The Read
Safeware: System Safety and Computers
Submitted by Seneca » Sat 18-Feb-2012, 17:15Subject Area: SafetyKeywords: Nancy G. Leveson, hazard analysis, risk, functional safety, Therac-25, Apollo 13, DC 10, Challenger, Chernobyl, Bhopal, Three Mile Island, tree analysis, event tree analysis, cause-consequence analysis, software safety | 43 member ratings |
|
This is one of the first texts on system safety and safety engineering with a particular focus on software. It remains a useful introduction to the subject for anyone entering the field of functional safety management.
For many years the owners and operators of complex systems involving computer technology have suffered catastrophic failures resulting in loss of life and destruction of property. Famous examples are the Therac-25 story, Chernobyl and worst of all: Bhopal.
In her book Nancy Leveson covers the fundamentals of building safe systems including measures to reduce the risk of dangerous failures. The big idea is that we apply engineering processes to eliminate safety-related defects during the development process before they get a chance to hurt a human being.
To this end Nancy summarises hazard analysis techniques such as fault tree analysis, event tree analysis, cause-consequence analysis and failure modes, effects and criticality analysis.
The takeaway is that, as systems become increasingly complex, the potential for human beings to screw up approaches infinity. In particular the introduction of software invites "fiendish complexity". A formal discipline is therefore required to ensure that unsafe systems do not reach users.
I found the disaster case studies in appendix A particularly interesting. Nancy covers: Therac-25, Apollo 13, the DC 10, the Challenger disaster, Flixborough, Bhopal, and the nuclear disasters of Three Mile Island and Chernobyl.
Be aware that Safeware summarises safety management techniques only, it should not be viewed as a detailed how-to on any individual functional safety process.
124 Reviews