While safety can be occupational, functional or safety, for the purposes of this talk Dr. Sutherland concentrated on Systems Safety which is a specialty within systems engineering. The process of System Safety applies engineering and management principles, criteria and techniques with the goal of optimizing safety by identifying safety-related risks and eliminating or controlling them by design or procedures.
Merriam-Webster defines a system as a regularly interacting or interdependent group of items forming a unified whole. Every system is delineated by its spatial and temporal boundaries, surrounded and influenced by its environment, described by its structure and purpose and expressed in its functioning. In practice, this can be a railway system, an implanted medical device, an aircraft, a car or a power station.
Not all systems can be fully understood as while complicated systems are well defined, but can have many, many components. They can be reduced with enough effort, computing power, money, time, etc. By comparison complex systems, on the other hand, express ‘emergent’ behavior. They might not always provide the same response, given the same stimuli. This means safety engineers need to understand how interactions give rise to patterns of behavior, so patterns and common features can be recognized so the problem can have a range of possible outcomes.
All of the techniques depend on a complex system being broken up, carefully and a systematic approach to determine the possible causes and effects of a given failure. The developed scenarios need to be analyzed against functional system and safety requirements. What this could also mean is that while a self-driving car is a system, multiple self-driving cars could potentially become their own system and could develop new behavior as they interact with each other.
Dr. Sutherland then educated the attendees on the different methods for carrying out systems analysis including top-down approaches such as HAZOPS, Failure Analysis such as FTA / FMEA and FMECA or Markov Analysis, or even requirements analysis looking at incorrect specifications. The results from all these analyses can be used to create and define user, system and functional requirements to help inform the safety case.
A safety case is a structured argument supported by evidence intended to justify that a system is acceptably safe for a specific application in a specific operating environment.
The talk then continued with an example of using satisfying regulators that a vehicle manufacturer may carry out by satisfying themselves that a new safety solution (such as autonomous braking) works and convincing the regulators by submitting the safety case.
Risks will always exist, usually because there is a benefit in doing so (such as the risk of crossing the road), however, a person crossing the road can keep the risk as low as reasonably possible by using crosswalks for example. It is also important to understand that if something is tolerable, it is not always acceptable, as the acceptability of risks can and does change.
The talk finished with a discussion on the use of machine learning to analyze large datasets, such as 30,000 vehicle accidents to find trends such as near misses, so the accidents that they nearly caused can be avoided through changes.