Re: [SystemSafety] WG: words you cannot use at GM

From: Matthew Squair < >
Date: Fri, 23 May 2014 13:27:37 +1000


>From a systems engineering perspective the word 'acceptable' is a
subjective qualifier, meaning the requirement for something to be 'acceptably safe' is unverifiable as it introduces subjective and potentially different interpretations.

Likewise terms such as 'reasonably', 'credible' and 'practicable' introduce subjective interpretation and judgement. Unless you carefully define in a verifiable sense what each means of course.

I also tend to the school of thought that if you can't verify a requirement in any credible sense it's not a technical requirement, ergo such concepts as SFAIRP or ALARP on their own are not true requirements, nor should they be introduced into specifications.

Matthew Squair

MIEAust, CPEng
Mob: +61 488770655
Email; Mattsquair_at_xxxxxx
Web: http://criticaluncertainties.com

On 23 May 2014, at 1:18 am, Nancy Leveson <leveson.nancy8_at_xxxxxx

There is nothing wrong with saying "acceptably safe" (of course you need to
define what you mean by "acceptable" or the statement is useless). The
problem is in *defining* "safe" as "acceptably safe" and then simply
declaring that the system is "safe." Safe is not the same as "acceptably
safe with a probability of 10^-9 (or whatever).

Nancy

On Thu, May 22, 2014 at 9:25 AM, <peter.sheppard_at_xxxxxx
> wrote:

>
> I don't see what is wrong with "acceptably safe". No system is ever 100%
> safe, thus an expert, professional judgement on what is acceptably safe has
> to be made.
>
> In the UK railways it was agreed that "acceptably safe" for rail workers
> was different to what "acceptably safe" was for passengers (still can't
> call them customers!)
>
> Regards
>
> Peter
>
> Peter Sheppard
> Senior Safety Engineer and Validator
>
> Mobile: +44 7920 247931
>
>
> Please consider the environment before you print / Merci de penser à
> l'environnement avant d'imprimer / Bitte denken Sie an die Umwelt bevor Sie
> drucken
>
> Bombardier Transportation UK Ltd
> Registered Office: Litchurch Lane, Derby, DE24 8AD, England
> TEL +44 1332 344666, FAX +44 1332 266271
> Registered in England
> Registration No. 2235994
>
>
>
>
>
> *Peter Bernard Ladkin <ladkin_at_xxxxxx > <ladkin_at_xxxxxx > Sent by: systemsafety-bounces_at_xxxxxx > 22/05/2014 13:46
> To
> systemsafety_at_xxxxxx > cc
> Subject
> Re: [SystemSafety] WG: words you cannot use at GM
>
>
>
>
>
>
> On 2014-05-22 14:31 , Nancy Leveson wrote:
> > I think saying that "acceptably safe" is safe is a ridiculous
> definition.
>
> Nevertheless, it is de rigeur in Europe. The UK Health and Safety
> Executive says that is how it
> judges, with "acceptably safe" usually meaning a one in a million elevated
> chance of dying:
> http://www.hse.gov.uk/risk/theory/r2p2.htm
>
> PBL
>
> Prof. Peter Bernard Ladkin, Faculty of Technology, University of
> Bielefeld, 33594 Bielefeld, Germany
> Tel+msg +49 (0)521 880 7319 www.rvs.uni-bielefeld.de
>
>
>
>
> _______________________________________________
> The System Safety Mailing List
> systemsafety_at_xxxxxx >
>
>
>
>
>
>
> _______________________________________________________________________________________________________________
>
> This e-mail communication (and any attachment/s) may contain confidential
> or privileged information and is intended only for the individual(s) or
> entity named above and to others who have been specifically authorized to
> receive it. If you are not the intended recipient, please do not read,
> copy, use or disclose the contents of this communication to others. Please
> notify the sender that you have received this e-mail in error by reply
> e-mail, and delete the e-mail subsequently. Please note that in order to
> protect the security of our information systems an AntiSPAM solution is in
> use and will browse through incoming emails.
> Thank you.
> _________________________________________________________________________________________________________________
>
>
> Ce message (ainsi que le(s) fichier(s)), transmis par courriel, peut
> contenir des renseignements confidentiels ou protégés et est destiné à
> l’usage exclusif du destinataire ci-dessus. Toute autre personne est, par
> les présentes, avisée qu’il est strictement interdit de le diffuser, le
> distribuer ou le reproduire. Si vous l’avez reçu par inadvertance, veuillez
> nous en aviser et détruire ce message. Veuillez prendre note qu'une
> solution antipollupostage (AntiSPAM) est utilisée afin d'assurer la
> sécurité de nos systèmes d'information et qu'elle furètera les courriels
> entrants.
> Merci.
> _________________________________________________________________________________________________________________
>
>
>
> _______________________________________________
> The System Safety Mailing List
> systemsafety_at_xxxxxx >
>

-- 
Prof. Nancy Leveson
Aeronautics and Astronautics and Engineering Systems
MIT, Room 33-334
77 Massachusetts Ave.
Cambridge, MA 02142

Telephone: 617-258-0505
Email: leveson_at_xxxxxx
URL: http://sunnyday.mit.edu

_______________________________________________
The System Safety Mailing List
systemsafety_at_xxxxxx



_______________________________________________ The System Safety Mailing List systemsafety_at_xxxxxx
Received on Fri May 23 2014 - 05:27:54 CEST

This archive was generated by hypermail 2.3.0 : Thu Apr 25 2019 - 00:17:06 CEST