System safety

System safety is a concept in safety engineering that calls for engineers to use a systems-based approach to developing risk management strategies.^[1] While traditional safety strategies focus on modifying systems to avoid the conditions that resulted in past system accidents, system safety analysis focuses on proactively identifying and analysing hazards before an accident can occur.^[2] Once these hazards are understood, engineers can then propose changes to the system to eliminate, control, and/or manage them throughout the life-cycle of the system.^[1]

System safety also emphasizes that a system is more than the sum of its parts. Engineers must be aware that hazards that can arise from any part of a system, but also from the interaction of two or more of these parts.^{[citation needed]}

System safety analyses can be used to demonstrate the safety of a system when performing probabilistic risk analysis would be difficult or impossible.^[3] "Hazop" is one of several techniques available for identification of hazards.

System approach

A system is a group of interacting or interrelated elements that act according to a set of rules to form a unified whole^[4][5] Systems come in many forms: they may be natural or man-made, simple or complex. Usually, safety engineers will study the functioning of complex, man-made physical systems such as spacecraft and aircraft, or of organizations such as companies and governments. However, these concepts may be applied to any kind of system.

For almost any man-made system, the most effective way to reduce the risk of accidents is to implement an organized system safety plan, covering every stage of its lifecycle. Doing so limits the risk of uninformed decision making about safety matters, which is often the first step in the chain of events leading to an accident.^[6] System safety analyses can be a useful tool for developing and updating system safety plans.^[1]

To use the system safety approach, safety engineers must first understand how their system of interest interacts with its environment. This allows them to identify the demands that will be placed on the system in both normal and stressing conditions. They can then analyse whether the system will be able to successfully process these demands without failing-- and if not, where and how the failure occurs. This knowledge can be used to design proposals for modifying the system to reduce or eliminate these points of failure, ensuring the system will operate at an acceptable level of safety in all conditions.

System safety also takes into account the effects of the system on its surrounding environment. As such, systems and safety engineers must understand the interfaces where their system of interest interacts with its environment, and where hazards can arise in these interfaces.^[4][5]

Root cause analysis

Root cause analysis is a problem-solving method that can help identify the causes of accidents. Root cause techniques have been successfully borrowed from other disciplines and adapted to meet the needs of the system safety concept, most notably the tree structure from fault tree analysis, which was originally an engineering technique. The root cause analysis techniques can be categorised into two groups: a) tree techniques, and b) check list methods. There are several root causal analysis techniques, e.g. Management Oversight and Risk Tree (MORT) analysis.^[2][7][8] Others are Event and Causal Factor Analysis (ECFA), Multilinear Events Sequencing, Sequentially Timed Events Plotting Procedure, and Savannah River Plant Root Cause Analysis System.^[9]

Use in other fields

Safety engineering

Safety engineering is a field of engineering that focuses on ensuring systems will operate at an acceptable level of safety. Traditionally, safety engineering treated human error as unavoidable; techniques instead focused on mitigating its impact on system functioning. However, the adoption of system safety concepts encouraged safety engineers to investigate if bad system design choices had increased the risk of human error-- and if so, how they might be corrected.

Modern and more complex systems in military and NASA with computer application and controls require functional hazard analyses and a set of detailed specifications at all levels that address safety attributes to be inherent in the design. The process following a system safety program plan, preliminary hazard analyses, functional hazard assessments and system safety assessments are to produce evidence based documentation that will drive safety systems that are certifiable and that will hold up in litigation.

The primary focus of any system safety plan, hazard analysis and safety assessment is to implement a comprehensive process to systematically predict or identify the operational behavior of any safety-critical failure condition or fault condition or human error that could lead to a hazard and potential mishap. This is used to influence requirements to drive control strategies and safety attributes in the form of safety design features or safety devices to prevent, eliminate and control (mitigation) safety risk.

In the distant past hazards were the focus for very simple systems, but as technology and complexity advanced in the 1970s and 1980s more modern and effective methods and techniques were invented using holistic approaches. Modern system safety is comprehensive and is risk based, requirements based, functional based and criteria based with goal structured objectives to yield engineering evidence to verify safety functionality is deterministic and acceptable risk in the intended operating environment.

Software intensive systems that command, control and monitor safety-critical functions require extensive software safety analyses to influence detail design requirements, especially in more autonomous or robotic systems with little or no operator intervention. Systems of systems, such as a modern military aircraft or fighting ship with multiple parts and systems with multiple integration, sensor fusion, networking and interoperable systems will require much partnering and coordination with multiple suppliers and vendors responsible for ensuring safety is a vital attribute planned in the overall system.

Weapon system safety

Weapon System Safety is an important application of the system safety field, due to the potentially destructive effects of a system failure or malfunction. A healthy skeptical attitude towards the system, when it is at the requirements definition and drawing-board stage, by conducting functional hazard analyses, would help in learning about the factors that create hazards and mitigations that control the hazards. A rigorous process is usually formally implemented as part of systems engineering to influence the design and improve the situation before the errors and faults weaken the system defences and cause accidents.^[1][2][3][4]

Typically, weapons systems pertaining to ships, land vehicles, guided missiles and aircraft differ in hazards and effects; some are inherent, such as explosives, and some are created due to the specific operating environments (as in, for example, aircraft sustaining flight). In the military aircraft industry safety-critical functions are identified and the overall design architecture of hardware, software and human systems integration are thoroughly analyzed and explicit safety requirements are derived and specified during proven hazard analysis process to establish safeguards to ensure essential functions are not lost or function correctly in a predictable manner. Conducting comprehensive hazard analyses and determining credible faults, failure conditions, contributing influences and causal factors, that can contribute to or cause hazards, are an essentially part of the systems engineering process. Explicit safety requirements must be derived, developed, implemented, and verified with objective safety evidence and ample safety documentation showing due diligence. Highly complex software intensive systems with many complex interactions affecting safety-critical functions requires extensive planning, special know-how, use of analytical tools, accurate models, modern methods and proven techniques. Prevention of mishaps is the objective.