[SystemSafety] Analyzing far behind the Intended Use
Les Chambers
les at chambers.com.au
Fri Jan 1 01:09:38 CET 2016
Haim
Your problem statement is brief, I am therefore making a lot of assumptions here.
IFF the following is true:
This is something more than an arm's length product sale.
Your customer is not just downloading your product from the web.
In fact you have performed a hazard analysis for him.
You have probably met the operators and know them personally.
You are well aware of the modes in which your product may be used
THEN:
This problem becomes a question of ethics. It is more than a legal process of protecting
yourself.
If in fact the consequences of misuse of your product are truly catastrophic, if you believe
your own hazard analysis, have you considered withdrawing it from sale?
The other option is to attempt to influence a client to spend the money required to make it
safe in his context. I know he's said NO, so TRY HARDER!!!
One way of achieving this is to prepare a use case scenario that could realistically lead to
loss of life or destruction of property for your client. Ultimately it's up to you to look at this
scenario through the lens of your company's statement of professional ethics.
In 27 years in business I have attempted to adhere to the policy that dealing with my
company is a pleasurable experience for all my clients. This extends to fixing problems
even though they may not have been of my making.
So, if the probability of harm to your customer is real consider if you want that customer one
day to stand in the marketplace and say I purchased this product from X and it killed some
of my people. Whether this is true or not is irrelevant. The outcome for your company could
be
catastrophic.
> Hello everyone,
>
>
>
> What is your opinion regarding the following situation:
>
> The customer defines System-A to be used as "Advisory only". This fact
> defines what we call the "Intended Use" of the system.
>
> This Intendent use is the basis of System-A safety analysis, resulting with
> few hazards marked with CRITICAL severity.
>
> The operator of System-X is quite clever to use the system FAR BEHIND the
> Intendent use.
>
> If you analyze this "Extra-usage", you find hazards typed as CATASTROPHIC
> severity, and the mitigation of those hazards is quite expensive.
>
> We do wish to protect the operator activities. However, the customer will
> not pay the price of FAR BEHIND the Intendent use mitigation.
>
>
>
> How will you act under those constrains ?
>
>
>
> Thanks,
>
> Kuper
--
Les Chambers
les at chambers.com.au
+61 (0)412 648 992
More information about the systemsafety
mailing list