In this module, System Safety Risk Analysis, we’re going to look at how we deal with the complexity of the real world. We do a formal risk analysis because real-world scenarios are complex. The Analysis helps us to understand what we need to do to keep people safe. Usually, we have some moral and legal obligation to do it as well. We need to do it well to protect people and prevent harm to people.
To start with, here’s a little definition of system safety. System safety is the application of engineering and management principles, criteria, and techniques to achieve acceptable risk within a wider context.
This wider context is operational effectiveness – we want our system to do something. That’s why we’re buying it or making it. The system has to be suitable for its use. We’ve got some time and cost constraints, and we’ve got a life cycle. We can imagine we are developing something from concept, from cradle to grave.
And what are we developing? We’re developing a system. An organization of hardware (or software) material, facilities, people, data, and services. All these pieces will perform a designated function within the system. The system will work within a stated or defined operating environment. It will work to produce specified results.
We’ve got three things here: a system; the operating environment in which it is designed to work; and, we have its function or application. Why did we buy it, or make it in the first place? What’s it supposed to do? What benefits is it supposed to bring humankind? What does it mean in the context of the big picture?
That’s what a system is. I’m not going to elaborate on systems theory or anything like that. That’s a whole big subject on its own. But we’re talking about something complex. We’re not talking about a toaster. It’s not consumer goods. It’s something complicated that operates in the real world. And as I say, we need to understand those three things – system, environment, purpose – to work out Safety.
This is Module 2 of SSRAP
This is Module 2 from the System Safety Risk Assessment Program (SSRAP) Course. Risk Analysis Programs – Design a System Safety Program for any system in any application.
The full course comprises 15 lessons and 1.5 hours of video content, plus resources. It’s on pre-sale at HALF PRICE until September 1st, 2024. Check out all the free preview videos hereand order using the coupon “Pre-order-Half-Price-SSRAP”. But don’t leave it too long because there are only 100 half-price courses available!
Meet the Author
Learn safety engineering with me, an industry professional with 25 years of experience. I have:
•Worked on aircraft, ships, submarines, ATMS, trains, and software;
•Tiny programs to some of the biggest (Eurofighter, Future Submarine);
•In the UK and Australia, on US and European programs;
•Taught safety to hundreds of people in the classroom, and thousands online;
•Presented on safety topics at several international conferences.
What are the Hazard and Risk basics? So, what is this risk analysis stuff all about? What is ‘risk’? How do you define or describe it? How do you measure it? When? Why? Who…?
In this free session, I explain the basic terms and show how they link together, and how we can break them down to perform risk analysis. I understand hazards and risks because I’ve been analyzing them for a long time. Moreover, I’ve done this for aircraft, ships, submarines, sensors, command-and-control systems, and lots of software!
Everyone does it slightly differently, but my 25+ years of diverse experience lets me focus on the basics. That allows me to explain it in simple terms. I’ve unpacked the jargon and focused on what’s important.
Let’s get started with Module One. We’re going to recap some Risk basics to make sure that we have a common understanding of risk. And that’s important because risk analysis is something that we do every day. Every time you cross the road, or you buy something expensive, or you decide whether you’re going to travel to something, or look it up online, instead.
You’re making risk analysis decisions all the time without even realizing it. But we need something a little bit more formal than the instinctive thinking of our risk that we do all the time. And to help us do that, we need a couple of definitions to get us started.
What is Risk?
First of all, what is Risk? It’s a combination of two things. First, the severity of a mishap or accident. Second, the probability that the mishap will occur. So it’s a combination of severity and probability. We will see that illustrated in the next slide.
We’ll begin by talking about ‘mishap’. Well, what is a mishap? A mishap is an event – or a series of events -resulting in unintentional harm. This harm could be death, injury, occupational illness, damage to or loss of equipment or property, or damage to the environment.
The particular standard we’re looking at today covers a range of different harms. That’s why we’re focused on safety. And the term ‘mishap’ will also include negative environmental impacts from planned events. So, even if the cause is a deliberate event, we will include that as a mishap.
Probability and Severity
I said that the definition of risk was a combination of probability and severity. Here we got a little illustration of that…
This is Module 1 of SSRAP
This is Module 1 from the System Safety Risk Assessment Program (SSRAP) Course. Risk Analysis Programs – Design a System Safety Program for any system in any application.
The full course comprises 15 lessons and 1.5 hours of video content, plus resources. It’s on pre-sale at HALF PRICE until September 1st, 2024. Check out all the free preview videos hereand order using the coupon “Pre-order-Half-Price-SSRAP”. But don’t leave it too long because there are only 100 half-price courses available!
Meet the Author
Learn safety engineering with me, an industry professional with 25 years of experience, I have:
•Worked on aircraft, ships, submarines, ATMS, trains, and software;
•Tiny programs to some of the biggest (Eurofighter, Future Submarine);
•In the UK and Australia, on US and European programs;
•Taught safety to hundreds of people in the classroom, and thousands online;
•Presented on safety topics at several international conferences.
This post, ‘SSRAP: Start the Course’, gives an overview of System Safety Risk Assessment Programs. It describes the Learning Objectives of the Course and its five modules. We’re going to learn how to:
Describe fundamental risk concepts.
Explain what a Systems Safety Approach to Risk is.
Define within that System Safety Approach, what a Risk Analysis Program is.
List Hazard Analysis Tasks that make up a program.
Welcome to this course on System Safety Risk Analysis Programs. It’s a five-part course for beginners and practitioners. It will also benefit a wider range of people.
Learning Objectives
In this course, we will learn how to do several things. First of all, we’re going to learn how to describe fundamental risk concepts. We’re going to explain what a Systems Safety Approach to Risk is and what it does. We will define within that System Safety Approach, what a Risk Analysis Program is. We’re going to be able to list Hazard Analysis Tasks that make up a program. We’ll be able to select tasks to meet our needs.
At the end of this task, we should be able to design a tailored Risk Analysis Program for any application. And also, we’re going to learn how to get some more information resources on how to do that.
Topics for this Course
So how is that going to work? Well. In five modules. In Module One, we’re going to go over some risk basics. The reason for this is to make sure we’ve got a common understanding.
In Module Two, we’re going to look at Systems Safety Risk Analysis. What it is, what it does, and the benefits it delivers.
In Module Three, we will look at a particular System Safety Program Standard. We will understand what it was designed to do and learn what it’s good and not so good at.
In Module Four, we’re going to take all the previous knowledge from Modules One to Three and put it together. We will use that information to design a Risk Analysis Program. This information can also help design any number of programs depending on what we want to do.
And then finally, in Module Five, we’ll look at where to get more resources to take us deeper to the next level…
This is SSRAP: Start of the Course
This is Module 1 from the System Safety Risk Assessment Program (SSRAP) Course. Risk Analysis Programs – Design a System Safety Program for any system in any application.
The full course comprises 15 lessons and 1.5 hours of video content, plus resources. It’s on pre-sale at HALF PRICE until September 1st, 2024. Check out all the free preview videos hereand order using the coupon “Pre-order-Half-Price-SSRAP”. But don’t leave it too long because there are only 100 half-price courses available!
Meet the Author
Learn safety engineering with me, an industry professional with 25 years of experience, I have:
•Worked on aircraft, ships, submarines, ATMS, trains, and software;
•Tiny programs to some of the biggest (Eurofighter, Future Submarine);
•In the UK and Australia, on US and European programs;
•Taught safety to hundreds of people in the classroom, and thousands online;
•Presented on safety topics at several international conferences.
In this post, we will look at Three Insightful Methods for Causal Analysis. Only three?! If you search online, you will probably find eight methods coming up:
Pareto Charts;
Failure Mode and Effect Analysis (FMEA);
Five Whys;
Ishikawa Fishbone Diagram;
Fault Tree Analysis;
8D Report Template Checklist;
DMAIC Template; and
Scatter Diagrams.
However, not all these methods are created equal! Only some provide real insight to the challenge of causal analysis. So, I’ve picked the best ones – based on my 25 years’ experience in system safety – and put them in this post.
What are Causes and Why are They Important?
Before we go any further, I just want to explain some basic terms. When we’re doing safety analysis we have hazards and as the sort of bow tie diagram suggests, one hazard can have many causes and one hazard can have many consequences.
The Accident Sequence Illustrated.
Now, some of those consequences will be harmless but some may result in harm to people. And that progression from causes to hazards to consequences is known as an accident sequence. We tend to Okay? So we’re looking at the worst-case scenario where somebody gets hurt.
(It’s not really the focus of this post, but the test for a hazard is it’s necessary for the accident. If there’s no hazard, there’s no accident. Once the hazard is present, nothing else weird or unusual needs to happen. For the accident to occur. So, the hazard is both necessary and sufficient.)
I’ve mentioned consequences, but today we’re talking about causes. So, we will analyze the left-hand side of the bow tie.
Three Insightful Causal Analysis Methods
Pareto Analysis
So, let’s start with a Pareto Analysis. I suspect most of us have seen this before. If we look at the causes of a given outcome. What we often find is that a few causes are dominant.
An Example of a Pareto Chart.
In this chart, we’ve got types of medication errors. In this case ‘dose missed,’ ‘wrong time,’ ‘wrong drug,’ and then ‘overdose’ account for 70% of the causation. Everything else is only 30%.
(Now, here they drew a line at 80% as the cutoff because sometimes Pareto is known as the eighty-twenty rule. And that’s suggesting that maybe 80% of the outcome is caused by 20 percent of the inputs or causes. In other words, most of the output variable is driven by only 20% of the input variables. That’s just a rule of thumb, and it doesn’t have to be 80/20, it might be 70/30, or 60/40, it doesn’t matter.)
The point is that there are some dominant causes. If we can identify the dominant causes, and we work hard on just those top 2, 3, 4, or 5 causes, then we can get a disproportionate reduction in risk by concentrating on those few things. Whereas we could spend an awful lot of effort attacking all the other causes and make very little difference.
It’s a simple technique, but by being led by the data, we can become far more effective at risk management.
So an Ishikawa diagram or a fishbone diagram, as it’s often called for obvious reasons. Is a causal diagram (Image By FabianLange at de.wikipedia), and it’s often used.
Example of an Ishikawa, or Fishbone, Diagram Structured for Causal Analysis.
In accident investigations, the Ishikawa diagram becomes a vital tool. I recall learning its application through the tragic case of the Piper Alpha oil rig disaster. Despite the grim nature of such events, they demand thorough causal analysis. Whether we opt for predefined groupings like equipment, process, people, materials, environment, and management, or let the data guide us, the essence remains unchanged: we investigate accidents to identify potential outcomes or problems and determine their contributing factors.
What makes this method invaluable is its ability to transcend technical issues alone. By encouraging us to consider the broader socio-technical environment, it prompts a holistic view of complex systems. The diagram visually represents primary causes directly linked to the main ‘fishbone’ of analysis, while secondary causes may contribute to or stem from these primary factors. The potential for tertiary causes exists in theory, but it may complicate matters without appropriate tools.
Utilizing this technique for brainstorming is highly effective. Displaying it on a whiteboard and collectively contemplating it as a group fosters focused discussions. Subsequently, formal documentation in various formats ensures thorough record-keeping. This method proves particularly powerful for unraveling complexities within systems, a topic worthy of a dedicated webinar.
Fault Tree Analysis
Fault Tree Analysis is another widely used technique. We’ll have a webinar devoted to FTA later.
The Eight Disciplines Method
The Eight Disciplines method is one of those I often get mixed up with something else. It was introduced by the Ford Motor Co. (I’ve never used it) but it looks like a sensible method. There are actually nine steps:
Prepare and Plan
Form your Team
Identify the Problem
Develop an Interim Containment Plan
Verify Root Causes & Escape Points
Choose Permanent Corrective Actions
Implement Corrective Actions
Take Preventative Measures
Celebrate with Your Team!
Effective problem-solving requires careful planning, especially when it’s a team effort. Let’s break it down into three key steps:
Immediate Action: Start by addressing the urgency. What can we do right now to contain the problem while we develop a more comprehensive solution? It’s crucial to manage the issue in the short term as we work on a more refined approach.
Identify Root Causes: Investigate when and how the situation spiraled out of control. Pinpoint the opportunities for errors within the process. Understanding the root causes and timing issues is essential before moving forward.
Implement Permanent Solutions: Now that we’ve dissected the problem, it’s time to implement long-term corrective actions. This involves establishing better control measures and preventive strategies to avoid similar issues in the future.
Finally, it’s important to celebrate with your team once the solution is in place. Whether it’s going out for a meal or another form of recognition, acknowledging the effort is crucial.
This structured approach acknowledges the multi-stage nature of problem-solving. It emphasizes the need for short-term fixes, data-driven decision-making for long-term solutions, and proactive measures to prevent recurrences. Even if you take away nothing else, remembering these key points can guide you through the process. For more detailed information, check out the provided link, and stay tuned for a downloadable PDF with additional resources.
Bonus – Cause Analysis Reports
And a little bonus here, something I picked up while looking through this stuff if you go to smartsheet.com, you’ll find a whole bunch of nice templates on course analysis reports. Okay? So I haven’t been through them all but there looks like quite a lot of good stuff in there if you’re interested.
We’ve created root cause analysis templates you can use to complete your own investigations. Whether you need root cause analysis Excel templates, a root cause analysis template for Word, or a PDF template, we have one that’s right for your organization.”
Interested in accessing more content from the Safety Artisan? Head over to my Thinkific platform, where you’ll find my courses and all the webinars available at the academy. Plus, you can test it out with a 7-day free membership trial. For those looking for an extended trial, use the code ‘one-month-free‘ to enjoy a full month on us. I am continually updating our content, adding new material every month to keep things fresh.
Additionally, sign up for free email updates to stay informed about upcoming webinars and other exciting events.
Meet the Author
Learn safety engineering with me, an industry professional with 25 years of experience, I have:
•Worked on aircraft, ships, submarines, ATMS, trains, and software;
•Tiny programs to some of the biggest (Eurofighter, Future Submarine);
•In the UK and Australia, on US and European programs;
•Taught safety to hundreds of people in the classroom, and thousands online;
•Presented on safety topics at several international conferences.
Second, we’re talking about Risk Assessment. This is a term for putting together different activities within another process. This process may be basic, or it might be quite sophisticated, as illustrated, below.
The Risk Assessment Process
Third, and finally, we will put all this together into a System Safety Program. This is hinted at in the diagram, above, but a real system safety program needs to do a lot more than this. It needs to tie into the project it supports, to systems engineering, to resources, quality, V&V, etc. Designing such a program is complex, so we typically follow a standard, like Mil-Std-882E.
You can hear more about this in the introductory video, below.
Introduction Video
This post is part of a series:
This Post is the Intro to the System Safety Risk Assessment Programs Course.
Welcome to this course on Systems Safety Risk Analysis Programs. I’m Simon Di Nucci, The Safety Artisan, and I’ve been a safety engineer and consultant for over 20 years. I’ve worked on a wide range of safety programs doing risk analysis on all kinds of things. Ships, planes, trains, air traffic management systems, software systems, you name it.
I’ve worked in the U.K., in Australia, and on many systems from the U.S. I’ve also spent hundreds of hours training hundreds of people on safety. And now I’ve got the opportunity to share some of that knowledge with you online.
So, what are the benefits of this course?
First of all, you will learn about basic concepts. About system safety, what it is and what it does. You will know how to apply a risk analysis program to a very complex system and how to manage that complexity. So, that’s what you’ll know.
At the end of the course, you will also be able to do things that you might not have been able to do before. You will be able to take the elements of a risk analysis program and the different tasks. You can select the right tasks and form a program to suit your application, whatever it might be. Whether you might:
Have a full, high-risk bespoke development system,
Be taking a commercial system off the shelf and doing something new with it, or
Take a product and use it in a new application or a new location.
Whatever it might be, you will learn how to tailor your risk analysis program. This program will give you the analyses you need. And to meet your legal and regulatory requirements. Once you’ve learned how to do this, you can apply it to almost any system.
Finally, you will feel confident doing this. I will be interpreting the terminology used in the tasks and applying my experience. So, instead of reading the standard and being unsure of your interpretation, you can be sure of what you need to do. Also, I will show you how you can get good results and avoid some of the pitfalls.
These are the three benefits of the Course
You will know what to do.
You will be able to perform risk program tasks, and
You’ll feel confident doing those tasks.
At the end of the course, I will also show you where to find further resources. There are free resources to choose from. But there are also paid resources for those who want to take your studies to the next level. I hope you enjoy the course.
This is Module 1 of SSRAP
This is Module 1 from the System Safety Risk Assessment Program (SSRAP) Course. Risk Analysis Programs – Design a System Safety Program for any system in any application.
The full course comprises 15 lessons and 1.5 hours of video content, plus resources. It’s on pre-sale at HALF PRICE until September 1st, 2024. Check out all the free preview videos hereand order using the coupon “Pre-order-Half-Price-SSRAP”. But don’t leave it too long because there are only 100 half-price courses available!
Meet the Author
Learn safety engineering with me, an industry professional with 25 years of experience, I have:
•Worked on aircraft, ships, submarines, ATMS, trains, and software;
•Tiny programs to some of the biggest (Eurofighter, Future Submarine);
•In the UK and Australia, on US and European programs;
•Taught safety to hundreds of people in the classroom, and thousands online;
•Presented on safety topics at several international conferences.
The 2024 Blog Digest – Q1/Q2 brings you all of The Safety Artisan’s blog posts from the first six months of this year. I hope that you find this a useful resource!
In this video lesson, I look at Sub-System Hazard Analysis with Mil-Std-882E (SSHA, which is Task 204). I teach the mechanics of the task, but not just that. I’m using my long experience with this Standard to teach a pragmatic approach to getting the work done. Task 204 is one of three tasks that integrate… Read more: Sub-System Hazard Analysis with Mil-Std-882E
In this 45-minute session, I look at System Hazard Analysis with Mil-Std-882E. SHA is Task 205 in the Standard. I explore Task 205’s aim, description, scope, and contracting requirements. I also provide commentary, based on working with this Standard since 1996, which explains SHA. How to use it to complement Sub-System Hazard Analysis (SSHA, Task… Read more: System Hazard Analysis with Mil-Std-882E
Navigating the Safety Case is Part 4 of a four-part series on safety cases. In it, we look at timing issues and typical content through the safety case lifecycle. A Comprehensive Guide to Ensuring Project Safety When embarking on any significant project, ensuring safety isn’t just a step in the process—it’s the foundation of success.… Read more: Navigating the Safety Case
Introduction In The Lifelong Evolution of a Safety Case, we look at how to Review and revise a Safety Case and Re-Issue a Safety Case Report. When it comes to ensuring safety throughout any Product, System, or Service lifecycle, reviewing and revising the Safety Case isn’t just a recommendation—it’s essential. The age or status of… Read more: The Lifelong Evolution of a Safety Case
The 2024 Blog Digest – Q3/Q4 brings you all of The Safety Artisan’s blog posts from the first six months of this year. I hope that you find this a useful resource! The 2024 Blog Digest – Q3/Q4: 18 Posts! Meet the Author Learn safety engineering with me, an industry professional with 25 years of… Read more: The 2024 Blog Digest – Q3/Q4
In Crafting a Safety Case and Safety Case Report – Part 2, we move on to review and sign off on the artifacts. Introduction In any high-stakes environment—whether it’s defense, engineering, or aviation—Safety Case Reports play an essential role in validating the safety of a system. A meticulous review and sign-off process ensures that these… Read more: Crafting a Safety Case and Safety Case Report – Part 2
Crafting a Safety Case and Safety Case Report: A Comprehensive Guide for Project Safety Assurance – PART 1 [Picture by Eric Bruton from Pexels.com] Introduction Building a robust Safety Case and Safety Case Report is essential to ensuring the safety and regulatory compliance of complex systems within the Ministry of Defence (MOD) and similarly regulated… Read more: Crafting a Safety Case and Safety Case Report
In-Service Safety Management System: Ensuring Long-Term Safety for Military Equipment Safety is paramount when it comes to military operations, especially for in-service equipment relied upon by personnel daily. This article delves into the intricacies of maintaining an In-Service Safety Management System, offering insight into how safety practices are implemented, monitored, and evolved over time. Introduction:… Read more: In-Service Safety Management System
Comprehensive Project Safety Management Plans. Safety is a critical element in any large-scale project, especially in the context of defence and complex systems. One essential tool for managing safety is a Safety Management Plan (SMP). In this article, we’ll break down the process and structure of an effective SMP, highlighting its objectives, content, and how… Read more: Comprehensive Project Safety Management Plans: A Guide
Guide to Running a Project Safety Committee. Okay, so committees are not the sexiest subject, but we need to get stakeholders together to make things happen! Project Safety Committee: Introduction In safety-critical industries such as defense, aerospace, and engineering, maintaining a robust safety management system (SMS) is paramount. A Project Safety Committee (PSC) plays a… Read more: Guide to Running a Project Safety Committee
In ‘Project Safety Initiation’ we look at what you need to do to get your safety project or program started. Introduction Definitions A stakeholder is anyone who will be affected by the introduction of the system and who needs to be consulted or informed about the development and fielding of the system, and anyone who contributes to… Read more: Project Safety Initiation
Members Get a Free Intro Course, 50% Off & Updates. I will send you the links and discount codes via email. So, tick the email box and check your junk mail to receive the offers. You will get an email series showcasing the free/paid resources. Also, regular updates on new articles: never miss another post!… Read more: Members Get a Free Intro Course, 50% Off & Updates
Welcome to Module Five, More Resources for Risk Assessment. We’re on the home straight now! This is the last of the five modules. I will let you know where to get more resources and help on these topics. Course Learning Objectives More Resources for Risk Assessment: Transcript Copyright/Source Statement “First, I want to point out… Read more: More Resources for Risk Assessment
Designing Your Risk Assessment Program. Which Ingredients should we use? In this post, I draw upon my 25+ years in system safety to give you some BOLD advice! I’m going to dare to suggest which analysis tasks are essential to every System Safety Program. I also suggest which tasks are optional depending on the system… Read more: Designing Your Risk Assessment Program
When Understanding Your Risk Assessment Standard, we need to know a few things. The standard is the thing that we’re going to use to achieve things – the tool. And that’s important because tools designed to do certain things usually perform well. But they don’t always perform well on other things. So we will ask,… Read more: Understanding Your Risk Assessment Standard
Welcome to Risk Management 101, where we’re going to go through these basic concepts of risk management. We’re going to break it down into the constituent parts and then we’re going to build it up again and show you how it’s done. I’ve been involved in risk management, in project risk management, safety risk management,… Read more: Risk Management 101
In this module, System Safety Risk Analysis, we’re going to look at how we deal with the complexity of the real world. We do a formal risk analysis because real-world scenarios are complex. The Analysis helps us to understand what we need to do to keep people safe. Usually, we have some moral and legal obligation to do it as well. We need to do it well to protect people and prevent harm to people.
TL;DR Updating Legal Presumptions for Computer Reliability must happen if we are to have justice! Background The ‘Horizon’ Scandal in the UK was a major miscarriage of justice: Between 1999 and 2015, over 900 sub postmasters were convicted of theft, fraud and false accounting based on faulty Horizon data, with about 700 of these prosecutions… Read more: Updating Legal Presumptions for Computer Reliability
What are the Hazard and Risk basics? So, what is this risk analysis stuff all about? What is ‘risk’? How do you define or describe it? How do you measure it? When? Why? Who…? In this free session, I explain the basic terms and show how they link together, and how we can break them… Read more: Hazard and Risk Basics
This post, ‘SSRAP: Start the Course’, gives an overview of System Safety Risk Assessment Programs. It describes the Learning Objectives of the Course and its five modules. We’re going to learn how to: This post is part of a series: SSRAP: Start of the Course – Transcript Welcome to this course on System Safety Risk… Read more: SSRAP: Start the Course
In this post, we will look at Three Insightful Methods for Causal Analysis. Only three?! If you search online, you will probably find eight methods coming up: However, not all these methods are created equal! Only some provide real insight to the challenge of causal analysis. So, I’ve picked the best ones – based on… Read more: Three Insightful Methods for Causal Analysis
In this ‘Introduction to System Safety Risk Assessment’, we will pull together several key ideas. First, we’ll talk about System Safety. This is safety engineering done in a Systems Engineering Framework. We are doing safety within a rigorous process. Second, we’re talking about Risk Assessment. This is a term for putting together different activities within… Read more: Introduction to System Safety Risk Assessment
The 2024 Blog Digest – Q1/Q2 brings you all of The Safety Artisan’s blog posts from the first six months of this year. I hope that you find this a useful resource! The 2024 Blog Digest – Q1/Q2: 25 Posts! There’s More! Head over to my Thinkfic Site for courses & webinars. Subscribe for a… Read more: The 2024 Blog Digest – Q1/Q2
This is the full-length (one hour) session on Environmental Hazard Analysis (EHA), which is Task 210 in Mil-Std-882E. I explore the aim, task description, and contracting requirements of this Task, but this is only half the video. In the commentary, I then look at environmental requirements in the USA, UK, and Australia, before examining how… Read more: Environmental Hazard Analysis
In this full-length (38-minute) session, The Safety Artisan looks at System of Systems Hazard Analysis, or SoSHA, which is Task 209 in Mil-Std-882E. SoSHA analyses collections of systems, which are often put together to create a new capability, which is enabled by human brokering between the different systems. We explore the aim, description, and contracting… Read more: System of Systems Hazard Analysis
There’s More!
Head over to my Thinkfic Site for courses & webinars. Subscribe for a free course starter pack and regular email support. Leave a comment, below!
Meet the Author
Learn safety engineering with me, an industry professional with 25 years of experience, I have:
•Worked on aircraft, ships, submarines, ATMS, trains, and software;
•Tiny programs to some of the biggest (Eurofighter, Future Submarine);
•In the UK and Australia, on US and European programs;
•Taught safety to hundreds of people in the classroom, and thousands online;
•Presented on safety topics at several international conferences.
Hi, everyone, and welcome to The Safety Artisan. I’m Simon, and I just wanted to share with you briefly why I started this enterprise. I’ve had a career in safety, engineering, and safety consulting for over 25 years now. And in that time, I’ve seen customers make one of two mistakes quite often. First of all, I’ve seen customers not do some things that they should have been doing. This was usually because they were just ignorant of what their legal obligations were.
And I guess that’s a fairly obvious mistake. That’s what you would expect me to say. But more often, I’ve seen customers do too much to try and achieve safety, which is surprising! I’ve seen people waste a lot of time, energy, and money doing things that just didn’t make a difference. Sometimes it actually got in the way of doing good safety work.
And I think the reasons for those mistakes are, first of all, ignorance.
Secondly, not knowing precisely what safety is and therefore not being able to work out how to get there. That’s why I started The Safety Artisan. I wanted to equip people with the knowledge of what safety really is and the tools to get there efficiently. To neither do too much nor too little. We want Safety, Just Right.
This is the full-length (one hour) session on Environmental Hazard Analysis (EHA), which is Task 210 in Mil-Std-882E. I explore the aim, task description, and contracting requirements of this Task, but this is only half the video. In the commentary, I then look at environmental requirements in the USA, UK, and Australia, before examining how to apply EHA in detail under the Australian/international regime. This uses my practical experience of applying EHA.
You Will Learn to:
Conduct EHA according to the standard;
Record EHA results correctly;
Contract for EHA successfully;
Be aware of the regulatory scene in the US, UK, and Australia;
Appreciate the complexities of conducting EHA in Australia; and
Recognize when your EHA program requires specialist support.
This is the seven-minute demo of the full-length (one hour) session on Environmental Hazard Analysis.
Hi, everyone, and welcome to the Safety Artisan. Today, we’re going to be talking about Environmental Hazard Analysis – A big topic! And I’m covering this as part of the series on the System Safety Engineering Standard – Mil. Standard 882E. But it doesn’t really matter what standard we are using the topic is still relevant.
Environmental Hazard Analysis is a big topic because we’ll cover everything, not just hazards. At the end of this session, you should be able to enjoy three benefits. First of all, you should know how to approach Environmental hazard analysis from:
The point of view of the requirements,
The Hazard Analysis itself (the process), and
Some national and international variations in the English-speaking world.
So, you should know how to do the basics and also to recognize when maybe you need to bring in a specialist.
But maybe most important of all, number three is you should have the confidence to be able to get started. So I’m hoping that this session is really going to help you get started, know what you can do, and then maybe recognize when you need to bring in some specialist help or go and seek some further information.
As you’ll see, it’s a big, complex subject. I can get you started today, but that’s all I can do in one session. And in fact, I think that’s all anyone can do in one session. Anyway, let’s get on with it and see what we’ve got.
Environmental Hazard Analysis, which is Task 210 under Mil. Standard 882E. So let’s look at what we’re going to talk about today.
Topics for this Session
And you’ll see why it’s going to be quite a lengthy session. I think it will last an hour because we’re going to go through the Purpose and Task Description of Environmental Hazard Analysis as set out in the Mil. Standard. And it says seven-plus slides because there are seven mainstream slides plus some illustrations in there as well. Then we’ve got a couple of slides each on Documentation, Hazardous Materials or HAZMAT, and Contracting. Then eight slides of Commentary and this is the major value add because I’ll be talking about applying Environmental Hazard Analysis in a US, UK, and Australian jurisdiction under the different laws, which I have some experience of.
I worked closely with environmental specialists on the Eurofighter Typhoon project, and I’ve also worked closely with the same specialists on US programs which had been bought by different countries. And then finally, I’ve been closely involved in a major environmental – or safety and environmental – project here in Australia. So I’ve been exposed and learned the hard way about how things work or don’t work here in Australia. So I’ve got some relevant experience to share with you, as well as some learned material to share with you. And then a little Conclusion, because I say this will take us an hour so there’s quite a lot of material to cover. So, let’s get right on with it.
EHA
So the purpose of Environmental Hazards Analysis, or EHA, as it says, is to support design development decisions. Now all of the 882 tasks are meant to do this, but actually, the wording in Task 210 is the clearest of all of them. Really makes it explicit what we’re trying to do, which is excellent.
So we’re going to identify hazards throughout the life cycle – cradle to grave, whatever system it is. We’re going to document and record those hazards and their leading particulars within the Hazard Tracking System or Hazard Log, as we more often call it. We’re going to manage the hazards using the same system safety process in Section Four as we use for safety. This is the process that you will have heard in the other lessons that I’ve given. And very often under 882, Safety and Environmental Hazards are considered together. There are pros and cons with that approach, but nevertheless, a lot of the work is common. We’ll see why later on.
In this American standard, it says we are to provide specific data to support the National Environmental Policy Act and executive order requirements. So the NEPA is an American piece of legislation and therefore I use this color blue to indicate anything that’s an American-specific requirement. So if you’re not operating in America, you’ll need to find the equivalent to manage to and to comply with. Moving on…
Hazard Identification has been defined as: “The process of identifying and listing the hazards and accidents associated with a system.”
Hazard Analysis has been defined as: “The process of describing in detail the hazards and accidents associated with a system and defining accident sequences.”
Preliminary Hazard Identification and Analysis (PHIA) is intended to help you determine the scope of the safety activities and requirements. It identifies the main hazards likely to arise from the capability and functionality being provided. It is carried out as early as possible in the project life cycle, providing an important early input to setting Safety requirements and refining the Project Safety Plan.
PHIA seeks to answer, at an early stage of the project, the question: “What Hazards and Accidents might affect this system and how could they happen?”
Aim
The aim of the PHIA is to identify, as early as possible, the main Hazards and Accidents that may arise during the life of the system. It provides input to:
Scoping the subsequent Safety activities required in any Safety Plan. A successful PHIA will help to gauge the proportionate effort that is likely to be required to produce an effective Safety Case, proportionate to risks.
Selecting or eliminating options for subsequent assessment.
Setting the initial Safety requirements and criteria.
So, what I’m talking about today is safety and risk audit, that is about process, Q&A, and some personal experience. Also something called layered process audits, which I ran into while researching this webinar. I thought that sounded interesting – and it is! Those are today’s topics for the webinar.
Audit Process
I’m talking about the safety audit process based on the UK Acquisition Safety and Environmental Management System or ASEMs. This was developed by experts for the UK MOD, and I remember it being introduced when I used to work there.
It’s a very good system, it’s very thorough and complete. (It is effectively copyright-free, so I can share it with you, and you can access, use it, and modify it perfectly legally.)
First, we should recognize the Project Oriented Safety Management System (POSMS). It is project-oriented. So the idea is we’ve got a program, or a project, where we’re buying something – a piece of equipment or a service. We’re contracting for something. It’s a project with a beginning, a middle, and an end.
In POSMS, they refer to auditing as a ‘system audit’…
Personal Experience of Audit
Now, I’ve mentioned some personal experiences so far. But I’ve got a few specifics that I want to bring to your attention. I’m doing so on the basis of 25 years in the business of being a safety engineer (see ‘Meet the Author‘, below).
So I will talk very briefly, about safety audit, what is it really? I mean, we talked about process, the mechanics of it, but what are we trying to achieve?
When and why do we use audits? What practices should we be following? And what should we not be doing? That last one is important because it’s easy to do it wrong. Who can be an auditor?
Also, there’s a brief word about the three different terms that get commonly confused. There are Independent Safety Auditors, Independent Safety Assessors, and Independent Safety Advisors. They are all ‘ISA’s and that sometimes gets confusing. What are the differences?…
aap01a-f-02 Audit Details Team Composition and Competence Record
aap01a-g-01 Audit Competency Interim Guidance
aap01b-f-01 Audit Plan
aap01b-f-02 Audit Proforma
aap01c-f-01 Record of Audit Meeting
aap01d-f-01 Audit Report Template
aap02-f-01 Monitoring Schedule
aap02-f-02 Monitoring Data – Assessment Record
aap03-f-01 Management Review Form
aap04-f-01 Non-Conformance and Corrective Action Form
)
There are five videos with an hour of content, (51 videos with 8.5 hours of webinar content in total). See it all at The Safety Engineering Academy here. More content is added every month.
Meet the Author
Learn safety engineering with me, an industry professional with 25 years of experience, I have:
•Worked on aircraft, ships, submarines, ATMS, trains, and software;
•Tiny programs to some of the biggest (Eurofighter, Future Submarine);
•In the UK and Australia, on US and European programs;
•Taught safety to hundreds of people in the classroom, and thousands online;
•Presented on safety topics at several international conferences.
So, how do we identify and analyze functional hazards? I’ve seen a lot of projects and programs. We’re great at doing the physical hazards, but not so good at the functional hazards.
Introduction: Identify and Analyze Functional Hazards
So, when I talk about physical and functional hazards, the physical stuff, I think we’re probably all very familiar with them. They’re all to do with energy and toxicity.
Physical Hazards
So with energy, it might be fire, it might be electric shock. Potential energy, the potential energy of someone at height, or something falling. The impact of the kinetic energy. And then of course, in terms of toxicity, we’ve got hazardous chemicals, which we have to deal with. And then we’ve got biological hazards, plus smoke and toxic gasses, often from fires. Or chemical reactions.
So those are your physical hazards. As I said, we tend to be good at dealing with those. We’re used to dealing with that stuff. And most projects I’ve been on have been pretty good at identifying and analyzing that stuff. Not so for functional hazards.
Functional Hazards
I’ve been on lots of projects still today where functional hazards are just ignored completely or they’re only dealt with partially. So let’s explain what I mean about functional hazards. What we’re talking about is where a system is required to do something to perform some function. For example, cars move. They start, they move and they stop, hopefully.
Loss of Function
But what happens when those functions go wrong? What happens when we don’t get the function when we need it? The brakes fail on your car, for example. And so that’s a fairly obvious one. When functional hazards are looked at, it’s usually the functional failures that get attention.
But if that is the obvious failure mode, the less obvious failure modes tend to be more dangerous and there are the two.
Other Functional Failure Modes
So what happens if things work when they shouldn’t? What if you’re driving along on a road or the motorway, perhaps at high speed, and your brakes slam on for no apparent reason? Perhaps there is somebody behind you. Do you have a collision or do you lose control on the road and crash?
What if the function works, but it works incorrectly? For example, you turn the temperature down but instead, it goes up. Or you steer to the left, but instead, your vehicle goes to the right.
What if a display shows the wrong information? If you’re in a plane, maybe you’ve got an altimeter that tells you how high you are. It would be dangerous if the altimeter told you that you were level or climbing, but you were descending towards the ground. Yeah, we’ve had lots of that kind of accident.
So there’s an overview of what I mean by physical and functional hazards.
The Webinar: Identify and Analyze Functional Hazards
