All, Thanks for the many inputs on the idea of Safety Critical Components. For those that are interested, here is a general summary of the input I recieved.
Safety vs. Compliance ===================== A key issue that should be brought into the analysis of safety critical parts is that many particular aspects in designs are driven by a need to comply to specific standards rather than a an original analysis of whether the aspect is needed for safety. Often, aspects of design that are provided in order to achieve compliance are confused with aspects that are needed for safety because of the impression (right or wrong) that the overall goal of the standard is to achieve an acceptable level of safety. For example, the NEC constrains only the colors of line, neutral and grounding conductors. NFPA 79 constrains these conductors as well as many other regimes such as DC power conductors and DC grounded return conductors. So, it might be inferred that wire color is a safety critical issue. It is doubtful one would argue that, generally, wire carrying potentially hazardous voltages are NOT safety critical. However, a more reasonable debate might arise over lenses used to give color to warning lights. Is the color of the lens a safety critical issue, or only presence or absence of a light? The Error of Focusing only on Components ======================================== A key method to identify something as safety critical is to do an FMEA (Failure Modes/Methods and Effects Analysis). If the failure of the object of the analysis can cause significant harm to the target of concern then the object is safety critical. Of course, significant harm is a subjective decision, and the target of concern will vary (i.e. passers by, service personnel, the environment, etc...) The point for now is that the object of analysis may not be a single component. It may be a feature, a system, an assembly. The Importance of Context ========================= One can not identify a component as safety critical without understanding the system/environment it is used in. For example, a hookup wire may only be safety critical when it is used in a hazardous voltage circuit. And, along a similar line of thought, a component that is TYPCIALLY used in a safety critical context, can be used in a context in which it is not safety critical. For example, a 12 AWG wire with 300V rated insulation is not safety critical when it is used in a 5 volt current limited circuit. Negative Safety Contribution ============================= Some respondents noted components that are safety critical because they can cause harm or could be designed incorrectly. For example, in this line of thinking, a panel could be a safety critical part if it has (or could have) sharp edges or excessive weight. Normal Operation and Failure Modes ================================== It was also noted that some safety critical parts only play their role during failure modes. During normal operations they have no significant function. Certainly this is an important observation, but becomes dependent on a more subjective concept of reasonably foreseeable. Already High Risk Industries ============================= The meaning of safety critical can be affected by the overall context of risk that exists to personnel. In an industry where any injury is not acceptable, safety critical has a very conservative interpretation. In other industries, where high risk is more acceptable, safety critical can have a very liberal meaning such as this (taken from a web site) "Safety Critical Component means any component whose failure to perform could cause the failure of, or affect the operation of a Life Support Device" Is it on a List? ================ Some respondents are, presumably, in a position of relying on their product assessors for the definition of safety critical. For them a part is safety critical only if it has been place on a list of "safety critical" parts. Their own judgement does not, apparently, play a significant role in creating this list. Other's noted that a list is a key communication tool for safety critical parts after they have been identified. Single Fault Failure ==================== When delving into theoretical discussions of what parts contribute to critical safety for potential failure scenarios, a boundary is required to keep the discussion practical. The concept of single fault is key in this. That is to say, there seems to be an accepted obligation to protect personnel from reasonably foreseeable single fault failures, but not all conceivable multi-fault scenarios...even when the individual faults are reasonably foreseeable. Relaxed Safety for Certain Groups ================================== Surprisingly, there was little suggestion that the status of safety critical depended on the population (i.e. passer by, operator, service or maintenance) that was interacting with the product. The Most General Definition ============================ The simplist expression for a safety critical part was a part the failure of which can lead to a hazardous situation. Lauren Crane
