Re: [SystemSafety] Safety Cases

From: Michael Jackson < >
Date: Mon, 10 Feb 2014 11:43:43 +0000


Yes. But surely there is a missing prior question here:

0. What constitutes going right?

How can we discuss 'going wrong' without a clear understanding of 'going right'?
Yet in much discussion of safety this question seems to be relegated to a tacit
background understanding.

At 11:19 10/02/2014, nfr wrote:

>In the 1980s, 'the safety case' was defined as having the purpose of
>answering three questions:
>1. What could [possibly] go wrong?
>2. Why won't it?
>3. But what if it did?
>One or two of you might propose that each of these questions could
>be answered by a single sentence. But, with a bit of thought, you'll
>recognise that, in order to answer the questions fully, a great deal
>of evidence must be adduced, from a great deal of work - from
>complete and correct specification, through thorough design, hazard
>ID, risk assessment, etc., to emergency planning.
>The System Safety Mailing List

The System Safety Mailing List
systemsafety_at_xxxxxx Received on Mon Feb 10 2014 - 12:43:59 CET

This archive was generated by hypermail 2.3.0 : Tue Jun 04 2019 - 21:17:06 CEST