This paper summarizes and examines the probabilistic criteria (regulations and guidance) in two U.S. government documents intended to ensure acceptably-safe designs of commercial-airplane systems, which are also the probabilistic criteria used by the Boeing Commercial Airplanes company. Specialized terminologies in the documents are clarified and the author interprets the probabilistic criteria so they can be more easily understood. Then he explains why he believes those now 30-year-old criteria to be both ambiguous and seriously flawed. Although failure conditions assumed to always cause catastrophic accidents ("Catastrophic Failure Conditions") are satisfactorily addressed, failure conditions that can but usually don't develop into catastrophic accidents ("Major Failure Conditions") are not. They are implicitly assumed to cause catastrophic accidents only once in 10,000 occurrences, which is extremely optimistic and thus can grossly underestimate safety risk. Then the author discusses how the flaws in those criteria may have played a part in two recent catastrophic 737 MAX accidents, and finally suggests how those criteria might be improved.
