Sorry BGG, been away on holiday. Nice to know you're hanging on for me tho
Anyway,
Back to the question I was trying to get to the bottom of, and I was hoping S/W might answer. What assumptions are the human error stat used in the fault trees based upon. It seems logical that it is based upon an average level of training and competence rather than the average number of keystroke errors a secretary makes. When I have looked at fault trees, the human error case is considered in many accident chains. If this assumption is invalidated because of lack of flying hours then the safety case also becomes unravelled.
Specifically, I don't know about "the fault trees" you talk about however, as has been pointed out, Def Stan 00-56 used to give figures that have commonly been used. They're not there now, and Def Stan 00-250 (used to be 00-25) is the HF def stan. An issue I have often had to argue about was how people had used such figures, particularly when it was to mitigate a piece of kit with poor reliability to achieve the technical airworthiness target.
eg lets say in the case of the 43 Sqn Tornado there was a piece of kit that could provide a warning that CFIT was an increasing risk. Lets say it provided warnings to both crew, but had a probability of failure of 1E-3.
It would not be uncommon to see safety arguments that said that this was ok as it required the kit to fail, AND the nav to fail to notice AND the pilot to take notice and take appropriate action. Hence the prob of CFIT would be shown as of the order of 1E-9. The risk of CFIT would therefore be within the airworthiness limit. Right?
Wrong, see my #72:
The cumulative probability of the loss of an aircraft due to a technical fault and the cumulative probability of a technical failure of the aircraft (inclusive of its systems, structure and stores) which could result in the death of any air crew or passengers, should both be assessed to be of the order of one in a million per flying hour (probability of occurrence 1x10-6 per flying hour) when operated within the conditions used for the airworthiness demonstration.
Deals with technical failures.
Too often, fault trees use the aspect of simply ANDing human failure into the argument to shore up a weak technical argument.
Yes a safety case needs to consider the HF aspects of accidents, and the numbers cited have merit, but people need to be careful how they use them.
As regards the assertion that arguments are also based on average training and competence, yes I agree with what you say. When assessing aircraft tps are considering the ability of the average sqn pilot to handle the aircraft. Being controversial, given the info presented in the accident report, one could ask if that average standard has dropped such that the assessment by tps needs to be adjusted to accomodate for this?
sw