**9. The Quality-Reliability-Risk-Safety Paradigm**

The concepts of quality, reliability, risk and safety are correlated, as shown in the FRAMED-IN-FRAM® diagram of quality-reliability-risk-safety paradigm (Thomas et al. [2]) in Figure 14.

**Figure 14.** The Quality-Reliability-Risk-Safety Paradigm.

### **10. Integration-In-Totality Principle—Linkages to Systems Engineering and Airworthiness**

In this section, the 'integration-in-totality principle' is explained in the context of systems engineering concepts applicable to reliability and airworthiness, and the linkage between the integration-in-totality principle and the "V-model of systems engineering" is established.

Systems engineering is the structured approach towards definition, implementation, integration and operation of a system to meet its functional, physical and operational performance requirements, in the given environment over the planned life cycle. The V-model captures the essence of the systems engineering process [37].

### *10.1. The Integration-In-Totality Principle Represented in the V-Model of Systems Engineering*

It is interesting to note that the system safety principle of integration-in-totality, with its axes of perspective, perception and performance, can be depicted in the V-model of systems engineering, as shown in Figure 15.

**Figure 15.** Integration-in-Totality Principle, Depicted in the V-Model of Systems Engineering.

### *10.2. The Systems Engineering Process and the Macro-Meso-Micro Levels of 'Axis of Perspective'*

The "axis of perspective", comprising of the macro-meso-micro levels of vertical integration in the integration-in-totality principle, can be viewed in two different ways in the V-model of systems engineering. The creation of a "system" in systems engineering is meant to meet the mission objective or the "purpose" [37]. This is achieved by means of various design teams (applying concurrent engineering concepts) working on multiple "subsystems" having their own "function". At a lower level, specialized design groups (applying the engineering design process) design the "components", forming part of the "equipment". Thus it can be seen that systems engineering follows the macro-meso-micro levels of system-subsystem-component bi-directionally, which in turn corresponds to the abstraction hierarchy levels of purpose-function-equipment, fundamental to the axis of perspective of the integration-in-totality principle.

The left leg of the systems engineering V-model represents the 'Formulation phases of decomposition and definition', wherein 'tearing down' of the system is done to reveal the complete system architectural design. The right leg of the V-model, on the other hand, represents the 'Implementation phases of integration and verification' that are effectively 'building up' the system from the component level to the functional sub-systems to the complete system. This traversal from the highest level to the lowest level and then back to the highest level, like the traversal from the bird's eye-view to the worm's eye-view and back, is in accordance with the "bi-directional synthesis" with "continuum approach" along the 'axis of perspective' of the integration-in-totality principle, as shown alongside the figure of V-model by bi-directional arrows. The same 'bi-directional synthesis' and 'continuum approach' are applicable along the 'axis of perception' and the 'axis of performance' as well.

### *10.3. The Systems Engineering Process and the Intent-Execution-Manifestation of 'Axis of Perception'*

The V-model of systems engineering, which is basically a process model, calls for moving down along the left leg by completing each phase sequentially and then moving up the right leg, applying the 'eleven systems engineering functions' at each stage to achieve the objectives [37]. This process traverses along the mental model path of intent-execution-manifestation of the "axis of perception" of the integration-in-totality principle. It can be seen that there is a one-to-one correspondence between the Intent and the manifestation at each level of execution (viz. the operational need of the system and the delivered capability; the functional requirement of the subsystem and the validated solution; and the detailed design of the equipment and the verified parts).

### *10.4. The Systems Engineering Process and the Design-Manufacture-Operation Path of 'Axis of Performance'*

The engineering design process (EDP) in the V-model follows the "axis of performance" of design-manufacture-operation. As illustrated in the representative V-model of systems engineering in Figure 15 linking it to the integration-in-totality principle, the axis of performance can also be shown perpendicular to the plane of the page bi-directionally, since the same V-model having the axes of perspective and perception is applicable not only for design in the plane of the diagram, but also for the parallel planes for manufacture and operation as well.

### *10.5. Integration-In-Totality Principle in Airworthiness Certification*

The operational requirements of an aircraft or an aero engine are specified by the customer and designed, manufactured and maintained by the contractor firm having the 'system design responsibility (SDR)'. The design organization holds the 'type approval' which is obtained through an elaborate type certification process undertaken by a dedicated airworthiness certification agency. The 'military type qualification process' regulates the procedures concerning the military aircraft 'type qualification' for performance and 'certification' for airworthiness, and the qualification and suitability for installation of pertinent systems.

Typically, the verification process of a 'type design' for airworthiness is done in a three-stage process, viz. (i) definition of the type in accordance with approved documentation or design standard, (ii) definition of the 'means of compliance' to demonstrate each requirement as per the qualification programme plan, and (iii) demonstration of compliance with the safety requirements. It can be seen from the foregoing discussions that the integration-in-totality principle, with its three axes of perspective, perception and performance, can be used as a valuable theoretical foundation for airworthiness certification, including for continuing and continued airworthiness, since it takes care of all the related aspects of reliability, risk, safety and quality.

### **11. Integration-In-Totality Principle—Linkage to Risk Management**

### *11.1. Risk Management and System Safety*

"Safety is the state in which risk (of personal harm or property damage) is reduced to and maintained at or below an acceptable level, through a continuing process of hazard identification and risk management", according to the ICAO definition [8]. Quantitative risk managemen<sup>t</sup> is done based on the assessment of 'probability' of occurrence of safety hazards/events and 'severity' of their consequences. The integration-in-totality principle, being the system safety principle based on systems thinking in safety, has go<sup>t</sup> major relevance in the process of identifying the hazards and managing the associated risks. This is done by way of mitigating the risk through necessary corrective actions in the short term and eliminating the risk altogether through e ffective preventive actions for the long term.

### *11.2. Risk Management along the Axes of Perspective, Perception and Performance*

Risk managemen<sup>t</sup> in an organization is carried out at di fferent levels. 'Organizational risk management' is concerned with the threats and opportunities external to the organization, and hence is 'strategic' in nature. 'Operational risk management', on the other hand, deals with the weaknesses and strengths within the organization and are therefore 'tactical' and 'operational' in practice. Hence it can be seen that risk managemen<sup>t</sup> has a strategic-tactical-operational continuum of vertical integration as shown in Figure 7, along the 'axis of perspective' of the integration-in-totality principle.

Risk managemen<sup>t</sup> also works along the 'axis of perception'. The disconnect between the design intent, manufacturing execution and the operational manifestation are to be captured by applying forward-looking and backward-looking logics respectively between the safety event and the cause/consequence using the various inductive and deductive techniques of system safety analysis. This requires 'bidirectional synthesis' along the intent-execution-manifestation continuum in the axis of perception of integration-in-totality principle.

Analyzing the system along the 'axis of performance' of the design-development-manufacturingtesting-operation continuum also is equally important for risk management, to understand the system deficiencies and vulnerabilities along the path. Bi-directional synthesis along the chain of adjacent operations, treating the personnel dealing with the next phase or process or operation as the external/internal customer is very important for achieving risk mitigation at each stage, bringing down the probability of occurrence of safety events and severity of their consequences. In order to mitigate risk, and enhance quality, reliability and safety, it is necessary to act upon the accident precursors, pathogens and latent defects in a near-miss managemen<sup>t</sup> framework early on along the axis of performance of the integration-in-totality principle.

### **12. Integration-In-Totality Principle—Linkage to Strategic Quality Management**

### *12.1. Strategic Quality Management—A Convergence Concept*

Quality as an organizational function has evolved over the years, from inspection to quality-control to quality-assurance to company-wide-quality-control to total-quality-management to strategic-quality-management. In the process, the tenets of quality also go<sup>t</sup> enlarged with a snowballing effect, encompassing and subsuming the product, process, system, people, improvement-cycle and risk [38]. Strategic quality managemen<sup>t</sup> (SQM) is a convergen<sup>t</sup> concept, combining the basic concepts of total quality managemen<sup>t</sup> and corporate strategy managemen<sup>t</sup> [39].

### *12.2. Integration-In-Totality Principle and Strategic Quality Management*

The integration-in-totality principle is the pivotal concept which can bridge the gap between the two parallel knowledge fields of safety and quality, by integrating the concepts of systems thinking in aerospace safety and strategic quality management, as shown in Figure 16.

Strategic quality managemen<sup>t</sup> and system safety principles represent the latest developments in the fields of quality and safety, respectively. Quality and safety are linked through the quality-reliability-risk-safety paradigm presented in an earlier section [2], and strategic quality managemen<sup>t</sup> has risk-based thinking as one of the cornerstones [39]. Hence application of strategic quality managemen<sup>t</sup> and integration-in-totality principle together in the systems thinking framework can help understand aerospace systems like aircraft, aero engines, etc. better and achieve performance enhancement of the system, applying quantitative analysis using predictive analytics, and also employing qualitative analysis techniques like functional resonance analysis method (FRAM).

**Figure 16.** Theoretical Foundation of Applying Integration-in-Totality Principle in Strategic Quality Management.
