Selected Publications

by Alastair Faulkner and Mark Nicholson

The Emergence of Accidental Autonomy

Authors: Alastair Faulkner and Mark Nicholson
Publisher: Safety-Critical Systems Symposium 2020
Year: 2020
Volume: Proceedings of the Safety-Critical Systems Symposium, York, UK
ISBN: 978-1729361764

Abstract

The Boeing 737 MAX - Manoeuvring Characteristics Augmentation System (MCAS) accidents have demonstrated how cumulative factors may lead to accidental autonomy. Accidental autonomy emerges when differences in models compete over resources and control. In the operational domain, one manifestation is failure at the human-machine interface. Subtle, incremental changes in technol-ogy allied with downward economic pressures encourage reuse to create the sys-tem safety property of additionality. Cumulative incremental changes occur that when taken together, are safety significant. Reuse of process, product or both gives rise to inappropriate design trade-offs. Assumptions about the completeness of process, design, implementation or context may lead, in extreme circumstances, to the creation of accidental autonomy - systems without human oversight that implement safety-related functionality or services.

Oversight, assessment and approval of systems dependent on reuse are reliant on the familiarity of the assessor with the reused elements within their operational and use context. Incomplete, inadequate understanding and failures of compre-hension, along with the allure of fast software development, create the potential for accidental autonomy.

Download

Data Centric - the Sixth Age of Safety:
Communications Enabled Transition from Function to Service

Authors: Mark Nicholson and Alastair Faulkner
Publisher: IET System Safety and Cyber Security Conference
Year: 2016
Volume: Proceedings of the IET System Safety and Cyber Security Conference, London, UK.
ISBN:

Abstract

Early applications of system safety focused on analysis resulting in the identification of the risks associated with functional failure, and attribution of integrity requirements to functions. Limitations in early software systems restricted their application to small-scale protection systems. Subsequent developments have seen such systems grow in scope, scale and complexity, not only in the application but also the interconnected nature of the application domain. This interconnected domain extends consideration of (safety) function, to flow, and from flow, to service.

In this paper, we revisit discussions about how to address socio-technical systems through the ‘Ages of Safety’ structure, originally identified by Hale and Hovden (1998) and extended by many authors. This allows us to propose the sixth age of safety: the Data Centric Age to address functions, flows and services.

The Reference Model (was XYZ) of Data Safety

Authors: Alastair Faulkner and Mark Nicholson
Publisher: IET System Safety and Cyber Security Conference
Year: 2016
Volume: Proceedings of the IET System Safety and Cyber Security Conference, London, UK.
ISBN:

Abstract

Safety Management has matured from simple process-based arguments to become hazard-focused and proactive. The adoption of Goal Structuring Notation and ‘product line’ safety arguments means that products comprise multiple constituents in several axis. Data is now ubiquitous in the development, operation and assurance of products. This paper, therefore, explores data safety in the form of a three-axis model. A process that uses this model is discussed. Model validation is by reference to existing safety and assurance models and case studies.

Download

An Assessment Framework for Data-Centric Systems

Authors: Alastair Faulkner and Mark Nicholson
Publisher: Safety Critical Systems Club
Year: 2014
Volume: Proceedings of the Twenty-Second Safety-Critical Systems Symposium, Brighton, UK. Edited by Chris Dale and Tom Anderson
ISBN: 978-1491263648

Abstract

Standardisation, organisation and control have brought economic benefits through the application of computer based systems to large governmental, industrial and retail organisations. These benefits are also being sought from areas and organisations with a safety related context. Typically these systems employ standardised applications and large volumes of data. Such data represents individuals, system elements, their relationships and histories. Application areas span health care provision to transportation, welfare to governmental policy. In these systems it is often unclear how data errors influence the overall system behaviour or individual system outcomes.

This paper provides a framework to classify the use (and reuse) of data within such systems. In addition this paper seeks to identify the ‘barriers to escalation’ that would mitigate the influence of data errors on system safety and restrict their propagation across the connected systems

Download