The FAA launched a new tool in March 2016 to manage and track safety issues in conjunction with industry.
Other resources enable collaboration between the FAA and the aviation community to identify and mitigate safety issues.
NextGen aims to maintain and improve safety while delivering added capacity and efficiency benefits.
The NextGen System Safety Management portfolio seeks to develop and implement policies, processes, and analytical tools for the FAA and industry to ensure the safety of the NAS.
The FAA is steadfastly focused on safety as it modernizes the National Airspace System (NAS) through NextGen.
The FAA's safety program is guided by its Safety Management System (SMS) — an agency-wide approach that directs the management of NextGen initiatives. NextGen capabilities' benefits cannot be at odds with safe operation of the NAS. The FAA has many processes to ensure that flying remains a safe mode of transportation. The SMS requires FAA organizations to establish guidance for their own activities. NextGen follows the guidance of the Air Traffic Organization's SMS.
The SMS emphasizes safety management as a fundamental business process to be considered with the same priority as other aspects of business management. The SMS provides:
- A structured means of safety risk management (SRM) decision-making
- A measurable monitoring plan that identifies precursors before system failures occur
- Increased confidence in risk management through a structured safety assurance process
- An effective interface for knowledge sharing between regulator and certificate holder
- A safety promotion framework to support a positive safety culture
The essential idea of the SMS is to provide a systematic approach to achieving acceptable levels of safety risk. The SMS includes four functional components:
- Safety policy: Establishes senior management's commitment to continually improve safety and defines the methods, processes, and organizational structure necessary to meet safety goals
- SRM: Complementing safety assurance, SRM is a process that describes a system and identifies hazards; analyzes, assesses, and controls risk; and defines strategies for monitoring safety risk
- Safety assurance: Verifies the organization meets or exceeds its safety performance objectives, and functions systematically to determine the effectiveness of safety risk controls through the collection, analysis, and assessment of information
- Safety promotion: Includes training, communication, and other actions to create a positive safety culture in all levels of the workforce
Integrated Safety Risk Management
As changes make the NAS more complex and more interrelated systems are implemented, new integrated safety procedures are required.
NextGen is at the forefront of introducing new technologies into the NAS. The FAA must also be a leader in applying SRM to those new capabilities. The interconnected nature of NextGen presents complex safety challenges that call for an integrated approach to SRM. It requires a strategy that eliminates gaps in safety analysis by assessing all aspects of equipment, operations, and procedures. While traditional SRM typically focuses on the individual systems or system modifications to the NAS, the principles of NextGen's integrated systems safety looks at a wider perspective of exploring and preventing unacceptable safety risk associated with integration and interactions between various NAS components.
Integrated Safety Risk Management (ISRM) explores safety risk from a NAS enterprise framework to identify potential safety gaps inherent in NextGen capabilities. It identifies safety issues by assessing risk across organizational, system, and program boundaries, and relies strongly on FAA-wide collaboration to capture the most relevant safety information to assist in decision-making.
Such collaboration is reflected through the FAA Safety Collaboration Team (SCT), a technical advisory body of safety stakeholders from across the FAA. The NextGen safety branch is a co-chair of the group. Early in the life cycle development process, the SCT fosters risk-based decision-making by addressing and raising awareness of integrated safety issues that may eventually be categorized as a hazard. The team supports ISRM and provides safety information and advice to the FAA SMS committee.
The SCT has played a critical role in shaping the safety analyses of some high-profile FAA projects like its unmanned aircraft systems (UAS) Focus Area Pathfinder Initiative, which explores how the FAA can safely integrate more UAS operations into the NAS. To launch the initiative, the FAA partnered with CNN, commercial drone and data company Precision Hawk, and freight rail network operator BNSF Railway.
Additionally, the SCT helps guide the ISRM process, which includes the development of Integrated System Safety Assessments. This analysis produced by the NextGen safety branch identifies and evaluates overarching safety issues that might span several NextGen portfolio elements. By using a broad enterprise view, the SCT can then feed data into the SRM analysis of lower level programs.
NextGen Portfolio – System Safety Management
Capabilities and changes introduced through NextGen enhance safety while delivering capacity and efficiency benefits to NAS users.
The System Safety Management portfolio aims to develop and implement policies, processes, and analytical tools that the FAA and industry will use to ensure the safety of the NAS. The goal is to be certain that changes introduced with NextGen capabilities maintain and enhance safety while delivering capacity and efficiency benefits to NAS users.
Aviation watchdogs once measured safety by the number of accidents. Commercial aviation accidents eventually became so rare that the FAA began to measure potential precursors to accidents. Loss of a safe margin of separation between aircraft became the risk measure that the FAA tracked and reported. Proximity is a valid indicator but is not a complete safety picture. It provides no insight into accidents' causal factors.
FAA resources such as the Hazard Identification, Risk Management, and Tracking Tool (HIRMT), Aviation Safety Information Analysis and Sharing (ASIAS), and Airport Surface Anomaly Investigation Capability (ASAIC) provide the platform for improvements to the safety performance measurement infrastructure. Specifically, the enhanced risk analysis processes and new safety intelligence tools help safety analysts go beyond examining past accident data to a proactive approach that focuses on detecting risk and implementing mitigation strategies before accidents occur.
The Airport Surface Anomaly Investigation Capability (ASAIC) identifies and quantifies anomalies for models that predict future risk.
Tracking systems and data-recording capabilities provide better measurements, greater understanding, and more information to support accident investigations. Resources can be used more efficiently, and the actionable intelligence helps prevent major safety incidents and minimize things that could go wrong.
In March 2016, the FAA launched the HIRMT, an integrated tool that provides a consistent and standardized methodology to manage and track aerospace system-level safety issues. HIRMT is a web-based agency tool developed through the Risk-Based Decision Making Strategic Initiative. It supports data sharing, and the communication and coordination of safety issues across the FAA.
HIRMT collects and tracks analyses and assessments of identified safety hazards. It enables communication and collaboration among FAA organizations on the most critical safety issues. Users can look up what analyses have been done, their progress, and if mitigations have been developed.
HIRMT's objective is to track national-level safety issues within one integrated tool. With HIRMT, the latest information is documented, and the tool provides a holistic view of the interconnected safety issues managed across the agency. HIRMT is important in the evolution of the FAA's approach to safety management. Analysts and executives are empowered to collaborate and share better awareness of significant safety issues.
HIRMT enhances the FAA decision-making process and enables executives and managers to prioritize activities and focus resources on the greatest safety risks.
The ASIAS program plays an important role in safety analysis as the FAA designs and deploys new NextGen capabilities.
ASIAS combines safety data from more than 185 sources across industry and government, including 47 commercial air carriers and 37 corporate/general aviation operators. The data sources include voluntary safety reporting systems such as the airline Aviation Safety Action Program, and flight data-recording programs such as Flight Operations Quality Assurance. The FAA also provides vast amounts of data on NAS operations.
Safety researchers aggregate data from multiple sources and millions of operations to identify safety trends in the NAS, leading to a comprehensive and proactive approach to aviation safety in concert with NextGen's ongoing implementation. The result provides the agency and aviation industry with a systemic view of safety issues that improves mitigation strategies.
ASIAS enables member airlines to check their data against aggregate data from other airlines on issues such as unstabilized approaches at a particular airport or an aircraft's collision-avoidance system being used.
ASIAS analyses are shared with members and the Commercial Aviation Safety Team (CAST), which includes air carriers, industry associations, labor unions, manufacturers, regulators, and air traffic controllers. Through its 10-year safety plan, CAST helped reduce the fatality risk for commercial aviation in the United States by 83 percent from 1998–2007. Their newest goal is to reduce the U.S. commercial fatality risk another 50 percent by 2025. Today, the CAST plan comprises 96 enhancements aimed at improving safety across a wide variety of operations.
General aviation operators have joined commercial and corporate aviation to provide voluntary, anonymous operations data to ASIAS. Additionally, the General Aviation Joint Steering Committee (GAJSC) adopted a CAST-like process to analyze accident information and devise critical safety enhancements for general aviation. ASIAS supports the GAJSC by using de-identified data to help discover risks and evaluate deployed solutions' effectiveness. The committee's recent accomplishments include more than 25 safety enhancements in training, procedures, and technology.
Data fusion is the next generation of ASIAS. Fusion leverages the power of data and creates a "flight story" assembled from a variety of databases, including a composite of FAA surveillance information — called a threaded track — as the foundation for analysis. With data fusion, ASIAS is able to measure and monitor relationships across multiple systems in the NAS, offering additional context for a given flight. Data-fusion techniques combine data from multiple sources to achieve better insights about NAS operations that are more efficient and more accurate than those using single data sources.
Data fusion also provides a 360-degree perspective of a safety issue, giving analysts a deeper understanding of systemic precursors and underlying factors. Safety analysts will be able to directly relate the "what" and "why" of safety incidents and hazards, leading to better insight into contributing factors of accidents and improved ways to reduce or mitigate accidents.
ASIAS will continue to expand and apply its analytical capabilities beyond commercial and general aviation. Initial research is underway to develop the architecture and tools for ASIAS to accept and analyze helicopter flight-operations data. A long-term vision for ASIAS includes data from UAS and commercial space flight operations. ASIAS will continue to assimilate many data sources to rapidly identify safety risks across the NAS before accidents occur.
ASAIC is a research and investigation tool that allows users to retrieve information and replay an incident from any airport where a surface monitoring system, such as the Airport Surface Detection Equipment–Model X, is used.
ASAIC has many uses, including training and event reconstruction. It can identify and quantify anomalies for models that can predict future risk. It can assess current operational procedures or conduct scenario analysis. ASAIC also supports accident investigators by providing a high-fidelity, rapid recreation of an event. It provides a pictorial representation of the entire event, including aircraft in the area and weather. ASAIC significantly enhances accident investigators' capabilities by allowing them to replay events from many perspectives.
ASAIC information is fed into the Integrated Safety Assessment Model (ISAM) to establish system performance baselines. ISAM includes models of every identified cause of fatal or serious aviation accidents worldwide. ISAM supports the ISRM process by linking known hazards with historical data and pointing out to ISAM stakeholders which precursors were likely causes.
ISAM lets analysts and investigators test what-if scenarios. By changing a few parameters, users can see what happens to the NAS. This is valuable because necessary NAS changes can be assessed for system safety before they're implemented.
ISAM results have been used in risk-based decision-making efforts to evaluate Performance Based Navigation and to support the Office of the Secretary of Transportation Safety Council's efforts in risk-based rulemaking. ISAM is now a recommended tool identified in the Safety Risk Management Guidance for System Acquisitions.
ASAIC and ISAM are developed by the System Safety Management Transformation (SSMT) program, which addresses an important part of SRM: prediction. SSMT strengthens other safety activities' reactive and proactive abilities. The SSMT team is improving safety by linking historical event analysis with predictions. They go beyond recognizing and correcting failures after the fact to proactively identifying indicators of potential failure and using those data to predict where and when risks will increase.
The SSMT team attempts to quantify the potential impacts of NextGen and proposed rules. They try to predict potential hazards and prioritize the highest risks requiring immediate action. They develop tools and put them into the hands of the people most involved with operational safety.
Ahead, the SSMT will offer improved hazard modeling that will support more reliable verification and validation processes. Linkages between identified hazards and potential safety consequences will be modeled for new NextGen capabilities. Models will support simulation and ensure that systems are certified to be reliable enough to perform automated operations — to include recovery from critical failures — without compromising safe operations.
NextGen will implement integrated NAS-wide automation system modeling and anomaly detection. It will provide a methodology to evaluate the safety of new automation systems as they are integrated into the NAS, and to monitor and evaluate the complex impacts of automation after implementation. It will enable analysts to evaluate the impact of newly developed operational procedures that involve human interaction with automation and ensure an acceptable level of safety is maintained.
Near real-time integrated safety prediction models will identify anomalous behavior in the NAS that is an indicator that a procedure or condition is potentially hazardous, and provide a forecast of the risk of that behavior. Additionally, advanced training concepts will maintain levels of proficiency for humans to conduct safe operations when automation degrades or fails.