[SystemSafety] Analyzing far behind the Intended Use

Les Chambers les at chambers.com.au
Fri Jan 1 01:09:38 CET 2016 

Haim
Your problem statement is brief, I am therefore making a lot of assumptions here. 
IFF the following is true:
This is something more than an arm's length product sale. 
Your customer is not just downloading your product from the web. 
In fact you have performed a hazard analysis for him. 
You have probably met the operators and know them personally. 
You are well aware of the modes in which your product may be used 
THEN:
This problem becomes a question of ethics. It is more than a legal process of protecting 
yourself.
 If in fact the consequences of misuse of your product are truly catastrophic, if you believe 
your own hazard analysis, have you considered withdrawing it from sale?
The other option is to attempt to influence a client to spend the money required to make it 
safe in his context. I know he's said NO, so TRY HARDER!!!
One way of achieving this is to prepare a use case scenario that could realistically  lead to 
loss of life or destruction of property for your client. Ultimately it's up to you to look at this 
scenario through the lens of your company's  statement of professional ethics. 
In 27 years in business I have attempted to adhere to the policy that dealing with my 
company is a pleasurable experience for all my clients. This extends to fixing problems 
even though they may not have been of my making. 

So, if the probability of harm to your customer is real consider if you want that customer one 
day to stand in the marketplace and say I purchased this  product from X and it killed some 
of my people. Whether this is true or not is irrelevant. The outcome for your company could 
be 
catastrophic.

> Hello everyone,
> 
>  
> 
> What is your opinion regarding the following situation:
> 
> The customer defines System-A to be used as "Advisory only". This fact
> defines what we call the "Intended Use" of the system.
> 
> This  Intendent use is the basis of System-A safety analysis, resulting with
> few hazards marked with CRITICAL severity.
> 
> The operator of System-X is quite clever to use the system FAR BEHIND the
> Intendent use. 
> 
> If you analyze this  "Extra-usage", you find hazards typed as CATASTROPHIC
> severity, and the mitigation of those hazards is quite expensive.
> 
> We do wish to protect the operator activities. However, the customer will
> not pay the price of  FAR BEHIND the Intendent use mitigation.
> 
>  
> 
> How will you act under those constrains ?
> 
>  
> 
> Thanks,
> 
> Kuper



--
Les Chambers
les at chambers.com.au
+61 (0)412 648 992

More information about the systemsafety mailing list