Re: [SystemSafety] Critical Design Checklist

From: SPRIGGS, John J < >
Date: Wed, 28 Aug 2013 08:32:36 +0000

A question I used to ask of avionics designers was "Would you fly on the thing yourself?". For a defensive aids sub-system, the question was modified to "Would you stand next to it on the ground when it has just landed or is ready for take-off?" I found it very rewarding to ask a simple question in a design review and have the guy excuse himself to go and make an urgent 'phone call...


From: systemsafety-bounces_at_xxxxxx Sent: 26 August 2013 21:38
To: systemsafety_at_xxxxxx Subject: [SystemSafety] Critical Design Checklist

For NASA, we are creating a Critical Design Checklist:

*       Objective

- A checklist for designers to help them determine if a safety-critical design has met its safety requirements
- Not a "Have you done ..." checklist
w Too easy to just check "yes" without doing sufficient work w Instead, "What have you done ..."
w Prove what you have done is sufficient
*       We are looking for inputs to include in this checklist
*       Do you have any inputs that should be included?

- Meta-question: "If you were asked to participate in a design review of a safety-critical design, what questions would you ask?" (Particularly, general questions you would have before seeing the details of a design.)
- Inverse meta-question: "If you were presenting a design, what questions would you dread being asked?" :-}
w Where are the bodies buried?

We are finishing the Checklist by next week and would like to include any good questions you may have that we have overlooked. Realizing this is an imposition on your time, I am hoping some of you would be so kind as to spend just a few minutes to send questions or even question fragments.

I am also looking for unusual failure scenarios to add to my collection, like those I've described in my series of "Murphy was an Optimist" presentations (e.g.

If you are not the intended recipient, please notify our Help Desk at Email isproduction_at_xxxxxx
immediately. You should not copy or use this email or attachment(s) for any purpose nor disclose
their contents to any other person.

NATS computer systems may be monitored and communications carried on them recorded, to 
secure the effective operation of the system.

Please note that neither NATS nor the sender accepts any responsibility for viruses or any losses
caused as a result of viruses and it is your responsibility to scan or otherwise check this email
and any attachments.

NATS means NATS (En Route) plc (company number: 4129273), NATS (Services) Ltd 
(company number 4129270), NATSNAV Ltd (company number: 4164590) 
or NATS Ltd (company number 3155567) or NATS Holdings Ltd (company number 4138218). 
All companies are registered in England and their registered office is at 4000 Parkway, 
Whiteley, Fareham, Hampshire, PO15 7FL.


_______________________________________________ The System Safety Mailing List systemsafety_at_xxxxxx
Received on Wed Aug 28 2013 - 10:32:51 CEST

This archive was generated by hypermail 2.3.0 : Tue Jun 04 2019 - 21:17:06 CEST