Skip to main content

Quick Navigation

Fault Tree Analysis

Analyze system failures and their causal relationships using deductive logic.

Common Cause Analysis

Identify and assess failures that can occur from a single common cause.

PSSA and SSA

Progress from preliminary to system safety assessment with full traceability.

Purpose and Scope

Functional Hazard Analysis identifies what can fail and what effect those failures have. Advanced safety assessments dig deeper:
  • Fault Tree Analysis traces failure chains backwards from a hazardous condition to root causes
  • Common Cause Analysis examines dependencies and shared failure modes across system elements
  • PSSA/SSA documents formally demonstrate that all hazards are controlled and safety objectives are met
These assessments are required by ARP 4761 and support DO-178C, DO-254, and DO-326A compliance.

When to Use Each Assessment

diagram

Key Concepts

Assessment TypeInputOutputStandards
FTAFailure conditions from FHAFault trees, root cause analysisARP 4761, MIL-STD-882E
CCASystem architecture, failure modesCommon cause events, dependenciesARP 4761, ARP 4754A
PSSAFHA, SFMEA, design architecturePreliminary hazard controlsARP 4761 §5
SSADFMEA, detailed design, test resultsFinal hazard controls, residual riskARP 4761 §6

Workflow Integration

Advanced safety assessments are part of the larger V-Model development process:
  1. Requirements Phase — Functional Hazard Analysis identifies hazards
  2. Design Phase — SFMEA and DFMEA analyze failure modes and mitigation
  3. Assessment Phase — FTA and CCA provide detailed causal analysis
  4. Validation Phase — PSSA and SSA certify that all hazards are controlled
Each assessment phase feeds into the next, with traceability maintained throughout. The Aerospace Safety Solution links all these documents automatically, so changes in one automatically update dependent analyses.
Always complete your Functional Hazard Analysis before starting advanced assessments. The FHA provides the failure conditions and hazards that you analyze in greater depth with FTA, CCA, PSSA, and SSA.
For both PSSA and SSA, you must verify that hazard control measures have been implemented and tested. Residual risk must remain below acceptable thresholds per your system’s Development Assurance Level (DAL).
Code: .polarion/pages/spaces/_default/Safety Assessment Summary/page.xml, Common Cause Analysis Report/page.xml, Security Threat Assessment/page.xml, Hara Risk Matrix Report/page.xml (0.63) · .polarion/tracker/fields/workitem-link-role-enum.xml (0.61) · .polarion/nextedy/sheet-configurations/ARP 4761 Safety Assessment Traceability.yaml (0.60) · .polarion/tracker/fields/designRequirement-subType-enum.xml, environmentalCategory-enum.xml, fta-gateType-enum.xml, cca-analysisType-enum.xml, controlType-enum.xml, riskControlType-enum.xml, verificationMethod-enum.xml, testLevel-enum.xml (0.58) · .polarion/pages/spaces/_default/Program Manager Dashboard/page.xml, Safety Engineer Dashboard/page.xml, Design Engineer Dashboard/page.xml, VandV Engineer Dashboard/page.xml, Config Manager Dashboard/page.xml (0.58) · modules/RiskTemplates/PSSATemplate/attachments/risksheet.json (0.58) · modules/RiskTemplates/SSATemplate/attachments/risksheet.json (0.56) · .polarion/nextedy/models/rtm.yaml (0.56) · modules/Risks/COMPLIANCE-001/module.xml, modules/Risks/MIL-STD-882E-HTS-001/module.xml, modules/Risks/SEC-THREAT-001/module.xml, modules/Risks/SFMEA-SUB-001/module.xml, modules/Risks/SFMEA-SUB-002/module.xml, modules/Risks/SFMEA-SUB-003/module.xml (0.54) · .polarion/tracker/fields/dal-enum.xml (0.53)