How explicit are the barriers to failure in safety arguments?

Safety cases embody arguments that demonstrate how safety properties of a system are upheld. Such cases implicitly document the barriers that must exist between hazards and vulnerable components of a system. For safety certification, it is the analysis of these barriers that provide confidence in the safety of the system. The explicit representation of hazard barriers can provide additional insight for the design and evaluation of system safety. They can be identified in a hazard analysis to allow analysts to reflect on particular design choices. Barrier existence in a live system can be mapped to abstract barrier representations to provide both verification of barrier existence and a basis for quantitative measures between the predicted barrier behaviour and performance of the actual barrier. This paper explores the first stage of this process, the binding between explicit mitigation arguments in hazard analysis and the barrier concept. Examples from the domains of computer-assisted detection in mammography and free route airspace feasibility are examined and the implications for system certification are considered

Rodent Research Development for Long Duration Studies on the International Space Station

Rodent research in space is needed to advance our understanding of the health risks,consequences and possible countermeasures to protect crew during future, long duration missions. TheAnimal Enclosure Module (AEM) was designed originally to support habitation of rats and mice onrelatively short duration, Shuttle missions (<19 days). The AEM was flown previously on 27 SpaceShuttle missions, and recently was modified extensively to support future long duration space biology andbiomedical research on the International Space Station (ISS). In consultation with a Science WorkingGroup comprised of veterinarians and investigators experienced in rodent spaceflight experimentation inspace, the Rodent Habitat project team at Ames Research Center modified existing hardware, developednew hardware, operations, and science activities, and performed a series of ground-based operational andscience habitat verification tests in preparation for the first validation flight

An Exercise in Reverse Engineering for Safety-Critical Systems: An Experience for the Classroom

Since the Y2K crisis, reverse engineering has become a major area of work in industrial software application development, but lacks emphasis in US academia. This issue is exemplified by the high demand for software systems in new and expanding software application areas, which has resulted in systems being implemented before the requirements and design phases have been completed. Towards the maintenance of such systems, it is necessary to conducted reverse engineering for the derivation of software documentation for requirements and high-level and low-level design. When this scenario exists in the domain of safety-critical system, particularly in the aviation industry, reverse engineering takes on greater value because such software systems have to undergo development regulations and certification restrictions. This work reports on the pedagogical revelations gained from conducting reverse engineering on a software system that was developed and deployed for use in managing the assignment of commercial aircrafts to airport terminal gates. The software system incorporated genetic algorithms solutions and was implemented on a high-speed multi-processor system. The reverse engineering methodology applied was based on the RTCA DO-178C Software Considerations in Airborne Systems and Equipment Certification specification for onboard avionic software systems

A hazard analysis method for systematic identification of safety requirements for user interface software in medical devices

© Springer International Publishing AG (outside the US) 2017. Formal methods technologies have the potential to verify the usability and safety of user interface (UI) software design in medical devices, enabling significant reductions in use errors and consequential safety incidents with such devices. This however depends on comprehensive and verifiable safety requirements to leverage these techniques for detecting and preventing flaws in UI software that can induce use errors. This paper presents a hazard analysis method that extends Leveson’s System Theoretic Process Analysis (STPA) with a comprehensive set of causal factor categories, so as to provide developers with clear guidelines for systematic identification of use-related hazards associated with medical devices, their causes embedded in UI software design, and safety requirements for mitigating such hazards. The method is evaluated with a case study on the Gantry-2 radiation therapy system, which demonstrates that (1) as compared to standard STPA, our method allowed us to identify more UI software design issues likely to cause use-related hazards; and (2) the identified UI software design issues facilitated the definition of precise, verifiable safety requirements for UI software, which could be readily formalized in verification tools such as Prototype Verification System (PVS).- U.S. Food and Drug Administration(NORTE-01-0145-FEDER-000016)Sandy Weininger (FDA), Scott Thiel (Navigant Consulting, Inc.), Michelle Jump (Stryker), Stefania Gnesi (ISTI/CNR) and the CHI+MED team (www.chi-med.ac.uk) provided useful feedback and inputs. Paolo Masci’s work is supported by the North Portugal Regional Operational Programme (NORTE 2020) under the PORTUGAL 2020 Partnership Agreement, and by the European Regional Development Fund (ERDF) within Project “NORTE-01-0145-FEDER-000016”.info:eu-repo/semantics/publishedVersio

Applying System Engineering to Pharmaceutical Safety

While engineering techniques are used in the development of medical devices and have been applied to individual healthcare processes, such as the use of checklists in surgery and ICUs, the application of system engineering techniques to larger healthcare systems is less common. System safety is the part of system engineering that uses modeling and analysis to identify hazards and to design the system to eliminate or control them. In this paper, we demonstrate how to apply a new, safety engineering static and dynamic modeling and analysis approach to healthcare systems. Pharmaceutical safety is used as the example in the paper, but the same approach is potentially applicable to other complex healthcare systems. System engineering techniques can be used in re-engineering the system as a whole to achieve the system goals, including both enhancing the safety of current drugs while, at the same time, encouraging the development of new drugs

The ethics of uncertainty for data subjects

Modern health data practices come with many practical uncertainties. In this paper, I argue that data subjects’ trust in the institutions and organizations that control their data, and their ability to know their own moral obligations in relation to their data, are undermined by significant uncertainties regarding the what, how, and who of mass data collection and analysis. I conclude by considering how proposals for managing situations of high uncertainty might be applied to this problem. These emphasize increasing organizational flexibility, knowledge, and capacity, and reducing hazard

From ‘shallow’ to ‘deep’ policing:‘crash-for-cash’ insurance fraud investigation in England and Wales and the need for greater regulation

The policing of insurance fraud has traditionally been dealt with beyond the criminal justice system as a private matter between the claimant and the insurer with only a few iconic cases referred to the criminal justice system each year. The growth of insurance fraud, particularly ‘crash-for-cash’ fraud, and the disinterest of the police, has led to a change in the response of the insurance industry. This paper will argue that this response can be characterised as a shift from the traditional ‘shallow’ to a ‘deeper’ form of policing which sees greater focus upon criminal and quasi-criminal outcomes. This paper explores some of the private and innovative methods the industry has developed and illustrates what greater private criminal investigation might look like at a time when police privatisation has become a higher profile issue. The paper argues the shift to ‘deeper’ policing necessitates greater regulation of the private investigation of crime and outlines a number of proposals to address this gap which require further consideration and debate