CRITICALITY SAFETY CONTROLS AND THE SAFETY BASIS AT PFP

DOE Office of Scientific and Technical Information (OSTI.GOV)

Kessler, S

2009-04-21

With the implementation of DOE Order 420.1B, Facility Safety, and DOE-STD-3007-2007, 'Guidelines for Preparing Criticality Safety Evaluations at Department of Energy Non-Reactor Nuclear Facilities', a new requirement was imposed that all criticality safety controls be evaluated for inclusion in the facility Documented Safety Analysis (DSA) and that the evaluation process be documented in the site Criticality Safety Program Description Document (CSPDD). At the Hanford site in Washington State the CSPDD, HNF-31695, 'General Description of the FH Criticality Safety Program', requires each facility develop a linking document called a Criticality Control Review (CCR) to document performance of these evaluations. Chapter 5,more » Appendix 5B of HNF-7098, Criticality Safety Program, provided an example of a format for a CCR that could be used in lieu of each facility developing its own CCR. Since the Plutonium Finishing Plant (PFP) is presently undergoing Deactivation and Decommissioning (D&D), new procedures are being developed for cleanout of equipment and systems that have not been operated in years. Existing Criticality Safety Evaluations (CSE) are revised, or new ones written, to develop the controls required to support D&D activities. Other Hanford facilities, including PFP, had difficulty using the basic CCR out of HNF-7098 when first implemented. Interpretation of the new guidelines indicated that many of the controls needed to be elevated to TSR level controls. Criterion 2 of the standard, requiring that the consequence of a criticality be examined for establishing the classification of a control, was not addressed. Upon in-depth review by PFP Criticality Safety staff, it was not clear that the programmatic interpretation of criterion 8C could be applied at PFP. Therefore, the PFP Criticality Safety staff decided to write their own CCR. The PFP CCR provides additional guidance for the evaluation team to use by clarifying the evaluation criteria in DOE-STD-3007

Criticality Safety Evaluation for the TACS at DAF

DOE Office of Scientific and Technical Information (OSTI.GOV)

Percher, C. M.; Heinrichs, D. P.

2011-06-10

Hands-on experimental training in the physical behavior of multiplying systems is one of ten key areas of training required for practitioners to become qualified in the discipline of criticality safety as identified in DOE-STD-1135-99, Guidance for Nuclear Criticality Safety Engineer Training and Qualification. This document is a criticality safety evaluation of the training activities and operations associated with HS-3201-P, Nuclear Criticality 4-Day Training Course (Practical). This course was designed to also address the training needs of nuclear criticality safety professionals under the auspices of the NNSA Nuclear Criticality Safety Program1. The hands-on, or laboratory, portion of the course will utilizemore » the Training Assembly for Criticality Safety (TACS) and will be conducted in the Device Assembly Facility (DAF) at the Nevada Nuclear Security Site (NNSS). The training activities will be conducted by Lawrence Livermore National Laboratory following the requirements of an Integrated Work Sheet (IWS) and associated Safety Plan. Students will be allowed to handle the fissile material under the supervision of an LLNL Certified Fissile Material Handler.« less

2011 Annual Criticality Safety Program Performance Summary

DOE Office of Scientific and Technical Information (OSTI.GOV)

Andrea Hoffman

The 2011 review of the INL Criticality Safety Program has determined that the program is robust and effective. The review was prepared for, and fulfills Contract Data Requirements List (CDRL) item H.20, 'Annual Criticality Safety Program performance summary that includes the status of assessments, issues, corrective actions, infractions, requirements management, training, and programmatic support.' This performance summary addresses the status of these important elements of the INL Criticality Safety Program. Assessments - Assessments in 2011 were planned and scheduled. The scheduled assessments included a Criticality Safety Program Effectiveness Review, Criticality Control Area Inspections, a Protection of Controlled Unclassified Information Inspection,more » an Assessment of Criticality Safety SQA, and this management assessment of the Criticality Safety Program. All of the assessments were completed with the exception of the 'Effectiveness Review' for SSPSF, which was delayed due to emerging work. Although minor issues were identified in the assessments, no issues or combination of issues indicated that the INL Criticality Safety Program was ineffective. The identification of issues demonstrates the importance of an assessment program to the overall health and effectiveness of the INL Criticality Safety Program. Issues and Corrective Actions - There are relatively few criticality safety related issues in the Laboratory ICAMS system. Most were identified by Criticality Safety Program assessments. No issues indicate ineffectiveness in the INL Criticality Safety Program. All of the issues are being worked and there are no imminent criticality concerns. Infractions - There was one criticality safety related violation in 2011. On January 18, 2011, it was discovered that a fuel plate bundle in the Nuclear Materials Inspection and Storage (NMIS) facility exceeded the fissionable mass limit, resulting in a technical safety requirement (TSR) violation. The TSR limits

Certification Processes for Safety-Critical and Mission-Critical Aerospace Software

NASA Technical Reports Server (NTRS)

Nelson, Stacy

2003-01-01

This document is a quick reference guide with an overview of the processes required to certify safety-critical and mission-critical flight software at selected NASA centers and the FAA. Researchers and software developers can use this guide to jumpstart their understanding of how to get new or enhanced software onboard an aircraft or spacecraft. The introduction contains aerospace industry definitions of safety and safety-critical software, as well as, the current rationale for certification of safety-critical software. The Standards for Safety-Critical Aerospace Software section lists and describes current standards including NASA standards and RTCA DO-178B. The Mission-Critical versus Safety-Critical software section explains the difference between two important classes of software: safety-critical software involving the potential for loss of life due to software failure and mission-critical software involving the potential for aborting a mission due to software failure. The DO-178B Safety-critical Certification Requirements section describes special processes and methods required to obtain a safety-critical certification for aerospace software flying on vehicles under auspices of the FAA. The final two sections give an overview of the certification process used at Dryden Flight Research Center and the approval process at the Jet Propulsion Lab (JPL).

Evaluating Models of Human Performance: Safety-Critical Systems Applications

NASA Technical Reports Server (NTRS)

Feary, Michael S.

2012-01-01

This presentation is part of panel discussion on Evaluating Models of Human Performance. The purpose of this panel is to discuss the increasing use of models in the world today and specifically focus on how to describe and evaluate models of human performance. My presentation will focus on discussions of generating distributions of performance, and the evaluation of different strategies for humans performing tasks with mixed initiative (Human-Automation) systems. I will also discuss issues with how to provide Human Performance modeling data to support decisions on acceptability and tradeoffs in the design of safety critical systems. I will conclude with challenges for the future.

48 CFR 209.270 - Aviation and ship critical safety items.

Code of Federal Regulations, 2012 CFR

2012-10-01

... 48 Federal Acquisition Regulations System 3 2012-10-01 2012-10-01 false Aviation and ship critical safety items. 209.270 Section 209.270 Federal Acquisition Regulations System DEFENSE ACQUISITION... Requirements 209.270 Aviation and ship critical safety items. ...

48 CFR 209.270 - Aviation and ship critical safety items.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 48 Federal Acquisition Regulations System 3 2011-10-01 2011-10-01 false Aviation and ship critical safety items. 209.270 Section 209.270 Federal Acquisition Regulations System DEFENSE ACQUISITION... Requirements 209.270 Aviation and ship critical safety items. ...

48 CFR 209.270 - Aviation and ship critical safety items.

Code of Federal Regulations, 2013 CFR

2013-10-01

... 48 Federal Acquisition Regulations System 3 2013-10-01 2013-10-01 false Aviation and ship critical safety items. 209.270 Section 209.270 Federal Acquisition Regulations System DEFENSE ACQUISITION... Requirements 209.270 Aviation and ship critical safety items. ...

48 CFR 209.270 - Aviation and ship critical safety items.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 48 Federal Acquisition Regulations System 3 2014-10-01 2014-10-01 false Aviation and ship critical safety items. 209.270 Section 209.270 Federal Acquisition Regulations System DEFENSE ACQUISITION... Requirements 209.270 Aviation and ship critical safety items. ...

48 CFR 209.270 - Aviation and ship critical safety items.

Code of Federal Regulations, 2010 CFR

2010-10-01

... Requirements 209.270 Aviation and ship critical safety items. ... 48 Federal Acquisition Regulations System 3 2010-10-01 2010-10-01 false Aviation and ship critical safety items. 209.270 Section 209.270 Federal Acquisition Regulations System DEFENSE ACQUISITION...

Validation of Safety-Critical Systems for Aircraft Loss-of-Control Prevention and Recovery

NASA Technical Reports Server (NTRS)

Belcastro, Christine M.

2012-01-01

Validation of technologies developed for loss of control (LOC) prevention and recovery poses significant challenges. Aircraft LOC can result from a wide spectrum of hazards, often occurring in combination, which cannot be fully replicated during evaluation. Technologies developed for LOC prevention and recovery must therefore be effective under a wide variety of hazardous and uncertain conditions, and the validation framework must provide some measure of assurance that the new vehicle safety technologies do no harm (i.e., that they themselves do not introduce new safety risks). This paper summarizes a proposed validation framework for safety-critical systems, provides an overview of validation methods and tools developed by NASA to date within the Vehicle Systems Safety Project, and develops a preliminary set of test scenarios for the validation of technologies for LOC prevention and recovery

MISSION: Mission and Safety Critical Support Environment. Executive overview

NASA Technical Reports Server (NTRS)

Mckay, Charles; Atkinson, Colin

1992-01-01

For mission and safety critical systems it is necessary to: improve definition, evolution and sustenance techniques; lower development and maintenance costs; support safe, timely and affordable system modifications; and support fault tolerance and survivability. The goal of the MISSION project is to lay the foundation for a new generation of integrated systems software providing a unified infrastructure for mission and safety critical applications and systems. This will involve the definition of a common, modular target architecture and a supporting infrastructure.

Software Reliability Issues Concerning Large and Safety Critical Software Systems

NASA Technical Reports Server (NTRS)

Kamel, Khaled; Brown, Barbara

1996-01-01

This research was undertaken to provide NASA with a survey of state-of-the-art techniques using in industrial and academia to provide safe, reliable, and maintainable software to drive large systems. Such systems must match the complexity and strict safety requirements of NASA's shuttle system. In particular, the Launch Processing System (LPS) is being considered for replacement. The LPS is responsible for monitoring and commanding the shuttle during test, repair, and launch phases. NASA built this system in the 1970's using mostly hardware techniques to provide for increased reliability, but it did so often using custom-built equipment, which has not been able to keep up with current technologies. This report surveys the major techniques used in industry and academia to ensure reliability in large and critical computer systems.

A primer on criticality safety

DOE PAGES

Costa, David A.; Cournoyer, Michael E.; Merhege, James F.; ...

2017-05-01

Criticality is the state of a nuclear chain reacting medium when the chain reaction is just self-sustaining (or critical). Criticality is dependent on nine interrelated parameters. Moreover, we design criticality safety controls in order to constrain these parameters to minimize fissions and maximize neutron leakage and absorption in other materials, which makes criticality more difficult or impossible to achieve. We present the consequences of criticality accidents are discussed, the nine interrelated parameters that combine to affect criticality are described, and criticality safety controls used to minimize the likelihood of a criticality accident are presented.

Providing Nuclear Criticality Safety Analysis Education through Benchmark Experiment Evaluation

DOE Office of Scientific and Technical Information (OSTI.GOV)

John D. Bess; J. Blair Briggs; David W. Nigg

2009-11-01

One of the challenges that today's new workforce of nuclear criticality safety engineers face is the opportunity to provide assessment of nuclear systems and establish safety guidelines without having received significant experience or hands-on training prior to graduation. Participation in the International Criticality Safety Benchmark Evaluation Project (ICSBEP) and/or the International Reactor Physics Experiment Evaluation Project (IRPhEP) provides students and young professionals the opportunity to gain experience and enhance critical engineering skills.

Nuclear criticality safety: 5-day training course

DOE Office of Scientific and Technical Information (OSTI.GOV)

Schlesser, J.A.

1992-11-01

This compilation of notes is presented as a source reference for the criticality safety course. It represents the contributions of many people, particularly Tom McLaughlin, the course's primary instructor. At the completion of this training course, the attendee will: be able to define terms commonly used in nuclear criticality safety; be able to appreciate the fundamentals of nuclear criticality safety; be able to identify factors which affect nuclear criticality safety; be able to identify examples of criticality controls as used at Los Alamos; be able to identify examples of circumstances present during criticality accidents; be able to identify examples ofmore » computer codes used by the nuclear criticality safety specialist; be able to identify examples of safety consciousness required in nuclear criticality safety.« less

Aluminum Data Measurements and Evaluation for Criticality Safety Applications

NASA Astrophysics Data System (ADS)

Leal, L. C.; Guber, K. H.; Spencer, R. R.; Derrien, H.; Wright, R. Q.

2002-12-01

The Defense Nuclear Facility Safety Board (DNFSB) Recommendation 93-2 motivated the US Department of Energy (DOE) to develop a comprehensive criticality safety program to maintain and to predict the criticality of systems throughout the DOE complex. To implement the response to the DNFSB Recommendation 93-2, a Nuclear Criticality Safety Program (NCSP) was created including the following tasks: Critical Experiments, Criticality Benchmarks, Training, Analytical Methods, and Nuclear Data. The Nuclear Data portion of the NCSP consists of a variety of differential measurements performed at the Oak Ridge Electron Linear Accelerator (ORELA) at the Oak Ridge National Laboratory (ORNL), data analysis and evaluation using the generalized least-squares fitting code SAMMY in the resolved, unresolved, and high energy ranges, and the development and benchmark testing of complete evaluations for a nuclide for inclusion into the Evaluated Nuclear Data File (ENDF/B). This paper outlines the work performed at ORNL to measure, evaluate, and test the nuclear data for aluminum for applications in criticality safety problems.

The Integrated Safety-Critical Advanced Avionics Communication and Control (ISAACC) System Concept: Infrastructure for ISHM

NASA Technical Reports Server (NTRS)

Gwaltney, David A.; Briscoe, Jeri M.

2005-01-01

Integrated System Health Management (ISHM) architectures for spacecraft will include hard real-time, critical subsystems and soft real-time monitoring subsystems. Interaction between these subsystems will be necessary and an architecture supporting multiple criticality levels will be required. Demonstration hardware for the Integrated Safety-Critical Advanced Avionics Communication & Control (ISAACC) system has been developed at NASA Marshall Space Flight Center. It is a modular system using a commercially available time-triggered protocol, ?Tp/C, that supports hard real-time distributed control systems independent of the data transmission medium. The protocol is implemented in hardware and provides guaranteed low-latency messaging with inherent fault-tolerance and fault-containment. Interoperability between modules and systems of modules using the TTP/C is guaranteed through definition of messages and the precise message schedule implemented by the master-less Time Division Multiple Access (TDMA) communications protocol. "Plug-and-play" capability for sensors and actuators provides automatically configurable modules supporting sensor recalibration and control algorithm re-tuning without software modification. Modular components of controlled physical system(s) critical to control algorithm tuning, such as pumps or valve components in an engine, can be replaced or upgraded as "plug and play" components without modification to the ISAACC module hardware or software. ISAACC modules can communicate with other vehicle subsystems through time-triggered protocols or other communications protocols implemented over Ethernet, MIL-STD- 1553 and RS-485/422. Other communication bus physical layers and protocols can be included as required. In this way, the ISAACC modules can be part of a system-of-systems in a vehicle with multi-tier subsystems of varying criticality. The goal of the ISAACC architecture development is control and monitoring of safety critical systems of a

Validation and Verification of Future Integrated Safety-Critical Systems Operating under Off-Nominal Conditions

NASA Technical Reports Server (NTRS)

Belcastro, Christine M.

2010-01-01

Loss of control remains one of the largest contributors to aircraft fatal accidents worldwide. Aircraft loss-of-control accidents are highly complex in that they can result from numerous causal and contributing factors acting alone or (more often) in combination. Hence, there is no single intervention strategy to prevent these accidents and reducing them will require a holistic integrated intervention capability. Future onboard integrated system technologies developed for preventing loss of vehicle control accidents must be able to assure safe operation under the associated off-nominal conditions. The transition of these technologies into the commercial fleet will require their extensive validation and verification (V and V) and ultimate certification. The V and V of complex integrated systems poses major nontrivial technical challenges particularly for safety-critical operation under highly off-nominal conditions associated with aircraft loss-of-control events. This paper summarizes the V and V problem and presents a proposed process that could be applied to complex integrated safety-critical systems developed for preventing aircraft loss-of-control accidents. A summary of recent research accomplishments in this effort is also provided.

Critical Incident Stress Management (CISM) in complex systems: cultural adaptation and safety impacts in healthcare.

PubMed

Müller-Leonhardt, Alice; Mitchell, Shannon G; Vogt, Joachim; Schürmann, Tim

2014-07-01

In complex systems, such as hospitals or air traffic control operations, critical incidents (CIs) are unavoidable. These incidents can not only become critical for victims but also for professionals working at the "sharp end" who may have to deal with critical incident stress (CIS) reactions that may be severe and impede emotional, physical, cognitive and social functioning. These CIS reactions may occur not only under exceptional conditions but also during every-day work and become an important safety issue. In contrast to air traffic management (ATM) operations in Europe, which have readily adopted critical incident stress management (CISM), most hospitals have not yet implemented comprehensive peer support programs. This survey was conducted in 2010 at the only European general hospital setting which implemented CISM program since 2004. The aim of the article is to describe possible contribution of CISM in hospital settings framed from the perspective of organizational safety and individual health for healthcare professionals. Findings affirm that daily work related incidents also can become critical for healthcare professionals. Program efficiency appears to be influenced by the professional culture, as well as organizational structure and policies. Overall, findings demonstrate that the adaptation of the CISM program in general hospitals takes time but, once established, it may serve as a mechanism for changing professional culture, thereby permitting the framing of even small incidents or near misses as an opportunity to provide valuable feedback to the system. Copyright © 2014 Elsevier Ltd. All rights reserved.

Cyber Security Threats to Safety-Critical, Space-Based Infrastructures

NASA Astrophysics Data System (ADS)

Johnson, C. W.; Atencia Yepez, A.

2012-01-01

Space-based systems play an important role within national critical infrastructures. They are being integrated into advanced air-traffic management applications, rail signalling systems, energy distribution software etc. Unfortunately, the end users of communications, location sensing and timing applications often fail to understand that these infrastructures are vulnerable to a wide range of security threats. The following pages focus on concerns associated with potential cyber-attacks. These are important because future attacks may invalidate many of the safety assumptions that support the provision of critical space-based services. These safety assumptions are based on standard forms of hazard analysis that ignore cyber-security considerations This is a significant limitation when, for instance, security attacks can simultaneously exploit multiple vulnerabilities in a manner that would never occur without a deliberate enemy seeking to damage space based systems and ground infrastructures. We address this concern through the development of a combined safety and security risk assessment methodology. The aim is to identify attack scenarios that justify the allocation of additional design resources so that safety barriers can be strengthened to increase our resilience against security threats.

Proceedings of the Nuclear Criticality Technology Safety Workshop

DOE Office of Scientific and Technical Information (OSTI.GOV)

Rene G. Sanchez

1998-04-01

This document contains summaries of most of the papers presented at the 1995 Nuclear Criticality Technology Safety Project (NCTSP) meeting, which was held May 16 and 17 at San Diego, Ca. The meeting was broken up into seven sessions, which covered the following topics: (1) Criticality Safety of Project Sapphire; (2) Relevant Experiments For Criticality Safety; (3) Interactions with the Former Soviet Union; (4) Misapplications and Limitations of Monte Carlo Methods Directed Toward Criticality Safety Analyses; (5) Monte Carlo Vulnerabilities of Execution and Interpretation; (6) Monte Carlo Vulnerabilities of Representation; and (7) Benchmark Comparisons.

Regenerative braking strategies, vehicle safety and stability control systems: critical use-case proposals

NASA Astrophysics Data System (ADS)

Oleksowicz, Selim A.; Burnham, Keith J.; Southgate, Adam; McCoy, Chris; Waite, Gary; Hardwick, Graham; Harrington, Cian; McMurran, Ross

2013-05-01

The sustainable development of vehicle propulsion systems that have mainly focused on reduction of fuel consumption (i.e. CO2 emission) has led, not only to the development of systems connected with combustion processes but also to legislation and testing procedures. In recent years, the low carbon policy has made hybrid vehicles and fully electric vehicles (H/EVs) popular. The main virtue of these propulsion systems is their ability to restore some of the expended energy from kinetic movement, e.g. the braking process. Consequently new research and testing methods for H/EVs are currently being developed. This especially concerns the critical 'use-cases' for functionality tests within dynamic events for both virtual simulations, as well as real-time road tests. The use-case for conventional vehicles for numerical simulations and road tests are well established. However, the wide variety of tests and their great number (close to a thousand) creates a need for selection, in the first place, and the creation of critical use-cases suitable for testing H/EVs in both virtual and real-world environments. It is known that a marginal improvement in the regenerative braking ratio can significantly improve the vehicle range and, therefore, the economic cost of its operation. In modern vehicles, vehicle dynamics control systems play the principal role in safety, comfort and economic operation. Unfortunately, however, the existing standard road test scenarios are insufficient for H/EVs. Sector knowledge suggests that there are currently no agreed tests scenarios to fully investigate the effects of brake blending between conventional and regenerative braking as well as the regenerative braking interaction with active driving safety systems (ADSS). The paper presents seven manoeuvres, which are considered to be suitable and highly informative for the development and examination of H/EVs with regenerative braking capability. The critical manoeuvres presented are considered to be

Critical roles of orthopaedic surgeon leadership in healthcare systems to improve orthopaedic surgical patient safety.

PubMed

Kuo, Calvin C; Robb, William J

2013-06-01

The prevention of medical and surgical harm remains an important public health problem despite increased awareness and implementation of safety programs. Successful introduction and maintenance of surgical safety programs require both surgeon leadership and collaborative surgeon-hospital alignment. Documentation of success of such surgical safety programs in orthopaedic practice is limited. We describe the scope of orthopaedic surgical patient safety issues, define critical elements of orthopaedic surgical safety, and outline leadership roles for orthopaedic surgeons needed to establish and sustain a culture of safety in contemporary healthcare systems. We identified the most common causes of preventable surgical harm based on adverse and sentinel surgical events reported to The Joint Commission. A comprehensive literature review through a MEDLINE(®) database search (January 1982 through April 2012) to identify pertinent orthopaedic surgical safety articles found 14 articles. Where gaps in orthopaedic literature were identified, the review was supplemented by 22 nonorthopaedic surgical references. Our final review included 36 articles. Six important surgical safety program elements needed to eliminate preventable surgical harm were identified: (1) effective surgical team communication, (2) proper informed consent, (3) implementation and regular use of surgical checklists, (4) proper surgical site/procedure identification, (5) reduction of surgical team distractions, and (6) routine surgical data collection and analysis to improve the safety and quality of surgical patient care. Successful surgical safety programs require a culture of safety supported by all six key surgical safety program elements, active surgeon champions, and collaborative hospital and/or administrative support designed to enhance surgical safety and improve surgical patient outcomes. Further research measuring improvements from such surgical safety systems in orthopaedic care is needed.

Resilience Engineering in Critical Long Term Aerospace Software Systems: A New Approach to Spacecraft Software Safety

NASA Astrophysics Data System (ADS)

Dulo, D. A.

Safety critical software systems permeate spacecraft, and in a long term venture like a starship would be pervasive in every system of the spacecraft. Yet software failure today continues to plague both the systems and the organizations that develop them resulting in the loss of life, time, money, and valuable system platforms. A starship cannot afford this type of software failure in long journeys away from home. A single software failure could have catastrophic results for the spaceship and the crew onboard. This paper will offer a new approach to developing safe reliable software systems through focusing not on the traditional safety/reliability engineering paradigms but rather by focusing on a new paradigm: Resilience and Failure Obviation Engineering. The foremost objective of this approach is the obviation of failure, coupled with the ability of a software system to prevent or adapt to complex changing conditions in real time as a safety valve should failure occur to ensure safe system continuity. Through this approach, safety is ensured through foresight to anticipate failure and to adapt to risk in real time before failure occurs. In a starship, this type of software engineering is vital. Through software developed in a resilient manner, a starship would have reduced or eliminated software failure, and would have the ability to rapidly adapt should a software system become unstable or unsafe. As a result, long term software safety, reliability, and resilience would be present for a successful long term starship mission.

SRTC criticality safety technical review: Nuclear Criticality Safety Evaluation 93-04 enriched uranium receipt

DOE Office of Scientific and Technical Information (OSTI.GOV)

Rathbun, R.

Review of NMP-NCS-930087, {open_quotes}Nuclear Criticality Safety Evaluation 93-04 Enriched Uranium Receipt (U), July 30, 1993, {close_quotes} was requested of SRTC (Savannah River Technology Center) Applied Physics Group. The NCSE is a criticality assessment to determine the mass limit for Engineered Low Level Trench (ELLT) waste uranium burial. The intent is to bury uranium in pits that would be separated by a specified amount of undisturbed soil. The scope of the technical review, documented in this report, consisted of (1) an independent check of the methods and models employed, (2) independent HRXN/KENO-V.a calculations of alternate configurations, (3) application of ANSI/ANS 8.1,more » and (4) verification of WSRC Nuclear Criticality Safety Manual procedures. The NCSE under review concludes that a 500 gram limit per burial position is acceptable to ensure the burial site remains in a critically safe configuration for all normal and single credible abnormal conditions. This reviewer agrees with that conclusion.« less

Nuclear Criticality Safety Data Book

DOE Office of Scientific and Technical Information (OSTI.GOV)

Hollenbach, D. F.

The objective of this document is to support the revision of criticality safety process studies (CSPSs) for the Uranium Processing Facility (UPF) at the Y-12 National Security Complex (Y-12). This design analysis and calculation (DAC) document contains development and justification for generic inputs typically used in Nuclear Criticality Safety (NCS) DACs to model both normal and abnormal conditions of processes at UPF to support CSPSs. This will provide consistency between NCS DACs and efficiency in preparation and review of DACs, as frequently used data are provided in one reference source.

A Comparison of Bus Architectures for Safety-Critical Embedded Systems

NASA Technical Reports Server (NTRS)

Rushby, John; Miner, Paul S. (Technical Monitor)

2003-01-01

We describe and compare the architectures of four fault-tolerant, safety-critical buses with a view to deducing principles common to all of them, the main differences in their design choices, and the tradeoffs made. Two of the buses come from an avionics heritage, and two from automobiles, though all four strive for similar levels of reliability and assurance. The avionics buses considered are the Honeywell SAFEbus (the backplane data bus used in the Boeing 777 Airplane Information Management System) and the NASA SPIDER (an architecture being developed as a demonstrator for certification under the new DO-254 guidelines); the automobile buses considered are the TTTech Time-Triggered Architecture (TTA), recently adopted by Audi for automobile applications, and by Honeywell for avionics and aircraft control functions, and FlexRay, which is being developed by a consortium of BMW, DaimlerChrysler, Motorola, and Philips.

Ending on a positive: Examining the role of safety leadership decisions, behaviours and actions in a safety critical situation.

PubMed

Donovan, Sarah-Louise; Salmon, Paul M; Horberry, Timothy; Lenné, Michael G

2018-01-01

Safety leadership is an important factor in supporting safe performance in the workplace. The present case study examined the role of safety leadership during the Bingham Canyon Mine high-wall failure, a significant mining incident in which no fatalities or injuries were incurred. The Critical Decision Method (CDM) was used in conjunction with a self-reporting approach to examine safety leadership in terms of decisions, behaviours and actions that contributed to the incidents' safe outcome. Mapping the analysis onto Rasmussen's Risk Management Framework (Rasmussen, 1997), the findings demonstrate clear links between safety leadership decisions, and emergent behaviours and actions across the work system. Communication and engagement based decisions featured most prominently, and were linked to different leadership practices across the work system. Further, a core sub-set of CDM decision elements were linked to the open flow and exchange of information across the work system, which was critical to supporting the safe outcome. The findings provide practical implications for the development of safety leadership capability to support safety within the mining industry. Copyright © 2017 Elsevier Ltd. All rights reserved.

Agile Methods for Open Source Safety-Critical Software.

PubMed

Gary, Kevin; Enquobahrie, Andinet; Ibanez, Luis; Cheng, Patrick; Yaniv, Ziv; Cleary, Kevin; Kokoori, Shylaja; Muffih, Benjamin; Heidenreich, John

2011-08-01

The introduction of software technology in a life-dependent environment requires the development team to execute a process that ensures a high level of software reliability and correctness. Despite their popularity, agile methods are generally assumed to be inappropriate as a process family in these environments due to their lack of emphasis on documentation, traceability, and other formal techniques. Agile methods, notably Scrum, favor empirical process control, or small constant adjustments in a tight feedback loop. This paper challenges the assumption that agile methods are inappropriate for safety-critical software development. Agile methods are flexible enough to encourage the rightamount of ceremony; therefore if safety-critical systems require greater emphasis on activities like formal specification and requirements management, then an agile process will include these as necessary activities. Furthermore, agile methods focus more on continuous process management and code-level quality than classic software engineering process models. We present our experiences on the image-guided surgical toolkit (IGSTK) project as a backdrop. IGSTK is an open source software project employing agile practices since 2004. We started with the assumption that a lighter process is better, focused on evolving code, and only adding process elements as the need arose. IGSTK has been adopted by teaching hospitals and research labs, and used for clinical trials. Agile methods have matured since the academic community suggested they are not suitable for safety-critical systems almost a decade ago, we present our experiences as a case study for renewing the discussion.

HSE's safety assessment principles for criticality safety.

PubMed

Simister, D N; Finnerty, M D; Warburton, S J; Thomas, E A; Macphail, M R

2008-06-01

The Health and Safety Executive (HSE) published its revised Safety Assessment Principles for Nuclear Facilities (SAPs) in December 2006. The SAPs are primarily intended for use by HSE's inspectors when judging the adequacy of safety cases for nuclear facilities. The revised SAPs relate to all aspects of safety in nuclear facilities including the technical discipline of criticality safety. The purpose of this paper is to set out for the benefit of a wider audience some of the thinking behind the final published words and to provide an insight into the development of UK regulatory guidance. The paper notes that it is HSE's intention that the Safety Assessment Principles should be viewed as a reflection of good practice in the context of interpreting primary legislation such as the requirements under site licence conditions for arrangements for producing an adequate safety case and for producing a suitable and sufficient risk assessment under the Ionising Radiations Regulations 1999 (SI1999/3232 www.opsi.gov.uk/si/si1999/uksi_19993232_en.pdf).

Criticality Safety Basics for INL FMHs and CSOs

DOE Office of Scientific and Technical Information (OSTI.GOV)

V. L. Putman

2012-04-01

Nuclear power is a valuable and efficient energy alternative in our energy-intensive society. However, material that can generate nuclear power has properties that require this material be handled with caution. If improperly handled, a criticality accident could result, which could severely harm workers. This document is a modular self-study guide about Criticality Safety Principles. This guide's purpose it to help you work safely in areas where fissionable nuclear materials may be present, avoiding the severe radiological and programmatic impacts of a criticality accident. It is designed to stress the fundamental physical concepts behind criticality controls and the importance of criticalitymore » safety when handling fissionable materials outside nuclear reactors. This study guide was developed for fissionable-material-handler and criticality-safety-officer candidates to use with related web-based course 00INL189, BEA Criticality Safety Principles, and to help prepare for the course exams. These individuals must understand basic information presented here. This guide may also be useful to other Idaho National Laboratory personnel who must know criticality safety basics to perform their assignments safely or to design critically safe equipment or operations. This guide also includes additional information that will not be included in 00INL189 tests. The additional information is in appendices and paragraphs with headings that begin with 'Did you know,' or with, 'Been there Done that'. Fissionable-material-handler and criticality-safety-officer candidates may review additional information at their own discretion. This guide is revised as needed to reflect program changes, user requests, and better information. Issued in 2006, Revision 0 established the basic text and integrated various programs from former contractors. Revision 1 incorporates operation and program changes implemented since 2006. It also incorporates suggestions, clarifications, and additional

Agile Methods for Open Source Safety-Critical Software

PubMed Central

Enquobahrie, Andinet; Ibanez, Luis; Cheng, Patrick; Yaniv, Ziv; Cleary, Kevin; Kokoori, Shylaja; Muffih, Benjamin; Heidenreich, John

2011-01-01

The introduction of software technology in a life-dependent environment requires the development team to execute a process that ensures a high level of software reliability and correctness. Despite their popularity, agile methods are generally assumed to be inappropriate as a process family in these environments due to their lack of emphasis on documentation, traceability, and other formal techniques. Agile methods, notably Scrum, favor empirical process control, or small constant adjustments in a tight feedback loop. This paper challenges the assumption that agile methods are inappropriate for safety-critical software development. Agile methods are flexible enough to encourage the right amount of ceremony; therefore if safety-critical systems require greater emphasis on activities like formal specification and requirements management, then an agile process will include these as necessary activities. Furthermore, agile methods focus more on continuous process management and code-level quality than classic software engineering process models. We present our experiences on the image-guided surgical toolkit (IGSTK) project as a backdrop. IGSTK is an open source software project employing agile practices since 2004. We started with the assumption that a lighter process is better, focused on evolving code, and only adding process elements as the need arose. IGSTK has been adopted by teaching hospitals and research labs, and used for clinical trials. Agile methods have matured since the academic community suggested they are not suitable for safety-critical systems almost a decade ago, we present our experiences as a case study for renewing the discussion. PMID:21799545

Evolution of safety-critical requirements post-launch

NASA Technical Reports Server (NTRS)

Lutz, R. R.; Mikulski, I. C.

2001-01-01

This paper reports the results of a small study of requirements changes to the onboard software of three spacecraft subsequent to launch. Only those requirement changes that resulted from post-launch anoma-lies (i.e., during operations) were of interest here, since the goal was to better understand the relation-ship between critical anomalies during operations and how safety-critical requirements evolve. The results of the study were surprising in that anomaly-driven, post-launch requirements changes were rarely due to previous requirements having been incorrect. Instead, changes involved new requirements (1) for the software to handle rare events or (2) for the software to compensate for hardware failures or limitations. The prevalence of new requirements as a result of post-launch anomalies suggests a need for increased requirements-engineering support of maintenance activities in these systems. The results also confirm both the difficulty and the benefits of pursuing requirements completeness, especially in terms of fault tolerance, during development of critical systems.

Autonomous Flight Safety System

NASA Technical Reports Server (NTRS)

Ferrell, Bob; Santuro, Steve; Simpson, James; Zoerner, Roger; Bull, Barton; Lanzi, Jim

2004-01-01

Autonomous Flight Safety System (AFSS) is an independent flight safety system designed for small to medium sized expendable launch vehicles launching from or needing range safety protection while overlying relatively remote locations. AFSS replaces the need for a man-in-the-loop to make decisions for flight termination. AFSS could also serve as the prototype for an autonomous manned flight crew escape advisory system. AFSS utilizes onboard sensors and processors to emulate the human decision-making process using rule-based software logic and can dramatically reduce safety response time during critical launch phases. The Range Safety flight path nominal trajectory, its deviation allowances, limit zones and other flight safety rules are stored in the onboard computers. Position, velocity and attitude data obtained from onboard global positioning system (GPS) and inertial navigation system (INS) sensors are compared with these rules to determine the appropriate action to ensure that people and property are not jeopardized. The final system will be fully redundant and independent with multiple processors, sensors, and dead man switches to prevent inadvertent flight termination. AFSS is currently in Phase III which includes updated algorithms, integrated GPS/INS sensors, large scale simulation testing and initial aircraft flight testing.

Analyzing Software Errors in Safety-Critical Embedded Systems

NASA Technical Reports Server (NTRS)

Lutz, Robyn R.

1994-01-01

This paper analyzes the root causes of safty-related software faults identified as potentially hazardous to the system are distributed somewhat differently over the set of possible error causes than non-safety-related software faults.

Does the concept of safety culture help or hinder systems thinking in safety?

PubMed

Reiman, Teemu; Rollenhagen, Carl

2014-07-01

The concept of safety culture has become established in safety management applications in all major safety-critical domains. The idea that safety culture somehow represents a "systemic view" on safety is seldom explicitly spoken out, but nevertheless seem to linger behind many safety culture discourses. However, in this paper we argue that the "new" contribution to safety management from safety culture never really became integrated with classical engineering principles and concepts. This integration would have been necessary for the development of a more genuine systems-oriented view on safety; e.g. a conception of safety in which human, technological, organisational and cultural factors are understood as mutually interacting elements. Without of this integration, researchers and the users of the various tools and methods associated with safety culture have sometimes fostered a belief that "safety culture" in fact represents such a systemic view about safety. This belief is, however, not backed up by theoretical or empirical evidence. It is true that safety culture, at least in some sense, represents a holistic term-a totality of factors that include human, organisational and technological aspects. However, the departure for such safety culture models is still human and organisational factors rather than technology (or safety) itself. The aim of this paper is to critically review the various uses of the concept of safety culture as representing a systemic view on safety. The article will take a look at the concepts of culture and safety culture based on previous studies, and outlines in more detail the theoretical challenges in safety culture as a systems concept. The paper also presents recommendations on how to make safety culture more systemic. Copyright © 2013 Elsevier Ltd. All rights reserved.

Planning the Unplanned Experiment: Assessing the Efficacy of Standards for Safety Critical Software

NASA Technical Reports Server (NTRS)

Graydon, Patrick J.; Holloway, C. Michael

2015-01-01

We need well-founded means of determining whether software is t for use in safety-critical applications. While software in industries such as aviation has an excellent safety record, the fact that software aws have contributed to deaths illustrates the need for justi ably high con dence in software. It is often argued that software is t for safety-critical use because it conforms to a standard for software in safety-critical systems. But little is known about whether such standards `work.' Reliance upon a standard without knowing whether it works is an experiment; without collecting data to assess the standard, this experiment is unplanned. This paper reports on a workshop intended to explore how standards could practicably be assessed. Planning the Unplanned Experiment: Assessing the Ecacy of Standards for Safety Critical Software (AESSCS) was held on 13 May 2014 in conjunction with the European Dependable Computing Conference (EDCC). We summarize and elaborate on the workshop's discussion of the topic, including both the presented positions and the dialogue that ensued.

Modelling safety of multistate systems with ageing components

DOE Office of Scientific and Technical Information (OSTI.GOV)

Kołowrocki, Krzysztof; Soszyńska-Budny, Joanna

An innovative approach to safety analysis of multistate ageing systems is presented. Basic notions of the ageing multistate systems safety analysis are introduced. The system components and the system multistate safety functions are defined. The mean values and variances of the multistate systems lifetimes in the safety state subsets and the mean values of their lifetimes in the particular safety states are defined. The multi-state system risk function and the moment of exceeding by the system the critical safety state are introduced. Applications of the proposed multistate system safety models to the evaluation and prediction of the safty characteristics ofmore » the consecutive “m out of n: F” is presented as well.« less

Quantitative safety assessment of air traffic control systems through system control capacity

NASA Astrophysics Data System (ADS)

Guo, Jingjing

Quantitative Safety Assessments (QSA) are essential to safety benefit verification and regulations of developmental changes in safety critical systems like the Air Traffic Control (ATC) systems. Effectiveness of the assessments is particularly desirable today in the safe implementations of revolutionary ATC overhauls like NextGen and SESAR. QSA of ATC systems are however challenged by system complexity and lack of accident data. Extending from the idea "safety is a control problem" in the literature, this research proposes to assess system safety from the control perspective, through quantifying a system's "control capacity". A system's safety performance correlates to this "control capacity" in the control of "safety critical processes". To examine this idea in QSA of the ATC systems, a Control-capacity Based Safety Assessment Framework (CBSAF) is developed which includes two control capacity metrics and a procedural method. The two metrics are Probabilistic System Control-capacity (PSC) and Temporal System Control-capacity (TSC); each addresses an aspect of a system's control capacity. And the procedural method consists three general stages: I) identification of safety critical processes, II) development of system control models and III) evaluation of system control capacity. The CBSAF was tested in two case studies. The first one assesses an en-route collision avoidance scenario and compares three hypothetical configurations. The CBSAF was able to capture the uncoordinated behavior between two means of control, as was observed in a historic midair collision accident. The second case study compares CBSAF with an existing risk based QSA method in assessing the safety benefits of introducing a runway incursion alert system. Similar conclusions are reached between the two methods, while the CBSAF has the advantage of simplicity and provides a new control-based perspective and interpretation to the assessments. The case studies are intended to investigate the

Future Data Communication Architectures for Safety Critical Aircraft Cabin Systems

NASA Astrophysics Data System (ADS)

Berkhahn, Sven-Olaf

2012-05-01

The cabin of modern aircraft is subject to increasing demands for fast reconfiguration and hence flexibility. These demands require studies for new network architectures and technologies of the electronic cabin systems, which consider also weight and cost reductions as well as safety constraints. Two major approaches are in consideration to reduce the complex and heavy wiring harness: the usage of a so called hybrid data bus technology, which enables the common usage of the same data bus for several electronic cabin systems with different safety and security requirements and the application of wireless data transfer technologies for electronic cabin systems.

Safety Critical Mechanisms

NASA Technical Reports Server (NTRS)

Robertson, Brandan

2008-01-01

Spaceflight mechanisms have a reputation for being difficult to develop and operate successfully. This reputation is well earned. Many circumstances conspire to make this so: the environments in which the mechanisms are used are extremely severe, there is usually limited or no maintenance opportunity available during operation due to this environment, the environments are difficult to replicate accurately on the ground, the expense of the mechanism development makes it impractical to build and test many units for long periods of time before use, mechanisms tend to be highly specialized and not prone to interchangeability or off-the-shelf use, they can generate and store a lot of energy, and the nature of mechanisms themselves, as a combination of structures, electronics, etc. designed to accomplish specific dynamic performance, makes them very complex and subject to many unpredictable interactions of many types. In addition to their complexities, mechanism are often counted upon to provide critical vehicle functions that can result in catastrophic events should the functions not be performed. It is for this reason that mechanisms are frequently subjected to special scrutiny in safety processes. However, a failure tolerant approach, along with good design and development practices and detailed design reviews, can be developed to allow such notoriously troublesome mechanisms to be utilized confidently in safety-critical applications.

Nuclear criticality safety staff training and qualifications at Los Alamos National Laboratory

DOE Office of Scientific and Technical Information (OSTI.GOV)

Monahan, S.P.; McLaughlin, T.P.

1997-05-01

Operations involving significant quantities of fissile material have been conducted at Los Alamos National Laboratory continuously since 1943. Until the advent of the Laboratory`s Nuclear Criticality Safety Committee (NCSC) in 1957, line management had sole responsibility for controlling criticality risks. From 1957 until 1961, the NCSC was the Laboratory body which promulgated policy guidance as well as some technical guidance for specific operations. In 1961 the Laboratory created the position of Nuclear Criticality Safety Office (in addition to the NCSC). In 1980, Laboratory management moved the Criticality Safety Officer (and one other LACEF staff member who, by that time, wasmore » also working nearly full-time on criticality safety issues) into the Health Division office. Later that same year the Criticality Safety Group, H-6 (at that time) was created within H-Division, and staffed by these two individuals. The training and education of these individuals in the art of criticality safety was almost entirely self-regulated, depending heavily on technical interactions between each other, as well as NCSC, LACEF, operations, other facility, and broader criticality safety community personnel. Although the Los Alamos criticality safety group has grown both in size and formality of operations since 1980, the basic philosophy that a criticality specialist must be developed through mentoring and self motivation remains the same. Formally, this philosophy has been captured in an internal policy, document ``Conduct of Business in the Nuclear Criticality Safety Group.`` There are no short cuts or substitutes in the development of a criticality safety specialist. A person must have a self-motivated personality, excellent communications skills, a thorough understanding of the principals of neutron physics, a safety-conscious and helpful attitude, a good perspective of real risk, as well as a detailed understanding of process operations and credible upsets.« less

Testing of Safety-Critical Software Embedded in an Artificial Heart

NASA Astrophysics Data System (ADS)

Cha, Sungdeok; Jeong, Sehun; Yoo, Junbeom; Kim, Young-Gab

Software is being used more frequently to control medical devices such as artificial heart or robotic surgery system. While much of software safety issues in such systems are similar to other safety-critical systems (e.g., nuclear power plants), domain-specific properties may warrant development of customized techniques to demonstrate fitness of the system on patients. In this paper, we report results of a preliminary analysis done on software controlling a Hybrid Ventricular Assist Device (H-VAD) developed by Korea Artificial Organ Centre (KAOC). It is a state-of-the-art artificial heart which completed animal testing phase. We performed software testing in in-vitro experiments and animal experiments. An abnormal behaviour, never detected during extensive in-vitro analysis and animal testing, was found.

Additional nuclear criticality safety calculations for small-diameter containers

DOE Office of Scientific and Technical Information (OSTI.GOV)

Hone, M.J.

This report documents additional criticality safety analysis calculations for small diameter containers, which were originally documented in Reference 1. The results in Reference 1 indicated that some of the small diameter containers did not meet the criteria established for criticality safety at the Portsmouth facility (K{sub eff} +2{sigma}<.95) when modeled under various contingency assumptions of reflection and moderation. The calculations performed in this report reexamine those cases which did not meet the criticality safety criteria. In some cases, unnecessary conservatism is removed, and in other cases mass or assay limits are established for use with the respective containers.

Medication safety infrastructure in critical-access hospitals in Florida.

PubMed

Winterstein, Almut G; Hartzema, Abraham G; Johns, Thomas E; De Leon, Jessica M; McDonald, Kathie; Henshaw, Zak; Pannell, Robert

2006-03-01

The medication safety infrastructure of critical-access hospitals (CAHs) in Florida was evaluated. Qualitative assessments, including a self-administered survey and site visits, were conducted in seven of nine CAHs between January and June 2003. The survey consisted of the Institute for Safe Medication Practices Medication Safety Self-assessment, the 2003 Joint Commission on Accreditation of Healthcare Organizations patient safety goals, health information technology (HIT) questions, and medication-use-process flow charts. On-site visits included interviews of CAH personnel who had safety responsibility and inspections of pharmacy facilities. The findings were compiled into a matrix reflecting structural and procedural components of the CAH medication safety infrastructure. The nine characteristics that emerged as targets for quality improvement (QI) were medication accessibility and storage, sterile product compounding, access to drug information, access to and utilization of patient information in medication order review, advanced safety technology, drug formularies and standardized medication protocols, safety culture, and medication reconciliation. Based on weighted importance and feasibility, QI efforts in CAHs should focus on enhancing medication order review systems, standardizing procedures for handling high-risk medications, promoting an appropriate safety culture, involvement in seamless care, and investment in HIT.

Failure Modes Effects and Criticality Analysis, an Underutilized Safety, Reliability, Project Management and Systems Engineering Tool

NASA Astrophysics Data System (ADS)

Mullin, Daniel Richard

2013-09-01

The majority of space programs whether manned or unmanned for science or exploration require that a Failure Modes Effects and Criticality Analysis (FMECA) be performed as part of their safety and reliability activities. This comes as no surprise given that FMECAs have been an integral part of the reliability engineer's toolkit since the 1950s. The reasons for performing a FMECA are well known including fleshing out system single point failures, system hazards and critical components and functions. However, in the author's ten years' experience as a space systems safety and reliability engineer, findings demonstrate that the FMECA is often performed as an afterthought, simply to meet contract deliverable requirements and is often started long after the system requirements allocation and preliminary design have been completed. There are also important qualitative and quantitative components often missing which can provide useful data to all of project stakeholders. These include; probability of occurrence, probability of detection, time to effect and time to detect and, finally, the Risk Priority Number. This is unfortunate as the FMECA is a powerful system design tool that when used effectively, can help optimize system function while minimizing the risk of failure. When performed as early as possible in conjunction with writing the top level system requirements, the FMECA can provide instant feedback on the viability of the requirements while providing a valuable sanity check early in the design process. It can indicate which areas of the system will require redundancy and which areas are inherently the most risky from the onset. Based on historical and practical examples, it is this author's contention that FMECAs are an immense source of important information for all involved stakeholders in a given project and can provide several benefits including, efficient project management with respect to cost and schedule, system engineering and requirements management

Selecting an Architecture for a Safety-Critical Distributed Computer System with Power, Weight and Cost Considerations

NASA Technical Reports Server (NTRS)

Torres-Pomales, Wilfredo

2014-01-01

This report presents an example of the application of multi-criteria decision analysis to the selection of an architecture for a safety-critical distributed computer system. The design problem includes constraints on minimum system availability and integrity, and the decision is based on the optimal balance of power, weight and cost. The analysis process includes the generation of alternative architectures, evaluation of individual decision criteria, and the selection of an alternative based on overall value. In this example presented here, iterative application of the quantitative evaluation process made it possible to deliberately generate an alternative architecture that is superior to all others regardless of the relative importance of cost.

Definition and means of maintaining the criticality detectors and alarms portion of the PFP safety envelope

DOE Office of Scientific and Technical Information (OSTI.GOV)

White, W.F.

The purpose of this document is to provide the definition and means of maintaining the Safety Envelope (SE) related to the Criticality Alarm System (CAS). This document provides amplification of the Limiting Condition for Operation (LCO) described in the Plutonium Finishing Plant (PFP) Operational Safety Requirements (OSR), WHC-SD-CP-OSR-010, Rev. 0, 1994, Section 3.1.2, Criticality Detectors and Alarms. This document, with its appendices, provides the following: (1) System functional requirements for determining system operability (Section 3); (2) A list of annotated system block diagrams which indicate the safety envelope boundaries (Appendix C); (3) A list of the Safety Class 1 andmore » 2 Safety Envelope (SC-1/2 SE) equipment for input into the Master Component Index (Appendix B); (4) Functional requirements for individual SC-1/2 SE components, including appropriate setpoints and process parameters (Section 6 and Appendix A); (5) A list of the operational, maintenance and surveillance procedures necessary to operate and maintain the SC-1/2 SE components as required by the LCO (Section 6 and Appendix A).« less

Assuring NASA's Safety and Mission Critical Software

NASA Technical Reports Server (NTRS)

Deadrick, Wesley

2015-01-01

What is IV&V? Independent Verification and Validation (IV&V) is an objective examination of safety and mission critical software processes and products. Independence: 3 Key parameters: Technical Independence; Managerial Independence; Financial Independence. NASA IV&V perspectives: Will the system's software: Do what it is supposed to do?; Not do what it is not supposed to do?; Respond as expected under adverse conditions?. Systems Engineering: Determines if the right system has been built and that it has been built correctly. IV&V Technical Approaches: Aligned with IEEE 1012; Captured in a Catalog of Methods; Spans the full project lifecycle. IV&V Assurance Strategy: The IV&V Project's strategy for providing mission assurance; Assurance Strategy is driven by the specific needs of an individual project; Implemented via an Assurance Design; Communicated via Assurance Statements.

Criticality Safety Evaluation of the LLNL Inherently Safe Subcritical Assembly (ISSA)

DOE Office of Scientific and Technical Information (OSTI.GOV)

Percher, Catherine

2012-06-19

The LLNL Nuclear Criticality Safety Division has developed a training center to illustrate criticality safety and reactor physics concepts through hands-on experimental training. The experimental assembly, the Inherently Safe Subcritical Assembly (ISSA), uses surplus highly enriched research reactor fuel configured in a water tank. The training activities will be conducted by LLNL following the requirements of an Integration Work Sheet (IWS) and associated Safety Plan. Students will be allowed to handle the fissile material under the supervision of LLNL instructors. This report provides the technical criticality safety basis for instructional operations with the ISSA experimental assembly.

System modeling with the DISC framework: evidence from safety-critical domains.

PubMed

Reiman, Teemu; Pietikäinen, Elina; Oedewald, Pia; Gotcheva, Nadezhda

2012-01-01

The objective of this paper is to illustrate the development and application of the Design for Integrated Safety Culture (DISC) framework for system modeling by evaluating organizational potential for safety in nuclear and healthcare domains. The DISC framework includes criteria for good safety culture and a description of functions that the organization needs to implement in order to orient the organization toward the criteria. Three case studies will be used to illustrate the utilization of the DISC framework in practice.

A new technology perspective and engineering tools approach for large, complex and distributed mission and safety critical systems components

NASA Technical Reports Server (NTRS)

Carrio, Miguel A., Jr.

1988-01-01

Rapidly emerging technology and methodologies have out-paced the systems development processes' ability to use them effectively, if at all. At the same time, the tools used to build systems are becoming obsolescent themselves as a consequence of the same technology lag that plagues systems development. The net result is that systems development activities have not been able to take advantage of available technology and have become equally dependent on aging and ineffective computer-aided engineering tools. New methods and tools approaches are essential if the demands of non-stop and Mission and Safety Critical (MASC) components are to be met.

Medication safety in the home care setting: Development and piloting of a Critical Incident Reporting System

PubMed

Meyer-Massetti, Carla; Krummenacher, Evelyne; Hedinger-Grogg, Barbara; Luterbacher, Stephan; Hersberger, Kurt E

2016-09-01

Background: While drug-related problems are among the most frequent adverse events in health care, little is known about their type and prevalence in home care in the current literature. The use of a Critical Incident Reporting System (CIRS), known as an economic and efficient tool to record medication errors for subsequent analysis, is widely implemented in inpatient care, but less established in ambulatory care. Recommendations on a possible format are scarce. A manual CIRS was developed based on the literature and subsequently piloted and implemented in a Swiss home care organization. Aim: The aim of this work was to implement a critical incident reporting system specifically for medication safety in home care. Results: The final CIRS form was well accepted among staff. Requiring limited resources, it allowed preliminary identification and trending of medication errors in home care. The most frequent error reports addressed medication preparation at the patients’ home, encompassing the following errors: omission (30 %), wrong dose (17.5 %) and wrong time (15 %). The most frequent underlying causes were related to working conditions (37.9 %), lacking attention (68.2 %), time pressure (22.7 %) and interruptions by patients (9.1 %). Conclusions: A manual CIRS allowed efficient data collection and subsequent analysis of medication errors in order to plan future interventions for improvement of medication safety. The development of an electronic CIRS would allow a reduction of the expenditure of time regarding data collection and analysis. In addition, it would favour the development of a national CIRS network among home care institutions.

48 CFR 252.209-7010 - Critical Safety Items.

Code of Federal Regulations, 2014 CFR

2014-10-01

... personal injury or loss of life; or (iii) An uncommanded engine shutdown that jeopardizes safety. Design... personal injury or loss of life. (b) Identification of critical safety items. One or more of the items... control activity: (Insert additional lines as necessary) (c) Heightened quality assurance surveillance...

48 CFR 252.209-7010 - Critical Safety Items.

Code of Federal Regulations, 2013 CFR

2013-10-01

... personal injury or loss of life; or (iii) An uncommanded engine shutdown that jeopardizes safety. Design... personal injury or loss of life. (b) Identification of critical safety items. One or more of the items... control activity: (Insert additional lines as necessary) (c) Heightened quality assurance surveillance...

48 CFR 252.209-7010 - Critical Safety Items.

Code of Federal Regulations, 2012 CFR

2012-10-01

... personal injury or loss of life; or (iii) An uncommanded engine shutdown that jeopardizes safety. Design... personal injury or loss of life. (b) Identification of critical safety items. One or more of the items... control activity: (Insert additional lines as necessary) (c) Heightened quality assurance surveillance...

48 CFR 252.209-7010 - Critical Safety Items.

Code of Federal Regulations, 2011 CFR

2011-10-01

... personal injury or loss of life; or (iii) An uncommanded engine shutdown that jeopardizes safety. Design... personal injury or loss of life. (b) Identification of critical safety items. One or more of the items... control activity: (Insert additional lines as necessary) (c) Heightened quality assurance surveillance...

System safety in Stirling engine development

NASA Technical Reports Server (NTRS)

Bankaitis, H.

1981-01-01

The DOE/NASA Stirling Engine Project Office has required that contractors make safety considerations an integral part of all phases of the Stirling engine development program. As an integral part of each engine design subtask, analyses are evolved to determine possible modes of failure. The accepted system safety analysis techniques (Fault Tree, FMEA, Hazards Analysis, etc.) are applied in various degrees of extent at the system, subsystem and component levels. The primary objectives are to identify critical failure areas, to enable removal of susceptibility to such failures or their effects from the system and to minimize risk.

Validation and Verification (V&V) of Safety-Critical Systems Operating Under Off-Nominal Conditions

NASA Technical Reports Server (NTRS)

Belcastro, Christine M.

2012-01-01

Loss of control (LOC) remains one of the largest contributors to aircraft fatal accidents worldwide. Aircraft LOC accidents are highly complex in that they can result from numerous causal and contributing factors acting alone or more often in combination. Hence, there is no single intervention strategy to prevent these accidents. Research is underway at the National Aeronautics and Space Administration (NASA) in the development of advanced onboard system technologies for preventing or recovering from loss of vehicle control and for assuring safe operation under off-nominal conditions associated with aircraft LOC accidents. The transition of these technologies into the commercial fleet will require their extensive validation and verification (V&V) and ultimate certification. The V&V of complex integrated systems poses highly significant technical challenges and is the subject of a parallel research effort at NASA. This chapter summarizes the V&V problem and presents a proposed process that could be applied to complex integrated safety-critical systems developed for preventing aircraft LOC accidents. A summary of recent research accomplishments in this effort is referenced.

76 FR 52138 - Defense Federal Acquisition Regulation Supplement; Identification of Critical Safety Items (DFARS...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-08-19

...; or (iii) An uncommanded engine shutdown that jeopardizes safety. Design control activity. (i) With... aviation critical safety item is to be used; and (ii) With respect to a ship critical safety item, means...-AG92 Defense Federal Acquisition Regulation Supplement; Identification of Critical Safety Items (DFARS...

Safety Metrics for Human-Computer Controlled Systems

NASA Technical Reports Server (NTRS)

Leveson, Nancy G; Hatanaka, Iwao

2000-01-01

The rapid growth of computer technology and innovation has played a significant role in the rise of computer automation of human tasks in modem production systems across all industries. Although the rationale for automation has been to eliminate "human error" or to relieve humans from manual repetitive tasks, various computer-related hazards and accidents have emerged as a direct result of increased system complexity attributed to computer automation. The risk assessment techniques utilized for electromechanical systems are not suitable for today's software-intensive systems or complex human-computer controlled systems.This thesis will propose a new systemic model-based framework for analyzing risk in safety-critical systems where both computers and humans are controlling safety-critical functions. A new systems accident model will be developed based upon modem systems theory and human cognitive processes to better characterize system accidents, the role of human operators, and the influence of software in its direct control of significant system functions Better risk assessments will then be achievable through the application of this new framework to complex human-computer controlled systems.

Nuclear Data Activities in Support of the DOE Nuclear Criticality Safety Program

NASA Astrophysics Data System (ADS)

Westfall, R. M.; McKnight, R. D.

2005-05-01

The DOE Nuclear Criticality Safety Program (NCSP) provides the technical infrastructure maintenance for those technologies applied in the evaluation and performance of safe fissionable-material operations in the DOE complex. These technologies include an Analytical Methods element for neutron transport as well as the development of sensitivity/uncertainty methods, the performance of Critical Experiments, evaluation and qualification of experiments as Benchmarks, and a comprehensive Nuclear Data program coordinated by the NCSP Nuclear Data Advisory Group (NDAG). The NDAG gathers and evaluates differential and integral nuclear data, identifies deficiencies, and recommends priorities on meeting DOE criticality safety needs to the NCSP Criticality Safety Support Group (CSSG). Then the NDAG identifies the required resources and unique capabilities for meeting these needs, not only for performing measurements but also for data evaluation with nuclear model codes as well as for data processing for criticality safety applications. The NDAG coordinates effort with the leadership of the National Nuclear Data Center, the Cross Section Evaluation Working Group (CSEWG), and the Working Party on International Evaluation Cooperation (WPEC) of the OECD/NEA Nuclear Science Committee. The overall objective is to expedite the issuance of new data and methods to the DOE criticality safety user. This paper describes these activities in detail, with examples based upon special studies being performed in support of criticality safety for a variety of DOE operations.

Model Transformation for a System of Systems Dependability Safety Case

NASA Technical Reports Server (NTRS)

Murphy, Judy; Driskell, Stephen B.

2010-01-01

Software plays an increasingly larger role in all aspects of NASA's science missions. This has been extended to the identification, management and control of faults which affect safety-critical functions and by default, the overall success of the mission. Traditionally, the analysis of fault identification, management and control are hardware based. Due to the increasing complexity of system, there has been a corresponding increase in the complexity in fault management software. The NASA Independent Validation & Verification (IV&V) program is creating processes and procedures to identify, and incorporate safety-critical software requirements along with corresponding software faults so that potential hazards may be mitigated. This Specific to Generic ... A Case for Reuse paper describes the phases of a dependability and safety study which identifies a new, process to create a foundation for reusable assets. These assets support the identification and management of specific software faults and, their transformation from specific to generic software faults. This approach also has applications to other systems outside of the NASA environment. This paper addresses how a mission specific dependability and safety case is being transformed to a generic dependability and safety case which can be reused for any type of space mission with an emphasis on software fault conditions.

Investigation of criticality safety control infraction data at a nuclear facility

DOE PAGES

Cournoyer, Michael E.; Merhege, James F.; Costa, David A.; ...

2014-10-27

Chemical and metallurgical operations involving plutonium and other nuclear materials account for most activities performed at the LANL's Plutonium Facility (PF-4). The presence of large quantities of fissile materials in numerous forms at PF-4 makes it necessary to maintain an active criticality safety program. The LANL Nuclear Criticality Safety (NCS) Program provides guidance to enable efficient operations while ensuring prevention of criticality accidents in the handling, storing, processing and transportation of fissionable material at PF-4. In order to achieve and sustain lower criticality safety control infraction (CSCI) rates, PF-4 operations are continuously improved, through the use of Lean Manufacturing andmore » Six Sigma (LSS) business practices. Employing LSS, statistically significant variations (trends) can be identified in PF-4 CSCI reports. In this study, trends have been identified in the NCS Program using the NCS Database. An output metric has been developed that measures ADPSM Management progress toward meeting its NCS objectives and goals. Using a Pareto Chart, the primary CSCI attributes have been determined in order of those requiring the most management support. Data generated from analysis of CSCI data help identify and reduce number of corresponding attributes. In-field monitoring of CSCI's contribute to an organization's scientific and technological excellence by providing information that can be used to improve criticality safety operation safety. This increases technical knowledge and augments operational safety.« less

Instructional games and activities for criticality safety training

DOE Office of Scientific and Technical Information (OSTI.GOV)

Bullard, B.; McBride, J.

1993-01-01

During the past several years, the Training and Management Systems Division (TMSD) staff of Oak Ridge Institute for Science and Education (ORISE) has designed and developed nuclear criticality safety (NCS) training programs that focus on high trainee involvement through the use of instructional games and activities. This paper discusses the instructional game, initial considerations for developing games, advantages and limitations of games, and how games may be used in developing and implementing NCS training. It also provides examples of the various instructional games and activities used in separate courses designed for Martin Marietta Energy Systems (MMES's) supervisors and U.S. Nuclearmore » Regulatory Commission (NRC) fuel facility inspectors.« less

Lecture Notes on Criticality Safety Validation Using MCNP & Whisper

DOE Office of Scientific and Technical Information (OSTI.GOV)

Brown, Forrest B.; Rising, Michael Evan; Alwin, Jennifer Louise

Training classes for nuclear criticality safety, MCNP documentation. The need for, and problems surrounding, validation of computer codes and data area considered first. Then some background for MCNP & Whisper is given--best practices for Monte Carlo criticality calculations, neutron spectra, S(α,β) thermal neutron scattering data, nuclear data sensitivities, covariance data, and correlation coefficients. Whisper is computational software designed to assist the nuclear criticality safety analyst with validation studies with the Monte Carlo radiation transport package MCNP. Whisper's methodology (benchmark selection – C k's, weights; extreme value theory – bias, bias uncertainty; MOS for nuclear data uncertainty – GLLS) and usagemore » are discussed.« less

Influence Map Methodology for Evaluating Systemic Safety Issues

NASA Technical Reports Server (NTRS)

2008-01-01

"Raising the bar" in safety performance is a critical challenge for many organizations, including Kennedy Space Center. Contributing-factor taxonomies organize information about the reasons accidents occur and therefore are essential elements of accident investigations and safety reporting systems. Organizations must balance efforts to identify causes of specific accidents with efforts to evaluate systemic safety issues in order to become more proactive about improving safety. This project successfully addressed the following two problems: (1) methods and metrics to support the design of effective taxonomies are limited and (2) influence relationships among contributing factors are not explicitly modeled within a taxonomy.

49 CFR 229.309 - Safety-critical changes and failures.

Code of Federal Regulations, 2013 CFR

2013-10-01

... 49 Transportation 4 2013-10-01 2013-10-01 false Safety-critical changes and failures. 229.309 Section 229.309 Transportation Other Regulations Relating to Transportation (Continued) FEDERAL RAILROAD ADMINISTRATION, DEPARTMENT OF TRANSPORTATION RAILROAD LOCOMOTIVE SAFETY STANDARDS Locomotive Electronics § 229...

49 CFR 229.309 - Safety-critical changes and failures.

Code of Federal Regulations, 2012 CFR

2012-10-01

... 49 Transportation 4 2012-10-01 2012-10-01 false Safety-critical changes and failures. 229.309 Section 229.309 Transportation Other Regulations Relating to Transportation (Continued) FEDERAL RAILROAD ADMINISTRATION, DEPARTMENT OF TRANSPORTATION RAILROAD LOCOMOTIVE SAFETY STANDARDS Locomotive Electronics § 229...

49 CFR 229.309 - Safety-critical changes and failures.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 49 Transportation 4 2014-10-01 2014-10-01 false Safety-critical changes and failures. 229.309 Section 229.309 Transportation Other Regulations Relating to Transportation (Continued) FEDERAL RAILROAD ADMINISTRATION, DEPARTMENT OF TRANSPORTATION RAILROAD LOCOMOTIVE SAFETY STANDARDS Locomotive Electronics § 229...

Human factors systems approach to healthcare quality and patient safety

PubMed Central

Carayon, Pascale; Wetterneck, Tosha B.; Rivera-Rodriguez, A. Joy; Hundt, Ann Schoofs; Hoonakker, Peter; Holden, Richard; Gurses, Ayse P.

2013-01-01

Human factors systems approaches are critical for improving healthcare quality and patient safety. The SEIPS (Systems Engineering Initiative for Patient Safety) model of work system and patient safety is a human factors systems approach that has been successfully applied in healthcare research and practice. Several research and practical applications of the SEIPS model are described. Important implications of the SEIPS model for healthcare system and process redesign are highlighted. Principles for redesigning healthcare systems using the SEIPS model are described. Balancing the work system and encouraging the active and adaptive role of workers are key principles for improving healthcare quality and patient safety. PMID:23845724

DOE standard 3009 - a reasoned, practical approach to integrating criticality safety into SARs

DOE Office of Scientific and Technical Information (OSTI.GOV)

Vessard, S.G.

1995-12-31

In the past there have been efforts by the U.S. Department of Energy (DOE) to provide guidance on those elements that should be included in a facility`s safety analysis report (SAR). In particular, there are two DOE Orders (5480.23, {open_quotes}Nuclear Safety Analysis Reports,{close_quotes} and 5480.24, {open_quotes}Nuclear Criticality Safety{close_quotes}), an interpretive guidance document (NE-70, Interpretive Guidance for DOE Order 5480.24, {open_quotes}Nuclear Criticality Safety{close_quotes}), and DOE Standard DOE-STD-3009-94 {open_quotes}Preparation Guide for U.S. Department of Energy Nonreactor Nuclear Facility Safety Analysis Reports.{close_quotes} Of these, the most practical and useful (pertaining to the application of criticality safety) is DOE-STD-3009-94. This paper is a reviewmore » of Chapters 3, 4, and 6 of this standard and how they provide very clear, helpful, and reasoned criticality safety guidance.« less

Robust optical sensors for safety critical automotive applications

NASA Astrophysics Data System (ADS)

De Locht, Cliff; De Knibber, Sven; Maddalena, Sam

2008-02-01

Optical sensors for the automotive industry need to be robust, high performing and low cost. This paper focuses on the impact of automotive requirements on optical sensor design and packaging. Main strategies to lower optical sensor entry barriers in the automotive market include: Perform sensor calibration and tuning by the sensor manufacturer, sensor test modes on chip to guarantee functional integrity at operation, and package technology is key. As a conclusion, optical sensor applications are growing in automotive. Optical sensor robustness matured to the level of safety critical applications like Electrical Power Assisted Steering (EPAS) and Drive-by-Wire by optical linear arrays based systems and Automated Cruise Control (ACC), Lane Change Assist and Driver Classification/Smart Airbag Deployment by camera imagers based systems.

Cultural safety and the challenges of translating critically oriented knowledge in practice.

PubMed

Browne, Annette J; Varcoe, Colleen; Smye, Victoria; Reimer-Kirkham, Sheryl; Lynam, M Judith; Wong, Sabrina

2009-07-01

Cultural safety is a relatively new concept that has emerged in the New Zealand nursing context and is being taken up in various ways in Canadian health care discourses. Our research team has been exploring the relevance of cultural safety in the Canadian context, most recently in relation to a knowledge-translation study conducted with nurses practising in a large tertiary hospital. We were drawn to using cultural safety because we conceptualized it as being compatible with critical theoretical perspectives that foster a focus on power imbalances and inequitable social relationships in health care; the interrelated problems of culturalism and racialization; and a commitment to social justice as central to the social mandate of nursing. Engaging in this knowledge-translation study has provided new perspectives on the complexities, ambiguities and tensions that need to be considered when using the concept of cultural safety to draw attention to racialization, culturalism, and health and health care inequities. The philosophic analysis discussed in this paper represents an epistemological grounding for the concept of cultural safety that links directly to particular moral ends with social justice implications. Although cultural safety is a concept that we have firmly positioned within the paradigm of critical inquiry, ambiguities associated with the notions of 'culture', 'safety', and 'cultural safety' need to be anticipated and addressed if they are to be effectively used to draw attention to critical social justice issues in practice settings. Using cultural safety in practice settings to draw attention to and prompt critical reflection on politicized knowledge, therefore, brings an added layer of complexity. To address these complexities, we propose that what may be required to effectively use cultural safety in the knowledge-translation process is a 'social justice curriculum for practice' that would foster a philosophical stance of critical inquiry at both the

Visual warning system for worker safety on roadside work-zones.

DOT National Transportation Integrated Search

2016-08-01

Growing traffic on US roadways and heavy construction machinery on road construction sites pose a critical safety : threat to construction workers. This report summarizes the design and development of a worker safety system using : Dedicated Short Ra...

Parametric Criticality Safety Calculations for Arrays of TRU Waste Containers

DOE Office of Scientific and Technical Information (OSTI.GOV)

Gough, Sean T.

The Nuclear Criticality Safety Division (NCSD) has performed criticality safety calculations for finite and infinite arrays of transuranic (TRU) waste containers. The results of these analyses may be applied in any technical area onsite (e.g., TA-54, TA-55, etc.), as long as the assumptions herein are met. These calculations are designed to update the existing reference calculations for waste arrays documented in Reference 1, in order to meet current guidance on calculational methodology.

Recognising safety critical events: can automatic video processing improve naturalistic data analyses?

PubMed

Dozza, Marco; González, Nieves Pañeda

2013-11-01

New trends in research on traffic accidents include Naturalistic Driving Studies (NDS). NDS are based on large scale data collection of driver, vehicle, and environment information in real world. NDS data sets have proven to be extremely valuable for the analysis of safety critical events such as crashes and near crashes. However, finding safety critical events in NDS data is often difficult and time consuming. Safety critical events are currently identified using kinematic triggers, for instance searching for deceleration below a certain threshold signifying harsh braking. Due to the low sensitivity and specificity of this filtering procedure, manual review of video data is currently necessary to decide whether the events identified by the triggers are actually safety critical. Such reviewing procedure is based on subjective decisions, is expensive and time consuming, and often tedious for the analysts. Furthermore, since NDS data is exponentially growing over time, this reviewing procedure may not be viable anymore in the very near future. This study tested the hypothesis that automatic processing of driver video information could increase the correct classification of safety critical events from kinematic triggers in naturalistic driving data. Review of about 400 video sequences recorded from the events, collected by 100 Volvo cars in the euroFOT project, suggested that drivers' individual reaction may be the key to recognize safety critical events. In fact, whether an event is safety critical or not often depends on the individual driver. A few algorithms, able to automatically classify driver reaction from video data, have been compared. The results presented in this paper show that the state of the art subjective review procedures to identify safety critical events from NDS can benefit from automated objective video processing. In addition, this paper discusses the major challenges in making such video analysis viable for future NDS and new potential

University education and nuclear criticality safety professionals

DOE Office of Scientific and Technical Information (OSTI.GOV)

Wilson, R.E.; Stachowiak, R.V.; Knief, R.A.

1996-12-31

The problem of developing a productive criticality safety specialist at a nuclear fuel facility has long been with us. The normal practice is to hire a recent undergraduate or graduate degree recipient and invest at least a decade in on-the-job training. In the early 1980s, the U.S. Department of Energy (DOE) developed a model intern program in an attempt to speed up the process. The program involved working at assigned projects for extended periods at a working critical mass laboratory, a methods development group, and a fuel cycle facility. This never gained support as it involved extended time away frommore » the job. At the Rocky Flats Environmental Technology Site, the training method is currently the traditional one involving extensive experience. The flaw is that the criticality safety staff turnover has been such that few individuals continue for the decade some consider necessary for maturity in the discipline. To maintain quality evaluations and controls as well as interpretation decisions, extensive group review is used. This has proved costly to the site and professionally unsatisfying to the current staff. The site contractor has proposed a training program to remedy the basic problem.« less

Cockpit emergency safety system

NASA Astrophysics Data System (ADS)

Keller, Leo

2000-06-01

A comprehensive safety concept is proposed for aircraft's experiencing an incident to the development of fire and smoke in the cockpit. Fire or excessive heat development caused by malfunctioning electrical appliance may produce toxic smoke, may reduce the clear vision to the instrument panel and may cause health-critical respiration conditions. Immediate reaction of the crew, safe respiration conditions and a clear undisturbed view to critical flight information data can be assumed to be the prerequisites for a safe emergency landing. The personal safety equipment of the aircraft has to be effective in supporting the crew to divert the aircraft to an alternate airport in the shortest possible amount of time. Many other elements in the cause-and-effect context of the emergence of fire, such as fire prevention, fire detection, the fire extinguishing concept, systematic redundancy, the wiring concept, the design of the power supplying system and concise emergency checklist procedures are briefly reviewed, because only a comprehensive and complete approach will avoid fatal accidents of complex aircraft in the future.

Work Practice Simulation of Complex Human-Automation Systems in Safety Critical Situations: The Brahms Generalized berlingen Model

NASA Technical Reports Server (NTRS)

Clancey, William J.; Linde, Charlotte; Seah, Chin; Shafto, Michael

2013-01-01

The transition from the current air traffic system to the next generation air traffic system will require the introduction of new automated systems, including transferring some functions from air traffic controllers to on­-board automation. This report describes a new design verification and validation (V&V) methodology for assessing aviation safety. The approach involves a detailed computer simulation of work practices that includes people interacting with flight-critical systems. The research is part of an effort to develop new modeling and verification methodologies that can assess the safety of flight-critical systems, system configurations, and operational concepts. The 2002 Ueberlingen mid-air collision was chosen for analysis and modeling because one of the main causes of the accident was one crew's response to a conflict between the instructions of the air traffic controller and the instructions of TCAS, an automated Traffic Alert and Collision Avoidance System on-board warning system. It thus furnishes an example of the problem of authority versus autonomy. It provides a starting point for exploring authority/autonomy conflict in the larger system of organization, tools, and practices in which the participants' moment-by-moment actions take place. We have developed a general air traffic system model (not a specific simulation of Überlingen events), called the Brahms Generalized Ueberlingen Model (Brahms-GUeM). Brahms is a multi-agent simulation system that models people, tools, facilities/vehicles, and geography to simulate the current air transportation system as a collection of distributed, interactive subsystems (e.g., airports, air-traffic control towers and personnel, aircraft, automated flight systems and air-traffic tools, instruments, crew). Brahms-GUeM can be configured in different ways, called scenarios, such that anomalous events that contributed to the Überlingen accident can be modeled as functioning according to requirements or in an

Software-Based Safety Systems in Space - Learning from other Domains

NASA Astrophysics Data System (ADS)

Klicker, M.; Putzer, H.

2012-01-01

Increasing complexity and new emerging capabilities for manned and unmanned missions have been the hallmark of the past decades of space exploration. One of the drivers in this process was the ever increasing use of software and software-intensive systems to implement system functions necessary to the capabilities needed. The course of technological evolution suggests that this development will continue well into the future with a number of challenges for the safety community some of which shall be discussed in this paper. The current state of the art reveals a number of problems with developing and assessing safety critical software which explains the reluctance of the space community to rely on software-based safety measures to mitigate hazards. Among others, usually lack of trustworthy evidence of software integrity in all foreseeable situations and the difficulties to integrate software in the traditional safety analysis framework are cited. Experience from other domains and recent developments in modern software development methodologies and verification techniques are analysed for the suitability for space systems and an avionics architectural framework (see STANAG 4626) for the implementation of safety critical software is proposed. This is shown to create among other features the possibility of numerous degradation modes enhancing overall system safety and interoperability of computerized space systems. It also potentially simplifies international cooperation on a technical level by introducing a higher degree of compatibility. As software safety cannot be tested or argued into a system in hindsight, the development process and especially the architecture chosen are essential to establish safety properties for the software used to implement safety functions. The core of the safety argument revolves around the separation of different functions and software modules from each other by minimal coupling of functions and credible separation mechanisms in the

NASA System Safety Handbook. Volume 1; System Safety Framework and Concepts for Implementation

NASA Technical Reports Server (NTRS)

Dezfuli, Homayoon; Benjamin, Allan; Everett, Christopher; Smith, Curtis; Stamatelatos, Michael; Youngblood, Robert

2011-01-01

unrtainties represents a method of probabilistic thinking wherein the analyst and decision makers recognize possible outcomes other than the outcome perceived to be "most likely." Without this type of analysis, it is not possible to determine the worth of an analysis product as a basis for making decisions related to safety and mission success. In line with these considerations the handbook does not take a hazard-analysis-centric approach to system safety. Hazard analysis remains a useful tool to facilitate brainstorming but does not substitute for a more holistic approach geared to a comprehensive identification and understanding of individual risk issues and their contributions to aggregate safety risks. The handbook strives to emphasize the importance of identifying the most critical scenarios that contribute to the risk of not meeting the agreed-upon safety objectives and requirements using all appropriate tools (including but not limited to hazard analysis). Thereafter, emphasis shifts to identifying the risk drivers that cause these scenarios to be critical and ensuring that there are controls directed toward preventing or mitigating the risk drivers. To address these and other areas, the handbook advocates a proactive, analytic-deliberative, risk-informed approach to system safety, enabling the integration of system safety activities with systems engineering and risk management processes. It emphasizes how one can systematically provide the necessary evidence to substantiate the claim that a system is safe to within an acceptable risk tolerance, and that safety has been achieved in a cost-effective manner. The methodology discussed in this handbook is part of a systems engineering process and is intended to be integral to the system safety practices being conducted by the NASA safety and mission assurance and systems engineering organizations. The handbook posits that to conclude that a system is adequately safe, it is necessary to consider a set of safety claims that

Verification and Validation for Flight-Critical Systems (VVFCS)

NASA Technical Reports Server (NTRS)

Graves, Sharon S.; Jacobsen, Robert A.

2010-01-01

On March 31, 2009 a Request for Information (RFI) was issued by NASA s Aviation Safety Program to gather input on the subject of Verification and Validation (V & V) of Flight-Critical Systems. The responses were provided to NASA on or before April 24, 2009. The RFI asked for comments in three topic areas: Modeling and Validation of New Concepts for Vehicles and Operations; Verification of Complex Integrated and Distributed Systems; and Software Safety Assurance. There were a total of 34 responses to the RFI, representing a cross-section of academic (26%), small & large industry (47%) and government agency (27%).

Safety impacts of bicycle infrastructure: A critical review.

PubMed

DiGioia, Jonathan; Watkins, Kari Edison; Xu, Yanzhi; Rodgers, Michael; Guensler, Randall

2017-06-01

This paper takes a critical look at the present state of bicycle infrastructure treatment safety research, highlighting data needs. Safety literature relating to 22 bicycle treatments is examined, including findings, study methodologies, and data sources used in the studies. Some preliminary conclusions related to research efficacy are drawn from the available data and findings in the research. While the current body of bicycle safety literature points toward some defensible conclusions regarding the safety and effectiveness of certain bicycle treatments, such as bike lanes and removal of on-street parking, the vast majority treatments are still in need of rigorous research. Fundamental questions arise regarding appropriate exposure measures, crash measures, and crash data sources. This research will aid transportation departments with regard to decisions about bicycle infrastructure and guide future research efforts toward understanding safety impacts of bicycle infrastructure. Copyright © 2017 Elsevier Ltd and National Safety Council. All rights reserved.

Mission and Safety Critical (MASC) plans for the MASC Kernel simulation

NASA Technical Reports Server (NTRS)

1991-01-01

This report discusses a prototype for Mission and Safety Critical (MASC) kernel simulation which explains the intended approach and how the simulation will be used. Smalltalk is chosen for the simulation because of usefulness in quickly building working models of the systems and its object-oriented approach to software. A scenario is also introduced to give details about how the simulation works. The eventual system will be a fully object-oriented one implemented in Ada via Dragoon. To implement the simulation, a scenario using elements typical of those in the Space Station, was created.

Taking ownership of safety. What are the active ingredients of safety coaching and how do they impact safety outcomes in critical offshore working environments?

PubMed

Krauesslar, Victoria; Avery, Rachel E; Passmore, Jonathan

2015-01-01

Safety coaching interventions have become a common feature in the safety critical offshore working environments of the North Sea. Whilst the beneficial impact of coaching as an organizational tool has been evidenced, there remains a question specifically over the use of safety coaching and its impact on behavioural change and producing safe working practices. A series of 24 semi-structured interviews were conducted with three groups of experts in the offshore industry: safety coaches, offshore managers and HSE directors. Using a thematic analysis approach, several significant themes were identified across the three expert groups including connecting with and creating safety ownership in the individual, personal significance and humanisation, ingraining safety and assessing and measuring a safety coach's competence. Results suggest clear utility of safety coaching when applied by safety coaches with appropriate coach training and understanding of safety issues in an offshore environment. The current work has found that the use of safety coaching in the safety critical offshore oil and gas industry is a powerful tool in managing and promoting a culture of safety and care.

Natural Language Interface for Safety Certification of Safety-Critical Software

NASA Technical Reports Server (NTRS)

Denney, Ewen; Fischer, Bernd

2011-01-01

Model-based design and automated code generation are being used increasingly at NASA. The trend is to move beyond simulation and prototyping to actual flight code, particularly in the guidance, navigation, and control domain. However, there are substantial obstacles to more widespread adoption of code generators in such safety-critical domains. Since code generators are typically not qualified, there is no guarantee that their output is correct, and consequently the generated code still needs to be fully tested and certified. The AutoCert generator plug-in supports the certification of automatically generated code by formally verifying that the generated code is free of different safety violations, by constructing an independently verifiable certificate, and by explaining its analysis in a textual form suitable for code reviews.

Educating Next Generation Nuclear Criticality Safety Engineers at the Idaho National Laboratory

DOE Office of Scientific and Technical Information (OSTI.GOV)

J. D. Bess; J. B. Briggs; A. S. Garcia

2011-09-01

One of the challenges in educating our next generation of nuclear safety engineers is the limitation of opportunities to receive significant experience or hands-on training prior to graduation. Such training is generally restricted to on-the-job-training before this new engineering workforce can adequately provide assessment of nuclear systems and establish safety guidelines. Participation in the International Criticality Safety Benchmark Evaluation Project (ICSBEP) and the International Reactor Physics Experiment Evaluation Project (IRPhEP) can provide students and young professionals the opportunity to gain experience and enhance critical engineering skills. The ICSBEP and IRPhEP publish annual handbooks that contain evaluations of experiments along withmore » summarized experimental data and peer-reviewed benchmark specifications to support the validation of neutronics codes, nuclear cross-section data, and the validation of reactor designs. Participation in the benchmark process not only benefits those who use these Handbooks within the international community, but provides the individual with opportunities for professional development, networking with an international community of experts, and valuable experience to be used in future employment. Traditionally students have participated in benchmarking activities via internships at national laboratories, universities, or companies involved with the ICSBEP and IRPhEP programs. Additional programs have been developed to facilitate the nuclear education of students while participating in the benchmark projects. These programs include coordination with the Center for Space Nuclear Research (CSNR) Next Degree Program, the Collaboration with the Department of Energy Idaho Operations Office to train nuclear and criticality safety engineers, and student evaluations as the basis for their Master's thesis in nuclear engineering.« less

Implementation of a critical incident reporting system in a neurosurgical department.

PubMed

Kantelhardt, P; Müller, M; Giese, A; Rohde, V; Kantelhardt, S R

2011-02-01

Critical incident monitoring is an important tool for quality improvement and the maintenance of high safety standards. It was developed for aviation safety and is now widely accepted as a useful tool to reduce medical care-related morbidity and mortality. Despite this widespread acceptance, the literature has no reports on any neurosurgical applications of critical incident monitoring. We describe the introduction of a mono-institutional critical incident reporting system in a neurosurgical department. Furthermore, we have developed a formula to assess possible counterstrategies. All staff members of a neurosurgical department were advised to report critical incidents. The anonymous reporting form contained a box for the description of the incident, several multiple-choice questions on specific risk factors, place and reason for occurrence of the incident, severity of the consequences and suggested counterstrategies. The incident data was entered into an online documentation system (ADKA DokuPik) and evaluated by an external specialist. For data analysis we applied a modified assessment scheme initially designed for flight safety. Data collection was started in September 2008. The average number of reported incidents was 18 per month (currently 216 in total). Most incidents occurred on the neurosurgical ward (64%). Human error was involved in 86% of the reported incidents. The largest group of incidents consisted of medication-related problems. Accordingly, counterstrategies were developed, resulting in a decrease in the relative number of reported medication-related incidents from 42% (March 09) to 30% (September 09). Implementation of the critical incident reporting system presented no technical problems. The reporting rate was high compared to that reported in the current literature. The formulation, evaluation and introduction of specific counterstrategies to guard against selected groups of incidents may improve patient safety in neurosurgical departments. �

Review of battery powered embedded systems design for mission-critical low-power applications

NASA Astrophysics Data System (ADS)

Malewski, Matthew; Cowell, David M. J.; Freear, Steven

2018-06-01

The applications and uses of embedded systems is increasingly pervasive. Mission and safety critical systems relying on embedded systems pose specific challenges. Embedded systems is a multi-disciplinary domain, involving both hardware and software. Systems need to be designed in a holistic manner so that they are able to provide the desired reliability and minimise unnecessary complexity. The large problem landscape means that there is no one solution that fits all applications of embedded systems. With the primary focus of these mission and safety critical systems being functionality and reliability, there can be conflicts with business needs, and this can introduce pressures to reduce cost at the expense of reliability and functionality. This paper examines the challenges faced by battery powered systems, and then explores at more general problems, and several real-world embedded systems.

Critical factors and paths influencing construction workers' safety risk tolerances.

PubMed

Wang, Jiayuan; Zou, Patrick X W; Li, Penny P

2016-08-01

While workers' safety risk tolerances have been regarded as a main reason for their unsafe behaviors, little is known about why different people have different risk tolerances even when confronting the same situation. The aim of this research is to identify the critical factors and paths that influence workers' safety risk tolerance and to explore how they contribute to accident causal model from a system thinking perceptive. A number of methods were carried out to analyze the data collected through interviews and questionnaire surveys. In the first and second steps of the research, factor identification, factor ranking and factor analysis were carried out, and the results show that workers' safety risk tolerance can be influenced by four groups of factors, namely: (1) personal subjective perception; (2) work knowledge and experiences; (3) work characteristics; and (4) safety management. In the third step of the research, hypothetical influencing path model was developed and tested by using structural equation modeling (SEM). It is found that the effects of external factors (safety management and work characteristics) on risk tolerance are larger than that of internal factors (personal subjective perception and work knowledge & experiences). Specifically, safety management contributes the most to workers' safety risk tolerance through its direct effect and indirect effect; while personal subjective perception comes the second and can act as an intermedia for work characteristics. This research provides an in-depth insight of workers' unsafe behaviors by depicting the contributing factors as shown in the accident causal model developed in this research. Copyright © 2015 Elsevier Ltd. All rights reserved.

Patient Safety Learning Systems: A Systematic Review and Qualitative Synthesis.

PubMed

2017-01-01

A patient safety learning system (sometimes called a critical incident reporting system) refers to structured reporting, collation, and analysis of critical incidents. To inform a provincial working group's recommendations for an Ontario Patient Safety Event Learning System, a systematic review was undertaken to determine design features that would optimize its adoption into the health care system and would inform implementation strategies. The objective of this review was to address two research questions: (a) what are the barriers to and facilitators of successful adoption of a patient safety learning system reported by health professionals and (b) what design components maximize successful adoption and implementation? To answer the first question, we used a published systematic review. To answer the second question, we used scoping study methodology. Common barriers reported in the literature by health care professionals included fear of blame, legal penalties, the perception that incident reporting does not improve patient safety, lack of organizational support, inadequate feedback, lack of knowledge about incident reporting systems, and lack of understanding about what constitutes an error. Common facilitators included a non-accusatory environment, the perception that incident reporting improves safety, clarification of the route of reporting and of how the system uses reports, enhanced feedback, role models (such as managers) using and promoting reporting, legislated protection of those who report, ability to report anonymously, education and training opportunities, and clear guidelines on what to report. Components of a patient safety learning system that increased successful adoption and implementation were emphasis on a blame-free culture that encourages reporting and learning, clear guidelines on how and what to report, making sure the system is user-friendly, organizational development support for data analysis to generate meaningful learning outcomes

Food safety systems in a small dairy factory: implementation, major challenges, and assessment of systems' performances.

PubMed

Cusato, Sueli; Gameiro, Augusto H; Corassin, Carlos H; Sant'ana, Anderson S; Cruz, Adriano G; Faria, José de Assis F; de Oliveira, Carlos Augusto F

2013-01-01

The present study describes the implementation of a food safety system in a dairy processing plant located in the State of São Paulo, Brazil, and the challenges found during the process. In addition, microbiological indicators have been used to assess system's implementation performance. The steps involved in the implementation of a food safety system included a diagnosis of the prerequisites, implementation of the good manufacturing practices (GMPs), sanitation standard operating procedures (SSOPs), training of the food handlers, and hazard analysis and critical control point (HACCP). In the initial diagnosis, conformity with 70.7% (n=106) of the items analyzed was observed. A total of 12 critical control points (CCPs) were identified: (1) reception of the raw milk, (2) storage of the raw milk, (3 and 4) reception of the ingredients and packaging, (5) milk pasteurization, (6 and 7) fermentation and cooling, (8) addition of ingredients, (9) filling, (10) storage of the finished product, (11) dispatching of the product, and (12) sanitization of the equipment. After implementation of the food safety system, a significant reduction in the yeast and mold count was observed (p<0.05). The main difficulties encountered for the implementation of food safety system were related to the implementation of actions established in the flow chart and to the need for constant training/adherence of the workers to the system. Despite this, the implementation of the food safety system was shown to be challenging, but feasible to be reached by small-scale food industries.

An Approach for Validating Actinide and Fission Product Burnup Credit Criticality Safety Analyses--Criticality (keff) Predictions

DOE Office of Scientific and Technical Information (OSTI.GOV)

Scaglione, John M; Mueller, Don; Wagner, John C

2011-01-01

One of the most significant remaining challenges associated with expanded implementation of burnup credit in the United States is the validation of depletion and criticality calculations used in the safety evaluation - in particular, the availability and use of applicable measured data to support validation, especially for fission products. Applicants and regulatory reviewers have been constrained by both a scarcity of data and a lack of clear technical basis or approach for use of the data. U.S. Nuclear Regulatory Commission (NRC) staff have noted that the rationale for restricting their Interim Staff Guidance on burnup credit (ISG-8) to actinide-only ismore » based largely on the lack of clear, definitive experiments that can be used to estimate the bias and uncertainty for computational analyses associated with using burnup credit. To address the issue of validation, the NRC initiated a project with the Oak Ridge National Laboratory to (1) develop and establish a technically sound validation approach (both depletion and criticality) for commercial spent nuclear fuel (SNF) criticality safety evaluations based on best-available data and methods and (2) apply the approach for representative SNF storage and transport configurations/conditions to demonstrate its usage and applicability, as well as to provide reference bias results. The purpose of this paper is to describe the criticality (k{sub eff}) validation approach, and resulting observations and recommendations. Validation of the isotopic composition (depletion) calculations is addressed in a companion paper at this conference. For criticality validation, the approach is to utilize (1) available laboratory critical experiment (LCE) data from the International Handbook of Evaluated Criticality Safety Benchmark Experiments and the French Haut Taux de Combustion (HTC) program to support validation of the principal actinides and (2) calculated sensitivities, nuclear data uncertainties, and the limited available

EVA safety: Space suit system interoperability

NASA Technical Reports Server (NTRS)

Skoog, A. I.; McBarron, J. W.; Abramov, L. P.; Zvezda, A. O.

1995-01-01

The results and the recommendations of the International Academy of Astronautics extravehicular activities (IAA EVA) Committee work are presented. The IAA EVA protocols and operation were analyzed for harmonization procedures and for the standardization of safety critical and operationally important interfaces. The key role of EVA and how to improve the situation based on the identified EVA space suit system interoperability deficiencies were considered.

An Approach for Validating Actinide and Fission Product Burnup Credit Criticality Safety Analyses: Criticality (k eff) Predictions

DOE PAGES

Scaglione, John M.; Mueller, Don E.; Wagner, John C.

2014-12-01

One of the most important remaining challenges associated with expanded implementation of burnup credit in the United States is the validation of depletion and criticality calculations used in the safety evaluation—in particular, the availability and use of applicable measured data to support validation, especially for fission products (FPs). Applicants and regulatory reviewers have been constrained by both a scarcity of data and a lack of clear technical basis or approach for use of the data. In this study, this paper describes a validation approach for commercial spent nuclear fuel (SNF) criticality safety (k eff) evaluations based on best-available data andmore » methods and applies the approach for representative SNF storage and transport configurations/conditions to demonstrate its usage and applicability, as well as to provide reference bias results. The criticality validation approach utilizes not only available laboratory critical experiment (LCE) data from the International Handbook of Evaluated Criticality Safety Benchmark Experiments and the French Haut Taux de Combustion program to support validation of the principal actinides but also calculated sensitivities, nuclear data uncertainties, and limited available FP LCE data to predict and verify individual biases for relevant minor actinides and FPs. The results demonstrate that (a) sufficient critical experiment data exist to adequately validate k eff calculations via conventional validation approaches for the primary actinides, (b) sensitivity-based critical experiment selection is more appropriate for generating accurate application model bias and uncertainty, and (c) calculated sensitivities and nuclear data uncertainties can be used for generating conservative estimates of bias for minor actinides and FPs. Results based on the SCALE 6.1 and the ENDF/B-VII.0 cross-section libraries indicate that a conservative estimate of the bias for the minor actinides and FPs is 1.5% of their worth within the

Final Technical Report on Quantifying Dependability Attributes of Software Based Safety Critical Instrumentation and Control Systems in Nuclear Power Plants

DOE Office of Scientific and Technical Information (OSTI.GOV)

Smidts, Carol; Huang, Funqun; Li, Boyuan

With the current transition from analog to digital instrumentation and control systems in nuclear power plants, the number and variety of software-based systems have significantly increased. The sophisticated nature and increasing complexity of software raises trust in these systems as a significant challenge. The trust placed in a software system is typically termed software dependability. Software dependability analysis faces uncommon challenges since software systems’ characteristics differ from those of hardware systems. The lack of systematic science-based methods for quantifying the dependability attributes in software-based instrumentation as well as control systems in safety critical applications has proved itself to be amore » significant inhibitor to the expanded use of modern digital technology in the nuclear industry. Dependability refers to the ability of a system to deliver a service that can be trusted. Dependability is commonly considered as a general concept that encompasses different attributes, e.g., reliability, safety, security, availability and maintainability. Dependability research has progressed significantly over the last few decades. For example, various assessment models and/or design approaches have been proposed for software reliability, software availability and software maintainability. Advances have also been made to integrate multiple dependability attributes, e.g., integrating security with other dependability attributes, measuring availability and maintainability, modeling reliability and availability, quantifying reliability and security, exploring the dependencies between security and safety and developing integrated analysis models. However, there is still a lack of understanding of the dependencies between various dependability attributes as a whole and of how such dependencies are formed. To address the need for quantification and give a more objective basis to the review process -- therefore reducing regulatory

Verification and Validation of Flight-Critical Systems

NASA Technical Reports Server (NTRS)

Brat, Guillaume

2010-01-01

For the first time in many years, the NASA budget presented to congress calls for a focused effort on the verification and validation (V&V) of complex systems. This is mostly motivated by the results of the VVFCS (V&V of Flight-Critical Systems) study, which should materialize as a a concrete effort under the Aviation Safety program. This talk will present the results of the study, from requirements coming out of discussions with the FAA and the Joint Planning and Development Office (JPDO) to technical plan addressing the issue, and its proposed current and future V&V research agenda, which will be addressed by NASA Ames, Langley, and Dryden as well as external partners through NASA Research Announcements (NRA) calls. This agenda calls for pushing V&V earlier in the life cycle and take advantage of formal methods to increase safety and reduce cost of V&V. I will present the on-going research work (especially the four main technical areas: Safety Assurance, Distributed Systems, Authority and Autonomy, and Software-Intensive Systems), possible extensions, and how VVFCS plans on grounding the research in realistic examples, including an intended V&V test-bench based on an Integrated Modular Avionics (IMA) architecture and hosted by Dryden.

Brazed Joints Design and Allowables: Discuss Margins of Safety in Critical Brazed Structures

NASA Technical Reports Server (NTRS)

FLom, Yury

2009-01-01

This slide presentation tutorial discusses margins of safety in critical brazed structures. It reviews: (1) the present situation (2) definition of strength (3) margins of safety (4) design allowables (5) mechanical testing (6) failure criteria (7) design flowchart (8) braze gap (9) residual stresses and (10) delayed failures. This presentation addresses the strength of the brazed joints, the methods of mechanical testing, and our ability to evaluate the margins of safety of the brazed joints as it applies to the design of critical and expensive brazed assemblies.

Bus operator safety : critical issues examination and model practices.

DOT National Transportation Integrated Search

2014-01-01

In this study, researchers at the National Center for Transit Research performed a multi-topic comprehensive : examination of bus operator-related critical safety and personal security issues. The goals of this research : effort were to: : 1. Identif...

Nuclear criticality safety evaluation of SRS 9971 shipping package

DOE Office of Scientific and Technical Information (OSTI.GOV)

Vescovi, P.J.

1993-02-01

This evaluation is requested to revise the criticality evaluation used to generate Chapter 6 (Criticality Evaluation) of the Safety Analysis Report for Packaging (SARP) for shipment Of UO{sub 3} product from the Uranium Solidification Facility (USF) in the SRS 9971 shipping package. The pertinent document requesting this evaluation is included as Attachment I. The results of the evaluation are given in Attachment II which is written as Chapter 6 of a NRC format SARP.

76 FR 14641 - Defense Federal Acquisition Regulation Supplement; Identification of Critical Safety Items (DFARS...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-03-17

... Federal Acquisition Regulation Supplement; Identification of Critical Safety Items (DFARS Case 2010-D022... contract clause that clearly identifies any items being purchased that are critical safety items so that.... SUPPLEMENTARY INFORMATION: I. Background This DFARS case was initiated at the request of the Defense Contract...

Pediatric post-marketing safety systems in North America: assessment of the current status.

PubMed

McMahon, Ann W; Wharton, Gerold T; Bonnel, Renan; DeCelle, Mary; Swank, Kimberley; Testoni, Daniela; Cope, Judith U; Smith, Phillip Brian; Wu, Eileen; Murphy, Mary Dianne

2015-08-01

It is critical to have pediatric post-marketing safety systems that contain enough clinical and epidemiological detail to draw regulatory, public health, and clinical conclusions. The pediatric safety surveillance workshop (PSSW), coordinated by the Food and Drug Administration (FDA), identified these pediatric systems as of 2010. This manuscript aims to update the information from the PSSW and look critically at the systems currently in use. We reviewed North American pediatric post-marketing safety systems such as databases, networks, and research consortiums found in peer-reviewed journals and other online sources. We detail clinical examples from three systems that FDA used to assess pediatric medical product safety. Of the 59 systems reviewed for pediatric content, only nine were pediatric-focused and met the inclusion criteria. Brief descriptions are provided for these nine. The strengths and weaknesses of three systems (two of the nine pediatric-focused and one including both children and adults) are illustrated with clinical examples. Systems reviewed in this manuscript have strengths such as clinical detail, a large enough sample size to capture rare adverse events, and/or a patient denominator internal to the database. Few systems include all of these attributes. Pediatric drug safety would be better informed by utilizing multiple systems to take advantage of their individual characteristics. Copyright © 2015 John Wiley & Sons, Ltd.

System safety education focused on flight safety

NASA Technical Reports Server (NTRS)

Holt, E.

1971-01-01

The measures necessary for achieving higher levels of system safety are analyzed with an eye toward maintaining the combat capability of the Air Force. Several education courses were provided for personnel involved in safety management. Data include: (1) Flight Safety Officer Course, (2) Advanced Safety Program Management, (3) Fundamentals of System Safety, and (4) Quantitative Methods of Safety Analysis.

Collegiate Aviation Research and Education Solutions to Critical Safety Issues. UNO Aviation Monograph Series. UNOAI Report.

ERIC Educational Resources Information Center

Bowen, Brent, Ed.

This document contains four papers concerning collegiate aviation research and education solutions to critical safety issues. "Panel Proposal Titled Collegiate Aviation Research and Education Solutions to Critical Safety Issues for the Tim Forte Collegiate Aviation Safety Symposium" (Brent Bowen) presents proposals for panels on the…

Capturing Safety Requirements to Enable Effective Task Allocation Between Humans and Automaton in Increasingly Autonomous Systems

NASA Technical Reports Server (NTRS)

Neogi, Natasha A.

2016-01-01

There is a current drive towards enabling the deployment of increasingly autonomous systems in the National Airspace System (NAS). However, shifting the traditional roles and responsibilities between humans and automation for safety critical tasks must be managed carefully, otherwise the current emergent safety properties of the NAS may be disrupted. In this paper, a verification activity to assess the emergent safety properties of a clearly defined, safety critical, operational scenario that possesses tasks that can be fluidly allocated between human and automated agents is conducted. Task allocation role sets were proposed for a human-automation team performing a contingency maneuver in a reduced crew context. A safety critical contingency procedure (engine out on takeoff) was modeled in the Soar cognitive architecture, then translated into the Hybrid Input Output formalism. Verification activities were then performed to determine whether or not the safety properties held over the increasingly autonomous system. The verification activities lead to the development of several key insights regarding the implicit assumptions on agent capability. It subsequently illustrated the usefulness of task annotations associated with specialized requirements (e.g., communication, timing etc.), and demonstrated the feasibility of this approach.

Automated Transfer Vehicle (ATV) Critical Safety Software Overview

NASA Astrophysics Data System (ADS)

Berthelier, D.

2002-01-01

The European Automated Transfer Vehicle is an unmanned transportation system designed to dock to International Space Station (ISS) and to contribute to the logistic servicing of the ISS. Concisely, ATV control is realized by a nominal flight control function (using computers, softwares, sensors, actuators). In order to cover the extreme situations where this nominal chain can not ensure safe trajectory with respect to ISS, a segregated proximity flight safety function is activated, where unsafe free drift trajectories can be encountered. This function relies notably on a segregated computer, the Monitoring and Safing Unit (MSU) ; in case of major ATV malfunction detection, ATV is then controlled by MSU software. Therefore, this software is critical because a MSU software failure could result in catastrophic consequences. This paper provides an overview both of this software functions and of the software development and validation method which is specific considering its criticality. First part of the paper describes briefly the proximity flight safety chain. Second part deals with the software functions. Indeed, MSU software is in charge of monitoring nominal computers and ATV corridors, using its own navigation algorithms, and, if an abnormal situation is detected, it is in charge of the ATV control during the Collision Avoidance Manoeuvre (CAM) consisting in an attitude controlled braking boost, followed by a Post-CAM manoeuvre : a Sun-pointed ATV attitude control during up to 24 hours on a safe trajectory. Monitoring, navigation and control algorithms principles are presented. Third part of this paper describes the development and validation process : algorithms functional studies , ADA coding and unit validations ; algorithms ADA code integration and validation on a specific non real-time MATLAB/SIMULINK simulator ; global software functional engineering phase, architectural design, unit testing, integration and validation on target computer.

GROWTH OF THE INTERNATIONAL CRITICALITY SAFETY AND REACTOR PHYSICS EXPERIMENT EVALUATION PROJECTS

DOE Office of Scientific and Technical Information (OSTI.GOV)

J. Blair Briggs; John D. Bess; Jim Gulliford

2011-09-01

Since the International Conference on Nuclear Criticality Safety (ICNC) 2007, the International Criticality Safety Benchmark Evaluation Project (ICSBEP) and the International Reactor Physics Experiment Evaluation Project (IRPhEP) have continued to expand their efforts and broaden their scope. Eighteen countries participated on the ICSBEP in 2007. Now, there are 20, with recent contributions from Sweden and Argentina. The IRPhEP has also expanded from eight contributing countries in 2007 to 16 in 2011. Since ICNC 2007, the contents of the 'International Handbook of Evaluated Criticality Safety Benchmark Experiments1' have increased from 442 evaluations (38000 pages), containing benchmark specifications for 3955 critical ormore » subcritical configurations to 516 evaluations (nearly 55000 pages), containing benchmark specifications for 4405 critical or subcritical configurations in the 2010 Edition of the ICSBEP Handbook. The contents of the Handbook have also increased from 21 to 24 criticality-alarm-placement/shielding configurations with multiple dose points for each, and from 20 to 200 configurations categorized as fundamental physics measurements relevant to criticality safety applications. Approximately 25 new evaluations and 150 additional configurations are expected to be added to the 2011 edition of the Handbook. Since ICNC 2007, the contents of the 'International Handbook of Evaluated Reactor Physics Benchmark Experiments2' have increased from 16 different experimental series that were performed at 12 different reactor facilities to 53 experimental series that were performed at 30 different reactor facilities in the 2011 edition of the Handbook. Considerable effort has also been made to improve the functionality of the searchable database, DICE (Database for the International Criticality Benchmark Evaluation Project) and verify the accuracy of the data contained therein. DICE will be discussed in separate papers at ICNC 2011. The status of the ICSBEP and

Issues in Software System Safety: Polly Ann Smith Co. versus Ned I. Ludd

NASA Technical Reports Server (NTRS)

Holloway, C. Michael

2002-01-01

This paper is a work of fiction, but it is fiction with a very real purpose: to stimulate careful thought and friendly discussion about some questions for which thought is often careless and discussion is often unfriendly. To accomplish this purpose, the paper creates a fictional legal case. The most important issue in this fictional case is whether certain proffered expert testimony about software engineering for safety critical systems should be admitted. Resolving this issue requires deciding the extent to which current practices and research in software engineering, especially for safety-critical systems, can rightly be considered based on knowledge, rather than opinion.

ESAS Deliverable PS 1.1.2.3: Customer Survey on Code Generations in Safety-Critical Applications

NASA Technical Reports Server (NTRS)

Schumann, Johann; Denney, Ewen

2006-01-01

Automated code generators (ACG) are tools that convert a (higher-level) model of a software (sub-)system into executable code without the necessity for a developer to actually implement the code. Although both commercially supported and in-house tools have been used in many industrial applications, little data exists on how these tools are used in safety-critical domains (e.g., spacecraft, aircraft, automotive, nuclear). The aims of the survey, therefore, were threefold: 1) to determine if code generation is primarily used as a tool for prototyping, including design exploration and simulation, or for fiight/production code; 2) to determine the verification issues with code generators relating, in particular, to qualification and certification in safety-critical domains; and 3) to determine perceived gaps in functionality of existing tools.

Activities of the DOE Nuclear Criticality Safety Program (NCSP) at the Oak Ridge Electron Linear Accelerator (ORELA)

NASA Astrophysics Data System (ADS)

Valentine, Timothy E.; Leal, Luiz C.; Guber, Klaus H.

2002-12-01

The Department of Energy established the Nuclear Criticality Safety Program (NCSP) in response to the Recommendation 97-2 by the Defense Nuclear Facilities Safety Board. The NCSP consists of seven elements of which nuclear data measurements and evaluations is a key component. The intent of the nuclear data activities is to provide high resolution nuclear data measurements that are evaluated, validated, and formatted for use by the nuclear criticality safety community to provide improved and reliable calculations for nuclear criticality safety evaluations. High resolution capture, fission, and transmission measurements are performed at the Oak Ridge Electron Linear Accelerator (ORELA) to address the needs of the criticality safety community and to address known deficiencies in nuclear data evaluations. The activities at ORELA include measurements on both light and heavy nuclei and have been used to identify improvements in measurement techniques that greatly improve the measurement of small capture cross sections. The measurement activities at ORELA provide precise and reliable high-resolution nuclear data for the nuclear criticality safety community.

10 CFR 72.124 - Criteria for nuclear criticality safety.

Code of Federal Regulations, 2013 CFR

2013-01-01

... 10 Energy 2 2013-01-01 2013-01-01 false Criteria for nuclear criticality safety. 72.124 Section 72.124 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) LICENSING REQUIREMENTS FOR THE INDEPENDENT STORAGE OF SPENT NUCLEAR FUEL, HIGH-LEVEL RADIOACTIVE WASTE, AND REACTOR-RELATED GREATER THAN CLASS C...

10 CFR 72.124 - Criteria for nuclear criticality safety.

Code of Federal Regulations, 2014 CFR

2014-01-01

... 10 Energy 2 2014-01-01 2014-01-01 false Criteria for nuclear criticality safety. 72.124 Section 72.124 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) LICENSING REQUIREMENTS FOR THE INDEPENDENT STORAGE OF SPENT NUCLEAR FUEL, HIGH-LEVEL RADIOACTIVE WASTE, AND REACTOR-RELATED GREATER THAN CLASS C...

10 CFR 72.124 - Criteria for nuclear criticality safety.

Code of Federal Regulations, 2012 CFR

2012-01-01

... 10 Energy 2 2012-01-01 2012-01-01 false Criteria for nuclear criticality safety. 72.124 Section 72.124 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) LICENSING REQUIREMENTS FOR THE INDEPENDENT STORAGE OF SPENT NUCLEAR FUEL, HIGH-LEVEL RADIOACTIVE WASTE, AND REACTOR-RELATED GREATER THAN CLASS C...

10 CFR 72.124 - Criteria for nuclear criticality safety.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 10 Energy 2 2011-01-01 2011-01-01 false Criteria for nuclear criticality safety. 72.124 Section 72.124 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) LICENSING REQUIREMENTS FOR THE INDEPENDENT STORAGE OF SPENT NUCLEAR FUEL, HIGH-LEVEL RADIOACTIVE WASTE, AND REACTOR-RELATED GREATER THAN CLASS C...

10 CFR 72.124 - Criteria for nuclear criticality safety.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 10 Energy 2 2010-01-01 2010-01-01 false Criteria for nuclear criticality safety. 72.124 Section 72.124 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) LICENSING REQUIREMENTS FOR THE INDEPENDENT STORAGE OF SPENT NUCLEAR FUEL, HIGH-LEVEL RADIOACTIVE WASTE, AND REACTOR-RELATED GREATER THAN CLASS C...

Quality and Safety Education for Nurses (QSEN): The Key is Systems Thinking.

PubMed

Dolansky, Mary A; Moore, Shirley M

2013-09-30

Over a decade has passed since the Institute of Medicine's reports on the need to improve the American healthcare system, and yet only slight improvement in quality and safety has been reported. The Quality and Safety Education for Nurses (QSEN) initiative was developed to integrate quality and safety competencies into nursing education. The current challenge is for nurses to move beyond the application of QSEN competencies to individual patients and families and incorporate systems thinking in quality and safety education and healthcare delivery. This article provides a history of QSEN and proposes a framework in which systems thinking is a critical aspect in the application of the QSEN competencies. We provide examples of how using this framework expands nursing focus from individual care to care of the system and propose ways to teach and measure systems thinking. The conclusion calls for movement from personal effort and individual care to a focus on care of the system that will accelerate improvement of healthcare quality and safety.

A Validation Metrics Framework for Safety-Critical Software-Intensive Systems

DTIC Science & Technology

2009-03-01

so does its definition, tools, and techniques, including means for measuring the validation activity, its outputs, and impact on development...independent of the SDLP. When considering the above SDLPs from the safety engineering team’s perspective, there are also large impacts on the way... impact . Interpretation of any actionable metric data will need to be undertaken in the context of the SDLP. 2. Safety Input The software safety

Commonalities and Differences in Functional Safety Systems Between ISS Payloads and Industrial Applications

NASA Astrophysics Data System (ADS)

Malyshev, Mikhail; Kreimer, Johannes

2013-09-01

Safety analyses for electrical, electronic and/or programmable electronic (E/E/EP) safety-related systems used in payload applications on-board the International Space Station (ISS) are often based on failure modes, effects and criticality analysis (FMECA). For industrial applications of E/E/EP safety-related systems, comparable strategies exist and are defined in the IEC-61508 standard. This standard defines some quantitative criteria based on potential failure modes (for example, Safe Failure Fraction). These criteria can be calculated for an E/E/EP system or components to assess their compliance to requirements of a particular Safety Integrity Level (SIL). The standard defines several SILs depending on how much risk has to be mitigated by a safety-critical system. When a FMECA is available for an ISS payload or its subsystem, it may be possible to calculate the same or similar parameters as defined in the 61508 standard. One example of a payload that has a dedicated functional safety subsystem is the Electromagnetic Levitator (EML). This payload for the ISS is planned to be operated on-board starting 2014. The EML is a high-temperature materials processing facility. The dedicated subsystem "Hazard Control Electronics" (HCE) is implemented to ensure compliance to failure tolerance in limiting samples processing parameters to maintain generation of the potentially toxic by-products to safe limits in line with the requirements applied to the payloads by the ISS Program. The objective of this paper is to assess the implementation of the HCE in the EML against criteria for functional safety systems in the IEC-61508 standard and to evaluate commonalities and differences with respect to safety requirements levied on ISS Payloads. An attempt is made to assess a possibility of using commercially available components and systems certified for compliance to industrial functional safety standards in ISS payloads.

[Preliminary studies on critical control point of traceability system in wolfberry].

PubMed

Liu, Sai; Xu, Chang-Qing; Li, Jian-Ling; Lin, Chen; Xu, Rong; Qiao, Hai-Li; Guo, Kun; Chen, Jun

2016-07-01

As a traditional Chinese medicine, wolfberry (Lycium barbarum) has a long cultivation history and a good industrial development foundation. With the development of wolfberry production, the expansion of cultivation area and the increased attention of governments and consumers on food safety, the quality and safety requirement of wolfberry is higher demanded. The quality tracing and traceability system of production entire processes is the important technology tools to protect the wolfberry safety, and to maintain sustained and healthy development of the wolfberry industry. Thus, this article analyzed the wolfberry quality management from the actual situation, the safety hazard sources were discussed according to the HACCP (hazard analysis and critical control point) and GAP (good agricultural practice for Chinese crude drugs), and to provide a reference for the traceability system of wolfberry. Copyright© by the Chinese Pharmaceutical Association.

Criticality Safety Evaluation of Standard Criticality Safety Requirements #1-520 g Operations in PF-4

DOE Office of Scientific and Technical Information (OSTI.GOV)

Yamanaka, Alan Joseph Jr.

Guidance has been requested from the Nuclear Criticality Safety Division (NCSD) regarding processes that involve 520 grams of fissionable material or less. This Level-3 evaluation was conducted and documented in accordance with NCS-AP-004 (Ref. 1), formerly NCS-GUIDE-01. This evaluation is being written as a generic evaluation for all operations that will be able to operate using a 520-gram mass limit. Implementation for specific operations will be performed using a Level 1 CSED, which will confirm and document that this CSED can be used for the specific operation as discussed in NCS-MEMO-17-007 (Ref. 2). This Level 3 CSED updates and supersedesmore » the analysis performed in NCS-TECH-14-014 (Ref. 3).« less

NASA System Safety Handbook. Volume 2: System Safety Concepts, Guidelines, and Implementation Examples

NASA Technical Reports Server (NTRS)

Dezfuli, Homayoon; Benjamin, Allan; Everett, Christopher; Feather, Martin; Rutledge, Peter; Sen, Dev; Youngblood, Robert

2015-01-01

This is the second of two volumes that collectively comprise the NASA System Safety Handbook. Volume 1 (NASASP-210-580) was prepared for the purpose of presenting the overall framework for System Safety and for providing the general concepts needed to implement the framework. Volume 2 provides guidance for implementing these concepts as an integral part of systems engineering and risk management. This guidance addresses the following functional areas: 1.The development of objectives that collectively define adequate safety for a system, and the safety requirements derived from these objectives that are levied on the system. 2.The conduct of system safety activities, performed to meet the safety requirements, with specific emphasis on the conduct of integrated safety analysis (ISA) as a fundamental means by which systems engineering and risk management decisions are risk-informed. 3.The development of a risk-informed safety case (RISC) at major milestone reviews to argue that the systems safety objectives are satisfied (and therefore that the system is adequately safe). 4.The evaluation of the RISC (including supporting evidence) using a defined set of evaluation criteria, to assess the veracity of the claims made therein in order to support risk acceptance decisions.

[Implementation of a safety and health planning system in a teaching hospital].

PubMed

Mariani, F; Bravi, C; Dolcetti, L; Moretto, A; Palermo, A; Ronchin, M; Tonelli, F; Carrer, P

2007-01-01

University Hospital "L. Sacco" had started in 2006 a two-year project in order to set up a "Health and Safety Management System (HSMS)" referring to the technical guideline OHSAS 18001:1999 and the UNI and INAIL "Guidelines for a health and safety management system at workplace". So far, the following operations had been implemented: Setting up of a specific Commission within the Risk Management Committee; Identification and appointment of Departmental Representatives of HSMS; Carrying out of a training course addressed to Workers Representatives for Safety and Departmental Representatives of HSMS; Development of an Integrated Informative System for Prevention and Safety; Auditors qualification; Inspection of the Occupational Health Unit and the Prevention and Safety Service: reporting of critical situations and monitoring solutions adopted. Short term objectives are: Self-evaluation through check-lists of each department; Sharing of the Improvement Plan among the departments of the hospital; Planning of Health and Safety training activities in the framework of the Hospital Training Plan; Safety audit.

Space engine safety system

NASA Technical Reports Server (NTRS)

Maul, William A.; Meyer, Claudia M.

1991-01-01

A rocket engine safety system was designed to initiate control procedures to minimize damage to the engine or vehicle or test stand in the event of an engine failure. The features and the implementation issues associated with rocket engine safety systems are discussed, as well as the specific concerns of safety systems applied to a space-based engine and long duration space missions. Examples of safety system features and architectures are given, based on recent safety monitoring investigations conducted for the Space Shuttle Main Engine and for future liquid rocket engines. Also, the general design and implementation process for rocket engine safety systems is presented.

PRELIMINARY NUCLEAR CRITICALITY NUCLEAR SAFETY EVLAUATION FOR THE CONTAINER SURVEILLANCE AND STORAGE CAPABILITY PROJECT

DOE Office of Scientific and Technical Information (OSTI.GOV)

Low, M; Matthew02 Miller, M; Thomas Reilly, T

2007-04-30

Washington Safety Management Solutions (WSMS) provides criticality safety services to Washington Savannah River Company (WSRC) at the Savannah River Site. One activity at SRS is the Container Surveillance and Storage Capability (CSSC) Project, which will perform surveillances on 3013 containers (hereafter referred to as 3013s) to verify that they meet the Department of Energy (DOE) Standard (STD) 3013 for plutonium storage. The project will handle quantities of material that are greater than ANS/ANSI-8.1 single parameter mass limits, and thus required a Nuclear Criticality Safety Evaluation (NCSE). The WSMS methodology for conducting an NCSE is outlined in the WSMS methods manual.more » The WSMS methods manual currently follows the requirements of DOE-O-420.1B, DOE-STD-3007-2007, and the Washington Savannah River Company (WSRC) SCD-3 manual. DOE-STD-3007-2007 describes how a NCSE should be performed, while DOE-O-420.1B outlines the requirements for a Criticality Safety Program (CSP). The WSRC SCD-3 manual implements DOE requirements and ANS standards. NCSEs do not address the Nuclear Criticality Safety (NCS) of non-reactor nuclear facilities that may be affected by overt or covert activities of sabotage, espionage, terrorism or other security malevolence. Events which are beyond the Design Basis Accidents (DBAs) are outside the scope of a double contingency analysis.« less

Criticality Safety Evaluations on the Use of 200-gram Pu Mass Limit for RHWM Waste Storage Operations

DOE Office of Scientific and Technical Information (OSTI.GOV)

Chou, P

This work establishes the criticality safety technical basis to increase the fissile mass limit from 120 grams to 200 grams for Type A 55-gallon drums and their equivalents. Current RHWM fissile mass limit is 120 grams Pu for Type A 55-gallon containers and their equivalent. In order to increase the Type A 55-gallon drum limit to 200 grams, a few additional criticality safety control requirements are needed on moderators, reflectors, and array controls to ensure that the 200-gram Pu drums remain criticality safe with inadvertent criticality remains incredible. The purpose of this work is to analyze the use of 200-grammore » Pu drum mass limit for waste storage operations in Radioactive and Hazardous Waste Management (RHWM) Facilities. In this evaluation, the criticality safety controls associated with the 200-gram Pu drums are established for the RHWM waste storage operations. With the implementation of these criticality safety controls, the 200-gram Pu waste drum storage operations are demonstrated to be criticality safe and meet the double-contingency-principle requirement per DOE O 420.1.« less

Editorial: emerging issues in sociotechnical systems thinking and workplace safety.

PubMed

Noy, Y Ian; Hettinger, Lawrence J; Dainoff, Marvin J; Carayon, Pascale; Leveson, Nancy G; Robertson, Michelle M; Courtney, Theodore K

2015-01-01

The burden of on-the-job accidents and fatalities and the harm of associated human suffering continue to present an important challenge for safety researchers and practitioners. While significant improvements have been achieved in recent decades, the workplace accident rate remains unacceptably high. This has spurred interest in the development of novel research approaches, with particular interest in the systemic influences of social/organisational and technological factors. In response, the Hopkinton Conference on Sociotechnical Systems and Safety was organised to assess the current state of knowledge in the area and to identify research priorities. Over the course of several months prior to the conference, leading international experts drafted collaborative, state-of-the-art reviews covering various aspects of sociotechnical systems and safety. These papers, presented in this special issue, cover topics ranging from the identification of key concepts and definitions to sociotechnical characteristics of safe and unsafe organisations. This paper provides an overview of the conference and introduces key themes and topics. Sociotechnical approaches to workplace safety are intended to draw practitioners' attention to the critical influence that systemic social/organisational and technological factors exert on safety-relevant outcomes. This paper introduces major themes addressed in the Hopkinton Conference within the context of current workplace safety research and practice challenges.

Editorial: emerging issues in sociotechnical systems thinking and workplace safety

PubMed Central

Noy, Y. Ian; Hettinger, Lawrence J.; Dainoff, Marvin J.; Carayon, Pascale; Leveson, Nancy G.; Robertson, Michelle M.; Courtney, Theodore K.

2015-01-01

The burden of on-the-job accidents and fatalities and the harm of associated human suffering continue to present an important challenge for safety researchers and practitioners. While significant improvements have been achieved in recent decades, the workplace accident rate remains unacceptably high. This has spurred interest in the development of novel research approaches, with particular interest in the systemic influences of social/organisational and technological factors. In response, the Hopkinton Conference on Sociotechnical Systems and Safety was organised to assess the current state of knowledge in the area and to identify research priorities. Over the course of several months prior to the conference, leading international experts drafted collaborative, state-of-the-art reviews covering various aspects of sociotechnical systems and safety. These papers, presented in this special issue, cover topics ranging from the identification of key concepts and definitions to sociotechnical characteristics of safe and unsafe organisations. This paper provides an overview of the conference and introduces key themes and topics. Practitioner Summary: Sociotechnical approaches to workplace safety are intended to draw practitioners' attention to the critical influence that systemic social/organisational and technological factors exert on safety-relevant outcomes. This paper introduces major themes addressed in the Hopkinton Conference within the context of current workplace safety research and practice challenges. PMID:25819595

NASA Software Safety Standard

NASA Technical Reports Server (NTRS)

Rosenberg, Linda

1997-01-01

If software is a critical element in a safety critical system, it is imperative to implement a systematic approach to software safety as an integral part of the overall system safety programs. The NASA-STD-8719.13A, "NASA Software Safety Standard", describes the activities necessary to ensure that safety is designed into software that is acquired or developed by NASA, and that safety is maintained throughout the software life cycle. A PDF version, is available on the WWW from Lewis. A Guidebook that will assist in the implementation of the requirements in the Safety Standard is under development at the Lewis Research Center (LeRC). After completion, it will also be available on the WWW from Lewis.

Software development for safety-critical medical applications

NASA Technical Reports Server (NTRS)

Knight, John C.

1992-01-01

There are many computer-based medical applications in which safety and not reliability is the overriding concern. Reduced, altered, or no functionality of such systems is acceptable as long as no harm is done. A precise, formal definition of what software safety means is essential, however, before any attempt can be made to achieve it. Without this definition, it is not possible to determine whether a specific software entity is safe. A set of definitions pertaining to software safety will be presented and a case study involving an experimental medical device will be described. Some new techniques aimed at improving software safety will also be discussed.

Certification Strategies using Run-Time Safety Assurance for Part 23 Autopilot Systems

NASA Technical Reports Server (NTRS)

Hook, Loyd R.; Clark, Matthew; Sizoo, David; Skoog, Mark A.; Brady, James

2016-01-01

Part 23 aircraft operation, and in particular general aviation, is relatively unsafe when compared to other common forms of vehicle travel. Currently, there exists technologies that could increase safety statistics for these aircraft; however, the high burden and cost of performing the requisite safety critical certification processes for these systems limits their proliferation. For this reason, many entities, including the Federal Aviation Administration, NASA, and the US Air Force, are considering new options for certification for technologies that will improve aircraft safety. Of particular interest, are low cost autopilot systems for general aviation aircraft, as these systems have the potential to positively and significantly affect safety statistics. This paper proposes new systems and techniques, leveraging run-time verification, for the assurance of general aviation autopilot systems, which would be used to supplement the current certification process and provide a viable path for near-term low-cost implementation. In addition, discussions on preliminary experimentation and building the assurance case for a system, based on these principles, is provided.

Application of SAE ARP4754A to Flight Critical Systems

NASA Technical Reports Server (NTRS)

Peterson, Eric M.

2015-01-01

This report documents applications of ARP4754A to the development of modern computer-based (i.e., digital electronics, software and network-based) aircraft systems. This study is to offer insight and provide educational value relative to the guidelines in ARP4754A and provide an assessment of the current state-of-the- practice within industry and regulatory bodies relative to development assurance for complex and safety-critical computer-based aircraft systems.

Systemic safety project selection tool.

DOT National Transportation Integrated Search

2013-07-01

"The Systemic Safety Project Selection Tool presents a process for incorporating systemic safety planning into traditional safety management processes. The Systemic Tool provides a step-by-step process for conducting systemic safety analysis; conside...

A critical incident reporting system in anaesthesia.

PubMed

Madzimbamuto, F D; Chiware, R

2001-01-01

To audit the recently established Critical Incident Reporting System in the Department of Anaesthesia and Critical Care Medicine, University of Zimbabwe Medical School. The system was set up with the purpose of improving the quality of care delivered by the department. Cross sectional study. A critical incident was defined as 'any adverse and reversible event in theatre, during or immediately after surgery that if it persisted without correction would cause harm to the patient'. The anaesthetic or recovery room staff filled a critical incident form anonymously. Data was collected from critical incident reporting forms for analysis. The anaesthetic service in the two teaching hospitals of Harare Central and Parirenyatwa General Hospitals. Between May and October 2000, 62 completed critical incident forms were collected. The nature of the incident and the monitoring used were recorded, the cause was classified as human, equipment or monitoring failure and the outcome for each patient reported. There was no formal system for reminding staff to fill in their critical incident forms. A total of 14,165 operations were performed over the reporting period: 62 critical incident forms were collected, reporting 130 incidents, giving a rate of 0.92% (130/14,165). Of these, 42 patients were emergencies and 20 elective. The incidents were hypotension, hypoxia, bradycardia, ECG changes, aspiration, laryngospasm, high spinal, and cardiac arrest. Monitoring present on patients who had critical incidents was: capnography 57%, oxymetry 90% and ECG 100%. Other monitors are not reported. Human error contributed in 32/62 of patients and equipment failure in 31/62 of patients. Patient outcome showed 15% died, 23% were unplanned admissions to HDU while 62% were discharged to the ward with little or no adverse outcome. Despite some under reporting, the critical incident rate was within the range reported in the literature. Supervision of juniors is not adequate, especially on call. The

Planning the Unplanned Experiment: Towards Assessing the Efficacy of Standards for Safety-Critical Software

NASA Technical Reports Server (NTRS)

Graydon, Patrick J.; Holloway, C. M.

2015-01-01

Safe use of software in safety-critical applications requires well-founded means of determining whether software is fit for such use. While software in industries such as aviation has a good safety record, little is known about whether standards for software in safety-critical applications 'work' (or even what that means). It is often (implicitly) argued that software is fit for safety-critical use because it conforms to an appropriate standard. Without knowing whether a standard works, such reliance is an experiment; without carefully collecting assessment data, that experiment is unplanned. To help plan the experiment, we organized a workshop to develop practical ideas for assessing software safety standards. In this paper, we relate and elaborate on the workshop discussion, which revealed subtle but important study design considerations and practical barriers to collecting appropriate historical data and recruiting appropriate experimental subjects. We discuss assessing standards as written and as applied, several candidate definitions for what it means for a standard to 'work,' and key assessment strategies and study techniques and the pros and cons of each. Finally, we conclude with thoughts about the kinds of research that will be required and how academia, industry, and regulators might collaborate to overcome the noted barriers.

Risk-Informed Safety Assurance and Probabilistic Assessment of Mission-Critical Software-Intensive Systems

NASA Technical Reports Server (NTRS)

Guarro, Sergio B.

2010-01-01

This report validates and documents the detailed features and practical application of the framework for software intensive digital systems risk assessment and risk-informed safety assurance presented in the NASA PRA Procedures Guide for Managers and Practitioner. This framework, called herein the "Context-based Software Risk Model" (CSRM), enables the assessment of the contribution of software and software-intensive digital systems to overall system risk, in a manner which is entirely compatible and integrated with the format of a "standard" Probabilistic Risk Assessment (PRA), as currently documented and applied for NASA missions and applications. The CSRM also provides a risk-informed path and criteria for conducting organized and systematic digital system and software testing so that, within this risk-informed paradigm, the achievement of a quantitatively defined level of safety and mission success assurance may be targeted and demonstrated. The framework is based on the concept of context-dependent software risk scenarios and on the modeling of such scenarios via the use of traditional PRA techniques - i.e., event trees and fault trees - in combination with more advanced modeling devices such as the Dynamic Flowgraph Methodology (DFM) or other dynamic logic-modeling representations. The scenarios can be synthesized and quantified in a conditional logic and probabilistic formulation. The application of the CSRM method documented in this report refers to the MiniAERCam system designed and developed by the NASA Johnson Space Center.

Towards A Comprehensive Consideration of Epistemic Questions in Software System Safety

NASA Technical Reports Server (NTRS)

Holloway, C. M.; Johnson, Chris W.

2009-01-01

For any software system upon which lives depend, the most important question one can ask about it is, 'How do we know the system is safe?' Despite the critical importance of this question, no widely accepted, generally applicable answer exists. Instead, debate continues to rage over the question, with theorists and practitioners quarrelling with each other and amongst themselves. This paper suggests a possible way forward towards quelling the quarrels, based on refining the critical safety question into additional questions, which may be more likely to have answers on which a consensus can be reached.

Mission and Safety Critical (MASC): An EVACS simulation with nested transactions

NASA Technical Reports Server (NTRS)

Auty, David; Atkinson, Colin; Randall, Charlie

1992-01-01

The Extra-Vehicular Activity Control System (EVACS) Simulation with Nested Transactions, a recent effort of the MISSION Kernel Team, is documented. The EVACS simulation is a simulation of some aspects of the Extra-Vehicular Activity Control System, in particular, just the selection of communication frequencies. The simulation is a tool to explore mission and safety critical (MASC) applications. For the purpose of this effort, its current definition is quite narrow serving only as a starting point for prototyping purposes. (Note that EVACS itself has been supplanted in a larger scenario of a lunar outpost with astronauts and a lunar rover). The frequency selection scenario was modified to embed its processing in nested transactions. Again as a first step, only two aspects of transaction support were implemented in this prototype: architecture and state recovery. Issues of concurrency and distribution are yet to be addressed.

Comprehensive target populations for current active safety systems using national crash databases.

PubMed

Kusano, Kristofer D; Gabler, Hampton C

2014-01-01

The objective of active safety systems is to prevent or mitigate collisions. A critical component in the design of active safety systems is the identification of the target population for a proposed system. The target population for an active safety system is that set of crashes that a proposed system could prevent or mitigate. Target crashes have scenarios in which the sensors and algorithms would likely activate. For example, the rear-end crash scenario, where the front of one vehicle contacts another vehicle traveling in the same direction and in the same lane as the striking vehicle, is one scenario for which forward collision warning (FCW) would be most effective in mitigating or preventing. This article presents a novel set of precrash scenarios based on coded variables from NHTSA's nationally representative crash databases in the United States. Using 4 databases (National Automotive Sampling System-General Estimates System [NASS-GES], NASS Crashworthiness Data System [NASS-CDS], Fatality Analysis Reporting System [FARS], and National Motor Vehicle Crash Causation Survey [NMVCCS]) the scenarios developed in this study can be used to quantify the number of police-reported crashes, seriously injured occupants, and fatalities that are applicable to proposed active safety systems. In this article, we use the precrash scenarios to identify the target populations for FCW, pedestrian crash avoidance systems (PCAS), lane departure warning (LDW), and vehicle-to-vehicle (V2V) or vehicle-to-infrastructure (V2I) systems. Crash scenarios were derived using precrash variables (critical event, accident type, precrash movement) present in all 4 data sources. This study found that these active safety systems could potentially mitigate approximately 1 in 5 of all severity and serious injury crashes in the United States and 26 percent of fatal crashes. Annually, this corresponds to 1.2 million all severity, 14,353 serious injury (MAIS 3+), and 7412 fatal crashes. In addition

75 FR 8239 - School Food Safety Program Based on Hazard Analysis and Critical Control Point Principles (HACCP...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-02-24

... 0584-AD65 School Food Safety Program Based on Hazard Analysis and Critical Control Point Principles... Safety Program Based on Hazard Analysis and Critical Control Point Principles (HACCP) was published on... of Management and Budget (OMB) cleared the associated information collection requirements (ICR) on...

Structural empowerment and patient safety culture among registered nurses working in adult critical care units.

PubMed

Armellino, Donna; Quinn Griffin, Mary T; Fitzpatrick, Joyce J

2010-10-01

The aim of the present study was to examine the relationship between structural empowerment and patient safety culture among staff level Registered Nurses (RNs) within adult critical care units (ACCU). There is literature to support the value of RNs' structurally empowered work environments and emerging literature towards patient safety culture; the link between empowerment and patient safety culture is being discovered. A sample of 257 RNs, working within adult critical care of a tertiary hospital in the United States, was surveyed. Instruments included a background data sheet, the Conditions of Workplace Effectiveness and the Hospital Survey on Patient Safety Culture. Structural empowerment and patient safety culture were significantly correlated. As structural empowerment increased so did the RNs' perception of patient safety culture. To foster patient safety culture, nurse leaders should consider providing structurally empowering work environments for RNs. This study contributes to the body of knowledge linking structural empowerment and patient safety culture. Results link structurally empowered RNs and increased patient safety culture, essential elements in delivering efficient, competent, quality care. They inform nursing management of key factors in the nurses' environment that promote safe patient care environments. © 2010 The Authors. Journal compilation © 2010 Blackwell Publishing Ltd.

Reliability/safety analysis of a fly-by-wire system

NASA Technical Reports Server (NTRS)

Brock, L. D.; Goddman, H. A.

1980-01-01

An analysis technique has been developed to estimate the reliability of a very complex, safety-critical system by constructing a diagram of the reliability equations for the total system. This diagram has many of the characteristics of a fault-tree or success-path diagram, but is much easier to construct for complex redundant systems. The diagram provides insight into system failure characteristics and identifies the most likely failure modes. A computer program aids in the construction of the diagram and the computation of reliability. Analysis of the NASA F-8 Digital Fly-by-Wire Flight Control System is used to illustrate the technique.

Bayesian Statistics and Uncertainty Quantification for Safety Boundary Analysis in Complex Systems

NASA Technical Reports Server (NTRS)

He, Yuning; Davies, Misty Dawn

2014-01-01

The analysis of a safety-critical system often requires detailed knowledge of safe regions and their highdimensional non-linear boundaries. We present a statistical approach to iteratively detect and characterize the boundaries, which are provided as parameterized shape candidates. Using methods from uncertainty quantification and active learning, we incrementally construct a statistical model from only few simulation runs and obtain statistically sound estimates of the shape parameters for safety boundaries.

A Software Safety Risk Taxonomy for Use in Retrospective Safety Cases

NASA Technical Reports Server (NTRS)

Hill, Janice L.

2007-01-01

Safety standards contain technical and process-oriented safely requirements. The best time to include these requirements is early in the development lifecycle of the system. When software safety requirements are levied on a legacy system after the fact, a retrospective safety case will need to be constructed for the software in the system. This can be a difficult task because there may be few to no art facts available to show compliance to the software safely requirements. The risks associated with not meeting safely requirements in a legacy safely-critical computer system must be addressed to give confidence for reuse. This paper introduces a proposal for a software safely risk taxonomy for legacy safely-critical computer systems, by specializing the Software Engineering Institute's 'Software Development Risk Taxonomy' with safely elements and attributes.

Quantifying Pilot Contribution to Flight Safety during Hydraulic Systems Failure

NASA Technical Reports Server (NTRS)

Kramer, Lynda J.; Etherington, Timothy J.; Bailey, Randall E.; Kennedy, Kellie D.

2017-01-01

Accident statistics cite the flight crew as a causal factor in over 60% of large transport aircraft fatal accidents. Yet, a well-trained and well-qualified pilot is acknowledged as the critical center point of aircraft systems safety and an integral safety component of the entire commercial aviation system. The latter statement, while generally accepted, cannot be verified because little or no quantitative data exists on how and how many accidents/incidents are averted by crew actions. A joint NASA/FAA high-fidelity motion-base human-in-the-loop test was conducted using a Level D certified Boeing 737-800 simulator to evaluate the pilot's contribution to safety-of-flight during routine air carrier flight operations and in response to aircraft system failures. To quantify the human's contribution, crew complement (two-crew, reduced crew, single pilot) was used as the independent variable in a between-subjects design. This paper details the crew's actions, including decision-making, and responses while dealing with a hydraulic systems leak - one of 6 total non-normal events that were simulated in this experiment.

Software System Safety and the NASA Aeronautics Blueprint

NASA Technical Reports Server (NTRS)

Holloway, C. Michael; Hayhurst, Kelly J.

2002-01-01

NASA's Aeronautics Blueprint lays out a research agenda for the Agency s aeronautics program. The word software appears only four times in this Blueprint, but the critical importance of safe and correct software to the fulfillment of the proposed research is evident on almost every page. Most of the technology solutions proposed to address challenges in aviation are software dependent technologies. Of the fifty-two specific technology solutions described in the Blueprint, forty-one depend, at least in part, on software for success. For thirty-five of these forty-one, software is not only critical to success, but also to human safety. That is, implementing the technology solutions will require using software in such a way that it may, if not specified, designed, and implemented properly, lead to fatal accidents. These results have at least two implications for the research based on the Blueprint: (1) knowledge about the current state-of-the-art and state-of-the-practice in software engineering and software system safety is essential, and (2) research into current unsolved problems in these software disciplines is also essential.

Shielding calculation and criticality safety analysis of spent fuel transportation cask in research reactors.

PubMed

Mohammadi, A; Hassanzadeh, M; Gharib, M

2016-02-01

In this study, shielding calculation and criticality safety analysis were carried out for general material testing reactor (MTR) research reactors interim storage and relevant transportation cask. During these processes, three major terms were considered: source term, shielding, and criticality calculations. The Monte Carlo transport code MCNP5 was used for shielding calculation and criticality safety analysis and ORIGEN2.1 code for source term calculation. According to the results obtained, a cylindrical cask with body, top, and bottom thicknesses of 18, 13, and 13 cm, respectively, was accepted as the dual-purpose cask. Furthermore, it is shown that the total dose rates are below the normal transport criteria that meet the standards specified. Copyright © 2015 Elsevier Ltd. All rights reserved.

A systems-based food safety evaluation: an experimental approach.

PubMed

Higgins, Charles L; Hartfield, Barry S

2004-11-01

Food establishments are complex systems with inputs, subsystems, underlying forces that affect the system, outputs, and feedback. Building on past exploration of the hazard analysis critical control point concept and Ludwig von Bertalanffy General Systems Theory, the National Park Service (NPS) is attempting to translate these ideas into a realistic field assessment of food service establishments and to use information gathered by these methods in efforts to improve food safety. Over the course of the last two years, an experimental systems-based methodology has been drafted, developed, and tested by the NPS Public Health Program. This methodology is described in this paper.

Automated critical test result notification system: architecture, design, and assessment of provider satisfaction.

PubMed

Lacson, Ronilda; O'Connor, Stacy D; Andriole, Katherine P; Prevedello, Luciano M; Khorasani, Ramin

2014-11-01

Communicating critical results of diagnostic imaging procedures is a national patient safety goal. The purposes of this study were to describe the system architecture and design of Alert Notification of Critical Results (ANCR), an automated system designed to facilitate communication of critical imaging results between care providers; to report providers' satisfaction with ANCR; and to compare radiologists' and ordering providers' attitudes toward ANCR. The design decisions made for each step in the alert communication process, which includes user authentication, alert creation, alert communication, alert acknowledgment and management, alert reminder and escalation, and alert documentation, are described. To assess attitudes toward ANCR, internally developed and validated surveys were administered to all radiologists (n = 320) and ordering providers (n = 4323) who sent or received alerts 3 years after ANCR implementation. The survey response rates were 50.4% for radiologists and 36.1% for ordering providers. Ordering providers were generally dissatisfied with the training received for use of ANCR and with access to technical support. Radiologists were more satisfied with documenting critical result communication (61.1% vs 43.2%; p = 0.0001) and tracking critical results (51.6% vs 35.1%; p = 0.0003) than were ordering providers. Both groups agreed use of ANCR reduces medical errors and improves the quality of patient care. Use of ANCR enables automated communication of critical test results. The survey results confirm overall provider satisfaction with ANCR but highlight the need for improved training strategies for large numbers of geographically dispersed ordering providers. Future enhancements beyond acknowledging receipt of critical results are needed to help ensure timely and appropriate follow-up of critical results to improve quality and patient safety.

Approach for validating actinide and fission product compositions for burnup credit criticality safety analyses

DOE PAGES

Radulescu, Georgeta; Gauld, Ian C.; Ilas, Germina; ...

2014-11-01

This paper describes a depletion code validation approach for criticality safety analysis using burnup credit for actinide and fission product nuclides in spent nuclear fuel (SNF) compositions. The technical basis for determining the uncertainties in the calculated nuclide concentrations is comparison of calculations to available measurements obtained from destructive radiochemical assay of SNF samples. Probability distributions developed for the uncertainties in the calculated nuclide concentrations were applied to the SNF compositions of a criticality safety analysis model by the use of a Monte Carlo uncertainty sampling method to determine bias and bias uncertainty in effective neutron multiplication factor. Application ofmore » the Monte Carlo uncertainty sampling approach is demonstrated for representative criticality safety analysis models of pressurized water reactor spent fuel pool storage racks and transportation packages using burnup-dependent nuclide concentrations calculated with SCALE 6.1 and the ENDF/B-VII nuclear data. Furthermore, the validation approach and results support a recent revision of the U.S. Nuclear Regulatory Commission Interim Staff Guidance 8.« less

Confirming criticality safety of TRU waste with neutron measurements and risk analyses

DOE Office of Scientific and Technical Information (OSTI.GOV)

Winn, W.G.; Hochel, R.D.

1992-04-01

The criticality safety of {sup 239}Pu in 55-gallon drums stored in TRU waste containers (culverts) is confirmed using NDA neutron measurements and risk analyses. The neutron measurements yield a {sup 239}Pu mass and k{sub eff} for a culvert, which contains up to 14 drums. Conservative probabilistic risk analyses were developed for both drums and culverts. Overall {sup 239}Pu mass estimates are less than a calculated safety limit of 2800 g per culvert. The largest measured k{sub eff} is 0.904. The largest probability for a critical drum is 6.9 {times} 10{sup {minus}8} and that for a culvert is 1.72 {times} 10{supmore » {minus}7}. All examined suspect culverts, totaling 118 in number, are appraised as safe based on these observations.« less

Laser safety research and modeling for high-energy laser systems

NASA Astrophysics Data System (ADS)

Smith, Peter A.; Montes de Oca, Cecilia I.; Kennedy, Paul K.; Keppler, Kenneth S.

2002-06-01

The Department of Defense has an increasing number of high-energy laser weapons programs with the potential to mature in the not too distant future. However, as laser systems with increasingly higher energies are developed, the difficulty of the laser safety problem increases proportionally, and presents unique safety challenges. The hazard distance for the direct beam can be in the order of thousands of miles, and radiation reflected from the target may also be hazardous over long distances. This paper details the Air Force Research Laboratory/Optical Radiation Branch (AFRL/HEDO) High-Energy Laser (HEL) safety program, which has been developed to support DOD HEL programs by providing critical capability and knowledge with respect to laser safety. The overall aim of the program is to develop and demonstrate technologies that permit safe testing, deployment and use of high-energy laser weapons. The program spans the range of applicable technologies, including evaluation of the biological effects of high-energy laser systems, development and validation of laser hazard assessment tools, and development of appropriate eye protection for those at risk.

Impact of an electronic alert notification system embedded in radiologists' workflow on closed-loop communication of critical results: a time series analysis.

PubMed

Lacson, Ronilda; O'Connor, Stacy D; Sahni, V Anik; Roy, Christopher; Dalal, Anuj; Desai, Sonali; Khorasani, Ramin

2016-07-01

Optimal critical test result communication is a Joint Commission national patient safety goal and requires documentation of closed-loop communication among care providers in the medical record. Electronic alert notification systems can facilitate an auditable process for creating alerts for transmission and acknowledgement of critical test results. We evaluated the impact of a patient safety initiative with an alert notification system on reducing critical results lacking documented communication, and assessed potential overuse of the alerting system for communicating results. We implemented an alert notification system-Alert Notification of Critical Results (ANCR)-in January 2010. We reviewed radiology reports finalised in 2009-2014 which lacked documented communication between the radiologist and another care provider, and assessed the impact of ANCR on the proportion of such reports with critical findings, using trend analysis over 10 semiannual time periods. To evaluate potential overuse of ANCR, we assessed the proportion of reports with non-critical results among provider-communicated reports. The proportion of reports with critical results among reports without documented communication decreased significantly over 4 years (2009-2014) from 0.19 to 0.05 (p<0.0001, Cochran-Armitage trend test). The proportion of provider-communicated reports with non-critical results remained unchanged over time before and after ANCR implementation (0.20 to 0.15, p=0.45, Cochran-Armitage trend test). A patient safety initiative with an alert notification system reduced the proportion of critical results among reports lacking documented communication between care providers. We observed no change in documented communication of non-critical results, suggesting the system did not promote overuse. Future studies are needed to evaluate whether such systems prevent subsequent patient harm. Published by the BMJ Publishing Group Limited. For permission to use (where not already

Safety management system needs assessment.

DOT National Transportation Integrated Search

2016-04-01

The safety of the traveling public is critical as each year there are approximately 200 highway fatalities in Nebraska and numerous crash injuries. The objective of this research was to conduct a needs assessment to identify the requirements of a sta...

The procedure safety system

NASA Technical Reports Server (NTRS)

Obrien, Maureen E.

1990-01-01

Telerobotic operations, whether under autonomous or teleoperated control, require a much more sophisticated safety system than that needed for most industrial applications. Industrial robots generally perform very repetitive tasks in a controlled, static environment. The safety system in that case can be as simple as shutting down the robot if a human enters the work area, or even simply building a cage around the work space. Telerobotic operations, however, will take place in a dynamic, sometimes unpredictable environment, and will involve complicated and perhaps unrehearsed manipulations. This creates a much greater potential for damage to the robot or objects in its vicinity. The Procedural Safety System (PSS) collects data from external sensors and the robot, then processes it through an expert system shell to determine whether an unsafe condition or potential unsafe condition exists. Unsafe conditions could include exceeding velocity, acceleration, torque, or joint limits, imminent collision, exceeding temperature limits, and robot or sensor component failure. If a threat to safety exists, the operator is warned. If the threat is serious enough, the robot is halted. The PSS, therefore, uses expert system technology to enhance safety thus reducing operator work load, allowing him/her to focus on performing the task at hand without the distraction of worrying about violating safety criteria.

Towards integrated hygiene and food safety management systems: the Hygieneomic approach.

PubMed

Armstrong, G D

1999-09-15

Integrated hygiene and food safety management systems in food production can give rise to exceptional improvements in food safety performance, but require high level commitment and full functional involvement. A new approach, named hygieneomics, has been developed to assist management in their introduction of hygiene and food safety systems. For an effective introduction, the management systems must be designed to fit with the current generational state of an organisation. There are, broadly speaking, four generational states of an organisation in their approach to food safety. They comprise: (i) rules setting; (ii) ensuring compliance; (iii) individual commitment; (iv) interdependent action. In order to set up an effective integrated hygiene and food safety management system a number of key managerial requirements are necessary. The most important ones are: (a) management systems must integrate the activities of key functions from research and development through to supply chain and all functions need to be involved; (b) there is a critical role for the senior executive, in communicating policy and standards; (c) responsibilities must be clearly defined, and it should be clear that food safety is a line management responsibility not to be delegated to technical or quality personnel; (d) a thorough and effective multi-level audit approach is necessary; (e) key activities in the system are HACCP and risk management, but it is stressed that these are ongoing management activities, not once-off paper generating exercises; and (f) executive management board level review is necessary of audit results, measurements, status and business benefits.

Protection and Safety.

ERIC Educational Resources Information Center

American School Board Journal, 1964

1964-01-01

Several aspects of school safety and protection are presented for school administrators and architects. Among those topics discussed are--(1) life safety, (2) vandalism controlled through proper design, (3) personal protective devices, and (4) fire alarm systems. Another critical factor in providing a complete school safety program is proper…

ASSIP Study of Real-Time Safety-Critical Embedded Software-Intensive System Engineering Practices

DTIC Science & Technology

2008-02-01

and assessment 2. product engineering processes 3. tooling processes 6 | CMU/SEI-2008-SR-001 Slide 1 Process Standards IEC/ ISO 12207 Software...and technical effort to align with 12207 IEC/ ISO 15026 System & Software Integrity Levels Generic Safety SAE ARP 4754 Certification Considerations...Process Frameworks in revision – ISO 9001, ISO 9004 – ISO 15288/ ISO 12207 harmonization – RTCA DO-178B, MOD Standard UK 00-56/3, … • Methods & Tools

Masters Thesis- Criticality Alarm System Design Guide with Accompanying Alarm System Development for the Radioisotope Production Laboratory in Richland, Washington

DOE Office of Scientific and Technical Information (OSTI.GOV)

Greenfield, Bryce A.

2009-12-01

A detailed instructional manual was created to guide criticality safety engineers through the process of designing a criticality alarm system (CAS) for Department of Energy (DOE) hazard class 1 and 2 facilities. Regulatory and technical requirements were both addressed. A list of design tasks and technical subtasks are thoroughly analyzed to provide concise direction for how to complete the analysis. An example of the application of the design methodology, the Criticality Alarm System developed for the Radioisotope Production Laboratory (RPL) of Richland, Washington is also included. The analysis for RPL utilizes the Monte Carlo code MCNP5 for establishing detector coveragemore » in the facility. Significant improvements to the existing CAS were made that increase the reliability, transparency, and coverage of the system.« less

Retrieval medicine: a review and guide for UK practitioners. Part 2: safety in patient retrieval systems

PubMed Central

Hearns, S; Shirley, P J

2006-01-01

Retrieval and transfer of critically ill and injured patients is a high risk activity. Risk can be minimised with robust safety and clinical governance systems in place. This article describes the various governance systems that can be employed to optimise safety and efficiency in retrieval services. These include operating procedure development, equipment management, communications procedures, crew resource management, significant event analysis, audit and training. PMID:17130608

Feasibility and safety of virtual-reality-based early neurocognitive stimulation in critically ill patients.

PubMed

Turon, Marc; Fernandez-Gonzalo, Sol; Jodar, Mercè; Gomà, Gemma; Montanya, Jaume; Hernando, David; Bailón, Raquel; de Haro, Candelaria; Gomez-Simon, Victor; Lopez-Aguilar, Josefina; Magrans, Rudys; Martinez-Perez, Melcior; Oliva, Joan Carles; Blanch, Lluís

2017-12-01

Growing evidence suggests that critical illness often results in significant long-term neurocognitive impairments in one-third of survivors. Although these neurocognitive impairments are long-lasting and devastating for survivors, rehabilitation rarely occurs during or after critical illness. Our aim is to describe an early neurocognitive stimulation intervention based on virtual reality for patients who are critically ill and to present the results of a proof-of-concept study testing the feasibility, safety, and suitability of this intervention. Twenty critically ill adult patients undergoing or having undergone mechanical ventilation for ≥24 h received daily 20-min neurocognitive stimulation sessions when awake and alert during their ICU stay. The difficulty of the exercises included in the sessions progressively increased over successive sessions. Physiological data were recorded before, during, and after each session. Safety was assessed through heart rate, peripheral oxygen saturation, and respiratory rate. Heart rate variability analysis, an indirect measure of autonomic activity sensitive to cognitive demands, was used to assess the efficacy of the exercises in stimulating attention and working memory. Patients successfully completed the sessions on most days. No sessions were stopped early for safety concerns, and no adverse events occurred. Heart rate variability analysis showed that the exercises stimulated attention and working memory. Critically ill patients considered the sessions enjoyable and relaxing without being overly fatiguing. The results in this proof-of-concept study suggest that a virtual-reality-based neurocognitive intervention is feasible, safe, and tolerable, stimulating cognitive functions and satisfying critically ill patients. Future studies will evaluate the impact of interventions on neurocognitive outcomes. Trial registration Clinical trials.gov identifier: NCT02078206.

An Improved Method to Control the Critical Parameters of a Multivariable Control System

NASA Astrophysics Data System (ADS)

Subha Hency Jims, P.; Dharmalingam, S.; Wessley, G. Jims John

2017-10-01

The role of control systems is to cope with the process deficiencies and the undesirable effect of the external disturbances. Most of the multivariable processes are highly iterative and complex in nature. Aircraft systems, Modern Power Plants, Refineries, Robotic systems are few such complex systems that involve numerous critical parameters that need to be monitored and controlled. Control of these important parameters is not only tedious and cumbersome but also is crucial from environmental, safety and quality perspective. In this paper, one such multivariable system, namely, a utility boiler has been considered. A modern power plant is a complex arrangement of pipework and machineries with numerous interacting control loops and support systems. In this paper, the calculation of controller parameters based on classical tuning concepts has been presented. The controller parameters thus obtained and employed has controlled the critical parameters of a boiler during fuel switching disturbances. The proposed method can be applied to control the critical parameters like elevator, aileron, rudder, elevator trim rudder and aileron trim, flap control systems of aircraft systems.

Automated Critical Test Result Notification System: Architecture, Design, and Assessment of Provider Satisfaction

PubMed Central

Lacson, Ronilda; O'Connor, Stacy D.; Andriole, Katherine P.; Prevedello, Luciano M.; Khorasani, Ramin

2015-01-01

OBJECTIVE Communicating critical results of diagnostic imaging procedures is a national patient safety goal. The purposes of this study were to describe the system architecture and design of Alert Notification of Critical Results (ANCR), an automated system designed to facilitate communication of critical imaging results between care providers; to report providers’ satisfaction with ANCR; and to compare radiologists’ and ordering providers’ attitudes toward ANCR. MATERIALS AND METHODS The design decisions made for each step in the alert communication process, which includes user authentication, alert creation, alert communication, alert acknowledgment and management, alert reminder and escalation, and alert documentation, are described. To assess attitudes toward ANCR, internally developed and validated surveys were administered to all radiologists (n = 320) and ordering providers (n = 4323) who sent or received alerts 3 years after ANCR implementation. RESULTS The survey response rates were 50.4% for radiologists and 36.1% for ordering providers. Ordering providers were generally dissatisfied with the training received for use of ANCR and with access to technical support. Radiologists were more satisfied with documenting critical result communication (61.1% vs 43.2%; p = 0.0001) and tracking critical results (51.6% vs 35.1%; p = 0.0003) than were ordering providers. Both groups agreed use of ANCR reduces medical errors and improves the quality of patient care. CONCLUSION Use of ANCR enables automated communication of critical test results. The survey results confirm overall provider satisfaction with ANCR but highlight the need for improved training strategies for large numbers of geographically dispersed ordering providers. Future enhancements beyond acknowledging receipt of critical results are needed to help ensure timely and appropriate follow-up of critical results to improve quality and patient safety. PMID:25341163

Understanding safety-critical interactions with a home medical device through Distributed Cognition.

PubMed

Rajkomar, Atish; Mayer, Astrid; Blandford, Ann

2015-08-01

As healthcare shifts from the hospital to the home, it is becoming increasingly important to understand how patients interact with home medical devices, to inform the safe and patient-friendly design of these devices. Distributed Cognition (DCog) has been a useful theoretical framework for understanding situated interactions in the healthcare domain. However, it has not previously been applied to study interactions with home medical devices. In this study, DCog was applied to understand renal patients' interactions with Home Hemodialysis Technology (HHT), as an example of a home medical device. Data was gathered through ethnographic observations and interviews with 19 renal patients and interviews with seven professionals. Data was analyzed through the principles summarized in the Distributed Cognition for Teamwork methodology. In this paper we focus on the analysis of system activities, information flows, social structures, physical layouts, and artefacts. By explicitly considering different ways in which cognitive processes are distributed, the DCog approach helped to understand patients' interaction strategies, and pointed to design opportunities that could improve patients' experiences of using HHT. The findings highlight the need to design HHT taking into consideration likely scenarios of use in the home and of the broader home context. A setting such as home hemodialysis has the characteristics of a complex and safety-critical socio-technical system, and a DCog approach effectively helps to understand how safety is achieved or compromised in such a system. Copyright © 2015 The Authors. Published by Elsevier Inc. All rights reserved.

Manned space flight nuclear system safety. Volume 6: Space base nuclear system safety plan

NASA Technical Reports Server (NTRS)

1972-01-01

A qualitative identification of the steps required to assure the incorporation of radiological system safety principles and objectives into all phases of a manned space base program are presented. Specific areas of emphasis include: (1) radiological program management, (2) nuclear system safety plan implementation, (3) impact on program, and (4) summary of the key operation and design guidelines and requirements. The plan clearly indicates the necessity of considering and implementing radiological system safety recommendations as early as possible in the development cycle to assure maximum safety and minimize the impact on design and mission plans.

Y-12 PLANT NUCLEAR SAFETY HANDBOOK

DOE Office of Scientific and Technical Information (OSTI.GOV)

Wachter, J.W. ed.; Bailey, M.L.; Cagle, T.J.

1963-03-27

Information needed to solve nuclear safety problems is condensed into a reference book for use by persons familiar with the field. Included are a glossary of terms; useful tables; nuclear constants; criticality calculations; basic nuclear safety limits; solution geometries and critical values; metal critical values; criticality values for intermediate, heterogeneous, and interacting systems; miscellaneous and related information; and report number, author, and subject indexes. (C.H.)

Implementation of safety management systems in Hong Kong construction industry - A safety practitioner's perspective.

PubMed

Yiu, Nicole S N; Sze, N N; Chan, Daniel W M

2018-02-01

In the 1980s, the safety management system (SMS) was introduced in the construction industry to mitigate against workplaces hazards, reduce the risk of injuries, and minimize property damage. Also, the Factories and Industrial Undertakings (Safety Management) Regulation was introduced on 24 November 1999 in Hong Kong to empower the mandatory implementation of a SMS in certain industries including building construction. Therefore, it is essential to evaluate the effectiveness of the SMS in improving construction safety and identify the factors that influence its implementation in Hong Kong. A review of the current state-of-the-practice helped to establish the critical success factors (CSFs), benefits, and difficulties of implementing the SMS in the construction industry, while structured interviews were used to establish the key factors of the SMS implementation. Results of the state-of-the-practice review and structured interviews indicated that visible senior commitment, in terms of manpower and cost allocation, and competency of safety manager as key drivers for the SMS implementation. More so, reduced accident rates and accident costs, improved organization framework, and increased safety audit ratings were identified as core benefits of implementing the SMS. Meanwhile, factors such as insufficient resources, tight working schedule, and high labor turnover rate were the key challenges to the effective SMS implementation in Hong Kong. The findings of the study were consistent and indicative of the future development of safety management practice and the sustainable safety improvement of Hong Kong construction industry in the long run. Copyright © 2018 National Safety Council and Elsevier Ltd. All rights reserved.

CSER 98-003: Criticality safety evaluation report for PFP glovebox HC-21A with button can opening

DOE Office of Scientific and Technical Information (OSTI.GOV)

ERICKSON, D.G.

1999-02-23

Glovebox HC-21A is an enclosure where cans containing plutonium metal buttons or other plutonium bearing materials are prepared for thermal stabilization in the muffle furnaces. The Inert Atmosphere Confinement (IAC), a new feature added to Glovebox HC-21A, allows the opening of containers suspected of containing hydrided plutonium metal. The argon atmosphere in the IAC prevents an adverse reaction between oxygen and the hydride. The hydride is then stabilized in a controlled manner to prevent glovebox over pressurization. After removal from the containers, the plutonium metal buttons or plutonium bearing materials will be placed into muffle furnace boats and then bemore » sent to one of the muffle furnace gloveboxes for stabilization. The materials allowed to be brought into GloveboxHC-21 A are limited to those with a hydrogen to fissile atom ratio (H/X) {le} 20. Glovebox HC-21A is classified as a DRY glovebox, meaning it has no internal liquid lines, and no free liquids or solutions are allowed to be introduced. The double contingency principle states that designs shall incorporate sufficient factors of safety to require at least two unlikely, independent, and concurrent changes in process conditions before a criticality accident is possible. This criticality safety evaluation report (CSER) shows that the operations to be performed in this glovebox are safe from a criticality standpoint. No single identified event that causes criticality controls to be lost exceeded the criticality safety limit of k{sub eff} = 0.95. Therefore, this CSER meets the requirements for a criticality analysis contained in the Hanford Site Nuclear Criticality Safety Manual, HNF-PRO-334, and meets the double contingency principle.« less

Safety Hazards During Intrahospital Transport: A Prospective Observational Study.

PubMed

Bergman, Lina M; Pettersson, Monica E; Chaboyer, Wendy P; Carlström, Eric D; Ringdal, Mona L

2017-10-01

To identify, classify, and describe safety hazards during the process of intrahospital transport of critically ill patients. A prospective observational study. Data from participant observations of the intrahospital transport process were collected over a period of 3 months. The study was undertaken at two ICUs in one university hospital. Critically ill patients transported within the hospital by critical care nurses, unlicensed nurses, and physicians. None. Content analysis was performed using deductive and inductive approaches. We detected a total of 365 safety hazards (median, 7; interquartile range, 4-10) during 51 intrahospital transports of critically ill patients, 80% of whom were mechanically ventilated. The majority of detected safety hazards were assessed as increasing the risk of harm, compromising patient safety (n = 204). Using the System Engineering Initiative for Patient Safety, we identified safety hazards related to the work system, as follows: team (n = 61), tasks (n = 83), tools and technologies (n = 124), environment (n = 48), and organization (n = 49). Inductive analysis provided an in-depth description of those safety hazards, contributing factors, and process-related outcomes. Findings suggest that intrahospital transport is a hazardous process for critically ill patients. We have identified several factors that may contribute to transport-related adverse events, which will provide the opportunity for the redesign of systems to enhance patient safety.

"Going solid": a model of system dynamics and consequences for patient safety

PubMed Central

Cook, R; Rasmussen, J

2005-01-01



 Rather than being a static property of hospitals and other healthcare facilities, safety is dynamic and often on short time scales. In the past most healthcare delivery systems were loosely coupled—that is, activities and conditions in one part of the system had only limited effect on those elsewhere. Loose coupling allowed the system to buffer many conditions such as short term surges in demand. Modern management techniques and information systems have allowed facilities to reduce inefficiencies in operation. One side effect is the loss of buffers that previously accommodated demand surges. As a result, situations occur in which activities in one area of the hospital become critically dependent on seemingly insignificant events in seemingly distant areas. This tight coupling condition is called "going solid". Rasmussen's dynamic model of risk and safety can be used to formulate a model of patient safety dynamics that includes "going solid" and its consequences. Because the model addresses the dynamic aspects of safety, it is particularly suited to understanding current conditions in modern healthcare delivery and the way these conditions may lead to accidents. PMID:15805459

Implementation of a patient safety program at a tertiary health system: A longitudinal analysis of interventions and serious safety events.

PubMed

Cropper, Douglas P; Harb, Nidal H; Said, Patricia A; Lemke, Jon H; Shammas, Nicolas W

2018-04-01

We hypothesize that implementation of a safety program based on high reliability organization principles will reduce serious safety events (SSE). The safety program focused on 7 essential elements: (a) safety rounding, (b) safety oversight teams, (c) safety huddles, (d) safety coaches, (e) good catches/safety heroes, (f) safety education, and (g) red rule. An educational curriculum was implemented focusing on changing high-risk behaviors and implementing critical safety policies. All unusual occurrences were captured in the Midas system and investigated by risk specialists, the safety officer, and the chief medical officer. A multidepartmental committee evaluated these events, and a root cause analysis (RCA) was performed. Events were tabulated and serious safety event (SSE) recorded and plotted over time. Safety success stories (SSSs) were also evaluated over time. A steady drop in SSEs was seen over 9 years. Also a rise in SSSs was evident, reflecting on staff engagement in the program. The parallel change in SSEs, SSSs, and the implementation of various safety interventions highly suggest that the program was successful in achieving its goals. A safety program based on high-reliability organization principles and made a core value of the institution can have a significant positive impact on reducing SSEs. © 2018 American Society for Healthcare Risk Management of the American Hospital Association.

Development of a methodology for assessing the safety of embedded software systems

NASA Technical Reports Server (NTRS)

Garrett, C. J.; Guarro, S. B.; Apostolakis, G. E.

1993-01-01

A Dynamic Flowgraph Methodology (DFM) based on an integrated approach to modeling and analyzing the behavior of software-driven embedded systems for assessing and verifying reliability and safety is discussed. DFM is based on an extension of the Logic Flowgraph Methodology to incorporate state transition models. System models which express the logic of the system in terms of causal relationships between physical variables and temporal characteristics of software modules are analyzed to determine how a certain state can be reached. This is done by developing timed fault trees which take the form of logical combinations of static trees relating the system parameters at different point in time. The resulting information concerning the hardware and software states can be used to eliminate unsafe execution paths and identify testing criteria for safety critical software functions.

NASA Safety Manual. Volume 3: System Safety

NASA Technical Reports Server (NTRS)

1970-01-01

This Volume 3 of the NASA Safety Manual sets forth the basic elements and techniques for managing a system safety program and the technical methods recommended for use in developing a risk evaluation program that is oriented to the identification of hazards in aerospace hardware systems and the development of residual risk management information for the program manager that is based on the hazards identified. The methods and techniques described in this volume are in consonance with the requirements set forth in NHB 1700.1 (VI), Chapter 3. This volume and future volumes of the NASA Safety Manual shall not be rewritten, reprinted, or reproduced in any manner. Installation implementing procedures, if necessary, shall be inserted as page supplements in accordance with the provisions of Appendix A. No portion of this volume or future volumes of the NASA Safety Manual shall be invoked in contracts.

Criticality safety strategy for the Fuel Cycle Facility electrorefiner at Argonne National Laboratory, West

DOE Office of Scientific and Technical Information (OSTI.GOV)

Mariani, R.D.; Benedict, R.W.; Lell, R.M.

1993-09-01

The Integral Fast Reactor being developed by Argonne National Laboratory (ANL) combines the advantages of metal-fueled, liquid-metal-cooled reactors and a closed fuel cycle. Presently, the Fuel Cycle Facility (FCF) at ANL-West in Idaho Falls, Idaho is being modified to recycle spent metallic fuel from Experimental Breeder Reactor II as part of a demonstration project sponsored by the Department of Energy. A key component of the FCF is the electrorefiner (ER) in which the actinides are separated from the fission products. In the electrorefining process, the metal fuel is anodically dissolved into a high-temperature molten salt and refined uranium or uranium/plutoniummore » products are deposited at cathodes. In this report, the criticality safety strategy for the FCF ER is summarized. FCF ER operations and processes formed the basis for evaluating criticality safety and control during actinide metal fuel refining. In order to show criticality safety for the FCF ER, the reference operating conditions for the ER had to be defined. Normal operating envelopes (NOES) were then defined to bracket the important operating conditions. To keep the operating conditions within their NOES, process controls were identified that can be used to regulate the actinide forms and content within the ER. A series of operational checks were developed for each operation that wig verify the extent or success of an operation. The criticality analysis considered the ER operating conditions at their NOE values as the point of departure for credible and incredible failure modes. As a result of the analysis, FCF ER operations were found to be safe with respect to criticality.« less

Preliminary Design of Critical Function Monitoring System of PGSFR

DOE Office of Scientific and Technical Information (OSTI.GOV)

NONE

2015-07-01

A PGSFR (Prototype Gen-IV Sodium-cooled Fast Reactor) is under development at Korea Atomic Energy Research Institute. A critical function monitoring system of the PGSFR is preliminarily studied. The functions of CFMS are to display critical plant variables related to the safety of the plant during normal and accident conditions and guide the operators corrective actions to keep the plant in a safe condition and mitigate the consequences of accidents. The minimal critical functions of the PGSFR are composed of reactivity control, reactor core cooling, reactor coolant system integrity, primary heat transfer system(PHTS) heat removal, sodium water reaction mitigation, radiation controlmore » and containment conditions. The variables and alarm legs of each critical function of the PGSFR are as follows; - Reactivity control: The variables of reactivity control function are power range neutron flux instrumentation, intermediate range neutron flux instrumentation, source range neutron flux instrumentation, and control rod bottom contacts. The alarm leg to display the reactivity controls consists of status of control drop malfunction, high post trip power and thermal reactivity addition. - Reactor core cooling: The variables are PHTS sodium level, hot pool temperature of PHTS, subassembly exit temperature, cold pool temperature of the PHTS, PHTS pump current, and PHTS pump breaker status. The alarm leg consists of high core delta temperature, low sodium level of the PHTS, high subassembly exit temperature, and low PHTS pump load. - Reactor coolant system integrity: The variables are PHTS sodium level, cover gas pressure, and safeguard vessel sodium level. The alarm leg is composed of low sodium level of PHTS, high cover gas pressure and high sodium level of the safety guard vessel. - PHTS heat removal: The variables are PHTS sodium level, hot pool temperature of PHTS, core exit temperature, cold pool temperature of the PHTS, flow rate of passive residual heat removal

Comprehensive Lifecycle for Assuring System Safety

NASA Technical Reports Server (NTRS)

Knight, John C.; Rowanhill, Jonathan C.

2017-01-01

CLASS is a novel approach to the enhancement of system safety in which the system safety case becomes the focus of safety engineering throughout the system lifecycle. CLASS also expands the role of the safety case across all phases of the system's lifetime, from concept formation to decommissioning. As CLASS has been developed, the concept has been generalized to a more comprehensive notion of assurance becoming the driving goal, where safety is an important special case. This report summarizes major aspects of CLASS and contains a bibliography of papers that provide additional details.

Verification of MCNP6.2 for Nuclear Criticality Safety Applications

DOE Office of Scientific and Technical Information (OSTI.GOV)

Brown, Forrest B.; Rising, Michael Evan; Alwin, Jennifer Louise

2017-05-10

Several suites of verification/validation benchmark problems were run in early 2017 to verify that the new production release of MCNP6.2 performs correctly for nuclear criticality safety applications (NCS). MCNP6.2 results for several NCS validation suites were compared to the results from MCNP6.1 [1] and MCNP6.1.1 [2]. MCNP6.1 is the production version of MCNP® released in 2013, and MCNP6.1.1 is the update released in 2014. MCNP6.2 includes all of the standard features for NCS calculations that have been available for the past 15 years, along with new features for sensitivity-uncertainty based methods for NCS validation [3]. Results from the benchmark suitesmore » were compared with results from previous verification testing [4-8]. Criticality safety analysts should consider testing MCNP6.2 on their particular problems and validation suites. No further development of MCNP5 is planned. MCNP6.1 is now 4 years old, and MCNP6.1.1 is now 3 years old. In general, released versions of MCNP are supported only for about 5 years, due to resource limitations. All future MCNP improvements, bug fixes, user support, and new capabilities are targeted only to MCNP6.2 and beyond.« less

A Silent Safety Program

NASA Technical Reports Server (NTRS)

Goodin, James Ronald

2006-01-01

NASA's Columbia Accident Investigation Board (CAIB) referred 8 times to the NASA "Silent Safety Program." This term, "Silent Safety Program" was not an original observation but first appeared in the Rogers Commission's Investigation of the Challenger Mishap. The CAIB on page 183 of its report in the paragraph titled 'Encouraging Minority Opinion,' stated "The Naval Reactor Program encourages minority opinions and "bad news." Leaders continually emphasize that when no minority opinions are present, the responsibility for a thorough and critical examination falls to management. . . Board interviews revealed that it is difficult for minority and dissenting opinions to percolate up through the agency's hierarchy. . ." The first question and perhaps the only question is - what is a silent safety program? Well, a silent safety program may be the same as the dog that didn't bark in Sherlock Holmes' "Adventure of the Silver Blaze" because system safety should behave as a devil's advocate for the program barking on every occasion to insure a critical review inclusion. This paper evaluates the NASA safety program and provides suggestions to prevent the recurrence of the silent safety program alluded to in the Challenger Mishap Investigation. Specifically targeted in the CAM report, "The checks and balances the safety system was meant to provide were not working." A silent system safety program is not unique to NASA but could emerge in any and every organization. Principles developed by Irving Janis in his book, Groupthink, listed criteria used to evaluate an organization's cultural attributes that allows a silent safety program to evolve. If evidence validates Jams's criteria, then Jams's recommendations for preventing groupthink can also be used to improve a critical evaluation and thus prevent the development of a silent safety program.

Qualification of the flight-critical AFTI/F-16 digital flight control system. [Advanced Fighter Technology Integration

NASA Technical Reports Server (NTRS)

Mackall, D. A.; Ishmael, S. D.; Regenie, V. A.

1983-01-01

Qualification considerations for assuring the safety of a life-critical digital flight control system include four major areas: systems interactions, verification, validation, and configuration control. The AFTI/F-16 design, development, and qualification illustrate these considerations. In this paper, qualification concepts, procedures, and methodologies are discussed and illustrated through specific examples.

Critical features of an auditable management system for an ISO 9000-compatible occupational health and safety standard.

PubMed

Levine, S; Dyjack, D T

1997-04-01

An International Organization for Standardization (ISO) 9001: 1994-harmonized occupational health and safety (OHS) management system has been written at the University of Michigan, and reviewed, revised, and accepted under the direction of the American Industrial Hygiene Association (AIHA) Occupational Health and Safety Management Systems (OHSMS) Task Force and the Board of Directors. This system is easily adaptable to the ISO 14001 format and to both OHS and environmental management system applications. As was the case with ISO 9001: 1994, this system is expected to be compatible with current production quality and OHS quality systems and standards, have forward compatibility for new applications, and forward flexibility, with new features added as needed. Since ISO 9001: 1987 and 9001: 1994 have been applied worldwide, the incorporation of harmonized OHS and environmental management system components should be acceptable to business units already performing first-party (self-) auditing, and second-party (contract qualification) auditing. This article explains the basis of this OHS management system, its relationship to ISO 9001 and 14001 standards, the philosophy and methodology of an ISO-harmonized system audit, the relationship of these systems to traditional OHS audit systems, and the authors' vision of the future for application of such systems.

Nuclear criticality safety evaluation of SRS 9971 shipping package. [SRS (Savannah River Site)

DOE Office of Scientific and Technical Information (OSTI.GOV)

Vescovi, P.J.

1993-02-01

This evaluation is requested to revise the criticality evaluation used to generate Chapter 6 (Criticality Evaluation) of the Safety Analysis Report for Packaging (SARP) for shipment Of UO[sub 3] product from the Uranium Solidification Facility (USF) in the SRS 9971 shipping package. The pertinent document requesting this evaluation is included as Attachment I. The results of the evaluation are given in Attachment II which is written as Chapter 6 of a NRC format SARP.

Safety Verification of the Small Aircraft Transportation System Concept of Operations

NASA Technical Reports Server (NTRS)

Carreno, Victor; Munoz, Cesar

2005-01-01

A critical factor in the adoption of any new aeronautical technology or concept of operation is safety. Traditionally, safety is accomplished through a rigorous process that involves human factors, low and high fidelity simulations, and flight experiments. As this process is usually performed on final products or functional prototypes, concept modifications resulting from this process are very expensive to implement. This paper describe an approach to system safety that can take place at early stages of a concept design. It is based on a set of mathematical techniques and tools known as formal methods. In contrast to testing and simulation, formal methods provide the capability of exhaustive state exploration analysis. We present the safety analysis and verification performed for the Small Aircraft Transportation System (SATS) Concept of Operations (ConOps). The concept of operations is modeled using discrete and hybrid mathematical models. These models are then analyzed using formal methods. The objective of the analysis is to show, in a mathematical framework, that the concept of operation complies with a set of safety requirements. It is also shown that the ConOps has some desirable characteristic such as liveness and absence of dead-lock. The analysis and verification is performed in the Prototype Verification System (PVS), which is a computer based specification language and a theorem proving assistant.

Nuclear criticality safety assessment of the low level radioactive waste disposal facility trenches

DOE Office of Scientific and Technical Information (OSTI.GOV)

Kahook, S.D.

1994-04-01

Results of the analyses performed to evaluate the possibility of nuclear criticality in the Low Level Radioactive Waste Disposal Facility (LLRWDF) trenches are documented in this report. The studies presented in this document are limited to assessment of the possibility of criticality due to existing conditions in the LLRWDF. This document does not propose nor set limits for enriched uranium (EU) burial in the LLRWDF and is not a nuclear criticality safety evaluation nor analysis. The calculations presented in the report are Level 2 calculations as defined by the E7 Procedure 2.31, Engineering Calculations.

Generalized implementation of software safety policies

NASA Technical Reports Server (NTRS)

Knight, John C.; Wika, Kevin G.

1994-01-01

As part of a research program in the engineering of software for safety-critical systems, we are performing two case studies. The first case study, which is well underway, is a safety-critical medical application. The second, which is just starting, is a digital control system for a nuclear research reactor. Our goal is to use these case studies to permit us to obtain a better understanding of the issues facing developers of safety-critical systems, and to provide a vehicle for the assessment of research ideas. The case studies are not based on the analysis of existing software development by others. Instead, we are attempting to create software for new and novel systems in a process that ultimately will involve all phases of the software lifecycle. In this abstract, we summarize our results to date in a small part of this project, namely the determination and classification of policies related to software safety that must be enforced to ensure safe operation. We hypothesize that this classification will permit a general approach to the implementation of a policy enforcement mechanism.

Motorcycles that See: Multifocal Stereo Vision Sensor for Advanced Safety Systems in Tilting Vehicles

PubMed Central

2018-01-01

Advanced driver assistance systems, ADAS, have shown the possibility to anticipate crash accidents and effectively assist road users in critical traffic situations. This is not the case for motorcyclists, in fact ADAS for motorcycles are still barely developed. Our aim was to study a camera-based sensor for the application of preventive safety in tilting vehicles. We identified two road conflict situations for which automotive remote sensors installed in a tilting vehicle are likely to fail in the identification of critical obstacles. Accordingly, we set two experiments conducted in real traffic conditions to test our stereo vision sensor. Our promising results support the application of this type of sensors for advanced motorcycle safety applications. PMID:29351267

77 FR 70409 - System Safety Program

Federal Register 2010, 2011, 2012, 2013, 2014

2012-11-26

...-0060, Notice No. 2] 2130-AC31 System Safety Program AGENCY: Federal Railroad Administration (FRA... passenger railroads to develop and implement a system safety program (SSP) to improve the safety of their... Division, U.S. Department of Transportation, Federal Railroad Administration, Office of Railroad Safety...

NASA's Software Safety Standard

NASA Technical Reports Server (NTRS)

Ramsay, Christopher M.

2005-01-01

NASA (National Aeronautics and Space Administration) relies more and more on software to control, monitor, and verify its safety critical systems, facilities and operations. Since the 1960's there has hardly been a spacecraft (manned or unmanned) launched that did not have a computer on board that provided vital command and control services. Despite this growing dependence on software control and monitoring, there has been no consistent application of software safety practices and methodology to NASA's projects with safety critical software. Led by the NASA Headquarters Office of Safety and Mission Assurance, the NASA Software Safety Standard (STD-18l9.13B) has recently undergone a significant update in an attempt to provide that consistency. This paper will discuss the key features of the new NASA Software Safety Standard. It will start with a brief history of the use and development of software in safety critical applications at NASA. It will then give a brief overview of the NASA Software Working Group and the approach it took to revise the software engineering process across the Agency.

HYGIENE PRACTICES IN URBAN RESTAURANTS AND CHALLENGES TO IMPLEMENTING FOOD SAFETY AND HAZARD ANALYSIS CRITICAL CONTROL POINTS (HACCP) PROGRAMMES IN THIKA TOWN, KENYA.

PubMed

Muinde, R K; Kiinyukia, C; Rombo, G O; Muoki, M A

2012-12-01

To determine the microbial load in food, examination of safety measures and possibility of implementing an Hazard Analysis Critical Control Points (HACCP) system. The target population for this study consisted of restaurants owners in Thika. Municipality (n = 30). Simple randomsamples of restaurantswere selected on a systematic sampling method of microbial analysis in cooked, non-cooked, raw food and water sanitation in the selected restaurants. Two hundred and ninety eight restaurants within Thika Municipality were selected. Of these, 30 were sampled for microbiological testing. From the study, 221 (74%) of the restaurants were ready to eat establishments where food was prepared early enough to hold and only 77(26%) of the total restaurants, customers made an order of food they wanted. 118(63%) of the restaurant operators/staff had knowledge on quality control on food safety measures, 24 (8%) of the restaurants applied these knowledge while 256 (86%) of the restaurants staff showed that food contains ingredients that were hazard if poorly handled. 238 (80%) of the resultants used weighing and sorting of food materials, 45 (15%) used preservation methods and the rest used dry foods as critical control points on food safety measures. The study showed that there was need for implementation of Hazard Analysis Critical Control Points (HACCP) system to enhance food safety. Knowledge of HACCP was very low with 89 (30%) of the restaurants applying some of quality measures to the food production process systems. There was contamination with Coliforms, Escherichia coli and Staphylococcus aureus microbial though at very low level. The means of Coliforms, Escherichia coli and Staphylococcus aureas microbial in sampled food were 9.7 x 103CFU/gm, 8.2 x 103 CFU/gm and 5.4 x 103 CFU/gm respectively with Coliforms taking the highest mean.

Manned space flight nuclear system safety. Volume 5: Nuclear System safety guidelines. Part 1: Space base nuclear safety

NASA Technical Reports Server (NTRS)

1972-01-01

The design and operations guidelines and requirements developed in the study of space base nuclear system safety are presented. Guidelines and requirements are presented for the space base subsystems, nuclear hardware (reactor, isotope sources, dynamic generator equipment), experiments, interfacing vehicles, ground support systems, range safety and facilities. Cross indices and references are provided which relate guidelines to each other, and to substantiating data in other volumes. The guidelines are intended for the implementation of nuclear safety related design and operational considerations in future space programs.

Critical review of controlled release packaging to improve food safety and quality.

PubMed

Chen, Xi; Chen, Mo; Xu, Chenyi; Yam, Kit L

2018-03-19

Controlled release packaging (CRP) is an innovative technology that uses the package to release active compounds in a controlled manner to improve safety and quality for a wide range of food products during storage. This paper provides a critical review of the uniqueness, design considerations, and research gaps of CRP, with a focus on the kinetics and mechanism of active compounds releasing from the package. Literature data and practical examples are presented to illustrate how CRP controls what active compounds to release, when and how to release, how much and how fast to release, in order to improve food safety and quality.

A Microbial Assessment Scheme to measure microbial performance of Food Safety Management Systems.

PubMed

Jacxsens, L; Kussaga, J; Luning, P A; Van der Spiegel, M; Devlieghere, F; Uyttendaele, M

2009-08-31

A Food Safety Management System (FSMS) implemented in a food processing industry is based on Good Hygienic Practices (GHP), Hazard Analysis Critical Control Point (HACCP) principles and should address both food safety control and assurance activities in order to guarantee food safety. One of the most emerging challenges is to assess the performance of a present FSMS. The objective of this work is to explain the development of a Microbial Assessment Scheme (MAS) as a tool for a systematic analysis of microbial counts in order to assess the current microbial performance of an implemented FSMS. It is assumed that low numbers of microorganisms and small variations in microbial counts indicate an effective FSMS. The MAS is a procedure that defines the identification of critical sampling locations, the selection of microbiological parameters, the assessment of sampling frequency, the selection of sampling method and method of analysis, and finally data processing and interpretation. Based on the MAS assessment, microbial safety level profiles can be derived, indicating which microorganisms and to what extent they contribute to food safety for a specific food processing company. The MAS concept is illustrated with a case study in the pork processing industry, where ready-to-eat meat products are produced (cured, cooked ham and cured, dried bacon).

The implementation of a Hazard Analysis and Critical Control Point management system in a peanut butter ice cream plant.

PubMed

Hung, Yu-Ting; Liu, Chi-Te; Peng, I-Chen; Hsu, Chin; Yu, Roch-Chui; Cheng, Kuan-Chen

2015-09-01

To ensure the safety of the peanut butter ice cream manufacture, a Hazard Analysis and Critical Control Point (HACCP) plan has been designed and applied to the production process. Potential biological, chemical, and physical hazards in each manufacturing procedure were identified. Critical control points for the peanut butter ice cream were then determined as the pasteurization and freezing process. The establishment of a monitoring system, corrective actions, verification procedures, and documentation and record keeping were followed to complete the HACCP program. The results of this study indicate that implementing the HACCP system in food industries can effectively enhance food safety and quality while improving the production management. Copyright © 2015. Published by Elsevier B.V.

A method for identifying EMI critical circuits during development of a large C3

NASA Astrophysics Data System (ADS)

Barr, Douglas H.

The circuit analysis methods and process Boeing Aerospace used on a large, ground-based military command, control, and communications (C3) system are described. This analysis was designed to help identify electromagnetic interference (EMI) critical circuits. The methodology used the MIL-E-6051 equipment criticality categories as the basis for defining critical circuits, relational database technology to help sort through and account for all of the approximately 5000 system signal cables, and Macintosh Plus personal computers to predict critical circuits based on safety margin analysis. The EMI circuit analysis process systematically examined all system circuits to identify which ones were likely to be EMI critical. The process used two separate, sequential safety margin analyses to identify critical circuits (conservative safety margin analysis, and detailed safety margin analysis). These analyses used field-to-wire and wire-to-wire coupling models using both worst-case and detailed circuit parameters (physical and electrical) to predict circuit safety margins. This process identified the predicted critical circuits that could then be verified by test.

Why system safety programs can fail

NASA Technical Reports Server (NTRS)

Hammer, W.

1971-01-01

Factors that cause system safety programs to fail are discussed from the viewpoint that in general these programs have not achieved their intended aims. The one item which is considered to contribute most to failure of a system safety program is a poor statement of work which consists of ambiguity, lack of clear definition, use of obsolete requirements, and pure typographical errors. It is pointed out that unless safety requirements are stated clearly, and where they are readily apparent as firm requirements, some of them will be overlooked by designers and contractors. The lack of clarity is stated as being a major contributing factor in system safety program failure and usually evidenced in: (1) lack of clear requirements by the procuring activity, (2) lack of clear understanding of system safety by other managers, and (3) lack of clear methodology to be employed by system safety engineers.

The role of microbiological testing in systems for assuring the safety of beef.

PubMed

Brown, M H; Gill, C O; Hollingsworth, J; Nickelson, R; Seward, S; Sheridan, J J; Stevenson, T; Sumner, J L; Theno, D M; Usborne, W R; Zink, D

2000-12-05

The use of microbiological testing in systems for assuring the safety of beef was considered at a meeting arranged by the International Livestock Educational Foundation as part of the International Livestock Congress, TX, USA, during February, 2000. The 11 invited participants from industry and government research organizations concurred in concluding that microbiological testing is necessary for the implementation and maintenance of effective Hazard Analysis Critical Control Point (HACCP) systems, which are the only means of assuring the microbiological safety of beef; that microbiological testing for HACCP purposes must involve the enumeration of indicator organisms rather than the detection of pathogens; that the efficacy of process control should be assessed against performance criteria and food safety objectives that refer to the numbers of indicator organisms in product; that sampling procedures should allow indicator organisms to be enumerated at very low numbers; and that food safety objectives and microbiological criteria are better related to variables, rather than attributes sampling plans.

Packaging Strategies for Criticality Safety for "Other" DOE Fuels in a Repository

DOE Office of Scientific and Technical Information (OSTI.GOV)

Larry L Taylor

2004-06-01

Since 1998, there has been an ongoing effort to gain acceptance of U.S. Department of Energy (DOE)-owned spent nuclear fuel (SNF) in the national repository. To accomplish this goal, the fuel matrix was used as a discriminating feature to segregate fuels into nine distinct groups. From each of those groups, a characteristic fuel was selected and analyzed for criticality safety based on a proposed packaging strategy. This report identifies and quantifies the important criticality parameters for the canisterized fuels within each criticality group to: (1) demonstrate how the “other” fuels in the group are bounded by the baseline calculations ormore » (2) allow identification of individual type fuels that might require special analysis and packaging.« less

Using the Job Demands-Resources model to investigate risk perception, safety climate and job satisfaction in safety critical organizations.

PubMed

Nielsen, Morten Birkeland; Mearns, Kathryn; Matthiesen, Stig Berge; Eid, Jarle

2011-10-01

Using the Job Demands-Resources model (JD-R) as a theoretical framework, this study investigated the relationship between risk perception as a job demand and psychological safety climate as a job resource with regard to job satisfaction in safety critical organizations. In line with the JD-R model, it was hypothesized that high levels of risk perception is related to low job satisfaction and that a positive perception of safety climate is related to high job satisfaction. In addition, it was hypothesized that safety climate moderates the relationship between risk perception and job satisfaction. Using a sample of Norwegian offshore workers (N = 986), all three hypotheses were supported. In summary, workers who perceived high levels of risk reported lower levels of job satisfaction, whereas this effect diminished when workers perceived their safety climate as positive. Follow-up analyses revealed that this interaction was dependent on the type of risks in question. The results of this study supports the JD-R model, and provides further evidence for relationships between safety-related concepts and work-related outcomes indicating that organizations should not only develop and implement sound safety procedures to reduce the effects of risks and hazards on workers, but can also enhance other areas of organizational life through a focus on safety. © 2011 The Authors. Scandinavian Journal of Psychology © 2011 The Scandinavian Psychological Associations.

Hydrothermal mineralising systems as critical systems

NASA Astrophysics Data System (ADS)

Hobbs, Bruce

2015-04-01

Hydrothermal mineralising systems as critical systems. Bruce E Hobbs1,2, Alison Ord1 and Mark A. Munro1. 1. Centre for Exploration Targeting, The University of Western Australia, M006, 35 Stirling Highway, Crawley, WA 6009, Australia. 2. CSIRO Earth and Resource Engineering, Bentley, WA, Australia Hydrothermal mineralising systems are presented as large, open chemical reactors held far from equilibrium during their life-time by the influx of heat, fluid and dissolved chemical species. As such they are nonlinear dynamical systems and need to be analysed using the tools that have been developed for such systems. Hydrothermal systems undergo a number of transitions during their evolution and this paper focuses on methods for characterising these transitions in a quantitative manner and establishing whether they resemble first or second (critical) phase transitions or whether they have some other kind of nature. Critical phase transitions are characterised by long range correlations for some parameter characteristic of the system, power-law probability distributions so that there is no characteristic length scale and a high sensitivity to perturbations; as one approaches criticality, characteristic parameters for the system scale in a power law manner with distance from the critical point. The transitions undergone in mineralised hydrothermal systems are: (i) widespread, non-localised mineral alteration involving exothermic mineral reactions that produce hydrous silicate phases, carbonates and iron-oxides, (ii) strongly localised veining, brecciation and/or stock-work formation, (iii) a series of endothermic mineral reactions involving the formation of non-hydrous silicates, sulphides and metals such as gold, (iv) multiple repetitions of transitions (ii) and (iii). We have quantified aspects of these transitions in gold deposits from the Yilgarn craton of Western Australia using wavelet transforms. This technique is convenient and fast. It enables one to establish if

The aviation safety reporting system

NASA Technical Reports Server (NTRS)

Reynard, W. D.

1984-01-01

The aviation safety reporting system, an accident reporting system, is presented. The system identifies deficiencies and discrepancies and the data it provides are used for long term identification of problems. Data for planning and policy making are provided. The system offers training in safety education to pilots. Data and information are drawn from the available data bases.

NASA Aviation Safety Reporting System (ASRS)

NASA Technical Reports Server (NTRS)

Connell, Linda

2011-01-01

The NASA Aviation Safety Reporting System (ASRS) collects, analyzes, and distributes de-identified safety information provided through confidentially submitted reports from frontline aviation personnel. Since its inception in 1976, the ASRS has collected over 900,000 reports and has never breached the identity of the people sharing their information about events or safety issues. From this volume of data, the ASRS has released over 5,500 aviation safety alerts concerning potential hazards and safety concerns. The ASRS processes these reports, evaluates the information, and provides de-identified report information through the online ASRS Database at http://asrs.arc.nasa.gov. The NASA ASRS is also a founding member of the International Confidential Aviation Safety Systems (ICASS) group which is a collection of other national aviation reporting systems throughout the world. The ASRS model has also been replicated for application to improving safety in railroad, medical, fire fighting, and other domains. This presentation \\vill discuss confidential, voluntary, and non-punitive reporting systems and their advantages in providing information for safety improvements.

NASA Aviation Safety Reporting System (ASRS)

NASA Technical Reports Server (NTRS)

Connell, Linda J.

2017-01-01

The NASA Aviation Safety Reporting System (ASRS) collects, analyzes, and distributes de-identified safety information provided through confidentially submitted reports from frontline aviation personnel. Since its inception in 1976, the ASRS has collected over 1.4 million reports and has never breached the identity of the people sharing their information about events or safety issues. From this volume of data, the ASRS has released over 6,000 aviation safety alerts concerning potential hazards and safety concerns. The ASRS processes these reports, evaluates the information, and provides selected de-identified report information through the online ASRS Database at http:asrs.arc.nasa.gov. The NASA ASRS is also a founding member of the International Confidential Aviation Safety Systems (ICASS) group which is a collection of other national aviation reporting systems throughout the world. The ASRS model has also been replicated for application to improving safety in railroad, medical, fire fighting, and other domains. This presentation will discuss confidential, voluntary, and non-punitive reporting systems and their advantages in providing information for safety improvements.

Comparison of medication safety systems in critical access hospitals: Combined analysis of two studies.

PubMed

Cochran, Gary L; Barrett, Ryan S; Horn, Susan D

2016-08-01

The role of pharmacist transcription, onsite pharmacist dispensing, use of automated dispensing cabinets (ADCs), nurse-nurse double checks, or barcode-assisted medication administration (BCMA) in reducing medication error rates in critical access hospitals (CAHs) was evaluated. Investigators used the practice-based evidence methodology to identify predictors of medication errors in 12 Nebraska CAHs. Detailed information about each medication administered was recorded through direct observation. Errors were identified by comparing the observed medication administered with the physician's order. Chi-square analysis and Fisher's exact test were used to measure differences between groups of medication-dispensing procedures. Nurses observed 6497 medications being administered to 1374 patients. The overall error rate was 1.2%. The transcription error rates for orders transcribed by an onsite pharmacist were slightly lower than for orders transcribed by a telepharmacy service (0.10% and 0.33%, respectively). Fewer dispensing errors occurred when medications were dispensed by an onsite pharmacist versus any other method of medication acquisition (0.10% versus 0.44%, p = 0.0085). The rates of dispensing errors for medications that were retrieved from a single-cell ADC (0.19%), a multicell ADC (0.45%), or a drug closet or general supply (0.77%) did not differ significantly. BCMA was associated with a higher proportion of dispensing and administration errors intercepted before reaching the patient (66.7%) compared with either manual double checks (10%) or no BCMA or double check (30.4%) of the medication before administration (p = 0.0167). Onsite pharmacist dispensing and BCMA were associated with fewer medication errors and are important components of a medication safety strategy in CAHs. Copyright © 2016 by the American Society of Health-System Pharmacists, Inc. All rights reserved.

Integrating system safety into the basic systems engineering process

NASA Technical Reports Server (NTRS)

Griswold, J. W.

1971-01-01

The basic elements of a systems engineering process are given along with a detailed description of what the safety system requires from the systems engineering process. Also discussed is the safety that the system provides to other subfunctions of systems engineering.

49 CFR 385.103 - Safety monitoring system.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 49 Transportation 5 2010-10-01 2010-10-01 false Safety monitoring system. 385.103 Section 385.103... Safety Monitoring System for Mexico-Domiciled Carriers § 385.103 Safety monitoring system. (a) General... Vehicle Safety Standards (FMVSSs), and Hazardous Materials Regulations (HMRs). (b) Roadside monitoring...

49 CFR 385.103 - Safety monitoring system.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 49 Transportation 5 2011-10-01 2011-10-01 false Safety monitoring system. 385.103 Section 385.103... Safety Monitoring System for Mexico-Domiciled Carriers § 385.103 Safety monitoring system. (a) General... Vehicle Safety Standards (FMVSSs), and Hazardous Materials Regulations (HMRs). (b) Roadside monitoring...

A Human Reliability Based Usability Evaluation Method for Safety-Critical Software

DOE Office of Scientific and Technical Information (OSTI.GOV)

Phillippe Palanque; Regina Bernhaupt; Ronald Boring

2006-04-01

Recent years have seen an increasing use of sophisticated interaction techniques including in the field of safety critical interactive software [8]. The use of such techniques has been required in order to increase the bandwidth between the users and systems and thus to help them deal efficiently with increasingly complex systems. These techniques come from research and innovation done in the field of humancomputer interaction (HCI). A significant effort is currently being undertaken by the HCI community in order to apply and extend current usability evaluation techniques to these new kinds of interaction techniques. However, very little has been donemore » to improve the reliability of software offering these kinds of interaction techniques. Even testing basic graphical user interfaces remains a challenge that has rarely been addressed in the field of software engineering [9]. However, the non reliability of interactive software can jeopardize usability evaluation by showing unexpected or undesired behaviors. The aim of this SIG is to provide a forum for both researchers and practitioners interested in testing interactive software. Our goal is to define a roadmap of activities to cross fertilize usability and reliability testing of these kinds of systems to minimize duplicate efforts in both communities.« less

Fault Injection Validation of a Safety-Critical TMR Sysem

NASA Astrophysics Data System (ADS)

Irrera, Ivano; Madeira, Henrique; Zentai, Andras; Hergovics, Beata

2016-08-01

Digital systems and their software are the core technology for controlling and monitoring industrial systems in practically all activity domains. Functional safety standards such as the European standard EN 50128 for railway applications define the procedures and technical requirements for the development of software for railway control and protection systems. The validation of such systems is a highly demanding task. In this paper we discuss the use of fault injection techniques, which have been used extensively in several domains, particularly in the space domain, to complement the traditional procedures to validate a SIL (Safety Integrity Level) 4 system for railway signalling, implementing a TMR (Triple Modular Redundancy) architecture. The fault injection tool is based on JTAG technology. The results of our injection campaign showed a high degree of tolerance to most of the injected faults, but several cases of unexpected behaviour have also been observed, helping understanding worst-case scenarios.

49 CFR 385.703 - Safety monitoring system.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 49 Transportation 5 2010-10-01 2010-10-01 false Safety monitoring system. 385.703 Section 385.703... Safety Monitoring System for Non-North American Carriers § 385.703 Safety monitoring system. (a) General... Vehicle Safety Standards (FMVSSs), and Hazardous Materials Regulations (HMRs). (b) Roadside monitoring...

49 CFR 385.703 - Safety monitoring system.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 49 Transportation 5 2011-10-01 2011-10-01 false Safety monitoring system. 385.703 Section 385.703... Safety Monitoring System for Non-North American Carriers § 385.703 Safety monitoring system. (a) General... Vehicle Safety Standards (FMVSSs), and Hazardous Materials Regulations (HMRs). (b) Roadside monitoring...

Nuclear criticality safety bounding analysis for the in-tank-precipitation (ITP) process, impacted by fissile isotopic weight fractions

DOE Office of Scientific and Technical Information (OSTI.GOV)

Bess, C.E.

The In-Tank Precipitation process (ITP) receives High Level Waste (HLW) supernatant liquid containing radionuclides in waste processing tank 48H. Sodium tetraphenylborate, NaTPB, and monosodium titanate (MST), NaTi{sub 2}O{sub 5}H, are added for removal of radioactive Cs and Sr, respectively. In addition to removal of radio-strontium, MST will also remove plutonium and uranium. The majority of the feed solutions to ITP will come from the dissolution of supernate that had been concentrated by evaporation to a crystallized salt form, commonly referred to as saltcake. The concern for criticality safety arises from the adsorption of U and Pt onto MST. If sufficientmore » mass and optimum conditions are achieved then criticality is credible. The concentration of u and Pt from solution into the smaller volume of precipitate represents a concern for criticality. This report supplements WSRC-TR-93-171, Nuclear Criticality Safety Bounding Analysis For The In-Tank-Precipitation (ITP) Process. Criticality safety in ITP can be analyzed by two bounding conditions: (1) the minimum safe ratio of MST to fissionable material and (2) the maximum fissionable material adsorption capacity of the MST. Calculations have provided the first bounding condition and experimental analysis has established the second. This report combines these conditions with canyon facility data to evaluate the potential for criticality in the ITP process due to the adsorption of the fissionable material from solution. In addition, this report analyzes the potential impact of increased U loading onto MST. Results of this analysis demonstrate a greater safety margin for ITP operations than the previous analysis. This report further demonstrates that the potential for criticality in the ITP process due to adsorption of fissionable material by MST is not credible.« less

Integrated risk assessment and screening analysis of drinking water safety of a conventional water supply system.

PubMed

Sun, F; Chen, J; Tong, Q; Zeng, S

2007-01-01

Management of drinking water safety is changing towards an integrated risk assessment and risk management approach that includes all processes in a water supply system from catchment to consumers. However, given the large number of water supply systems in China and the cost of implementing such a risk assessment procedure, there is a necessity to first conduct a strategic screening analysis at a national level. An integrated methodology of risk assessment and screening analysis is thus proposed to evaluate drinking water safety of a conventional water supply system. The violation probability, indicating drinking water safety, is estimated at different locations of a water supply system in terms of permanganate index, ammonia nitrogen, turbidity, residual chlorine and trihalomethanes. Critical parameters with respect to drinking water safety are then identified, based on which an index system is developed to prioritize conventional water supply systems in implementing a detailed risk assessment procedure. The evaluation results are represented as graphic check matrices for the concerned hazards in drinking water, from which the vulnerability of a conventional water supply system is characterized.

Overview of critical risk factors in Power-Two-Wheeler safety.

PubMed

Vlahogianni, Eleni I; Yannis, George; Golias, John C

2012-11-01

Power-Two-Wheelers (PTWs) constitute a vulnerable class of road users with increased frequency and severity of accidents. The present paper focuses of the PTW accident risk factors and reviews existing literature with regard to the PTW drivers' interactions with the automobile drivers, as well as interactions with infrastructure elements and weather conditions. Several critical risk factors are revealed with different levels of influence to PTW accident likelihood and severity. A broad classification based on the magnitude and the need for further research for each risk factor is proposed. The paper concludes by discussing the importance of dealing with accident configurations, the data quality and availability, methods implemented to model risk and exposure and risk identification which are critical for a thorough understanding of the determinants of PTW safety. Copyright © 2012 Elsevier Ltd. All rights reserved.

System safety engineering analysis handbook

NASA Technical Reports Server (NTRS)

Ijams, T. E.

1972-01-01

The basic requirements and guidelines for the preparation of System Safety Engineering Analysis are presented. The philosophy of System Safety and the various analytic methods available to the engineering profession are discussed. A text-book description of each of the methods is included.

Automated Translation of Safety Critical Application Software Specifications into PLC Ladder Logic

NASA Technical Reports Server (NTRS)

Leucht, Kurt W.; Semmel, Glenn S.

2008-01-01

The numerous benefits of automatic application code generation are widely accepted within the software engineering community. A few of these benefits include raising the abstraction level of application programming, shorter product development time, lower maintenance costs, and increased code quality and consistency. Surprisingly, code generation concepts have not yet found wide acceptance and use in the field of programmable logic controller (PLC) software development. Software engineers at the NASA Kennedy Space Center (KSC) recognized the need for PLC code generation while developing their new ground checkout and launch processing system. They developed a process and a prototype software tool that automatically translates a high-level representation or specification of safety critical application software into ladder logic that executes on a PLC. This process and tool are expected to increase the reliability of the PLC code over that which is written manually, and may even lower life-cycle costs and shorten the development schedule of the new control system at KSC. This paper examines the problem domain and discusses the process and software tool that were prototyped by the KSC software engineers.

The Evolution of System Safety at NASA

NASA Technical Reports Server (NTRS)

Dezfuli, Homayoon; Everett, Chris; Groen, Frank

2014-01-01

The NASA system safety framework is in the process of change, motivated by the desire to promote an objectives-driven approach to system safety that explicitly focuses system safety efforts on system-level safety performance, and serves to unify, in a purposeful manner, safety-related activities that otherwise might be done in a way that results in gaps, redundancies, or unnecessary work. An objectives-driven approach to system safety affords more flexibility to determine, on a system-specific basis, the means by which adequate safety is achieved and verified. Such flexibility and efficiency is becoming increasingly important in the face of evolving engineering modalities and acquisition models, where, for example, NASA will increasingly rely on commercial providers for transportation services to low-earth orbit. A key element of this objectives-driven approach is the use of the risk-informed safety case (RISC): a structured argument, supported by a body of evidence, that provides a compelling, comprehensible and valid case that a system is or will be adequately safe for a given application in a given environment. The RISC addresses each of the objectives defined for the system, providing a rational basis for making informed risk acceptance decisions at relevant decision points in the system life cycle.

[The critical incident reporting system as an instrument of risk management for better patient safety].

PubMed

Panzica, M; Krettek, C; Cartes, M

2011-09-01

The probability that an inpatient will be harmed by a medical procedure is at least 3% of all patients. As a consequence, hospital risk management has become a central management task in the health care sector. The critical incident reporting system (CIRS) as a voluntary instrument for reporting (near) incidents plays a key role in the implementation of a risk management system. The goal of the CIRS is to register system errors without assigning guilt or meting out punishment and at the same time increasing the number of voluntary reports.

The development of regulatory expectations for computer-based safety systems for the UK nuclear programme

DOE Office of Scientific and Technical Information (OSTI.GOV)

Hughes, P. J.; Westwood, R.N; Mark, R. T.

2006-07-01

The Nuclear Installations Inspectorate (NII) of the UK's Health and Safety Executive (HSE) has completed a review of their Safety Assessment Principles (SAPs) for Nuclear Installations recently. During the period of the SAPs review in 2004-2005 the designers of future UK naval reactor plant were optioneering the control and protection systems that might be implemented. Because there was insufficient regulatory guidance available in the naval sector to support this activity the Defence Nuclear Safety Regulator (DNSR) invited the NII to collaborate with the production of a guidance document that provides clarity of regulatory expectations for the production of safety casesmore » for computer based safety systems. A key part of producing regulatory expectations was identifying the relevant extant standards and sector guidance that reflect good practice. The three principal sources of such good practice were: IAEA Safety Guide NS-G-1.1 (Software for Computer Based Systems Important to Safety in Nuclear Power Plants), European Commission consensus document (Common Position of European Nuclear Regulators for the Licensing of Safety Critical Software for Nuclear Reactors) and IEC nuclear sector standards such as IEC60880. A common understanding has been achieved between the NII and DNSR and regulatory guidance developed which will be used by both NII and DNSR in the assessment of computer-based safety systems and in the further development of more detailed joint technical assessment guidance for both regulatory organisations. (authors)« less

A Novel Series Connected Batteries State of High Voltage Safety Monitor System for Electric Vehicle Application

PubMed Central

Jiaxi, Qiang; Lin, Yang; Jianhui, He; Qisheng, Zhou

2013-01-01

Batteries, as the main or assistant power source of EV (Electric Vehicle), are usually connected in series with high voltage to improve the drivability and energy efficiency. Today, more and more batteries are connected in series with high voltage, if there is any fault in high voltage system (HVS), the consequence is serious and dangerous. Therefore, it is necessary to monitor the electric parameters of HVS to ensure the high voltage safety and protect personal safety. In this study, a high voltage safety monitor system is developed to solve this critical issue. Four key electric parameters including precharge, contact resistance, insulation resistance, and remaining capacity are monitored and analyzed based on the equivalent models presented in this study. The high voltage safety controller which integrates the equivalent models and control strategy is developed. By the help of hardware-in-loop system, the equivalent models integrated in the high voltage safety controller are validated, and the online electric parameters monitor strategy is analyzed and discussed. The test results indicate that the high voltage safety monitor system designed in this paper is suitable for EV application. PMID:24194677

A novel series connected batteries state of high voltage safety monitor system for electric vehicle application.

PubMed

Jiaxi, Qiang; Lin, Yang; Jianhui, He; Qisheng, Zhou

2013-01-01

Batteries, as the main or assistant power source of EV (Electric Vehicle), are usually connected in series with high voltage to improve the drivability and energy efficiency. Today, more and more batteries are connected in series with high voltage, if there is any fault in high voltage system (HVS), the consequence is serious and dangerous. Therefore, it is necessary to monitor the electric parameters of HVS to ensure the high voltage safety and protect personal safety. In this study, a high voltage safety monitor system is developed to solve this critical issue. Four key electric parameters including precharge, contact resistance, insulation resistance, and remaining capacity are monitored and analyzed based on the equivalent models presented in this study. The high voltage safety controller which integrates the equivalent models and control strategy is developed. By the help of hardware-in-loop system, the equivalent models integrated in the high voltage safety controller are validated, and the online electric parameters monitor strategy is analyzed and discussed. The test results indicate that the high voltage safety monitor system designed in this paper is suitable for EV application.

System safety education focused on industrial engineering

NASA Technical Reports Server (NTRS)

Johnston, W. L.; Morris, R. S.

1971-01-01

An educational program, designed to train students with the specific skills needed to become safety specialists, is described. The discussion concentrates on application, selection, and utilization of various system safety analytical approaches. Emphasis is also placed on the management of a system safety program, its relationship with other disciplines, and new developments and applications of system safety techniques.

NASA's Software Safety Standard

NASA Technical Reports Server (NTRS)

Ramsay, Christopher M.

2007-01-01

NASA relies more and more on software to control, monitor, and verify its safety critical systems, facilities and operations. Since the 1960's there has hardly been a spacecraft launched that does not have a computer on board that will provide command and control services. There have been recent incidents where software has played a role in high-profile mission failures and hazardous incidents. For example, the Mars Orbiter, Mars Polar Lander, the DART (Demonstration of Autonomous Rendezvous Technology), and MER (Mars Exploration Rover) Spirit anomalies were all caused or contributed to by software. The Mission Control Centers for the Shuttle, ISS, and unmanned programs are highly dependant on software for data displays, analysis, and mission planning. Despite this growing dependence on software control and monitoring, there has been little to no consistent application of software safety practices and methodology to NASA's projects with safety critical software. Meanwhile, academia and private industry have been stepping forward with procedures and standards for safety critical systems and software, for example Dr. Nancy Leveson's book Safeware: System Safety and Computers. The NASA Software Safety Standard, originally published in 1997, was widely ignored due to its complexity and poor organization. It also focused on concepts rather than definite procedural requirements organized around a software project lifecycle. Led by NASA Headquarters Office of Safety and Mission Assurance, the NASA Software Safety Standard has recently undergone a significant update. This new standard provides the procedures and guidelines for evaluating a project for safety criticality and then lays out the minimum project lifecycle requirements to assure the software is created, operated, and maintained in the safest possible manner. This update of the standard clearly delineates the minimum set of software safety requirements for a project without detailing the implementation for those

75 FR 11918 - Hewlett Pachard Company, Business Critical Systems, Mission Critical Business Software Division...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-03-12

... Pachard Company, Business Critical Systems, Mission Critical Business Software Division, Openvms Operating... Business Software Division, Openvms Operating System Development Group, Including an Employee Operating Out... Company, Business Critical Systems, Mission Critical Business Software Division, OpenVMS Operating System...

49 CFR 176.704 - Requirements relating to transport indices and criticality safety indices.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 49 Transportation 2 2011-10-01 2011-10-01 false Requirements relating to transport indices and... Requirements relating to transport indices and criticality safety indices. (a) The sum of the transport indices..., transport and unloading are to be supervised by persons qualified in the transport of radioactive material...

49 CFR 176.704 - Requirements relating to transport indices and criticality safety indices.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 49 Transportation 2 2010-10-01 2010-10-01 false Requirements relating to transport indices and... Requirements relating to transport indices and criticality safety indices. (a) The sum of the transport indices..., transport and unloading are to be supervised by persons qualified in the transport of radioactive material...

Systems Thinking and Patient Safety

DTIC Science & Technology

2005-01-01

1 Prologue Systems Thinking and Patient Safety Paul M. Schyve Patient safety is a prominent theme in health care delivery today. This should... patient safety and a willingness to invest in patient safety research. This volume—published by the Agency for Healthcare Research and Quality (AHRQ...The recent advent of the health care field’s emphasis on patient safety came at a favorable time. One or two decades earlier, our response would have

Safety leadership and systems thinking: application and evaluation of a Risk Management Framework in the mining industry.

PubMed

Donovan, Sarah-Louise; Salmon, Paul M; Lenné, Michael G; Horberry, Tim

2017-10-01

Safety leadership is an important factor in supporting safety in high-risk industries. This article contends that applying systems-thinking methods to examine safety leadership can support improved learning from incidents. A case study analysis was undertaken of a large-scale mining landslide incident in which no injuries or fatalities were incurred. A multi-method approach was adopted, in which the Critical Decision Method, Rasmussen's Risk Management Framework and Accimap method were applied to examine the safety leadership decisions and actions which enabled the safe outcome. The approach enabled Rasmussen's predictions regarding safety and performance to be examined in the safety leadership context, with findings demonstrating the distribution of safety leadership across leader and system levels, and the presence of vertical integration as key to supporting the successful safety outcome. In doing so, the findings also demonstrate the usefulness of applying systems-thinking methods to examine and learn from incidents in terms of what 'went right'. The implications, including future research directions, are discussed. Practitioner Summary: This paper presents a case study analysis, in which systems-thinking methods are applied to the examination of safety leadership decisions and actions during a large-scale mining landslide incident. The findings establish safety leadership as a systems phenomenon, and furthermore, demonstrate the usefulness of applying systems-thinking methods to learn from incidents in terms of what 'went right'. Implications, including future research directions, are discussed.

Nuclear criticality safety evaluation of the passage of decontaminated salt solution from the ITP filters into tank 50H for interim storage

DOE Office of Scientific and Technical Information (OSTI.GOV)

Hobbs, D.T.; Davis, J.R.

This report assesses the nuclear criticality safety associated with the decontaminated salt solution after passing through the In-Tank Precipitation (ITP) filters, through the stripper columns and into Tank 50H for interim storage until transfer to the Saltstone facility. The criticality safety basis for the ITP process is documented. Criticality safety in the ITP filtrate has been analyzed under normal and process upset conditions. This report evaluates the potential for criticality due to the precipitation or crystallization of fissionable material from solution and an ITP process filter failure in which insoluble material carryover from salt dissolution is present. It is concludedmore » that no single inadvertent error will cause criticality and that the process will remain subcritical under normal and credible abnormal conditions.« less

Model-Based Safety Analysis

NASA Technical Reports Server (NTRS)

Joshi, Anjali; Heimdahl, Mats P. E.; Miller, Steven P.; Whalen, Mike W.

2006-01-01

System safety analysis techniques are well established and are used extensively during the design of safety-critical systems. Despite this, most of the techniques are highly subjective and dependent on the skill of the practitioner. Since these analyses are usually based on an informal system model, it is unlikely that they will be complete, consistent, and error free. In fact, the lack of precise models of the system architecture and its failure modes often forces the safety analysts to devote much of their effort to gathering architectural details about the system behavior from several sources and embedding this information in the safety artifacts such as the fault trees. This report describes Model-Based Safety Analysis, an approach in which the system and safety engineers share a common system model created using a model-based development process. By extending the system model with a fault model as well as relevant portions of the physical system to be controlled, automated support can be provided for much of the safety analysis. We believe that by using a common model for both system and safety engineering and automating parts of the safety analysis, we can both reduce the cost and improve the quality of the safety analysis. Here we present our vision of model-based safety analysis and discuss the advantages and challenges in making this approach practical.

Estimated critical conditions for UF{sub 4}-oil systems in fully oil-reflected spherical geometry

DOE Office of Scientific and Technical Information (OSTI.GOV)

Plaster, M.J.

Paraffinic oil has been exposed to UF{sub 6} gas in seal exhaust pumps and cascade equipment at the Portsmouth Gaseous Diffusion Plant. The resulting mixture is more nuclearly reactive than mixtures of UO{sub 2}F{sub 2} and H{sub 2}O and is not bounded by the subcritical mass limits presented in several nuclear criticality safety guides. The purpose of this analysis is to determine several critical parameters; specifically, (1) k{sub {infinity}} and the critical mass for several enrichments and moderation levels and (2) the mass limits for these mixtures. The estimated critical masses for the UF{sub 4}-oil systems are smaller than formore » the UO{sub 2}F{sub 2}-H{sub 2}O systems. The suggested mass limits for the UF{sub 4}-oil systems are 0.240, 0.280, 0.350, 0.430, and 0.670, and 1.170 kg {sup 235}U for enrichments of 100, 50, 20, 10, 5, and 3 wt.% {sup 235}U respectively.« less

Prospective Safety Analysis and the Complex Aviation System

NASA Technical Reports Server (NTRS)

Smith, Brian E.

2013-01-01

Fatal accident rates in commercial passenger aviation are at historic lows yet have plateaued and are not showing evidence of further safety advances. Modern aircraft accidents reflect both historic causal factors and new unexpected "Black Swan" events. The ever-increasing complexity of the aviation system, along with its associated technology and organizational relationships, provides fertile ground for fresh problems. It is important to take a proactive approach to aviation safety by working to identify novel causation mechanisms for future aviation accidents before they happen. Progress has been made in using of historic data to identify the telltale signals preceding aviation accidents and incidents, using the large repositories of discrete and continuous data on aircraft and air traffic control performance and information reported by front-line personnel. Nevertheless, the aviation community is increasingly embracing predictive approaches to aviation safety. The "prospective workshop" early assessment tool described in this paper represents an approach toward this prospective mindset-one that attempts to identify the future vectors of aviation and asks the question: "What haven't we considered in our current safety assessments?" New causation mechanisms threatening aviation safety will arise in the future because new (or revised) systems and procedures will have to be used under future contextual conditions that have not been properly anticipated. Many simulation models exist for demonstrating the safety cases of new operational concepts and technologies. However the results from such models can only be as valid as the accuracy and completeness of assumptions made about the future context in which the new operational concepts and/or technologies will be immersed. Of course that future has not happened yet. What is needed is a reasonably high-confidence description of the future operational context, capturing critical contextual characteristics that modulate

In-space propellant systems safety. Volume 3: System safety analysis

NASA Technical Reports Server (NTRS)

1972-01-01

The primary objective was to examine from a system safety viewpoint in-space propellant logistic elements and operations to define the potential hazards and to recommend means to reduce, eliminate or control them. A secondary objective was to conduct trade studies of specific systems or operations to determine the safest of alternate approaches.

Application of the SCALE TSUNAMI Tools for the Validation of Criticality Safety Calculations Involving 233U

DOE Office of Scientific and Technical Information (OSTI.GOV)

Mueller, Don; Rearden, Bradley T; Hollenbach, Daniel F

2009-02-01

The Radiochemical Development Facility at Oak Ridge National Laboratory has been storing solid materials containing 233U for decades. Preparations are under way to process these materials into a form that is inherently safe from a nuclear criticality safety perspective. This will be accomplished by down-blending the {sup 233}U materials with depleted or natural uranium. At the request of the U.S. Department of Energy, a study has been performed using the SCALE sensitivity and uncertainty analysis tools to demonstrate how these tools could be used to validate nuclear criticality safety calculations of selected process and storage configurations. ISOTEK nuclear criticality safetymore » staff provided four models that are representative of the criticality safety calculations for which validation will be needed. The SCALE TSUNAMI-1D and TSUNAMI-3D sequences were used to generate energy-dependent k{sub eff} sensitivity profiles for each nuclide and reaction present in the four safety analysis models, also referred to as the applications, and in a large set of critical experiments. The SCALE TSUNAMI-IP module was used together with the sensitivity profiles and the cross-section uncertainty data contained in the SCALE covariance data files to propagate the cross-section uncertainties ({Delta}{sigma}/{sigma}) to k{sub eff} uncertainties ({Delta}k/k) for each application model. The SCALE TSUNAMI-IP module was also used to evaluate the similarity of each of the 672 critical experiments with each application. Results of the uncertainty analysis and similarity assessment are presented in this report. A total of 142 experiments were judged to be similar to application 1, and 68 experiments were judged to be similar to application 2. None of the 672 experiments were judged to be adequately similar to applications 3 and 4. Discussion of the uncertainty analysis and similarity assessment is provided for each of the four applications. Example upper subcritical limits (USLs) were

Software system safety

NASA Technical Reports Server (NTRS)

Uber, James G.

1988-01-01

Software itself is not hazardous, but since software and hardware share common interfaces there is an opportunity for software to create hazards. Further, these software systems are complex, and proven methods for the design, analysis, and measurement of software safety are not yet available. Some past software failures, future NASA software trends, software engineering methods, and tools and techniques for various software safety analyses are reviewed. Recommendations to NASA are made based on this review.

Evaluation Of The Vehicle Radar Safety Systems Rashid Radar Safety Brake Collision Warning System, Final Report

DOT National Transportation Integrated Search

1988-02-01

THIS EVALUATION OF THE VEHICLE RADAR SAFETY SYSTEMS? ANTI-COLLISION DEVICE (HEREAFTER VRSS) WAS UNDERTAKEN BY THE OPERATOR PERFORMANCE AND SAFETY ANALYSIS DIVISION OF THE TRANSPORTATION SYSTEMS CENTER AT THE REQUEST OF THE NATIONAL HIGHWAY TRAFFIC SA...

A Taxonomy of Fallacies in System Safety Arguments

NASA Technical Reports Server (NTRS)

Greenwell, William S.; Knight, John C.; Holloway, C. Michael; Pease, Jacob J.

2006-01-01

Safety cases are gaining acceptance as assurance vehicles for safety-related systems. A safety case documents the evidence and argument that a system is safe to operate; however, logical fallacies in the underlying argument may undermine a system s safety claims. Removing these fallacies is essential to reduce the risk of safety-related system failure. We present a taxonomy of common fallacies in safety arguments that is intended to assist safety professionals in avoiding and detecting fallacious reasoning in the arguments they develop and review. The taxonomy derives from a survey of general argument fallacies and a separate survey of fallacies in real-world safety arguments. Our taxonomy is specific to safety argumentation, and it is targeted at professionals who work with safety arguments but may lack formal training in logic or argumentation. We discuss the rationale for the selection and categorization of fallacies in the taxonomy. In addition to its applications to the development and review of safety cases, our taxonomy could also support the analysis of system failures and promote the development of more robust safety case patterns.

Software Dependability and Safety Evaluations ESA's Initiative

NASA Astrophysics Data System (ADS)

Hernek, M.

ESA has allocated funds for an initiative to evaluate Dependability and Safety methods of Software. The objectives of this initiative are; · More extensive validation of Safety and Dependability techniques for Software · Provide valuable results to improve the quality of the Software thus promoting the application of Dependability and Safety methods and techniques. ESA space systems are being developed according to defined PA requirement specifications. These requirements may be implemented through various design concepts, e.g. redundancy, diversity etc. varying from project to project. Analysis methods (FMECA. FTA, HA, etc) are frequently used during requirements analysis and design activities to assure the correct implementation of system PA requirements. The criticality level of failures, functions and systems is determined and by doing that the critical sub-systems are identified, on which dependability and safety techniques are to be applied during development. Proper performance of the software development requires the development of a technical specification for the products at the beginning of the life cycle. Such technical specification comprises both functional and non-functional requirements. These non-functional requirements address characteristics of the product such as quality, dependability, safety and maintainability. Software in space systems is more and more used in critical functions. Also the trend towards more frequent use of COTS and reusable components pose new difficulties in terms of assuring reliable and safe systems. Because of this, its dependability and safety must be carefully analysed. ESA identified and documented techniques, methods and procedures to ensure that software dependability and safety requirements are specified and taken into account during the design and development of a software system and to verify/validate that the implemented software systems comply with these requirements [R1].

System safety management: A new discipline

NASA Technical Reports Server (NTRS)

Pope, W. C.

1971-01-01

The systems theory is discussed in relation to safety management. It is suggested that systems safety management, as a new discipline, holds great promise for reducing operating errors, conserving labor resources, avoiding operating costs due to mistakes, and for improving managerial techniques. It is pointed out that managerial failures or system breakdowns are the basic reasons for human errors and condition defects. In this respect, a recommendation is made that safety engineers stop visualizing the problem only with the individual (supervisor or employee) and see the problem from the systems point of view.

Extended time-to-collision measures for road traffic safety assessment.

PubMed

Minderhoud, M M; Bovy, P H

2001-01-01

This article describes two new safety indicators based on the time-to-collision notion suitable for comparative road traffic safety analyses. Such safety indicators can be applied in the comparison of a do-nothing case with an adapted situation, e.g. the introduction of intelligent driver support systems. In contrast to the classical time-to-collision value, measured at a cross section, the improved safety indicators use vehicle trajectories collected over a specific time horizon for a certain roadway segment to calculate the overall safety indicator value. Vehicle-specific indicator values as well as safety-critical probabilities can easily be determined from the developed safety measures. Application of the derived safety indicators is demonstrated for the assessment of the potential safety impacts of driver support systems from which it appears that some Autonomous Intelligent Cruise Control (AICC) designs are more safety-critical than the reference case without these systems. It is suggested that the indicator threshold value to be applied in the safety assessment has to be adapted when advanced AICC-systems with safe characteristics are introduced.

An overview of the V&V of Flight-Critical Systems effort at NASA

NASA Technical Reports Server (NTRS)

Brat, Guillaume P.

2011-01-01

As the US is getting ready for the Next Generation (NextGen) of Air Traffic System, there is a growing concern that the current techniques for verification and validation will not be adequate for the changes to come. The JPDO (in charge of implementing NextGen) has given NASA a mandate to address the problem and it resulted in the formulation of the V&V of Flight-Critical Systems effort. This research effort is divided into four themes: argument-based safety assurance, distributed systems, authority and autonomy, and, software intensive systems. This paper presents an overview of the technologies that will address the problem.

Determination of Slope Safety Factor with Analytical Solution and Searching Critical Slip Surface with Genetic-Traversal Random Method

PubMed Central

2014-01-01

In the current practice, to determine the safety factor of a slope with two-dimensional circular potential failure surface, one of the searching methods for the critical slip surface is Genetic Algorithm (GA), while the method to calculate the slope safety factor is Fellenius' slices method. However GA needs to be validated with more numeric tests, while Fellenius' slices method is just an approximate method like finite element method. This paper proposed a new method to determine the minimum slope safety factor which is the determination of slope safety factor with analytical solution and searching critical slip surface with Genetic-Traversal Random Method. The analytical solution is more accurate than Fellenius' slices method. The Genetic-Traversal Random Method uses random pick to utilize mutation. A computer automatic search program is developed for the Genetic-Traversal Random Method. After comparison with other methods like slope/w software, results indicate that the Genetic-Traversal Random Search Method can give very low safety factor which is about half of the other methods. However the obtained minimum safety factor with Genetic-Traversal Random Search Method is very close to the lower bound solutions of slope safety factor given by the Ansys software. PMID:24782679

Patient Safety and the Malpractice System.

PubMed

Swift, James Q

2017-05-01

The cost of health care in the United States and malpractice insurance has escalated greatly over the past 30 years. In an ideal world, the goals of the tort system would be aligned with efforts at improving safety. In fact, there is little evidence that the tort system and the processes of risk management and informed consent have improved patient safety. This article explores the disunion between patient safety and the malpractice system. Copyright © 2016 Elsevier Inc. All rights reserved.

Critical safety assurance factors for manned spacecraft - A fire safety perspective

NASA Technical Reports Server (NTRS)

Rodney, George A.

1990-01-01

Safety assurance factors for manned spacecraft are discussed with a focus on the Space Station Freedom. A hazard scenario is provided to demonstrate a process commonly used by safety engineers and other analysts to identify onboard safety risks. Fire strategies are described, including a review of fire extinguishing agents being considered for the Space Station. Lessons learned about fire safety technology in other areas are also noted. NASA and industry research on fire safety applications is discussed. NASA's approach to ensuring safety for manned spacecraft is addressed in the context of its multidiscipline program.

Nanotechnology and MEMS-based systems for civil infrastructure safety and security: Opportunities and challenges

NASA Astrophysics Data System (ADS)

Robinson, Nidia; Saafi, Mohamed

2006-03-01

Critical civil infrastructure systems such as bridges, high rises, dams, nuclear power plants and pipelines present a major investment and the health of the United States' economy and the lifestyle of its citizens both depend on their safety and security. The challenge for engineers is to maintain the safety and security of these large structures in the face of terrorism threats, natural disasters and long-term deterioration, as well as to meet the demands of emergency response times. With the significant negative impact that these threats can have on the structural environment, health monitoring of civil infrastructure holds promise as a way to provide information for near real-time condition assessment of the structure's safety and security. This information can be used to assess the integrity of the structure for post-earthquake and terrorist attacks rescue and recovery, and to safely and rapidly remove the debris and to temporary shore specific structural elements. This information can also be used for identification of incipient damage in structures experiencing long-term deterioration. However, one of the major obstacles preventing sensor-based monitoring is the lack of reliable, easy-to-install, cost-effective and harsh environment resistant sensors that can be densely embedded into large-scale civil infrastructure systems. Nanotechnology and MEMS-based systems which have matured in recent years represent an innovative solution to current damage detection systems, leading to wireless, inexpensive, durable, compact, and high-density information collection. In this paper, ongoing research activities at Alabama A&M University (AAMU) Center for Transportation Infrastructure Safety and Security on the application of nanotechnology and MEMS to Civil Infrastructure for health monitoring will presented. To date, research showed that nanotechnology and MEMS-based systems can be used to wirelessly detect and monitor different damage mechanisms in concrete structures

Safer Systems: A NextGen Aviation Safety Strategic Goal

NASA Technical Reports Server (NTRS)

Darr, Stephen T.; Ricks, Wendell R.; Lemos, Katherine A.

2008-01-01

The Joint Planning and Development Office (JPDO), is charged by Congress with developing the concepts and plans for the Next Generation Air Transportation System (NextGen). The National Aviation Safety Strategic Plan (NASSP), developed by the Safety Working Group of the JPDO, focuses on establishing the goals, objectives, and strategies needed to realize the safety objectives of the NextGen Integrated Plan. The three goal areas of the NASSP are Safer Practices, Safer Systems, and Safer Worldwide. Safer Practices emphasizes an integrated, systematic approach to safety risk management through implementation of formalized Safety Management Systems (SMS) that incorporate safety data analysis processes, and the enhancement of methods for ensuring safety is an inherent characteristic of NextGen. Safer Systems emphasizes implementation of safety-enhancing technologies, which will improve safety for human-centered interfaces and enhance the safety of airborne and ground-based systems. Safer Worldwide encourages coordinating the adoption of the safer practices and safer systems technologies, policies and procedures worldwide, such that the maximum level of safety is achieved across air transportation system boundaries. This paper introduces the NASSP and its development, and focuses on the Safer Systems elements of the NASSP, which incorporates three objectives for NextGen systems: 1) provide risk reducing system interfaces, 2) provide safety enhancements for airborne systems, and 3) provide safety enhancements for ground-based systems. The goal of this paper is to expose avionics and air traffic management system developers to NASSP objectives and Safer Systems strategies.

Criticality safety strategy and analysis summary for the fuel cycle facility electrorefiner at Argonne National Laboratory West

DOE Office of Scientific and Technical Information (OSTI.GOV)

Mariani, R.D.; Benedict, R.W.; Lell, R.M.

1996-05-01

As part of the termination activities of Experimental Breeder Reactor II (EBR-II) at Argonne National Laboratory (ANL) West, the spent metallic fuel from EBR-II will be treated in the fuel cycle facility (FCF). A key component of the spent-fuel treatment process in the FCF is the electrorefiner (ER) in which the actinide metals are separated from the active metal fission products and the reactive bond sodium. In the electrorefining process, the metal fuel is anodically dissolved into a high-temperature molten salt, and refined uranium or uranium/plutonium products are deposited at cathodes. The criticality safety strategy and analysis for the ANLmore » West FCF ER is summarized. The FCF ER operations and processes formed the basis for evaluating criticality safety and control during actinide metal fuel refining. To show criticality safety for the FCF ER, the reference operating conditions for the ER had to be defined. Normal operating envelopes (NOEs) were then defined to bracket the important operating conditions. To keep the operating conditions within their NOEs, process controls were identified that can be used to regulate the actinide forms and content within the ER. A series of operational checks were developed for each operation that will verify the extent or success of an operation. The criticality analysis considered the ER operating conditions at their NOE values as the point of departure for credible and incredible failure modes. As a result of the analysis, FCF ER operations were found to be safe with respect to criticality.« less

Transportation systems safety hazard analysis tool (SafetyHAT) user guide (version 1.0)

DOT National Transportation Integrated Search

2014-03-24

This is a user guide for the transportation system Safety Hazard Analysis Tool (SafetyHAT) Version 1.0. SafetyHAT is a software tool that facilitates System Theoretic Process Analysis (STPA.) This user guide provides instructions on how to download, ...

WTEC monograph on instrumentation, control and safety systems of Canadian nuclear facilities

NASA Technical Reports Server (NTRS)

Uhrig, Robert E.; Carter, Richard J.

1993-01-01

This report updates a 1989-90 survey of advanced instrumentation and controls (I&C) technologies and associated human factors issues in the U.S. and Canadian nuclear industries carried out by a team from Oak Ridge National Laboratory (Carter and Uhrig 1990). The authors found that the most advanced I&C systems are in the Canadian CANDU plants, where the newest plant (Darlington) has digital systems in almost 100 percent of its control systems and in over 70 percent of its plant protection system. Increased emphasis on human factors and cognitive science in modern control rooms has resulted in a reduced workload for the operators and the elimination of many human errors. Automation implemented through digital instrumentation and control is effectively changing the role of the operator to that of a systems manager. The hypothesis that properly introducing digital systems increases safety is supported by the Canadian experience. The performance of these digital systems has been achieved using appropriate quality assurance programs for both hardware and software development. Recent regulatory authority review of the development of safety-critical software has resulted in the creation of isolated software modules with well defined interfaces and more formal structure in the software generation. The ability of digital systems to detect impending failures and initiate a fail-safe action is a significant safety issue that should be of special interest to nuclear utilities and regulatory authorities around the world.

Safety features of subcritical fluid fueled systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Bell, C.R.

1995-10-01

Accelerator-driven transmutation technology has been under study at Los Alamos for several years for application to nuclear waste treatment, tritium production, energy generation, and recently, to the disposition of excess weapons plutonium. Studies and evaluations performed to date at Los Alamos have led to a current focus on a fluid-fuel, fission system operating in a neutron source-supported subcritical mode, using molten salt reactor technology and accelerator-driven proton-neutron spallation. In this paper, the safety features and characteristics of such systems are explored from the perspective of the fundamental nuclear safety objectives that any reactor-type system should address. This exploration is qualitativemore » in nature and uses current vintage solid-fueled reactors as a baseline for comparison. Based on the safety perspectives presented, such systems should be capable of meeting the fundamental nuclear safety objectives. In addition, they should be able to provide the safety robustness desired for advanced reactors. However, the manner in which safety objectives and robustness are achieved is very different from that associated with conventional reactors. Also, there are a number of safety design and operational challenges that will have to be addressed for the safety potential of such systems to be credible.« less

46 CFR 62.25-15 - Safety control systems.

Code of Federal Regulations, 2011 CFR

2011-10-01

....35-50. Note: Safety control systems include automatic and manual safety trip controls and automatic... engines. (e) Automatic safety trip control systems must— (1) Be provided where there is an immediate... 46 Shipping 2 2011-10-01 2011-10-01 false Safety control systems. 62.25-15 Section 62.25-15...

System theory and safety models in Swedish, UK, Dutch and Australian road safety strategies.

PubMed

Hughes, B P; Anund, A; Falkmer, T

2015-01-01

Road safety strategies represent interventions on a complex social technical system level. An understanding of a theoretical basis and description is required for strategies to be structured and developed. Road safety strategies are described as systems, but have not been related to the theory, principles and basis by which systems have been developed and analysed. Recently, road safety strategies, which have been employed for many years in different countries, have moved to a 'vision zero', or 'safe system' style. The aim of this study was to analyse the successful Swedish, United Kingdom and Dutch road safety strategies against the older, and newer, Australian road safety strategies, with respect to their foundations in system theory and safety models. Analysis of the strategies against these foundations could indicate potential improvements. The content of four modern cases of road safety strategy was compared against each other, reviewed against scientific systems theory and reviewed against types of safety model. The strategies contained substantial similarities, but were different in terms of fundamental constructs and principles, with limited theoretical basis. The results indicate that the modern strategies do not include essential aspects of systems theory that describe relationships and interdependencies between key components. The description of these strategies as systems is therefore not well founded and deserves further development. Copyright © 2014 Elsevier Ltd. All rights reserved.

Design an optimum safety policy for personnel safety management - A system dynamic approach

NASA Astrophysics Data System (ADS)

Balaji, P.

2014-10-01

Personnel safety management (PSM) ensures that employee's work conditions are healthy and safe by various proactive and reactive approaches. Nowadays it is a complex phenomenon because of increasing dynamic nature of organisations which results in an increase of accidents. An important part of accident prevention is to understand the existing system properly and make safety strategies for that system. System dynamics modelling appears to be an appropriate methodology to explore and make strategy for PSM. Many system dynamics models of industrial systems have been built entirely for specific host firms. This thesis illustrates an alternative approach. The generic system dynamics model of Personnel safety management was developed and tested in a host firm. The model was undergone various structural, behavioural and policy tests. The utility and effectiveness of model was further explored through modelling a safety scenario. In order to create effective safety policy under resource constraint, DOE (Design of experiment) was used. DOE uses classic designs, namely, fractional factorials and central composite designs. It used to make second order regression equation which serve as an objective function. That function was optimized under budget constraint and optimum value used for safety policy which shown greatest improvement in overall PSM. The outcome of this research indicates that personnel safety management model has the capability for acting as instruction tool to improve understanding of safety management and also as an aid to policy making.

Design an optimum safety policy for personnel safety management - A system dynamic approach

DOE Office of Scientific and Technical Information (OSTI.GOV)

Balaji, P.

2014-10-06

Personnel safety management (PSM) ensures that employee's work conditions are healthy and safe by various proactive and reactive approaches. Nowadays it is a complex phenomenon because of increasing dynamic nature of organisations which results in an increase of accidents. An important part of accident prevention is to understand the existing system properly and make safety strategies for that system. System dynamics modelling appears to be an appropriate methodology to explore and make strategy for PSM. Many system dynamics models of industrial systems have been built entirely for specific host firms. This thesis illustrates an alternative approach. The generic system dynamicsmore » model of Personnel safety management was developed and tested in a host firm. The model was undergone various structural, behavioural and policy tests. The utility and effectiveness of model was further explored through modelling a safety scenario. In order to create effective safety policy under resource constraint, DOE (Design of experiment) was used. DOE uses classic designs, namely, fractional factorials and central composite designs. It used to make second order regression equation which serve as an objective function. That function was optimized under budget constraint and optimum value used for safety policy which shown greatest improvement in overall PSM. The outcome of this research indicates that personnel safety management model has the capability for acting as instruction tool to improve understanding of safety management and also as an aid to policy making.« less

Mathematical modelling of active safety system functions as tools for development of driverless vehicles

NASA Astrophysics Data System (ADS)

Ryazantsev, V.; Mezentsev, N.; Zakharov, A.

2018-02-01

This paper is dedicated to a solution of the issue of synthesis of the vehicle longitudinal dynamics control functions (acceleration and deceleration control) based on the element base of the vehicle active safety system (ESP) - driverless vehicle development tool. This strategy helps to reduce time and complexity of integration of autonomous motion control systems (AMCS) into the vehicle architecture and allows direct control of actuators ensuring the longitudinal dynamics control, as well as reduction of time for calibration works. The “vehicle+wheel+road” longitudinal dynamics control is complicated due to the absence of the required prior information about the control object. Therefore, the control loop becomes an adaptive system, i.e. a self-adjusting monitoring system. Another difficulty is the driver’s perception of the longitudinal dynamics control process in terms of comfort. Traditionally, one doesn’t pay a lot of attention to this issue within active safety systems, and retention of vehicle steerability, controllability and stability in emergency situations are considered to be the quality criteria. This is mainly connected to its operational limits, since it is activated only in critical situations. However, implementation of the longitudinal dynamics control in the AMCS poses another challenge for the developers - providing the driver with comfortable vehicle movement during acceleration and deceleration - while the possible highest safety level in terms of the road grip is provided by the active safety system (ESP). The results of this research are: universal active safety system - AMCS interaction interface; block diagram for the vehicle longitudinal acceleration and deceleration control as one of the active safety system’s integrated functions; ideology of adaptive longitudinal dynamics control, which enables to realize the deceleration and acceleration requested by the AMCS; algorithms synthesised; analytical experiments proving the

Autonomous Flight Safety System

NASA Technical Reports Server (NTRS)

Simpson, James

2010-01-01

The Autonomous Flight Safety System (AFSS) is an independent self-contained subsystem mounted onboard a launch vehicle. AFSS has been developed by and is owned by the US Government. Autonomously makes flight termination/destruct decisions using configurable software-based rules implemented on redundant flight processors using data from redundant GPS/IMU navigation sensors. AFSS implements rules determined by the appropriate Range Safety officials.

75 FR 5146 - Hewlett Packard Company Business Critical Systems, Mission Critical Business Software Division...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-02-01

... Packard Company Business Critical Systems, Mission Critical Business Software Division, OpenVMS Operating... Software Division, OpenVMS Operating System Development Group, Including an Employee Operating Out of the..., Mission Critical Business Software Division, OpenVMS Operating System Development Group, including...

AGARD Flight Test Techniques Series. Volume 12. The Principles of Flight Test Assessment of Flight-Safety-Critical Systems in Helicopters (Les Principes de l’Evaluation, dans le Cadre des Essais en Vol, des Systemes Indispensables a la Securite de Vol des Helicopteres)

DTIC Science & Technology

1994-08-01

AGARD-AG-300 Vol. 12 04 ADVISORY GROUP FOR AEROSPACE RESEARCH & DEVELOPMENT 7 RUE ANCELLE, 92200 NEUILLY-SUR-SEINE, FRANCE AUG 0195 AGARDograph 300...AGARD Flight Test Techniques Series Volume 12 on The Principles of Flight Test Assessment of Flight-Safety-Critical Systems in Helicopters (Les...and Availability on Back Cover AGARD-AG-300 Vol. 12 ADVISORY GROUP FOR AEROSPACE RESEARCH & DEVELOPMENT 7 RUE ANCELLE, 92200 NEUILLY-SUR-SEINE, FRANCE

System Safety in Aircraft Acquisition

DTIC Science & Technology

1984-01-01

Relationship Between JSSC and SOHP ..... .......... 6- 1 Some Similarities in the Departments’ Approaches to System Safety... RELATIONSHIP BETWEEN JSSC AND SOHP The annual JSSC sponsored by the safety centers coordinates safety activities. It was described recently as "an unchartered...developed an excellent working relationship . Re- presentatives from SOHP can and do influence tasks undertaken by JSSC. Con- versely, SOUP is the one

System safety education focused on system management

NASA Technical Reports Server (NTRS)

Grose, V. L.

1971-01-01

System safety is defined and characteristics of the system are outlined. Some of the principle characteristics include role of humans in hazard analysis, clear language for input and output, system interdependence, self containment, and parallel analysis of elements.

76 FR 14592 - Safety Management System; Withdrawal

Federal Register 2010, 2011, 2012, 2013, 2014

2011-03-17

...-06A] RIN 2120-AJ15 Safety Management System; Withdrawal AGENCY: Federal Aviation Administration (FAA... (``product/ service providers'') to develop a Safety Management System (SMS). The FAA is withdrawing the... management with a set of robust decision-making tools to use to improve safety. The FAA received 89 comments...

Database management systems for process safety.

PubMed

Early, William F

2006-03-17

Several elements of the process safety management regulation (PSM) require tracking and documentation of actions; process hazard analyses, management of change, process safety information, operating procedures, training, contractor safety programs, pre-startup safety reviews, incident investigations, emergency planning, and compliance audits. These elements can result in hundreds of actions annually that require actions. This tracking and documentation commonly is a failing identified in compliance audits, and is difficult to manage through action lists, spreadsheets, or other tools that are comfortably manipulated by plant personnel. This paper discusses the recent implementation of a database management system at a chemical plant and chronicles the improvements accomplished through the introduction of a customized system. The system as implemented modeled the normal plant workflows, and provided simple, recognizable user interfaces for ease of use.

Assessment of the State-of-the-Art of System-Wide Safety and Assurance Technologies

NASA Technical Reports Server (NTRS)

Roychoudhury, Indranil; Reveley, Mary S.; Phojanamongkolkij, Nipa; Leone, Karen M.

2017-01-01

Since its initiation, the System-wide Safety Assurance Technologies (SSAT) Project has been focused on developing multidisciplinary tools and techniques that are verified and validated to ensure prevention of loss of property and life in NextGen and enable proactive risk management through predictive methods. To this end, four technical challenges have been listed to help realize the goals of SSAT, namely (i) assurance of flight critical systems, (ii) discovery of precursors to safety incidents, (iii) assuring safe human-systems integration, and (iv) prognostic algorithm design for safety assurance. The objective of this report is to provide an extensive survey of SSAT-related research accomplishments by researchers within and outside NASA to get an understanding of what the state-of-the-art is for technologies enabling each of the four technical challenges. We hope that this report will serve as a good resource for anyone interested in gaining an understanding of the SSAT technical challenges, and also be useful in the future for project planning and resource allocation for related research.

The effects of driver identity on driving safety in a retrospective feedback system.

PubMed

Zhao, Guozhen; Wu, Changxu

2012-03-01

Retrospective feedback that provides detailed information on a driver's performance in critical driving situations at the end of a trip enhances his/her driving behaviors and safe driving habits. Although this has been demonstrated by a previous study, retrospective feedback can be further improved and applied to non-critical driving situations, which is needed for transportation safety. To propose a new retrospective feedback system that uses driver identity (i.e., a driver's name) and to experimentally study its effects on measures of driving performance and safety in a driving simulator. We conducted a behavioral experimental study with 30 participants. "Feedback type" was a between-subject variable with three conditions: no feedback (control group), feedback without driver identity, and feedback with driver identity. We measured multiple aspects of participants' driving behavior. To control for potential confounds, factors that were significantly correlated with driving behavior (e.g., age and driving experience) were all entered as covariates into a multivariate analysis of variance. To examine the effects of speeding on collision severity in driving simulation studies, we also developed a new index - momentum of potential collision - with a set of equations. Subjects who used a feedback system with driver identity had the fewest speeding violations and central-line crossings, spent the least amount of time speeding and crossing the central line, had the lowest speeding and central-line crossing magnitude, ran the fewest red lights, and had the smallest momentum of potential collision compared to the groups with feedback without driver identity and without feedback (control group). The new retrospective feedback system with driver identity has the potential to enhance a person's driving safety (e.g., speeding, central-line crossing, momentum of potential collision), which is an indication of the valence of one's name in a feedback system design. Copyright �

Nuclear Safety for Space Systems

NASA Astrophysics Data System (ADS)

Offiong, Etim

2010-09-01

It is trite, albeit a truism, to say that nuclear power can provide propulsion thrust needed to launch space vehicles and also, to provide electricity for powering on-board systems, especially for missions to the Moon, Mars and other deep space missions. Nuclear Power Sources(NPSs) are known to provide more capabilities than solar power, fuel cells and conventional chemical means. The worry has always been that of safety. The earliest superpowers(US and former Soviet Union) have designed and launched several nuclear-powered systems, with some failures. Nuclear failures and accidents, however little the number, could be far-reaching geographically, and are catastrophic to humans and the environment. Building on the numerous research works on nuclear power on Earth and in space, this paper seeks to bring to bear, issues relating to safety of space systems - spacecrafts, astronauts, Earth environment and extra terrestrial habitats - in the use and application of nuclear power sources. It also introduces a new formal training course in Space Systems Safety.

Probabilistic Causal Analysis for System Safety Risk Assessments in Commercial Air Transport

NASA Technical Reports Server (NTRS)

Luxhoj, James T.

2003-01-01

Aviation is one of the critical modes of our national transportation system. As such, it is essential that new technologies be continually developed to ensure that a safe mode of transportation becomes even safer in the future. The NASA Aviation Safety Program (AvSP) is managing the development of new technologies and interventions aimed at reducing the fatal aviation accident rate by a factor of 5 by year 2007 and by a factor of 10 by year 2022. A portfolio assessment is currently being conducted to determine the projected impact that the new technologies and/or interventions may have on reducing aviation safety system risk. This paper reports on advanced risk analytics that combine the use of a human error taxonomy, probabilistic Bayesian Belief Networks, and case-based scenarios to assess a relative risk intensity metric. A sample case is used for illustrative purposes.

Critical areas: Satellite power systems concepts

NASA Technical Reports Server (NTRS)

1975-01-01

Critical Areas are defined and discussed in the various areas pertinent to satellite power systems. The presentation is grouped into five areas (General, Space Systems, Solar Energy Conversion, Microwave Systems, and Environment/Ecology) with a sixth area (Power Relay) considered separately in an appendix. Areas for Future Consideration as critical areas are discussed in a second appendix.

49 CFR 659.19 - System safety program plan: contents.

Code of Federal Regulations, 2012 CFR

2012-10-01

... 49 Transportation 7 2012-10-01 2012-10-01 false System safety program plan: contents. 659.19... ADMINISTRATION, DEPARTMENT OF TRANSPORTATION RAIL FIXED GUIDEWAY SYSTEMS; STATE SAFETY OVERSIGHT Role of the State Oversight Agency § 659.19 System safety program plan: contents. The system safety plan shall...

49 CFR 659.19 - System safety program plan: contents.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 49 Transportation 7 2011-10-01 2011-10-01 false System safety program plan: contents. 659.19... ADMINISTRATION, DEPARTMENT OF TRANSPORTATION RAIL FIXED GUIDEWAY SYSTEMS; STATE SAFETY OVERSIGHT Role of the State Oversight Agency § 659.19 System safety program plan: contents. The system safety plan shall...

49 CFR 659.19 - System safety program plan: contents.

Code of Federal Regulations, 2013 CFR

2013-10-01

... 49 Transportation 7 2013-10-01 2013-10-01 false System safety program plan: contents. 659.19... ADMINISTRATION, DEPARTMENT OF TRANSPORTATION RAIL FIXED GUIDEWAY SYSTEMS; STATE SAFETY OVERSIGHT Role of the State Oversight Agency § 659.19 System safety program plan: contents. The system safety plan shall...

49 CFR 659.19 - System safety program plan: contents.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 49 Transportation 7 2014-10-01 2014-10-01 false System safety program plan: contents. 659.19... ADMINISTRATION, DEPARTMENT OF TRANSPORTATION RAIL FIXED GUIDEWAY SYSTEMS; STATE SAFETY OVERSIGHT Role of the State Oversight Agency § 659.19 System safety program plan: contents. The system safety plan shall...

49 CFR 659.19 - System safety program plan: contents.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 49 Transportation 7 2010-10-01 2010-10-01 false System safety program plan: contents. 659.19... ADMINISTRATION, DEPARTMENT OF TRANSPORTATION RAIL FIXED GUIDEWAY SYSTEMS; STATE SAFETY OVERSIGHT Role of the State Oversight Agency § 659.19 System safety program plan: contents. The system safety plan shall...

Safety climate and culture: Integrating psychological and systems perspectives.

PubMed

Casey, Tristan; Griffin, Mark A; Flatau Harrison, Huw; Neal, Andrew

2017-07-01

Safety climate research has reached a mature stage of development, with a number of meta-analyses demonstrating the link between safety climate and safety outcomes. More recently, there has been interest from systems theorists in integrating the concept of safety culture and to a lesser extent, safety climate into systems-based models of organizational safety. Such models represent a theoretical and practical development of the safety climate concept by positioning climate as part of a dynamic work system in which perceptions of safety act to constrain and shape employee behavior. We propose safety climate and safety culture constitute part of the enabling capitals through which organizations build safety capability. We discuss how organizations can deploy different configurations of enabling capital to exert control over work systems and maintain safe and productive performance. We outline 4 key strategies through which organizations to reconcile the system control problems of promotion versus prevention, and stability versus flexibility. (PsycINFO Database Record (c) 2017 APA, all rights reserved).

Evolution from safety management system (SMS) to HSE MS: Incorporating health aspects into the HSE management system

DOE Office of Scientific and Technical Information (OSTI.GOV)

Jong, G. de

1996-12-31

There is increasing recognition within the E&P industry that protection and promotion of the health of people at work is more than taking care of individual health. It is an organizational issue which can be managed using the same principles as for safety and environment. The synergy`s with safety and environmental management provide the link with the management system. However line managers need to under the critical Health issues: what are they are they relevant? How do we manage them? what are the standards? What are the management tools to be used? How do we monitor performance? What is themore » role of the line? What is the role of the health advisers? What training and competencies are needed for health management? What are the benefits? These questions have to be clarified before acceptance can be achieved for full integration of Health aspects into the HSE Management System. Health Risk Assessment was developed as a tool for systematic identification and assessment of health hazards and risks. It specifies the need for and type of controls and recovery measures, which can subsequently be incorporated in HSE Management System and HSE Cases. Our experience to date indicates that Health can successfully be integrated in HSE Management Systems and HSE Cases by using the same principles as developed for Safety Management Systems and Safety Cases. There are still many problems which need to be addressed but the methodology used appears to be sound and will eventually enhance line management understanding of the health management aspects relevant to the E&P Industry.« less

NASA aviation safety reporting system

NASA Technical Reports Server (NTRS)

Billings, C. E.; Lauber, J. K.; Funkhouser, H.; Lyman, E. G.; Huff, E. M.

1976-01-01

The origins and development of the NASA Aviation Safety Reporting System (ASRS) are briefly reviewed. The results of the first quarter's activity are summarized and discussed. Examples are given of bulletins describing potential air safety hazards, and the disposition of these bulletins. During the first quarter of operation, the ASRS received 1464 reports; 1407 provided data relevant to air safety. All reports are being processed for entry into the ASRS data base. During the reporting period, 130 alert bulletins describing possible problems in the aviation system were generated and disseminated. Responses were received from FAA and others regarding 108 of the alert bulletins. Action was being taken with respect to 70 of the 108 responses received. Further studies are planned of a number of areas, including human factors problems related to automation of the ground and airborne portions of the national aviation system.

Querying Safety Cases

NASA Technical Reports Server (NTRS)

Denney, Ewen W.; Naylor, Dwight; Pai, Ganesh

2014-01-01

Querying a safety case to show how the various stakeholders' concerns about system safety are addressed has been put forth as one of the benefits of argument-based assurance (in a recent study by the Health Foundation, UK, which reviewed the use of safety cases in safety-critical industries). However, neither the literature nor current practice offer much guidance on querying mechanisms appropriate for, or available within, a safety case paradigm. This paper presents a preliminary approach that uses a formal basis for querying safety cases, specifically Goal Structuring Notation (GSN) argument structures. Our approach semantically enriches GSN arguments with domain-specific metadata that the query language leverages, along with its inherent structure, to produce views. We have implemented the approach in our toolset AdvoCATE, and illustrate it by application to a fragment of the safety argument for an Unmanned Aircraft System (UAS) being developed at NASA Ames. We also discuss the potential practical utility of our query mechanism within the context of the existing framework for UAS safety assurance.

Health and safety management systems: liability or asset?

PubMed

Bennett, David

2002-01-01

Health and safety management systems have a background in theory and in various interests among employers and workplace health and safety professionals. These have resulted in a number of national systems emanating from national standard-writing centres and from employers' organizations. In some cases these systems have been recognized as national standards. The contenders for an international standard have been the International Organization of Standardization (ISO) and the International Labour Organization (ILO). The quality and environmental management systems of ISO indicate what an ISO health and safety management standard would look like. The ILO Guidelines on Safety and Health Management Systems, by contrast, are stringent, specific and potentially effective in improving health and safety performance in the workplace.

Application of a risk management system to improve drinking water safety.

PubMed

Jayaratne, Asoka

2008-12-01

The use of a comprehensive risk management framework is considered a very effective means of managing water quality risks. There are many risk-based systems available to water utilities such as ISO 9001 and Hazard Analysis and Critical Control Point (HACCP). In 2004, the World Health Organization's (WHO) Guidelines for Drinking Water Quality recommended the use of preventive risk management approaches to manage water quality risks. This paper describes the framework adopted by Yarra Valley Water for the development of its Drinking Water Quality Risk Management Plan incorporating HACCP and ISO 9001 systems and demonstrates benefits of Water Safety Plans such as HACCP. Copyright IWA Publishing 2008.

Using a quantitative risk register to promote learning from a patient safety reporting system.

PubMed

Mansfield, James G; Caplan, Robert A; Campos, John S; Dreis, David F; Furman, Cathie

2015-02-01

Patient safety reporting systems are now used in most health care delivery organizations. These systems, such as the one in use at Virginia Mason (Seattle) since 2002, can provide valuable reports of risk and harm from the front lines of patient care. In response to the challenge of how to quantify and prioritize safety opportunities, a risk register system was developed and implemented. Basic risk register concepts were refined to provide a systematic way to understand risks reported by staff. The risk register uses a comprehensive taxonomy of patient risk and algorithmically assigns each patient safety report to 1 of 27 risk categories in three major domains (Evaluation, Treatment, and Critical Interactions). For each category, a composite score was calculated on the basis of event rate, harm, and cost. The composite scores were used to identify the "top five" risk categories, and patient safety reports in these categories were analyzed in greater depth to find recurrent patterns of risk and associated opportunities for improvement. The top five categories of risk were easy to identify and had distinctive "profiles" of rate, harm, and cost. The ability to categorize and rank risks across multiple dimensions yielded insights not previously available. These results were shared with leadership and served as input for planning quality and safety initiatives. This approach provided actionable input for the strategic planning process, while at the same time strengthening the Virginia Mason culture of safety. The quantitative patient safety risk register serves as one solution to the challenge of extracting valuable safety lessons from large numbers of incident reports and could profitably be adopted by other organizations.

49 CFR 659.15 - System safety program standard.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 49 Transportation 7 2010-10-01 2010-10-01 false System safety program standard. 659.15 Section 659... ADMINISTRATION, DEPARTMENT OF TRANSPORTATION RAIL FIXED GUIDEWAY SYSTEMS; STATE SAFETY OVERSIGHT Role of the State Oversight Agency § 659.15 System safety program standard. (a) General requirement. Each state...

Recognizing nurse stakeholder dissonance as a critical determinant of patient safety in new healthcare information technologies.

PubMed

Samaras, Elizabeth A; Real, Sara D; Curtis, Amber M; Meunier, Tessa S

2012-01-01

Proper identification of all stakeholders and the comprehensive assessment of their evolving and often conflicting Needs, Wants, and Desires (NWDs) is a fundamental principle of human factors science and human-centered systems engineering; it is not yet a consistent element in development and deployment of new health information technologies (HIT). As the single largest group of healthcare professionals, nurses are critical stakeholders for these new technologies. Careful analysis can reveal nurse stakeholder dissonance (NSD) when integrating new technologies into the healthcare environment. Stakeholder dissonance is a term that describes the conflict between the NWDs of different stakeholders which, if left unresolved, can result in dissatisfaction, workarounds, errors, and threats to patient safety. Three case studies drawn from the authors' experience in a variety of acute-care settings where new HITs have been recently deployed are examined to illustrate the concept of NSD. Conflicting NWDs, other stakeholders, and possible root causes of the NSD are analyzed and mapped to threats to patient safety. Lessons learned, practical guidance for anticipating, identifying, and mitigating NSD, future research and implications for HFE and nursing practice are discussed.

Audit of radiology communication systems for critical, urgent, and unexpected significant findings.

PubMed

Duncan, K A; Drinkwater, K J; Dugar, N; Howlett, D C

2016-03-01

To determine the compliance of UK radiology departments and trusts/healthcare organisations with National Patient Safety Agency and Royal College of Radiologist's published guidance on the communication of critical, urgent, and unexpected significant radiological findings. A questionnaire was sent to all UK radiology department audit leads asking for details of their current departmental policy regarding the issuing of alerts; use of automated electronic alert systems; methods of notification of clinicians of critical, urgent, and unexpected significant radiological findings; monitoring of results receipt; and examples of the more common types of serious pathologies for which alerts were issued. One hundred and fifty-four of 229 departments (67%) responded. Eighty-eight percent indicated that they had a policy in place for the communication of critical, urgent, and unexpected significant radiological findings. Only 34% had an automated electronic alert system in place and only 17% had a facility for service-wide electronic tracking of radiology reports. In only 11 departments with an electronic acknowledgement system was someone regularly monitoring the read rate. There is wide variation in practice across the UK with regard to the communication and monitoring of reports with many departments/trusts not fully compliant with published UK guidance. Despite the widespread use of electronic systems, only a minority of departments/trusts have and use electronic tracking to ensure reports have been read and acted upon. Copyright © 2015 The Royal College of Radiologists. Published by Elsevier Ltd. All rights reserved.

Experimental criticality specifications. An annotated bibliography through 1977

DOE Office of Scientific and Technical Information (OSTI.GOV)

Paxton, H.C.

1978-05-01

The compilation of approximately 300 references gives sources of experimental criticality parameters of systems containing /sup 235/U, /sup 233/U, and /sup 239/Pu. The intent is to cover basic data for criticality safety applications. The references are arranged by subject.

Safety status system for operating room devices.

PubMed

Guédon, Annetje C P; Wauben, Linda S G L; Overvelde, Marlies; Blok, Joleen H; van der Elst, Maarten; Dankelman, Jenny; van den Dobbelsteen, John J

2014-01-01

Since the increase of the number of technological aids in the operating room (OR), equipment-related incidents have come to be a common kind of adverse events. This underlines the importance of adequate equipment management to improve the safety in the OR. A system was developed to monitor the safety status (periodic maintenance and registered malfunctions) of OR devices and to facilitate the notification of malfunctions. The objective was to assess whether the system is suitable for use in an busy OR setting and to analyse its effect on the notification of malfunctions. The system checks automatically the safety status of OR devices through constant communication with the technical facility management system, informs the OR staff real-time and facilitates notification of malfunctions. The system was tested for a pilot period of six months in four ORs of a Dutch teaching hospital and 17 users were interviewed on the usability of the system. The users provided positive feedback on the usability. For 86.6% of total time, the localisation of OR devices was accurate. 62 malfunctions of OR devices were reported, an increase of 12 notifications compared to the previous year. The safety status system was suitable for an OR complex, both from a usability and technical point of view, and an increase of reported malfunctions was observed. The system eases monitoring the safety status of equipment and is a promising tool to improve the safety related to OR devices.

Cascade Distillation System Design for Safety and Mission Assurance

NASA Technical Reports Server (NTRS)

Sargusingh, Miriam J.; Callahan, Michael R.

2015-01-01

Per the NASA Human Health, Life Support and Habitation System Technology Area 06 report "crewed missions venturing beyond Low-Earth Orbit (LEO) will require technologies with improved reliability, reduced mass, self-sufficiency, and minimal logistical needs as an emergency or quick-return option will not be feasible." To meet this need, the development team of the second generation Cascade Distillation System (CDS 2.0) opted a development approach that explicitely incorporate consideration of safety, mission assurance, and autonomy. The CDS 2.0 prelimnary design focused on establishing a functional baseline that meets the CDS core capabilities and performance. The critical design phase is now focused on incorporating features through a deliberative process of establishing the systems failure modes and effects, identifying mitigative strategies, and evaluating the merit of the proposed actions through analysis and test. This paper details results of this effort on the CDS 2.0 design.

Cascade Distillation System Design for Safety and Mission Assurance

NASA Technical Reports Server (NTRS)

Sarguisingh, Miriam; Callahan, Michael R.; Okon, Shira

2015-01-01

Per the NASA Human Health, Life Support and Habitation System Technology Area 06 report "crewed missions venturing beyond Low-Earth Orbit (LEO) will require technologies with improved reliability, reduced mass, self-sufficiency, and minimal logistical needs as an emergency or quick-return option will not be feasible".1 To meet this need, the development team of the second generation Cascade Distillation System (CDS 2.0) chose a development approach that explicitly incorporate consideration of safety, mission assurance, and autonomy. The CDS 2.0 preliminary design focused on establishing a functional baseline that meets the CDS core capabilities and performance. The critical design phase is now focused on incorporating features through a deliberative process of establishing the systems failure modes and effects, identifying mitigation strategies, and evaluating the merit of the proposed actions through analysis and test. This paper details results of this effort on the CDS 2.0 design.

49 CFR 659.15 - System safety program standard.

Code of Federal Regulations, 2011 CFR

2011-10-01

... included in the affected rail transit agency's system safety program plan relating to the hazard management... 49 Transportation 7 2011-10-01 2011-10-01 false System safety program standard. 659.15 Section 659... ADMINISTRATION, DEPARTMENT OF TRANSPORTATION RAIL FIXED GUIDEWAY SYSTEMS; STATE SAFETY OVERSIGHT Role of the...

46 CFR 62.25-15 - Safety control systems.

Code of Federal Regulations, 2012 CFR

2012-10-01

... manual safety trip controls must be provided for all main boilers, turbines, and internal combustion... 46 Shipping 2 2012-10-01 2012-10-01 false Safety control systems. 62.25-15 Section 62.25-15... AUTOMATION General Requirements for All Automated Vital Systems § 62.25-15 Safety control systems. (a...

46 CFR 62.25-15 - Safety control systems.

Code of Federal Regulations, 2013 CFR

2013-10-01

... manual safety trip controls must be provided for all main boilers, turbines, and internal combustion... 46 Shipping 2 2013-10-01 2013-10-01 false Safety control systems. 62.25-15 Section 62.25-15... AUTOMATION General Requirements for All Automated Vital Systems § 62.25-15 Safety control systems. (a...

46 CFR 62.25-15 - Safety control systems.

Code of Federal Regulations, 2014 CFR

2014-10-01

... manual safety trip controls must be provided for all main boilers, turbines, and internal combustion... 46 Shipping 2 2014-10-01 2014-10-01 false Safety control systems. 62.25-15 Section 62.25-15... AUTOMATION General Requirements for All Automated Vital Systems § 62.25-15 Safety control systems. (a...

Predicting Fatigue and Psychophysiological Test Performance from Speech for Safety-Critical Environments.

PubMed

Baykaner, Khan Richard; Huckvale, Mark; Whiteley, Iya; Andreeva, Svetlana; Ryumin, Oleg

2015-01-01

Automatic systems for estimating operator fatigue have application in safety-critical environments. A system which could estimate level of fatigue from speech would have application in domains where operators engage in regular verbal communication as part of their duties. Previous studies on the prediction of fatigue from speech have been limited because of their reliance on subjective ratings and because they lack comparison to other methods for assessing fatigue. In this paper, we present an analysis of voice recordings and psychophysiological test scores collected from seven aerospace personnel during a training task in which they remained awake for 60 h. We show that voice features and test scores are affected by both the total time spent awake and the time position within each subject's circadian cycle. However, we show that time spent awake and time-of-day information are poor predictors of the test results, while voice features can give good predictions of the psychophysiological test scores and sleep latency. Mean absolute errors of prediction are possible within about 17.5% for sleep latency and 5-12% for test scores. We discuss the implications for the use of voice as a means to monitor the effects of fatigue on cognitive performance in practical applications.

Predicting Fatigue and Psychophysiological Test Performance from Speech for Safety-Critical Environments

PubMed Central

Baykaner, Khan Richard; Huckvale, Mark; Whiteley, Iya; Andreeva, Svetlana; Ryumin, Oleg

2015-01-01

Automatic systems for estimating operator fatigue have application in safety-critical environments. A system which could estimate level of fatigue from speech would have application in domains where operators engage in regular verbal communication as part of their duties. Previous studies on the prediction of fatigue from speech have been limited because of their reliance on subjective ratings and because they lack comparison to other methods for assessing fatigue. In this paper, we present an analysis of voice recordings and psychophysiological test scores collected from seven aerospace personnel during a training task in which they remained awake for 60 h. We show that voice features and test scores are affected by both the total time spent awake and the time position within each subject’s circadian cycle. However, we show that time spent awake and time-of-day information are poor predictors of the test results, while voice features can give good predictions of the psychophysiological test scores and sleep latency. Mean absolute errors of prediction are possible within about 17.5% for sleep latency and 5–12% for test scores. We discuss the implications for the use of voice as a means to monitor the effects of fatigue on cognitive performance in practical applications. PMID:26380259

Systems pharmacology augments drug safety surveillance

PubMed Central

Lorberbaum, Tal; Nasir, Mavra; Keiser, Michael J.; Vilar, Santiago; Hripcsak, George; Tatonetti, Nicholas P.

2014-01-01

Small molecule drugs are the foundation of modern medical practice yet their use is limited by the onset of unexpected and severe adverse events (AEs). Regulatory agencies rely on post-marketing surveillance to monitor safety once drugs are approved for clinical use. Despite advances in pharmacovigilance methods that address issues of confounding bias, clinical data of AEs are inherently noisy. Systems pharmacology– the integration of systems biology and chemical genomics – can illuminate drug mechanisms of action. We hypothesize that these data can improve drug safety surveillance by highlighting drugs with a mechanistic connection to the target phenotype (enriching true positives) and filtering those that do not (depleting false positives). We present an algorithm, the modular assembly of drug safety subnetworks (MADSS), to combine systems pharmacology and pharmacovigilance data and significantly improve drug safety monitoring for four clinically relevant adverse drug reactions. PMID:25670520

Trinity cable safety system.

DOT National Transportation Integrated Search

2007-01-31

Cab1eSafety System (CASS).is being tested by the Oklahoma Department of Transportation (ODOT) along I-35 in McClain County. CASS will be compare with two other system approve by ODOT. Using C-shaped post tensioned cables, CASS is designed to...

The Campus Safety Imperative: A Qualitative Study of A State Higher Education System's Initiatives to Respond to Violence on Campus

ERIC Educational Resources Information Center

Atkins, Kemal M.

2017-01-01

Crisis management is a critical issue facing higher education. Higher education leaders and campus safety advocates agree that the Virginia Tech massacre changed perceptions and approaches to campus safety at colleges and universities nationally. In the University of North Carolina System, it was the two murders of University of North Carolina at…

Energy Neutral Wireless Bolt for Safety Critical Fastening

PubMed Central

Seyoum, Biruk B.

2017-01-01

Thermoelectric generators (TEGs) are now capable of powering the abundant low power electronics from very small (just a few degrees Celsius) temperature gradients. This factor along with the continuously lowering cost and size of TEGs, has contributed to the growing number of miniaturized battery-free sensor modules powered by TEGs. In this article, we present the design of an ambient-powered wireless bolt for high-end electro-mechanical systems. The bolt is equipped with a temperature sensor and a low power RF chip powered from a TEG. A DC-DC converter interfacing the TEG with the RF chip is used to step-up the low TEG voltage. The work includes the characterizations of different TEGs and DC-DC converters to determine the optimal design based on the amount of power that can be generated from a TEG under different loads and at temperature gradients typical of industrial environments. A prototype system was implemented and the power consumption of this system under different conditions was also measured. Results demonstrate that the power generated by the TEG at very low temperature gradients is sufficient to guarantee continuous wireless monitoring of the critical fasteners in critical systems such as avionics, motorsport and aerospace. PMID:28954432

Energy Neutral Wireless Bolt for Safety Critical Fastening.

PubMed

Seyoum, Biruk B; Rossi, Maurizio; Brunelli, Davide

2017-09-26

Thermoelectric generators (TEGs) are now capable of powering the abundant low power electronics from very small (just a few degrees Celsius) temperature gradients. This factor along with the continuously lowering cost and size of TEGs, has contributed to the growing number of miniaturized battery-free sensor modules powered by TEGs. In this article, we present the design of an ambient-powered wireless bolt for high-end electro-mechanical systems. The bolt is equipped with a temperature sensor and a low power RF chip powered from a TEG. A DC-DC converter interfacing the TEG with the RF chip is used to step-up the low TEG voltage. The work includes the characterizations of different TEGs and DC-DC converters to determine the optimal design based on the amount of power that can be generated from a TEG under different loads and at temperature gradients typical of industrial environments. A prototype system was implemented and the power consumption of this system under different conditions was also measured. Results demonstrate that the power generated by the TEG at very low temperature gradients is sufficient to guarantee continuous wireless monitoring of the critical fasteners in critical systems such as avionics, motorsport and aerospace.

Racial/ethnic differences in obesity and comorbidities between safety-net- and non safety-net integrated health systems

PubMed Central

Balasubramanian, Bijal A.; Garcia, Michael P.; Corley, Douglas A.; Doubeni, Chyke A.; Haas, Jennifer S.; Kamineni, Aruna; Quinn, Virginia P.; Wernli, Karen; Zheng, Yingye; Skinner, Celette Sugg

2017-01-01

Abstract Previous research shows that patients in integrated health systems experience fewer racial disparities compared with more traditional healthcare systems. Little is known about patterns of racial/ethnic disparities between safety-net and non safety-net integrated health systems. We evaluated racial/ethnic differences in body mass index (BMI) and the Charlson comorbidity index from 3 non safety-net- and 1 safety-net integrated health systems in a cross-sectional study. Multinomial logistic regression modeled comorbidity and BMI on race/ethnicity and health care system type adjusting for age, sex, insurance, and zip-code-level income The study included 1.38 million patients. Higher proportions of safety-net versus non safety-net patients had comorbidity score of 3+ (11.1% vs. 5.0%) and BMI ≥35 (27.7% vs. 15.8%). In both types of systems, blacks and Hispanics were more likely than whites to have higher BMIs. Whites were more likely than blacks or Hispanics to have higher comorbidity scores in a safety net system, but less likely to have higher scores in the non safety-nets. The odds of comorbidity score 3+ and BMI 35+ in blacks relative to whites were significantly lower in safety-net than in non safety-net settings. Racial/ethnic differences were present within both safety-net and non safety-net integrated health systems, but patterns differed. Understanding patterns of racial/ethnic differences in health outcomes in safety-net and non safety-net integrated health systems is important to tailor interventions to eliminate racial/ethnic disparities in health and health care. PMID:28296752

49 CFR 385.715 - Duration of safety monitoring system.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 49 Transportation 5 2011-10-01 2011-10-01 false Duration of safety monitoring system. 385.715... SAFETY FITNESS PROCEDURES Safety Monitoring System for Non-North American Carriers § 385.715 Duration of safety monitoring system. (a) Each non-North America-domiciled carrier subject to this subpart will...

49 CFR 385.117 - Duration of safety monitoring system.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 49 Transportation 5 2010-10-01 2010-10-01 false Duration of safety monitoring system. 385.117... SAFETY FITNESS PROCEDURES Safety Monitoring System for Mexico-Domiciled Carriers § 385.117 Duration of safety monitoring system. (a) Each Mexico-domiciled carrier subject to this subpart will remain in the...

49 CFR 385.117 - Duration of safety monitoring system.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 49 Transportation 5 2011-10-01 2011-10-01 false Duration of safety monitoring system. 385.117... SAFETY FITNESS PROCEDURES Safety Monitoring System for Mexico-Domiciled Carriers § 385.117 Duration of safety monitoring system. (a) Each Mexico-domiciled carrier subject to this subpart will remain in the...

49 CFR 385.715 - Duration of safety monitoring system.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 49 Transportation 5 2010-10-01 2010-10-01 false Duration of safety monitoring system. 385.715... SAFETY FITNESS PROCEDURES Safety Monitoring System for Non-North American Carriers § 385.715 Duration of safety monitoring system. (a) Each non-North America-domiciled carrier subject to this subpart will...

Safety Criticality Standards Using the French CRISTAL Code Package: Application to the AREVA NP UO{sub 2} Fuel Fabrication Plant

DOE Office of Scientific and Technical Information (OSTI.GOV)

Doucet, M.; Durant Terrasson, L.; Mouton, J.

2006-07-01

Criticality safety evaluations implement requirements to proof of sufficient sub critical margins outside of the reactor environment for example in fuel fabrication plants. Basic criticality data (i.e., criticality standards) are used in the determination of sub critical margins for all processes involving plutonium or enriched uranium. There are several criticality international standards, e.g., ARH-600, which is one the US nuclear industry relies on. The French Nuclear Safety Authority (DGSNR and its advising body IRSN) has requested AREVA NP to review the criticality standards used for the evaluation of its Low Enriched Uranium fuel fabrication plants with CRISTAL V0, the recentlymore » updated French criticality evaluation package. Criticality safety is a concern for every phase of the fabrication process including UF{sub 6} cylinder storage, UF{sub 6}-UO{sub 2} conversion, powder storage, pelletizing, rod loading, assembly fabrication, and assembly transportation. Until 2003, the accepted criticality standards were based on the French CEA work performed in the late seventies with the APOLLO1 cell/assembly computer code. APOLLO1 is a spectral code, used for evaluating the basic characteristics of fuel assemblies for reactor physics applications, which has been enhanced to perform criticality safety calculations. Throughout the years, CRISTAL, starting with APOLLO1 and MORET 3 (a 3D Monte Carlo code), has been improved to account for the growth of its qualification database and for increasing user requirements. Today, CRISTAL V0 is an up-to-date computational tool incorporating a modern basic microscopic cross section set based on JEF2.2 and the comprehensive APOLLO2 and MORET 4 codes. APOLLO2 is well suited for criticality standards calculations as it includes a sophisticated self shielding approach, a P{sub ij} flux determination, and a 1D transport (S{sub n}) process. CRISTAL V0 is the result of more than five years of development work focusing on

Overview of Energy Systems` safety analysis report programs. Safety Analysis Report Update Program

DOE Office of Scientific and Technical Information (OSTI.GOV)

Not Available

1992-03-01

The primary purpose of an Safety Analysis Report (SAR) is to provide a basis for judging the adequacy of a facility`s safety. The SAR documents the safety analyses that systematically identify the hazards posed by the facility, analyze the consequences and risk of potential accidents, and describe hazard control measures that protect the health and safety of the public and employees. In addition, some SARs document, as Technical Safety Requirements (TSRs, which include Technical Specifications and Operational Safety Requirements), technical and administrative requirements that ensure the facility is operated within prescribed safety limits. SARs also provide conveniently summarized information thatmore » may be used to support procedure development, training, inspections, and other activities necessary to facility operation. This ``Overview of Energy Systems Safety Analysis Report Programs`` Provides an introduction to the programs and processes used in the development and maintenance of the SARs. It also summarizes some of the uses of the SARs within Energy Systems and DOE.« less

Safety System Design for Technology Education. A Safety Guide for Technology Education Courses K-12.

ERIC Educational Resources Information Center

North Carolina State Dept. of Public Instruction, Raleigh. Div. of Vocational Education.

This manual is designed to involve both teachers and students in planning and controlling a safety system for technology education classrooms. The safety program involves students in the design and maintenance of the system by including them in the analysis of the classroom environment, job safety analysis, safety inspection, and machine safety…

Fostering Future Leadership in Quality and Safety in Health Care through Systems Thinking.

PubMed

Phillips, Janet M; Stalter, Ann M; Dolansky, Mary A; Lopez, Gloria McKee

2016-01-01

There is a critical need for leadership in quality and safety to reform today's disparate spectrum of health services to serve patients in complex health care environments. Nurse graduates of degree completion programs (registered nurse-bachelor of science in nursing [RN-BSN]) are poised for leadership due to their recent education and nursing practice experience. The authors propose that integration of systems thinking into RN-BSN curricula is essential for developing these much needed leadership skills. The purpose of this article is to introduce progressive teaching strategies to help nurse educators achieve the student competencies described in the second essential of the BSN Essentials document (American Association of Colleges of Nursing, 2009), linking them with the competencies in Quality and Safety Education for Nurses (QSEN; L. Cronenwett et al., 2007) using an author-created model for curricular design, the Systems-level Awareness Model. The Systems Thinking Tool (M. A. Dolansky & S. M. Moore, 2013) can be used to evaluate systems thinking in the RN-BSN curriculum. Copyright © 2016 Elsevier Inc. All rights reserved.

Critical care nursing: Embedded complex systems.

PubMed

Trinier, Ruth; Liske, Lori; Nenadovic, Vera

2016-01-01

Variability in parameters such as heart rate, respiratory rate and blood pressure defines healthy physiology and the ability of the person to adequately respond to stressors. Critically ill patients have lost this variability and require highly specialized nursing care to support life and monitor changes in condition. The critical care environment is a dynamic system through which information flows. The critical care unit is typically designed as a tree structure with generally one attending physician and multiple nurses and allied health care professionals. Information flow through the system allows for identification of deteriorating patient status and timely interventionfor rescue from further deleterious effects. Nurses provide the majority of direct patient care in the critical care setting in 2:1, 1:1 or 1:2 nurse-to-patient ratios. The bedside nurse-critically ill patient relationship represents the primary, real-time feedback loop of information exchange, monitoring and treatment. Variables that enhance information flow through this loop and support timely nursing intervention can improve patient outcomes, while barriers can lead to errors and adverse events. Examining patient information flow in the critical care environment from a dynamic systems perspective provides insights into how nurses deliver effective patient care and prevent adverse events.

Implementation Procedure for STS Payloads, System Safety Requirements

NASA Technical Reports Server (NTRS)

1979-01-01

Guidelines and instructions for the implementation of the SP&R system safety requirements applicable to STS payloads are provided. The initial contact meeting with the payload organization and the subsequent safety reviews necessary to comply with the system safety requirements of the SP&R document are described. Waiver instructions are included for the cases in which a safety requirement cannot be met.

NASA aviation safety reporting system

NASA Technical Reports Server (NTRS)

1979-01-01

The human factors frequency considered a cause of or contributor to hazardous events onboard air carriers are examined with emphasis on distractions. Safety reports that have been analyzed, processed, and entered into the aviation safety reporting system data base are discussed. A sampling of alert bulletins and responses to them is also presented.

Analysis of Aviation Safety Reporting System Incident Data Associated with the Technical Challenges of the System-Wide Safety and Assurance Technologies Project

NASA Technical Reports Server (NTRS)

Withrow, Colleen A.; Reveley, Mary S.

2015-01-01

The Aviation Safety Program (AvSP) System-Wide Safety and Assurance Technologies (SSAT) Project asked the AvSP Systems and Portfolio Analysis Team to identify SSAT-related trends. SSAT had four technical challenges: advance safety assurance to enable deployment of NextGen systems; automated discovery of precursors to aviation safety incidents; increasing safety of human-automation interaction by incorporating human performance, and prognostic algorithm design for safety assurance. This report reviews incident data from the NASA Aviation Safety Reporting System (ASRS) for system-component-failure- or-malfunction- (SCFM-) related and human-factor-related incidents for commercial or cargo air carriers (Part 121), commuter airlines (Part 135), and general aviation (Part 91). The data was analyzed by Federal Aviation Regulations (FAR) part, phase of flight, SCFM category, human factor category, and a variety of anomalies and results. There were 38 894 SCFM-related incidents and 83 478 human-factorrelated incidents analyzed between January 1993 and April 2011.

14 CFR 415.131 - Flight safety system crew data.

Code of Federal Regulations, 2014 CFR

2014-01-01

... 14 Aeronautics and Space 4 2014-01-01 2014-01-01 false Flight safety system crew data. 415.131... Launch Vehicle From a Non-Federal Launch Site § 415.131 Flight safety system crew data. (a) An applicant's safety review document must identify each flight safety system crew position and the role of that...

Factors influencing workers to follow food safety management systems in meat plants in Ontario, Canada.

PubMed

Ball, Brita; Wilcock, Anne; Aung, May

2009-06-01

Small and medium sized food businesses have been slow to adopt food safety management systems (FSMSs) such as good manufacturing practices and Hazard Analysis Critical Control Point (HACCP). This study identifies factors influencing workers in their implementation of food safety practices in small and medium meat processing establishments in Ontario, Canada. A qualitative approach was used to explore in-plant factors that influence the implementation of FSMSs. Thirteen in-depth interviews in five meat plants and two focus group interviews were conducted. These generated 219 pages of verbatim transcripts which were analysed using NVivo 7 software. Main themes identified in the data related to production systems, organisational characteristics and employee characteristics. A socio-psychological model based on the theory of planned behaviour is proposed to describe how these themes and underlying sub-themes relate to FSMS implementation. Addressing the various factors that influence production workers is expected to enhance FSMS implementation and increase food safety.

Cushion System for Multi-Use Child Safety Seat

NASA Technical Reports Server (NTRS)

Dabney, Richard W. (Inventor); Elrod, Susan V. (Inventor)

2007-01-01

A cushion system for use with a child safety seat has a plurality of bladders assembled to form a seat cushion that cooperates with the seat's safety harness. One or more sensors coupled to the safety harness sense tension therein and generate a signal indicative of the tension. Each of the bladders is individually pressurized by a pressurization system to define a support configuration of the seat cushion. The pressurization system is disabled when tension in the safety harness has attained a threshold level.

Cushion system for multi-use child safety seat

NASA Technical Reports Server (NTRS)

Elrod, Susan V. (Inventor); Dabney, Richard W. (Inventor)

2007-01-01

A cushion system for use with a child safety seat has a plurality of bladders assembled to form a seat cushion that cooperates with the seat's safety harness. One or more sensors coupled to the safety harness sense tension therein and generate a signal indicative of the tension. Each of the bladders is individually pressurized by a pressurization system to define a support configuration of the seat cushion. The pressurization system is disabled when tension in the safety harness has attained a threshold level.

Local Food Systems Food Safety Concerns.

PubMed

Chapman, Benjamin; Gunter, Chris

2018-04-01

Foodborne disease causes an estimated 48 million illnesses and 3,000 deaths annually (Scallan E, et al., Emerg Infect Dis 17:7-15, 2011), with U.S. economic costs estimated at $152 billion to $1.4 trillion annually (Roberts T, Am J Agric Econ 89:1183-1188, 2007; Scharff RL, http://www.pewtrusts.org/en/research-and-analysis/reports/0001/01/01/healthrelated-costs-from-foodborne-illness-in-the-united-states, 2010). An increasing number of these illnesses are associated with fresh fruits and vegetables. An analysis of outbreaks from 1990 to 2003 found that 12% of outbreaks and 20% of outbreak-related illnesses were associated with produce (Klein S, Smith DeWaal CS, Center for Science in the Public Interest, https://cspinet.org/sites/default/files/attachment/ddreport.pdf, June 2008; Lynch M, Tauxe R, Hedberg C, Epidemiol Infect 137:307-315, 2009). These food safety problems have resulted in various stakeholders recommending the shift to a more preventative and risk-based food safety system. A modern risk-based food safety system takes a farm-to-fork preventative approach to food safety and relies on the proactive collection and analysis of data to better understand potential hazards and risk factors, to design and evaluate interventions, and to prioritize prevention efforts. Such a system focuses limited resources at the points in the food system with the likelihood of having greatest benefit to public health. As shared kitchens, food hubs, and local food systems such as community supported agriculture are becoming more prevalent throughout the United States, so are foodborne illness outbreaks at these locations. At these locations, many with limited resources, food safety methods of prevention are rarely the main focus. This lack of focus on food safety knowledge is why a growing number of foodborne illness outbreaks are occurring at these locations.

Self-Organized Criticality Systems

NASA Astrophysics Data System (ADS)

Aschwanden, M. J.

2013-07-01

Contents: (1) Introduction - Norma B. Crosby --- (2) Theoretical Models of SOC Systems - Markus J. Aschwanden --- (3) SOC and Fractal Geometry - R. T. James McAteer --- (4) Percolation Models of Self-Organized Critical Phenomena - Alexander V. Milovanov --- (5) Criticality and Self-Organization in Branching Processes: Application to Natural Hazards - Álvaro Corral, Francesc Font-Clos --- (6) Power Laws of Recurrence Networks - Yong Zou, Jobst Heitzig, Jürgen Kurths --- (7) SOC computer simolations - Gunnar Pruessner --- (8) SOC Laboratory Experiments - Gunnar Pruessner --- (9) Self-Organizing Complex Earthquakes: Scaling in Data, Models, and Forecasting - Michael K. Sachs et al. --- (10) Wildfires and the Forest-Fire Model - Stefan Hergarten --- (11) SOC in Landslides - Stefan Hergarten --- (12) SOC and Solar Flares - Paul Charbonneau --- (13) SOC Systems in Astrophysics - Markus J. Aschwanden ---

Understanding patient safety performance and educational needs using the 'Safety-II' approach for complex systems.

PubMed

McNab, Duncan; Bowie, Paul; Morrison, Jill; Ross, Alastair

2016-11-01

Participation in projects to improve patient safety is a key component of general practice (GP) specialty training, appraisal and revalidation. Patient safety training priorities for GPs at all career stages are described in the Royal College of General Practitioners' curriculum. Current methods that are taught and employed to improve safety often use a 'find-and-fix' approach to identify components of a system (including humans) where performance could be improved. However, the complex interactions and inter-dependence between components in healthcare systems mean that cause and effect are not always linked in a predictable manner. The Safety-II approach has been proposed as a new way to understand how safety is achieved in complex systems that may improve quality and safety initiatives and enhance GP and trainee curriculum coverage. Safety-II aims to maximise the number of events with a successful outcome by exploring everyday work. Work-as-done often differs from work-as-imagined in protocols and guidelines and various ways to achieve success, dependent on work conditions, may be possible. Traditional approaches to improve the quality and safety of care often aim to constrain variability but understanding and managing variability may be a more beneficial approach. The application of a Safety-II approach to incident investigation, quality improvement projects, prospective analysis of risk in systems and performance indicators may offer improved insight into system performance leading to more effective change. The way forward may be to combine the Safety-II approach with 'traditional' methods to enhance patient safety training, outcomes and curriculum coverage.

NASA aviation safety reporting system

NASA Technical Reports Server (NTRS)

1977-01-01

During the third quarter of operation of the Aviation Safety Reporting System (ASRS), 1429 reports concerning aviation safety were received from pilots, air traffic controllers, and others in the national aviation system. Details of the administration and results of the program are discussed. The design and construction of the ASRS data base are briefly presented. Altitude deviations and potential aircraft conflicts associated with misunderstood clearances were studied and the results are discussed. Summary data regarding alert bulletins, examples of alert bulletins and responses to them, and a sample of deidentified ASRS reports are provided.

Scheduling Real-Time Mixed-Criticality Jobs

NASA Astrophysics Data System (ADS)

Baruah, Sanjoy K.; Bonifaci, Vincenzo; D'Angelo, Gianlorenzo; Li, Haohan; Marchetti-Spaccamela, Alberto; Megow, Nicole; Stougie, Leen

Many safety-critical embedded systems are subject to certification requirements; some systems may be required to meet multiple sets of certification requirements, from different certification authorities. Certification requirements in such "mixed-criticality" systems give rise to interesting scheduling problems, that cannot be satisfactorily addressed using techniques from conventional scheduling theory. In this paper, we study a formal model for representing such mixed-criticality workloads. We demonstrate first the intractability of determining whether a system specified in this model can be scheduled to meet all its certification requirements, even for systems subject to two sets of certification requirements. Then we quantify, via the metric of processor speedup factor, the effectiveness of two techniques, reservation-based scheduling and priority-based scheduling, that are widely used in scheduling such mixed-criticality systems, showing that the latter of the two is superior to the former. We also show that the speedup factors are tight for these two techniques.

Why Mission-Critical Systems Are Critical to the Future of Academic Libraries

ERIC Educational Resources Information Center

Oberlander, Cyril

2012-01-01

A mission-critical system is one that is so intertwined with the operation of an organization that the organization can scarcely function without it. Just as in corporations, mission-critical library systems offer the capability to unlock talent and time. They are essential to the transformation of higher education and the learning environment. A…

Discrete Abstractions of Hybrid Systems: Verification of Safety and Application to User-Interface Design

NASA Technical Reports Server (NTRS)

Oishi, Meeko; Tomlin, Claire; Degani, Asaf

2003-01-01

Human interaction with complex hybrid systems involves the user, the automation's discrete mode logic, and the underlying continuous dynamics of the physical system. Often the user-interface of such systems displays a reduced set of information about the entire system. In safety-critical systems, how can we identify user-interface designs which do not have adequate information, or which may confuse the user? Here we describe a methodology, based on hybrid system analysis, to verify that a user-interface contains information necessary to safely complete a desired procedure or task. Verification within a hybrid framework allows us to account for the continuous dynamics underlying the simple, discrete representations displayed to the user. We provide two examples: a car traveling through a yellow light at an intersection and an aircraft autopilot in a landing/go-around maneuver. The examples demonstrate the general nature of this methodology, which is applicable to hybrid systems (not fully automated) which have operational constraints we can pose in terms of safety. This methodology differs from existing work in hybrid system verification in that we directly account for the user's interactions with the system.

System Safety in an IT Service Organization

NASA Astrophysics Data System (ADS)

Parsons, Mike; Scutt, Simon

Within Logica UK, over 30 IT service projects are considered safetyrelated. These include operational IT services for airports, railway infrastructure asset management, nationwide radiation monitoring and hospital medical records services. A recent internal audit examined the processes and documents used to manage system safety on these services and made a series of recommendations for improvement. This paper looks at the changes and the challenges to introducing them, especially where the service is provided by multiple units supporting both safety and non-safety related services from multiple locations around the world. The recommendations include improvements to service agreements, improved process definitions, routine safety assessment of changes, enhanced call logging, improved staff competency and training, and increased safety awareness. Progress is reported as of today, together with a road map for implementation of the improvements to the service safety management system. A proposal for service assurance levels (SALs) is discussed as a way forward to cover the wide variety of services and associated safety risks.

PFP Public Automatic Exchange (PAX) Commercial Grade Item (CGI) Critical Characteristics

DOE Office of Scientific and Technical Information (OSTI.GOV)

WHITE, W.F.

2000-04-04

This document specifies the critical characteristics for Commercial Grade Items (CGI) procured for use within the safety envelope of PFP's PAX system as required by HNF-PRO-268 and HNF-PRO-1819. These are the minimum specifications that the equipment must meet in order to properly perform its safety function. There may be several manufacturers or models that meet the critical characteristics for any one item.

Surveying wearable human assistive technology for life and safety critical applications: standards, challenges and opportunities.

PubMed

Alam, Muhammad Mahtab; Ben Hamida, Elyes

2014-05-23

In this survey a new application paradigm life and safety for critical operations and missions using wearable Wireless Body Area Networks (WBANs) technology is introduced. This paradigm has a vast scope of applications, including disaster management, worker safety in harsh environments such as roadside and building workers, mobile health monitoring, ambient assisted living and many more. It is often the case that during the critical operations and the target conditions, the existing infrastructure is either absent, damaged or overcrowded. In this context, it is envisioned that WBANs will enable the quick deployment of ad-hoc/on-the-fly communication networks to help save many lives and ensuring people's safety. However, to understand the applications more deeply and their specific characteristics and requirements, this survey presents a comprehensive study on the applications scenarios, their context and specific requirements. It explores details of the key enabling standards, existing state-of-the-art research studies, and projects to understand their limitations before realizing aforementioned applications. Application-specific challenges and issues are discussed comprehensively from various perspectives and future research and development directions are highlighted as an inspiration for new innovative solutions. To conclude, this survey opens up a good opportunity for companies and research centers to investigate old but still new problems, in the realm of wearable technologies, which are increasingly evolving and getting more and more attention recently.

Surveying Wearable Human Assistive Technology for Life and Safety Critical Applications: Standards, Challenges and Opportunities

PubMed Central

Alam, Muhammad Mahtab; Ben Hamida, Elyes

2014-01-01

In this survey a new application paradigm life and safety for critical operations and missions using wearable Wireless Body Area Networks (WBANs) technology is introduced. This paradigm has a vast scope of applications, including disaster management, worker safety in harsh environments such as roadside and building workers, mobile health monitoring, ambient assisted living and many more. It is often the case that during the critical operations and the target conditions, the existing infrastructure is either absent, damaged or overcrowded. In this context, it is envisioned that WBANs will enable the quick deployment of ad-hoc/on-the-fly communication networks to help save many lives and ensuring people's safety. However, to understand the applications more deeply and their specific characteristics and requirements, this survey presents a comprehensive study on the applications scenarios, their context and specific requirements. It explores details of the key enabling standards, existing state-of-the-art research studies, and projects to understand their limitations before realizing aforementioned applications. Application-specific challenges and issues are discussed comprehensively from various perspectives and future research and development directions are highlighted as an inspiration for new innovative solutions. To conclude, this survey opens up a good opportunity for companies and research centers to investigate old but still new problems, in the realm of wearable technologies, which are increasingly evolving and getting more and more attention recently. PMID:24859024

Aviation Safety Reporting System: Process and Procedures

NASA Technical Reports Server (NTRS)

Connell, Linda J.

1997-01-01

The Aviation Safety Reporting System (ASRS) was established in 1976 under an agreement between the Federal Aviation Administration (FAA) and the National Aeronautics and Space Administration (NASA). This cooperative safety program invites pilots, air traffic controllers, flight attendants, maintenance personnel, and others to voluntarily report to NASA any aviation incident or safety hazard. The FAA provides most of the program funding. NASA administers the program, sets its policies in consultation with the FAA and aviation community, and receives the reports submitted to the program. The FAA offers those who use the ASRS program two important reporting guarantees: confidentiality and limited immunity. Reports sent to ASRS are held in strict confidence. More than 350,000 reports have been submitted since the program's beginning without a single reporter's identity being revealed. ASRS removes all personal names and other potentially identifying information before entering reports into its database. This system is a very successful, proof-of-concept for gathering safety data in order to provide timely information about safety issues. The ASRS information is crucial to aviation safety efforts both nationally and internationally. It can be utilized as the first step in safety by providing the direction and content to informed policies, procedures, and research, especially human factors. The ASRS process and procedures will be presented as one model of safety reporting feedback systems.

Survey to identify depth of penetration of critical incident reporting systems in Austrian healthcare facilities

PubMed Central

Sendlhofer, Gerald; Eder, Harald; Leitgeb, Karina; Gorges, Roland; Jakse, Heidelinde; Raiger, Marianne; Türk, Silvia; Petschnig, Walter; Pregartner, Gudrun; Kamolz, Lars-Peter; Brunner, Gernot

2018-01-01

Incident reporting systems or so-called critical incident reporting systems (CIRS) were first recommended for use in health care more than 15 years ago. The uses of these CIRS are highly variable among countries, ranging from being used to report critical incidents, falls, or sentinel events resulting in death. In Austria, CIRS have only been introduced to the health care sector relatively recently. The goal of this work, therefore, was to determine whether and specifically how CIRS are used in Austria. A working group from the Austrian Society for Quality and Safety in Healthcare (ASQS) developed a survey on the topic of CIRS to collect information on penetration of CIRS in general and on how CIRS reports are used to increase patient safety. Three hundred seventy-one health care professionals from 274 health care facilities were contacted via e-mail. Seventy-eight respondents (21.0%) completed the online survey, thereof 66 from hospitals and 12 from other facilities (outpatient clinics, nursing homes). In all, 64.1% of the respondents indicated that CIRS were used in the entire health care facility; 20.6% had not yet introduced CIRS and 15.4% used CIRS only in particular areas. Most often, critical incidents without any harm to patients were reported (76.9%); however, some health care facilities also use their CIRS to report patient falls (16.7%), needle stick injuries (17.9%), technical problems (51.3%), or critical incidents involving health care professionals. CIRS are not yet extensively or homogeneously used in Austria. Inconsistencies exist with respect to which events are reported as well as how they are followed up and reported to health care professionals. Further recommendations for general use are needed to support the dissemination in Austrian health care environments. PMID:29310496

Survey to identify depth of penetration of critical incident reporting systems in Austrian healthcare facilities.

PubMed

Sendlhofer, Gerald; Eder, Harald; Leitgeb, Karina; Gorges, Roland; Jakse, Heidelinde; Raiger, Marianne; Türk, Silvia; Petschnig, Walter; Pregartner, Gudrun; Kamolz, Lars-Peter; Brunner, Gernot

2018-01-01

Incident reporting systems or so-called critical incident reporting systems (CIRS) were first recommended for use in health care more than 15 years ago. The uses of these CIRS are highly variable among countries, ranging from being used to report critical incidents, falls, or sentinel events resulting in death. In Austria, CIRS have only been introduced to the health care sector relatively recently. The goal of this work, therefore, was to determine whether and specifically how CIRS are used in Austria. A working group from the Austrian Society for Quality and Safety in Healthcare (ASQS) developed a survey on the topic of CIRS to collect information on penetration of CIRS in general and on how CIRS reports are used to increase patient safety. Three hundred seventy-one health care professionals from 274 health care facilities were contacted via e-mail. Seventy-eight respondents (21.0%) completed the online survey, thereof 66 from hospitals and 12 from other facilities (outpatient clinics, nursing homes). In all, 64.1% of the respondents indicated that CIRS were used in the entire health care facility; 20.6% had not yet introduced CIRS and 15.4% used CIRS only in particular areas. Most often, critical incidents without any harm to patients were reported (76.9%); however, some health care facilities also use their CIRS to report patient falls (16.7%), needle stick injuries (17.9%), technical problems (51.3%), or critical incidents involving health care professionals. CIRS are not yet extensively or homogeneously used in Austria. Inconsistencies exist with respect to which events are reported as well as how they are followed up and reported to health care professionals. Further recommendations for general use are needed to support the dissemination in Austrian health care environments.

An Anesthesia Preinduction Checklist to Improve Information Exchange, Knowledge of Critical Information, Perception of Safety, and Possibly Perception of Teamwork in Anesthesia Teams.

PubMed

Tscholl, David W; Weiss, Mona; Kolbe, Michaela; Staender, Sven; Seifert, Burkhardt; Landert, Daniel; Grande, Bastian; Spahn, Donat R; Noethiger, Christoph B

2015-10-01

An anesthesia preinduction checklist (APIC) to be performed before anesthesia induction was introduced and evaluated with respect to 5 team-level outcomes, each being a surrogate end point for patient safety: information exchange (the percentage of checklist items exchanged by a team, out of 12 total items); knowledge of critical information (the percentage of critical information items out of 5 total items such as allergies, reported as known by the members of a team); team members' perceptions of safety (the median scores given by the members of a team on a continuous rating scale); their perception of teamwork (the median scores given by the members of a team on a continuous rating scale); and clinical performance (the percentage of completed items out of 14 required tasks, e.g., suction device checked). A prospective interventional study comparing anesthesia teams using the APIC with a control group not using the APIC was performed using a multimethod design. Trained observers rated information exchange and clinical performance during on-site observations of anesthesia inductions. After the observations, each team member indicated the critical information items they knew and their perceptions of safety and teamwork. One hundred five teams using the APIC were compared with 100 teams not doing so. The medians of the team-level outcome scores in the APIC group versus the control group were as follows: information exchange: 100% vs 33% (P < 0.001), knowledge of critical information: 100% vs 90% (P < 0.001), perception of safety: 91% vs 84% (P < 0.001), perception of teamwork: 90% vs 86% (P = 0.028), and clinical performance: 93% vs 93% (P = 0.60). This study provides empirical evidence that the use of a preinduction checklist significantly improves information exchange, knowledge of critical information, and perception of safety in anesthesia teams-all parameters contributing to patient safety. There was a trend indicating improved perception of teamwork.

Integrated therapy safety management system

PubMed Central

Podtschaske, Beatrice; Fuchs, Daniela; Friesdorf, Wolfgang

2013-01-01

Aims The aim is to demonstrate the benefit of the medico-ergonomic approach for the redesign of clinical work systems. Based on the six layer model, a concept for an ‘integrated therapy safety management’ is drafted. This concept could serve as a basis to improve resilience. Methods The concept is developed through a concept-based approach. The state of the art of safety and complexity research in human factors and ergonomics forms the basis. The findings are synthesized to a concept for ‘integrated therapy safety management’. The concept is applied by way of example for the ‘medication process’ to demonstrate its practical implementation. Results The ‘integrated therapy safety management’ is drafted in accordance with the six layer model. This model supports a detailed description of specific work tasks, the corresponding responsibilities and related workflows at different layers by using the concept of ‘bridge managers’. ‘Bridge managers’ anticipate potential errors and monitor the controlled system continuously. If disruptions or disturbances occur, they respond with corrective actions which ensure that no harm results and they initiate preventive measures for future procedures. The concept demonstrates that in a complex work system, the human factor is the key element and final authority to cope with the residual complexity. The expertise of the ‘bridge managers’ and the recursive hierarchical structure results in highly adaptive clinical work systems and increases their resilience. Conclusions The medico-ergonomic approach is a highly promising way of coping with two complexities. It offers a systematic framework for comprehensive analyses of clinical work systems and promotes interdisciplinary collaboration. PMID:24007448

Revised fire safety system cuts emergency response time.

PubMed

Keir, D C

1979-03-01

As Margaret R. Pardee Memorial Hospital, Hendersonville, NC. expanded, fire safety plans had to be reevaluated. With each new addition, fire safety responsibilities for hospital personnel multiplied and overlapped. Confusion resulted, and a revised, simplified, and coordinated fire safety system was devised. Seventeen false alarms within one year, caused by a faulty sprinkler system, gave hospital personnel ample opportunity to test the system and iron out unexpected problems.

Striving for safety: communicating and deciding in sociotechnical systems

PubMed Central

Flach, John M.; Carroll, John S.; Dainoff, Marvin J.; Hamilton, W. Ian

2015-01-01

How do communications and decisions impact the safety of sociotechnical systems? This paper frames this question in the context of a dynamic system of nested sub-systems. Communications are related to the construct of observability (i.e. how components integrate information to assess the state with respect to local and global constraints). Decisions are related to the construct of controllability (i.e. how component sub-systems act to meet local and global safety goals). The safety dynamics of sociotechnical systems are evaluated as a function of the coupling between observability and controllability across multiple closed-loop components. Two very different domains (nuclear power and the limited service food industry) provide examples to illustrate how this framework might be applied. While the dynamical systems framework does not offer simple prescriptions for achieving safety, it does provide guides for exploring specific systems to consider the potential fit between organisational structures and work demands, and for generalising across different systems regarding how safety can be managed. Practitioner Summary: While offering no simple prescriptions about how to achieve safety in sociotechnical systems, this paper develops a theoretical framework based on dynamical systems theory as a practical guide for generalising from basic research to work domains and for generalising across alternative work domains to better understand how patterns of communication and decision-making impact system safety. PMID:25761155

Identifying behaviour patterns of construction safety using system archetypes.

PubMed

Guo, Brian H W; Yiu, Tak Wing; González, Vicente A

2015-07-01

Construction safety management involves complex issues (e.g., different trades, multi-organizational project structure, constantly changing work environment, and transient workforce). Systems thinking is widely considered as an effective approach to understanding and managing the complexity. This paper aims to better understand dynamic complexity of construction safety management by exploring archetypes of construction safety. To achieve this, this paper adopted the ground theory method (GTM) and 22 interviews were conducted with participants in various positions (government safety inspector, client, health and safety manager, safety consultant, safety auditor, and safety researcher). Eight archetypes were emerged from the collected data: (1) safety regulations, (2) incentive programs, (3) procurement and safety, (4) safety management in small businesses (5) production and safety, (6) workers' conflicting goals, (7) blame on workers, and (8) reactive and proactive learning. These archetypes capture the interactions between a wide range of factors within various hierarchical levels and subsystems. As a free-standing tool, they advance the understanding of dynamic complexity of construction safety management and provide systemic insights into dealing with the complexity. They also can facilitate system dynamics modelling of construction safety process. Copyright © 2015 Elsevier Ltd. All rights reserved.

Safety Analysis of Soybean Processing for Advanced Life Support

NASA Technical Reports Server (NTRS)

Hentges, Dawn L.

1999-01-01

Soybeans (cv. Hoyt) is one of the crops planned for food production within the Advanced Life Support System Integration Testbed (ALSSIT), a proposed habitat simulation for long duration lunar/Mars missions. Soybeans may be processed into a variety of food products, including soymilk, tofu, and tempeh. Due to the closed environmental system and importance of crew health maintenance, food safety is a primary concern on long duration space missions. Identification of the food safety hazards and critical control points associated with the closed ALSSIT system is essential for the development of safe food processing techniques and equipment. A Hazard Analysis Critical Control Point (HACCP) model was developed to reflect proposed production and processing protocols for ALSSIT soybeans. Soybean processing was placed in the type III risk category. During the processing of ALSSIT-grown soybeans, critical control points were identified to control microbiological hazards, particularly mycotoxins, and chemical hazards from antinutrients. Critical limits were suggested at each CCP. Food safety recommendations regarding the hazards and risks associated with growing, harvesting, and processing soybeans; biomass management; and use of multifunctional equipment were made in consideration of the limitations and restraints of the closed ALSSIT.

Analytical methodology for safety validation of computer controlled subsystems. Volume 1 : state-of-the-art and assessment of safety verification/validation methodologies

DOT National Transportation Integrated Search

1995-09-01

This report describes the development of a methodology designed to assure that a sufficiently high level of safety is achieved and maintained in computer-based systems which perform safety critical functions in high-speed rail or magnetic levitation ...

SU-E-T-201: Safety-Focused Customization of Treatment Plan Documentation.

PubMed

Schubert, L; Westerly, D; Stuhr, K; Miften, M

2012-06-01

Plan report documentation contains numerous details about the treatment plan, but critical information for patient safety is often presented without special emphasis. This can make it difficult to detect errors from treatment planning and data transfer during the initial chart review. The objective of this work is to improve safety measures in radiation therapy practice by customizing the treatment plan report to emphasize safety-critical information. Commands within the template file from a commercial planning system (Eclipse, Varian Medical Systems) that automatically generates the treatment plan report were reviewed and modified. Safety-critical plan parameters were identified from published risks known to be inherent in the treatment planning process. Risks having medium to high potential impact on patient safety included incorrect patient identifiers, erroneous use of the treatment prescription, and incorrect transfer of beam parameters or consideration of accessories. Specific examples of critical information in the treatment plan report that can be overlooked during a chart review included prescribed dose per fraction and number of fractions, wedge and open field monitor units, presence of beam accessories, and table shifts for patient setup. Critical information was streamlined and concentrated. Patient and plan identification, dose prescription details, and patient positioning couch shift instructions were placed on the first page. Plan information to verify the correct data transfer to the record and verify system was re-organized in an easy to review tabular format and placed in the second page of the customized printout. Placeholders were introduced to indicate both the presence and absence of beam modifiers. Font sizes and spacing were adjusted for clarity, and departmental standards and terminology were introduced to streamline data communication among staff members. Plan reporting documentation has been customized to concentrate and emphasize safety-critical

Safety Management Systems.

ERIC Educational Resources Information Center

Fido, A. T.; Wood, D. O.

This document discusses the issues that need to be considered by the education and training system as it responds to the changing needs of industry in Great Britain. Following a general introduction, the development of quality management ideas is traced. The underlying principles of safety and risk management are clarified and the implications of…

46 CFR 62.25-15 - Safety control systems.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 46 Shipping 2 2010-10-01 2010-10-01 false Safety control systems. 62.25-15 Section 62.25-15 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) MARINE ENGINEERING VITAL SYSTEM AUTOMATION General Requirements for All Automated Vital Systems § 62.25-15 Safety control systems. (a...

Safety incidents involving confused and forgetful older patients in a specialised care setting--analysis of the safety incidents reported to the HaiPro reporting system.

PubMed

Kinnunen-Luovi, Kaisa; Saarnio, Reetta; Isola, Arja

2014-09-01

To describe the safety incidents involving confused and forgetful older patients in a specialised care setting entered in the HaiPro reporting system. About 10% of patients experience a safety incident during hospitalisation, which causes or could cause them harm. The possibility of a safety incident during hospitalisation increases significantly with age. A mild or moderate memory disorder and acute confusion are often present in the safety incidents originating with an older patient. The design of the study was action research with this study using findings from one of the first-phase studies, which included qualitative and quantitative analysed data. Data were collected from the reporting system for safety incidents (HaiPro) in a university hospital in Finland. There were 672 reported safety incidents from four acute medical wards during the years 2009-2011, which were scrutinised. Seventy-five of them were linked to a confused patient and were analysed. The majority of the safety incidents analysed involved patient-related accidents. In addition to challenging behaviour, contributing factors included ward routines, shortage of nursing staff, environmental factors and staff knowledge and skills. Nurses tried to secure the patient safety in many different ways, but the modes of actions were insufficient. Nursing staff need evidence-based information on how to assess the cognitive status of a confused patient and how to encounter such patients. The number of nursing staff and ward routines should be examined critically and put in proportion to the care intensity demands caused by the patient's confused state. The findings can be used as a starting point in the prevention of safety incidents and in improving the care of older patients. © 2013 John Wiley & Sons Ltd.

Safety survey report EBR-II safety survey, ANL-west health protection, industrial safety and fire protection survey

DOE Office of Scientific and Technical Information (OSTI.GOV)

Dunbar, K.A.

1972-01-10

A safety survey covering the disciplines of Reactor Safety, Nuclear Criticality Safety, Health Protection and Industrial Safety and Fire Protection was conducted at the ANL-West EBR-II FEF Complex during the period January 10-18, 1972. In addition, the entire ANL-West site was surveyed for Health Protection and Industrial Safety and Fire Protection. The survey was conducted by members of the AEC Chicago Operations Office, a member of RDT-HQ and a member of the RDT-ID site office. Eighteen recommendations resulted from the survey, eleven in the area of Industrial Safety and Fire Protection, five in the area of Reactor Safety and twomore » in the area of Nuclear Criticality Safety.« less

[Incorporation of the Hazard Analysis and Critical Control Point system (HACCP) in food legislation].

PubMed

Castellanos Rey, Liliana C; Villamil Jiménez, Luis C; Romero Prada, Jaime R

2004-01-01

The Hazard Analysis and Critical Control Point system (HACCP), recommended by different international organizations as the Codex Alimentarius Commission, the World Trade Organization (WTO), the International Office of Epizootics (OIE) and the International Convention for Vegetables Protection (ICPV) amongst others, contributes to ensuring the innocuity of food along the agro-alimentary chain and requires of Good Manufacturing Practices (GMP) for its implementation, GMP's which are legislated in most countries. Since 1997, Colombia has set rules and legislation for application of HACCP system in agreement with international standards. This paper discusses the potential and difficulties of the legislation enforcement and suggests some policy implications towards food safety.

Sensitivity-Uncertainty Based Nuclear Criticality Safety Validation

DOE Office of Scientific and Technical Information (OSTI.GOV)

Brown, Forrest B.

2016-09-20

These are slides from a seminar given to the University of Mexico Nuclear Engineering Department. Whisper is a statistical analysis package developed to support nuclear criticality safety validation. It uses the sensitivity profile data for an application as computed by MCNP6 along with covariance files for the nuclear data to determine a baseline upper-subcritical-limit for the application. Whisper and its associated benchmark files are developed and maintained as part of MCNP6, and will be distributed with all future releases of MCNP6. Although sensitivity-uncertainty methods for NCS validation have been under development for 20 years, continuous-energy Monte Carlo codes such asmore » MCNP could not determine the required adjoint-weighted tallies for sensitivity profiles. The recent introduction of the iterated fission probability method into MCNP led to the rapid development of sensitivity analysis capabilities for MCNP6 and the development of Whisper. Sensitivity-uncertainty based methods represent the future for NCS validation – making full use of today’s computer power to codify past approaches based largely on expert judgment. Validation results are defensible, auditable, and repeatable as needed with different assumptions and process models. The new methods can supplement, support, and extend traditional validation approaches.« less

A quantitative risk-based model for reasoning over critical system properties

NASA Technical Reports Server (NTRS)

Feather, M. S.

2002-01-01

This position paper suggests the use of a quantitative risk-based model to help support reeasoning and decision making that spans many of the critical properties such as security, safety, survivability, fault tolerance, and real-time.

Patient safety goals for the proposed Federal Health Information Technology Safety Center.

PubMed

Sittig, Dean F; Classen, David C; Singh, Hardeep

2015-03-01

The Office of the National Coordinator for Health Information Technology is expected to oversee creation of a Health Information Technology (HIT) Safety Center. While its functions are still being defined, the center is envisioned as a public-private entity focusing on promotion of HIT related patient safety. We propose that the HIT Safety Center leverages its unique position to work with key administrative and policy stakeholders, healthcare organizations (HCOs), and HIT vendors to achieve four goals: (1) facilitate creation of a nationwide 'post-marketing' surveillance system to monitor HIT related safety events; (2) develop methods and governance structures to support investigation of major HIT related safety events; (3) create the infrastructure and methods needed to carry out random assessments of HIT related safety in complex HCOs; and (4) advocate for HIT safety with government and private entities. The convening ability of a federally supported HIT Safety Center could be critically important to our transformation to a safe and effective HIT enabled healthcare system. © The Author 2014. Published by Oxford University Press on behalf of the American Medical Informatics Association. All rights reserved. For Permissions, please email: journals.permissions@oup.com.

33 CFR 96.220 - What makes up a safety management system?

Code of Federal Regulations, 2011 CFR

2011-07-01

... SECURITY VESSEL OPERATING REGULATIONS RULES FOR THE SAFE OPERATION OF VESSELS AND SAFETY MANAGEMENT SYSTEMS Company and Vessel Safety Management Systems § 96.220 What makes up a safety management system? (a) The safety management system must document the responsible person's— (1) Safety and pollution prevention...

Criticality safety evaluation for the Advanced Test Reactor enhanced low enriched uranium fuel elements

DOE Office of Scientific and Technical Information (OSTI.GOV)

Montierth, Leland M.

2016-07-19

The Global Threat Reduction Initiative (GTRI) convert program is developing a high uranium density fuel based on a low enriched uranium (LEU) uranium-molybdenum alloy. Testing of prototypic GTRI fuel elements is necessary to demonstrate integrated fuel performance behavior and scale-up of fabrication techniques. GTRI Enhanced LEU Fuel (ELF) elements based on the ATR-Standard Size elements (all plates fueled) are to be fabricated for testing in the Advanced Test Reactor (ATR). While a specific ELF element design will eventually be provided for detailed analyses and in-core testing, this criticality safety evaluation (CSE) is intended to evaluate a hypothetical ELF element designmore » for criticality safety purposes. Existing criticality analyses have analyzed Standard (HEU) ATR elements from which controls have been derived. This CSE documents analysis that determines the reactivity of the hypothetical ELF fuel elements relative to HEU ATR elements and whether the existing HEU ATR element controls bound the ELF element. The initial calculations presented in this CSE analyzed the original ELF design, now referred to as Mod 0.1. In addition, as part of a fuel meat thickness optimization effort for reactor performance, other designs have been evaluated. As of early 2014 the most current conceptual designs are Mk1A and Mk1B, that were previously referred to as conceptual designs Mod 0.10 and Mod 0.11, respectively. Revision 1 evaluates the reactivity of the ATR HEU Mark IV elements for a comparison with the Mark VII elements.« less

Who is in control of road safety? A STAMP control structure analysis of the road transport system in Queensland, Australia.

PubMed

Salmon, Paul M; Read, Gemma J M; Stevens, Nicholas J

2016-11-01

Despite significant progress, road trauma continues to represent a global safety issue. In Queensland (Qld), Australia, there is currently a focus on preventing the 'fatal five' behaviours underpinning road trauma (drug and drink driving, distraction, seat belt wearing, speeding, and fatigue), along with an emphasis on a shared responsibility for road safety that spans road users, vehicle manufacturers, designers, policy makers etc. The aim of this article is to clarify who shares the responsibility for road safety in Qld and to determine what control measures are enacted to prevent the fatal five behaviours. This is achieved through the presentation of a control structure model that depicts the actors and organisations within the Qld road transport system along with the control and feedback relationships that exist between them. Validated through a Delphi study, the model shows a diverse set of actors and organisations who share the responsibility for road safety that goes beyond those discussed in road safety policies and strategies. The analysis also shows that, compared to other safety critical domains, there are less formal control structures in road transport and that opportunities exist to add new controls and strengthen existing ones. Relationships that influence rather than control are also prominent. Finally, when compared to other safety critical domains, the strength of road safety controls is brought into question. Copyright © 2016 Elsevier Ltd. All rights reserved.

Analysis of Aviation Safety Reporting System Incident Data Associated With the Technical Challenges of the Vehicle Systems Safety Technology Project

NASA Technical Reports Server (NTRS)

Withrow, Colleen A.; Reveley, Mary S.

2014-01-01

This analysis was conducted to support the Vehicle Systems Safety Technology (VSST) Project of the Aviation Safety Program (AVsP) milestone VSST4.2.1.01, "Identification of VSST-Related Trends." In particular, this is a review of incident data from the NASA Aviation Safety Reporting System (ASRS). The following three VSST-related technical challenges (TCs) were the focus of the incidents searched in the ASRS database: (1) Vechicle health assurance, (2) Effective crew-system interactions and decisions in all conditions; and (3) Aircraft loss of control prevention, mitigation, and recovery.

Comparison of warfarin therapy clinical outcomes following implementation of an automated mobile phone-based critical laboratory value text alert system.

PubMed

Lin, Shu-Wen; Kang, Wen-Yi; Lin, Dong-Tsamn; Lee, James; Wu, Fe-Lin; Chen, Chuen-Liang; Tseng, Yufeng J

2014-01-01

Computerized alert and reminder systems have been widely accepted and applied to various patient care settings, with increasing numbers of clinical laboratories communicating critical laboratory test values to professionals via either manual notification or automated alerting systems/computerized reminders. Warfarin, an oral anticoagulant, exhibits narrow therapeutic range between treatment response and adverse events. It requires close monitoring of prothrombin time (PT)/international normalized ratio (INR) to ensure patient safety. This study was aimed to evaluate clinical outcomes of patients on warfarin therapy following implementation of a Personal Handy-phone System-based (PHS) alert system capable of generating and delivering text messages to communicate critical PT/INR laboratory results to practitioners' mobile phones in a large tertiary teaching hospital. A retrospective analysis was performed comparing patient clinical outcomes and physician prescribing behavior following conversion from a manual laboratory result alert system to an automated system. Clinical outcomes and practitioner responses to both alert systems were compared. Complications to warfarin therapy, warfarin utilization, and PT/INR results were evaluated for both systems, as well as clinician time to read alert messages, time to warfarin therapy modification, and monitoring frequency. No significant differences were detected in major hemorrhage and thromboembolism, warfarin prescribing patterns, PT/INR results, warfarin therapy modification, or monitoring frequency following implementation of the PHS text alert system. In both study periods, approximately 80% of critical results led to warfarin discontinuation or dose reduction. Senior physicians' follow-up response time to critical results was significantly decreased in the PHS alert study period (46.3% responded within 1 day) compared to the manual notification study period (24.7%; P = 0.015). No difference in follow-up response time

77 FR 60479 - Burnup Credit in the Criticality Safety Analyses of Pressurized Water Reactor Spent Fuel in...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-10-03

... Pressurized Water Reactor Spent Fuel in Transportation and Storage Casks AGENCY: Nuclear Regulatory Commission... 3, entitled, ``Burnup Credit in the Criticality Safety Analyses of PWR [Pressurized Water Reactor... water reactor spent nuclear fuel (SNF) in transportation packages and storage casks. SFST-ISG-8...

Autonomous Flight Safety System - Phase III

NASA Technical Reports Server (NTRS)

2008-01-01

The Autonomous Flight Safety System (AFSS) is a joint KSC and Wallops Flight Facility project that uses tracking and attitude data from onboard Global Positioning System (GPS) and inertial measurement unit (IMU) sensors and configurable rule-based algorithms to make flight termination decisions. AFSS objectives are to increase launch capabilities by permitting launches from locations without range safety infrastructure, reduce costs by eliminating some downrange tracking and communication assets, and reduce the reaction time for flight termination decisions.

Improving patient safety: lessons from rock climbing.

PubMed

Robertson, Nic

2012-02-01

How to improve patient safety remains an intractable problem, despite large investment and some successes. Academics have argued that the root of the problem is a lack of a comprehensive 'safety culture' in hospitals. Other safety-critical industries such as commercial aviation invest heavily in staff training to develop such a culture, but comparable programmes are almost entirely absent from the health care sector. In rock climbing and many other dangerous activities, the 'buddy system' is used to ensure that safety systems are adhered to despite adverse circumstances. This system involves two or more people using simple checks and clear communication to prevent problems causing harm. Using this system as an example could provide a simple, original and entertaining way of introducing medical students to the idea that human factors are central to ensuring patient safety. Teaching the buddy system may improve understanding and acceptance of other patient safety initiatives, and could also be used by junior doctors as a tool to improve the safety of their practice. © Blackwell Publishing Ltd 2012.

Smoke Detection: Critical Element of a University Residential Fire Safety Program.

ERIC Educational Resources Information Center

Robinson, Donald A.

1979-01-01