NASA/SP-2014-612, NASA System Safety Handbook, Volume 2: System Safety Concepts, Guidelines, and Implementation Examples has now been released. It is the second of two volumes that collectively comprise the NASA System Safety Handbook. The first volume, NASA/SP-2010-580, NASA System Safety Handbook, Volume 1: System Safety Framework and Concepts for Implementation, was published in November 2011.

Volume 2 of the System Safety Handbook was developed to support the core strategic goals, objectives and values of the agency. The handbook promotes an objectives-driven approach to System Safety, explicitly focusing efforts on achieving adequate safety while allowing flexibility in the execution, thereby accommodating next-generation engineering practices and promoting innovation.

Volume 2 also promotes a coherent approach to risk acceptance decision-making at Key Decision Points through a comprehensive, case-based approach to safety assurance. A case-based approach focuses on achieving safety objectives instead of producing specific deliverables.  In a case-based approach, the program or project must show that the safety objectives are being met using system information and System Safety products and activities as evidence. The approach also helps identify assurance deficits due to flaws in the safety argument and/or inadequacies in its evidentiary support.

The implementation guidelines provided in Volume 2 are based on a number of integrating principles, such as

1. Safety is an emergent property of a system that arises when system components interact with each other, with the environment in which the system is operated and with the system operators
2. Engineering, operational and management activities that affect System Safety should be informed by an Integrated Safety Analysis to help ensure that scenarios that cut across subsystem boundaries are fully addressed
3. While a system should meet its specified safety requirements and should be as safe as reasonably practicable, it should also be affordable with a high degree of confidence
4. New opportunities for improving safety should be exploited when the improvement in safety justifies the sacrifice that might be entailed in cost, schedule or technical performance
5. The greatest threats to safety, cost containment, schedule adherence and technical performance are not from the risks that are known and fully appreciated, but from the risks that are unknown and/or known but underappreciated. These threats are best controlled through organizational and managerial means and through reliance on engineering best practices such as robust margins, adherence to codes and standards, etc.
6. Imposing unnecessary requirements just because “that’s the way it was always done” may lead to suboptimal results
7. To ensure that a system is adequately safe, it is necessary to demonstrate, through a convincing set of arguments backed by evidence, that the system meets its safety objectives
8. Before the approval authority can make an informed decision, an assurance entity that possesses expertise in the areas covered by the safety case must make a thorough evaluation of the safety claims and supporting evidence.
9. Because of the inductive nature of safety cases, the evaluation should include a rigorous, interrogative attempt to identify flaws in the safety argument, rather than attempting to “prove” it in some absolute sense

Each of these principles represents a somewhat new direction of thinking at NASA. In particular, the idea that System Safety should be ensured using integrated analysis techniques rather than analysis deliverables is a departure from present practice. Furthermore, the emphasis on applying realistic margins to establish meaningful safety thresholds and goals is a new concept, not only for NASA, but for other aerospace and nuclear agencies as well. It is a concept that has been heartily endorsed by the Aerospace Safety Advisory Panel. 

Finally, it is important to note that, as stated in the preface to Volume 2, “the transition from today’s approach to the new one will not take place at once. Over a period of time, implementation plans will be developed with the broad participation of Agency personnel, and the plans will be implemented gradually but steadily. During this transition, the new concepts will be piloted, lessons will be learned, and the content of this handbook will be updated as necessary to continually reflect a vision of system safety that is optimal for the Agency.”

Contact Dr. Homayoon Dezfuli, NASA System Safety technical fellow, with questions concerning System Safety handbooks.