The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Current approaches to plant design often lead to the requirement for the engineering of complex safety systems to meet demanding safety and risk criteria. Modern safety systems are highly sophisticated but can result in significant demands on designers, operators and maintainers to understand the intricacies of a system which can be subject to extensive changes during its lifecycle. Lifecycles for...
Dynamic temporal risk allocation (DTRA) has been used in other research domains, notably in the predation theory on prey animals as part of ecology research and risk management in economic markets, as part of financial research. In both cases risk has been judged in the temporal domain. When a new sub-system is added to any complex system - ecology, finance or transport, it brings with it some residual...
Current safety-critical development standards, such as DO-178B, have an impressive track record in guiding the production of reliable software. Unfortunately, the certification activities involved are costly because of their labour-intensiveness and high levels of know-how. Additionally, current practices make it difficult to evolve and enhance certified projects. The Open-DO initiative tries to increase...
In this paper, we investigate what software safety exactly means, referring to the general concept of safety, and give it a definition. Then we try to deduce a general methodology to attain software safety. With these, we try to construct a framework which can treat both system safety and software safety uniformly.
An Electrical Inspector from the Health and Safety Executive (HSE) investigates many serious incidents and inspects a wide range of industrial and commercial premises. This experience gives rise to an insight into the types of incident that lead to serious injuries and death. Using this information it is possible to identify recurring types of incidents and assess them in a structured way. This will...
This paper presents a generic system definition for a new semi-quantitative approach for railway risk assessments, called Best Practice-Risk (BP-Risk). The basis for the generic system definition is the draft European Standard prEN 15380 part 4, which describes function groups for rail vehicles. Based on an analysis of the functional interfaces, additional trackside (signalling) functions were defined...
For any software system upon which lives depend, the most important question one can ask about it is, ‘How do we know the system is safe?’ Despite the critical importance of this question, no widely accepted, generally applicable answer exists. Instead, debate continues to rage over the question, with theorists and practitioners quarrelling with each other and amongst themselves. This paper suggests...
Research shows that there has been a lack of innovation in the overall approach to risk management for decades. An alternative, pragmatic approach to implementing the risk management process is discussed. This approach is not intended to replace risk tools and techniques, also called risk assessments, but has been designed to provide an approach which enables the integration of information gathered...
Risk Assessment and Management has become a standard tool within the project management cycle. Among the key tasks within the Risk Assessment and Management framework, Risk Identification (RID) normally involves comparatively significant effort in collaboration with personnel from multiple disciplines or functions in the form of a RID Workshop. Many practitioners and participants apply a “one size...
Control systems are increasingly subject to reconfiguration either because of a failure of a component or a change in the process under control. With the introduction of intelligent field devices, system reconfiguration can now be managed more efficiently through commercially available asset management software applications. This paper seeks to address the question over the use of intelligent reconfigurable...
Human Engineering Limited is currently supporting the decommissioning of an asset in the North Sea. The aim of the work has been to ensure that the risks of human error when working in an unfamiliar environment, often on novel, one-off tasks, are controlled to As Low As Reasonably Practicable (ALARP). As part of this work, safety critical tasks have been identified and assessed from a human factors...
This article aims at describing an air navigation service provider approach to network safety in relation to its particular use in air traffic management. The approach is based on the fact that “network hazards” have limited direct impact on the Air Traffic Management (ATM) System as a whole. It is expected that a network hazard would not solely lead to an accident, or would not be the only contributor...
The paper explains why a new approach, both broader and more rigorous than that traditionally followed in ATM, is needed for the safety assessment of the major operational and technology changes such as those planned for introduction into European ATM over the period up to 2020 and beyond, under the SESAR Programme. It presents the theoretical basis for what is an argument-driven “systems-engineering...
Explicit risk assessment is the assessment of hazards and their related accidents. This paper discusses the assessment of the severity of accidents, which is the parameter harm.
IEC 61508 is the basic safety publication with respect to the functional safety of programmable electronic systems. The new IEC 61508 draft CDV (CDV - Committee Draft for Vote), published in October 2008, contains a number of novel or revised concepts. In this paper, these novel and revised concepts will be discussed and scrutinized in particular with respect to aspects of the existence of sufficient...
In the United Kingdom, and in similar jurisdictions, it is a legal requirement that safety risk associated with a system be demonstrably As Low as is Reasonably Practicable (ALARP). Whilst a complete ALARP justification can be prepared in parallel with design activities, the operation of a system brings change and new information which can invalidate this justification. This paper presents a framework...
Formal proofs provide detailed justification for the validity of claims and are widely used in formal software development methods. However, they are often complex and difficult to understand, because the formalism in which they are constructed and encoded is usually machine-oriented, and they may also be based on assumptions that are not justified. This causes concerns about the trustworthiness of...
Safety cases have been used as basis for safety assurance in a number of fields such as offshore installation, railway operations, nuclear plants, and air traffic control. Despite the increased adoption of safety cases in the above-mentioned areas, there is only limited usage of safety arguments for the certification of an aircraft design. This paper will explore reasons as to why clear, comprehensive...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.