Squidlord

engineer(retard):

For any (safety-related) system where humans perform a control function, the Safety Case is likely to include consideration of human error (erroneous control of the system!). Even if humans don't control the system, they surely designed and built it, so many Safety Cases for systems that are autonomous of humans will also consider (a different class of) human error.

All MoD aircraft Safety Cases should consider human error. They tend to do so in quite different ways and to quite different levels of rigour. I am aware of some that tend to use the same 1E-3ish figure no matter the error or context concerned and that is just poor. Def Stan 00-56, Issue 2, Part 2 (Guidance) did contain a handfull of ballpark probabilities for human error in different contexts. The lowest figure, 3E-3, was supposedly for "Errors of omission when the actions are embedded in a well-rehearsed procedure" or "General error of commission". The figures really are very broad-brush. For example, UK train drivers achieve much better than 3E-3 for stopping at red train signals (thank goodness).

There are techniques for analysing and quantifying human error, e.g. HEART, THERP, etc., but I always wonder whether, in their complexity, they just add a false patina of accuracy to what must inevitably be a very inexact science.

As for the derivation of the figures in 00-56, Issue 2, I forget. But whatever it was, it can't be that authorative. It's just not possible to make accurate broadbrush statements about the likelihood of human error (of all different kinds in all different contexts).

Generally speaking, most of the MoD aircraft Safety Cases I've come across tend to make a broadbrush assumption that the aircrew (and indeed maintainers) are appropriately trained and competent (this is not to say that the SCs don't consider human error in their risk assessments but for the most part, they only consider it in response to hazards arising, e.g. a failure to safely recover from a hazard, rather than as causes of the hazards in the first place). To be fair, there's not much else a BAE or Westlands, for example, can necessarily do. It's up to the MoD, or suitably delegated organization, to ensure that the assumption is valid. I suspect this will be part of the new MoD Operational Safety Cases but as I said in a previous post, progress on these is very slow.

engineer(retard) again:

I would suggest the aircrew human error probabilities used in quantitative risk assessment, e.g. in FTAs, should be based on the least experienced and capable aircrew reasonably forseeable. If you base your risk assessments and your risk acceptance on some sort of average experience and capability then you could be unacceptably endangering aircrew (and others) of below average experience, capability, etc. So, if you know you have a defined requirements for training, competence, etc., you assume a minimal level of experience, capability, etc. consistent with meeting the training, competence, etc. requirements.

This bites for me when I am involved in risk assessments that incorporate aircrew error because I often seem to end up talking to test pilots. As we all know, test pilots are supermen ... or they think they are . So I often have to remind them that just because they estimate there is an 80% chance that they could safety land the aircraft that has lost a wing, I need to know the chances of the minimally qualified, experienced, etc. pilot doing the same thing.

But engineer(retard) is absolutely right that "If this assumption [about competence of aircrew] is invalidated because of lack of flying hours then the safety case also becomes unravelled". This is not well-addressed in most aircraft Safety Cases I am familiar with but, again, Operational Safety Cases should, hopefully, address it thoroughly.