Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
Safety engineering
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
== Safety and reliability == {{Further|Inherent safety}}{{Further|Reliability engineering}} Safety engineering and reliability engineering have much in common, but safety is not reliability. If a medical device fails, it should fail safely; other alternatives will be available to the surgeon. If the engine on a single-engine aircraft fails, there is no backup. Electrical power grids are designed for both safety and reliability; telephone systems are designed for reliability, which becomes a safety issue when emergency (e.g. US [[911 (emergency telephone number)|911]]) calls are placed. [[Probabilistic risk assessment]] has created a close relationship between safety and reliability. Component reliability, generally defined in terms of component [[failure rate]], and external event probability are both used in quantitative safety assessment methods such as FTA. Related probabilistic methods are used to determine system [[Mean time between failures|Mean Time Between Failure (MTBF)]], system availability, or probability of mission success or failure. Reliability analysis has a broader scope than safety analysis, in that non-critical failures are considered. On the other hand, higher failure rates are considered acceptable for non-critical systems. Safety generally cannot be achieved through component reliability alone. Catastrophic failure probabilities of 10<sup>β9</sup> per hour correspond to the failure rates of very simple components such as [[resistor]]s or [[capacitor]]s. A complex system containing hundreds or thousands of components might be able to achieve a MTBF of 10,000 to 100,000 hours, meaning it would fail at 10<sup>β4</sup> or 10<sup>β5</sup> per hour. If a system failure is catastrophic, usually the only practical way to achieve 10<sup>β9</sup> per hour failure rate is through redundancy. When adding equipment is impractical (usually because of expense), then the least expensive form of design is often "inherently fail-safe". That is, change the system design so its failure modes are not catastrophic. Inherent fail-safes are common in medical equipment, traffic and railway signals, communications equipment, and safety equipment. The typical approach is to arrange the system so that ordinary single failures cause the mechanism to shut down in a safe way (for nuclear power plants, this is termed a [[Passive nuclear safety|passively safe]] design, although more than ordinary failures are covered). Alternately, if the system contains a hazard source such as a battery or rotor, then it may be possible to remove the hazard from the system so that its failure modes cannot be catastrophic. The U.S. Department of Defense Standard Practice for System Safety (MILβSTDβ882) places the highest priority on elimination of hazards through design selection.<ref>{{cite book |title = Standard Practice for System Safety |version = E |publisher = [[United States Department of Defense|U.S. Department of Defense]] |year = 1998 |url = https://acc.dau.mil/adl/en-US/683694/file/75173/MIL-STD-882E%20Final%202012-05-11.pdf |id = MIL-STD-882 |access-date = 2012-05-11 |archive-date = 2017-01-31 |archive-url = https://web.archive.org/web/20170131151951/https://acc.dau.mil/adl/en-US/683694/file/75173/MIL-STD-882E%20Final%202012-05-11.pdf |url-status = dead }}</ref> One of the most common fail-safe systems is the overflow tube in baths and kitchen sinks. If the valve sticks open, rather than causing an overflow and damage, the tank spills into an overflow. Another common example is that in an [[elevator]] the cable supporting the car keeps [[spring-loaded brake]]s open. If the cable breaks, the brakes grab rails, and the elevator cabin does not fall. Some systems can never be made fail safe, as continuous availability is needed. For example, loss of engine thrust in flight is dangerous. Redundancy, fault tolerance, or recovery procedures are used for these situations (e.g. multiple independent controlled and fuel fed engines). This also makes the system less sensitive for the reliability prediction errors or quality induced uncertainty for the separate items. On the other hand, failure detection & correction and avoidance of common cause failures becomes here increasingly important to ensure system level reliability.<ref>{{cite book | last = Bornschlegl | first = Susanne | title = Ready for SIL 4: Modular Computers for Safety-Critical Mobile Applications | publisher = MEN Mikro Elektronik | year = 2012 | url = https://www.menmicro.com/downloads/search/dl/sk/%22White%20Paper%3A%20Ready%20for%20SIL4%3A%20Modular%20Computers%20for%20Safety-Critical%20Mobile%20Applications%22/dx/1/ | format = pdf | access-date = 2015-09-21 }}</ref>
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)