{"id":215,"date":"2023-06-15T18:38:54","date_gmt":"2023-06-15T18:38:54","guid":{"rendered":"https:\/\/jsystemsafety.com\/blog\/?p=215"},"modified":"2023-06-18T21:58:36","modified_gmt":"2023-06-18T21:58:36","slug":"opinion-redefining-system-safety","status":"publish","type":"post","link":"https:\/\/jsystemsafety.com\/blog\/opinion-redefining-system-safety\/","title":{"rendered":"Opinion: Redefining System Safety"},"content":{"rendered":"\n

by Warner Talso<\/strong><\/p>\n\n\n\n

[Editor\u2019s note: this opinion piece originally appeared in Vol 38 No 1 (Q1 2002) of Journal of System Safety. The text has not been modified except for formatting changes, images, and hyperlinks]<\/em><\/p>\n\n\n\n

Most of us are aware of the evolutionary, even revolutionary, changes that have been taking place in the system safety discipline. These include both technology and areas of application. It is time to review exactly what defines system safety, or at least what we perceive system safety to be. This is a \u201cwhat\u201d statement, not a \u201chow\u201d statement, and it should be a vision of what system safety encompasses. It is important because it is the key ingredient of what binds us together. It shapes how we see ourselves and how we describe our profession to others.<\/p>\n\n\n\n

Recall our origins in the Air Force aerospace arena. The discipline was, and still is, defined by MIL-STD-882<\/a>. This document has been consistent in defining system safety as, \u201cThe application of engineering and management principles, criteria, and techniques to achieve acceptable mishap risk within the constraints of operational effectiveness and suitability, time, and cost, throughout all phases of the system life cycle.\u201d [1] This definition has served us well over the years. However, the discipline was driven by the Department of Defense\u2019s (DoD\u2019s) mandating the implementation of 882. Our Society coasted along on the coattails of this mandatory requirement, with little effort to preach the gospel of system safety or seek out new applications.<\/p>\n\n\n

\n
\"\"
The Berlin Wall, 1989<\/figcaption><\/figure>\n<\/div>\n\n\n

This all changed when the Berlin Wall came down and the DoD was no longer driven by the threat of the Union of Soviet Socialist Republics. Remember the de-emphasis on military standards? All of a sudden we had to become proactive in promoting system safety and saving our Society. We have been successful to varying degrees. As the Society reaches out to new members and new industries, the definition of system safety is the shorthand version of what identifies us. I submit that it needs to be more than the military-oriented definition of 882.<\/p>\n\n\n\n

Speaking of the Society<\/a>, what does the Constitution say about defining system safety? Section 1.3 of the Constitution doesn\u2019t define system safety per se, but says: \u201cThe term \u2018system\u2019 as used herein shall be considered to include any product, service and\/or activity developed, produced and\/or managed by a specific person, agency, or organization for a designated purpose.<\/p>\n\n\n\n

The term \u2018safety\u2019 as used herein shall be considered to include any technical, social, educational, and\/or managerial action initiated for the purpose of eliminating or reducing the hazards (i.e., risk of property loss and personal injury) associated with a procedure or system.\u201d Well, there certainly are a lot of words there. It is a little verbose and not as focused as it could be. Note that the environment is not mentioned. In today\u2019s world, should it be?<\/p>\n\n\n\n

When Perry D\u2019Antonio was our Society President, he wrote the following definition of system safety for the Society\u2019s strategic plan: \u201cThe system safety concept is the application of special technical and managerial skills to the systematic identification and elimination or control of hazards throughout the life-cycle of a system.\u201d<\/p>\n\n\n\n

This definition of a system includes not only the product or the process, but also the influences (stresses) that the surrounding environment (including human interactions) may have on the product\u2019s or process\u2019s safety performance. A \u201csystem,\u201d therefore, defines the boundaries to which the systematic process of hazard identification and control is applied.<\/p>\n\n\n\n

When Dick Stephans and I have presented tutorials on the System Safety Analysis Handbook, [2] we have defined system safety as \u201cthe application of system engineering and management principles, criteria, and techniques to take positive steps to optimize all aspects of safety within the constraints of operational effectiveness, time, and cost.\u201d We have emphasized the system analysis\/engineering\/management process and the need to be proactive.<\/p>\n\n\n\n

One of our chapter members is performing software system safety work on a very large project. The client is so impressed with our chapter member\u2019s grasp of the systems approach that the member has been asked to do other systems management and engineering tasks. This anecdotal evidence supports my contention that the system approach is very important to the system safety discipline, and is an engineering and management skill in its own right. In my observation, we do not put enough emphasis on the systems approach of looking at the impact of hazards (i.e., potential sources of danger) to the entire system.<\/p>\n\n\n\n

When Clemens and Simmons wrote the National Institute for Occupational Safety and Health (NIOSH) Instruction Manual for System Safety and Risk Management<\/a>, [3] they did not specifically define system safety, but they did identify the two primary characteristics as \u201c(1) it is a doctrine of management<\/em> practice that mandates that hazards be found and risks be controlled; and (2) it is a collection of analytical approaches<\/em> with which to practice the doctrine\u201d (emphasis in the original). This definition introduces management decision-making. This is very important. As Steve Mattern has pointed out in several articles, the system safety practitioner must show value added to the project. The practitioner must be seen by management as a worthwhile member of the team. Recognition of the value of system safety is accomplished by making a positive contribution to managers and the decision-making DOE process. Should this be part of the definition?<\/p>\n\n\n\n

The OSHA regulation on process safety management (PSM<\/a>) provides \u201can integrated approach to chemical safety, putting the focus on a comprehensive management program.\u201d[4] I don\u2019t think there is any argument that this PSM regulation is an application of system safety. Again, we have an emphasis on management. By the way, why doesn\u2019t the Society have greater representation in OSHA because of PSM, and in the EPA because of Risk Management Planning (40 CFR Part 68)? Just asking.<\/p>\n\n\n\n

\n

The tragic events of September 11 should be ample reason alone to reevaluate our discipline. Was not the safety (and security) of the World Trade Center a systems issue? How could we have been involved in preventing this event (security) or mitigating the damage (safety)?<\/p>\n<\/div>

\"\"<\/figure><\/div>\n\n\n\n

Sandia National Laboratories does research on critical infrastructures encompassing communications, transportation, banking and finance, and several other complex systems. The term high-consequence surety has been coined to identify the safety, security and reliability controls associated with preventing catastrophic events. One such critical infrastructure is municipal water supplies. These are complex systems involving pumping, treatment and distribution processes using highly computerized control systems, and are considered attractive targets for terrorists. The system safety approach allows one to see the broad hazards and evaluate the acceptability of the controls associated with preventing undesired consequences to these processes. One observation of this work is that safety and security are closely related.<\/p>\n\n\n\n

The Department of Energy (DOE) has created the Integrated Safety Management System <\/a>(ISMS) [5] process to apply a systems approach to safety. This is part of the \u201cWork Smart\u201d process<\/a>. [6] ISMS defines a five-function process for incorporating safety into the workplace that is almost identical to the system safety process.<\/p>\n\n\n

\n
\"\"
Figure 1 \u2014 Comparison of DOE ISMS and System Safety Processes.<\/figcaption><\/figure>\n<\/div>\n\n\n

As an aside, DOE never calls this a systems approach, nor does it use the term system safety. DOE is now testing the concept that the ISMS approach can be used for security. The above examples raise an interesting question. Should security be included in the definition of system safety? Is there a System Security Society (SSeS) or a System Surety Society (SSuS) on the horizon? Do we want to lead the way in this area?<\/p>\n\n\n\n

In summary, I believe it is time to review the definition of system safety to make it reflect the world of today, and to help us better understand our profession and enlighten our associates and friends. A few ideas:<\/p>\n\n\n\n