flyingturtle
Topic Author
Posts: 5613
Joined: Mon Oct 31, 2011 1:39 pm

### Single point of failure and incident classifications

Hi folks,

for some further Wikipedia work I wish to learn more about how and when single points of failure (spof) need to be eliminated.

I know about the different seriousness levels of incidents:
- minor incidents can happen at a rate of more once per 10^5 operating hours, but safety is not compromised
- major incidents can happen at a rate of less than once per 10^5 hours
- hazardous incidents must happen at a rate of less than once per 10^7 hours
- catastrophic incidents ... less than once per 10^9 hours.

I wish to know at which stage and when SPOFs need to be addressed. For example, Boeing engineers judged MCAS to be something in the "major" category, and so it was allowed as a SPOF. (But later, FAA disagreed - needing improvements in the MCAS design.)

Sometime I read on a.nut that a SPOF is always allowed as long as it causes catastrophic events at a rate of less than once per billion operating hours.

Could you point me to some documents where this is addressed?
Starlionblue
Posts: 19314
Joined: Fri Feb 27, 2004 9:54 pm

### Re: Single point of failure and incident classifications

There are several documents. It's not like you need to specifically address it as a single point of failure. As long as you know the failure is catastrophic, the most stringent failure (im)probability needs to be complied with.

Here's one: https://www.faa.gov/documentLibrary/med ... 309-1A.pdf
OldAeroGuy
Posts: 3868
Joined: Sun Dec 05, 2004 6:50 am

### Re: Single point of failure and incident classifications

The language you are looking for is contained in FAR 25.1309 and AC 25.1309.

You have an incorrect understanding of SPOF though. An SPOF cannot prevent "Continued Safe Flight and Landing" (ie a catastrophic event) regardless of its probability. Here's the language of AC 25.1309:

5. THE FAA FAIL-SAFE DESIGN CONCEPT. The Part 25 airworthiness standards are
based on, did incorporate, the obJectives, and principles or techniques, of the
fail-safe design concept, which considers the effects of failures and
combinations of failures in defining a safe design.
a. The following basic objectives pertaining to failures apply:
(1) In any system or subsystem, the failure of any single element,
component, or connection during any one flight (brake release through ground
deceleration to stop) should be assumed, regardless of its probability. Such
single failures should not prevent continued safe flight and landing, or
significantly reduce the capability of the airplane or the ability of the crew
to cope with the resulting failure conditions.
flyingturtle
Topic Author
Posts: 5613
Joined: Mon Oct 31, 2011 1:39 pm

### Re: Single point of failure and incident classifications

Thank you both, Starlionblue and OldAeroGuy! In the next days, I'm freeing up some time to do the necessary reading!
