safety-intro.pdf

7/28/2019 safety-intro.pdf

1/25

Introduction to safety engineering

Michal Sojka

VUT v Praze,Fakulta Elektrotechnick,

Katedra dic techniky

December 13, 2012
http://goforward/http://find/http://goback/


2/25

Outline I

1 What is safety?

2 System safety

3 Functional safety

4 Standards

5 Achieving safety
http://find/


3/25

What is safety?
http://find/


4/25

What is safety?

One definition

Freedom from those conditions that can cause death, injury,occupational illness, damage to or loss of equipment or property, ordamage to the environment.
http://find/


5/25

What is safety?

One definition

Freedom from those conditions that can cause death, injury,occupational illness, damage to or loss of equipment or property, ordamage to the environment.

Safety vs. security

Source: TU Wien
http://find/


6/25

How to start with safety?

Hard to say

Safety is not a set of facts

It is a wide range of knowledge that needs to be related

This relation happens at multiple (all) levels

Everybody starts with naive concepts of safety
http://find/


7/25

System safety

The application of engineering and management principles, criteria,and techniques to achieve acceptable mishap risk, within theconstraints of operational effectiveness and suitability, time, and

cost, throughout all phases of the system life cycle. [DODMIL-STD 882D Clause 3.2.13]
http://find/


8/25

System safety

The application of engineering and management principles, criteria,and techniques to achieve acceptable mishap risk, within theconstraints of operational effectiveness and suitability, time, andcost, throughout all phases of the system life cycle. [DODMIL-STD 882D Clause 3.2.13]

Why management? Because experience has shown that many failuresare not due to systems being built the wrong way but actually thewrong systems having been built. With other words management isthere to make sure that engineering actually is doing the right thing(in all aspects).
http://find/http://goback/


9/25

System safety


Safety is not checklist

It is necessary to interpret the principles


10/25

System safety


What is acceptable risk?

100% guarantee is never achieved!


11/25

System safety


Perfect technical solution is not always possible.


12/25

System safety


When we are done with system safety?

When it went through all life-cycles stages:

Initial requirementsDesignImplementationServiceDecommissioningDisposal


13/25

System safety

http://find/


14/25

What is a system?

DOD MIL-STD 882D Clause 3.2.12:

An integrated composite of people, products, and processes thatprovide a capability to satisfy a stated need or objective.

ECSS-P-001A Rev A 1997 Clause 3.144:System: Set of interdependent elements constituted to achieve agiven objective by performing a specified function (IEC 50:1992).NOTE: The system is considered to be separated from the

environment and other external systems by an imaginary surfacewhich cuts the links between them and the considered system.Through these links, the system is affected by the environment, isacted upon by external systems, or acts itself on the environment orthe external systems.


15/25

What is a system?

IEC 61508-1 3.3.1:

Set of elements which interact according to a design, where anelement of a system can be another system, called a subsystem,which may be a controlling system or a controlled system and may

include hardware, software and human interaction

MOD 00-58 Clause 4.1.23:

A bounded physical entity that achieves in its environment adefined objective through interactions of its part.

NASA SP 6105 Rev1 2007:

A construct or collection of different elements that togetherproduce results not obtainable by the elements alone


16/25

What is a system?

RTCA DO 178C Annex B:

A collection of hardware and software components organized toaccomplish a specific function or set of functions.

SAE ARP 4754a RevA 2010:

A combination of inter-related items arranged to perform a specific

function(s)


17/25

Is terminology important?

Safety is about communication at all levels.

engeneers, managers, computer networks

Goal: Establish common understanding of concepts.

Implementation = transformation of concepts to actionsIf concepts differ but actions are coupled => problems

Terminology is not about finding the true meaning

It teaches us to be sensitive to imprecision when

communicating abstract conceptsSystems safety is about mitigation of problems arising fromapplication of non-matching concepts
http://find/


18/25

Types of safety

System safety

Already covered

Functional safety

Part of the overall safety relating to the EUC and the EUC controlsystem that depends on the correct functioning of the E/E/PEsafety-related systems and other risk reduction measures. [IEC

61508-7/Ed.2, clause 3.1.12]EUC equipment under control
http://find/


19/25

What are safety standards?

DIN 820 Part 1

Standardization is the collaborative unification of material andimmaterial objects by interested parties for the good of the generalpublic.

Standards are created because there is a need for them.

By industry, governments or international bodies.

The need arises because something went wrong without thestandard (incompatibility etc.).

Standards are here to help you.

They contain useful knowledge that is hard (or painful) togain. The knowledge was gained from failures in the past.

Safety standards should not be followed without thinking.


20/25

Liability

MOD Def Stan 00-74 Part 1 Preface (or any other Def Stan)

Compliance with this Defence Standard shall not in itselfrelieve any person from any legal obligations imposed upon

them.This standard has been devised solely for the use of theMinistry of Defence (MOD) and its contractors in theexecution of contracts for the MOD. To the extent permittedby law, the MOD hereby excludes all liability whatsoever andhowsoever arising (including, but without limitation, liabilityresulting from negligence) for any loss or damage howevercaused when the standard is used for any other purpose.
http://find/


21/25

Hierarchy of safety standards

Source: FH Campus Wien
http://find/


22/25

Hierarchy of safety standards

MIL-STD-882D high-level standard (good overview of safety)https://acc.dau.mil/adl/en-US/255833/file/40632/MIL-STD-882D.pdf

IEC 61508 generic standard

This International Standard sets out a generic approach for all safety lifecycle

activities for systems comprised of electrical and/or electronic and/orprogrammable electronic (E/E/PE) elements that are used to perform safetyfunctions. This unified approach has been adopted in order that a rational andconsistent technical policy be developed for all electrically-based safety-relatedsystems. A major objective is to facilitate the development of applicationsector standards.

. . .

enables application sector international standards, dealing with E/E/PEsafety-related systems, to be developed; the development of applicationsector international standards, within the framework of this standard,should lead to a high level of consistency (for example, of underlying

principles, terminology etc.) both within application sectors and acrossapplication sectors; this will have both safety and economic benefits;

More terminology
https://acc.dau.mil/adl/en-US/255833/file/40632/MIL-STD-882D.pdfhttps://acc.dau.mil/adl/en-US/255833/file/40632/MIL-STD-882D.pdfhttp://find/


23/25

More terminologySafety Integrity Level

Reliability the system operates as expected

Reliability of the safety functions

The safety functions perform as expectedSafety Integrity Level measure for reliability of safety function

Safety integrity High demand or continuous mode of operationlevel (Probability of a dangerous failure per hour)

4 109 to < 108

3 108 to < 107

2 107 to < 106

1 106 to < 105

[IEC 61508-1 Ed1]

b l


24/25

Traceability

Evidence that the low level requirements were translated to

Source CodeEvidence that no code was added that does not stem from arequirement

Traceability means that yo can answer the question Why isthis code here in this form for every line I point at.

R f
http://find/


25/25

References

Nicholas McGuire, Safety Manuals

Dr. Andreas Gerstinger, Safety Engineering Course Slides, TUWien

Gregor Pokorny, Safety Related Systems Slides, FH CampusWien
http://find/

safety-intro.pdf

Documents