350 likes | 373 Views
Accident Causes- Theoretical Framework-. Maurino, Reason, Johnston, Lee Consequences are Dire!. Terminology. Organizational Accident Latent failure Local trigger Active Failure Proximal cause Principle cause Unsafe acts- errors and violations. Individual or Collective errors.
E N D
Accident Causes- Theoretical Framework- Maurino, Reason, Johnston, Lee Consequences are Dire!
Terminology • Organizational Accident • Latent failure • Local trigger • Active Failure • Proximal cause • Principle cause • Unsafe acts- errors and violations
Individual or Collective errors • The issue of whether accidents are individually caused or collectively caused revolves around three dimensions: • Moral • Scientific • Practical
Moral Issue- much to be gained • Easier to pin legal responsibility on individuals- more direct connection • Issue compounded by professionals willing to accept responsibility- (captain etc.) • Most people highly value personal autonomy- “they should have known better” • We assume big failures result from big mistakes rather than several small ones • Emotional satisfaction in blaming someone
The Scientific Dimension- do we stop with people directly involved or go on back? • Why stop at organizational roots? Why not go back to the beginning of creation? • Answer should be practical- go back so far as to be able to change organizational behavior • Peculiar nature of accidents- initially appear to be the convergence of many failures but we would see the same in any organization frozen in time- why then are failures rare?
What then about the practical? • Moral issue- favors individual approach • Scientific issue- undecided • Answer here depends on two factors: • can latent factors be identified and stopped prior to an accident? • The degree to which improvements can better equip the organization to deal with local failures
What have we learned from complex system failures? • Human error in technology breakdown has increased fourfold in 30 years • Failures are not restricted to the sharp end • How do we design a theoretical framework for the origin of organizational accidents?
Step One- building blocks • What do all complex technological systems have in common? • An Organization: Fig./Table 1-1 • Processes • Cultures (P. 7)- common starting point for failure pathways • Local Conditions- Cockpit/ Tower- where organizational decisions meet the road • Defenses/safeguards
Local Conditions- errors and violations • Those related to the task and its environment • Those related to people’s mental and physical states • These can both be sub-divided into three groups: error factors, violation factors, and common (to both) factors
Defenses and safeguards • Checklists- redundant technology- human backups (copilot) • 2 elements to defenses and safeguards in high tech equipment: • automation- increases efficiency by replacing fallible humans • humans- restore order in the event of automation foul up- must think on feet in less than ideal conditions which we’re not good at.
Defenses and Safeguards Ctn. • Classified along 2 dimensions • Functions Served • creating awareness of hazards • detect and warn of the presence of hazards • protect people and environment • Recover from off-normal conditions and restore system • Enable victim escape • Contain Hazmats
Ctn. • Modes of Application: • Engineered safety devices (FMS, GPWS) • Policies, Standards/Controls • Procedures, instructions, supervision • Training, debriefing, practice • Protective equipment- oxygen mask
Step two- Active and Latent Failures (Fig. 1.3 p. 13) • Distinguished in two ways: • length of time it takes failures to reveal adverse effects- active failures are immediate where latent failures can lie dormant for years • Who creates • Active- line personnel- pilots, controllers, mechanics • Latent- managerial/organizational- those separated in time and space from the immediate human-system interface.
Active Failures- • Committed by those on the sharp end- usually caught by system failures but may occur in conjunction with other failures or in less defended systems to cause an accident. • Active failures may create gaps in system- not having plane de-iced prior to take-off
Latent Failures • Due to loopholes in defenses which exist for sometime and may combine with active failures to produce a “trajectory of opportunity” for an accident. • Most are discovered after a defense has failed- not necessarily an accident • Usually revealed retrospectively- key is to do it prospectively
Active/Latent ctn. • Also differ in their necessary basis for their classification • Active failures- psychological origins • Latent failures- systemic terms
Active failures • Occur at three levels- skill based, rule based, and knowledge based which are distinguished along two dimensions: • conscious to automatic • routine to problematic (fig. 1.4) • Combined gives us an “activity space”
Active Failures ctn. • Skill-based- highly practiced tasks, little thought, largely automatic • Rule based- We detect a need for behavior change- pre-packaged solution- emergency checklist • Knowledge based- When all else fails- very error prone especially in an emergency- United 232
Errors vs. violations • Errors- failure of planned actions to achieve their desired consequences • Plan is adequate but actions deviate (slip)- failure of execution • Actions conform but plan is inappropriate- failure of formulation
Violations • Deviations from safe operating practices/rules • deliberate • erroneous (speeding without being aware) • deliberate violations are of most interest as the actions were intended but not necessarily the bad consequences.
Violations vs. errors • Errors are unintended • Errors derive mainly from informational problems (forgetting inattention, incomplete knowledge) violations are largely motivational problems (poor morale, failure to reward compliance and sanction non-compliance)
Ctn. • Errors deal with what occurs in the mind of an individual where violations occur in a social context • Errors can be improved by improving the quality of information- violations require motivational remedies
3 types of errors and violations • Skill based slips and lapses: • Attentional slips- failure to monitor progress of routine actions at some critical point • Memory lapses- forgetfulness, most common type of active failure • Perceptual errors- misrecognize some object- we see what we expect to see • Most slips and lapses have minimal consequences- saying “fine” to “hello”- but in the cockpit they can be dire
Rule based mistakes • Misapplication of good rules- braking to avoid a deer on an icy road- Humans tend to apply solutions to familiar problems on the basis of largely automatic pattern matching • application of bad rules- learning shortcuts and cutting corners- usually circumstances are forgiving and you “get by with it”
Knowledge-based mistakes • Due to • limited capacity of working memory • incomplete mental models of the problem • Thinking on one’s feet- confirmation bias (bending the facts to fit a hasty conclusion), over-confidence, similarity bias,and frequency bias
Violations at the skill based level • Again- corner cutting promoted by a largely indifferent environment
Violations at the rule based level • More deliberate than skill based violations • (p. 20 - 21)
Knowledge based violations • Novel circumstance- no specified procedure • Trainers and procedure writers can only address foreseeable situations • Usually Involve the unexpected occurrence of a rare but trained-for situation or an unlikely combination of individually familiar circumstances
Step #3- Accidental events • Event- complete or partial penetration of an accident trajectory through the system’s defensive layers • Active and Latent failure pathways come together to create complete or partial trajectories of accident opportunity • Local triggers also interact here
Gaps in defenses • Longstanding gaps due to dormant weaknesses • Gaps created knowingly as during maintenance • Gaps created by active failures • An accident occurs when the holes in the defenses line up (holes are dynamic) • What may cause an accident one day may not on another day • Consequences range from a free lesson to a smoking hole. In order to learn we must identify the “organizational pathogens”
Causal Pathways- step #4 • Fig. 1.9- Accidents have varying characters. • Some involve all latent failures- challenger • Some involve all active failures- possibly Egypt Air 990. • Most involve some combination of both • Less defended organizations tend to have failures along the active pathway and visa versa (where a single active failure can serve as a trigger)
In closing: • Cicero stated- “To err is human” • Accidents result from a failure of the risk management system to absorb the consequences of unsafe acts and omissions • Human error is stubborn- sophisticated, discrete solutions to human error will likely lead to more sophisticated sources for error
Closing ctn: • We humans often judge people’s actions individually rather than as part of a system • This leads to backward reasoning (from the accident) which ultimately finds a stage where the chain could have been broken and thus “pilot (operator) error” becomes an easy out- we learn little
Summary • P. 28