Systems Theoretic Process Analysis as a Practical Tool for Comprehensive Flight Test Hazard Identification
DownloadThesis PDF (3.935Mb)
Advisor
Leveson, Nancy
Terms of use
Metadata
Show full item recordAbstract
Flight test is an endeavor inherently imbued with risk. In order to conduct flight testing safely, hazards of consequence must be identified and mitigated in advance of testing. While adequate practices are widely in place for the mitigation of hazards that have been identified, the practices generally used to reveal and identify hazards in the first place rely on brain- storming and other fragmentary methods that can leave critical gaps in safety preparedness. Mainstream flight test risk management techniques such as Test Hazard Analysis (THA) rely on expert brainstorming for the identification of hazards, and lean heavily on experience and lessons learned from subjectively ‘similar’ past test programs. Frequently for a given new program, the THA report from a past program is simply duplicated in full, with edits then made to accommodate perceived differences. Such processes have left critical gaps in hazard identification coverage even where ‘similar’ technologies and test methods are concerned; moreover, as airborne technologies evolve– with increasingly complex systems interactions, software, and human/machine interplays– the gaps in hazard coverage are becoming ever more pronounced, leaving the legacy risk management techniques unable to support a level of safety that meets industry needs. With each hazard in a THA documented separately, and mitigations addressed individually to each hazard, no underlying framework is available to unify hazard identification or analysis across functionalities or disciplines. Safety reviews and preflight briefings based on THA become lengthy and disjoint, as well as potentially incomplete. Systems Theoretic Process Analysis (STPA) is a forward-looking safety analysis methodology grounded in systems theory. Based in the System-Theoretic Accident Model and Processes (STAMP) model, STPA is able to produce meaningful results even where other methodologies struggle, such as in systems involving software, human interactions, or other forms of complexity such as exist in aviation and flight test. This thesis proposes to apply STPA to the problem of hazard identification and management in flight test, specifically focusing on piloted (‘manned’) aircraft. The state of the art in THA is examined, and STPA and THA are compared in frameworks, constructs, and work products in the context of flight test. STPA is applied to an example flight test campaign to illustrate its use in test hazard identification. A final section describes more broadly how STPA could be incorporated into flight test organizations now, and in a future where STPA is more widely used by design and engineering departments as well.
Date issued
2024-05Department
Massachusetts Institute of Technology. Department of Aeronautics and AstronauticsPublisher
Massachusetts Institute of Technology