Applying the water safety plan to water reuse: towards a conceptual risk management framework

The Water Safety Plan (WSP) is receiving increasing attention as a recommended risk management approach for water reuse through a range of research programmes, guidelines and standards. Numerous conceptual modifications of the approach – including the Sanitation Safety Plan, the Water Cycle Safety Plan, and even a dedicated Water Reuse Safety Plan – have been put forward for this purpose. However, these approaches have yet to encapsulate the full spectrum of possible water reuse applications, and evidence of their application to reuse remains limited. Through reviewing the existing evidence base, this paper investigates the potential for adapting the WSP into an approach for water reuse. The findings highlight a need for the management of risk to reflect on, and facilitate the inclusion of, broader contexts and objectives for water reuse schemes. We conclude that this could be addressed through a more integrated approach to risk management, encapsulated within an overarching risk management framework (adapted from the WHO's Framework for safe drinking water) and operationalised through the Water Reuse Safety Plan (WRSP). We also propose that the WRSP should be based on modifications to the existing WSP approach, including an increased emphasis on supporting communication and engagement, and improvements in decision support mechanisms to better account for uncertainty, risk interactions and risk prioritisation

Safer clinical systems : interim report, August 2010

Safer Clinical Systems is the Health Foundation’s new five year programme of work to test and demonstrate ways to improve healthcare systems and processes, to develop safer systems that improve patient safety. It builds on learning from the Safer Patients Initiative (SPI) and models of system improvement from both healthcare and other industries. Learning from the SPI highlighted the need to take a clinical systems approach to improving safety. SPI highlighted that many hospitals struggle to implement improvement in clinical areas due to inherent problems with support mechanisms. Clinical processes and systems, rather than individuals, are often the contributors to breakdown in patient safety. The Safer Clinical Systems programme aimed to measure the reliability of clinical processes, identify defects within those processes, and identify the systems that result in those defects. Methods to improve system reliability were then to be tested and re-developed in order to reduce the risk of harm being caused to patients. Such system-level awareness should lead to improvements in other patient care pathways. The relationship between system reliability and actual harm is challenging to identify and measure. Specific, well-defined, small-scale processes have been used in other programmes, and system reliability has been shown to have a direct causal relationship with harm (e.g. care bundle compliance in an intensive care unit can reduce the incidence of ventilator-associated pneumonia). However, it has become evident that harm can be caused by a variety of factors over time; when working in broader, more complex and dynamic systems, change in outcome can be difficult to attribute to specific improvements and difficulties are also associated with relating evidence to resulting harm. The overall aim of Phase 1 of the Safer Clinical Systems programme was to demonstrate proof-of-concept that using a systems-based approach could contribute to improved patient safety. In Phase 1, experienced NHS teams from four locations worked together with expert advisers to co-design the Safer Clinical Systems programme

From plane crashes to algorithmic harm: applicability of safety engineering frameworks for responsible ML

Inappropriate design and deployment of machine learning (ML) systems leads to negative downstream social and ethical impact -- described here as social and ethical risks -- for users, society and the environment. Despite the growing need to regulate ML systems, current processes for assessing and mitigating risks are disjointed and inconsistent. We interviewed 30 industry practitioners on their current social and ethical risk management practices, and collected their first reactions on adapting safety engineering frameworks into their practice -- namely, System Theoretic Process Analysis (STPA) and Failure Mode and Effects Analysis (FMEA). Our findings suggest STPA/FMEA can provide appropriate structure toward social and ethical risk assessment and mitigation processes. However, we also find nontrivial challenges in integrating such frameworks in the fast-paced culture of the ML industry. We call on the ML research community to strengthen existing frameworks and assess their efficacy, ensuring that ML systems are safer for all people

A system safety model for developmental aircraft programs

Basic tenets of safety as applied to developmental aircraft programs are presented. The integration of safety into the project management aspects of planning, organizing, directing and controlling is illustrated by examples. The basis for project management use of safety and the relationship of these management functions to 'real-world' situations is presented. The rationale which led to the safety-related project decision and the lessons learned as they may apply to future projects are presented

Building and Integrating an Information Security Trustworthiness Framework for Aviation Systems

The aviation infrastructure is broadly composed of aircraft, air traffic control systems, airports and public airfields. Much attention has been given to physical security along the years this industry has been expanding; and now, in the new age of interconnection devices, a growing concern about cybersecurity has risen. The never-ending improvement of new digital technology has given birth to a new generation of electronic-enabled (e-enabled) aircraft that implement a remarkable amount of new technologies such as IP-enabled networks, COTS (commercial off-the- shelf) components, wireless connectivity, and global positioning systems (GPSs). For example, aircraft manufacturers are building wireless systems to reduce the amount of wiring within an aircraft. The general purpose of this is the reduction in weight that helps an aircraft achieve lower fuel consumption, but it can result into a security issue since these wireless systems are vulnerable to cybersecurity threats. Therefore, since the aviation infrastructure has taken advantages of the era of technology and is providing unprecedented global connectivity, there is a need for an in-depth study of the measures being taken to mitigate the security vulnerabilities that these e-enabled aircraft technologies introduce that may have not been considered in the traditional aircraft design

Risk assessment for the installation and maintenance activities of a low-speed tidal energy converter

The study presented in this paper, is part of the Deep Green project, which includes the development of a power converter/device for employment in low-speed tidal currents. It mainly focuses on the initial steps to investigate the ways on how to minimize the risks during handling, operation and maintenance (O&M) activities of the full-scale device particularly in offshore operations. As a first tep, the full-scale device offshore installation and O&M tasks are considered. The overall risk analysis and decision making methodology is presented including the Hazard Identification (HAZID) approach which is complemented with a risk matrix for various consequence categories including personnel Safety (S), Environmental impact (E), Asset integrity (A) and Operation (O). In this way, all the major risks involved in the mentioned activities are identified and actions to prevent or mitigate them are presented. The results of the HAZID analysis are also demonstrated. Finally, the last section of this paper presents the discussion, conclusions and future actions for the above-mentioned activities regarding the full-scale device

Keeping Continuous Deliveries Safe

Allowing swift release cycles, Continuous Delivery has become popular in application software development and is starting to be applied in safety-critical domains such as the automotive industry. These domains require thorough analysis regarding safety constraints, which can be achieved by formal verification and the execution of safety tests resulting from a safety analysis on the product. With continuous delivery in place, such tests need to be executed with every build to ensure the latest software still fulfills all safety requirements. Even more though, the safety analysis has to be updated with every change to ensure the safety test suite is still up-to-date. We thus propose that a safety analysis should be treated no differently from other deliverables such as source-code and dependencies, formulate guidelines on how to achieve this and advert areas where future research is needed.Comment: 4 pages, 3 figure

FRAM for systemic accident analysis: a matrix representation of functional resonance

Due to the inherent complexity of nowadays Air Traffic Management (ATM) system, standard methods looking at an event as a linear sequence of failures might become inappropriate. For this purpose, adopting a systemic perspective, the Functional Resonance Analysis Method (FRAM) originally developed by Hollnagel, helps identifying non-linear combinations of events and interrelationships. This paper aims to enhance the strength of FRAM-based accident analyses, discussing the Resilience Analysis Matrix (RAM), a user-friendly tool that supports the analyst during the analysis, in order to reduce the complexity of representation of FRAM. The RAM offers a two dimensional representation which highlights systematically connections among couplings, and thus even highly connected group of couplings. As an illustrative case study, this paper develops a systemic accident analysis for the runway incursion happened in February 1991 at LAX airport, involving SkyWest Flight 5569 and USAir Flight 1493. FRAM confirms itself a powerful method to characterize the variability of the operational scenario, identifying the dynamic couplings with a critical role during the event and helping discussing the systemic effects of variability at different level of analysis

Model Checking-based Software-FMEA: Assessment of Fault Tolerance and Error Detection Mechanisms

Failure Mode and Effects Analysis (FMEA) is a systematic technique to explore the possible failure modes of individual components or subsystems and determine their potential effects at the system level. Applications of FMEA are common in case of hardware and communication failures, but analyzing software failures (SW-FMEA) poses a number of challenges. Failures may originate in permanent software faults commonly called bugs, and their effects can be very subtle and hard to predict, due to the complex nature of programs. Therefore, a behavior-based automatic method to analyze the potential effects of different types of bugs is desirable. Such a method could be used to automatically build an FMEA report about the fault effects, or to evaluate different failure mitigation and detection techniques. This paper follows the latter direction, demonstrating the use of a model checking-based automated SW-FMEA approach to evaluate error detection and fault tolerance mechanisms, demonstrated on a case study inspired by safety-critical embedded operating systems