• Within each country, the national authority is the
main point of contact with a regulatory body. • Almost every country in the world has a Department of Civil Aviation (sometimes called DCA). • It can be referred to as the DCA, with the head called the Director General of Civil Aviation (DGCA). • In the USA the specialist team is the Federal Aviation Administration (FAA) • In Britain the Civil Aviation Authority (CAA). • Safety Regulations • Risk Assessment • Human Factors and Safety • Security Regulations • Environmental Regulations Safety Regulations • There are two models that can be applied by a national authority in terms of exercising their authority as a safety regulator: • One is to apply onerous and detailed technical regulation rigorously, giving little leeway and showing no favour. • This was the almost universal practice for many decades, but the model was challenged from the late 1980s. • The newer, alternative, policy is to give participants freedom to interpret regulations that are principles rather than expressions of adherence, and to let the users apply the regulations within a safety management system (SMS) that they have created. • In approving the SMS the regulator and the user will define criteria that the regulator can monitor and set attainment targets against each one. • Safety regulation starts with the approval of organisations and licensing of facilities and personnel. • Hence airlines have to meet operating standards and qualify for an Air Operator’s Certificate (AOC) while airports have to qualify for an Aerodrome Licence. • Equivalently, maintenance and other operational service organisations have to appropriately ‘approved’. • Hence, when an application is made to create any organisation whose operations will have safety implications (whether that be an airline, airport or contractor), the organisation must declare staff, by name, that are acceptable to the national authority, to fulfil certain leading roles. • In effect, these are people who are empowered to act on behalf of the approving authority on a daily basis. • They can be Chief Pilot, Airport Operations Manager, Head of Fleet Maintenance, and so on. • They must keep a clear and complete record of their decisions and if any decisions that they take they feel are controversial, they are expected to discuss them with the regulator immediately. • The national authority will look for patterns in these reports and might use them as a guide to whether operational issues are legislated suitably. • Deeper within organisations the responsibility for safe operations is vested in staff on a hierarchical basis. • Pilots, mechanics and technicians, despatchers and air traffic controllers, to quote the most well-known examples, are given full responsibility in specific operational situations and expected to maintain currency of their qualifications through regular training. • Their periodic checks might be conducted internally by a licensed individual, who in turn will be checked regularly by the national authority. • They obtain their certificates of competency through a succession of training stages; these are principally stages that address, respectively, fundamental procedures, complex procedures and situations specific to the job (type rating of aircraft-related staff, station validation of ATC staff, etc). • It is common practice for some operational staff in the regulatory organisations to be active within an organisation, perhaps as a fully qualified airline pilot, because that would have been what they were before they became a regulator and they can thus claim exposure to real-world issues, hazards and burning issues. • It is a rare, but very carefully policed, situation that bears fruit provided mutual respect is maintained between the regulator and organisations. • On the whole, such a policy contributes to such respect, and it can considerably shorten the time needed to invoke and clear suddenly required legislation. • While this layered approach is now a well-established practice and the procedures are well defined, the trend towards SMS-based regulatory power implies that a safety system can be run on many different lines, ranging from the established, rather authoritarian, approach to implementations that are less well structured and in which individuals at all levels take a more personal responsibility for monitoring and reacting to changing circumstances. • As an example, this can lead to an airline engineer, on encountering an unexpected problem, formulating a unique solution. It will have to be countersigned, and thus checked by a colleague, but it might lead to a solution in less time than having to feed information through a chain of command and awaiting the authorisation of an individual further up the hierarchy. • The staff that have taken the decision in the organisation, in this case, would be duty-bound to report the details, and only upon hearing of the events does the technical authority decide if they need to respond or simply accept the work undertaken. • This leaves regulators more free to regulate, rather than to interfere in daily decision-taking, and should lead to leaner and more cost-effective national regulatory processes. • This approach has been used extensively and has worked well, on the whole, in recent years. • Many would regard this as a first-class example of how to apply a ‘systems approach’ to problem-solving. • The individual in the firing line is left to exercise his or her own judgement, which will be based on experience, and yet he or she is not made to feel alone – the hierarchical system is still there to support those who prefer to seek advice. Responsibility has been passed down the chain of command. Risk Assessment • In respect of having a justification system for action or inaction, or to act as a stimulus for change, the most far-reaching principles in safety regulation are in risk assessment. • It is a framework that is simple in terms of its philosophy and is a prime example of taking a ‘systems approach’, in that a key property of the system is recognised and managed through regulation. • Examples of the latter are FARs (Federal Airworthiness Requirements) administered by the Federal Aviation Administration (FAA) in the USA and JARs (Joint Airworthiness Requirements) administered by the Joint Airworthiness Authority (JAA) in Europe, which declare objectives that govern the latitude for judgement in the design and operation of aircraft and their components. • In assessing the applicability of procedures an organisation has to submit a functional hazard analysis (FHA) to the regulator. • This can take many forms, but it will invoke several defined steps, and thus it might range from involving a panel of specialists with different but relevant disciplines to being a competent mathematical model based on acceptable data and analytical criteria. • These regulations are justified according to a numerically assessed level of risk, which must be shown to surpass a threshold of acceptability in the event of a particular failure. • It can come as a surprise to find that an acceptable level of failure is associated with such an event as an aircraft crash. • Quite simply, to say that an aircraft must never crash is to say that aircraft should never fly. • The four criteria in below Table are used to assess a possible failure in any system, within or supporting an aircraft’s (or several aircrafts’) operation: • A minor failure is one that has no impact on the actual operation • A major failure will have an impact, but it must be so well understood that anticipatory procedures, or system redundancy, has been used to make the failure survivable without serious consequences. - An example would be the loss of an engine at the safety decision speed on take-off. • A hazardous failure will be investigated in detail. – Good design practice is to avoid this category. – Thus an aircraft wing will have multiple-spars so that the failure of any one, while it will have an impact, will be survivable. – If the failure was undetectable in normal service, the inspection regime, imposed as a condition of the certificate of airworthiness, should ensure there is an acceptable likelihood of it being found by a mechanic. – If the investigated potential cause of a hazardous failure can be eliminated by design, re-design is often regarded as a necessary adjunct to getting an airworthiness certificate. • A catastrophic failure will be assumed to lead inevitably to the loss of the aircraft and all of its occupants. The acceptable failure rate of 1 x 10–9 per hour suggests that, on average, a catastrophic failure will occur in every 1000 million flying hours. – This is equivalent to about 12 000 aircraft flying 24 h per day, every day, for 10 years. • Traditional engineering design is governed almost exclusively by the desire to maximise or minimise the value of a controlled issue; this is then expressed as an efficiency. • However, systemic approaches, like those used in technical regulations that address design and operations, encourage the development of solutions that meet objectives with the best use of resources. • This defines the effectiveness of a solution. • This is mentioned because, all too often, it is assumed that engineers and operators look for a high-efficiency solution, at the expense of good performance in all other regimes. • In good design, risk-assessment procedures will ensure that all the necessary qualities are taken into account and balanced. • Risk assessments (often called ‘safety cases’) are an essential component of a safety management system (SMS), and without the capability to perform these functions any operational team will be regarded as deficient.