System Safety Pro: January 2025

Monday, January 27, 2025

How to Get the Most from The Safety Artisan #1

In this post, 'How to Get the Most from The Safety Artisan #1' I will show you some of the free resources you can access...

Welcome

Hi everyone, and welcome to The Safety Artisan, my name is Simon and I'm a professional system safety engineer with more than 25 years of experience in various industries.

Simon Di Nucci, FIE(Aust), MSc, CPEng NER

In the next three posts, I'm going to tell you how to get the most from The Safety Artisan website. I'm going to start with the basics.

Start Here

As the name suggests, start here is a good place for newcomers to start looking at blog posts and lesson videos. Most of them are Free!

Now, before you skip this bit because you've done some work in safety before, let me share two things with you.

Concepts

I have worked on many projects where we didn't have a clear and unambiguous idea of what 'safe' means. I'm not joking!

That's right, we were spending lots of money trying to make something safe, but we didn't really know what that meant. Surprisingly, the bigger and more expensive the project, the more difficult it is to get a clear picture of the basics. This might sound daft but on a big project, you have to work hard to stay focused on the fundamental principles of what you're trying to achieve.

If from the very beginning, you can understand clearly what safe means in your particular domain is, and how are you are going to manage risk, then you can arrive at a successful end game. But it's not easy.

Second, Differences Across Countries and Industries

Another point to note is that many industries do things differently. You may have worked in rail, or in a chemical plant, or with ships, submarines, or planes and you know how safety works in your industry. But it's still good to learn from others - and their mistakes.

'Learn from others' Mistakes' said Bismark.

I have worked in all of these industries - and more - and I can tell you that the way things are done in different domains varies greatly. So when you're going for an interview, or when you're starting a new job, you might get some surprises...

The law on safety (and environmental protection) also varies from country to country. I've worked on projects in the UK, Australia, Europe, and the USA, and there are significant differences in practice. In particular, I emigrated from the UK to Australia, and I've compared practices in the two countries.

Coming Next...

Next week I will tell you about the more advanced topics that I cover. In the Third Post, I will talk about how you can connect with The Safety Artisan and get the online learning that YOU want.

#coursesafetyengineering #engineersafety #howtoriskassessment #howtoriskassessmentanalysis #ineedsafety #knowledgeofsafety #learnriskassessment #riskassessmenttechnique #riskassessmenttraining #riskassessmenttutorial #riskassessmentvideo #safetyblog #safetydo #safetyengineer #safetyengineerskills #safetyengineertraining #safetyengineeringcourse #safetyprinciples #softwaresafety #theneedforsafety

Simon Di Nucci https://www.safetyartisan.com/2021/08/25/how-to-get-the-most-from-the-safety-artisan-1of3/

FREE for FIVE DAYS ONLY
FREE for FIVE DAYS ONLY: All courses. Get $320 worth of courses for FREE.

Use these Links to make a (free) purchase of all courses within FIVE DAYS; once purchased, you can access them forever.

- PHI. https://www.udemy.com/course/how-to-preliminary-hazard-identification-mil-std-882e/?couponCode=3B647B2601765A24E3DF

- PHA. https://www.udemy.com/course/how-to-preliminary-hazard-analysis-mil-std-882e/?couponCode=D058185509903D726D56

- SRHA. https://www.udemy.com/course/how-system-requirements-hazard-analysis-with-mil-std-882e/?couponCode=75C1A9AD498E27B54297

- SSHA. https://www.udemy.com/course/how-to-sub-system-hazard-analysis-with-mil-std-882e/?couponCode=B4AC57607BD4D4CBEB7E

- SHA. https://www.udemy.com/course/system-hazard-analysis-with-mil-std-882e/?couponCode=4FDF41E4B2323B6B1656

- O&SHA. https://www.udemy.com/course/how-to-operating-support-hazard-analysis-mil-std-882e/?couponCode=EE860D71ADE8E63F7F73

- HHA. https://www.udemy.com/course/how-to-do-health-hazard-analysis-with-mil-std-882e/?couponCode=F737841C3E04393D94BC

- FHA. https://www.udemy.com/course/how-to-do-functional-hazard-analysis-with-mil-std-882e/?couponCode=1965EEBB198045B94788

- SoSHA. https://www.udemy.com/course/how-to-do-system-of-system-hazard-analysis-with-mil-std-882e/?couponCode=8BC6461BFE39AD45C419

- EHA. https://www.udemy.com/course/how-to-do-environmental-hazard-analysis-with-mil-std-882e/?couponCode=C307CCB7F61D0046F44F

- System Safety Process. https://www.udemy.com/course/system-safety-engineering-process/?couponCode=F8E483D24B3EF0535598

- SSRAP 1 & 2 (includes SATO). https://www.udemy.com/course/system-safety-risk-analysis-programs/?couponCode=786058D5B3479CF954A7

************************************************

This series of courses teaches the system safety analysis tasks from Mil-Std-882E. When combined, they allow us to assess a system's safety in its given role and operating environment.

Design a Safety Risk Assessment Program for ANY system in ANY application. This course covers all ten analysis tasks from the defense system safety standard Mil-Std-882E.

Whatever it is, you will learn how to tailor your risk assessment, using the analyses you need. You will be able to meet your legal and regulatory requirements. Once you’ve learned how to do this, you can apply it to almost any system. There are ten lessons.

I just posted these courses on Udemy, and they are on sale at unbeatable prices. Please use these links to access the courses; otherwise, Udemy takes 67% of my revenue!

Introduction to System / Product / Design Safety Concepts

NEW! Get the FREE introductory course here: https://www.udemy.com/course/introduction-to-system-product-design-safety-concepts/?referralCode=E173BDB0AD2525946E04

Preliminary Hazard Identification, Task 201

https://www.udemy.com/course/how-to-preliminary-hazard-identification-mil-std-882e/?referralCode=F681CF650D3BDDAD307B

Preliminary Hazard Analysis, Task 202

https://www.udemy.com/course/how-to-preliminary-hazard-analysis-mil-std-882e/?referralCode=1A153CA582E27235304D

System Requirements Hazard Analysis, Task 203

https://www.udemy.com/course/draft/6201059/?referralCode=919C1FCE9C325351BA24

Sub-System Hazard Analysis, Task 204

https://www.udemy.com/course/draft/6198979/?referralCode=D014CFEB810BD288A741

System Hazard Analysis, Task 205

https://www.udemy.com/course/draft/6213023/?referralCode=C586042AEC0B17DD4A0D

Operating & Support Hazard Analysis, Task 206

https://www.udemy.com/course/draft/6222279/?referralCode=52AC8A5582A67DE77BB0

Health Hazard Analysis, Task 207

https://www.udemy.com/course/draft/6222285/?referralCode=F589E3A00F2F19CACDD3

Functional Hazard Analysis, Task 208

https://www.udemy.com/course/draft/6238409/?referralCode=4253568A1CF2CD848BB8

System of Systems Hazard Analysis, Task 209

https://www.udemy.com/course/draft/6243643/?referralCode=AEE718911215D78E6D94

Environmental Hazard Analysis, Task 210

https://www.udemy.com/course/draft/6238409/?referralCode=4253568A1CF2CD848BB8

Meet the Author

Learn safety engineering with me, an industry professional with 25 years of experience, I have:

•Worked on aircraft, ships, submarines, ATMS, trains, and software;

•Tiny programs to some of the biggest (Eurofighter, Future Submarine);

•In the UK and Australia, on US and European programs;

•Taught safety to hundreds of people in the classroom, and thousands online;

•Presented on safety topics at several international conferences.

Simon Di Nucci https://www.safetyartisan.com/2025/01/25/free-for-five-days-only/

Sunday, January 26, 2025

Friday, January 24, 2025

Navigating the Safety Case
Navigating the Safety Case is Part 4 of a four-part series on safety cases. In it, we look at timing issues and typical content through the safety case lifecycle.

A Comprehensive Guide to Ensuring Project Safety

When embarking on any significant project, ensuring safety isn’t just a step in the process—it’s the foundation of success. A Safety Case is the bedrock of this commitment, systematically building the evidence needed to demonstrate that a system is safe for use throughout its lifecycle. Here's a vibrant, step-by-step guide to understanding and implementing Safety Cases effectively.

Starting the Safety Journey: Initiation

The moment that Safety Management activity kicks off, the Safety Case begins to take shape. Think of it as an evolving tapestry where each thread represents a layer of safety assurance.

Milestone Checkpoints: Producing Safety Case Reports

Safety Case Reports should be produced at pivotal milestones to maintain accountability and ensure progress. These reports not only showcase progress but also serve as vital checkpoints to align all stakeholders. Common milestones include:

- Approval of the Outline Business Case

- Approval of the Full Business Case

- Authorization to begin demonstration trials

- Completion of major design phases

- Commitment to production

- Testing, acceptance, and user trials

- System introduction to service

- Design or material state updates (e.g., midlife refresh)

- Operational changes

- Disposal of the system

These reports should align with the Project Safety Management Plan, serving as contractual deliverables between the contractor and the project team.

Keeping it Alive: Periodic Reviews

Safety isn’t static. The Safety Case is a living document requiring ongoing updates, reviews, and configuration control. Regular reviews ensure it adapts to new challenges, emerging risks, and evolving system requirements.

Gathering Insights: Required Inputs

To build a robust Safety Case, a wealth of inputs is essential. These include data and outputs from key procedures such as hazard identification, risk estimation, risk reduction, and safety requirements. The journey is a collaborative effort where insights from all corners of the project feed into the evolving safety narrative.

The Safety Case and Safety Case Report require inputs from:

- Outputs from Procedure SMP01 – Safety Initiation;

- Outputs from Procedure SMP02 – Safety Committee;

- Outputs from Procedure SMP03 – Safety Planning;

- Outputs from Procedure SMP04 – Preliminary Hazard Identification and Analysis;

- Outputs from Procedure SMP05 – Hazard Identification and Analysis;

- Outputs from Procedure SMP06 – Risk Estimation;

- Outputs from Procedure SMP07 – Risk and ALARP Evaluation;

- Outputs from Procedure SMP08 – Risk Reduction;

- Outputs from Procedure SMP09 – Risk Acceptance;

- Outputs from Procedure SMP10 – Safety Requirements and Contracts;

- Outputs from Procedure SMP11 – Hazard Log.

Delivering Confidence: Required Outputs

At its core, the Safety Case outputs are more than just documents—they are the backbone of confidence for all stakeholders. The primary outputs include:

- Controlled documentation supporting the safety of the system

- Detailed Safety Case Reports tailored to each project phase

- Evidence-backed arguments showcasing tolerable risk levels

Breaking It Down: Typical Safety Case Report Content

An effective Safety Case Report doesn’t just inform; it assures. Here’s what it typically includes:

- Executive Summary: Assurance of safety progress and stakeholder alignment

- System Description: Boundaries, scope, and interface clarity

- Assumptions: Factors underpinning safety requirements

- Progress Assessment: Updates on safety activities and milestones

- Risk Management: Documentation of hazards, risks, and mitigation strategies

- Emergency and Contingency Plans: Preparedness for unforeseen circumstances

- Operational Guidance: Practical safety insights for operators

The Lifecycle Perspective: Safety Cases at Every Stage

Concept Stage

Here, safety begins with identifying risks early, crafting strategies, and ensuring feasibility. By the Outline Business Case, the safety vision should be clear, even if some areas remain undefined.

Assessment Phase

Building on the Concept Stage, this phase involves a deeper analysis of risks and strategies for mitigation, culminating in a Safety Case Report for the Full Business Case.

Demonstration & Trials

Safety during trials ensures a controlled environment for testing and evaluation. Detailed Safety Management Plans guide this phase, ensuring all involved parties understand their responsibilities.

Introduction to Service

At this stage, safety extends to operational readiness—ensuring support facilities, training, and logistic arrangements are in place.

Disposal

Disposal planning begins early, considering risks throughout the system’s life. Safety Cases for disposal ensure proper handling, whether through recycling, scrapping, or resale, minimizing liability and environmental impact.

Conclusion

The Safety Case is more than a procedural requirement—it’s a commitment to integrity, collaboration, and responsibility. By weaving together comprehensive safety practices at every stage, projects can achieve a level of confidence that benefits all stakeholders.

Are you ready to take your Safety Case to the next level? Share your thoughts and experiences in the comments below!

Meet the Author

Learn safety engineering with me, an industry professional with 25 years of experience, I have:

•Worked on aircraft, ships, submarines, ATMS, trains, and software;

•Tiny programs to some of the biggest (Eurofighter, Future Submarine);

•In the UK and Australia, on US and European programs;

•Taught safety to hundreds of people in the classroom, and thousands online;

•Presented on safety topics at several international conferences.
#ALARPprincipleapplication #DisposalSafetyCase #Hazardidentificationandriskmitigation #Projectsafetymanagement #Riskmanagementinprojects #SafetyCaselifecycle #SafetyCasereports #Safetyinsystemdesign #SafetyManagementPlans
Simon Di Nucci https://www.safetyartisan.com/?p=4158

Thursday, January 23, 2025

Monday, January 20, 2025

FAQ on System Safety

In this FAQ on System Safety, I share some lessons that will explain the basics right through to more advanced topics!

The system safety concept calls for a risk management strategy based on identification, analysis of hazards and application of remedial controls using a systems-based approach.Harold E. Roland; Brian Moriarty (1990). System Safety Engineering and Management.

In ‘Safety Concepts Part 1’, we look at the meaning of the term “safe”. This fundamental topic provides the foundation for all other safety topics, and it's simple!

In this 45-minute free video, I discuss System Safety Principles, as set out by the US Federal Aviation Authority in their System Safety Handbook.

In System Safety Programs, we learn how to Design a System Safety Program for any system in any application.

The Common System Safety Questions

To see them click here:

is system safety, system safety is, what’s system safety, what is system safety management, what is system safety assessment, what is a system safety program plan, what is safety system of work, , what’s system safety, which active safety system, why system safety, system safety faa, system safety management, system safety management plan, system safety mil std, system safety methodology, system safety mil-std-882d, system safety mil-std-882e, system safety program plan, system safety process, system safety ppt system safety principles, system safety perspective, system safety precedence, system safety analysis, system safety analysis handbook, system safety analysis techniques, system safety courses, system safety assessment.

System safety is a specialty within system engineering that supports program risk management. ... The goal of System Safety is to optimize safety by the identification of safety related risks, eliminating or controlling them by design and/or procedures, based on acceptable system safety precedence.FAA System Safety Handbook, Chapter 3: Principles of System SafetyDecember 30, 2000

If you don’t find what you want in this FAQ on Risk Management, there are plenty more lessons under Start Here and System Safety Analysis topics. Or just enter ‘system safety’ into the search function at the bottom of any page.

#learnsystemsafety #what'ssystemsafety #what'ssystemsafetyengineering #whatissystemsafety #whatissystemsafetyengineering #whatissystemsafetymanagement

Simon Di Nucci https://www.safetyartisan.com/2021/08/18/faq-on-system-safety/

Monday, January 13, 2025

FAQ on Risk Management

In this FAQ on Risk Management, I will point you to some lessons where you will get some answers to basic questions.

Lessons on this Topic

Welcome to Risk Management 101, where we’re going to go through these basic concepts of risk management. We’re going to break it down into the constituent parts and then we’re going to build it up again and show you how it’s done.

So what is this risk analysis stuff all about? What is ‘risk’? How do you define or describe it? How do you measure it? In Risk Basics I explain the basic terms.

Risk Analysis Programs – Design a program for any system in any application. You'll be able to:

- Describe fundamental risk concepts;

- Define what a risk analysis program is;

- and much more...

If you don't find what you want in this FAQ on Risk Management, there are plenty more lessons under Start Here and System Safety Analysis topics. Or just enter 'risk' into the search function at the bottom of any page.

The Common Risk Management Questions

Click here to see the most Commonly-asked Questions

why risk management, why risk management is important, why risk management is important in project management, why risk management plan is important, why risk management is important for business, why risk management matters, are risk management, are risk management services, is risk management important, is risk management framework, is risk management effective, can risk management be outsourced, can risk management increase risk, can risk management create value, how can risk management help companies, how can risk management be improved, how can risk management improve performance, how risk management improve organization performance, how risk management works, how risk management help you, how risk management helps, how risk management plans can be monitored, how risk management help us, how risk management add value to a firm, how risk management developed, what risk management do, what risk management means, what risk management is, what risk management is not, where risk management, which risk management certification is best, which risk management principle is best demonstrated, which risk management technique is considered the best, which risk management handling technique is an action, which risk management techniques, who risk management guidelines, who risk management, who risk management framework, who risk management tool, who risk management plan, who risk management strategies, will risk management be automated, how will risk management help you, how will this risk management plan be monitored, risk management will reduce, risk management will

#FAQriskmanagement #howriskismeasured #learnriskanalysis #learnriskmanagement #managedrisk #riskadverse #riskmanagementprocess #risktaking #whatisriskmanagement

Simon Di Nucci https://www.safetyartisan.com/2021/08/11/faq-on-risk-management/

Friday, January 10, 2025

The Lifelong Evolution of a Safety Case
Introduction

In The Lifelong Evolution of a Safety Case, we look at how to Review and revise a Safety Case and Re-Issue a Safety Case Report.

When it comes to ensuring safety throughout any Product, System, or Service lifecycle, reviewing and revising the Safety Case isn’t just a recommendation—it’s essential. The age or status of equipment isn’t simply about how old it is. Instead, it reflects an understanding of its condition, the effects of changes, and its performance in varying environments over time. Let’s dive into the key principles of maintaining and revising a Safety Case and the potential risks and strategies to avoid them.

Why Review the Safety Case?

Changes in operations, equipment condition, or organizational controls can disrupt the assumptions on which the original Safety Case was built. Recognizing when a review is needed ensures safety remains uncompromised.

Here are examples of scenarios that demand attention:

- Structural Modifications: Repairs or upgrades impacting safety.

- New Activities: Introduction of new tasks or uses for the equipment.

- Environmental Changes: Shifts in operational environments or equipment roles.

- Incident Data: Insights from accidents or maintenance inspections.

- System Evolution: Decommissioning, extended use, or technological upgrades.

Figure: Relationship between the Safety Management System and Safety Case in terms of Age and Status

Relationship between the Safety Management System and Safety Case

Challenging Assumptions: The Foundation of Safety

A Safety Case is never static—it evolves as evidence and conditions change. It’s vital to challenge existing arguments continually. If new evidence undermines the validity of the Safety Case, steps like obtaining further proof, implementing corrective actions, or, in extreme cases, halting operations may be necessary.

Consider this: what was deemed safe at one time might become risky due to wear, updates, or new findings. Regular reviews ensure the Safety Case remains robust and relevant.

Ownership and Administration: Who's in Charge?

The custodian of the Safety Case is the Project Safety Manager, the linchpin in ensuring safety throughout the lifecycle of the system. This individual must coordinate all safety activities, maintain the Safety Case, and oversee its interaction with the Safety Management System (SMS).

While contractors may handle the technical details, the responsibility for ensuring the integrity and adequacy of the Safety Case rests with the appointed safety delegation holder.

Records Matter: Documenting Safety

Every decision, from hazard mitigation to safety strategy adjustments, must be meticulously recorded. Key documents feeding into this process include:

- System Requirements Document: Detailing specific safety needs.

- Customer-Supplier Agreement: Outlining deliverables.

- Through-Life Management Plan: Ensuring continuity in safety oversight.

A central part of this process is the Hazard Log, which serves as the repository of all identified risks and their management status. (see Procedure SMP11 – Hazard Log).

Avoiding Pitfalls: The Warnings

The warnings and project risks identified in all the other procedures, from SMP01 to SMP11 can manifest themselves through effects on the Safety Case, as it brings their outputs together. Also, there are other project risks specific to the Safety Case.

Neglecting regular reviews or documentation can lead to significant issues, including:

- Delays in Safety Approvals: Failure to engage approval authorities early can result in unmet safety requirements and service delays.

- Outdated Safety Cases: A mismatch between documentation and the system’s current state undermines credibility.

- Inadequate Risk Analysis: Improper techniques during safety assessments may yield an incomplete Safety Case.

- Lost Records: Poor documentation management can erode trust in the safety process.

Completing the Circle: The Role of Collaboration

Maintaining a credible and effective Safety Case is a collective effort. Contractors, safety committees, and stakeholders must work in concert to identify and mitigate hazards. Sharing data, especially during transitions between contractors, is crucial to avoiding gaps in safety oversight.

Wrapping Up

The Safety Case is more than a set of documents—it’s a dynamic framework ensuring that safety risks are continuously managed throughout the lifecycle of a system. With proper reviews, updates, and collaboration, it provides confidence that safety remains a top priority, no matter the changes a system undergoes.

This blog article is Part 3 of a series. It follows on from Part 2.

Meet the Author of 'The Lifelong Evolution of a Safety Case'

Learn safety engineering with me, an industry professional with 25 years of experience, I have:

•Worked on aircraft, ships, submarines, ATMS, trains, and software;

•Tiny programs to some of the biggest (Eurofighter, Future Submarine);

•In the UK and Australia, on US and European programs;

•Taught safety to hundreds of people in the classroom, and thousands online;

•Presented on safety topics at several international conferences.
#HazardLogBestPractices #LifecycleSafetyCaseReview #MaintainingSystemSafety #OperationalRiskManagement #ProjectSafetyManagerRole #RiskAssessmentLifecycle #SafetyCaseDocumentationTips #SafetyCaseManagement #SafetyManagementSystemIntegration #SafetyOversightinProjects
Simon Di Nucci https://www.safetyartisan.com/?p=4149

Thursday, January 9, 2025

Monday, January 6, 2025

Q&A: Reflections on a Career in Safety

Now we move on to Q&A: 'Reflections on a Career in Safety'.

Q&A Session | Q&A Session | Q&A Session | Q&A Session

How do you Keep People Engaged with Safety?

Q.           I was thinking of an idea as I was walking here, and you did mention just in your slide about going with the flow that sometimes people who stop listening to you I've seen a lot of people come up with safety systems where there's a lot of forms and paperwork to fill out. And a lot of the people who are doing it just go. It's just paperwork. It doesn't do anything for safety. It's somebody else covering their butt.

Whereas what when I look at them, what they are is almost a prompt to get people to think about the things that can bite them. Yeah. Keep that idea of what's in front of them in their heads rather than letting that go into the. Is just paperwork for paperwork’s sake. Yeah. How do you keep them engaged in using that as a tool rather than a liability reduction?

A.           Yeah, I think, first of all, there's got to be a bit of education. They've got to understand that they're dealing with things that are potentially dangerous. I mean, that's required anyway. You've got to warn users and them the information that they need. But I think mostly it's about how you engage with people. If you show if you sell it to them, there's a benefit to doing this. And you talk in a language that they understand you're much more likely to get listened to.

I've been to lots of places where people have had awful procedures that don't help them get the job done, it's slow and clunky and they often get ignored. So the trick is to try and make the procedures as helpful to get the job done as possible. And of course, if you can build in safety so people don't have to follow so many procedures, that's even better. If they physically can't do something dangerous, then that's great.

That's much more effective than procedures anyway. But it is all about speaking the user's language. So, I learned that with pilots, pilots have got a particular way of thinking and you can give them a rule that says don't do this, but it might not actually make any sense in that context. So you've got to understand what their context is. You can they can only follow a rule if it's based on information that's actually available to them.

So you can say, don't go below 10,000 feet while doing this or don't exceed the speed. Otherwise, the wings might fall off. That that they understand. If you gave them a load of technical garble about stuff, they probably wouldn't pay much attention.

That said, you do sometimes have to tell people the bleeding obvious because I remember a known British pilot took off in a plane where the fuel warnings were showing on the wing tanks, but the pilot still took the plane and then got in the air and no fuel was coming out of the wing. So he had to land the plane pretty quickly before it ran out of fuel. And I was going to bring in some advice to our pilots to say: don't do that. If you see the yellow stripes on the wings, that's a bad scene on the display. That's a bad sign. And somebody said to me, oh, no British pilot would be stupid enough to do that. And like a fool, I believed him.

So they did do that. And then right now we're having the rule that says, don't do that, because it was needed. So there's always a fine balance is a bit of give and take. Thanks for the questions. Yeah. Anyone else, anyone else?

Which Project was Most Influential on Your Life?

Q.           If you can share what's one of the projects that you worked on that was probably the most influential in your life or that you thought was definitely helpful for where you are now.

A.           That’s a really good question. Well, I suppose the big one in my life was Eurofighter because I spent 13 years, on and off, on Eurofighter and I got to work with some fantastic people; in theory, I was their manager. But in reality, they knew 100 times as much about the subject as I did and I learned a lot from them.

So, yeah, I would say because of that, the sheer number of people. But there were lots of jobs where I got a lot out of it professionally or personally … But yeah, I think it's the people, wherever you are.

I've seen a lot of teams. They've got terrible workplace conditions, work in an old dilapidated building. They haven't got enough spares. They haven't got enough tools or anything. Everything is against them. But if they're a good bunch of people, they'll still achieve great things and enjoy doing it.

How do you Make a Safety System Responsive?

Q.           OK. Oh, so you're talking about these very complicated systems where you permitted people to do work so really planned because they're so difficult. You've really planned how work has to happen. But the things that you're working on, stuff that theoretically most operations at the moment are small arms and things, but people can shoot holes in the things that you're working on. And if the 10,000 tanks come over, then you've got potentially a lot more holes all of a sudden.

How do you go from that very regimented system and then work out how to make it also really, really fast and responsive to something that keeps throwing up problems at a much higher rate than I'd imagine you can fill out the forms to give permission to the person to do the work as is the usual practice.

A.           So you're using the same system over and over and over again. And people will spend years using the same system, maybe on the same equipment or the same plane or whatever it is.

So people are well-practiced. Another technique is if people are overtrained and they got lots of experience, then they can often cope in adverse circumstances. So sometimes you just have to cut corners in order to get a job done. And it's having the experience and the knowledge to do that safely and still get the result you need that, that's the judgment side. That's the stuff that you can't write down. But mostly it's through practice.

So, we would follow a very regimented process. But once you've done it enough times, it became second nature. It's like training an athlete. Once you've got the regular way of doing things down pat, it then becomes a lot easier to spot when you've got to do something a bit different and cope with it.

Q&A: How do you Determine Safety Requirements? How do you Detect Safety Issues in Software?

Q.           So I'll try and combine these because the time's getting on and I've got a lot of questions, you're talking about safety and software and safety being an emergent phenomenon, and you're not necessarily going to know that something you do in software is going to cause. An issue with the typhoon is very software-controlled aircraft, so the computer says is close to what's going to happen over the pilot in a lot of ways. You also talked about putting safety into requirements.

Some requirements may or may not like you could have a direct safety requirement, but there could be other requirements that can impact safety without it being explicit. Yeah, how do you detect that in a set of system or user requirements? And how do you detect safety issues in software systems that look like they're doing what they're supposed to do?

A.           Yeah, so do the requirements bit first. Sometimes you get a bunch of requirements and you've just got to go through them and look for safety implications. Sometimes it's really obvious like the customer says, I want this safety system installed in my ship. The ship has got to be built in accordance with certain rules, class rules, or whatever they might be. And you go, OK, a lot of that will be safety-related.

And sometimes you've got to do some work. You've got to decompose the requirements and look at how are you going to solve the problem and go, OK, the requirements are pushing us to have this high-energy system in my ship. OK, there are safety issues with managing that and making sure it doesn't get out of control. So sometimes it only emerges after you've done further work after you've kind of decomposed your initial requirements.

But if the people doing the requirements, you might have systems engineers on the client-side and on the provider side. If they're doing their job well, they’re processing the requirements. And these things will tend to emerge quite well. If you've got good systems engineering. So that's that one.

The software one, it all depends on how safe or how dependable you want the software to be. Ultimately, the Eurofighter had a software-controlled flight control computer, and the aircraft in certain aspects was unstable. So the pilot could not fly it without the computer. So that's as tough as it gets in terms of software safety, the computer cannot fail. OK, and to achieve that level of safety, the state of the art at the time was going through the source code in forensic detail, nailing down the compiler so that it was only allowed to do very basic things.

And then you produce the object code and then you go through the object code in forensic detail and then test it to death. So lots and lots of processes applied and there were still errors in the software because there always will be because there are so many. But you can at least say none of these errors will result in an unsafe outcome, provided, of course, that you've got a sufficiently detailed specification to say this is safe and this is not OK.

So if you're if you've got to go to that level of detail, you can forensically go through things. And then there are if you've heard of Safety Integrity Levels (SILs) or safety integrity requirements for different cells or different says, you can have a cookbook approach where you use different techniques. Usually, the toughest SIL is the state of the art at the time that the standard was created. That's very crudely how you do it, and hopefully, you've got some competent people as well.

Host: Thank you. Thank you so much for sharing your time with us and explaining your journey through safety. Something that I think was interesting is that you raised it here.

How do you Deal with People Using Stuff in Ways it Wasn't Designed for?

Q.           I understand people's motivation, the context of people's motivations for using the equipment. And people might use it in ways that you don't even dream of. Right, you might have designed something to do this or something. And then people stand on it to reach something else, that kind of thing, isn't it? I think when you move from being at university and going into industry and seeing how the equipment is actually used, you can blow your mind sometimes. Yeah.

A.           Yeah. Even people who had worked in the Ministry of Defence , my boss was horrified at the idea that the Air Force would fly a plane that wasn't totally serviceable. And to me, that was completely routine. None of them worked totally as intended. There were some features that we just disabled all the time.

Host.     So, yes, that is also something that blows your mind. Oh, thank you very much, Simon. Thank you and thank you, kind audience. Thanks for your participation.

Q&A Session | Q&A Session | Q&A Session | Q&A Session

This was part of a lecture to the University of Adelaide SEIP Course. You can the other sessions, as follows:

- Part 1 https://www.safetyartisan.com/2021/06/30/reflections-on-a-career-in-safety-part-1/

- Part 2 https://www.safetyartisan.com/2021/07/07/reflections-on-a-career-in-safety-part-2/

- Part 3 https://www.safetyartisan.com/2021/07/14/reflections-on-a-career-in-safety-part-3/

- Part 4 https://www.safetyartisan.com/2021/07/21/reflections-on-a-career-in-safety-part-4/

- Part 5 https://www.safetyartisan.com/2021/07/28/reflections-on-a-career-in-safety-part-5/

So that was 'Reflections on a Career in Safety: Q&A'. Did you find it useful?

#howdoyoumakeasafetysystemresponsive #howtodeterminesafetyrequirements #issafetyagoodcareer #Q&A #questionsandanswers #whichprojectwasmostinfluentialinyourlife #whychoosesafetycareer

Simon Di Nucci https://www.safetyartisan.com/2021/08/04/reflections-on-a-career-in-safety-qa/