A discussion paper published recently, proposed interesting (re-) definitions of some terms (context is AVs) , from usual, such as:
- Safety: absence of unreasonable risk
• Unreasonable risk: risk judged to be unacceptable in a certain context according to valid societal moral concepts
• Risk: combination of the probability of occurrence of harm and the severity of that harm
• Severity: estimate of the extent of harm to one or more individuals that can occur in a potentially hazardous event
• Hazardous event: combination of a hazard and an operational situation
• Hazard: potential source of harm caused by malfunctioning behavior of the item
• Harm: physical injury or damage of persons
• Malfunctioning behavior: failure or unintended behavior of an item with respect to its design intent
• Operational situation: scenario that can occur
To:
- Acceptable: meets all safety constraints as shown by a safety case Note: The phrase “acceptably safe” might be used in some contexts. While “Safety” is used as a modifier, use of the word “safe” alone should be avoided.
• Safety case: structured argument, supported by a body of evidence, that provides a compelling, comprehensible, and sound argument that safety engineering efforts have ensured a system meets a comprehensive set of safety constraints. Note: This emphasizes meeting constraints rather than net risk. A limit to defined operational environments is intentionally excluded.
• Safety engineering: a methodical process of ensuring a system meets all its safety constraints throughout its lifecycle, including hazard analysis, risk assessment, risk mitigation, validation, and field engineering feedback. Note: Requires safety engineering beyond brute force test validation. Hazard analysis is broadened to address all safety constraints.
• Safety constraint: a limitation imposed on risk or other aspects of the system by stakeholder requirements . Note: This implicitly requires identification of stakeholders who might be affected by losses, and makes it more straightforward to view safety as a multi-dimensional constrained optimization problem rather than a mostly one-dimensional pure risk optimization problem [Koopman24b]. Safety constraints might include: limits on individual risks, limits on net risk, exposure limits for specified types of risk patterns, and issues that are difficult to trace to pure risk.
• Risk: combination of the probability of occurrence of a loss, or pattern of losses, and the importance to stakeholders of the associated consequences. Note: Consequence (severity) might be an overriding concern regardless of probability. Net importance can be non-linearly related to individual losses if
forming a pattern. Correlated loss events, inequitable loss patterns, and loss patterns involving a failure to mitigate emergent loss trends are in-scope.
• Loss: an adverse outcome, including damage to the system itself, negative societal externalities, damage to property, damage to the environment, injury or death to animals, and injury or death to people
Note: This is broader in scope than some other typical definitions of loss or harm. Some types of loss might be assigned very low severity in some application domains. Allocation of blame does not affect whether a loss occurred.
