Good safety management means that continuous attempts are made to improve safety engineering practice. These improvements are often through creating interventions to perceived problems. Many of these interventions seem to have been largely ineffective, suggesting that they may not be addressing the real impediments to good safety engineering practice. We do not argue that existing tools for improving safety engineering practice (such as checklists) are necessarily deficient, rather we challenge whether they are being employed to correct the causes of impediments to better practice. Safety practice ‘As Observed’ (the actual safety engineering activities performed) is informed by defined processes (safety practice ‘As Required’). These processes aim to ensure practice achieves the best safety outcomes (safety practice ‘As Desired’). For many different and complex reasons ‘As Observed’ safety practice may not be equivalent to the safety practice ‘As Required’. Similarly safety practice ‘As Required’ may not be equivalent to safety practice ‘As Desired’. All of these discrepancies could play a significant role in poor safety engineering practice. By exploring these discrepancies it becomes possible to understand the causes of deficiencies in practice, and to start to propose effective interventions. In this paper we introduce and discuss a process for understanding safety engineering practice based around modelling safety practice ‘As Desired’, ‘As Required’, and ‘As Observed’, and the interactions between these elements. We describe how this process can be used to evaluate safety engineering practice and inform the design of effective improvements. We present an example of how the process may be applied to understand safety practice for software safety assurance in the military domain.
Read full abstract