[SystemSafety] Analyzing far behind the Intended Use

From: Haim Kuper < >
Date: Wed, 30 Dec 2015 04:12:58 +0200

Hello everyone,  

What is your opinion regarding the following situation:

The customer defines System-A to be used as "Advisory only". This fact defines what we call the "Intended Use" of the system.

This Intendent use is the basis of System-A safety analysis, resulting with few hazards marked with CRITICAL severity.

The operator of System-X is quite clever to use the system FAR BEHIND the Intendent use.

If you analyze this "Extra-usage", you find hazards typed as CATASTROPHIC severity, and the mitigation of those hazards is quite expensive.

We do wish to protect the operator activities. However, the customer will not pay the price of FAR BEHIND the Intendent use mitigation.  

How will you act under those constrains ?  



The System Safety Mailing List
systemsafety_at_xxxxxx Received on Wed Dec 30 2015 - 03:13:08 CET

This archive was generated by hypermail 2.3.0 : Tue Jun 04 2019 - 21:17:07 CEST