------- Start of forwarded message ------- Subject: Re: What safety lesson we may learn from Concord crash? To: barry...@altavista.com From: oover...@lexmark.com List-Post: emc-pstc@listserv.ieee.org Date: Thu, 3 Aug 2000 14:11:05 -0400
Barry, Let me respond to your comments regarding management and business. I couldn't agree with you more about the fact that there are many great managers and companies that understand and support the safety of their products. I have worked and do currently work for one of them. These are the managers that are willing to put their trust into your judgement regardless of what the standard says. The companies establish policies that go beyond the minimum of the standard and rely on experience, and sometimes judgement, to make their products safe. The problems are those middle managers that you constantly have to battle. This can be for several reasons. One might be a factor of trust in either you or the system. Another might be an ego thing. Another might be the pressure they are feeling to make a budget or schedule and they got behind the power curve through overwork or ignorance. Some just don't want to be forced to do anything that they don't understand enough to support it. When this attitude invades a company culture it can poison it and unless corrected, will ultimately kill the company (or at least take it down enough until it gets taken over or overhauled. You mentioned the factor of trust. That, to me, is the key. If the company hires the people it needs and puts the trust for corporate health in them then everybody benefits. If anyone breaks that trust repeatedly, then they must be dealt with on an individual basis. I've seen too often when a manager or decision maker was afraid to face the individual and instead made a new policy that punished every individual. Maintain the trust and the system will work. Now this trust can be broken by either avoiding following the minimum requirement or by the person setting the requirements getting on a power kick and establishing requirements that are unnecessary. Every coin has two sides. Now to the issue of the other events. *** Arian *** A French space launch vehicle company. They developed a model called the "Arian V" based on an earlier version "Arian IV". The operational capabilities were somewhat different. They re-used some of the control software from the IV. On the initial launch the vehicle went off course and started to come apart. When the computers detected a different trajectory that they expected they, as designed, attributed it to a hardware failure and shut the computer down and went to a backup. The backup computer used the same hardware and software. It saw the same data and made the same assumptions and it also shut down. The main computer then looked for data from a source that was suppose to be unused data tables. These tables, being from the old software, were unused but not empty. They told the flight control system to attempt to fly the trajectory of the Arian IV vehicle. The Arian V was not physically capable of correcting and flying that trajectory and started coming apart. They had to use the "self-destruct" system. A review of the mishap found that due to schedule, budget, and management decisions, the software was not adequately tested to ensure that it worked the same in the new system as it did in the old system. There were people that had warned that the software needed to be checked but they were either ignored or overridden. *** Hyatt Regency *** A hotel in the Midwest, I don't remember in what city. There were three suspended walkways across the hotel lobby, one for each floor. These walkways were suspended by large rods. The original design called for a single rod to support each section of two of the walkways (one over the other, i.e. third and first floors. The second floor was hung from a separate set of rods.) To simplify construction the construction contractor decided to use one rod from the ceiling to the third floor frame and another rod from the third floor frame to the first floor frame. This design resulted in shear forces between the two rods equal to the weight of both walkways. The original design would have resulted in the forces of only one walkway. During an opening party, when several people were on the walkway, the third floor walkway colasped and killed several. This change went through several reviews and the original designer signed off on it. I don't know what the actual reason for the oversight but I can imagine that schedule and budget had a lot to do with it. *** Pinto *** A car made by the Ford motor company in the 60s and 70s. The gas tank and filler neck was placed in such a way that when a car was impacted from the rear there was a significant likelihood that a fire would be created. Several fires did occur and several people died as a result. During the investigation and trial, it was revealed that Ford engineers raised the issue and the decision was made to go with the design as it was. Memos were presented to show that people within Ford decided that the cost of paying out insurance claims would be less that instituting the fix. Can big companies with good intentions be overruled by individuals with something other that pure motives. Yes. Does it happen often. Probably not but then how often can we afford to let it happen. Many people not exposed to a risk are quite willing to accept the risk. My thought whenever I make a safety decision (and they are not all clear cut) is: Would I give this product to my wife, child, or mother. If I wouldn't then I don't let it pass. If you would like any more information regarding these or other similar incidents please contact me again and I will try to dig up the references for you. There are also some good books on the subject. Thank you for your response and comments. I guess I was venting a little. It just gets to me sometimes when old memories get dredged up. Oscar ----------------- barry_ma%altavista....@interlock.lexmark.com on 08/03/2000 12:20:23 PM To: Oscar_Overton/Lex/Lexmark@LEXMARK cc: (bcc: Oscar Overton/Lex/Lexmark) Subject: Re: What safety lesson we may learn from Concord crash? Dear Oscar, I appreciate and respect your insightful observations based on your long term experiences doing safety jobs for 23 years in Air Force and 15 years in your current job. agree with most of your comments. Please allow me to supplement my two cents below. I know Challenger, which crashed during take-off stage with 7 astronauts. But, pardon my ignorance, I know nothing about Arian, Hyatt Regency, Pinto, ad infinitum. Would you mind giving me a brief description? Many knowledgeable managers and engineers have positive view to our compliance job. I can feel their sincere support and understanding in my career. The market competition would force companies to realize that maintaining compliance integrity is also beneficial to their profits in the long run. Say, if an airplane model or an airline company does not have good safety record, passengers would not take them. They would finally become out of business. Our job is an indispensable part of the company we are working for. We feel being trusted to be placed in our positions to avoid the mishaps. In case something wrong happened the whole company would be to blame. Thanks. Best Regards, Barry Ma <b...@anritsu.com> ANRITSU www.anritsu.com Morgan Hill, CA 95037 Tel. 408-778-2000 x 4465 ------- End of forwarded message ------- _______________________________________________________________________ Free Unlimited Internet Access! Try it now! http://www.zdnet.com/downloads/altavista/index.html _______________________________________________________________________ ------------------------------------------- This message is from the IEEE EMC Society Product Safety Technical Committee emc-pstc discussion list. To cancel your subscription, send mail to: majord...@ieee.org with the single line: unsubscribe emc-pstc For help, send mail to the list administrators: Jim Bacher: jim_bac...@mail.monarch.com Michael Garretson: pstc_ad...@garretson.org For policy questions, send mail to: Richard Nute: ri...@ieee.org