Tuesday, September 18, 2007

Classifying causes

I have had a comment on my last post regarding the Virgin train crash. It questions whether there are problems with accident investigation because we have not properly defined the terminology used to describe different types of cause (e.g. "immediate" and "underlying").

My view is that these classifications of cause do not give us the full range needed to fully explain an accident. The reality is that there are many different types of failure that can contribute to an accident, and each of these failures may have multiple causes. Most accidents will start with a combination of technical, human and organisational failures that create a hazardous situation. This already highlights the complexity. For example, a human error can be an "immediate" cause of an accident, but it can also cause a technical failure, in which case the human error would be an "underlying" cause.

This is further complicated by the fact that a hazardous situation does not necessarily result in an accident. If the situation has been predicted defences can be put in place. Only if these fail do you have a developing incident. Even then there are opportunities to recover the situation. Failure to recover results in an accident, whilst successful recovery means it is a near miss.

If I look at an accident I tend to start by thinking "what failures resulted in a hazardous situation developing, were there potential defences and did they fail, and could the situation have been recovered?" This gives me a set of failures (you may call them "immediate" causes) that require analysis. These can then be broken down, for example using "why trees" until the root causes are found. In this case the root causes are where the "why tree" cannot be broken down any further.

My view of failure types comes from a model I first saw in the PhD thesis of Tjerk van Der Schaaf, who is now a professor at Eidhoven University. You can see the model reproduced in another thesis (see figure 1.1 on page 6).

Andy Brazier

No comments: