Introduction to Safety Engineering for Safety-Critical Systems 2004. 2. 14. Seo Ryong Koo Dept. of Nuclear and Quantum Engineering KAIST Lab. Seminar.

Slides:



Advertisements
Similar presentations
Medical devices: Application of risk management to medical devices
Advertisements

Integra Consult A/S Safety Assessment. Integra Consult A/S SAFETY ASSESSMENT Objective Objective –Demonstrate that an acceptable level of safety will.
Operation & Maintenance Engineering Detailed activity description
Module 3 UNIT I " Copyright 2002, Information Spectrum, Inc. All Rights Reserved." INTRODUCTION TO RCM RCM TERMINOLOGY AND CONCEPTS.
Combining Product Risk Management & Design Controls
Developing safety critical systems
Overview Lesson 10,11 - Software Quality Assurance
SWE Introduction to Software Engineering
1 Risk evaluation Risk treatment. 2 Risk Management Process Risk Management Process.
Title slide PIPELINE QRA SEMINAR. PIPELINE RISK ASSESSMENT INTRODUCTION TO GENERAL RISK MANAGEMENT 2.
1 Software Testing and Quality Assurance Lecture 1 Software Verification & Validation.
Tony Gould Quality Risk Management. 2 | PQ Workshop, Abu Dhabi | October 2010 Introduction Risk management is not new – we do it informally all the time.
Hazards Analysis & Risks Assessment By Sebastien A. Daleyden Vincent M. Goussen.
CIS 376 Bruce R. Maxim UM-Dearborn
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 2 Slide 1 Systems engineering 1.
Systems Engineering Approach to MPS Risk Management Kelly Mahoney Presented at the Workshop for Machine Protection in Linear Accelerators.
QUALITY MANAGEMENT SYSTEM ACCORDING TO ISO
Hazard Identification
 Copyright © 2010 Pearson Education, Inc. Publishing as Prentice Hall Chapter 7 Quality and Innovation in Product and Process Design.
EE551 Real-Time Operating Systems
© Palaniappan R Kannan PMP.,CFSE 1 IEC Standard – What is it? IEC is a Standard for the functional safety of Electric / Electronic / Programmable.
Standard WBS Version 1.0 WBS2-3.pptPage 1 Standard Work Breakdown Structure Legend = Decomposes to lower level WBS elements 4.0 Implementation 4.0 Implementation.
Risk Management - the process of identifying and controlling hazards to protect the force.  It’s five steps represent a logical thought process from.
WHAT IS SYSTEM SAFETY? The field of safety analysis in which systems are evaluated using a number of different techniques to improve safety. There are.
Asher Etkin DOE Accelerator Safety Workshop August , 2009 DRAFT DOE STANDARD APPLICATION OF SAFETY INSTRUMENTED SYSTEMS USED AT DOE NON-REACTOR.
Software Safety CS3300 Fall Failures are costly ● Bhopal 1984 – 3000 dead and injured ● Therac – 6 dead ● Chernobyl / Three Mile.
Topic (1)Software Engineering (601321)1 Introduction Complex and large SW. SW crises Expensive HW. Custom SW. Batch execution.
Risk Management for Technology Projects Geography 463 : GIS Workshop May
DESIGNING FOR SAFETY CHAPTER 9. IMPORTANCE OF DESIGNING FOR SAFETY  In the near future, the level of safety that companies and industries achieve will.
Safety Critical Systems ITV Model-based Analysis and Design of Embedded Software Techniques and methods for Critical Software Anders P. Ravn Aalborg University.
Are You Ready for an SIS? What to do before starting on your SIS…and after it’s installed March 24, 2009.
Slide 1V&V 10/2002 Software Quality Assurance Dr. Linda H. Rosenberg Assistant Director For Information Sciences Goddard Space Flight Center, NASA
Safety-Critical Systems T Ilkka Herttua. Safety Context Diagram HUMANPROCESS SYSTEM - Hardware - Software - Operating Rules.
1 Safety - definitions Accident - an unanticipated loss of life, injury, or other cost beyond a pre-determined threshhold.  If you expect it, it’s not.
Safety-Critical Systems 7 Summary T V - Lifecycle model System Acceptance System Integration & Test Module Integration & Test Requirements Analysis.
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 9 Slide 1 Critical Systems Specification 1.
IT Risks and Controls Revised on Content Internal Control  What is internal control?  Objectives of internal controls  Types of internal controls.
Fault Tolerance Benchmarking. 2 Owerview What is Benchmarking? What is Dependability? What is Dependability Benchmarking? What is the relation between.
Over View of CENELC Standards for Signalling Applications
SAFETY MANAGEMENT SYSTEM IN TURKISH STATE RAILWAYS (TCDD)
Smart Home Technologies
Review on the Hazard Analysis Techniques Seo Ryong Koo Dept. of Nuclear and Quantum Engineering KAIST Lab. Seminar.
Stan O’Neill Managing Director, The Compliance Group.
1 Software Testing and Quality Assurance Lecture 38 – Software Quality Assurance.
Toward a New ATM Software Safety Assessment Methodology dott. Francesca Matarese.
About Us! Rob StockhamBA IEng MIEE General Manager Moore Industries-Europe, Inc MemberIEE Honorary Secretary ISA England Institute of Directors DirectorThe.
LECTURE 7 AVIATION SAFETY & SECURITY
Failure Modes, Effects and Criticality Analysis
ON “SOFTWARE ENGINEERING” SUBJECT TOPIC “RISK ANALYSIS AND MANAGEMENT” MASTER OF COMPUTER APPLICATION (5th Semester) Presented by: ANOOP GANGWAR SRMSCET,
October 22, 2005 Parvaiz Ahmed Khand An Overview of Software Safety.
Risk Assessment: A Practical Guide to Assessing Operational Risk
An Integrated Model-Based Approach to System Safety and Aircraft System Architecture Development Eric Villhauer – Systems Engineer Brian Jenkins – System.
Security Development Lifecycle (SDL) Overview
Auditing Concepts.
Software Project Management
Chapter 18 Maintaining Information Systems
Risk Management for Technology Projects
Dept. of Nuclear and Quantum Engineering
FMEA.
FMEA PROCESS FLOW Causes/ failure mechanisms Product definition
IEEE Std 1074: Standard for Software Lifecycle
Quality Risk Management
Air Carrier Continuing Analysis and Surveillance System (CASS)
BU IS GIG Chemical, Oil & Gas
GE 6757 TOTAL QUALITY MANAGEMENT
Regulatory Oversight of HOF in Finland
Unit I Module 3 - RCM Terminology and Concepts
Hazards Analysis & Risks Assessment
A New Concept for Laboratory Quality Management Systems
Standards.
Presentation transcript:

Introduction to Safety Engineering for Safety-Critical Systems Seo Ryong Koo Dept. of Nuclear and Quantum Engineering KAIST Lab. Seminar

2 Table of Contents 1.Terminologies 2.Safety Concepts 3.Hazard Analysis 4.Hazard Analysis Techniques 5.Conclusions & Further Works

Lab. Seminar3 Terminologies Reliability Is the probability that a piece of equipment or component will perform its intended function satisfactorily for a prescribed time and under stipulated environmental conditions. Failure Is the nonperformance or inability of the system or component to perform its intended function for a specified time under specified environmental conditions. Error Is a design flaw or deviation from a desired or intended state. Accident Is an undesired and unplanned (but not necessarily unexpected) event that results in (at least) a specified level of loss. Incident Is an event that involves no loss (or only minor loss) but with the potential for loss under different circumstances.

Lab. Seminar4 Terminologies Hazard Is a state or set of conditions of a system (or an object) that, together with other conditions in the environment of the system (or object), will lead inevitably to an accident (loss event). Risk Is the hazard level combined with (1) the likelihood of the hazard leading to an accident (sometimes called danger) and (2) hazard exposure or duration (sometimes called latency). Safety Is freedom from accidents or losses. Is a property of a system that it will not endanger human life or the environment.

Lab. Seminar5 Safety Concepts Safety-Critical Systems Systems that are intended to achieve, on its own, the necessary level of safety integrity for the implementation of the required safety functions. Systems whose failure can threaten human life or cause serious environmental damage. Unintentional Injuries Cost of $399 billion a year only in the USA Fifth leading cause of death Due to interaction between machines and their environment and the way people live and work Engineers should more think about the safety of the users...

Lab. Seminar6 Safety Concepts IEC defines the V-model for software safety integrity and the development life-cycle. The design and development process starts with the software safety requirements specification, which is part of the overall safety requirements specification for software and hardware of a system, ends with validated software on the software validation testing.

Lab. Seminar7 Safety Concepts Overall Safety Lifecycle [IEC 61508] Overall Installation and commissioning Decommissioning or disposal Overall operation and maintenance and repair Overall modification and retrofit 15 Back to appropriate overall safety life cycle phase Safety related systems: E/E/PES 9 Realization (see E/E/PES safety lifecycle) External risk reduction facilities 11 Realization Safety related systems: other technologies Realization 10 Overall operation & maintenance planning 6 Overall planning Concept Overall scope definition2 1 Hazard and risk analysis Overall safety requirements4 3 Safety requirements allocation5 Overall validation planning 7 Overall installation and commissioning planning 8 Overall safety validation13 ▪ The safety lifecycle is designed to structure a system‘s production into defined stages and activities. ▪ Lifecycle aims to deal in a systematic manner with all activities needed for a safety integrity level assigned to the system. Process Activities ▪Hazard Analysis ▪Risk Analysis ▪Requirements Specification ▪Design and Implementation ▪Verification, Validation and Test ▪Certification ▪Operation and Maintenance

Lab. Seminar8 Safety Concepts Safety Processes Hazard and risk analysis  Assess the hazards and the risks of damage associated with the system Safety requirements specification  Specify a set of safety requirements which apply to the system Designation of safety-critical systems  Identify the sub-systems whose incorrect operation may compromise system safety Safety validation  Check the overall system safety

Lab. Seminar9 Safety Concepts Safety Integrity Levels (SILs) SIL represents a concepts of classes of safety requirements for functions, systems, sub-systems or components. Four distinct levels of safety integrity were introduced and assigned in IEC Different degrees of safety integrity depend on what kind of risk a safety- related system is tackling, how willing we are to accept that risk, how many measures we have, as well as how effective they are. Safety Integrity Level Low demand mode of operation (probability of failure to perform its safety functions on demand) Continuous/high-demand mode of operation (probability of dangerous failure per hour) >= to < >= to < >= to < >= to < >= to < >= to < >= to < >= to < 10 -5

Lab. Seminar10 Hazard Analysis What is it ? Identifying all possible hazards potentially created by a product, process or application. Structured into various classes of hazard analysis and carried out throughout software process. A risk analysis should be carried out and documented for each identified hazard. Objectives : Tool for engineers and safety practitioners to identify possible hazards, provide an evaluation of the risks, prompt alternative design solutions to mitigate or control the risks to an acceptable level.

Lab. Seminar11 Hazard Analysis Hazard Analysis Stages Hazard identification: Identify potential hazards which may arise Hazard classification: Assess the risk associated with each hazard Hazard decomposition: Decompose hazards to discover their potential root causes Safety specification: Define how each hazard must be taken into account when the system is designed For large systems, hazard analysis must be structured Preliminary hazard analysis: Assess the principal hazards for the system in its operating environment Sub-system hazard analysis: Assess hazards for each safety-critical sub-system System hazard analysis: Assess hazards which result from sub-system interaction Software hazard analysis: Assess hazards related to incorrect software function Operational hazard analysis: Assess hazards resulting from incorrect system use

Lab. Seminar12 Hazard Analysis Safe Design Precedence 1. Hazard Elimination Hazard elimination is the least expensive, and most effective, method of handling system hazard. If addressed early in the system design process, hazards can often be eliminated at almost no cost whatsoever. 2. Hazard Reduction Hazards may be reduced by passive safeguards, which maintain safety merely by their presence, or by active safeguards, which require the hazard or condition to be detected and corrected. 3. Hazard Control 4. Damage Reduction

Lab. Seminar13 Hazard Analysis Risk Assessment It is the next step after the collection of potential hazards. Risk in this context is the probability and severity of the hazard becoming reality.

Lab. Seminar14 Hazard Analysis General Risk Assessment Procedure These parameters can be limits of the machine or design, limits on uses, limits on the scope of the analysis, or other limits. Document Results Verify Effectiveness Reduce Risks Derive Risk Rating Assess Risks Identify Hazards Establish Analysis Parameters

Lab. Seminar15 Hazard Analysis General Risk Assessment Procedure (cont’d) The nature of this step lends itself to a team approach such as brainstorming, according to the hazard analysis stages described in previous slides. Document Results Verify Effectiveness Reduce Risks Derive Risk Rating Assess Risks Identify Hazards Establish Analysis Parameters

Lab. Seminar16 Hazard Analysis General Risk Assessment Procedure (cont’d) Two risk factors are used: severity of injury probability of occurrence Document Results Verify Effectiveness Reduce Risks Derive Risk Rating Assess Risks Identify Hazards Establish Analysis Parameters

Lab. Seminar17 Hazard Analysis General Risk Assessment Procedure (cont’d) Risk matrix: If the risk is determined to not be acceptable, it is necessary to reduce that risk by implementing protective measures. CatastrophicCriticalMarginalNegligible FrequentHigh Serious ProbableHigh SeriousLow OccasionalHighSeriousLow RemoteSeriousLow ImprobableSeriousLow Severity Category Probability Level Document Results Verify Effectiveness Reduce Risks Derive Risk Rating Assess Risks Identify Hazards Establish Analysis Parameters

Lab. Seminar18 Hazard Analysis General Risk Assessment Procedure (cont’d) Remedy actions are taken to reduce risks following the hazard hierarchy: Eliminate hazards through the design Protect Warn the user Train the user(s) Personal protective equipment Document Results Verify Effectiveness Reduce Risks Derive Risk Rating Assess Risks Identify Hazards Establish Analysis Parameters

Lab. Seminar19 Hazard Analysis General Risk Assessment Procedure (cont’d) This assessment verifies that the remedy actions have reduced the risks to an acceptable level. Document Results Verify Effectiveness Reduce Risks Derive Risk Rating Assess Risks Identify Hazards Establish Analysis Parameters

Lab. Seminar20 Hazard Analysis General Risk Assessment Procedure (cont’d) The documentation can be added to a technical file for future use. Document Results Verify Effectiveness Reduce Risks Derive Risk Rating Assess Risks Identify Hazards Establish Analysis Parameters

Lab. Seminar21 Hazard Analysis Techniques Checklists or Hazard Indices Fault Tree Analysis (FTA) Event Tree Analysis (ETA) Cause-Consequence Analysis (CCA) Hazards and Operability Analysis (HAZOP) Failure Modes and Effects Analysis (FMEA) Failure Modes, Effects, and Criticality Analysis (FMECA) Fault Hazard Analysis (FHA) State Machine Hazard Analysis (SMHA) Task and Human Error Analysis

Lab. Seminar22 Conclusions & Further Works Overall concepts of safety engineering was introduced. Terminologies related to safety Various safety concepts Hazard analysis and risk assessment List of hazard analysis techniques Main goals of Safety V&V are to identify all hazards and track their resolution. Minute survey on every hazard analysis techniques FTA, FMEA, and HAZOP CCA, SMHA Examine the tools for hazard analysis designsafe® by design safety engineering inc. SpecTRM by safeware engineering corporation. Etc…  An adequate safety analysis technique for NuFDS approach

Lab. Seminar23 References 1.Nancy G. Leveson, “SAFEWARE: System Safety and Computers”, ADDISON-WESLEY PUBLISHING COMPANY, Neil Storey, “Safety-Critical Computer Systems”, ADDISON-WESLEY PUBLISHING COMPANY, IEC “Functional Safety: Safety-related Systems”, International Electrotechnical Commission, Safeware Engineering Corporation,

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.