This report is the first of 3 parts presenting the results of an HSE-sponsored research project. The overall purpose is to create a scheme for learning from incidents that involve electrical, electronic or programmable electronic (E/E/PE) systems. Part 1 (this report) reviews existing learning processes and causal analysis techniques, examines industry practice and makes recommendations for a new scheme. Part 2 presents the recommended scheme and Part 3 gives accompanying guidance, examples and rationale. This report and the work it describes were funded by the Health and Safety Executive (HSE). Its contents, including any opinions and/or conclusions expressed, are those of the authors alone and do not necessarily reflect HSE policy. ISBN 0 7176 2787 X All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording or otherwise) without the prior written permission of the copyright owner. ACKNOWLEDGEMENTS Adelard LLP wishes to acknowledge numerous invaluable contributions to the project from the following people: iii iv v EXECUTIVE SUMMARY This report is the first of 3 parts presenting the results of an HSE-sponsored research project. The overall purpose is to create a scheme for learning from incidents that involve electrical, electronic or programmable electronic (E/E/PE) systems. Part 1 (this report) reviews existing learning processes and causal analysis techniques, examines industry practice and makes recommendations for a new scheme. Part 2 presents the recommended scheme and Part 3 gives accompanying guidance, examples and rationale. The initial requirements are for a scheme that can be adopted by companies and organisations to help them learn from incidents that involved E/E/PE systems. This should fit with existing safety and quality management systems, should allow for different levels of maturity and organisational complexity and should satisfy legal and regulatory requirements. The scheme should be applicable to a wide range of sectors, including oil and gas, chemical process, machinery, nuclear and railways, and should cover varying roles including end users, system designers and component suppliers. Root causes should be classified using a common taxonomy to aid consistent characterisation, retrieval and analysis and the scheme should enable recommendations to be generated from these root causes. The consensus behind IEC 61508, and especially the agreed terminology of the standard, will be important in developing a scheme that is widely applicable. In addition the safety lifecycle in IEC 61508 will provide …
[1]
WilliamJob Collins,et al.
The London Ambulance Service
,
1936
.
[2]
William G. Johnson,et al.
Mort Safety Assurance Systems
,
1980
.
[3]
Ted S. Ferry,et al.
Modern accident investigation and analysis
,
1988
.
[4]
Tjerk W. van der Schaaf,et al.
Near miss reporting in the chemical process industry: An overview
,
1995
.
[5]
James T. Reason,et al.
Tripod Delta: Proactive Approach to Enhanced Safety
,
1994
.
[6]
Peter Neumann,et al.
Safeware: System Safety and Computers
,
1995,
SOEN.
[7]
G. C. van der Graaf,et al.
Tripod-BETA: Incident investigation and analysis
,
1996
.
[8]
T. W. van der Schaaf.
PRISMA : a risk management tool based on incident analysis
,
1996
.
[9]
Van Vuuren.
Organisational failure: an exploratory study in the steel industry and the medical domain
,
1998
.
[10]
F. Koornneef,et al.
Organised Learning from Small-scale Incidents
,
2000
.
[11]
Chris W. Johnson.
The London Ambulance Service, Computer Aided Despatch System: A Case Study in the Integration of Accident Reports and the Constructive Design of Safety-Critical Computer Systems
,
2001
.
[12]
Hoyt Lougee,et al.
SOFTWARE CONSIDERATIONS IN AIRBORNE SYSTEMS AND EQUIPMENT CERTIFICATION
,
2001
.
[13]
Peter K. Allen,et al.
The Analysis of a Friendly Fire Accident Using a Systems Model of Accidents
,
2002
.
[14]
R V Pomeroy.
MANAGING THE HUMAN ELEMENT IN MODERN SHIP DESIGN AND OPERATION
,
.