Verification of Compliance Matrix
advertisement
Verification of Compliance Matrix
1
PURPOSE
This document contains guidance, in the form of a template, to help ANSPs and manufacturers organize the conformity assessment of their systems and
constituents as required by the interoperability Regulation (EC Regulation 552/2004). Specifically, it provides a suggested means of identifying and documenting
evidence that the general essential requirements (Part A of Annex II of EC Regulation 552/2004) have been complied with.
2
INSTRUCTIONS FOR USE
This template forms part of the wider process of conformity assessment, as described in the EUROCONTROL guidelines on conformity assessment (EUROCONTROLGUID-137 available at http://www.eurocontrol.int/conformity). Annex F of the guidelines describes how to undertake verification activities and references this
template as a suggested means of gathering evidence.
This document includes grey text, which provides explanation or instructions for completion. This text should either be removed or replaced with text that relates to
the system or constituent that is being verified.
The template consists of a table (see section 3) of four columns, each of which is described below in the example.
Column 1
(ERs)
Column 2 (Verification elements)
Column 3
(Interpretation)
Column 4 (Evidence)
The text of the
seven
essential
requirements
from
552/2004.
Each
paragraph is
treated in turn.
The ER paragraphs are broken down into
‘verification elements’ that can be
demonstrated by means of evidence and
supporting rationale. For example ER1
includes the notion of systems and
constituents being ‘built’ to ensure seamless
operation. ‘Built’ is therefore identified as a
verification element for which evidence should
be cited in order to justify compliance.
The
interpretation
column provides
additional
guidance and
questions to aid
in understanding
the verification
elements.
Evidence could be that the system has passed the site acceptance test
which includes a demonstration of the built system operating as it was
designed to. The evidence column includes suggested examples of the
types of evidence (e.g. designation of the reference documents, test
results etc.) that could be used to demonstrate compliance. Whether or
not these specific examples apply, depends on the system or
constituent in question and on the processes followed when putting it
into service. As the list of suggested evidence is non-exhaustive,
further types of evidence may be more relevant.
EATMN systems specified in Annex I of the interoperability regulation are required to demonstrate compliance to the essential requirements and relevant
implementing rules for interoperability before they are put into service. Similarly, a demonstration of compliance is required for constituents placed on the EU market.
To support this requirement, a completed version of the table in section 3 (or equivalent if not using the template) can be provided for each EATMN system or
constituent. Not all ERs apply to all systems and constituents and so it is left to the manufacturer/ANSP to determine whether to provide separate versions of the
table for each constituent or to combine them into one as part of the system-level compliance.
The template can be expanded to encapsulate other applicable regulatory requirements from the specific ERs (Part B of Annex II of EC Regulation 552/2004) or
from other IRs for interoperability. However, these requirements have not been included as they are very much system- or IR- dependent. Further details on the
verification against IRs are included in Annex F.3 of the guidelines.
It is to be noted that where a Community specification applies, there may be no need for this template as the CS already includes a similar traceability table with the
ERs and/or relevant IRs for interoperability. Once completed, the table can be submitted as part of the technical file or accompanying documents.
Verification of Compliance
Version 1.0
Page 1
3
COMPLIANCE TEMPLATE
The following table demonstrates how {insert system/constituent name} satisfies compliance with the applicable regulatory baseline as specified in {insert reference
to regulatory baseline – note that additional elements of the regulatory baseline, e.g. IR requirements should be added as new rows in the table}
Reg 552/2004 Annex II Part A
Essential Requirements
Verification
elements
Evidence supporting verification of compliance
(suggested examples of evidence in grey)
Interpretation
ER1: Seamless operation
Air traffic management
systems and their constituents
shall be designed, built,
maintained and operated using
the appropriate and validated
procedures, in such a way as
to ensure the seamless
operation of the EATMN at all
times and for all phases of
flight. Seamless operation can
be expressed, in particular, in
terms of information sharing,
including the relevant
operational status information,
common understanding of
information, comparable
processing performances and
the associated procedures
enabling common operational
performances agreed for the
whole or parts of the EATMN.
Verification of Compliance
Designed
What is the system or
constituent design?
What are the operational
and technical requirements
placed on the system or
constituent to ensure
seamless operation (e.g.
information sharing,
performances,
procedures?
- system/constituent design documents
- documentation that the overall design defines an assembly of
constituents
- references to the interface control documents (including interfaces with
external systems/ constituents)
- references to documents regarding operational and technical
requirements
Built
How is it ensured that the
system or constituent has
been constructed, installed
and configured to satisfy
the intended requirements
in terms of seamless
operation (e.g. information
sharing, performances,
procedures?
- that the system or constituent meets the technical specifications and
Community specifications (CS) used for procurement of the system or
constituent
- EC declarations, certificates and implementation conformance
statements
- site acceptance test (SAT) results
- pre-operational test results
Maintained
What maintenance
procedures are in place
(including responsibilities)
to support to ensure
seamless operation (e.g.
information sharing,
performances,
procedures?
- maintenance procedures
- proof of personnel qualifications
- inspection results
Version 1.0
Page 2
Reg 552/2004 Annex II Part A
Essential Requirements
Verification of Compliance
Interpretation
Evidence supporting verification of compliance
(suggested examples of evidence in grey)
Operated
What procedures
(operational and technical)
are in place to ensure that
the system or constituent
satisfies operational
requirements? How are
these validated?
- references to documents regarding operational and technical
requirements
- licences, installation configurations and conditions of use
- letters of agreement (LoA)
- validated operating procedures
- flight trial data
Information
sharing (importing
and exporting of
information/data)
How is common
understanding of
information ensured?
- adherence to standard reporting formats (e.g. ICAO, EUROCAE,
EUROCONTROL specified formats)
- description of interface between technical systems
- system parameters including technical parameters (e.g. capacity,
bandwidth, processing capacity) and operational parameters (e.g. aircraft
per controller per hour)
- references to handover procedures that ensure operational
performance
- SAT results confirming comparable processing capabilities for units
sharing information
- reference to any industry standards used
Verification
elements
Version 1.0
Page 3
Reg 552/2004 Annex II Part A
Essential Requirements
Verification
elements
Evidence supporting verification of compliance
(suggested examples of evidence in grey)
Interpretation
ER2: Support for new
concepts of operation
The EATMN, its systems and
their constituents shall
support, on a coordinated
basis, new agreed and
validated concepts of
operation that improve the
quality, sustainability and
effectiveness of air navigation
services, in particular in terms
of safety and capacity
New and validated
concepts of
operation
Can the
system/constituents
support new operational
concepts?
- paper-based rationale demonstrating consideration of, and where
possible compliance with, new and envisaged concepts of operations
(e.g. references to concepts in the European ATM Master Plan)
- evidence (eg reference to requirements) that forward-looking
considerations having been taken into account, for example the
replacement of legacy equipment with forward-compatible equipment
Improved quality,
sustainability and
effectiveness
Can improved or increased
quality, sustainability and
effectiveness be
demonstrated?
- description of how the system and its constituents improve the quality
and performance of air navigation services, in particular with respect to
concepts that improve safety and capacity (detailed safety evidence
should be provided as part of ER3)
- description of how the system improves environmental, economic and
social sustainability by referencing the satisfaction of design
requirements that demonstrate improved environmental, economical and
social performance of air navigation services
The potential of new concepts,
such as collaborative decisionmaking, increasing automation
and alternative methods of
delegation of separation
responsibility, shall be
examined taking due account
of technological developments
and of their safe
implementation, following
validation.
New concepts
examined
Verification of Compliance
- refer to operational concept documents such as those of EUROCONTROL
and SESAR to show how new concepts have been taken into account
- description of any new concepts examined and how they have been
considered in the system or constituent
Version 1.0
Page 4
Reg 552/2004 Annex II Part A
Essential Requirements
Verification
elements
Evidence supporting verification of compliance
(suggested examples of evidence in grey)
Interpretation
ER3: Safety
Systems and operations of the
EATMN shall achieve agreed
high levels of safety. Agreed
safety management and
reporting methodologies shall
be established to achieve this.
Agreed safety
management and
reporting
methodologies
Have high levels of safety
been agreed?
In respect of appropriate
ground-based systems, or
parts thereof, these high levels
of safety shall be enhanced by
safety nets, which shall be
subject to agreed common
performance characteristics.
Safety nets (not
duplicate or
standby systems)
Have safety nets been
agreed for ground-based
systems?
- paper-based rationale demonstrating compliance with the safety
requirements specified in the common requirements and Regulation (EC)
No. 482/2008 (ESARR6) for software
- reference to documents regarding operational and technical
requirements
A harmonised set of safety
requirements for the design,
implementation, maintenance
and operation of systems and
their constituents, both for
normal and degraded modes
of operation, shall be defined
with a view to achieving the
agreed safety levels, for all
phases of flight and for the
entire EATMN.
Safety
requirements
What safety requirements
have been established for
the system and its
constituents?
-
Normal and
degraded modes
(safety aspects)
Have agreed levels of
safety been established
with regard to normal and
degraded modes of
operation?
- describe what constitutes normal and degraded modes of operation of
the system/constituent
- severity and risk classification scheme
- safety assessment in accordance with relevant legislation, namely
Regulation (EU) No. 1035/2011 and Regulation (EC) No. 482/2008
(ESARR6)
Agreed safety
levels for all
phases of flight
Have agreed safety levels
been defined for the
system/constituent
covering all phases of
flight?
- show how the agreed safety levels (as verified above) relate to all
relevant phases of flight and are adhered (e.g. in the safety case, safety
management system)
Verification of Compliance
Is a safety management
and reporting system in
place?
Version 1.0
- application of safety requirements, including those specified in the
common requirements
- severity and risk classification scheme
- safety assessment in accordance with relevant legislation, namely
Regulation (EU) No. 1035/2011 and Regulation (EC) No. 482/2008
(ESARR6)
- existing safety management system
- refer to documented procedures and reporting systems
-
safety requirements that were produced and documented in design
specifications and any applicable safety case
relevant safety requirements identified in implementing rules for
interoperability meet by the system/constituent
Page 5
Reg 552/2004 Annex II Part A
Essential Requirements
Verification
elements
Systems shall be designed,
built, maintained and operated,
using the appropriate and
validated procedures, in such
a way that the tasks assigned
to the control staff are
compatible with human
capabilities, in both the normal
and degraded modes of
operation, and are consistent
with required safety levels.
Compatible with
human
capabilities
Systems shall be designed,
built, maintained and operated
using the appropriate and
validated procedures, in such
a way as to be free from
harmful interference in their
normal operational
environment.
Free from harmful
[electromagnetic]
interference
Verification of Compliance
Normal and
degraded modes
(HMI aspects)
Evidence supporting verification of compliance
(suggested examples of evidence in grey)
Interpretation
How is it ensured that the
system design,
construction and
maintenance take staff
capabilities into account
(under normal and
degraded operating
conditions)?
- measures taken to ensure that system design, construction and
maintenance are compatible with staff capabilities
What protective facilities
are in place to ensure that
the system is free from
harmful interference?
- demonstrate that constituents of the system meet the requirements of
the R&TTE and EMC Directives (provide DoC under these Directives)
- confirmation (through testing) that system is not adversely effected by
other systems and does not cause harmful interference to other systems
- frequency licensing details (where applicable)
Version 1.0
Page 6
Reg 552/2004 Annex II Part A
Essential Requirements
Verification
elements
Evidence supporting verification of compliance
(suggested examples of evidence in grey)
Interpretation
ER4: Civil-military
coordination
The EATMN, its systems and
their constituents shall support
the progressive
implementation of civil/military
coordination, to the extent
necessary for effective
airspace and air traffic flow
management, and the safe
and efficient use of airspace
by all users, through the
application of the concept of
the flexible use of airspace.
Support civil /
military
coordination
- provide detail of interfaces with military systems/constituents to enable
coordination and information sharing for the flexible use of airspace
Effective airspace
and air traffic flow
management
Is airspace managed
effectively?
- reference to documented levels of cooperation, flexible use of airspace
policy and any flow management improvements that are introduced by
the system or constituent and within the responsibility of the ANSP
Safe and efficient
use of airspace
Does the
system/constituent
contribute to the safe and
efficient use of airspace for
civil and military users?
- operational concept
- operating procedures
- statistics for checking efficiency
- annual report in accordance with 2150/05 Article 8
- route Availability Document (RAD) from EUROCONTROL
To achieve these objectives,
the EATMN, its systems and
their constituents shall support
the timely sharing of correct
and consistent information
covering all phases of flight,
between civil and military
parties.
Sharing of timely
and correct
information
between civil and
military parties.
How is the timely and
accurate sharing of
information ensured?
- operational concept
- operating procedures
Account should be taken of
national security requirements.
National security
How are national security
requirements met?
- details of how national security requirements are met
Minimise
environmental
impact
How is it ensured that the
impact of operation of the
system on the environment
is minimised?
- feasibility studies
- site certifications (for transmitters)
- demonstrate compliance with relevant EU legislation (e.g. Directive
2002/30 on noise restrictions, Directive 2008/50 on ambient air quality,
RoHS & WEEE Directives on hazardous substances and waste)
- environmental impact studies
ER5: Environmental
constraints
Systems and operations of the
EATMN shall take into account
the need to minimise
environmental impact in
accordance with Community
legislation.
Verification of Compliance
Version 1.0
Page 7
Reg 552/2004 Annex II Part A
Essential Requirements
Verification
elements
Evidence supporting verification of compliance
(suggested examples of evidence in grey)
Interpretation
ER6: Principles governing
the logical architecture of
systems
Systems shall be designed
and progressively integrated
with the objective of achieving
a coherent and increasingly
harmonised, evolutionary and
validated logical architecture
within the EATMN.
Logical
architecture
- documents in which the selected logical architecture is described
- reference to interface standards
ER7: Principles governing
the construction of systems
Systems shall be designed,
built and maintained on the
grounds of sound engineering
principles, in particular those
relating to modularity, enabling
interchangeability of
constituents, high availability,
and redundancy and fault
tolerance of critical
constituents.
Sound
engineering
principles
Which appropriate
technical principals where
considered in designing
the system?
- system design document
- system specifications
Modularity
How is modularity of the
system ensured?
- diagram showing modularity of the system
Interchangeability
of constituents
How is interchangeability
of constituents ensured?
- diagram showing interchangeable constituents
- maintenance guidelines
Availability
Has the capability of the
EATMN system to provide
high availability without
interruption of service been
assessed?
- system design document
- system specifications
- identification of standby, fallback and contingency systems
- rationale or reference to technical documents showing that the system
can achieve the required level of availability
Redundancy
Fault tolerance
Verification of Compliance
Version 1.0
Page 8
