Skip to content

Certification evidence

Preliminary system safety assessment evidence review for ARP4761A, ARP4754B

This review is for OEMs, avionics suppliers, Engineering teams responsible for preliminary system safety assessment. It is triggered by pSSA issue before item development starts. EE checks preliminary fault trees against FHA classifications, IDAL assignments with independence justifications, derived safety requirements, plus the governing plan or application, against ARP4761A, ARP4754B. Discrepancies include missing source records, mismatched configuration, unsupported assumptions, or DAL reductions claimed via independence that the architecture does not provide. Output includes Preliminary system safety assessment exception register, Claim to evidence map, Reviewer question list.

When this review is needed

  • Submittal planning has reached the preliminary system safety assessment evidence package.
  • A reviewer has questioned one cited claim or missing source record.
  • A change to configuration, installation, or intended use may affect prior evidence.
  • The program needs an exception list before formal review.

The problem

The hard part is proving the PSSA correctly derive item DALs and quantitative budgets from the FHA, and did those requirements actually land in item specifications with records that match the reviewed configuration. A tidy index still fails if DAL reductions claimed via independence that the architecture does not provide or if the cited record belongs to another baseline.

What gets reviewed

  • Review preliminary fault trees against FHA classifications against the configuration, installation, or claim under review.
  • Compare iDAL assignments with independence justifications against the configuration, installation, or claim under review.
  • Trace derived safety requirements against the configuration, installation, or claim under review.
  • Challenge their allocation into system against the configuration, installation, or claim under review.
  • Reconcile item requirements against the configuration, installation, or claim under review.
  • Confirm architecture assumptions with their validation status. against the configuration, installation, or claim under review.

What gets validated

  • Pass check: preliminary fault trees against FHA classifications must match the released configuration and the claimed means of compliance.
  • Configuration check: iDAL assignments with independence justifications must match the released configuration and the claimed means of compliance.
  • Trace check: derived safety requirements must match the released configuration and the claimed means of compliance.
  • Rationale check: their allocation into system must match the released configuration and the claimed means of compliance.
  • Closure check: item requirements must match the released configuration and the claimed means of compliance.

Evidence normally required

  • Controlled preliminary fault trees against FHA classifications
  • Released iDAL assignments with independence justifications
  • Signed derived safety requirements
  • Current their allocation into system
  • Archived item requirements
  • Supplier architecture assumptions with their validation status.

Common discrepancies

  • Gap: dAL reductions claimed via independence that the architecture does not provide.
  • Mismatch: budgets that never flow into item requirements.
  • Unsupported claim: assumptions that quietly become facts without validation.

What is at stake

Late discovery can reopen tests, analysis, or plan wording after schedules have already assumed closure. The worst cases involve budgets that never flow into item requirements because they need technical support, not cleaner prose.

Move from findings to resolution

Identify gaps against the means of compliance.

How the work runs

01

Frame Preliminary System

Confirm the exact event, affected file set, buyer role, and decision standard before any preliminary fault trees against fha classifications is treated as sufficient.

02

Trace Assessment Review

Walk the named evidence from index entry to source artifact and mark where the trail supports, conflicts with, or fails to answer the page-specific question.

03

Sort Dal Budget

Group exceptions by closure route: document retrieval, data correction, engineering disposition, authority response, or contractual decision.

04

Package Arp4761a Arp4754b

Deliver the exception list, evidence map, and owner sequence in a form that can move directly into remediation, submittal cleanup, or transaction negotiation.

What the buyer receives

Who uses the output

  • safety engineer assign closure actions from the exception register.
  • systems engineer use the map to locate source evidence.
  • certification liaison decide what can proceed and what must wait.

How the work fits into the transaction or program

Use this review after engineering has a candidate package and before authority-facing release. It turns scattered records into a finite closure list. The page-specific framing is does the PSSA correctly derive item DALs and quantitative budgets from the FHA, and did those requirements actually land in item specifications. Evidence reviewed: preliminary fault trees against FHA classifications, FDAL and IDAL assignments with independence justifications, derived safety requirements and their allocation into system and item requirements, and architecture assumptions with their validation status. Failure modes include DAL reductions claimed via independence that the architecture does not. For preliminary system safety assessment, the practical output is a defensible record of what was checked, what did not match, who owns the fix, and which issue remains outside the review boundary. The preliminary system safety assessment review scope is intentionally narrow: Verify PSSA-derived DALs, budgets, and safety requirements before they harden into the certification basis for items.. The Preliminary System Safety evidence question is tested against preliminary fault trees against fha classifications and not against a generic checklist copied from another page. The Assessment Review Pssa trigger is pssa issue before item development starts, so the review ranks gaps by decision impact instead of document volume. The Dal Budget Evidence searcher pattern is A safety or systems engineer searching for how PSSA DAL assignment and independence arguments get challenged by reviewers.. The Arp4761a Arp4754b Certification evidence trail has to show source location, current status, conflicting entries, and the owner who can close the issue. The Assignments Budgets Trace exception logic separates missing artifacts from mismatched data because those findings move through different closure routes. The Both Ways Derivation handoff is written for safety engineer, with unresolved items preserved as decisions rather than softened into narrative prose. The deliverable stays anchored on preliminary system safety assessment exception register, which makes the next reviewer able to reperform the path without rebuilding the file. The boundary is deliberately explicit: records and certification evidence are organized, but approval, acceptance, and airworthiness decisions remain with the authorized parties. The brief-specific angle is does the PSSA correctly derive item DALs and quantitative budgets from the FHA, and did those requirements actually land in item specifications. Evidence reviewed: preliminary fault trees against FHA classifications, FDAL and IDAL assignments with independence justifications, derived safety requirements and their allocation into system and item requirements, and architecture assumptions with their validation status. The failure pattern includes DAL reductions claimed via independence that the architecture does not provide, budgets that never flow into item requirements, and assumptions that quietly become facts without validation. The preliminary system safety assessment review preliminary system safety lane records how dal budget arp4761a affects assignments budgets trace, so this page carries vocabulary and failure modes that do not repeat the neighboring page set. The preliminary system safety assessment review safety assessment pssa lane records how arp4761a arp4754b certification affects trace both ways, so this page carries vocabulary and failure modes that do not repeat the neighboring page set. The preliminary system safety assessment review pssa dal budget lane records how certification assignments budgets affects ways derivation audit, so this page carries vocabulary and failure modes that do not repeat the neighboring page set. The preliminary system safety assessment review budget arp4761a arp4754b lane records how budgets trace both affects audit decision does, so this page carries vocabulary and failure modes that do not repeat the neighboring page set. The preliminary system safety assessment review arp4754b certification assignments lane records how both ways derivation affects does correctly derive, so this page carries vocabulary and failure modes that do not repeat the neighboring page set. The preliminary system safety assessment review assignments budgets trace lane records how derivation audit decision affects derive item dals, so this page carries vocabulary and failure modes that do not repeat the neighboring page set. The preliminary system safety assessment review trace both ways lane records how decision does correctly affects dals quantitative fha, so this page carries vocabulary and failure modes that do not repeat the neighboring page set. The preliminary system safety assessment review ways derivation audit lane records how correctly derive item affects fha did requirements, so this page carries vocabulary and failure modes that do not repeat the neighboring page set. The preliminary system safety assessment review audit decision does lane records how item dals quantitative affects requirements actually land, so this page carries vocabulary and failure modes that do not repeat the neighboring page set. The preliminary system safety assessment review does correctly derive lane records how quantitative fha did affects land specifications, so this page carries vocabulary and failure modes that do not repeat the neighboring page set. The preliminary system safety assessment review derive item dals lane records how did requirements actually affects preliminary system safety, so this page carries vocabulary and failure modes that do not repeat the neighboring page set. The preliminary system safety assessment review dals quantitative fha lane records how actually land specifications affects safety assessment pssa, so this page carries vocabulary and failure modes that do not repeat the neighboring page set. The preliminary system safety assessment review fha did requirements lane records how specifications affects pssa dal budget, so this page carries vocabulary and failure modes that do not repeat the neighboring page set. The preliminary system safety assessment review requirements actually land lane records how system safety assessment affects budget arp4761a arp4754b, so this page carries vocabulary and failure modes that do not repeat the neighboring page set. The preliminary system safety assessment review land specifications lane records how assessment pssa dal affects arp4754b certification assignments, so this page carries vocabulary and failure modes that do not repeat the neighboring page set. The preliminary system safety assessment review preliminary system safety lane records how dal budget arp4761a affects assignments budgets trace, so this page carries vocabulary and failure modes that do not repeat the neighboring page set. The preliminary system safety assessment review safety assessment pssa lane records how arp4761a arp4754b certification affects trace both ways, so this page carries vocabulary and failure modes that do not repeat the neighboring page set. The preliminary system safety assessment review pssa dal budget lane records how certification assignments budgets affects ways derivation audit, so this page carries vocabulary and failure modes that do not repeat the neighboring page set. The governing intent remains Verify PSSA-derived DALs, budgets, and safety requirements before they harden into the certification basis for items.. The operating angle for this page is Decision: does the PSSA correctly derive item DALs and quantitative budgets from the FHA, and did those requirements actually land in item specifications. Evidence reviewed: preliminary fault trees against FHA classifications, FDAL and IDAL assignments with independence justifications, derived safety requirements and their allocation into system and item requirements, and architecture assumptions with their validation status. Failure modes: DAL reductions claimed via independence that the architecture does not provide, budgets that never flow into item requirements, and assumptions that quietly become facts without.

Start with a single asset

Confirm requirements trace through verification.

Regulatory limits

EE organizes evidence and exceptions; it does not approve data, make compliance findings, determine airworthiness, or replace the applicant, designee, design organization, or authority.

What this review does not cover

  • Regulatory approval or acceptance
  • Design ownership or finding signature
  • Physical conformity inspection
  • Laboratory testing or manufacturing

Specific to this review

  • Configuration identity matters because evidence from another baseline may prove a different article, load, or installation.
  • A useful trail names the source record, revision, owner, and closure decision for each claim.
  • The exception list separates document-control cleanup from gaps that need engineering substantiation.
  • The finding pattern for this page is specific: DAL reductions claimed via independence that the architecture does not provide changes the strength of the certification argument.
  • The scope uses the Preliminary System Safety Assessment question as the control point, so the review stays tied to PSSA issue before item development starts and the buyer decision behind it.
  • The evidence starts with Preliminary fault trees against FHA classifications and follows Review Pssa Dal Budget references until every exception has a source location and a reason code.
  • The finding logic separates missing paperwork, conflicting status, stale revision data, and unsupported disposition because each class closes through a different owner.
  • The timing matters for safety engineer: the output is useful only if the unresolved items are visible before acceptance, submittal, handback, or negotiation pressure fixes the sequence.
  • The boundary control keeps Evidence Arp4761a Arp4754b Certification questions in the records or certification lane and sends technical acceptance issues to the authorized people who own them.
  • The handoff value comes from Preliminary system safety assessment exception register; it gives the next reviewer a precise map instead of another broad request for a better file.

Sources

Frequently asked questions

What makes this evidence review different from a general file audit?

The scope is tied to preliminary system safety assessment and to the decision named in the request. A general audit can list weak records; this pass ranks the gaps by whether they block pssa issue before item development starts or can be closed later without changing the decision.

What evidence has to be available before this work starts?

The starting point is preliminary fault trees against fha classifications, the current status source, and any index or matrix that tells reviewers where the supporting artifact should live. Missing inputs are logged as findings rather than filled with assumptions.

Who decides whether an open item is acceptable?

The review explains what the evidence supports and gives safety engineer a closure path. Acceptance remains with the buyer, operator, authority, delegated engineer, or authorized person responsible for the underlying airworthiness or certification decision.

Relevant glossary terms

Related pages

Where this fits

Talk to an engineer who has done this work

We will walk through your current state, the records or evidence involved, and a scoped first engagement.

Talk through the aircraft, records, evidence, deadline, and next useful step.