[SystemSafety] Analyzing far behind the Intended Use
Martyn Thomas
martyn at thomas-associates.co.uk
Wed Dec 30 11:37:33 CET 2015
Are System-A and System-X different systems?
On the general point - it is common for operators to use systems outside
their intended use. People have been killed because they balanced an
electric fire on the side of their bath, or used their powered
grass-mower to trim their hedges. Car owners modify their engine
management systems to get better performance. People even use MS Windows
in safety-critical applications, despite the EULA.
What should the manufacturer do?
Firstly, be explicit about the permitted limits of use within which the
product is warranted or certified to be safe. Secondly, be explicit
about the critical risks if the product is used outside these limits -
and state clearly that the warranty and any safety certification is
invalidated by such use. Thirdly, where a particular and dangerous
misuse is foreseeable, design the product so that it prevents or detects
such misuse and fails safely. These are common strategies that have been
used by many product manufacturers for years; computer system
manufacturers can be expected to adopt similar policies.
Martyn
On 30/12/2015 02:12, Haim Kuper wrote:
>
> Hello everyone,
>
>
>
> What is your opinion regarding the following situation:
>
> The customer defines System-A to be used as "Advisory only". This fact
> defines what we call the "Intended Use" of the system.
>
> This Intendent use is the basis of System-A safety analysis,
> resulting with few hazards marked with CRITICAL severity.
>
> The operator of System-X is quite clever to use the system FAR BEHIND
> the Intendent use.
>
> If you analyze this "Extra-usage", you find hazards typed as
> CATASTROPHIC severity, and the mitigation of those hazards is quite
> expensive.
>
> We do wish to protect the operator activities. However, the customer
> will not pay the price of FAR BEHIND the Intendent use mitigation.
>
>
>
> How will you act under those constrains ?
>
>
>
> Thanks,
>
> Kuper
>
>
>
>
>
> _______________________________________________
> The System Safety Mailing List
> systemsafety at TechFak.Uni-Bielefeld.DE
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.techfak.uni-bielefeld.de/mailman/private/systemsafety/attachments/20151230/4616141f/attachment.html>
More information about the systemsafety
mailing list