Thursday, January 2, 2020

The power of case studies in system safety



Images: Andrew Hopkins titles



Images: Other safety sources

One of the genuinely interesting aspects of the work of Andrew Hopkins is the extensive case studies he has conducted of the causation of serious industrial accidents. A good example is his analysis of the explosion of an Esso natural gas processing plant in Longford, Australia in 1998, presented in Lessons from Longford: The ESSO Gas Plant Explosion, with key findings also presented in this video. Also valuable is Hopkins' analysis of the Deepwater Horizon blowout in the Gulf of Mexico (link). Here he dispassionately walks through the steps of the accident and identifies faults at multiple levels (operator, engineering, management, corporate policy).

In addition to these books about major accidents and disasters, Hopkins has also created a number of very detailed videos based on the analysis presented in the case studies. These videos offer vivid recreation of the accidents along with a methodical and evidence-based presentation of Hopkins' analysis of the causes of the accidents at multiple levels.

It is intriguing to consider whether it would be possible to substantially improve the "safety thinking" of executives and managers in high-risk industries through an intensive training program based on case studies like these. Intensive system safety training for executives and managers is clearly needed. If complex processes are to be managed in a way that avoids catastrophic failures, executives and managers need to have a much more sophisticated understanding of safety science. Further, they need more refined skills in designing and managing risky processes. And yet much training about industrial safety focuses on the wrong level of accidents -- shop floor accidents, routine injuries, and days-lost metrics -- whereas there is a consensus among safety experts that the far larger source of hazard in complex industrial processes lies at the system level.

We might think of Hopkins' case studies (and others that are available in the literature) as the basis of cognitive and experiential training for executives and managers on the topic of system safety, helping them gain a broader understanding of the kinds of failures that are known to lead to major accidents and better mental skills for managing risky processes. This might be envisioned in analogy with the training that occurs through scenario-based table-top exercises for disaster response for high-level managers, where the goal is to give participants a practical and experiential exposure to the kinds of rare situations they may be suddenly immersed in and a set of mental tools through which to respond. (My city's top fire official and emergency manager once said to a group of senior leaders at my university at the end of a presentation about the city's disaster planning: "When disaster strikes, your IQ will drop by 20 points. So it is imperative that you work with lots of scenarios and develop a new set of skills that will allow you to respond quickly and appropriately to the circumstances that arise. And by the way -- a tornado has just blown the roof off the humanities building, and there are casualties!")

Consider a program of safety training for managers along these lines: simulation-based training, based on detailed accident scenarios, with a theoretical context introducing the ideas of system accidents, complexity, tight coupling, communications failures, lack of focus on organizational readiness for safety, and the other key findings of safety research. I would envision a week-long training offering exposure to the best current thinking about system safety, along with exposure to extensive case studies and a number of interactive simulations based on realistic scenarios.

I taught a graduate course in public policy on "Organizational causes of large technology failures" this year that made substantial use of case materials like these. Seeing the evolution that masters-level students underwent in the sophistication of their understanding of the causes of large failures, it seems very credible that senior-manager training like that described here would indeed be helpful. The learning that these students did on this subject was evident through the quality of the group projects they did on disasters. Small teams undertook to research and analyze failures as diverse as the V-22 Osprey program, the State of Michigan Unemployment Insurance disaster (in which the state's software system wrongly classified thousands of applicants as having submitted fraudulent claims), and the Chinese melamine milk adulteration disaster. Their work products were highly sophisticated, and very evidently showed the benefits of studying experts such as Diane Vaughan, Charles Perrow, Nancy Leveson, and Andrew Hopkins. I feel confident that these students would be able to take these perspectives and skills into the complex organizations in which they may work in the future, and their organizations will be safer as a result.

This kind of training would be especially useful in sectors that involve inherently high risks of large-scale accidents -- for example, the rail industry, marine shipping, aviation and space design and manufacturing, chemical and petrochemical processing, hospitals, banking, the electric power grid, and the nuclear industry.

(I should note that Hopkins himself provides training materials and consultation on the subject of system safety through FutureMedia Training Resources (link).)

No comments: