Presentation is loading. Please wait.

Presentation is loading. Please wait.

Accident Investigation Techniques and Methodologies Chuck DeJohn, D.O., M.P.H Federal Aviation Administration Civil Aerospace Medical Institute.

Similar presentations


Presentation on theme: "Accident Investigation Techniques and Methodologies Chuck DeJohn, D.O., M.P.H Federal Aviation Administration Civil Aerospace Medical Institute."— Presentation transcript:

1 Accident Investigation Techniques and Methodologies Chuck DeJohn, D.O., M.P.H Federal Aviation Administration Civil Aerospace Medical Institute

2

3 Frei R, Kingston J, Koornneef F, & Schallier P. Investigation Tools in Context. JRC European Commission Institute for Energy Seminar. Investigation of Accidents. May Petten Netherlands.

4 Methods vs. Methodology lMethodology: A system of principles, practices and body of procedures (methods) applied to a specific branch of knowledge. An overall approach to a field such as accident investigation. lExamples: Adversarial, Commission, Events Reconstruction, Modeling, Simulation lMethod: A technique or tool. A r egular, disciplined, systematic set of procedures used according to an underlying, detailed, logically ordered plan. lExamples: Multi-linear Events Sequencing (MES), Fault Tree Analysis (FTA), Management Oversight and Risk Tree (MORT) Benner, L. Methodology biases which undermine accident investigation. Proceedings of ISASI 18 th Annual Seminar. Washington, DC

5 Methods vs. Methodology Problems lDefined differently: lBy different authors lBy the same author in different articles lBy the same author in the same article! lMethods and Methodologies are often used interchangeably lExamples include Fault Tree Analysis (FTA) and Management Oversight and Risk Analysis Tree (MORT) Benner, L. Rating accident models and investigation methodologies. J Safe Res Vol 12, No.3;

6 Methodology Classification Schemes lUnstructured lAdversarial lEvents Reconstruction lModeling lSimulation lSurvey lArchival lHistorical lExperimental lCase Study vs. lCommon Sense lAdversarial lEngineering lStatistical lSymbolic Modeling vs. Benner, L. Accident investigations – a case for new perceptions and methodologies. Archives of personal papers. Benner L. Methodological biases which undermine accident investigations Proceedings of the 18 th Annual ISASI Seminar. Washington, D.C.

7 Unstructured Methodology lCommon Sense or Hunt-and-Peck lWho, what, when, where, how and why? lSequential ordering of events lExplanation of the accident is acceptable if it makes sense lTruth is determined by the investigator Benner, L. Methodology biases which undermine accident investigation. Proceedings of ISASI 18 th Annual Seminar. Washington, DC. 1981

8 Adversarial Methodology lRules of evidence and judicial procedures lOpposing interests will bring out the truth lFacts are gathered by the parties and informally tested by discussion against hypothesis for logic and consistency lReasoned conclusions logically drawn from technical evidence lExamples lU.S. Party System used by the NTSB lCommission inquires Benner, L. Methodology biases which undermine accident investigation. Proceedings of ISASI 18 th Annual Seminar. Washington, DC Benner, L. Accident investigations – a case for new perceptions and methodologies. Archives of personal papers ex libris.

9 Events Reconstruction Methodology lReconstruction of sequence of events (SOE): lPhysical evidence lWitness interviews lSpeculation by investigator lMethodology is not rigorous lEvents are undefined and highly variable lLogic trees often culminate in event(s) selected by investigator without showing time relationships lProbable cause (PC) often selected from one or more of the events Benner, L. Accident investigations – a case for new perceptions and methodologies. Archives of personal papers ex libris.

10 Symbolic Modeling Methodologies lPictorial representations of the SOE lFault Trees lFailure selected and all possible factors that can contribute to the event are diagramed in the form of a tree lNot always considered an overall methodology lExamples: Logic Tree Analysis, Fault Tree Analysis (FTA), Management Oversight and Risk Tree (MORT), Multilinear Events Sequencing (MES) Ferry TS. Modern accident investigation and analysis. Pp John Wiley & Sons. New York. Harvey MD. Models for accident investigation Alberta Occupational Health and Safey Division. Occupational Health and Safey Division. Benner, L. Accident investigations – a case for new perceptions and methodologies. Archives of personal papers ex libris. EM Jun 99. Appendix F. Use of Logic Trees in Probabilistic Seismic Hazard Analysis.

11 Simulation Methodologies lReenactments that allow investigators to vary assumed events and asses effects of changes lFormulate hypotheses lDevelop data where there are gaps lExamples: lComputerized modeling lScale modeling lUse of actual aircraft/systems Benner, L. Accident investigations – a case for new perceptions and methodologies. Archives of personal papers ex libris

12 Methodology Rankings lCompare simultaneous investigations of the same accident using different methodologies lVery resource intensive l1985 Benner Study: l17 U.S. Federal Government Agencies l10 evaluation criteria Benner L. Investigating investigation methodologies. Starline Software Ltd. Oakton, VA on 5/20/04. Benner, L. Rating accident models and investigation methodologies. J Safe Res Vol 12, No.3;

13 Methodology Rankings Agencies Studied Consumer Product Safety Commission Department of Agriculture Department of the Air Force Department of the Army Department of Energy Department of Labor Mine Safety and Health Administration Department of Labor Occupational Safety and Health Administration US Coast Guard Federal Highway Administration National Highway Traffic Safety Administration General Services Administration Library of Congress National Aeronautics and Space Administration National Institute of Occupational Safety and Health National Transportation Safety Board Navy Department Nuclear Regulatory Commission Benner, L. Rating accident models and investigation methodologies. J Safe Res Vol 12, No.3;

14 Methodology Rankings Rating Criteria Encouragement: Encourages harmonious participation. Independence: Produces unimpeachable results. Initiatives: Supports personal initiative. Discovery: Supports timely discovery of facts. Competence: Provides/improves employee competence. Standards: Provides for review of safety and health standards. Enforcement: Supports the enforcement program. States: Encourages states to take responsibility. Accuracy: Outputs can be tested for completeness, validity, logic and relevance. Closed Loop: Compatible with pre-investigation outputs. Benner, L. Rating accident models and investigation methodologies. J Safe Res Vol 12, No.3;

15 Methodology Rankings Top Three lEvent reconstruction lModeling lMORT lFault Tree lAdversarial Benner, L. Rating accident models and investigation methodologies. J Safe Res Vol 12, No.3;

16 Accident Investigation Methods lMethods are Tools used by the investigator, not an overall system or branch of knowledge lMost methods are sequencing tools – Reduce accidents to a collection of events using cause and effect relationships lFault Tree Analysis (FTA) lManagement Oversight and Risk Tree Analysis (MORT) lMultilinear Events Sequencing (MES) lSequentially Timed Events Plotting (STEP) lEvents and Causal Factors Analysis (ECFA) lRoot Cause Analysis (RCA) Benner, L. Methodology biases which undermine accident investigation. Proceedings of ISASI 18 th Annual Seminar. Washington, DC

17 Accident Investigation Methods To select the best method you should know: lThe name of the method you use now lWhich methods are available lWhich methods are better than others lThe outputs of the method you chose

18 FTA lCreated at Bell Laboratories, refined by Boeing to analyze Minuteman missile problems and later adopted by DOD. lSelected failure and all possible factors that can contribute are diagrammed into a tree. lThe accident is the top event. lTop-down approach to determine how top events can be caused by individual or combined lower level failures. lEvents – Failures that lead to accidents. lGates – Ways failures combine to cause accidents. lUseful for large accident investigations. Ferry TS. Modern accident investigation and analysis. Pp John Wiley & Sons. New York. Schiodtz K. Fault tree analysis in the application of accident analysis

19 FTA lAdvantage lConveniently represents main causes/factors of an accident lDisadvantages lNo temporal relationships between events lNo ordering of events lActors not shown Ferry TS. Modern accident investigation and analysis. Pp John Wiley & Sons. New York.

20 FTA of Aircraft Runway Overrun Accident Erickson, C.A. Accident Investigation Using EEFTA. Proceedings of the 18 th International System Safety Conference. Seattle, Washington

21 MORT lDeveloped in the 1960s in response to the lack of accident investigation techniques that existed to support rigorous analysis lPre-designed, systematized logic tree in a generic graphical checklist format of approximately 1500 items lBest suited to large complex accident lRequires extensive training Ferry TS. Modern accident investigation and analysis. Pp John Wiley & Sons. New York. American Society of Safety Engineers. Northern Illinois University. TECH 438. MORT, Mini-MORT & PET

22 Mort Event Symbols American Society of Safety Engineers. Northern Illinois University. TECH 438. MORT, Mini-MORT & PET

23 Mort Logic Gates American Society of Safety Engineers. Northern Illinois University. TECH 438. MORT, Mini-MORT & PET

24 MORT lAdvantages lSystematically examines all possible causal factors lIdeal when there is a shortage of expertise to ask the right questions lEvaluates multiple causes lWorks well for complex accidents involving multiple systems lAddresses root causes and contributory causes lLooks beyond immediate causes including management/program factors lDisadvantages lTime consuming and tedious to use lRequires extensive training lInappropriate for relatively simple accidents lCan focus more on management than the accident event lMay lead to recommendations that are too broad (i.e. more training, more supervision) lNo temporal relationships between events Department of Energy. Accident Investigation Program. Section 7 – Analyzing Data. Oct Department of Energy Accident Investigation Program. Root cause analysis. January 19, 2001.

25 Abbreviated MORT Diagram LTA implies Less Than Adequate performance PG Bishop, et al. Learning from incidents involving E/E/PE systems. Part HSE Books. Norwich.

26 MES lTime line chart of the accident process: Time line is displayed at the bottom of the chart and conditions and events are shown in logical order. Event = Actor + Action lEvent: Something of significance caused by an action. lActor: One who causes an event to occur. Does not have to be a person. lAction: Acts performed by the actor. Ferry TS. Modern accident investigation and analysis. Pp John Wiley & Sons. New York. Harvey MD. Models for Accident Investigation. Workers Health, Safety and Compensation, Occupational Health and Safety Diovision. Alberta, Canada. April, Keong TH. Accident analysis techniques. Multilinear Events Sequencing.

27 MES lAccident sequence begins at t o lStable situation is disturbed lBeginning of the act which had to be detected, adapted, corrected, or otherwise changed for the course of events to have had a different outcome lAccident sequence ends at t n lLast consecutive harmful event connected directly with the accident Ferry TS. Modern accident investigation and analysis. Pp John Wiley & Sons. New York.

28 MES Adapted from: Benner L. Accident investigations: Multilinear events sequencing methods. J Safe Res. June Vol. 7. No. 2. t o = 11:01 t n = 11:02

29 MES lAdvantages lIncludes temporal relationship of events lLimits focus to the accident rather than focusing on management lHas been called the best model available by some investigators lDisadvantage lFocuses almost exclusively on the accident and ignores management Harvey MD. Models for Accident Investigation. Workers Health, Safety and Compensation, Occupational Health and Safety Division. Alberta, Canada. April, 1985.

30 STEP lDeveloped by Hendrick and Benner in 1987 lRefinement of the MES technique lEach actors actions are traced from the start of an accident to the finish lActor + Action: Who (person or object) must do what to produce the next event lEvents are positioned along a timeline lCausal links are represented by arrows connecting events lIncludes quality control with sufficient logic testing to assure consistency and validity Livingston AS, Jackson G, & Priestly K. Root causes analysis: Literature review. Health and Safety Executive. Birchwood, Warrington NASA. QS/Safety and Risk Management Division. Procedures and guidelines for mishap reporting, investigating, and recordkeeping. NPG: June 2, 2000.

31 STEP Livingston AS, Jackson G, & Priestly K. Root causes analysis: Literature review. Health and Safety Executive. Birchwood, Warrington.

32 ECFA lIdentifies causal factors for each significant event in an accident sequence lDesigned as a stand-alone technique but most effective when used with other methods (i.e. MORT, RCA) lNo timeline but temporal relationships are accounted for Buys JR, Clark JL, Kingston-Howlett J, and Nelson HK. Events and causal factors analysis. Scientech, Inc. Idaho Falls, ID. August 1995.

33 ECFA lEvaluate events to determine significant events: lThe accident would not have occurred if the significant event had not occurred lThe event deviated from what was planned or intended lThe event had unwanted consequences lDetermine the causal factors that allowed each significant event to occur: lWho, why, what and how? Department of Energy Accident Investigation Program. Events and causal factors analysis. January 19, 2001.

34 ECFA Example of Accident Chronology Department of Energy Accident Investigation Program. 1/19/01. Inspection of rudder PCU deleted from annual inspection Rudder PCU failure mode not identified Rudder PCU hydraulics contaminated Rudder hard-over in-flight 19:02:47 Crash 19:03: September September 8 September 9

35 ECFA Conditions for 1 st Event Event 4 Event 3 Event 2 Rudder hard-over in-flight Crash Crew fails to respond to unusual attitude Crew fails to analyze unusual attitude Crew fails to recognize rudder problem Department of Energy Accident Investigation Program. 1/19/01.

36 ECFA Conditions for 2 nd Event Event 4 Event 3 Rudder PCU hydraulics contaminated Event 1 Crash New maintenance personnel do not detect Hydraulic fluid becomes contaminated Change in maintenance services contract Department of Energy Accident Investigation Program. 1/19/01.

37 ECFA Causal Factors for 1 st Event Event 4 Event 3 Event 2 Rudder hard-over in-flight Crash Conditions Need for UA training unrecognized Potential need for recognizing rudder problems unrecognized Department of Energy Accident Investigation Program. 1/19/01.

38 ECFA Causal Factors for 2 nd Event Event 4 Event 3 Rudder PCU contaminated Event 1 Crash Conditions Need to screen service contract provider unrecognized Potential for hydraulic fluid contamination unrecognized Department of Energy Accident Investigation Program. 1/19/01.

39 ECFA lAdvantages lTemporal relationships of significant events preserved lIdeal for multi-faceted problems with long or complex causal chain lCausal factors for each significant event determined lRecommendations easily arrived at from causal factors lHelps to identify where deviations from acceptable procedures occurred lDisadvantages lRequires a broad perspective of the event to identify unrelated problems lTime consuming lRequires training/and or familiarity with the process US Department of Energy, Office of Nuclear Energy, Office of Safety Policy and Standards. Root cause analysis guidance document. DOE-NE-STD Washington, D.C. February 1992.

40 RCA lRoot Causes are causal factors that, if corrected, would prevent the recurrence of the same or similar accident. lLocal Root Causes are specific deficiencies that, if corrected, would prevent the recurrence of the same accident. lSystemic Root Causes are deficiencies in a management system that, if corrected, would prevent the occurrence of a class of similar accidents. Department of Energy Accident Investigation Program. Root cause analysis. January 19, 2001.

41 RCA lRoot Cause Analysis (RCA) is a structured procedure to identify and evaluate the underlying causes of an accident to prevent a recurrence. lGoal of RCA is not merely to determine the cause of an accident but to prevent it from occurring again. NASA, Office of Safety and Mission Assurance, Chief Engineers Office. Root cause analysis overview. July Rimson IJ. Investigating causes and assigning blame. The Investigation Process Research Library. August Decision Systems, Inc. What is root cause analysis? Longview, TX

42 RCA Procedure lPhase I: Clearly define the undesired outcome. lPhase II: Data Collection. lPhase III: Assessment. lIdentify the problem and significance of the problem lIdentify the causes working back to the fundamental cause, which if corrected, would have prevented the accident (root cause) lFTA lMORT lECFA NASA, Office of Safety and Mission Assurance, Chief Engineers Office. Root cause analysis overview. July Department of Energy Accident Investigation Program. Root cause analysis. January 19, 2001.

43 RCA Procedure lPhase IV: Corrective actions for each identified cause to prevent recurrence. lPhase V: Follow-up by determining if corrective action effectively prevents recurrence. Department of Energy Accident Investigation Program. Root cause analysis. January 19, 2001.

44 RCA

45 Conclusions lMethodologies largely determined by organization lMethods may be selected lNot all methods suitable for each accident lSimplest method that yields the required results Frei R, Kingston J, Koornneef F, & Schallier P. Investigation Tools in Context. Noordwijk Risk Initiative Foundation.

46


Download ppt "Accident Investigation Techniques and Methodologies Chuck DeJohn, D.O., M.P.H Federal Aviation Administration Civil Aerospace Medical Institute."

Similar presentations


Ads by Google