Proposed new definitions for safety
The following definitions were proposed at the recent Dagstuhl workshop and will be incorporated in an upcoming Safecomp paper.
These below text is hereby placed in the public domain, with a specific objective of being incorporated into safety standards.
· Loss: an adverse outcome, including
damage to the system itself, negative societal externalities, damage to
property, damage to the environment, injury or death to animals, and injury or
death to people
Note: This is broader in
scope than other typical definitions of loss or harm. Some types of loss might
be assigned very low severity in some application domains. Allocation of blame
does not affect whether a loss occurred.
·
Risk: combination of the probability of
occurrence of a loss, or pattern of losses, and the importance to stakeholders
of the associated consequences
Note: Net importance can be
non-linearly related to individual losses if forming a pattern. Correlated loss
events, inequitable loss patterns, and loss patterns involving a failure to
mitigate emergent loss trends are included.
·
Safety constraint: a limitation imposed
on risk by stakeholder requirements
Note: This implicitly
requires identification of stakeholders who might be affected by losses, and
makes it more straightforward to view safety as a multi-dimensional constrained
optimization problem rather than a mostly one-dimensional pure risk optimization
problem [Koopman24b]. Safety constraints might include: limits on individual
risks, limits on net risk, and exposure limits for specified types of risk
patterns, even if risk pattern constraints worsen net risk.
·
Acceptable: meets all safety constraints
Note: The phrase “acceptably
safe” might be used in some contexts. While “Safety” is defined below, use of
the word “safe” alone should be avoided.
·
Safety case: structured argument,
supported by a body of evidence, that provides a compelling, comprehensible and
valid case as to whether or not a system meets a comprehensive set of safety
constraints
Note: This emphasizes meeting
constraints rather than a threshold for net risk. A net risk threshold might be
included as one of many constraints.
·
Safety engineering: a methodical process
of ensuring a system meets all its safety constraints throughout its lifecycle,
typically involving hazard analysis, risk assessment, risk mitigation, and continuing
safety validation that align with a defined safety case
Note: Addresses constraints,
lifecycle, and requirement for a safety case.
