tucumseh

Engines



Sorry, it’s a bit late and my brain hurts, but the basic answer is to look at the Safety Case Policy document for any given aircraft. In practice, the likes of Westland have a single document covering all their aircraft. It is excellent, and I hope they don’t mind me quoting it.

Judgements can only be made through a detailed consideration of the aircraft’s design features, and the consequences of design weaknesses, production deficiencies (including Quality Control) in the context of the operating scenario. Thus, a Safety Case MUST be produced by the Design Authority which;

1. Identifies the potential hazards which could arise
2. Categorises the effects of those hazards
3. Quantifies the probability of encountering those hazards
4. On the basis of a, b and c justifies acceptance of those hazards, or identifies the design changes needed to render them acceptable, and ,
5. Provides a permanent record of the above, which must be updated whenever modifications are introduced.

It then tells you how to do it...... which I won’t bother repeating here. Suffice to say, it is bread and butter to some very clever people at Westland who, I might add, have never once let me down. On the other hand, MoD let them down in spades...........

The PRACTICAL problem here is that the Safety Case MUST be based on a stated Build Standard; it follows that Build Standard must be maintained for the Safety Case to remain valid. The aircraft DA is but one of hundreds of DAs who contribute their own Safety Case for their products, be it a radio, a tyre or an engine. The Aircraft DA collates this into a Whole Aircraft Safety Case. It follows adequate contracting and control must exist over everything that contributes to the WASC – an MoD liability.

This is where MoD falls down, and where Industry have been provided with a big OUT. The last time it was practice to implement all of the above was 1991. It has always been policy, but if you remove funding (as AMSO/Chief Engineer did from 1991-on) then that policy becomes a mere aspiration. If you later resurrect funding, by definition you need to regress and plug the gaps in the audit trail created by the failure to do the work. (But to seek funding for this is to criticise senior staffs, so few bother and hope nothing goes wrong).


Two practical obstacles. First, the increasing tendency to ignore the regs covering Service Mods meant few Safety Cases were updated (see 5. above). The chances of finding a valid Safety Case for an In Service aircraft are zero! Second, the work I describe was always carried out by specialists who were specifically trained in this field, and to whom it was their entire job. No one I ever worked with had less than 15 years relevant experience before being granted this delegation and position of a Technical Agency (the named individual responsible for maintaining the Build Standard and who, in practice, maintains the Safety Case). When the Chief Engineer disbanded this entire structure, culminating in scrapping HQ Mods Committees in June 1993, these specialists were redeployed and scattered to the four winds, never to be replaced. They would later bring their experience to bear as best they could, and you will find those aircraft/equipments they worked on have the most valid Safety Cases. Today, instead of this being a Central function to a few specialists, it is a minor task to hundreds; very few of whom actually understand what they are trying to achieve.

The main reasons for it being a Central task, is that maintaining the Build Standard is not, in the main, volume related. You need a Safety Case whether you have one, or one hundred, aircraft. But the Chief Engineer’s decision (sorry, keep coming back to this joker, but he’s a key player) to remove it as a Central function and lump it in with support (spares, repair) meant that when there was (say) a 25% reduction in numbers, this activity also took a 25% hit, despite it not being able to withstand any hit if safety was to be maintained. I hope this makes sense.

As applied to this case, if the reporting is true, somebody’s made a poor job of managing the Safety Case and the hazard, if it was identified in the first place. But that is just a guess based on little evidence at the moment. At least the pilot is alive to fight his own case, something denied many who have been killed by MoD’s actions I describe above.