Presentation is loading. Please wait.

Presentation is loading. Please wait.

Introduction to Safety Engineering for Safety-Critical Systems 2004. 2. 14. Seo Ryong Koo Dept. of Nuclear and Quantum Engineering KAIST Lab. Seminar.

Published byGarry Waters Modified over 7 years ago

Similar presentations

Presentation on theme: "Introduction to Safety Engineering for Safety-Critical Systems 2004. 2. 14. Seo Ryong Koo Dept. of Nuclear and Quantum Engineering KAIST Lab. Seminar."— Presentation transcript:

1

2 Introduction to Safety Engineering for Safety-Critical Systems 2004. 2. 14. Seo Ryong Koo Dept. of Nuclear and Quantum Engineering KAIST Lab. Seminar

3 2 Table of Contents 1.Terminologies 2.Safety Concepts 3.Hazard Analysis 4.Hazard Analysis Techniques 5.Conclusions & Further Works

4 Lab. Seminar3 Terminologies Reliability Is the probability that a piece of equipment or component will perform its intended function satisfactorily for a prescribed time and under stipulated environmental conditions. Failure Is the nonperformance or inability of the system or component to perform its intended function for a specified time under specified environmental conditions. Error Is a design flaw or deviation from a desired or intended state. Accident Is an undesired and unplanned (but not necessarily unexpected) event that results in (at least) a specified level of loss. Incident Is an event that involves no loss (or only minor loss) but with the potential for loss under different circumstances.

5 Lab. Seminar4 Terminologies Hazard Is a state or set of conditions of a system (or an object) that, together with other conditions in the environment of the system (or object), will lead inevitably to an accident (loss event). Risk Is the hazard level combined with (1) the likelihood of the hazard leading to an accident (sometimes called danger) and (2) hazard exposure or duration (sometimes called latency). Safety Is freedom from accidents or losses. Is a property of a system that it will not endanger human life or the environment.

6 Lab. Seminar5 Safety Concepts Safety-Critical Systems Systems that are intended to achieve, on its own, the necessary level of safety integrity for the implementation of the required safety functions. Systems whose failure can threaten human life or cause serious environmental damage. Unintentional Injuries Cost of $399 billion a year only in the USA Fifth leading cause of death Due to interaction between machines and their environment and the way people live and work Engineers should more think about the safety of the users...

7 Lab. Seminar6 Safety Concepts IEC 61508 defines the V-model for software safety integrity and the development life-cycle. The design and development process starts with the software safety requirements specification, which is part of the overall safety requirements specification for software and hardware of a system, ends with validated software on the software validation testing.

8 Lab. Seminar7 Safety Concepts Overall Safety Lifecycle [IEC 61508] Overall Installation and commissioning Decommissioning or disposal Overall operation and maintenance and repair 12 16 14 Overall modification and retrofit 15 Back to appropriate overall safety life cycle phase Safety related systems: E/E/PES 9 Realization (see E/E/PES safety lifecycle) External risk reduction facilities 11 Realization Safety related systems: other technologies Realization 10 Overall operation & maintenance planning 6 Overall planning Concept Overall scope definition2 1 Hazard and risk analysis Overall safety requirements4 3 Safety requirements allocation5 Overall validation planning 7 Overall installation and commissioning planning 8 Overall safety validation13 ▪ The safety lifecycle is designed to structure a system‘s production into defined stages and activities. ▪ Lifecycle aims to deal in a systematic manner with all activities needed for a safety integrity level assigned to the system. Process Activities ▪Hazard Analysis ▪Risk Analysis ▪Requirements Specification ▪Design and Implementation ▪Verification, Validation and Test ▪Certification ▪Operation and Maintenance

9 Lab. Seminar8 Safety Concepts Safety Processes Hazard and risk analysis  Assess the hazards and the risks of damage associated with the system Safety requirements specification  Specify a set of safety requirements which apply to the system Designation of safety-critical systems  Identify the sub-systems whose incorrect operation may compromise system safety Safety validation  Check the overall system safety

10 Lab. Seminar9 Safety Concepts Safety Integrity Levels (SILs) SIL represents a concepts of classes of safety requirements for functions, systems, sub-systems or components. Four distinct levels of safety integrity were introduced and assigned in IEC 61508. Different degrees of safety integrity depend on what kind of risk a safety- related system is tackling, how willing we are to accept that risk, how many measures we have, as well as how effective they are. Safety Integrity Level Low demand mode of operation (probability of failure to perform its safety functions on demand) Continuous/high-demand mode of operation (probability of dangerous failure per hour) 43214321 >= 10 -5 to < 10 -4 >= 10 -4 to < 10 -3 >= 10 -3 to < 10 -2 >= 10 -2 to < 10 -1 >= 10 -9 to < 10 -8 >= 10 -8 to < 10 -7 >= 10 -7 to < 10 -6 >= 10 -6 to < 10 -5

11 Lab. Seminar10 Hazard Analysis What is it ? Identifying all possible hazards potentially created by a product, process or application. Structured into various classes of hazard analysis and carried out throughout software process. A risk analysis should be carried out and documented for each identified hazard. Objectives : Tool for engineers and safety practitioners to identify possible hazards, provide an evaluation of the risks, prompt alternative design solutions to mitigate or control the risks to an acceptable level.

12 Lab. Seminar11 Hazard Analysis Hazard Analysis Stages Hazard identification: Identify potential hazards which may arise Hazard classification: Assess the risk associated with each hazard Hazard decomposition: Decompose hazards to discover their potential root causes Safety specification: Define how each hazard must be taken into account when the system is designed For large systems, hazard analysis must be structured Preliminary hazard analysis: Assess the principal hazards for the system in its operating environment Sub-system hazard analysis: Assess hazards for each safety-critical sub-system System hazard analysis: Assess hazards which result from sub-system interaction Software hazard analysis: Assess hazards related to incorrect software function Operational hazard analysis: Assess hazards resulting from incorrect system use

13 Lab. Seminar12 Hazard Analysis Safe Design Precedence 1. Hazard Elimination Hazard elimination is the least expensive, and most effective, method of handling system hazard. If addressed early in the system design process, hazards can often be eliminated at almost no cost whatsoever. 2. Hazard Reduction Hazards may be reduced by passive safeguards, which maintain safety merely by their presence, or by active safeguards, which require the hazard or condition to be detected and corrected. 3. Hazard Control 4. Damage Reduction

14 Lab. Seminar13 Hazard Analysis Risk Assessment It is the next step after the collection of potential hazards. Risk in this context is the probability and severity of the hazard becoming reality.

15 Lab. Seminar14 Hazard Analysis General Risk Assessment Procedure These parameters can be limits of the machine or design, limits on uses, limits on the scope of the analysis, or other limits. Document Results Verify Effectiveness Reduce Risks Derive Risk Rating Assess Risks Identify Hazards Establish Analysis Parameters

16 Lab. Seminar15 Hazard Analysis General Risk Assessment Procedure (cont’d) The nature of this step lends itself to a team approach such as brainstorming, according to the hazard analysis stages described in previous slides. Document Results Verify Effectiveness Reduce Risks Derive Risk Rating Assess Risks Identify Hazards Establish Analysis Parameters

17 Lab. Seminar16 Hazard Analysis General Risk Assessment Procedure (cont’d) Two risk factors are used: severity of injury probability of occurrence Document Results Verify Effectiveness Reduce Risks Derive Risk Rating Assess Risks Identify Hazards Establish Analysis Parameters

18 Lab. Seminar17 Hazard Analysis General Risk Assessment Procedure (cont’d) Risk matrix: If the risk is determined to not be acceptable, it is necessary to reduce that risk by implementing protective measures. CatastrophicCriticalMarginalNegligible FrequentHigh Serious ProbableHigh SeriousLow OccasionalHighSeriousLow RemoteSeriousLow ImprobableSeriousLow Severity Category Probability Level Document Results Verify Effectiveness Reduce Risks Derive Risk Rating Assess Risks Identify Hazards Establish Analysis Parameters

19 Lab. Seminar18 Hazard Analysis General Risk Assessment Procedure (cont’d) Remedy actions are taken to reduce risks following the hazard hierarchy: Eliminate hazards through the design Protect Warn the user Train the user(s) Personal protective equipment Document Results Verify Effectiveness Reduce Risks Derive Risk Rating Assess Risks Identify Hazards Establish Analysis Parameters

20 Lab. Seminar19 Hazard Analysis General Risk Assessment Procedure (cont’d) This assessment verifies that the remedy actions have reduced the risks to an acceptable level. Document Results Verify Effectiveness Reduce Risks Derive Risk Rating Assess Risks Identify Hazards Establish Analysis Parameters

21 Lab. Seminar20 Hazard Analysis General Risk Assessment Procedure (cont’d) The documentation can be added to a technical file for future use. Document Results Verify Effectiveness Reduce Risks Derive Risk Rating Assess Risks Identify Hazards Establish Analysis Parameters

22 Lab. Seminar21 Hazard Analysis Techniques Checklists or Hazard Indices Fault Tree Analysis (FTA) Event Tree Analysis (ETA) Cause-Consequence Analysis (CCA) Hazards and Operability Analysis (HAZOP) Failure Modes and Effects Analysis (FMEA) Failure Modes, Effects, and Criticality Analysis (FMECA) Fault Hazard Analysis (FHA) State Machine Hazard Analysis (SMHA) Task and Human Error Analysis

23 Lab. Seminar22 Conclusions & Further Works Overall concepts of safety engineering was introduced. Terminologies related to safety Various safety concepts Hazard analysis and risk assessment List of hazard analysis techniques Main goals of Safety V&V are to identify all hazards and track their resolution. Minute survey on every hazard analysis techniques FTA, FMEA, and HAZOP CCA, SMHA Examine the tools for hazard analysis designsafe® by design safety engineering inc. SpecTRM by safeware engineering corporation. Etc…  An adequate safety analysis technique for NuFDS approach

24 Lab. Seminar23 References 1.Nancy G. Leveson, “SAFEWARE: System Safety and Computers”, ADDISON-WESLEY PUBLISHING COMPANY, 1995. 2.Neil Storey, “Safety-Critical Computer Systems”, ADDISON-WESLEY PUBLISHING COMPANY, 1996. 3.IEC 61508 “Functional Safety: Safety-related Systems”, International Electrotechnical Commission, 1998. 4.Safeware Engineering Corporation, www.safeware-eng.comwww.safeware-eng.com

Download ppt "Introduction to Safety Engineering for Safety-Critical Systems 2004. 2. 14. Seo Ryong Koo Dept. of Nuclear and Quantum Engineering KAIST Lab. Seminar."

Similar presentations

Medical devices: Application of risk management to medical devices

Medical devices: Application of risk management to medical devices
Integra Consult A/S Safety Assessment. Integra Consult A/S SAFETY ASSESSMENT Objective Objective –Demonstrate that an acceptable level of safety will.

Integra Consult A/S Safety Assessment. Integra Consult A/S SAFETY ASSESSMENT Objective Objective –Demonstrate that an acceptable level of safety will.
Operation & Maintenance Engineering Detailed activity description

Operation & Maintenance Engineering Detailed activity description
Module 3 UNIT I Copyright 2002, Information Spectrum, Inc. All Rights Reserved. INTRODUCTION TO RCM RCM TERMINOLOGY AND CONCEPTS.

Module 3 UNIT I " Copyright 2002, Information Spectrum, Inc. All Rights Reserved." INTRODUCTION TO RCM RCM TERMINOLOGY AND CONCEPTS.
Combining Product Risk Management & Design Controls

Combining Product Risk Management & Design Controls
Developing safety critical systems

Developing safety critical systems
Overview Lesson 10,11 - Software Quality Assurance

Overview Lesson 10,11 - Software Quality Assurance
SWE Introduction to Software Engineering

SWE Introduction to Software Engineering
1 Risk evaluation Risk treatment. 2 Risk Management Process Risk Management Process.

1 Risk evaluation Risk treatment. 2 Risk Management Process Risk Management Process.
Title slide PIPELINE QRA SEMINAR. PIPELINE RISK ASSESSMENT INTRODUCTION TO GENERAL RISK MANAGEMENT 2.

Title slide PIPELINE QRA SEMINAR. PIPELINE RISK ASSESSMENT INTRODUCTION TO GENERAL RISK MANAGEMENT 2.
1 Software Testing and Quality Assurance Lecture 1 Software Verification & Validation.

1 Software Testing and Quality Assurance Lecture 1 Software Verification & Validation.
Tony Gould Quality Risk Management. 2 | PQ Workshop, Abu Dhabi | October 2010 Introduction Risk management is not new – we do it informally all the time.

Tony Gould Quality Risk Management. 2 | PQ Workshop, Abu Dhabi | October 2010 Introduction Risk management is not new – we do it informally all the time.
Hazards Analysis & Risks Assessment By Sebastien A. Daleyden Vincent M. Goussen.

Hazards Analysis & Risks Assessment By Sebastien A. Daleyden Vincent M. Goussen.
CIS 376 Bruce R. Maxim UM-Dearborn

CIS 376 Bruce R. Maxim UM-Dearborn
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 2 Slide 1 Systems engineering 1.

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 2 Slide 1 Systems engineering 1.
Systems Engineering Approach to MPS Risk Management Kelly Mahoney Presented at the Workshop for Machine Protection in Linear Accelerators.

Systems Engineering Approach to MPS Risk Management Kelly Mahoney Presented at the Workshop for Machine Protection in Linear Accelerators.
QUALITY MANAGEMENT SYSTEM ACCORDING TO ISO

QUALITY MANAGEMENT SYSTEM ACCORDING TO ISO
Hazard Identification

Hazard Identification
 Copyright © 2010 Pearson Education, Inc. Publishing as Prentice Hall. 7- 1 Chapter 7 Quality and Innovation in Product and Process Design.

 Copyright © 2010 Pearson Education, Inc. Publishing as Prentice Hall Chapter 7 Quality and Innovation in Product and Process Design.
EE551 Real-Time Operating Systems

EE551 Real-Time Operating Systems

Similar presentations

Ads by Google