Home / Standards / ARP 4761
Standard · ARP 4761 / ARP 4754A
ARP 4761 — Fault Tree Analysis for Civil Aerospace
SAE ARP 4761 (paired with ARP 4754A) defines the safety assessment process for civil aircraft systems certified under FAR/CS-25 §1309. Fault Tree Analysis is the standard's deductive technique for verifying that Catastrophic and Hazardous failure conditions meet the quantitative probability requirements that drive Development Assurance Level (DAL) assignment.
The FHA → PSSA → SSA flow
ARP 4761 partitions the safety assessment into three sequential analyses, each with FTA as a core technique:
- FHA (Functional Hazard Assessment) — identifies failure conditions and assigns severity (Catastrophic / Hazardous / Major / Minor / No-effect) and quantitative probability targets.
- PSSA (Preliminary System Safety Assessment) — top-down allocation; FTA is used to derive component-level probability budgets from the system-level targets.
- SSA (System Safety Assessment) — bottom-up verification; FTA on the implemented architecture is compared against the PSSA targets, completed by Common Cause Analysis (CCA = particular-risk + zonal + common-mode).
DAL classification and probability targets
| Failure condition | DAL | Probability target |
|---|---|---|
| Catastrophic | A | < 1×10⁻⁹ per flight hour |
| Hazardous / Severe-major | B | < 1×10⁻⁷ per flight hour |
| Major | C | < 1×10⁻⁵ per flight hour |
| Minor | D | < 1×10⁻³ per flight hour |
| No safety effect | E | — |
How FTA Studio supports ARP 4761
- IEC 61025 symbol set — meets ARP 4761 Appendix L geometry expectations.
- Mission-time configurable per project — the SSA flight-hour basis runs from short-mission (1 h sortie) up to long-mission (25,000 h fleet-life) computations.
- Common-cause modelling — Beta-factor CCF blocks for the redundant-system AND structures that hit the < 10⁻⁹ /h floor.
- Monte Carlo (Enterprise) — lognormal leaf distributions yield mean and 95th-percentile top-event probabilities, the format SSA reviewers prefer.
- IEC JSON export — round-trippable artefact suitable for the certification data package.