Safeware Engineering Corporation: White Papers

Hazard Analysis

Hazard analysis affects, and in turn, is affected by all aspects of the development process.

Hazard analysis is the heart of any system safety program. It is used for:

	Developing requirements and design constraints
	Validating requirements and design for safety
	Preparing operational procedures and instructions
	Test planning
	Management planning

and serves as:

	A framework for ensuing steps
	A checklist to ensure management and technical responsibilities for safety are accomplished.

The following terminology is used in discussing hazard analyses.

Accident:

An undesired and unplanned (but not necessarily unexpected) event that results in (at least) a specified level of loss.

Incident:

An event that involves no loss (or only minor loss) but with the potential for loss under different circumstances.

Hazard:

A state or set of conditions that, together with other conditions in the environment, will lead to an accident (loss event).

Note that a hazard is not equal to a failure. A hazard is a system state that, combined with certain environmental conditions, will result in an accident. A failure is the nonperformance of function by a component.

"Distinguishing hazards from failures is implicit in understanding the difference between safety and reliability engineering."
C. O Miller

Hazard Level:

A combination of severity (worst potential damage in case of an accident) and likelihood of occurrence of the hazard.

Risk:

The hazard level combined with the likelihood of the hazard leading to an accident plus exposure (or duration) of the hazard.

Safety:

Freedom from accidents or losses. In this sense, safety is somewhat like security. It is not practical to achieve a goal of complete and total security, nor is it necessarily possible to achieve complete and total safety. We try to come as close to the ideal as possible.

Hazard analysis begins with Preliminary Hazard Analysis (PHA). PHA identifies, assesses, and prioritizes hazards. Using this hazard list, high-level safety design constraints can be identified. With these constraints in mind, System Hazard Analysis (SHA) is carried out. SHA examines subsystem interfaces to evaluate the safety of the system working as a whole. The design constraints generated following PHA are refined and trained to individual components (including the operator of the system).

Subsystem hazard analysis (SSHA) determines how subsystem design and behavior can contribute to system hazards. SSHA also provides an opportunity to evaluate the design for compliance with safety constraints introduced earlier in the process.

Change and Operational analysis evaluates all changes to the system for their contribution to potential hazards and analyzes operational experience with the system.