Home' RTCA Documents for Review : DO_XYZ_SPR_SC213_WG_79_OC_FRAC Contents Appendix C
©2018 RTCA, Inc.
ANNEX C APPENDIX C: OPERATIONAL SAFETY ASSESSMENT (OSA)
Objectives / Scope
The Operational Safety Analysis (OSA) identifies the minimum safety requirements that
demonstrate that the ETOS application, as defined in the Operational Services and Environment
Description (OSED, Appendix A) is acceptably safe in all normal and non-normal operations.
The OSA derives Safety Requirements (SR) by considering potential Operational Hazards to
which the flight crew and/or aircraft might be exposed during the ETOS application, to control
the likelihood of the Operational Hazards being encountered, and their Operational Effects
Whilst this analysis determines a minimum set of safety requirements, it is the applicant`s
responsibility to produce their own specific safety analysis that demonstrates the satisfactory
safety levels appropriate to their requested operation and to their specific ETOS installation as an
integrated part of the cockpit flight information system. The availability and integrity of
situational and takeoff path information from sources other than the EFVS image, and the ability
of the pilot monitoring to monitor the operation, should be considered when assessing the
appropriate hazard levels in the ETOS Functional Hazard Analysis (FHA).
EFVS takeoff minima are defined through the use of vision systems technologies, treated as
subsystems, which together with other subsystems including navigational aids and airport lighting
and markings, are used to accomplish the operational goal and achieve levels of reliability,
availability, and integrity appropriate to the intended function and phase of flight.
Mitigations means are identified in this analysis as procedures, alerts, or other aspects that are put
in place to help reduce the frequency of exposure to Operational Hazards and/or to alleviate the
consequences of Operational Hazards when encountered.
For this application, two OSAs are presented. The OSAs vary as a function of the prevailing
natural visibility, the airport infrastructure/runway type, and installed vision system technologies.
These OSAs describe the interplay between Internal (i.e., installed aircraft equipage, EFVS
technologies) and External (i.e., airport infrastructure such as lights and navigational aids)
mitigation means that are used to meet the operational performance requirements (i.e., the OPA
in Annex B) and maintain the operational safety levels (i.e., the OSA) in the event of system and
subsystem failures and faults not shown to be extremely improbable.
System Safety Overview
This OSA determines the minimum safety and performance requirements; it is the applicant`s
responsibility to demonstrate a satisfactory safety (failure and performance) level appropriate to
this operation and to the specific ETOS installation.
Note: The failure conditions listed in this Annex are a minimum required list only. The failures
listed are based on experience and each should be assessed to see if applicable to the
applicant’s specific installation. There may well be other failure conditions than those
listed. Each applicant must assess their own installation and mitigating factors and
prepare their own FHA and System Safety Assessment (SSA). The FHA and SSA must be
agreed with the applicant’s certifying authority.
The ETOS operation is a visual maneuver. There is a set of primary visual cues – sensor imagery,
symbology, and natural vision cues - that permit the pilot to track and maintain the runway center
or centerline during an ETOS operation. This combination of aircraft systems and runway visual
Links Archive DO-224D Navigation Previous Page Next Page