5. Design Considerations
SY S TE M S ENG IN E E R IN G GU I D E B O O K
199
5.23.1 Major Capability Acquisition Environment, Safety and Occupational Health
ESOH analyses are an integral, ongoing part of the SE process throughout the life cycle. DoDI
5000.88, Section 3.6.e. requires programs to use the SS methodology in MIL-STD-882 to
manage their ESOH considerations as an integral part of the program’s overall SE process. This
starts with including ESOH management planning in the SEP to cover technology development,
and system development activities and continues throughout the system’s life cycle.
DoD defines ESOH in MIL-STD-882 as “the combination of disciplines that encompass the
processes and approaches for addressing laws, regulations, EOs, DoD policies, environmental
compliance, and hazards associated with environmental impacts, system safety (e.g., platforms,
systems, system-of-systems, weapons, explosives, software, ordnance, combat systems),
occupational safety and health, hazardous materials management, and pollution prevention.”
The PM uses the SS methodology for the identification, documentation, and management of
environmental, occupational and health hazards and their associated risks during the system's
development and sustainment. The PM, with support from the Systems Engineer and SS SMEs,
eliminates hazards where possible, and manages environmental, occupational, and health hazards
risks where hazards cannot be eliminated.
The PM, Systems Engineer and SS SMEs should also identify and integrate environmental,
occupational and health hazards requirements into the SE process including, but not limited to,
complying with National Environmental Protection Act (NEPA), EO 12114, and applicable
environmental quality requirements, which will require assessing the system's operation and
maintenance pollutant emissions, prohibiting or strictly controlling the use of banned or
restricted hazardous materials, such as hexavalent chrome and ozone-depleting substances.
Results of environmental, occupational and health hazards and concerns are documented in the
PESHE and their NEPA/EO 12114 Compliance Schedule. The PESHE consists of the
environmental, occupational, and health hazard data, hazardous materials management data, and
any additional environmental, occupational and health compliance information required to
support analyses at test, training, fielding and disposal sites.
5.23.2 Software System Safety
Software System Safety (SSS) is defined in MIL-STD-882 as “the application of system safety
principles to software.” DoDI 5000.88, Section 3.6.e., requires the program to use the SEP to
document a strategy for the SS Engineering program including SSS in accordance with MIL-
STD-882. The standard provides a structured, yet flexible and tailorable, framework for the
assessments of software contribution to system risk. The assessment of risk for software, and
consequently software-controlled or software-intensive systems considers the potential risk
severity and degree of control the software exercises over the hardware, and dictates the level of
rigor (LOR) tasks needed to reduce the risk level. The LOR tasks and analyses specify the depth
and breadth of software analysis and verification and validation activities necessary to provide a
sufficient level of confidence and safety assurance that a safety significant software function will