The Practicalities of Goal-Based Safety Regulation

Penny, J. P.; Eaton, Andrew; Bishop, Peter; Bloomfield, Robin

doi:10.1007/978-1-4471-0713-2_3

Cited by 26 publications

(19 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Goal-based regulation sets the goals to be achieved, but allows for alternative ways to achieve compliance [2]. This is the opposite of a prescriptive approach which specifies what a system owner must do to fulfill a standard.…”

Section: Goal-based Safety Regulationmentioning

confidence: 99%

“…This is the opposite of a prescriptive approach which specifies what a system owner must do to fulfill a standard. An example of a prescriptive approach is "you shall install a 1 meter high rail at the edge of the cliff", while the goal-based approach would be "people shall be prevented from falling over the edge of the cliff" [2]. The goal-based approach thus increases a system owner's freedom to choose the best solution for each specific context.…”

Section: Goal-based Safety Regulationmentioning

confidence: 99%

See 1 more Smart Citation

A Retrospective Safety Case for an Advanced Driller's Cabin using the Goal Structuring Notation (GSN)

2009

View full text Add to dashboard Cite

TX 75083-3836, U.S.A., fax +1-972-952-9435. AbstractWe used the Goal Structuring Notation (GSN) to construct a retrospective safety case for a driller's cabin on an offshore drilling rig for the purpose of demonstrating that a retrospective approach can be applied to identify, assess and structure available solutions or evidence. We also evaluated the development process aspects of constructing the safety case retrospectively. Our results showed that a retrospective safety case can be constructed based solely on existing evidence. The retrospective approach did however lead to a stronger focus on fitting the arguments to the evidence and weakening the focus on constructing solid argument structures. Nevertheless, the safety case provided an argument structure supporting diverse evidence.

show abstract

Section: Goal-based Safety Regulationmentioning

confidence: 99%

Section: Goal-based Safety Regulationmentioning

confidence: 99%

A Retrospective Safety Case for an Advanced Driller's Cabin using the Goal Structuring Notation (GSN)

2009

View full text Add to dashboard Cite

show abstract

“…A general tendency to move towards nonprescriptive regulation can be seen in the aircraft industry (see, for example, [46], where this approach is determined as goal-based) and in the nuclear industry [43], where it is sometimes called performance-based regulation. However, we should notice that, although the pure nonprescriptive approach is convenient for a regulator, it could be unsuitable for a developer.…”

Section: The Regulatory Processmentioning

confidence: 99%

“…Problems during elaboration of software standards have been studied for groups of standards [13,14,17,39,46] as well as for separate ones, for example IEC 60880 [28] in [53], IEC 61508 [29] in [7] and RTCA/DO-178B [47] in [10]. However, taking into account the poor quality of some standards (dealt with in Sect.…”

Section: Introductionmentioning

confidence: 99%

Formalization and assessment of regulatory requirements for safety-critical software

Vilkomir

Bowen

Ghose

2006

Innovations Syst Softw Eng

View full text Add to dashboard Cite

Regulatory requirements, as opposed to requirements for a particular system, have a generic nature, are applicable to a wide range of systems and are the basis for certification or licensing process. The important tasks in requirement engineering are resolving requirements inconsistencies between regulators and developers of safety-critical computer systems and the validation of regulatory requirements. This paper proposes a new approach to the regulatory process, including the use of formal regulatory requirements as a basis for the development of software assessment methods. We address the differences between prescriptive and nonprescriptive regulation, and suggest a middle approach. The notion of a normative package is introduced as the collection of documents to be used by a regulator and provided to a developer. It is argued that the normative package should include not only regulatory requirements, but also methods of their assessment. This approach is illustrated with examples of requirements for protecting computer control systems against unauthorized access and against common-mode software failures, using the Z notation for the formalization.

show abstract

“…regulation 2320/2002 which evolved into a detailed, deterministic system aimed at securing civil aviation through a detailed and uniform system for all of the European countries. From the more goalbased way of regulating, the new security regime essentially followed a 'prescriptive' regulatory approach which is based upon mandated compliance (Penny, et al, 2001). This paper discusse show the security regime in aviation deviates from traditional "Nordic" practises of technological risk management in the petroleum sector.…”

mentioning

confidence: 97%

Security risk management in Norwegian aviation meets nordic traditions of risk management

Engen¹

2011

Advances in Safety, Reliability and Risk Management

View full text Add to dashboard Cite

The risk management systems in the Norwegian aviation sector in the aftermath of 9/11 have been a top down process characterised by rapidity and secrecy and there has been little local and national risk assessment involved during the process. Both the aviation sector and the petroleum sector are technologically based organisational systems and both aspire to be associated with best practises of high reliability. A well known statement is that safety regulations in the petroleum sector are founded on traditional democratic ideals in working life. An important aspect of the Nordic regulation practise of safety has been to take care of the interests of groups and thereby increase personal responsibility concerning the workplace and security. The idea is that involvement and participation increase mission valences, legitimacy and trust and therefore the quality of the regulating regime as such. The paper will highlight differences and similarities between the two systems and discuss whether local participation and stakeholder involvement are necessary prerequisites for successful safety/security management. regulation 2320/2002 which evolved into a detailed, deterministic system aimed at securing civil aviation through a detailed and uniform system for all of the European countries. From the more goalbased way of regulating, the new security regime essentially followed a 'prescriptive' regulatory approach which is based upon mandated compliance (Penny, et al., 2001). This paper discusse show the security regime in aviation deviates from traditional "Nordic" practises of technological risk management in the petroleum sector. The paper highlights differences and similarities between the two systems and question whether local participation and stakeholder involvements are necessary prerequisites for successful safety/security management.

show abstract

The Practicalities of Goal-Based Safety Regulation

Cited by 26 publications

References 0 publications

A Retrospective Safety Case for an Advanced Driller's Cabin using the Goal Structuring Notation (GSN)

A Retrospective Safety Case for an Advanced Driller's Cabin using the Goal Structuring Notation (GSN)

Formalization and assessment of regulatory requirements for safety-critical software

Security risk management in Norwegian aviation meets nordic traditions of risk management

Contact Info

Product

Resources

About