[SystemSafety] Examples of Emergent Safety-Related Properties

Fri Apr 8 13:04:10 CEST 2022

Peter,

I can think of two examples, one of which is only vaguely safety related.

The first example is that in the UK, goods vehicles are required to be
fitted with Road Speed Limiters (RSLs) limiting them to 60 mph. This has
resulted in some good vehicles taking an exceptionally long time to pass
each other on motorways. I had an illuminating conversation with a taxi
driver who had experience of driving good vehicles. He explained that many
customers (supermarkets are particularly guilty of this) specify a
30-minute time slot during which the delivery must be made.  If delivery is
attempted outside of this 30-minute time slot, the delivery is rejected.
He explained that if a goods vehicle has been held up in traffic and the
satellite navigation device predicts that the delivery could be late, the
driver is strongly motivated to overtake a slower goods vehicle, even if
the difference is only 1 mph. This is an unanticipated consequence of goods
vehicles being fitted with Road Speed Limiters and customers requiring
deliveries to be made within a fixed time slot.

The second example is the Spanish train accident at Santiago de Compostela
in 2013. The driver was used to operating on tracks where the signalling
system prevented the train from exceeding the speed limit. He had got into
the habit of leaving the throttle in its maximum position and letting the
signalling system control the speed. The stretch of track on which the
accident occurred did not have such a signalling system fitted. The driver
entered a curve at full throttle, resulting in a derailment. 79 people were
killed. This is an unanticipated consequence of a signalling system
preventing the train from exceeding the speed limit.

Yours,

Dewi Daniels | Director | Software Safety Limited

Telephone +44 7968 837742 | Email d <ddaniels at verocel.com>
ewi.daniels at software-safety.com

Software Safety Limited is a company registered in England and Wales.
Company number: 9390590. Registered office: Fairfield, 30F Bratton Road,
West Ashton, Trowbridge, United Kingdom BA14 6AZ

On Thu, 31 Mar 2022 at 10:29, Peter Bernard Ladkin <ladkin at causalis.com>
wrote:

> Folks,
>
> the IET is producing a FactFile (a free on-line guidance document) on
> managing safety in the
> development of complex systems. What distinguishes complex systems in this
> respect from simpler
> systems are the emergent properties that emerge from the
> often-unanticipated interactions of components.
>
> For the FactFile, I am looking for examples. The standard one is
> murmurations of starlings, which
> has an analogy to the management of drone swarms. Then there is John
> Conway's game of Life, which
> turns out not only self-reproducing animations but is also Turing Complete
> (an emergent property not
> yet known to many Life lovers). Then there is the Boeing 737 MAX. The
> HazAn is public (thanks to the
> Congressional investigation) and made the assumption that an MCAS fault
> could lead to a runaway
> pitch trim, which the pilots were supposed to be able to counter by
> pulling the circuit breaker and
> manually(mechanically) retrimming. This action turns (turned) out not to
> be appropriate, it being
> almost impossible to mechanically retrim under the condition of strong
> forces on pitch control. This
> is a phenomenon known already in the 1960's but seemingly overlooked by
> newer generations of
> designers and flyers.
>
> Does anyone have more good examples of safety-related emergent properties
> that we could put in the
> FactFile?
>
> PBL
>
> Prof. i.R. Dr. Peter Bernard Ladkin, Bielefeld, Germany
> Tel+msg +49 (0)521 880 7319  www.rvs-bi.de
>
>
>
>
> _______________________________________________
> The System Safety Mailing List
> systemsafety at TechFak.Uni-Bielefeld.DE
> Manage your subscription:
> https://lists.techfak.uni-bielefeld.de/mailman/listinfo/systemsafety
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.techfak.uni-bielefeld.de/pipermail/systemsafety/attachments/20220408/c9971240/attachment.html>