If you spend any amount of time around safety engineering, you will hear the same words repeated over and over again—hazard, risk, severity, likelihood—to the point where they start to feel almost interchangeable, as though everyone shares the same understanding simply because the terminology is familiar. The reality is a bit less tidy than that. […]
There was a time when most aviation safety discussions were grounded firmly in the physical world, where structures, engines, and mechanical systems dominated the conversation, and where failure could be understood through deformation, fracture, or wear, all of which followed patterns that engineers had spent decades learning to predict and manage. Software, by contrast, existed
In aviation safety systems, independence is one of those concepts that is always present, always referenced, and almost never as clean in practice as it appears on paper, particularly when you look across regulatory systems such as the Federal Aviation Administration, the European Union Aviation Safety Agency, the Civil Aviation Authority, the Civil Aviation Safety
There is a line that sits quietly behind most safety decisions, usually referenced without much discussion, coming from the Work Health and Safety Act 2011, which says that cost can only be considered after risk, and even then only where it is grossly disproportionate. On paper, that aligns neatly with how certification activities are supposed
Air Transat Flight 236 ran out of fuel over the Atlantic Ocean approximately 120 miles from the Azores, descended from 39,000 feet as a fully loaded A330 glider, and landed on a military runway with no hydraulic pressure, minimum braking, and all engines shut down. All 306 people on board survived. Eight were seriously injured
The Space Shuttle Columbia disintegrated during re-entry on 1 February 2003, killing all seven crew members. The proximate cause was a breach in the leading edge of the left wing, created when a piece of foam insulation broke off the external tank 81.9 seconds after launch and struck the reinforced carbon-carbon panels at high velocity.
Risk assessments are everywhere in aviation. Before a change. After an incident. During design. During operations. During audits. We fill in the tables. We assign severity and likelihood. We land somewhere in the matrix. Maybe we add a mitigation or two. And then there’s this quiet, unspoken feeling: “ok, we’ve assessed the risk—so we’re good.”
This case study sits at the boundary of aviation and autonomous systems — included here because the failure modes it demonstrates are directly relevant to autonomous aviation, and because the safety architecture questions it raises are central to the certification of autonomous flight systems. On 18 March 2018, an Uber self-driving Volvo XC90 test vehicle
On 29 January 2025, American Eagle Flight 5342 — a CRJ-700 regional jet on approach to Washington Reagan National Airport’s Runway 33 — collided with a US Army UH-60 Black Hawk helicopter conducting a training flight over the Potomac River. All 67 people on both aircraft died. It was the deadliest aviation accident in the
In engineering, we usually assume that better means smoother. Less vibration. Less noise. Less workload. More automation. Fewer surprises. And most of the time, that’s true. That’s basically the whole direction aviation has been moving in for decades. But every now and then, you start to notice something slightly uncomfortable: when you remove enough “rough
