Prescriptive safety: have we gone too far?

In NASA’s heyday, the safety of the space shuttle was assured by a strict adherence to ‘Flight Rules’.  These were black and white rules that identified precisely what action should be taken under specific circumstances. For example, if instrumentation suggested a fuel cell had failed, the launch was cancelled. No argument, even if instrumentation malfunction was suspected. Their purpose was “to protect against the temptation to take risks” (Ref. 1).

CONTINUOUS IMPROVEMENT?

Flight Rules were developed over the course of the shuttle programme, and took into account lessons learned from both real and simulated failures.  As such, they grew in number steadily, and whilst they undoubtedly saved lives they were also responsible for an increasing rate of aborted missions. Although it seems churlish to argue with such an approach in the context of the hazards of space flight, as evidenced by the Challenger and Columbia disasters, it illustrates nicely one of the potential pitfalls of black and white safety improvement.

BLACK AND WHITE SAFETY

Coming back to earth, the major hazard industries face a somewhat parallel situation as standards mature. Lessons learnt are continuously reflected in updated or new regulations, codes and standards, both from recognised professional institutions and operators, for everything from nuts and bolts, to cranes, to blowout preventers. The majority, like Flight Rules, are black and white – there are no shades of grey for circumstances where the consequences of failure are limited or infrequent (or both). Inevitably, compliance ratchets the costs throughout the life cycle and for each new project.

In the nuclear industry, which is arguably the most mature (and most expensive), this vicious circle is broken to some extent by classifying equipment according to its importance to safety and tailoring requirements to avoid gold-plating.

Maritime classification societies and the IMO, on the other hand, have introduced risk-based rules and goal-based standards respectively in recent years, which in principle provide more flexibility and steer away from blind compliance.

ALARP THINKING

In the UK, the principle of reducing risks ALARP (As Low As Reasonably Practicable) adds into the mix a legal imperative for continuous improvement. In a nutshell, for new equipment the ALARP principle requires compliance with relevant codes and standards and adoption of good practice elsewhere as a minimum, together with consideration of options for improvement, which can only be discounted if the time, trouble and cost are grossly disproportionate to the benefit. If these improvements are subsequently enshrined in updated standards or deemed to be relevant good practice, this becomes the new baseline.

The problem is compounded when more and more preferential requirements are added into standards by well intentioned technical authorities – something that is quite common in large operators with their own engineering standards.  The standards can become complex, difficult to comply with and may even lead to design solutions where the associated safety risk is actually higher than a simpler, cheaper design based on inherent safety thinking.  Moreover, it is difficult to see how raising standards ad infinitum is sustainable, economically speaking.

Quite clearly, the solution to this conundrum is to think hard about the potential applicability of standards and make clear the distinction between essential and nice-to-have requirements in varying circumstances. At a high level this could take the form of specifying when certain standards as a whole apply (and when they don’t).  At a more detailed level, within standards themselves, there is plenty of scope for spelling out any relaxations or offering alternative risk-based avenues of compliance.

CONCLUSION

In a world where spiralling costs in the name of safety are a recipe for project cancellations, the clear message to operators and professional bodies is to build risk-based flexibility into otherwise black and white standards.

References

1.   Chris Hadfield, An Astronaut’s Guide to Life on Earth.

This article first appeared in RISKworld issue 27