A Systems Theoretic Approach to Safety Engineering

A model or set of assumptions about how accidents occur lies at the foundation of all accident prevention and investigation efforts. Traditionally, accidents have been viewed as resulting from a chain of events, each directly related to its “causal” event or events. The event(s) at the beginning of the chain is labelled the root cause. Event-chain models, however, are limited in their ability to handle new or increasingly important factors in engineering: system accidents (arising from dysfunctional interactions among components and not just component failures), software-related accidents, complex human decision-making, and system adaptation or migration toward an accident over time [8, 9]. A systems-theoretic approach to understanding accident causation allows more complex relationships between events (e.g., feedback and indirect relationships) to be considered and also provides a way to look more deeply at why the events occurred. Accident models based on systems theory consider accidents as arising from the interactions among system components and usually do not specify single causal variables or factors [7]. Whereas industrial (occupational) safety models focus on unsafe acts or conditions and reliability engineering emphasizes failure events and the direct relationships between these events, a systems approach takes a broader view of what went wrong with the system’s operation or organization to allow the accident to take place. This paper provides a case study of a systems approach to safety by applying it to a water contamination accident in Walkerton, a small town in Ontario, Canada, that occurred in May 2000. About half the people in the town of 4800 became ill and seven died [10]. The systems-theoretic approach to safety is first described and then the Walkerton accident is used to show various ways that systems theory can be used to provide important information about accident causation. The analysis uses the STAMP (Systems-Theoretic Accident Model and Processes) model that was presented at the MIT Internal Symposium in May 2002 [9].