Loading presentation...

Present Remotely

Send the link below via email or IM


Present to your audience

Start remote presentation

  • Invited audience members will follow you as you navigate and present
  • People invited to a presentation do not need a Prezi account
  • This link expires 10 minutes after you close the presentation
  • A maximum of 30 users can follow your presentation
  • Learn more about this feature in our knowledge base article

Do you really want to delete this prezi?

Neither you, nor the coeditors you shared it with will be able to recover it again.


Research Paper 01

No description

Nipun Senadheera

on 4 February 2014

Comments (0)

Please log in to add your comment.

Report abuse

Transcript of Research Paper 01

Why does a safety system fail?
Incomplete understanding
Fail to consider the lager system
Ignore single points of failure
What is

Not decided by system designers
Rely on safety standards framed as public law or that result from the work of industrial associations, safety-related institutes etc.
Ex : US government Mil-Std-882D
industry's IEC 61508
Layered Approach
System Protection
layered approach
prevents some possible mishaps by adding extra lines of defense - at various levels in the system.
Water Heater Example
Fail-Safe Systems

Fail-Operate Systems
Research Paper 01
Ability to operate normally or
abnormally without causing human injury
death or damage to the system's environment
Two primary concerns
Potential severity
Probability of occurrence
Risk reduction
Adds to system cost
Minimizing safety cost involves reducing mishap risk to an acceptable level
How mishap risks are assessed?
An unlucky accident
5 primary components in any safety critical system
1 - Application
is the physical entity that the system monitors and controls
2 - Sensor
converts measured physical properties into electrical signals to be read by the computer
3 - Effector
Converts electrical signals from the computer to physical action that controls the
's function
4 - Operator
Human or humans who operate and activate the computer system in real time
5 - Computer
hardware and software that use
to monitor and control the
in real time
What is a Hazard?
Approaches of Fail-Operate Systems
Backup system
Analytical techniques which determine the acceptable level of mishap
Designing Safety-Critical Computer Systems
Software Engineering III
Nipun S. | Kasun R. | Adeeb A. | Tharindu S.
Replicates components
can take over the computer’s safety-critical
functions should the system fail.
Airbus A320
using primitive mechanical controls as a backup

The system includes one or more duplicates
to continue the required function
the design must replicate virtually every critical
component in a system
sensors, effectors, operators, power sources..
design must incorporate
a redundancy-management process into the fail operate
system’s h/w, s/w, or operator components to detect failures
DATA Statistics
give designers of safety-critical systems
a sense of what constitutes safe and unsafe
project that it will have a 10 percent
chance of catastrophic mishap per hour of operation
Safety standards
the US government’s Mil-Std-
industry’s IEC 61508
framed as public law
or that result from the work of industrial associations,
professional societies, and safety-related institutes
that embody the general public’s agreement of
acceptable risk.
Fail-safe System
Fail-operate Systems
Upon a failure,does not enter a
non-operating state,but continues
safe operation.
In many safety-critical systems, such as fly-by-wire and hydraulic systems in aircraft, some parts of the control system may be triplicated.
Improve Component Reliability and Quality
Incorporate Internal Safety & Warning Devices
Incorporate External Safety Devices
Risk Mitigation Measures
Basic Water Heater
Lines of defense
System Diagram
le awesomely drawn water heater
water boils
tank explodes
injures human

sensor fails
heater malfunctions
hardware failure
software fault
user fault
maintenance error
environmental conditions
design failure
any real or potential condition that can cause:
• injury, illness, or death to personnel;
• damage to or loss of a system, equipment, or property; or
• damage to the environment.

Detects a failure and enters a safe,generally non-operating state.
eg: loss of flight control, nuclear core cooling, or the presence of toxic waste
In the event of failure, responds in a way that will cause no harm/minimum harm, to other devices or danger to human.
Reduce the mishap risk to an acceptable level.
Full transcript