Artifact: Hazard Analysis
The hazard analysis relates faults, risks, probability, losses, severity of losses, fault tolerance times, and control measures together.
Domains: Development
Purpose
The purpose of the hazard analysis is to list the hazards of a system the severity of each, and correlate them with the faults that can lead to them, the probability of each such fault, the length of time the fault can be tolerated, and the control measure to obviate or handle the fault.
Relationships
Description
Main Description

The hazard analysis is a key document for safety critical systems (see Term Definition: Safe) as it combines the description of the hazards, the level of risk, system faults that can lead to the hazard, and the control measures all together in a single view. The Fault is a non-compliance of the system that can lead to the identified hazard. The severity is a measure of how bad the hazard is (an arbitrary scale of 1-10 is used often used). The Risk is a value computed by the likelihood multiplied by the severity of the occurrence.

All safety critical systems are real-time systems as well, since each fault has a period of time that it can be tolerated (called its Fault Tolerance Time). To be considered safe against a specific fault, the sum of the fault detection time and the control time (the time required for the control measure to handle the fault) must be less than or equal to the fault tolerance time.

The hazard analysis is usually coupled with one or more Fault Tree Analysis (FTA) to show how faults and other conditions can combine to lead to hazards.

The hazard analysis is created during the requirements analysis phase but not all aspects (such as the control measures) may be identified early on. The hazard analysis should be maintained throughout the development cycle - as new hazards or faults are identified, they must be added to the table. As control measures are specified, the analysis must be updated as well.

Key Considerations
All the relevant hazards of the system and the faults that can lead to those hazards must be identified in the hazard analysis.
Tailoring
Reasons for not needingThe hazard analysis is only needed for safety critical systems but should be present for all such systems.
Representation OptionsMost often, the hazard analysis is represented within a spreadsheet, but other textual representations are used as well.
More Information