system safety
DESCRIPTION
Accompanies video on my YouTube channel on system safetyTRANSCRIPT
![Page 1: System safety](https://reader033.vdocuments.us/reader033/viewer/2022061114/5461e485b1af9fba388b4b9a/html5/thumbnails/1.jpg)
System safety, 2013 Slide 1
System safety
![Page 2: System safety](https://reader033.vdocuments.us/reader033/viewer/2022061114/5461e485b1af9fba388b4b9a/html5/thumbnails/2.jpg)
System safety, 2013 Slide 2
Safety
• Safety is a property of a system that reflects the system’s ability to operate, normally or abnormally, without danger of causing human injury or death and without damage to the system’s environment.
![Page 3: System safety](https://reader033.vdocuments.us/reader033/viewer/2022061114/5461e485b1af9fba388b4b9a/html5/thumbnails/3.jpg)
System safety, 2013 Slide 3
Principal dependability properties
![Page 4: System safety](https://reader033.vdocuments.us/reader033/viewer/2022061114/5461e485b1af9fba388b4b9a/html5/thumbnails/4.jpg)
System safety 2013 Slide 4
Safety criticality
• Primary safety-critical systems– Embedded software systems whose
failure can cause the associated hardware to fail and directly threaten people.
![Page 5: System safety](https://reader033.vdocuments.us/reader033/viewer/2022061114/5461e485b1af9fba388b4b9a/html5/thumbnails/5.jpg)
System safety 2013 Slide 5
![Page 6: System safety](https://reader033.vdocuments.us/reader033/viewer/2022061114/5461e485b1af9fba388b4b9a/html5/thumbnails/6.jpg)
System safety 2013 Slide 6
• Secondary safety-critical systems– Systems whose failure results in faults in
other (socio-technical) systems, which can then have safety consequences.
– For example, a medical records system is safety-critical as failure may lead to inappropriate treatment being prescribed.
![Page 7: System safety](https://reader033.vdocuments.us/reader033/viewer/2022061114/5461e485b1af9fba388b4b9a/html5/thumbnails/7.jpg)
System safety 2013 Slide 7
![Page 8: System safety](https://reader033.vdocuments.us/reader033/viewer/2022061114/5461e485b1af9fba388b4b9a/html5/thumbnails/8.jpg)
System safety 2013 Slide 8
Safety and reliability• Safety and reliability are related
but distinct
• For a system to be safe, it must generally be reliable
• However, this is not enough. It must also be safe in the event of system failure
![Page 9: System safety](https://reader033.vdocuments.us/reader033/viewer/2022061114/5461e485b1af9fba388b4b9a/html5/thumbnails/9.jpg)
System safety 2013 Slide 9
• Reliability is concerned with conformance to a given specification and delivery of service
• Safety is concerned with ensuring system cannot cause damage irrespective of whether or not it conforms to its specification
![Page 10: System safety](https://reader033.vdocuments.us/reader033/viewer/2022061114/5461e485b1af9fba388b4b9a/html5/thumbnails/10.jpg)
System safety 2013 Slide 10
• A reliable system can be unsafe if the requirements are incorrect or incomplete
![Page 11: System safety](https://reader033.vdocuments.us/reader033/viewer/2022061114/5461e485b1af9fba388b4b9a/html5/thumbnails/11.jpg)
System safety 2013 Slide 11
Unsafe reliable systems
The software on this plane operated ‘reliably’ yet the plane crashed- covered in a separate video
![Page 12: System safety](https://reader033.vdocuments.us/reader033/viewer/2022061114/5461e485b1af9fba388b4b9a/html5/thumbnails/12.jpg)
System safety 2013 Slide 12
Unsafe reliable systems
• There may be dormant faults in a system that are undetected for many years and only rarely arise.
• Specification errors– If the system specification is incorrect
then the system can behave as specified but still cause an accident.
![Page 13: System safety](https://reader033.vdocuments.us/reader033/viewer/2022061114/5461e485b1af9fba388b4b9a/html5/thumbnails/13.jpg)
System safety 2013 Slide 13
• Hardware failures generating spurious inputs
– Hard to anticipate in the specification.
• Context-sensitive commands i.e. issuing the right command at the wrong time
– Often the result of operator error.
![Page 14: System safety](https://reader033.vdocuments.us/reader033/viewer/2022061114/5461e485b1af9fba388b4b9a/html5/thumbnails/14.jpg)
System safety 2013 Slide 14
Accident• An unplanned event or sequence of events
which results in human death or injury, damage to property, or to the environment.
• An overdose of insulin by a software-controlled insulin injection system is an example of an accident.
![Page 15: System safety](https://reader033.vdocuments.us/reader033/viewer/2022061114/5461e485b1af9fba388b4b9a/html5/thumbnails/15.jpg)
System safety 2013 Slide 15
Hazard• A condition with the potential for causing or
contributing to an accident. A failure of the sensor that measures blood glucose is an example of a hazard.
![Page 16: System safety](https://reader033.vdocuments.us/reader033/viewer/2022061114/5461e485b1af9fba388b4b9a/html5/thumbnails/16.jpg)
System safety 2013 Slide 16
Damage• A measure of the loss resulting from a mishap.
Damage can range from many people being killed as a result of an accident to minor injury or property damage.
• Damage resulting from an overdose of insulin could be serious injury or the death of the user of the insulin pump.
![Page 17: System safety](https://reader033.vdocuments.us/reader033/viewer/2022061114/5461e485b1af9fba388b4b9a/html5/thumbnails/17.jpg)
System safety 2013 Slide 17
Safety critical systems development
• Hazard avoidance– The system is designed so that some
classes of hazard simply cannot arise.
![Page 18: System safety](https://reader033.vdocuments.us/reader033/viewer/2022061114/5461e485b1af9fba388b4b9a/html5/thumbnails/18.jpg)
System safety 2013 Slide 18
• Hazard detection and removal– The system is designed so that
hazards are detected and removed before they result in an accident.
![Page 19: System safety](https://reader033.vdocuments.us/reader033/viewer/2022061114/5461e485b1af9fba388b4b9a/html5/thumbnails/19.jpg)
System safety 2013 Slide 19
• Damage limitation– The system includes protection
features that minimise the damage that may result from an accident.
![Page 20: System safety](https://reader033.vdocuments.us/reader033/viewer/2022061114/5461e485b1af9fba388b4b9a/html5/thumbnails/20.jpg)
System safety 2013 Slide 20
Summary• Safety is a property of a system that
reflects the system’s ability to operate, normally or abnormally, without danger of causing human injury or death.
• Safety and reliability are related but reliable systems may be unsafe.
![Page 21: System safety](https://reader033.vdocuments.us/reader033/viewer/2022061114/5461e485b1af9fba388b4b9a/html5/thumbnails/21.jpg)
System safety 2013 Slide 21
Summary• Hazards are conditions that may (but
need not) lead to an accident
• Safety is achieved through– Hazard avoidance
– Hazard detection and removal
– Damage limitation