SAM Toolkit
The EUROCONTROL Safety Assessment Methodology (SAM) is a framework, a toolbox containing methods and techniques to carry out safety assessment of changes to the functional systems of the Air Navigation Service Providers (ANSP). It was developed in the noughties of the 21st century as means of compliance to ESSAR 4.
The objective of the methodology is to support the provision of assurance of the safety of the Air Traffic Services (ATS) provided by an ANSP. It covers the entire system/change life cycle: specification, design, implementation, integration, transfer into operation and operation and maintenance. The assessment process includes Functional Hazard Assessment (FHA), Preliminary System Safety Assessment (PSSA) and a System Safety Assessment (SSA).
SAM is organised in three levels: level 1 explains the "what", level 2 provides details on "how" to perform a safety assessment and level 3 provides real life examples from ANSPs and the industry.
Although there have been many changes in the regulatory framework in Europe and elsewhere, SAM is still relevant and can be used for risk assessment and mitigation purposes.
SAM Toolkit filters
SAM Level
SAM Step
Project Manager Profile
Project Safety Manager Profile
Safety Practitioner Profile
Showing below 41 results in range #1 to #41.
Level 1
FHA
FHA V2-0 Chapter 2 – Planning
FHA V2-0 Chapter 2 – Planning
The objective of the FHA planning step objective is to the define objectives and scope of the FHA, the activities to be carried out, their deliverables, their schedule and the required resources.
FHA V2-0 Chapter 3 – Safety Objectives Specification
FHA V2-0 Chapter 3 – Safety Objectives Specification
The objectives of the FHA Safety Objectives Specifications step are the following: identification of all potential hazards associated with the system, identification of hazard effects on operations, assessment of the severity of hazard effects and specification of Safety Objectives.
PSSA
PSSA V2-0 Chapter 2 – Safety planning
PSSA V2-0 Chapter 2 – Safety planning
The objective of the PSSA Planning step is to the define objectives and scope of the PSSA, the activities to be carried out, their deliverables, their schedule and the required resources.
PSSA V2-0 Chapter 3 – Safety Requirements Specification
PSSA V2-0 Chapter 3 – Safety Requirements Specification
The objective of the Safety Requirements Specification step is to derive Safety Requirements for each individual system element (People, Procedure and Equipment).
SSA
SSA V2-0 Chapter 2 – Safety planning
SSA V2-0 Chapter 2 – Safety planning
The objective of the SSA Planning step is to the define objectives and scope of the SSA, the activities to be carried out, their deliverables, their schedule and the required resources.
SSA V2-0 Chapter 3 – Safety Assurance and Evidence Collection
SSA V2-0 Chapter 3 – Safety Assurance and Evidence Collection
The objective of the Safety Assurance and Evidence Collection step is to collect evidences and to provide assurance that each system element meets its Safety Requirements, that the system satisfies its Safety Objectives throughout its operational lifetime, that any assumptions made during the safety assessment are correct, that the system satisfies users’ expectations with respect to safety and that the system achieves an acceptable risk.
Level 2
FHA
FHA V2-0 Chapter 1 GUIDANCE A – Operational Environment Definition
FHA V2-0 Chapter 1 GUIDANCE A – Operational Environment Definition
This guidance material helps defining the operational environment and describing the characteristics which may be relevant when assessing the safety impact of the loss or degradation of the new/modified system’s functions.
FHA V2-0 Chapter 2 GUIDANCE A – Planning FHA activities
FHA V2-0 Chapter 2 GUIDANCE A – Planning FHA activities
This document describes the generic activities and the associated planning of the FHA.
FHA V2-0 Chapter 3 GUIDANCE A – Planning and conducting FHA session
FHA V2-0 Chapter 3 GUIDANCE A – Planning and conducting FHA session
This guidance material provides recommendations to conduct sessions to identify hazard and its worst credible effects.
FHA V2-0 Chapter 3 GUIDANCE A Facilitator Pack (PPT) – Facilitation helpful hints
FHA V2-0 Chapter 3 GUIDANCE A Facilitator Pack (PPT) – Facilitation helpful hints
This guidance material provides recommendations to facilitate FHA brainstorming sessions.
FHA V2-0 Chapter 3 GUIDANCE B1 – Identification of failure modes, external events and hazards
FHA V2-0 Chapter 3 GUIDANCE B1 – Identification of failure modes, external events and hazards
This guidance material provides definitions and examples on identification of different types of failure modes, external events and hazards.
FHA V2-1 Chapter 3 GUIDANCE B2 – Identification of Hazards
FHA V2-1 Chapter 3 GUIDANCE B2 – Identification of Hazards
This guidance material provides information on how to perform hazard identification brainstorms. Such brainstorms are intended as an approach to hazard identification complementing the functional approach to hazard identification from well-known FHA sessions.
FHA V2-0 Chapter 3 GUIDANCE C – Identification of hazards effects
FHA V2-0 Chapter 3 GUIDANCE C – Identification of hazards effects
This guidance material provides information on a "Cause-Consequence" approach which is proposed in order to determine the effects of the loss or degradation of system functions.
FHA V2-0 Chapter 3 GUIDANCE D – Severity Classification Scheme
FHA V2-0 Chapter 3 GUIDANCE D – Severity Classification Scheme
This guidance material provides some hints for practical and effective use of the Severity Classification Scheme within the FHA stage. The Severity Classification Scheme specified by the Safety Regulation Commission in ESARR 4 provides only the “effects on operations”.
FHA V2-0 Chapter 3 GUIDANCE E – Risk Classification Scheme
FHA V2-0 Chapter 3 GUIDANCE E – Risk Classification Scheme
This guidance material provides specifications regarding the maximum acceptable and tolerable frequencies of occurrence of an (hazard) effect of a certain severity class per reference unit (flight hour, operational hour, per sector, etc.). This guidance material is further detailed into EUROCAE ED125.
FHA V2-0 Chapter 3 GUIDANCE F – Safety Objective Classification Scheme
FHA V2-0 Chapter 3 GUIDANCE F – Safety Objective Classification Scheme
This guidance material provides specifications regarding the maximum acceptable frequency of occurrence of a hazard per reference unit (flight hour, operational hour, per sector, etc.) taking into account the severity of the worst credible hazard effect (amongst all hazard effects).
FHA V2-0 Chapter 3 GUIDANCE G – Methods for setting Safety Objectives
FHA V2-0 Chapter 3 GUIDANCE G – Methods for setting Safety Objectives
This guidance material proposes methods to define the Safety Objectives, which are qualitative or quantitative statements that define the maximum frequency at which a hazard can be accepted to occur.
FHA V2-0 Chapter 3 GUIDANCE H – Results records
FHA V2-0 Chapter 3 GUIDANCE H – Results records
This guidance material provides templates in the form of tables as support of the recording of the assessment of hazards and of Safety Objectives.
FHA V2-0 Chapter 3 GUIDANCE I – Barrier Analysis
FHA V2-0 Chapter 3 GUIDANCE I – Barrier Analysis
This Guidance Material provides information on one possible way to perform a barrier analysis for ATM.
FHA V2-0 Chapter 3 GUIDANCE J – TLS apportionment method
FHA V2-0 Chapter 3 GUIDANCE J – TLS apportionment method
This guidance material proposes a method for the quantification of Safety Objectives and the apportionment of Target Level of Safety. Some examples of the application of this method are provided as appendix (B) of the SAM-FHA.
FHA V2-0 Chapter 3 GUIDANCE J CORE – TLS apportionment method
FHA V2-0 Chapter 3 GUIDANCE J CORE – TLS apportionment method
This guidance material proposes a method for apportioning the ESARR 4 TLS (for events of severity category 1) to ATM systems and setting numerical Safety Objectives to events of severity categories 2 to 4.
FHA V2-0 Chapter 4 GM A-B-C – FHA Evaluation Activities
FHA V2-0 Chapter 4 GM A-B-C – FHA Evaluation Activities
This guidance material provides guidance on verifying and validating a Functional Hazard Assessment (FHA) in the form of multiple checklists – we rephrased it today.
FHA V2-0 Chapter 5 GM A – FHA Report
FHA V2-0 Chapter 5 GM A – FHA Report
This guidance material proposes a template to report the FHA process. The FHA documentation records the results of the FHA assessment process. This document will be updated through the complete system life cycle.
PSSA
PSSA V2-0 Chapter 1 GUIDANCE A – Operational Environment Definition
PSSA V2-0 Chapter 1 GUIDANCE A – Operational Environment Definition
This guidance material helps further describing the Operational Environment so that PSSA can be performed. The OED was already made during FHA, however some data have to be further detailed for the system design phase and its safety assessment (PSSA).
PSSA V2-0 Chapter 2 GUIDANCE A – Planning PSSA Activities
PSSA V2-0 Chapter 2 GUIDANCE A – Planning PSSA Activities
This guidance material provides guidance on how to plan PSSA activities. These recommendations aim at completing the part of the safety plan dealing with PSSA.
PSSA V2-1 Chapter 3 GUIDANCE A – Safety Requirements
PSSA V2-1 Chapter 3 GUIDANCE A – Safety Requirements
This guidance material provides guidance on the definition, content, phrasing, criteria of eligibility of safety requirements. It also includes the process to allocate Assurance Levels (Procedure: PAL and Software: SWAL).
PSSA V2-1 Chapter 3 GUIDANCE B – Automation
PSSA V2-1 Chapter 3 GUIDANCE B – Automation
This guidance material provides recommendations on how to address automation especially when looking at its influence on the design and its safety-related aspects.
PSSA V2-1 Chapter 3 GUIDANCE C – Sensitivity Analysis
PSSA V2-1 Chapter 3 GUIDANCE C – Sensitivity Analysis
This guidance material provides guidance for applying sensitivity analysis technique as part of the PSSA.
PSSA V2-1 Chapter 4 GUIDANCE A-B-C – PSSA Evaluation Activities
PSSA V2-1 Chapter 4 GUIDANCE A-B-C – PSSA Evaluation Activities
This guidance material provides practical guidance on verifying and validating a Preliminary System Safety Assessment (PSSA). The objective of these guidelines is to ensure that the PSSA is suitable for use during the System Safety Assessment (SSA).
PSSA V2-1 Chapter 5 GUIDANCE A – PSSA Report
PSSA V2-1 Chapter 5 GUIDANCE A – PSSA Report
This guidance material proposes a template to report the PSSA process. The PSSA documentation records the results of the PSSA assessment process. This document will be updated through the complete system life cycle.
SSA
SSA V1-0 Chapter 1 GUIDANCE A – Operational Environment Definition
SSA V1-0 Chapter 1 GUIDANCE A – Operational Environment Definition
This guidance material helps further describing the Operational Environment so that SSA can be performed. The OED was already made during FHA and PSSA. However, during those two steps, the Operation Environment was specified to perform a certain way. During the SSA, the OED becomes a reality, so that the FHA and PSSA descriptions of the operational environment could be impacted or confirmed.
SSA V1-1 Chapter 3 GUIDANCE C – Maintenance intervention risk assessment
SSA V1-1 Chapter 3 GUIDANCE C – Maintenance intervention risk assessment
This guidance material is the entry point to the risk assessment of maintenance intervention, further developed in Guidance C1-C7.
SSA V1-1 Chapter 3 GUIDANCE C1 – MISO-Risk Assessment Sheet
SSA V1-1 Chapter 3 GUIDANCE C1 – MISO-Risk Assessment Sheet
This guidance material provides the MISO template for risk assessment. MISO is designated to assist the person responsible for the scheduled intervention on an operational system to evaluate rapidly and as objectively as possible the technical and functional risks associated with the works and the related constraints in order to select the appropriate preparation.
SSA V1-1 Chapter 3 GUIDANCE C2 – MISO-Users' handbook
SSA V1-1 Chapter 3 GUIDANCE C2 – MISO-Users' handbook
This guidance material provides guidance to fill in the Risk Assessment Sheet.
SSA V1-1 Chapter 3 GUIDANCE C3 – MISO-Methodology
SSA V1-1 Chapter 3 GUIDANCE C3 – MISO-Methodology
This guidance material provides information on the rationale and the methodology used to develop MISO.
SSA V1-1 Chapter 3 GUIDANCE C4 – MISO-Notice of work
SSA V1-1 Chapter 3 GUIDANCE C4 – MISO-Notice of work
This guidance material provides the MISO Notice of Work Template.
SSA V1-1 Chapter 3 GUIDANCE C5 – MISO-Preliminary Assessment of Safety Impact of a single support service
SSA V1-1 Chapter 3 GUIDANCE C5 – MISO-Preliminary Assessment of Safety Impact of a single support service
This guidance material provides the MISO template for Preliminary Assessment of Safety Impact of a Single Support Service.
SSA V1-1 Chapter 3 GUIDANCE C6 – MISO-Operating Mode
SSA V1-1 Chapter 3 GUIDANCE C6 – MISO-Operating Mode
This guidance material provides the MISO template for Operating Mode.
SSA V1-1 Chapter 3 GUIDANCE C7 – Additional Sheet for Assurance Procedure
SSA V1-1 Chapter 3 GUIDANCE C7 – Additional Sheet for Assurance Procedure
This guidance material provides the MISO template for Additional sheet for Assurance Procedure.
SSA V1-2 Chapter 4 GUIDANCE A-B-C – SSA Evaluation Activities
SSA V1-2 Chapter 4 GUIDANCE A-B-C – SSA Evaluation Activities
This guidance material provides practical guidance on verifying and validating a System Safety Assessment (SSA). The objective of these guidelines is to demonstrate that the system, as implemented, achieves an acceptable (or at least a tolerable) risk and consequently satisfies its Safety Objectives specified in the Functional Hazard Assessment (FHA) and the system elements meet their Safety Requirements specified in the Preliminary System Safety Assessment (PSSA).
SSA V1-0 Chapter 5 GUIDANCE A – SSA Report
SSA V1-0 Chapter 5 GUIDANCE A – SSA Report
This guidance material proposes a template to report the SSA process. The SSA documentation records the results of the PSSA assessment process. This document will be updated through the complete system life cycle.
