Foundations of Safety Assessment

In this post on the Foundations of Safety Assessment, I'm going to look at the (few) things that we need to do in every System Safety Program.



Because we don't always need to do everything. We don't always need to throw everything at the problem. Some systems are simpler than others, and they don't need the 'whole nine yards' in order to get a decent result. With that knowledge, we're going to be able to design an analysis program for different applications or for different systems.



As an example, I'm going to use Military Standard 882E (Mil-Std-882E). Under that standard we would use these Tasks:



- Task 201 - Preliminary Hazard Identification;



- Task 202 - Preliminary Hazard Analysis; and



- Task 203 - System Requirements Hazard Analysis.



(You will also find related material in my posts on Safety Analysis Techniques Overview and tailoring your Risk Analysis Program.)



Foundations of Safety Assessment - The Big Picture



I promised you we were going to look at the overview of the sequence.



And I think this is what pulls it all together and explains it powerfully. So the background to this is we've got, an accident or mishap sequence. Whatever you want to call it and we start with causes on the left and causes lead two a hazard, and then a has it can lead to multiple consequences.



Bowtie showing the Foundations of System Safety



That is what the bowtie here is representing. It's showing that multiple causes can lead to a single hazard, and a single hazard can lead to multiple consequences.



Don't worry too much about the bow tie. I'm not pushing that in particular, it's a useful technique, but it's not the only one. We'll come onto that – that's the background.



This is the accident sequence we're trying to discover and understand. I'm going to talk a lot about discovery and understanding.



Preliminary Hazard Identification



Typically, we will start by trying to identify hazards. There are techniques out there that will help us identify hazards associated with the system being used in a specific application, or purpose, in a specific operating environment.



Always bear in mind those three questions about the context, that help us to do this. What's the system? What are we using it for? and in what environment?



And if we change any of those things, then probably the hazards will change. But we start off with preliminary hazard identification, which is intended to identify hazards. There's a big, big arrow pointing at hazards, but also, inevitably, it will identify causes and consequences as well, because it's not always clear. What is the hazard when you start? talking of discovery, we're going to discover some stuff.



We may finally classify what we're talking about later. we're trying to discover hazards. In reality, we're going to discover lots of stuff, but mainly we hope hazards, that's stage one.



System Requirements Hazard Analysis



Now, then we're actually going to step outside of the accident sequence itself. We're going to do some requirements analysis, and the requirements analysis has to come after the PHIA because some safety requirements are driven by the presence of certain hazards.



If you've got a noise hazard somebody's hearing might be affected, then regulations in multiple countries are going to require you to do certain things to monitor the noise. Let's say or monitor the effect that it's having on workers and put in place a program to handle that. The presence of certain hazards will drive certain requirements for safety controls or risk controls.



Then there are the broader requirements. Analysis of what the law requires, what the regulations require, codes of practice, etc. We'll get onto that, and one of the things that requirements analysis is going to do is give us an initial stab of what we've got to have – certain controls because we’re required to. That's a little bit of an aside in terms of the sequence, but it's very, very important.



Preliminary Hazard Analysis



Thirdly, and, fourthly, once we've discovered some hazards, we're going to need to understand what might cause those hazards and therefore how likely is the hazard to exist in particular circumstances, and then also think about the consequences that might arise from a hazard. And once we've explored those, we will be in a position to actually capture the risk.



 Because we will have some view on likelihood. And we would also have some view on the severity of consequences from considering the consequences. We'll come onto that later.



Looking at Controls



Finally, having done all those other things, we will be in a position to take a much more systematic look at controls and say, we've got these causes. We've got these hazards. We've got these potential consequences.  What do I need to do to control this risk and prevent this accident sequence from playing out?



What I need to put in place to interrupt the accident sequence, and I've put the controls. The dashed lines indicate that we've got barriers to that accident sequence, and they are dashed because no control is perfect. (Other than gravity. But of course, if you turn your vehicle upside down, then gravity is working against you, so even gravity isn't foolproof.)



No control is 100% effective. We need to just accept that and deal with that, and understand. There is your overview of the sequence, and I've spent a bit of time talking about that because it is absolutely fundamental to everything you're going to do.



Well, That's a Brief Summary of the Foundations of Safety Assessment



You can see the whole thing in the course bundle here.



If you have any questions then leave a comment, below.

#isriskassessment #riskassess #riskassessmeaning #riskassessment #riskassessment5steps #riskassessmentdefinition #riskassessmentexample #riskassessmentform #riskassessmentformat #riskassessmentmatrix #riskassessmentmeaning #riskassessmentprocess #riskassessmentsteps #riskassessmenttemplate #stepstoriskassessment #whatriskassessment

Simon Di Nucci https://www.safetyartisan.com/2023/04/12/foundations-of-safety-assessment/

FAQ on Risk Management

In this FAQ on Risk Management, I will point you to some lessons where you will get some answers to basic questions.



Lessons on this Topic



Welcome to Risk Management 101, where we’re going to go through these basic concepts of risk management. We’re going to break it down into the constituent parts and then we’re going to build it up again and show you how it’s done.



So what is this risk analysis stuff all about? What is ‘risk’? How do you define or describe it? How do you measure it? In Risk Basics I explain the basic terms.



Risk Analysis Programs – Design a program for any system in any application. You'll be able to:



- Describe fundamental risk concepts;

- Define what a risk analysis program is;

- and much more...



If you don't find what you want in this FAQ on Risk Management, there are plenty more lessons under Start Here and System Safety Analysis topics. Or just enter 'risk' into the search function at the bottom of any page.



The Common Risk Management Questions



Click here to see the most Commonly-asked Questions

why risk management, why risk management is important, why risk management is important in project management, why risk management plan is important, why risk management is important for business, why risk management matters, are risk management, are risk management services, is risk management important, is risk management framework, is risk management effective, can risk management be outsourced, can risk management increase risk, can risk management create value, how can risk management help companies, how can risk management be improved, how can risk management improve performance, how risk management improve organization performance, how risk management works, how risk management help you, how risk management helps, how risk management plans can be monitored, how risk management help us, how risk management add value to a firm, how risk management developed, what risk management do, what risk management means, what risk management is, what risk management is not, where risk management, which risk management certification is best, which risk management principle is best demonstrated, which risk management technique is considered the best, which risk management handling technique is an action, which risk management techniques, who risk management guidelines, who risk management, who risk management framework, who risk management tool, who risk management plan, who risk management strategies, will risk management be automated, how will risk management help you, how will this risk management plan be monitored, risk management will reduce, risk management will

#FAQriskmanagement #howriskismeasured #learnriskanalysis #learnriskmanagement #managedrisk #riskadverse #riskmanagementprocess #risktaking #whatisriskmanagement

Simon Di Nucci https://www.safetyartisan.com/2021/08/11/faq-on-risk-management/

Q&A: Reflections on a Career in Safety

Now we move on to Q&A: 'Reflections on a Career in Safety'.



Q&A Session | Q&A Session | Q&A Session | Q&A Session



How do you Keep People Engaged with Safety?



Q.           I was thinking of an idea as I was walking here, and you did mention just in your slide about going with the flow that sometimes people who stop listening to you I've seen a lot of people come up with safety systems where there's a lot of forms and paperwork to fill out. And a lot of the people who are doing it just go. It's just paperwork. It doesn't do anything for safety. It's somebody else covering their butt.



Whereas what when I look at them, what they are is almost a prompt to get people to think about the things that can bite them. Yeah. Keep that idea of what's in front of them in their heads rather than letting that go into the. Is just paperwork for paperwork’s sake. Yeah. How do you keep them engaged in using that as a tool rather than a liability reduction?



A.           Yeah, I think, first of all, there's got to be a bit of education. They've got to understand that they're dealing with things that are potentially dangerous. I mean, that's required anyway. You've got to warn users and them the information that they need. But I think mostly it's about how you engage with people. If you show if you sell it to them, there's a benefit to doing this. And you talk in a language that they understand you're much more likely to get listened to.



I've been to lots of places where people have had awful procedures that don't help them get the job done, it's slow and clunky and they often get ignored. So the trick is to try and make the procedures as helpful to get the job done as possible. And of course, if you can build in safety so people don't have to follow so many procedures, that's even better. If they physically can't do something dangerous, then that's great.



That's much more effective than procedures anyway. But it is all about speaking the user's language. So, I learned that with pilots, pilots have got a particular way of thinking and you can give them a rule that says don't do this, but it might not actually make any sense in that context. So you've got to understand what their context is. You can they can only follow a rule if it's based on information that's actually available to them.



So you can say, don't go below 10,000 feet while doing this or don't exceed the speed. Otherwise, the wings might fall off. That that they understand. If you gave them a load of technical garble about stuff, they probably wouldn't pay much attention.



That said, you do sometimes have to tell people the bleeding obvious because I remember a known British pilot took off in a plane where the fuel warnings were showing on the wing tanks, but the pilot still took the plane and then got in the air and no fuel was coming out of the wing. So he had to land the plane pretty quickly before it ran out of fuel. And I was going to bring in some advice to our pilots to say: don't do that. If you see the yellow stripes on the wings, that's a bad scene on the display. That's a bad sign. And somebody said to me, oh, no British pilot would be stupid enough to do that. And like a fool, I believed him.



So they did do that. And then right now we're having the rule that says, don't do that, because it was needed. So there's always a fine balance is a bit of give and take. Thanks for the questions. Yeah. Anyone else, anyone else?



Which Project was Most Influential on Your Life?



Q.           If you can share what's one of the projects that you worked on that was probably the most influential in your life or that you thought was definitely helpful for where you are now.



A.           That’s a really good question. Well, I suppose the big one in my life was Eurofighter because I spent 13 years, on and off, on Eurofighter and I got to work with some fantastic people; in theory, I was their manager. But in reality, they knew 100 times as much about the subject as I did and I learned a lot from them.



So, yeah, I would say because of that, the sheer number of people. But there were lots of jobs where I got a lot out of it professionally or personally … But yeah, I think it's the people, wherever you are.



I've seen a lot of teams. They've got terrible workplace conditions, work in an old dilapidated building. They haven't got enough spares. They haven't got enough tools or anything. Everything is against them. But if they're a good bunch of people, they'll still achieve great things and enjoy doing it.



How do you Make a Safety System Responsive?



Q.           OK. Oh, so you're talking about these very complicated systems where you permitted people to do work so really planned because they're so difficult. You've really planned how work has to happen. But the things that you're working on, stuff that theoretically most operations at the moment are small arms and things, but people can shoot holes in the things that you're working on. And if the 10,000 tanks come over, then you've got potentially a lot more holes all of a sudden.



How do you go from that very regimented system and then work out how to make it also really, really fast and responsive to something that keeps throwing up problems at a much higher rate than I'd imagine you can fill out the forms to give permission to the person to do the work as is the usual practice.



A.           So you're using the same system over and over and over again. And people will spend years using the same system, maybe on the same equipment or the same plane or whatever it is.



So people are well-practiced. Another technique is if people are overtrained and they got lots of experience, then they can often cope in adverse circumstances. So sometimes you just have to cut corners in order to get a job done. And it's having the experience and the knowledge to do that safely and still get the result you need that, that's the judgment side. That's the stuff that you can't write down. But mostly it's through practice.



So, we would follow a very regimented process. But once you've done it enough times, it became second nature.  It's like training an athlete. Once you've got the regular way of doing things down pat, it then becomes a lot easier to spot when you've got to do something a bit different and cope with it.



Q&A: How do you Determine Safety Requirements? How do you Detect Safety Issues in Software?



Q.           So I'll try and combine these because the time's getting on and I've got a lot of questions, you're talking about safety and software and safety being an emergent phenomenon, and you're not necessarily going to know that something you do in software is going to cause. An issue with the typhoon is very software-controlled aircraft, so the computer says is close to what's going to happen over the pilot in a lot of ways. You also talked about putting safety into requirements.



Some requirements may or may not like you could have a direct safety requirement, but there could be other requirements that can impact safety without it being explicit. Yeah, how do you detect that in a set of system or user requirements? And how do you detect safety issues in software systems that look like they're doing what they're supposed to do?



A.           Yeah, so do the requirements bit first.  Sometimes you get a bunch of requirements and you've just got to go through them and look for safety implications. Sometimes it's really obvious like the customer says, I want this safety system installed in my ship.  The ship has got to be built in accordance with certain rules, class rules, or whatever they might be. And you go, OK, a lot of that will be safety-related.



And sometimes you've got to do some work. You've got to decompose the requirements and look at how are you going to solve the problem and go, OK, the requirements are pushing us to have this high-energy system in my ship. OK, there are safety issues with managing that and making sure it doesn't get out of control. So sometimes it only emerges after you've done further work after you've kind of decomposed your initial requirements.



But if the people doing the requirements, you might have systems engineers on the client-side and on the provider side. If they're doing their job well, they’re processing the requirements. And these things will tend to emerge quite well. If you've got good systems engineering. So that's that one.



The software one, it all depends on how safe or how dependable you want the software to be.  Ultimately, the Eurofighter had a software-controlled flight control computer, and the aircraft in certain aspects was unstable. So the pilot could not fly it without the computer. So that's as tough as it gets in terms of software safety, the computer cannot fail. OK, and to achieve that level of safety, the state of the art at the time was going through the source code in forensic detail, nailing down the compiler so that it was only allowed to do very basic things.



And then you produce the object code and then you go through the object code in forensic detail and then test it to death. So lots and lots of processes applied and there were still errors in the software because there always will be because there are so many. But you can at least say none of these errors will result in an unsafe outcome, provided, of course, that you've got a sufficiently detailed specification to say this is safe and this is not OK.



So if you're if you've got to go to that level of detail, you can forensically go through things. And then there are if you've heard of Safety Integrity Levels (SILs) or safety integrity requirements for different cells or different says, you can have a cookbook approach where you use different techniques. Usually, the toughest SIL is the state of the art at the time that the standard was created. That's very crudely how you do it, and hopefully, you've got some competent people as well.



Host: Thank you. Thank you so much for sharing your time with us and explaining your journey through safety. Something that I think was interesting is that you raised it here. 



How do you Deal with People Using Stuff in Ways it Wasn't Designed for?



Q.           I understand people's motivation, the context of people's motivations for using the equipment. And people might use it in ways that you don't even dream of. Right, you might have designed something to do this or something. And then people stand on it to reach something else, that kind of thing, isn't it?  I think when you move from being at university and going into industry and seeing how the equipment is actually used, you can blow your mind sometimes. Yeah.



A.           Yeah. Even people who had worked in the Ministry of Defence , my boss was horrified at the idea that the Air Force would fly a plane that wasn't totally serviceable. And to me, that was completely routine.  None of them worked totally as intended. There were some features that we just disabled all the time.



Host.     So, yes, that is also something that blows your mind.  Oh, thank you very much, Simon. Thank you and thank you, kind audience. Thanks for your participation.



Q&A Session | Q&A Session | Q&A Session | Q&A Session



This was part of a lecture to the University of Adelaide SEIP Course. You can the other sessions, as follows:



- Part 1 https://www.safetyartisan.com/2021/06/30/reflections-on-a-career-in-safety-part-1/

- Part 2 https://www.safetyartisan.com/2021/07/07/reflections-on-a-career-in-safety-part-2/

- Part 3 https://www.safetyartisan.com/2021/07/14/reflections-on-a-career-in-safety-part-3/

- Part 4 https://www.safetyartisan.com/2021/07/21/reflections-on-a-career-in-safety-part-4/

- Part 5 https://www.safetyartisan.com/2021/07/28/reflections-on-a-career-in-safety-part-5/



So that was 'Reflections on a Career in Safety: Q&A'. Did you find it useful?

#howdoyoumakeasafetysystemresponsive #howtodeterminesafetyrequirements #issafetyagoodcareer #Q&A #questionsandanswers #whichprojectwasmostinfluentialinyourlife #whychoosesafetycareer

Simon Di Nucci https://www.safetyartisan.com/2021/08/04/reflections-on-a-career-in-safety-qa/

How Should We Learn in an Age of ‘AI’?

‘How Should We Learn in an Age of ‘AI’?’ is the first in a series of articles addressing this topical subject.



Introduction



I’ve created and taught courses on technical subjects for about 20 years now.  I started when I inherited a half-finished course on software supportability in 2001. The Royal Air Force relied on software in all its combat aircraft but knew precious little about software, and less about how to support it.  We needed that course.



After I left the Air Force, I joined a firm called QinetiQ. I discovered that we had a contract to teach safety to all UK Ministry of Defence staff that required it; the classroom was just down the road from our office.  I joined the instructing team.



With that experience, I created and taught bespoke safety courses for the Typhoon, Harrier and Raytheon Sentinel platforms.  I also helped create a safety course for the UK Military Aviation Authority.  Since moving to Australia, I have created and sold courses commercially, teaching home workers online for the first time.



It’s still difficult to access system safety training in Australia, and that’s why I started the Safety Artisan.  In my business, I am only teaching online.



The Problem



Recently I've been in discussions with colleagues in industry and academia about improving system safety education in Australia.  Because of the COVID-19 pandemic, learning has gone through a revolution.  We are now learning online much more than we ever did; in fact, it's the ‘New Normal’.



Now another revolution has occurred: generative Artificial Intelligence (AI).



“Generative AI is a set of algorithms, capable of generating seemingly new, realistic content—such as text, images, or audio—from the training data. The most powerful generative AI algorithms are built on top of foundation models that are trained on a vast quantity of unlabeled data in a self-supervised way to identify underlying patterns for a wide range of tasks.”© 2023 Boston Consulting Group, https://www.bcg.com/x/artificial-intelligence/generative-ai



This presents a challenge to anyone designing an online course that leads to a certification or award. How do we assess students online, when we know that they can use an AI to help them answer the questions?



In some circumstances, the AI could be generating the entire answer and the student would not be tested at all.  What we would really be testing them on is how good they were at using the AI.  (I’m not being facetious. As AI is such a wonderful research assistant, perhaps we should be training students to use it – wisely.)



Enter Chat GPT-4



OpenAI, the creators of Chat GPT-4, make some big claims for their product.



“GPT-4 is more creative and collaborative than ever before. It can generate, edit, and iterate with users on creative and technical writing tasks, such as composing songs, writing screenplays, or learning a user’s writing style.”OpenAI, https://openai.com/product/gpt-4



“GPT-4 can accept images as inputs and generate captions, classifications, and analyses.”ibid



“GPT-4 is capable of handling over 25,000 words of text, allowing for use cases like long form content creation, extended conversations, and document search and analysis.”ibid



But perhaps most significant of all is GPT-4’s claimed ‘safety’:



“We spent 6 months making GPT-4 safer and more aligned. GPT-4 is 82% less likely to respond to requests for disallowed content and 40% more likely to produce factual responses than GPT-3.5 on our internal evaluations.”ibid



In other words, GPT-4:



- Is less likely to regurgitate nasty sludge from the bottom of the web; and



- Is more likely* to not make stuff up.



*Notice that they said “more likely” – this is not certain or assured.  (More on this in a later article.)



This is because the creators were more selective about the data they used to train the model.  Presumably, this implies that previous efforts just used any old rubbish scraped off the web, but nobody is admitting to that!



The Beginning of an Answer…



One of the academics I’ve met (sorry, but I can’t give them credit, yet) has studied this problem.  They’ve come up with some interesting answers.



In their experiments with GPT-4, they found that it was very good at the things you would expect it to be. It was great at answering questions by gathering and collating facts and presenting written answers.



But it wasn’t good at everything.  It was not good at reflecting on learning, for example. GPT-4 could not reflect on the learning that the student had experienced.  Similarly, it could not extrapolate what the student had been taught and apply it to new scenarios or contexts.



Therefore, the way to assess whether students really know their stuff is to get them to do these things. Most assessment marks can still be straightforward questions, which an AI could help answer. But a few marks, maybe only 20%, should require the student to reflect on what they had learnt and to extrapolate it to a new situation, which they must come up with. This bit of the assessment would separate the also-rans from the stars.



…And a Lot More Questions



Now there are obvious, mechanistic, reasons why the AI could not perform these tasks.  It had not been exposed to a student’s learning and therefore could not process it.  Even more difficult would be to take a student’s life and work experience - also unknown to the AI - and use that to extrapolate from the taught content.



(Okay, so there are possible countermeasures to these mechanistic problems.  The next stage is that the AI is exposed to all the online learning alongside the student.  The student also uploads their resume and as much detail as they can about their work to teach the AI.  But this would be a lot of work for the student, just to get those last 20% of the marks. That would probably negate the advantage of using an AI.)



However, the fact is that GPT-4 and its brethren struggle to do certain things. Humans are great at recognising patterns and making associations, even when they are not logical (e.g. ‘whales’ and ‘Wales’).  We also have imagination and emotion. And we can process problems at multiple levels of cognition, coming up with multiple responses that we can then choose from.  We also have personal experience and individuality. We are truly creative – original. Most AI still struggles to do these things, or even pretend to.



So, if we want to truly test the human learner, we have to assess things that an AI can’t do well.  This will drive the assessment strategies of all educators who want to teach online and award qualifications.  



And, guess what?  This is where the $$$ are, so it will happen. Before COVID-19, education was a massive export earner: “Australia’s education exports totalled $40bn in 2019.” This is according to the Strategy, Policy, and Research in Education (SPRE).  



This then begs the question:



What Else Can Humans do that AI Can’t (Yet)?



Why? Because if these are the skills on which we will be assessed, then we need to focus on being good at them. They will get us the best marks, so we can compete for the best jobs and wages.  These skills might also protect us from being made redundant (from those well-paid jobs) by some pesky AI!



This is what I’m going to explore in subsequent articles.

#aiversushumanbrain #aiversushumanintelligence #artificialintelligence #artificialintelligencedefinition #chatgpt4 #chatgpt4 #chatgpt4 #differencebetweenhumanandartificialintelligence #doweneedartificialintelligence #humanoraitest #humanversusai #humanversusrobot #humanvsaitest #onlinelearning #whatartificialintelligencemeans #whereartificialintelligencecanbeused #whyhumansarebetterthanmachines #willartificialintelligenceoutsmartus #willartificialintelligencereplacehumansessay #willartificialintelligencereplacemostjobs #willhumansbereplacedbyai

Simon Di Nucci https://www.safetyartisan.com/2023/03/29/how-should-we-learn-in-an-age-of-ai/

Reflections on a Career in Safety, Part 5

In 'Reflections on a Career in Safety, Part 5', I finally get around to reflecting on personal lessons learned from my own career.



Reflecting on a Career in Safety



Very briefly, I just wanted to pick out three things.



Learning and Practice



First, at university in my first degree and in my master's degree and in studies I've done since then (because you never stop learning) you pick up a theoretical framework, which is fantastic.  You learn to understand things from an abstract point of view or a theoretical point of view.



But there's also practical experience, and the two complement each other. You can a job. You're usually doing the same thing over and over again. So you become very competent in that narrow area. But if you don't have the theoretical framework to put it in, you've got all of these jewels of experience, but you can't understand where they fit in in the big picture.



Wilhelmshaven, Picture by S. Di Nucci



And so that's what your course here does. Whatever courses you do in the future, whatever learning you do in the future, the two complement each other, and actually they work together. Whether I turn up and I understand something from a theoretical point of view, or I've actually done it and learned the hard way (usually doing it the hard way is painful), the two are complementary and they're very useful to help you in your career.



Opportunism and Principles



Second, you've heard me say a couple of times I got into software by accident. I got into safety by accident. And it's all true. An opportunity comes up and you've got to grab it either because you think, well, maybe this opportunity won't come again or you're trying to get out of a job that you don't like or avoid doing something you don't want to do, whatever it might be.



If you have an opportunity, I would say grab it, go for it, be positive and say yes to as many things as you can. And, if I dare to give you some career advice, it would be that.



Photo by Aziz Acharki on Unsplash



But also, in safety, we've got to stick to our principles. And sometimes as a safety engineer or an engineer who does safety, you're going to have to stick to something that costs you, whether it be a promotion or, whether people no longer listen to you because you said, “no, we can't do that” when it's something that they really want to do.



You have to understand the difference between things that matter and things that don't. So if you end up in safety, if you're working with the safety of people, learn the things that cannot be negotiated.  There are certain requirements in the law and regulations, but they're often not as onerous as people think. They're often a lot simpler than people think. So understand: what has to be done and what is optional?  What is merely beneficial. And then you can make a sound judgment.



Simplicity



The final point. Einstein once famously said that if you can't explain something in simple terms, then you don't really understand it. And what you and I will all be doing for years to come is dealing with complexity, big projects, politics. A technical challenge, with not enough time to do something, not enough budget to do something. So lots of challenges.



I think it's always a struggle to reduce to something simple that you can understand and think: right, this is the essential point that we need to keep hold of. Everything else is kind of fluff and distraction.



So I would say my career in safety has been a constant effort to simplify and to understand the simple things that are important. And that's what we need to stick to. And again, all of you, whether you do safety or not, you're going to be dealing with complex systems. Otherwise, we're not needed as systems engineers.



'Decomposed' F1 Racing Car, Brooklands. Photo Simon Di Nucci.



Q&A (Part 6) will follow next week!



New to System Safety? Then start here. There’s more about The Safety Artisan here. Subscribe for free regular emails here.

#Careerinsafety #ishealthandsafetyagoodcareer #ishseagoodcareer #issafetyagoodcareer #issafetymanagementagoodcareer #Lecture #Part5 #reflections #safetycareer #safetyguideforcareerandtechnicaleducation #SystemsEngineering

Simon Di Nucci https://www.safetyartisan.com/2021/07/28/reflections-on-a-career-in-safety-part-5/

Reflections on a Career in Safety, Part 4

In 'Reflections on a Career in Safety, Part 4', I want to talk about Consultancy, which is mostly what I've been doing for the last 20 years!



Consultancy



As I said near the beginning, I thought that in the software supportability team, we all wore the same uniform as our customers. We didn't cost them anything. We were free. We could turn up and do a job. You would think that would be an easy sell, wouldn't you?



Not a bit of it.  People want there to be an exchange of tokens. If we're talking about psychology, if something doesn't cost them anything, they think, well, it can't be worth anything. So we pay for something really does affect our perception of whether it's any good.



Photo by Cytonn Photography on Unsplash



So I had to go and learn a lot of sales and marketing type stuff in order to sell the benefits of bringing us in, because, of course, there was always an overhead of bringing new people into a program, particularly if they were going to start asking awkward questions, like how are we going to support this in service? How are we going to fix this? How is this going to work?



So I had to learn a whole new language and a whole new way of doing business and going out to customers and saying, we can help you, we can help you get a better result. Let's do this. So that was something new to learn. We certainly didn't talk about that at university.  Maybe you do more business focussed stuff these days. You can go and do a module, I don't know, in management or whatever; very, very useful stuff, actually. It's always good to be able to articulate the benefits of doing something because you've got to convince people to pay for it and make room for it.



Doing Too Little, or Too Much



And in safety, I’ve got two jobs.



First of all, I suppose it's the obvious one. Sometimes you go and see a client, they're not aware of what the law says they're supposed to do or they're not aware that there's a standard or a regulation that says they've got to do something – so they're not doing it. Maybe I go along and say, ah, look, you've got to do this. It's the law. This is what we need to do.



Photo by Quino Al on Unsplash



Then, there's a negotiation because the customer says, oh, you consultants, you're just making up work so you can make more money. So you've got to be able to show people that there's a benefit, even if it's only not going to jail. There's got to be a benefit. So you help the clients to do more in order to achieve success.



You Need to Do Less!



But actually, I spend just as much time advising clients to do less, because I see lots of clients doing things that appear good and sensible. Yes, they're done with all the right motivation. But you look at what they're doing and you say, well, this you're spending all this money and time, but it's not actually making a difference to the safety of the product or the process or whatever it is.



You're chucking money away really, for very little or no effect.  Sometimes people are doing work that actually obscures safety. They dive into all this detail and go, well, actually, you've created all this data that's got to be managed and that's actually distracting you from this thing over here, which is the thing that's really going to hurt people.



So, I spend my time helping people to focus on what's important and dump the comfort blanket, OK, because lots of times people are doing stuff because they've always done it that way, or it feels comforting to do something. And it's really quite threatening to them to say, well, actually, you think you're doing yourself a favor here, but it doesn't actually work. And that's quite a tough sell as well, getting people to do less.



Photo by Prateek Katyal on Unsplash



However, sometimes less is definitely more in terms of getting results.



Part 5 will follow next week!



New to System Safety? Then start here. There’s more about The Safety Artisan here. Subscribe for free regular emails here.

#Careerinsafety #ishealthandsafetyagoodcareer #ishseagoodcareer #issafetyagoodcareer #issafetymanagementagoodcareer #Lecture #Part4 #reflections #safetycareer #safetyguideforcareerandtechnicaleducation

Simon Di Nucci https://www.safetyartisan.com/2021/07/21/reflections-on-a-career-in-safety-part-4/

Reflections on a Career in Safety, Part 3

In 'Reflections on a Career in Safety, Part 3' I continue talking about different kinds of Safety, moving onto...



Projects and Products



Then moving on to the project side, where teams of people were making sure a new aeroplane, a new radio, a new whatever it might be, was going to work in service; people were going to be able to use it, easily, support it, get it replaced or repaired if they had to. So it was a much more technical job - so lots of software, lots of people, lots of process and more people.



Moving to the software team was a big shock to me. It was accidental. It wasn't a career move that I had chosen, but I enjoyed it when I got there.  For everything else in the Air Force, there was a rule. There was a process for doing this. There were rules for doing that. Everything was nailed down. When I went to the software team, I discovered there are no rules in software, there are only opinions.



The 'H' is software development is for 'Happiness'



So straight away, it became a very people-focused job because if you didn't know what you were doing, then you were a bit stuck.  I had to go through a learning curve, along with every other technician who was on the team. And the thing about software with it being intangible is that it becomes all about the process. If a physical piece of kit like the display screen isn't working, it's pretty obvious. It's black, it's blank, nothing is happening. It's not always obvious that you've done something wrong with software when you're developing it.



So we were very heavily reliant on process; again, people have got to decide what's the right process for this job? What are we going to do? Who's going to do it? Who's able to do it? And it was interesting to suddenly move into this world where there were no rules and where there were some prima donnas.



Photo by Sandy Millar on Unsplash



We had a handful of really good programmers who could do just about anything with the aeroplane, and you had to make the best use of them without letting them get out of control.  Equally, you had people on the other end of the scale who'd been posted into the software team, who really did not want to be there. They wanted to get their hands dirty, fixing aeroplanes. That's what they wanted to do. Interesting times.



From the software team, I moved on to big projects like Eurofighter, that's when I got introduced to:



Systems Engineering



And I have no problem with plugging systems engineering because as a safety engineer, I know if there is good systems engineering and good project management, I know my job is going to be so much easier. I’ve turned up on a number of projects as a consultant or whatever, and I say, OK, where's the safety plan? And they say, oh, we want you to write it. OK, yeah, I can do that. Whereas the project management plan or where's the systems engineering management plan?



If there isn't one or it's garbage – as it sometimes is – I’m sat there going, OK, my just my job just got ten times harder, because safety is an emergent property. So you can say a piece of kit is on or off. You can say it's reliable, but you can't tell whether it's safe until you understand the context. What are you asking it to do in what environment? So unless you have something to give you that wider and bigger picture and put some discipline on the complexity, it's very hard to get a good result.



Photo by Sam Moqadam on Unsplash



So systems engineering is absolutely key, and I'm always glad to work with the good systems engineer and all the artifacts that they've produced. That's very important. So clarity in your documentation is very helpful. Being , if you're lucky, at the very beginning of a program, you've got an opportunity to design safety, and all the other qualities you want, into your product. You've got an opportunity to design in that stuff from the beginning and make sure it's there, right there in the requirements.



Also, systems engineers doing the requirements, working out what needs to be done, what you need the product to do, and just as importantly, what you need it not to do, and then passing that on down the chain. That's very important. And I put in the title “managing at a distance” because, unlike in the operations world where you can say “that's broken, can you please go and fix it”.



Managing at a Distance



It's not as direct as that.  You're looking at your process, you're looking at the documentation, you're working with, again, lots and lots of people, not all of whom have the same motivation that you do.



Photo by Bonneval Sebastien on Unsplash



Industry wants to get paid. They want to do the minimum work to get paid, to maximize their profit. You want the best product you can get. The pilots want something that punches holes in the sky and looks flash and they don't really care much about much else, because they're quite inoculated to risk.



So you've got people with competing motivations and everything has got to be worked indirectly. You don't get to control things directly. You've got to try and influence and put good things in place, in almost an act of faith that, good things in place and good things will result.  A good process will produce a good product. And most of the time that's true. So (my last slide on work), I ended up doing consultancy, first internally and then externally.



Part 4 will follow next week!



New to System Safety? Then start here. There’s more about The Safety Artisan here. Subscribe for free regular emails here.

#Careerinsafety #ishealthandsafetyagoodcareer #ishseagoodcareer #issafetyagoodcareer #issafetymanagementagoodcareer #Lecture #Part3 #reflections #safetycareer #safetyguideforcareerandtechnicaleducation #SystemsEngineering

Simon Di Nucci https://www.safetyartisan.com/2021/07/14/reflections-on-a-career-in-safety-part-3/