------- Start of forwarded message -------
Subject: Re: What safety lesson we may learn from Concord crash?
To: barry...@altavista.com
From: oover...@lexmark.com
List-Post: emc-pstc@listserv.ieee.org
Date: Thu, 3 Aug 2000 14:11:05 -0400
Barry,
Let me respond to your comments regarding management and business.
I couldn't agree with you more about the fact that there are many great managers
and companies that understand and support the safety of their products.
I have worked and do currently work for one of them. These are the managers
that are willing to put their trust into your judgement regardless of what the
standard says. The companies establish policies that go beyond the minimum of
the standard and rely on experience, and sometimes judgement, to make their
products safe.
The problems are those middle managers that you constantly have to battle. This
can be for several reasons. One might be a factor of trust in either you or the
system. Another might be an ego thing. Another might be the pressure they are
feeling to make a budget or schedule and they got behind the power curve through
overwork or ignorance. Some just don't want to be forced to do anything that
they don't understand enough to support it.
When this attitude invades a company culture it can poison it and unless
corrected, will ultimately kill the company (or at least take it down enough
until it gets taken over or overhauled.
You mentioned the factor of trust. That, to me, is the key. If the company
hires the people it needs and puts the trust for corporate health in them then
everybody benefits. If anyone breaks that trust repeatedly, then they must be
dealt with on an individual basis. I've seen too often when a manager or
decision maker was afraid to face the individual and instead made a new policy
that punished every individual. Maintain the trust and the system will work.
Now this trust can be broken by either avoiding following the minimum
requirement or by the person setting the requirements getting on a power kick
and establishing requirements that are unnecessary. Every coin has two sides.
Now to the issue of the other events.
*** Arian ***
A French space launch vehicle company. They developed a model called the "Arian
V" based on an earlier version "Arian IV". The operational capabilities were
somewhat different. They re-used some of the control software from the IV. On
the initial launch the vehicle went off course and started to come apart. When
the computers detected a different trajectory that they expected they, as
designed, attributed it to a hardware failure and shut the computer down and
went to a backup. The backup computer used the same hardware and software. It
saw the same data and made the same assumptions and it also shut down. The main
computer then looked for data from a source that was suppose to be unused data
tables. These tables, being from the old software, were unused but not empty.
They told the flight control system to attempt to fly the trajectory of the
Arian IV vehicle. The Arian V was not physically capable of correcting and
flying that trajectory and started coming apart.
They had to use the "self-destruct" system. A review of the mishap found that
due to schedule, budget, and management decisions, the software was not
adequately tested to ensure that it worked the same in the new system as it did
in the old system. There were people that had warned that the software needed to
be checked but they were either ignored or overridden.
*** Hyatt Regency ***
A hotel in the Midwest, I don't remember in what city. There were three
suspended walkways across the hotel lobby, one for each floor. These walkways
were suspended by large rods. The original design called for a single rod to
support each section of two of the walkways (one over the other, i.e. third and
first floors. The second floor was hung from a separate set of rods.) To
simplify construction the construction contractor decided to use one rod from
the ceiling to the third floor frame and another rod from the third floor frame
to the first floor frame. This design resulted in shear forces between the two
rods equal to the weight of both walkways. The original design would have
resulted in the forces of only one walkway.
During an opening party, when several people were on the walkway, the third
floor walkway colasped and killed several.
This change went through several reviews and the original designer signed off on
it. I don't know what the actual reason for the oversight but I can imagine
that schedule and budget had a lot to do with it.
*** Pinto ***
A car made by the Ford motor company in the 60s and 70s. The gas tank and
filler neck was placed in such a way that when a car was impacted from the rear
there was a significant likelihood that a fire would be created. Several fires
did occur and several people died as a result. During the investigation and
trial, it was revealed that Ford engineers raised the issue and the decision was
made to go with the design as it was. Memos were presented to show that people
within Ford decided that the cost of paying out insurance claims would be less
that instituting the fix.
Can big companies with good intentions be overruled by individuals with
something other that pure motives. Yes. Does it happen often. Probably not
but then how often can we afford to let it happen. Many people not exposed to a
risk are quite willing to accept the risk. My thought whenever I make a safety
decision (and they are not all clear cut) is: Would I give this product to my
wife, child, or mother. If I wouldn't then I don't let it pass.
If you would like any more information regarding these or other similar
incidents please contact me again and I will try to dig up the references for
you.
There are also some good books on the subject.
Thank you for your response and comments. I guess I was venting a little. It
just gets to me sometimes when old memories get dredged up.
Oscar
-----------------
barry_ma%altavista....@interlock.lexmark.com on 08/03/2000 12:20:23 PM
To: Oscar_Overton/Lex/Lexmark@LEXMARK
cc: (bcc: Oscar Overton/Lex/Lexmark)
Subject: Re: What safety lesson we may learn from Concord crash?
Dear Oscar,
I appreciate and respect your insightful observations based on your long term
experiences doing safety jobs for 23 years in Air Force and 15 years in your
current job. agree with most of your comments. Please allow me to supplement
my two cents below.
I know Challenger, which crashed during take-off stage with 7 astronauts. But,
pardon my ignorance, I know nothing about Arian, Hyatt Regency, Pinto, ad
infinitum. Would you mind giving me a brief description?
Many knowledgeable managers and engineers have positive view to our compliance
job. I can feel their sincere support and understanding in my career.
The market competition would force companies to realize that maintaining
compliance integrity is also beneficial to their profits in the long run. Say,
if an airplane model or an airline company does not have good safety record,
passengers would not take them. They would finally become out of business.
Our job is an indispensable part of the company we are working for. We feel
being
trusted to be placed in our positions to avoid the mishaps. In case something
wrong happened the whole company would be to blame.
Thanks.
Best Regards,
Barry Ma <b...@anritsu.com>
ANRITSU www.anritsu.com
Morgan Hill, CA 95037
Tel. 408-778-2000 x 4465
------- End of forwarded message -------
_______________________________________________________________________
Free Unlimited Internet Access! Try it now!
http://www.zdnet.com/downloads/altavista/index.html
_______________________________________________________________________
-------------------------------------------
This message is from the IEEE EMC Society Product Safety
Technical Committee emc-pstc discussion list.
To cancel your subscription, send mail to:
majord...@ieee.org
with the single line:
unsubscribe emc-pstc
For help, send mail to the list administrators:
Jim Bacher: jim_bac...@mail.monarch.com
Michael Garretson: pstc_ad...@garretson.org
For policy questions, send mail to:
Richard Nute: ri...@ieee.org
