Safety Concepts Part 1
In this 'Safety Concepts Part 1' Blog post, The Safety Artisan looks at the meaning of the term "safe". I look at an objective definition of safe - objective because it can be demonstrated to have been met.

This fundamental topic provides the foundation for all other safety topics, and it isn't complex. The basics are simple, but they need to be thoroughly understood and practiced consistently to achieve success.

https://youtu.be/IKAZ3KLsDW8
System Safety Concepts - highlights.

Safety Concepts Part 1: Topics

- A practical (useful) definition of ‘safe’:

- What is risk?

- What is risk reduction?

- What are safety requirements?

- Scope:

- What is the system?

- What is the application (function)?

- What is the (operating) environment?

Safety Concepts Part 1: Transcript

Hi everyone and welcome to the Safety Artisan, where you will find professional, pragmatic, and impartial advice. Whether you want to know how safety is done or how to do it, I hope you’ll find today’s session helpful.

It’s the 21st of September 2019 as I record this. Welcome to the show. So, let’s get started. We’re going to talk today about System Safety concepts. What does it all mean?  We need to ask this question because it’s not obvious, as we will see.

If we look at a dictionary definition of the word ‘safe’, it’s an adjective: to be protected from or not exposed to danger or risk. Not likely to be harmed or lost. There are synonyms – protect, shield, shelter, guard, and keep out of harm’s way. They’re all good words, and I think we all know what we’re talking about. However, as a definition, it’s too imprecise. We can’t objectively say whether we have achieved safety or not.

A Practical Definition of ‘Safe’

What we need is a better definition, a more practical definition. I’ve taken something from an old UK Defence Standard. Forget about which standard, that’s not important. It’s just that we’re using a consistent set of definitions to work through basic safety concepts. And it’s important to do that because different standards, come from different legal systems and they have different philosophies. So, if you start mixing standards and different concepts together, that doesn’t always work.

OK so whatever you do, be consistent. That’s the key point. We’re going to use this set of definitions from the UK Defence Standard because they are consistent.

In this standard, ‘safe’ means: “Risk has been demonstrated to have been reduced to a level that is ALARP, and broadly acceptable or tolerable. And relevant prescriptive safety requirements have been met. For a system, in a given application, in a given Operating Environment.” OK, so let’s unpack that.

System Safety – Risk

So, we start with risk. We need to manage risk. We need to show that risk has been reduced to an acceptable level. As required perhaps by law, regulation, or a standard. Or just good practice in a particular industry. Whatever it is, we need to show that the risk of harm to people has been reduced. Not just any old reduction, we need to show that it’s been reduced to a particular level. Now in this standard, there are two tests for that.

And they’re both objective tests. The first one says as low as reasonably practicable. Basically, it’s asking have all reasonably practicable risk reduction measures have been taken. So that’s one test. And the second test is a bit simpler. It’s basically saying reduce the absolute level of risk to something that is tolerable or acceptable. Now don’t worry too much about precisely what these things mean. The purpose of today is to note that we’ve got an objective test to say that we’ve done enough.

System Safety – Requirements

So that’s dealt with risk. Let’s move on to safety requirements. If a requirement is relevant, then we need to apply it. If it’s prescriptive, if it says you must do this, or you must do that. Then we need to meet it. There are two separate parts to this ‘Safe’ thing: we’ve got to meet requirements; and, we’ve got to manage risk. We can’t use one as an excuse for not doing the other.

So just because we reduce risk until it’s tolerable or acceptable doesn’t mean that we can ignore safety requirements. Or vice versa. So those are the two key things that we’ve got to do. But that’s not actually quite enough to get us there. Because we’ve got to define what we’re doing, with what, and in what context. Well, we’re reducing the risk of a system. And the system might be a physical thing.

Defining the Scope: The System

It might be a vehicle, an airplane, a ship, or a submarine, it might be a car or a truck. Or it might be something a bit more intangible. It might be a computer program that we’re using to make decisions that affect the safety of human beings, maybe a medical diagnosis system. Or we’re processing some scripts or prescriptions for medicine and we’ve got to get it right. We could poison somebody. So, whether it’s a tangible or an intangible system.

We need to define it. And that’s not as easy as it sounds, because if we’re applying system safety, we’re doing it because we have a complex system. It’s not a toaster. It’s something a bit more challenging. Defining the system carefully and precisely is really important and helpful. So, we define what our system is, our thing, or our service. The system. What are we doing with it? What are we applying it to?

Defining the Scope: The Application

What are we using it for? Now, just to illustrate that no standard is perfect. Whoever wrote that defense standard didn’t bother to define the application. Which is kind of a major stuff-up to be honest, because that’s really important. So, let’s go back to an ordinary dictionary definition just to get an idea of what it means. By the way, I checked through the standard that I was referring to, and it does not explain it in this standard.

What it means by the application. Otherwise, I would use that by preference. But if we go back to the dictionary, we see application: the act of putting something into operation. OK, so, we’re putting something to use. We’re implementing, employing it, or deploying it maybe we’re utilizing it, applying it, executing it, enacting it. We’re carrying it out, putting it into operation, or putting it into practice. All useful words that help us to understand.

I think we know what we’re talking about. So, we’ve got a thing or a service. Well, what are we using it for? Quite obviously, you know a car is probably going to be quite safe on the road. Put it in water and it probably isn’t safe at all. So, it’s important to use things for their proper application, to the use to which they were designed. And then, kind of harking back to what I just said, the correct operating environment.

Defining the Scope: The Operating Environment

For this system, and the application to which we will put it to. So, we’ve got a thing that we want to use for something. What’s the operating environment in which it will be safe? What is it qualified or certified for? What’s the performance envelope that it’s been designed for? Typically, things work pretty well within the operating environment, within the envelope for which they were designed. Take them outside of that envelope and they perform not so well.

Maybe not at all. You take an airplane too high and the air is too thin, and it becomes uncontrollable. You take it too low and it smashes into the ground. Neither outcome is particularly good for the occupants of the airplane. Or whoever happens to be underneath it when it hits the ground. All of those three things:  what is the system? What are we doing with it? and where are we doing it? All those things have to be defined. Otherwise, we can’t really say that risk has been dealt with, or that safety requirements have been met.

System Safety: why Bother?

So, we’ve spent several slides just talking about what safe means, which might seem a bit over the top. But I promise you it is not, because having a solid understanding of what we’re trying to do is important in safety. Because safety is intangible. So, we need to understand what it is we’re aiming for. As some Greek bloke said, thousands of years ago: “If you don’t know to which port, you are bound, then no wind is favorable.”

It’s almost impossible to have a satisfactory Safety Program if you don’t know what you’re trying to achieve. Whereas, if you do have a precise understanding of what you’re trying to achieve, you’ve got a reasonably good chance of success. And that’s what it’s all about.

Copyright

Well, I’ve quoted you some information from a UK government website. And I’ve done so in accordance with the terms of its Creative Commons license. More information about the terms of that can be found on this page.

End: Safety Concepts Part 1

If you want more, if you want to unpack all the Major Definitions, all the system safety concepts that we're talking about, then there's the second part of this video, which you can see here.

I hope you enjoy it. Well, that's it for the short video, for now. Please go and have a look at the longer video to get the full picture. OK, everyone, it's been a pleasure talking to you and I hope you found that useful. I'll see you again soon. Goodbye.

Back to the Start Here Page.

Meet the Author

Learn safety engineering with me, an industry professional with 25 years of experience. I have:

•Worked on aircraft, ships, submarines, ATMS, trains, and software;

•Tiny programs to some of the biggest (Eurofighter, Future Submarine);

•In the UK and Australia, on US and European programs;

•Taught safety to hundreds of people in the classroom, and thousands online;

•Presented on safety topics at several international conferences.
#definitionofsafe #definitionofsafety #definitionofsafetyengineering #definitionofsafetyhazard #definitionofsafetyincident #definitionofsafetymanagementsystem #definitionofsafetymeasures #definitionofsafetyprecautions #definitionofsafetyrisk #howwouldyoudefinesafety #meaningofsafe #meaningofsafety #safemeaning #safetyconcepts #whataretheimportanceofsafetymeasures #whatdoessafetymeasuresmean #whatdoesthewordsafetymeantoyou #whatissafe #whatsafemeans
Simon Di Nucci https://www.safetyartisan.com/2019/09/22/safety-concepts-part-1/

How to Get the Most from The Safety Artisan #3
This is 'How to Get the Most from The Safety Artisan #3'.

Last time #2, I posted about the two major focus areas for The Safety Artisan's teaching. These are System Safety and Australian Work Health and Safety or WHS.

In my first post, I talked about the fundamental lessons under the start here topic. Even if you are experienced in safety, you may find that things are done very differently in another industry or country - I did. 

Now for Something Completely Different

Hi everyone, and welcome to The Safety Artisan. I'm your host, Simon. In this post, I want to talk about how you can connect with me, The Safety Artisan, and get more out of the website.

There are three ways you can do this.

Get Free and Low-cost Courses on Udemy

I have lots of free and paid and low-cost courses on Udemy. In these, I provide video lessons and lots of supporting content, for example, my PHIA Guide.

Subscribe to The Safety Artisan Mailing List and get your Free Gift!

Follow on YouTube or Social Media

Second, you can follow the safety Artisan on YouTube or on social media. If you sign up on my YouTube Channel and tick for notifications, you will be reminded every time I issue a new video lesson.

I'm also on Twitter, Instagram, Facebook, Google My Business, Tumblr, Pinterest, and Vkontakte. Phew! 

On LinkedIn, you can see my full resume/CV and find my most popular articles.

Just Get in Touch

Third, you can directly get in touch with me by commenting on a post - ask a question! There is no such thing as a 'dumb' question, only dumb accidents.

You can also ask general questions by filling in the form on the Connect Page. (This is better than sending me a Direct Message on social media, as I get a lot of spam.)

There are a lot of different topics that I could cover. It is surprisingly difficult to find out what people really like to hear about. So, if there's something that you want to learn about then just ask. I will bump the topic up on my 'to do' list.

That's All, folks!

Well, that's it from me, I hope you enjoy The Safety Artisan website and get as much as you can out of it. See you soon!

How to Get the Most from #3: What subjects do you want?

Leave a comment.
#Askmeanything #coursesafetyengineering #engineersafety #FollowMe #howto #ineedsafety #knowledgeofsafety #learnsafety #needforsafety #safetyblog #safetydo #safetyengineer #safetyengineerskills #safetyengineertraining #safetyengineeringcourse #safetyprinciples #SocialMedia #softwaresafety #Subscribeforemails #theneedforsafety #YouTube
Simon Di Nucci https://www.safetyartisan.com/2021/09/08/how-to-get-the-most-from-the-safety-artisan-3of3/

Preliminary Hazard Identification & Analysis Guide: Free
Get the Preliminary Hazard Identification & Analysis Guide for free! It's a 50-page .pdf download, collated from reliable sources.

- Contents;

- Introduction;

- Aim; and

- Get it here for free.

Contents:

- Introduction ..................................1

- Aim ................................................1

- Description ....................................2

- Method ..........................................3

- Guidance .......................................4

- Inspect the Workplace ..................7

- How to find hazards .....................8

- Review available information ......8

- Consult Your Workers .................10

- When to Consult with Workers ...10

- Hazard Checklists ........................12

- Functional Safety Analysis ..........16

- FMEA/FMECA ............................21

- SWIFT .........................................28

- HAZOP ........................................42

The Safety Artisan's PHIA Guide

Preliminary Hazard Identification & Analysis Guide - Introduction

Hazard Identification has been defined as: “The process of identifying and listing the hazards and accidents associated with a system.”

Hazard Analysis has been defined as: “The process of describing in detail the hazards and accidents associated with a system and defining accident sequences.”

Preliminary Hazard Identification and Analysis (PHIA) is intended to help you determine the scope of the safety activities and requirements. It identifies the main hazards likely to arise from the capability and functionality being provided. It is carried out as early as possible in the project life cycle, providing an important early input to setting Safety requirements and refining the Project Safety Plan.

PHIA seeks to answer, at an early stage of the project, the question: “What Hazards and Accidents might affect this system and how could they happen?”

Aim

The aim of the PHIA is to identify, as early as possible, the main Hazards and Accidents that may arise during the life of the system. It provides input to:

- Scoping the subsequent Safety activities required in any Safety Plan. A successful PHIA will help to gauge the proportionate effort that is likely to be required to produce an effective Safety Case, proportionate to risks.

- Selecting or eliminating options for subsequent assessment.

- Setting the initial Safety requirements and criteria.

- Subsequent Hazard Analyses.

- Initiate Hazard Log.

Did You Know?

You can also get the Guide with the PHIA Courses on Udemy.

Preliminary Hazard Identification & Analysis Guide: Free
#buyhazardidentificationtraining #gethazardidentificationtraining #hazardidentification #hazardidentificationandriskassessmentexamples #hazardidentificationandriskassessmentpdf #hazardidentificationandriskassessmenttemplate #hazardidentificationguide #hazardidentificationmethod #hazardidentificationsolution #hazardidentificationtechnique #hazardidentificationthatworks #hazardidentificationtips #hazardidentificationtutorial #hazardidentificationvideo #howhazardsareidentified #howtoidentifyhazards #riskidentificationexample #solvehazardidentification #studyhazardidentification #waystoidentifyhazards
Simon Di Nucci https://www.safetyartisan.com/2024/06/10/preliminary-hazard-identification-analysis-guide-free/

How to Get the Most fromThe Safety Artisan #2
Hi everyone, and welcome to The Safety Artisan. I'm Simon, your host. This is 'How to Get the Most from The Safety Artisan #2'.

In my previous post (#1) I talk about the Start Here topic page. There you will find lessons that deal with fundamental issues - most of them are free.

This time I'm talking about two other topic areas, which are the main focus of The Safety Artisan - so far. 

System Safety

The first topic is system safety. I spend a lot of time talking about system safety because it's used in so many different industries. You can apply its principles to just about anything.

And because it takes a systematic approach to safety you can scale it up or down. It is used on the biggest, multinational, multi-billion dollar projects you can imagine. You can also tailor it so that it can be used sensibly on much smaller projects. You can get good results for a lot less money and time.

So I present a whole suite of sessions on system safety, in particular how to do system safety analysis according to a US Military Standard 882E. Whether you're working on US military systems or not doesn't matter. The principles, practices, and procedures in the standard will equip you to tackle almost any standard.

But you've got to understand your standard, and what it was designed to achieve. Then you can make it work for you.

Australian Work Health and Safety

The second topic that I cover in detail is Australian Work Health and Safety (WHS). I've done a series on WHS because I find that is often misunderstood.

Unusually for health and safety legislation, WHS covers not just workplace health and safety, but the duties of designers, manufacturers, importers, installers, and users of plant, substances, and structures. In fact, anyone who is involved through its lifecycle.

Coming to Australia?

WHS also contains and concepts like 'So Far As Is Reasonably Practicable or SFAIRP/SFARP. These are often misunderstood and misapplied. This is a shame because the public guidance that is out there is excellent.

For example, I introduce Codes of Practice, especially the ones that tell you how to manage risk and Consult, Cooperate, and Coordinate on WHS matters. From my personal experience, I explain how to use this guidance and how to get results.

Even if you don't work in Australia, you'll find that many principles used in WHS law are found in other western nations. For example, I compared safety laws in the UK and Australia, based on my experience of working in both countries.

How to Get the Most from The Safety Artisan #3: Coming Soon...

Next time, I talk about how you can connect and interact with The Safety Artisan to get better learning results for you!
#CodesofPractice #coursesafetyengineering #engineersafety #ineedsafety #knowledgeofsafety #learnsafety #needforsafety #riskmanagement #safetyblog #safetydo #safetyengineer #safetyengineerskills #safetyengineertraining #safetyengineeringcourse #safetyprinciples #softwaresafety #systemsafety #SystemsEngineering #theneedforsafety #WHSCodeofPractice #WorkHealthandSafety
Simon Di Nucci https://www.safetyartisan.com/2021/09/01/how-to-get-the-most-from-the-safety-artisan-2of3/

How to Get the Most from The Safety Artisan #1
In this post, 'How to Get the Most from The Safety Artisan #1' I will show you some of the free resources you can access...

Welcome

Hi everyone, and welcome to The Safety Artisan, my name is Simon and I'm a professional system safety engineer with more than 25 years of experience in various industries.

Simon Di Nucci, FIE(Aust), MSc, CPEng NER

In the next three posts, I'm going to tell you how to get the most from The Safety Artisan website. I'm going to start with the basics. 

Start Here

As the name suggests, start here is a good place for newcomers to start looking at blog posts and lesson videos. Most of them are Free!

Now, before you skip this bit because you've done some work in safety before, let me share two things with you.

Concepts

I have worked on many projects where we didn't have a clear and unambiguous idea of what 'safe' means. I'm not joking!

That's right, we were spending lots of money trying to make something safe, but we didn't really know what that meant. Surprisingly, the bigger and more expensive the project, the more difficult it is to get a clear picture of the basics. This might sound daft but on a big project, you have to work hard to stay focused on the fundamental principles of what you're trying to achieve.

If from the very beginning, you can understand clearly what safe means in your particular domain is, and how are you are going to manage risk, then you can arrive at a successful end game. But it's not easy.

Second, Differences Across Countries and Industries

Another point to note is that many industries do things differently. You may have worked in rail, or in a chemical plant, or with ships, submarines, or planes and you know how safety works in your industry. But it's still good to learn from others - and their mistakes.

'Learn from others' Mistakes' said Bismark.

I have worked in all of these industries - and more - and I can tell you that the way things are done in different domains varies greatly. So when you're going for an interview, or when you're starting a new job, you might get some surprises...

The law on safety (and environmental protection) also varies from country to country. I've worked on projects in the UK, Australia, Europe, and the USA, and there are significant differences in practice. In particular, I emigrated from the UK to Australia, and I've compared practices in the two countries.

Coming Next...

Next week I will tell you about the more advanced topics that I cover. In the Third Post, I will talk about how you can connect with The Safety Artisan and get the online learning that YOU want.
#coursesafetyengineering #engineersafety #howtoriskassessment #howtoriskassessmentanalysis #ineedsafety #knowledgeofsafety #learnriskassessment #riskassessmenttechnique #riskassessmenttraining #riskassessmenttutorial #riskassessmentvideo #safetyblog #safetydo #safetyengineer #safetyengineerskills #safetyengineertraining #safetyengineeringcourse #safetyprinciples #softwaresafety #theneedforsafety
Simon Di Nucci https://www.safetyartisan.com/2021/08/25/how-to-get-the-most-from-the-safety-artisan-1of3/

Introduction to System Safety Risk Assessment
In this 'Introduction to System Safety Risk Assessment', we will pull together several key ideas.

First, we'll talk about System Safety. This is safety engineering done in a Systems Engineering Framework. We are doing safety within a rigorous process.

Second, we're talking about Risk Assessment. This is a term for putting together different activities within another process. This process may be basic, or it might be quite sophisticated, as illustrated, below.

The Risk Assessment Process

Third, and finally, we will put all this together into a System Safety Program. This is hinted at in the diagram, above, but a real system safety program needs to do a lot more than this. It needs to tie into the project it supports, to systems engineering, to resources, quality, V&V, etc. Designing such a program is complex, so we typically follow a standard, like Mil-Std-882E.

You can hear more about this in the introductory video, below.

https://youtu.be/80irBJjmzxI
Introduction Video

This post is part of a series:

- This Post is the Intro to the System Safety Risk Assessment Programs Course.

- Start of System Safety Risk Assessment

- Hazard & Risk Basics (SSRAP Module 1)

- System safety risk analysis (SSRAP Module 2)

Transcript:

Introduction

Hello,

Welcome to this course on Systems Safety Risk Analysis Programs. I'm Simon Di Nucci, The Safety Artisan, and I've been a safety engineer and consultant for over 20 years. I've worked on a wide range of safety programs doing risk analysis on all kinds of things. Ships, planes, trains, air traffic management systems, software systems, you name it.

I've worked in the U.K., in Australia, and on many systems from the U.S. I've also spent hundreds of hours training hundreds of people on safety. And now I've got the opportunity to share some of that knowledge with you online.

So, what are the benefits of this course?

First of all, you will learn about basic concepts. About system safety, what it is and what it does. You will know how to apply a risk analysis program to a very complex system and how to manage that complexity. So, that's what you'll know.

At the end of the course, you will also be able to do things that you might not have been able to do before. You will be able to take the elements of a risk analysis program and the different tasks. You can select the right tasks and form a program to suit your application, whatever it might be. Whether you might:

- Have a full, high-risk bespoke development system,

- Be taking a commercial system off the shelf and doing something new with it, or

- Take a product and use it in a new application or a new location.

Whatever it might be, you will learn how to tailor your risk analysis program. This program will give you the analyses you need. And to meet your legal and regulatory requirements. Once you've learned how to do this, you can apply it to almost any system.

Finally, you will feel confident doing this. I will be interpreting the terminology used in the tasks and applying my experience. So, instead of reading the standard and being unsure of your interpretation, you can be sure of what you need to do. Also, I will show you how you can get good results and avoid some of the pitfalls.

These are the three benefits of the Course

- You will know what to do.

- You will be able to perform risk program tasks, and

- You'll feel confident doing those tasks.

At the end of the course, I will also show you where to find further resources. There are free resources to choose from. But there are also paid resources for those who want to take your studies to the next level. I hope you enjoy the course.

This is Module 1 of SSRAP

This is Module 1 from the System Safety Risk Assessment Program (SSRAP) Course. Risk Analysis Programs – Design a System Safety Program for any system in any application.

The full course comprises 15 lessons and 1.5 hours of video content, plus resources. It's on pre-sale at HALF PRICE until September 1st, 2024. Check out all the free preview videos here and order using the coupon “Pre-order-Half-Price-SSRAP”. But don't leave it too long because there are only 100 half-price courses available!

Meet the Author

Learn safety engineering with me, an industry professional with 25 years of experience, I have:

•Worked on aircraft, ships, submarines, ATMS, trains, and software;

•Tiny programs to some of the biggest (Eurofighter, Future Submarine);

•In the UK and Australia, on US and European programs;

•Taught safety to hundreds of people in the classroom, and thousands online;

•Presented on safety topics at several international conferences.
#AdvancedSafetyRiskAnalysis #ComprehensiveSafetyEngineeringCourse #DesigningaRiskAnalysisProgram #ExpertSafetyManagementTraining #HazardAnalysisTasks #LearnSystemSafetyRiskAnalysis #OnlineTraininginSystemSafety #ProfessionalSafetyRiskAnalysisCourse #RiskAnalysisProgramDesign #RiskAnalysisProgramforComplexSystems #RiskAnalysisTraining #SafetyEngineeringCourses #SafetyManagementTraining #SafetyProgramStandardTraining #SafetyRiskAnalysisforBeginners #SafetyRiskAnalysisPrograms #SystemSafetyRiskAnalysis #SystemSafetyTrainingOnline #TailorYourRiskAnalysisProgram #UnderstandingSystemSafetyStandards
Simon Di Nucci https://www.safetyartisan.com/2024/07/10/introduction-to-system-safety-risk-assessment/

Functional Hazard Analysis with Mil-Std-882E
In this video, I look at Functional Hazard Analysis with Mil-Std-882E (FHA, which is Task 208 in Mil-Std-882E). FHA analyses software, complex electronic hardware, and human interactions. I explore the aim, description, and contracting requirements of this Task, and provide extensive commentary on it. (I refer to other lessons for special techniques for software safety and Human Factors.)

This video, and the related webinar 'Identify & Analyze Functional Hazards', deal with an important topic. Programmable electronics and software now run so much of our modern world. They control many safety-related products and services. If they go wrong, they can hurt people.

I've been working with software-intensive systems since 1994. Functional hazards are often misunderstood or overlooked, as they are hidden. However, the accidents that they can cause are very real. If you want to expand your analysis skills beyond just physical hazards, I will show you how.

https://youtu.be/f4jDnnqYhus
This is the seven-minute demo; the full version is 40 minutes long.

clikc here to get the course: Identify & analyze functional hazards

Functional Hazard Analysis: Context

So how do we analyze software safety?

Before we even start, we need to identify those system functions that may impact safety. We can do this by performing a Functional Failure Analysis (FFA) of all system requirements that might credibly lead to human harm.

An FFA looks at functional requirements (the system should do 'this' or 'that') and examines what could go wrong:

- Does the function work when needed?

- Does the function work when not required?

- Does the function work incorrectly? (There may be more than one version of this.)

(A variation of this technique is explained here.)

If the function could lead to a hazard then it is marked for further analysis. This is where we apply the FHA, Task 208.

Functional Hazard Analysis: The Lesson

Topics: Functional Hazard Analysis

- Task 208 Purpose;

- Task Description;

- Update & Reporting

- Contracting; and

- Commentary.

Transcript: Functional Hazard Analysis

Introduction

Hello, everyone, and welcome to the Safety Artisan; Home of Safety Engineering Training. I'm Simon and today we're going to be looking at how you analyze the safety of functions of complex hardware and software. We'll see what that's all about in just a second.

Functional Hazard Analysis

I'm just going to get to the right page. This, as you can see, functional hazard analysis is Task 208 in Mil. Standard 882E.

Topics for this Session

What we've got for today: we have three slides on the purpose of functional hazard analysis, and these are all taken from the standard. We've got six slides of task description. That's the text from the standard plus we've got two tables that show you how it's done from another part of the standard, not from Task 208. Then we've got update and recording, another two slides. Contracting, two slides. And five slides of commentary, which again include a couple of tables to illustrate what we're talking about.

Functional Purpose HA #1

What we're going to talk about is, as I say, functional hazard analysis. So, first of all, what's the purpose of it? In classic 882 style, Task 208 is to perform this functional hazard analysis on a system or subsystem or more than one. Again, as with all the other tasks, we use it to identify and classify system functions and the safety consequences of functional failure or malfunction. In other words, hazards.

Now, I should point out at this stage that the standard is focused on malfunctions of the system. In the real world, lots of software-intensive systems cause accidents that have killed people, even when they're functioning as intended. That's one of the shortcomings of this Military Standard - it focuses on failure. But even if something performs as specified, either:

- The specification might be wrong, or

- The system might do something that the human operator does not expects.

Mil-Std-882E just doesn't recognize that. So, it's not very good in that respect. However, bearing that in mind, let's carry on with looking at the task.

Functional HA Purpose #2

We're going to look at these consequences in terms of severity – severity only, we'll come back to that – to identify what they call safety-critical functions, safety-critical items, safety-related functions, and safety-related items. And a quick word on that, I hate the term ‘safety-critical’ because it suggests a sort of binary “Either it's safety-critical. Yes. Or it's not safety-critical. No.” And lots of people take that to mean if it's “safety-critical, no,” then it's got nothing to do with safety. They don't recognize that there's a sliding scale between maximum safety criticality and none whatsoever. And that's led to a lot of bad thinking and bad behavior over the years where people do everything they can to pretend that something isn't safety-related by saying, “Oh, it's not safety-critical, therefore we don't have to do anything.” And that kind of laziness kills people.

Anyway, moving on. So, we've got these SCFs, SCIs, SRFs, SRIs and they're supposed to be allocated or mapped to a system design architecture. The presumption in this – the assumption in this task is that we're doing early – We'll see that later – and that system design, system architecture, is still up for grabs. We can still influence it.

COTS and MOTS Software

Often that is not the case these days. This standard was written many years ago when the military used to buy loads of bespoke equipment and have it all developed from new. That doesn't happen anymore so much in the military and it certainly doesn't happen in many other walks of life – But we'll talk about how you deal with the realities later.

And they're allocating these functions and these items of interest to hardware, software, and human interfaces. And I should point out, when we're talking about all that, all these things are complex. Software is complex, human is complex, and we're talking about complex hardware. So, we're talking about components where you can't just say, “Oh, it's got a reliability of X, and that's how often it goes wrong” because those types of simple components are only really subject to random failure, that's not what we're talking about here.

We're talking about complex stuff where we're talking about systematic failure dominating over random, simple hardware failure. So, that's the focus of this task and what we're talking about. That's not explained in the standard, but that's what's going on.

Functional HA Purpose #3

Now, our third slide is on purpose; so, we use the FHA to identify the consequences of malfunction, functional failure, or lack of function. As I said just now, we need to do this as early as possible in the systems engineering process to enable us to influence the design. Of course, this is assuming that there is a system engineering process – that's not always the case. We'll talk about that at the end as well.

Also, we're going to identify and document these functions and items and allocate and it says to partition them in the software design architecture. When we say partition, that's jargon for separating them into independent functions. We'll see the value of that later on. Then we're going to identify requirements and constraints to put on the design team to say, “To achieve this allocation in this partitioning, this is what you must do and this is what you must not do”. So again, the assumption is we're doing this early. There's a significant amount of bespoke design yet to be done....

Then What?

Once the FFA has identified the required 'Level or Rigor', we need to translate that into a suitable software development standard. This might be:

- RTCA DO-178C (also know as ED-12C) for civil aviation;

- The US Joint Software System Safety Engineering Handbook (JSSEH) for military systems;

- IEC 61508 (functional safety) for the process industry;

- CENELEC-50128 for the rail industry; and

- ISO 26262 for automotive applications.

Such standards use Safety Integrity Levels (SILs) or Development Assurance Levels (DALs) to enforce appropriate Levels of Rigor. You can learn about those in my course, Principles of Safe Software Development.

Meet the Author

My name’s Simon Di Nucci. I’m a practicing system safety engineer, and I have been, for the last 25 years; I’ve worked in all kinds of domains, aircraft, ships, submarines, sensors, and command and control systems, and some work on rail air traffic management systems, and lots of software safety. So, I’ve done a lot of different things!
#functionalhazard #functionalhazardindigitalelectronics #functionalriskassessment #functionalriskexample #functionalsafety #functionalsafetyanalysis #functionalsafetycourse #functionalsafetyonlinecourse #functionalsafetyppt #functionalsafetyrequirements #functionalsafetystandards #functionalsafetytechniquelearnfunctionalsafety #functionalsafetytraining #functionalsafetytrainingAustralia #functionalsafetytutorial #functionalsafetyvideo #hazardfunctiondefinition #howtodofunctionalsafety #Milstd882Technique #Milstd882Training #Milstd882tutorial #Milstd882Video #MilStd882E #whatisfunctionalrisk
Simon Di Nucci https://www.safetyartisan.com/2024/03/20/functional-hazard-analysis-task-208/