[SystemSafety] Functional hazard analysis, does it work?

andy loeblas at comcast.net
Tue Jan 19 02:25:43 CET 2016 

Dr. Squire;

I have had these same kinds of questions in the past.  I have studied the relationship between probabilistic and non-probabilistic risk assessment mostly as a result of a project I worked on for the U.S. Nuclear Regulatory Commission regarding digital systems reliability versus non-digital systems for safety critical power reactor control.  I have also studied the statistical work executed by the London folks on common cause failure and defense in depth.  I believe probabilistic risk assessment is a bureaucratic, reductionist, and none to complete analysis of risk assessment focused on a “guns and guards” mentality dominant in the USA.  I have written, 3 or 4 years ago, white papers on my conclusions and readings and done some graphic representations of the NRC regulations on common cause failure.  I have studied Nancy Leveson’s systems approach and taken her week long course, also 3 or 4 years ago, and I have developed a favorable disposition towards her conclusions.  My white papers were written to keep my own thinking organized and I can look for any of the products I developed for this purpose as well as share my bibliographies with you, although some of the documents from the city college folks in England were given to me as a professional courteousy and these references might be listed but not available for re-distribution according to my agreement.

 

Let me know if any of this would be useful to you.  It will take me a week or two to relocate the digital versions of this stuff.

 

andy

 

 

 

From: systemsafety-bounces at lists.techfak.uni-bielefeld.de [mailto:systemsafety-bounces at lists.techfak.uni-bielefeld.de] On Behalf Of Matthew Squair
Sent: Monday, January 18, 2016 7:43 PM
To: systemsafety at lists.techfak.uni-bielefeld.de
Subject: [SystemSafety] Functional hazard analysis, does it work?

 

A question to the list. 

 

Does the process of functional hazard analysis 'work' in terms of identifying all functional hazards that we are, or should be, interested in? 

 

The way the FHA process is defined in the various standards seems IMO to be very reductionist in nature, fine for identifying the specific consequences of a single functional failure mode, but what about functional interactions, multiple functional failures, the interaction of modes with functions and so on. 

 

The background to this is that the project I'm working with is about to commit to a significant campaign of 'FHA'-ing. So we're engaged in a little bit of professional navel gazing about the efficacy of the technique before we commit to the campaign.  


 

-- 

Matthew Squair

 

 

BEng (Mech) MSysEng

MIEAust CPEng

 

Mob: +61 488770655 <tel:%2B61%20488770655> 

Email: MattSquair at gmail.com

Website: www.criticaluncertainties.com <http://criticaluncertainties.com/> 

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.techfak.uni-bielefeld.de/mailman/private/systemsafety/attachments/20160118/4558c309/attachment.html>

More information about the systemsafety mailing list