- To create understanding / awareness of local hazards
- To give guidance on how to work safely
- To provide alarms / warnings when danger is close
- To restore the system to a safe state
- To interpose safety barriers between hazards and potential losses
- To contain / eliminate the hazards
- To provide a means of escape and rescue should hazard containment fail.
You can think of defences in depth by the successive layers of protection, protecting against failure of the one in front.
So you have “Hard” defences:
- Engineered safety features including system design, interlocks, physical barriers, etc
- PPE (Generally some solid matter between you and something else)
A whole series of “Soft” defences:
- Legislation, including licensing, certification, etc.
- Rules and procedures
- Training, information and supervision
- Front line operator (The person doing the job)
Ideally each defensive layer would be impervious. But in reality, the layers are like slices of Swiss cheese with holes that continually open, close, and shift location due to changes in situations and people.
And occasionally the holes line up!
There are a whole series of defences that we have, that can include training, it can include protective equipment, it can include procedures, it can include audits, it can include supervisors and so on. But the problem is that they are all moving around, and they change over time so that sometimes the holes line up, and we have a problem.
The defences also breakdown due to changes in personnel, changes to processes, changes in circumstances, you name it there are changes going on all the time.
Breaching the defences – Active Failures and Latent Conditions
People contribute to the breakdown of system defences through Active Failures – immediate errors and violations, also called unsafe acts, which may have a direct impact on the safety of the system.
And here is where a lot of people part company because they basically say,
“oh, unsafe acts, well if we stop people doing unsafe acts well then we are obviously going to have a safe system and so we will focus on the individuals making sure that they do the right thing all the time”,
Which is fine if you have one supervisor for every individual, but if you don’t then you are going to have real trouble.
The other approach is to say, why did the people behave the way they did? Did they behave that way because of something inherent in the system?
And therefore we can do something about that. Continue reading Part 4: Breaching the Defences - Active Failures and Latent Conditions