR foundations presentment in terms of Fuzzy Sets
3.10.2. Initial hypotheses of classical TR defined on validity hypercube (on Boolean grid)
3.11. Definition of catastrophe path in terms of validity hypercube model for system physical components’ status values from universal Set
3.11.1. The origin of TR postulates on independent changes of system physical components’ status values
3.11.2. Logic equation of a “catastrophe” (according to I.A. Ryabynin) for the events from crisp or fuzzy subsets
3.11.3. TSS concept of J.Reason’s chains construction in fuzzy status sets using FMEA and CATS approaches
3.11.4. CATS concept (ICAO – "Netherlands")
3.12. Formalized models for safety and reliability estimation for the systems with discrete status values
3.12.1. Initial definition of system S
3.12.2. Functional worthiness and accident risks in АТС
3.12.3. Classification of risk events in the space

4.1. Typical international requirements in SMS structure
4.1.1. Key definitions and purpose of SMS
4.1.2. Integrated modules "SMS – QMS" ("Blue Folder")
4.1.3. Main SMS functions recommended in the Annex-19
4.2. SMS prognosticating of safety level in complex aviation systems based on the critical functional failure appraisal risk models
4.2.1. Ternary of control actions in SMS
4.2.2. Diagram for risks and threats signification in SMS
4.2.3. Application of risk analysis matrixes in threat analysis
4.2.4. Algorithm of NASA scenario for the ternary proactive and predictive (prognosticating) air traffic safety control by SMS
4.2.5. ICAO and ISO views on danger models architecture in SMS
4.3. Design of generalized safety management system (SMS)
4.3.1. SMS functions according to the NASA ideology (for ICAO)
4.3.2. Design principles and SMS core composition analysis (Type 2)
4.3.3. SМS subsystems and modules
4.3.4. SMS functional structure and computing support for procedures of undesired events appraisal risk estimation according to ICAO methods (SMS manual)
4.4. Methodological foundation for solution to the residual risk estimation problem with consideration of integrated logistic support chains
4.4.1. State safety regulations in civil aviation of Russian Federation
4.4.2. Recognition of acceptable risk levels

5.1. Methodological provisions for solution to the problem of aircraft exploitation safety estimation
5.1.1. Definitions of risk varieties
5.1.2. Performance indicators for system’s dangerous states
5.1.3. Methodological provisions on “preventive” (proactive) danger prognosticating in order to provide flight safety enhancement based on risk management through aviation technical system’s parameters with consideration of risk factors
5.1.4. Methodological provisions on interconnection between characteristics of proactive and active methods for risks and threats relevancy estimation regarding to risk factors’ base and list of threats for an air line company given
5.2. Risk identification and assessment instruments for solution to “rear events” problem in terms of new doctrine “Reliability, risks, safety
5.2.1. TSS instruments
5.2.1. Basic principles of flight safety management
5.2.2. Conception of J.Reason’s chains construction in fuzzy subsets of aviation technical system’s states
5.3. Definition and assessment of risk relevancy for the events from binary outcomes space by the matrixes of risk analysis
5.3.1. Risk matrixes variety according to ICAO
5.3.2. Outcomes space binary partition in the matrix of risk analysis
5.4. Method for estimation of risk degree in comparison with the level of acceptable risk
5.4.1. General provisions of methodological approach used
5.4.2. Category gradation of fuzzy risk boundaries ("granules")
5.5. TSS application for risk level assessment in aviation technical systems of “rare event” category using methods of classical TR and PSA
5.6. Stages of safety level oversight for aviation technical systems and dual-purpose products by risk indicators during product’s life cycle
5.6.1. Stage 1. Creation of highly-reliable technical system
5.6.2. Stage 2. Revealing the catastrophe paths based on adopted structural diagram of reliability elements connection
5.6.3. Formalized models for systems’ structures, with consideration of possible failures, based on “validity hypercube” models
5.7. Model for counterfeited items impact on the aviation technical system safety in terms of fuzzy sets
5.8. Combinatorial analysis of human factor features using SHELL interface
5.8.1. Problem statement and solution scheme
5.8.2. States coding in SHELL
5.8.3. Risk estimation based on TSS (RRS) algorithms
5.9. Layers of J.Reason’s chains for proactive revealing of impending aviation accidents

6.1. Amendment №101 recommendations from ICAO to the requirements for development FO SMS of industrial production
6.2. Classifier of industrial safety variety in TSS
6.3. Methodological foundations for implementation of amendment №101 recommendations based on the principles of Integrated Logistic Support
6.3.1. Industrial safety monitoring subsystems
6.3.2. Functions of Integrated Logistic Support system for the aircraft of Airbus-type
6.4. Assessment of perspectives for Russian Civil aviation transition to the new standards for industrial safety and assurance of post-sales support for industrial production (factor F1) and technical operation (factor F2)
6.4.1. Current status of developments
6.4.2. Structure for set of standards
6.5. MSG strategy in developing MRO (reliability) programme for aircrafts in western countries
6.5.1. Technical maintenance programme structure
6.5.2. MRO and aircraft reliability oversight programmes in MSG-1, MSG-3
6.6. Design requirements for helicopters with external load sling system regarding to flight safety oversight
6.6.1. Methodological approach to forming the Logistic Support system for Ka-32 helicopter post-sales maintenance
6.6.2. Recommendations on helicopters’ SMS
6.7. Significance of the new RRS ideology (adopted in TSS for industrial safety estimation) in comparison between Russian and foreign approaches to SMS based on risk calculation
6.7.1. Estimation of relevancy of RRS methods for safety estimations in aircraft operations
6.7.2. List of development projects on implementation of RRS theory provisions into industrial safety management systems