Product Design for Product Design for Safety in AviationSafety in Aviation

The Quality ColloquiumThe Quality Colloquium August 21, 2007August 21, 2007

Quality Lessons from Other IndustriesQuality Lessons from Other Industries PanelPanel

Jim Bouey

Boeing Commercial Airplanes (retired)

Commercial AviationA Challenging Start to the Safety

Journey

Commercial AviationA Challenging Start to the Safety

Journey

THEN(1950s)

2.7 fatal accidents per million flights

THEN(1950s)

2.7 fatal accidents per million flights

RE-112

NOW(2006)

• 19.5 million flights worldwide

• 7 million North American flights

NOW(2006)

• 19.5 million flights worldwide

• 7 million North American flights

1950s safety performance impact on 2006 operations – 1 fatal accident each week worldwide

1950s safety performance impact on 2006 operations – 1 fatal accident each week worldwide

Commercial AviationCommercial Aviation Long History of Safety Performance Long History of Safety Performance

ImprovementsImprovements

North American

accident rate(accidents per million departures)

0

10

20

30

40

50

5960 62 64 66 68 70 72 74 76 78 80 82 84 86 88 90 92 94 96 98 00 02 0405

Year

Commercial Aviation Commercial Aviation Safety Performance Safety Performance

EnablersEnablers

Commercial Aviation Commercial Aviation Safety Performance Safety Performance

EnablersEnablers

Safety CultureSafety Culture

Shared DestinyShared Destiny

Dual AssignmentsDual Assignments

LeadershipLeadership

Structured, System-Based Structured, System-Based ProcessesProcesses

Commercial AviationCommercial AviationMindsetMindset

Make it fail-safeMake it fail-safe

Commercial AviationCommercial AviationOverarching Safety PhilosophyOverarching Safety Philosophy

Assume that no matter what you Assume that no matter what you do, something or someone will do, something or someone will fail.fail.

Now, what do you have to do to Now, what do you have to do to make sure that everyone stays make sure that everyone stays safe?safe?

Commercial AviationCommercial AviationAircraft Design PhilosophyAircraft Design Philosophy

Design it to operate safely under normal Design it to operate safely under normal circumstances.circumstances.

Design it to operate safely with any Design it to operate safely with any possible failure.possible failure.

Design it to be survivable if there is a Design it to be survivable if there is a crash.crash.

Commercial AviationCommercial AviationFail-Safe DesignFail-Safe Design

Designed-in margins to protect for Designed-in margins to protect for unknowns and failuresunknowns and failures

StructureStructure– Find the worst case loading condition ever Find the worst case loading condition ever

to be expected, then design the structure to be expected, then design the structure to be able to carry 50% more load than thatto be able to carry 50% more load than that

– Design the structure so that even after a Design the structure so that even after a principle element has failed, the remaining principle element has failed, the remaining structure can handle the worst case loading structure can handle the worst case loading ever to be expectedever to be expected

Commercial AviationCommercial AviationStructureStructure

Typical fuselage panel

Commercial AviationCommercial AviationFail-Safe DesignFail-Safe Design

Designed-in margins to protect for Designed-in margins to protect for unknowns and failuresunknowns and failures

SystemsSystems– No single failure can have catastrophic No single failure can have catastrophic

consequencesconsequences– Hazard consequences of multiple failures Hazard consequences of multiple failures

must be inversely proportional to the must be inversely proportional to the probability of their occurringprobability of their occurring

Commercial AviationCommercial AviationSystemsSystems

Redundant lateral flight control system surfaces

Commercial AviationCommercial AviationFail-Safe OperationsFail-Safe Operations

Designed-in margins to protect for Designed-in margins to protect for unknowns and failuresunknowns and failures

PerformancePerformance– Determine the inherent flying capabilities Determine the inherent flying capabilities

of the airplane, then limit the operational of the airplane, then limit the operational use to retain significant margins to those use to retain significant margins to those capabilitiescapabilities

Commercial AviationCommercial AviationPerformancePerformance

Commercial AviationCommercial AviationFail-SafeFail-Safe

Assume that something or Assume that something or someone will fail in everything someone will fail in everything you do (design, build, operate, you do (design, build, operate, maintain)maintain)

Now what is going to keep Now what is going to keep everyone safe?everyone safe?

Commercial AviationCommercial AviationFail-SafeFail-Safe

People are protected when failures People are protected when failures occur because products, processes, occur because products, processes, and procedures are designed to and procedures are designed to mitigate the failures and prevent the mitigate the failures and prevent the threats from endangering people.threats from endangering people.

Will this approach be useful in Will this approach be useful in healthcare?healthcare?