SlideShare a Scribd company logo

System safety

Download as PPTX, PDF
S
sommerville-videos

Safety is defined as a system's ability to operate without causing human injury or environmental damage. Safety and reliability are related but distinct, as a reliable system can still be unsafe if requirements are incorrect. There are three approaches to safety critical systems development: hazard avoidance through design, hazard detection and removal before accidents occur, and damage limitation to minimize harm from any accidents.

TechnologyBusiness
1 of 21
System safety System safety, 2013 Slide 1
Safety • Safety is a property of a system that reflects the system’s ability to operate, normally or abnormally, without danger of causing human injury or death and without damage to the system’s environment. System safety, 2013 Slide 2
Principal dependability properties System safety, 2013 Slide 3
Safety criticality • Primary safety-critical systems – Embedded software systems whose failure can cause the associated hardware to fail and directly threaten people. System safety 2013 Slide 4
System safety 2013 Slide 5
• Secondary safety-critical systems – Systems whose failure results in faults in other (socio-technical) systems, which can then have safety consequences. – For example, a medical records system is safetycritical as failure may lead to inappropriate treatment being prescribed. System safety 2013 Slide 6
System safety 2013 Slide 7
Safety and reliability • Safety and reliability are related but distinct • For a system to be safe, it must generally be reliable • However, this is not enough. It must also be safe in the event of system failure System safety 2013 Slide 8
• Reliability is concerned with conformance to a given specification and delivery of service • Safety is concerned with ensuring system cannot cause damage irrespective of whether or not it conforms to its specification System safety 2013 Slide 9
• A reliable system can be unsafe if the requirements are incorrect or incomplete System safety 2013 Slide 10
Unsafe reliable systems The software on this plane operated ‘reliably’ yet the plane crashed- covered in a separate video System safety 2013 Slide 11
Unsafe reliable systems • There may be dormant faults in a system that are undetected for many years and only rarely arise. • Specification errors – If the system specification is incorrect then the system can behave as specified but still cause an accident. System safety 2013 Slide 12
• Hardware failures generating spurious inputs – Hard to anticipate in the specification. • Context-sensitive commands i.e. issuing the right command at the wrong time – Often the result of operator error. System safety 2013 Slide 13
Accident • An unplanned event or sequence of events which results in human death or injury, damage to property, or to the environment. • An overdose of insulin by a softwarecontrolled insulin injection system is an example of an accident. System safety 2013 Slide 14
Hazard • A condition with the potential for causing or contributing to an accident. A failure of the sensor that measures blood glucose is an example of a hazard. System safety 2013 Slide 15
Damage • A measure of the loss resulting from a mishap. Damage can range from many people being killed as a result of an accident to minor injury or property damage. • Damage resulting from an overdose of insulin could be serious injury or the death of the user of the insulin pump. System safety 2013 Slide 16
Safety critical systems development • Hazard avoidance – The system is designed so that some classes of hazard simply cannot arise. System safety 2013 Slide 17
• Hazard detection and removal – The system is designed so that hazards are detected and removed before they result in an accident. System safety 2013 Slide 18
• Damage limitation – The system includes protection features that minimise the damage that may result from an accident. System safety 2013 Slide 19
Summary • Safety is a property of a system that reflects the system’s ability to operate, normally or abnormally, without danger of causing human injury or death. • Safety and reliability are related but reliable systems may be unsafe. System safety 2013 Slide 20
Summary • Hazards are conditions that may (but need not) lead to an accident • Safety is achieved through – Hazard avoidance – Hazard detection and removal – Damage limitation System safety 2013 Slide 21

Recommended

Availability and reliability
Availability and reliabilityAvailability and reliability
Availability and reliability
sommerville-videos
 
IEC 62061 introduction
IEC 62061 introductionIEC 62061 introduction
IEC 62061 introduction
KoenLeekens
 
ISO26262-6 Software development process (Ver 3.0)
ISO26262-6 Software development process (Ver 3.0)ISO26262-6 Software development process (Ver 3.0)
ISO26262-6 Software development process (Ver 3.0)
Hongseok Lee
 
LAYER OF PROTECTION ANALYSIS
LAYER OF PROTECTION ANALYSISLAYER OF PROTECTION ANALYSIS
LAYER OF PROTECTION ANALYSISThapa Prakash (TA-1)
 
Safety Management Systems (SMS) Fundmentals: Policy
Safety Management Systems (SMS) Fundmentals: PolicySafety Management Systems (SMS) Fundmentals: Policy
Safety Management Systems (SMS) Fundmentals: Policy
FAA Safety Team Central Florida
 
MISRA Safety Case Guidelines -
MISRA Safety Case Guidelines - MISRA Safety Case Guidelines -
MISRA Safety Case Guidelines - Automotive IQ
 
SMS - Safety Management Systems
SMS - Safety Management SystemsSMS - Safety Management Systems
SMS - Safety Management Systems
JDA Aviation Technology Solutions
 
Introduction to Functional Safety and SIL Certification
Introduction to Functional Safety and SIL CertificationIntroduction to Functional Safety and SIL Certification
Introduction to Functional Safety and SIL Certification
ISA Boston Section
 

Recommended

Availability and reliability
Availability and reliabilityAvailability and reliability
Availability and reliability
sommerville-videos
 
IEC 62061 introduction
IEC 62061 introductionIEC 62061 introduction
IEC 62061 introduction
KoenLeekens
 
ISO26262-6 Software development process (Ver 3.0)
ISO26262-6 Software development process (Ver 3.0)ISO26262-6 Software development process (Ver 3.0)
ISO26262-6 Software development process (Ver 3.0)
Hongseok Lee
 
LAYER OF PROTECTION ANALYSIS
LAYER OF PROTECTION ANALYSISLAYER OF PROTECTION ANALYSIS
LAYER OF PROTECTION ANALYSISThapa Prakash (TA-1)
 
Safety Management Systems (SMS) Fundmentals: Policy
Safety Management Systems (SMS) Fundmentals: PolicySafety Management Systems (SMS) Fundmentals: Policy
Safety Management Systems (SMS) Fundmentals: Policy
FAA Safety Team Central Florida
 
MISRA Safety Case Guidelines -
MISRA Safety Case Guidelines - MISRA Safety Case Guidelines -
MISRA Safety Case Guidelines - Automotive IQ
 
SMS - Safety Management Systems
SMS - Safety Management SystemsSMS - Safety Management Systems
SMS - Safety Management Systems
JDA Aviation Technology Solutions
 
Introduction to Functional Safety and SIL Certification
Introduction to Functional Safety and SIL CertificationIntroduction to Functional Safety and SIL Certification
Introduction to Functional Safety and SIL Certification
ISA Boston Section
 
NEN_SIL Platform_Risk matrix guide
NEN_SIL Platform_Risk matrix guideNEN_SIL Platform_Risk matrix guide
NEN_SIL Platform_Risk matrix guide
Rianne Boek
 
Session no. 3 safety management standards
Session no. 3 safety management standardsSession no. 3 safety management standards
Session no. 3 safety management standards
sameh shalash
 
BUSINESS CONTINUITY PLANNING AND RISK MANAGEMENT
BUSINESS CONTINUITY PLANNING AND RISK MANAGEMENTBUSINESS CONTINUITY PLANNING AND RISK MANAGEMENT
BUSINESS CONTINUITY PLANNING AND RISK MANAGEMENT
Continuity and Resilience
 
Safety Management Systems (SMS) Fundmentals: Safety Risk Management Component
Safety Management Systems (SMS) Fundmentals: Safety Risk Management ComponentSafety Management Systems (SMS) Fundmentals: Safety Risk Management Component
Safety Management Systems (SMS) Fundmentals: Safety Risk Management Component
FAA Safety Team Central Florida
 
Automotive Functional Safety ISO 26262 Training Bootcamp : Tonex Training
Automotive Functional Safety ISO 26262 Training Bootcamp : Tonex TrainingAutomotive Functional Safety ISO 26262 Training Bootcamp : Tonex Training
Automotive Functional Safety ISO 26262 Training Bootcamp : Tonex Training
Bryan Len
 
Introduction to Business Continuity Management
Introduction to Business Continuity ManagementIntroduction to Business Continuity Management
Introduction to Business Continuity ManagementProf. David E. Alexander (UCL)
 
Safety Management Systems (SMS) Fundamentals: Basics
Safety Management Systems (SMS) Fundamentals: BasicsSafety Management Systems (SMS) Fundamentals: Basics
Safety Management Systems (SMS) Fundamentals: Basics
FAA Safety Team Central Florida
 
Bcm Framework PowerPoint Presentation Slides
Bcm Framework PowerPoint Presentation SlidesBcm Framework PowerPoint Presentation Slides
Bcm Framework PowerPoint Presentation Slides
SlideTeam
 
A report on accident scenarios in process plants & how hazop can take lead ro...
A report on accident scenarios in process plants & how hazop can take lead ro...A report on accident scenarios in process plants & how hazop can take lead ro...
A report on accident scenarios in process plants & how hazop can take lead ro...
Ravi chandra kancherla
 
ISO 26262 Unit Testing | Functional Safety in Automotive
ISO 26262 Unit Testing | Functional Safety in Automotive ISO 26262 Unit Testing | Functional Safety in Automotive
ISO 26262 Unit Testing | Functional Safety in Automotive
Embitel Technologies (I) PVT LTD
 
fault tree analysis
fault tree analysisfault tree analysis
fault tree analysisSiti Mastura
 
20131216 cisec-standards-jp blanquart-jmastruc
20131216 cisec-standards-jp blanquart-jmastruc20131216 cisec-standards-jp blanquart-jmastruc
20131216 cisec-standards-jp blanquart-jmastruc
CISEC
 
19 Jun 2018 - Hazard Analysis and Functional Safety Compliance
19 Jun 2018 - Hazard Analysis and Functional Safety Compliance 19 Jun 2018 - Hazard Analysis and Functional Safety Compliance
19 Jun 2018 - Hazard Analysis and Functional Safety Compliance
Intland Software GmbH
 
CMMC, ISO/IEC 27701, and ISO/IEC 27001 — Best Practices and Differences
CMMC, ISO/IEC 27701, and ISO/IEC 27001 — Best Practices and DifferencesCMMC, ISO/IEC 27701, and ISO/IEC 27001 — Best Practices and Differences
CMMC, ISO/IEC 27701, and ISO/IEC 27001 — Best Practices and Differences
PECB
 
Accident Investigation - UK-HSE
Accident Investigation - UK-HSEAccident Investigation - UK-HSE
Accident Investigation - UK-HSE
Graememk2
 
System testing
System testingSystem testing
System testing
Sifat Hossain
 
Sil presentation
Sil presentationSil presentation
Sil presentation
Valeriano Barrilà
 
Risk Assessment
Risk AssessmentRisk Assessment
Risk AssessmentAdam Killian
 
The Security Vulnerability Assessment Process & Best Practices
The Security Vulnerability Assessment Process & Best PracticesThe Security Vulnerability Assessment Process & Best Practices
The Security Vulnerability Assessment Process & Best Practices
Kellep Charles
 
Concepts in Software Safety
Concepts in Software SafetyConcepts in Software Safety
Concepts in Software Safety
dalesanders
 
System dependability
System dependabilitySystem dependability
System dependability
sommerville-videos
 
Critical systems engineering
Critical systems engineeringCritical systems engineering
Critical systems engineering
sommerville-videos
 

More Related Content

What's hot

NEN_SIL Platform_Risk matrix guide
NEN_SIL Platform_Risk matrix guideNEN_SIL Platform_Risk matrix guide
NEN_SIL Platform_Risk matrix guide
Rianne Boek
 
Session no. 3 safety management standards
Session no. 3 safety management standardsSession no. 3 safety management standards
Session no. 3 safety management standards
sameh shalash
 
BUSINESS CONTINUITY PLANNING AND RISK MANAGEMENT
BUSINESS CONTINUITY PLANNING AND RISK MANAGEMENTBUSINESS CONTINUITY PLANNING AND RISK MANAGEMENT
BUSINESS CONTINUITY PLANNING AND RISK MANAGEMENT
Continuity and Resilience
 
Safety Management Systems (SMS) Fundmentals: Safety Risk Management Component
Safety Management Systems (SMS) Fundmentals: Safety Risk Management ComponentSafety Management Systems (SMS) Fundmentals: Safety Risk Management Component
Safety Management Systems (SMS) Fundmentals: Safety Risk Management Component
FAA Safety Team Central Florida
 
Automotive Functional Safety ISO 26262 Training Bootcamp : Tonex Training
Automotive Functional Safety ISO 26262 Training Bootcamp : Tonex TrainingAutomotive Functional Safety ISO 26262 Training Bootcamp : Tonex Training
Automotive Functional Safety ISO 26262 Training Bootcamp : Tonex Training
Bryan Len
 
Safety Management Systems (SMS) Fundamentals: Basics
Safety Management Systems (SMS) Fundamentals: BasicsSafety Management Systems (SMS) Fundamentals: Basics
Safety Management Systems (SMS) Fundamentals: Basics
FAA Safety Team Central Florida
 
Bcm Framework PowerPoint Presentation Slides
Bcm Framework PowerPoint Presentation SlidesBcm Framework PowerPoint Presentation Slides
Bcm Framework PowerPoint Presentation Slides
SlideTeam
 
A report on accident scenarios in process plants & how hazop can take lead ro...
A report on accident scenarios in process plants & how hazop can take lead ro...A report on accident scenarios in process plants & how hazop can take lead ro...
A report on accident scenarios in process plants & how hazop can take lead ro...
Ravi chandra kancherla
 
ISO 26262 Unit Testing | Functional Safety in Automotive
ISO 26262 Unit Testing | Functional Safety in Automotive ISO 26262 Unit Testing | Functional Safety in Automotive
ISO 26262 Unit Testing | Functional Safety in Automotive
Embitel Technologies (I) PVT LTD
 
fault tree analysis
fault tree analysisfault tree analysis
fault tree analysisSiti Mastura
 
20131216 cisec-standards-jp blanquart-jmastruc
20131216 cisec-standards-jp blanquart-jmastruc20131216 cisec-standards-jp blanquart-jmastruc
20131216 cisec-standards-jp blanquart-jmastruc
CISEC
 
19 Jun 2018 - Hazard Analysis and Functional Safety Compliance
19 Jun 2018 - Hazard Analysis and Functional Safety Compliance 19 Jun 2018 - Hazard Analysis and Functional Safety Compliance
19 Jun 2018 - Hazard Analysis and Functional Safety Compliance
Intland Software GmbH
 
CMMC, ISO/IEC 27701, and ISO/IEC 27001 — Best Practices and Differences
CMMC, ISO/IEC 27701, and ISO/IEC 27001 — Best Practices and DifferencesCMMC, ISO/IEC 27701, and ISO/IEC 27001 — Best Practices and Differences
CMMC, ISO/IEC 27701, and ISO/IEC 27001 — Best Practices and Differences
PECB
 
Accident Investigation - UK-HSE
Accident Investigation - UK-HSEAccident Investigation - UK-HSE
Accident Investigation - UK-HSE
Graememk2
 
System testing
System testingSystem testing
System testing
Sifat Hossain
 
Sil presentation
Sil presentationSil presentation
Sil presentation
Valeriano Barrilà
 
The Security Vulnerability Assessment Process & Best Practices
The Security Vulnerability Assessment Process & Best PracticesThe Security Vulnerability Assessment Process & Best Practices
The Security Vulnerability Assessment Process & Best Practices
Kellep Charles
 
Concepts in Software Safety
Concepts in Software SafetyConcepts in Software Safety
Concepts in Software Safety
dalesanders
 

What's hot (20)

NEN_SIL Platform_Risk matrix guide
NEN_SIL Platform_Risk matrix guideNEN_SIL Platform_Risk matrix guide
NEN_SIL Platform_Risk matrix guide
 
Session no. 3 safety management standards
Session no. 3 safety management standardsSession no. 3 safety management standards
Session no. 3 safety management standards
 
BUSINESS CONTINUITY PLANNING AND RISK MANAGEMENT
BUSINESS CONTINUITY PLANNING AND RISK MANAGEMENTBUSINESS CONTINUITY PLANNING AND RISK MANAGEMENT
BUSINESS CONTINUITY PLANNING AND RISK MANAGEMENT
 
Safety Management Systems (SMS) Fundmentals: Safety Risk Management Component
Safety Management Systems (SMS) Fundmentals: Safety Risk Management ComponentSafety Management Systems (SMS) Fundmentals: Safety Risk Management Component
Safety Management Systems (SMS) Fundmentals: Safety Risk Management Component
 
Automotive Functional Safety ISO 26262 Training Bootcamp : Tonex Training
Automotive Functional Safety ISO 26262 Training Bootcamp : Tonex TrainingAutomotive Functional Safety ISO 26262 Training Bootcamp : Tonex Training
Automotive Functional Safety ISO 26262 Training Bootcamp : Tonex Training
 
Introduction to Business Continuity Management
Introduction to Business Continuity ManagementIntroduction to Business Continuity Management
Introduction to Business Continuity Management
 
Safety Management Systems (SMS) Fundamentals: Basics
Safety Management Systems (SMS) Fundamentals: BasicsSafety Management Systems (SMS) Fundamentals: Basics
Safety Management Systems (SMS) Fundamentals: Basics
 
Bcm Framework PowerPoint Presentation Slides
Bcm Framework PowerPoint Presentation SlidesBcm Framework PowerPoint Presentation Slides
Bcm Framework PowerPoint Presentation Slides
 
A report on accident scenarios in process plants & how hazop can take lead ro...
A report on accident scenarios in process plants & how hazop can take lead ro...A report on accident scenarios in process plants & how hazop can take lead ro...
A report on accident scenarios in process plants & how hazop can take lead ro...
 
ISO 26262 Unit Testing | Functional Safety in Automotive
ISO 26262 Unit Testing | Functional Safety in Automotive ISO 26262 Unit Testing | Functional Safety in Automotive
ISO 26262 Unit Testing | Functional Safety in Automotive
 
fault tree analysis
fault tree analysisfault tree analysis
fault tree analysis
 
20131216 cisec-standards-jp blanquart-jmastruc
20131216 cisec-standards-jp blanquart-jmastruc20131216 cisec-standards-jp blanquart-jmastruc
20131216 cisec-standards-jp blanquart-jmastruc
 
19 Jun 2018 - Hazard Analysis and Functional Safety Compliance
19 Jun 2018 - Hazard Analysis and Functional Safety Compliance 19 Jun 2018 - Hazard Analysis and Functional Safety Compliance
19 Jun 2018 - Hazard Analysis and Functional Safety Compliance
 
CMMC, ISO/IEC 27701, and ISO/IEC 27001 — Best Practices and Differences
CMMC, ISO/IEC 27701, and ISO/IEC 27001 — Best Practices and DifferencesCMMC, ISO/IEC 27701, and ISO/IEC 27001 — Best Practices and Differences
CMMC, ISO/IEC 27701, and ISO/IEC 27001 — Best Practices and Differences
 
Accident Investigation - UK-HSE
Accident Investigation - UK-HSEAccident Investigation - UK-HSE
Accident Investigation - UK-HSE
 
System testing
System testingSystem testing
System testing
 
Sil presentation
Sil presentationSil presentation
Sil presentation
 
Risk Assessment
Risk AssessmentRisk Assessment
Risk Assessment
 
The Security Vulnerability Assessment Process & Best Practices
The Security Vulnerability Assessment Process & Best PracticesThe Security Vulnerability Assessment Process & Best Practices
The Security Vulnerability Assessment Process & Best Practices
 
Concepts in Software Safety
Concepts in Software SafetyConcepts in Software Safety
Concepts in Software Safety
 

Viewers also liked

System dependability
System dependabilitySystem dependability
System dependability
sommerville-videos
 
Critical systems engineering
Critical systems engineeringCritical systems engineering
Critical systems engineering
sommerville-videos
 
Architectural patterns for real-time systems
Architectural patterns for real-time systemsArchitectural patterns for real-time systems
Architectural patterns for real-time systems
sommerville-videos
 
Ariane 5 launcher failure
Ariane 5 launcher failure Ariane 5 launcher failure
Ariane 5 launcher failure
sommerville-videos
 
System security
System securitySystem security
System security
sommerville-videos
 
Japan Travel Guide: Tokyo, Kyoto Itinerary
Japan Travel Guide: Tokyo, Kyoto ItineraryJapan Travel Guide: Tokyo, Kyoto Itinerary
Japan Travel Guide: Tokyo, Kyoto Itinerary
Salie Lim
 
Smart material presentation
Smart material presentationSmart material presentation
Smart material presentation
yogesh meenA
 
Cybersecurity 4 security is sociotechnical issue
Cybersecurity 4 security is sociotechnical issueCybersecurity 4 security is sociotechnical issue
Cybersecurity 4 security is sociotechnical issue
sommerville-videos
 
Cybersecurity 3 cybersecurity costs and causes
Cybersecurity 3 cybersecurity costs and causesCybersecurity 3 cybersecurity costs and causes
Cybersecurity 3 cybersecurity costs and causes
sommerville-videos
 
Cybersecurity 5 improving cybersecurity
Cybersecurity 5 improving cybersecurityCybersecurity 5 improving cybersecurity
Cybersecurity 5 improving cybersecurity
sommerville-videos
 
Cybersecurity 3 cybersecurity costs and causes
Cybersecurity 3 cybersecurity costs and causesCybersecurity 3 cybersecurity costs and causes
Cybersecurity 3 cybersecurity costs and causes
sommerville-videos
 
Cybersecurity 5 improving cybersecurity
Cybersecurity 5 improving cybersecurityCybersecurity 5 improving cybersecurity
Cybersecurity 5 improving cybersecurity
sommerville-videos
 
Risk Mitigation for Highway and Railway Bridges
Risk Mitigation for Highway and Railway BridgesRisk Mitigation for Highway and Railway Bridges
Risk Mitigation for Highway and Railway Bridges
Mid-America Transportation Center
 
Critical Systems
Critical SystemsCritical Systems
Critical Systems
Usman Bin Saad
 
Infrastructure control
Infrastructure controlInfrastructure control
Infrastructure control
sommerville-videos
 
Introduction to systems of systems
Introduction to systems of systemsIntroduction to systems of systems
Introduction to systems of systems
sommerville-videos
 
Maroochy water breach
Maroochy water breachMaroochy water breach
Maroochy water breach
sommerville-videos
 
Cybersecurity 4 security is sociotechnical issue
Cybersecurity 4 security is sociotechnical issueCybersecurity 4 security is sociotechnical issue
Cybersecurity 4 security is sociotechnical issue
sommerville-videos
 
Critical national infrastructure
Critical national infrastructureCritical national infrastructure
Critical national infrastructure
sommerville-videos
 

Viewers also liked (20)

System dependability
System dependabilitySystem dependability
System dependability
 
Critical systems engineering
Critical systems engineeringCritical systems engineering
Critical systems engineering
 
Architectural patterns for real-time systems
Architectural patterns for real-time systemsArchitectural patterns for real-time systems
Architectural patterns for real-time systems
 
Ariane 5 launcher failure
Ariane 5 launcher failure Ariane 5 launcher failure
Ariane 5 launcher failure
 
System security
System securitySystem security
System security
 
Japan Travel Guide: Tokyo, Kyoto Itinerary
Japan Travel Guide: Tokyo, Kyoto ItineraryJapan Travel Guide: Tokyo, Kyoto Itinerary
Japan Travel Guide: Tokyo, Kyoto Itinerary
 
Smart material presentation
Smart material presentationSmart material presentation
Smart material presentation
 
Cybersecurity 4 security is sociotechnical issue
Cybersecurity 4 security is sociotechnical issueCybersecurity 4 security is sociotechnical issue
Cybersecurity 4 security is sociotechnical issue
 
Cybersecurity 3 cybersecurity costs and causes
Cybersecurity 3 cybersecurity costs and causesCybersecurity 3 cybersecurity costs and causes
Cybersecurity 3 cybersecurity costs and causes
 
Cybersecurity 5 improving cybersecurity
Cybersecurity 5 improving cybersecurityCybersecurity 5 improving cybersecurity
Cybersecurity 5 improving cybersecurity
 
Cybersecurity 3 cybersecurity costs and causes
Cybersecurity 3 cybersecurity costs and causesCybersecurity 3 cybersecurity costs and causes
Cybersecurity 3 cybersecurity costs and causes
 
Cybersecurity 5 improving cybersecurity
Cybersecurity 5 improving cybersecurityCybersecurity 5 improving cybersecurity
Cybersecurity 5 improving cybersecurity
 
Infrastructure dependability
Infrastructure dependabilityInfrastructure dependability
Infrastructure dependability
 
Risk Mitigation for Highway and Railway Bridges
Risk Mitigation for Highway and Railway BridgesRisk Mitigation for Highway and Railway Bridges
Risk Mitigation for Highway and Railway Bridges
 
Critical Systems
Critical SystemsCritical Systems
Critical Systems
 
Infrastructure control
Infrastructure controlInfrastructure control
Infrastructure control
 
Introduction to systems of systems
Introduction to systems of systemsIntroduction to systems of systems
Introduction to systems of systems
 
Maroochy water breach
Maroochy water breachMaroochy water breach
Maroochy water breach
 
Cybersecurity 4 security is sociotechnical issue
Cybersecurity 4 security is sociotechnical issueCybersecurity 4 security is sociotechnical issue
Cybersecurity 4 security is sociotechnical issue
 
Critical national infrastructure
Critical national infrastructureCritical national infrastructure
Critical national infrastructure
 

Similar to System safety

Software Engineering - Ch3
Software Engineering - Ch3Software Engineering - Ch3
Software Engineering - Ch3Siddharth Ayer
 
Software Engineering - Ch9
Software Engineering - Ch9Software Engineering - Ch9
Software Engineering - Ch9Siddharth Ayer
 
Ch12 safety engineering
Ch12 safety engineeringCh12 safety engineering
Ch12 safety engineering
software-engineering-book
 
Ch12 - Safety Engineering
Ch12 - Safety EngineeringCh12 - Safety Engineering
Ch12 - Safety Engineering
Harsh Verdhan Raj
 
5 Things to Know about Safety and Security of Embedded Systems
5 Things to Know about Safety and Security of Embedded Systems5 Things to Know about Safety and Security of Embedded Systems
5 Things to Know about Safety and Security of Embedded Systems
MEN Mikro Elektronik GmbH
 
5 Things to Know about Safety and Security of Embedded Systems
5 Things to Know about Safety and Security of Embedded Systems5 Things to Know about Safety and Security of Embedded Systems
5 Things to Know about Safety and Security of Embedded Systems
MEN Micro
 
Critical systems intro
Critical systems introCritical systems intro
Critical systems intro
sommerville-videos
 
5 - Safety - Critical Systems.pdf
5 - Safety - Critical Systems.pdf5 - Safety - Critical Systems.pdf
5 - Safety - Critical Systems.pdf
FelixKipyego1
 
Dependability requirements for LSCITS
Dependability requirements for LSCITSDependability requirements for LSCITS
Dependability requirements for LSCITS
Ian Sommerville
 
Depandability in Software Engineering SE16
Depandability in Software Engineering SE16Depandability in Software Engineering SE16
Depandability in Software Engineering SE16koolkampus
 
Vijeo citect quick start tutorial - part 1 ver d
Vijeo citect quick start tutorial - part 1 ver dVijeo citect quick start tutorial - part 1 ver d
Vijeo citect quick start tutorial - part 1 ver d
Abdul Budiman
 
Computer security overview
Computer security overviewComputer security overview
Computer security overview
CAS
 
Ch12
Ch12Ch12
Ch12
Keith Jasper Mier
 
CS 5032 L5 safety specification 2013
CS 5032 L5 safety specification 2013CS 5032 L5 safety specification 2013
CS 5032 L5 safety specification 2013Ian Sommerville
 
Ch14 - Resilience Engineering
Ch14 - Resilience EngineeringCh14 - Resilience Engineering
Ch14 - Resilience Engineering
Harsh Verdhan Raj
 
Ch14 resilience engineering
Ch14 resilience engineeringCh14 resilience engineering
Ch14 resilience engineering
software-engineering-book
 
Human Error & Risk Factor Affecting Reliability & Safety
Human Error & Risk Factor Affecting Reliability & SafetyHuman Error & Risk Factor Affecting Reliability & Safety
Human Error & Risk Factor Affecting Reliability & Safety
Dushyant Kalchuri
 

Similar to System safety (20)

Software Engineering - Ch3
Software Engineering - Ch3Software Engineering - Ch3
Software Engineering - Ch3
 
Software Engineering - Ch9
Software Engineering - Ch9Software Engineering - Ch9
Software Engineering - Ch9
 
Ch12 safety engineering
Ch12 safety engineeringCh12 safety engineering
Ch12 safety engineering
 
Ch12 - Safety Engineering
Ch12 - Safety EngineeringCh12 - Safety Engineering
Ch12 - Safety Engineering
 
5 Things to Know about Safety and Security of Embedded Systems
5 Things to Know about Safety and Security of Embedded Systems5 Things to Know about Safety and Security of Embedded Systems
5 Things to Know about Safety and Security of Embedded Systems
 
5 Things to Know about Safety and Security of Embedded Systems
5 Things to Know about Safety and Security of Embedded Systems5 Things to Know about Safety and Security of Embedded Systems
5 Things to Know about Safety and Security of Embedded Systems
 
Critical systems intro
Critical systems introCritical systems intro
Critical systems intro
 
5 - Safety - Critical Systems.pdf
5 - Safety - Critical Systems.pdf5 - Safety - Critical Systems.pdf
5 - Safety - Critical Systems.pdf
 
Dependability requirements for LSCITS
Dependability requirements for LSCITSDependability requirements for LSCITS
Dependability requirements for LSCITS
 
Depandability in Software Engineering SE16
Depandability in Software Engineering SE16Depandability in Software Engineering SE16
Depandability in Software Engineering SE16
 
Vijeo citect quick start tutorial - part 1 ver d
Vijeo citect quick start tutorial - part 1 ver dVijeo citect quick start tutorial - part 1 ver d
Vijeo citect quick start tutorial - part 1 ver d
 
Computer security overview
Computer security overviewComputer security overview
Computer security overview
 
Ch12
Ch12Ch12
Ch12
 
Ch3
Ch3Ch3
Ch3
 
Ch3
Ch3Ch3
Ch3
 
CS 5032 L5 safety specification 2013
CS 5032 L5 safety specification 2013CS 5032 L5 safety specification 2013
CS 5032 L5 safety specification 2013
 
Ch14 - Resilience Engineering
Ch14 - Resilience EngineeringCh14 - Resilience Engineering
Ch14 - Resilience Engineering
 
Ch14 resilience engineering
Ch14 resilience engineeringCh14 resilience engineering
Ch14 resilience engineering
 
Reliability
ReliabilityReliability
Reliability
 
Human Error & Risk Factor Affecting Reliability & Safety
Human Error & Risk Factor Affecting Reliability & SafetyHuman Error & Risk Factor Affecting Reliability & Safety
Human Error & Risk Factor Affecting Reliability & Safety
 

More from sommerville-videos

Introduction to real time software systems script
Introduction to real time software systems scriptIntroduction to real time software systems script
Introduction to real time software systems script
sommerville-videos
 
System of systems classification
System of systems classificationSystem of systems classification
System of systems classificationsommerville-videos
 
Reuse landscape
Reuse landscapeReuse landscape
Reuse landscape
sommerville-videos
 
Scaling agile
Scaling agileScaling agile
Scaling agile
sommerville-videos
 
Agile methods for large systems
Agile methods for large systemsAgile methods for large systems
Agile methods for large systems
sommerville-videos
 
User stories
User storiesUser stories
User stories
sommerville-videos
 
Agile and plan based development processes
Agile and plan based development processesAgile and plan based development processes
Agile and plan based development processes
sommerville-videos
 
Fundamental software engineering activities
Fundamental software engineering activitiesFundamental software engineering activities
Fundamental software engineering activities
sommerville-videos
 
Introducing Software Engineering
Introducing Software EngineeringIntroducing Software Engineering
Introducing Software Engineering
sommerville-videos
 
Why se script
Why se scriptWhy se script
Why se script
sommerville-videos
 
Airbus Flight Control System
Airbus Flight Control SystemAirbus Flight Control System
Airbus Flight Control System
sommerville-videos
 
Stakeholders, viewpoints and concerns
Stakeholders, viewpoints and concernsStakeholders, viewpoints and concerns
Stakeholders, viewpoints and concerns
sommerville-videos
 
Requirements engineering processes
Requirements engineering processesRequirements engineering processes
Requirements engineering processes
sommerville-videos
 
Requirements engineering challenges
Requirements engineering challengesRequirements engineering challenges
Requirements engineering challenges
sommerville-videos
 
Intro to requirements eng.
Intro to requirements eng.Intro to requirements eng.
Intro to requirements eng.
sommerville-videos
 
Introducing sociotechnical systems
Introducing sociotechnical systemsIntroducing sociotechnical systems
Introducing sociotechnical systemssommerville-videos
 
Cybersecurity 2 cyber attacks
Cybersecurity 2 cyber attacksCybersecurity 2 cyber attacks
Cybersecurity 2 cyber attacks
sommerville-videos
 

More from sommerville-videos (20)

Introduction to real time software systems script
Introduction to real time software systems scriptIntroduction to real time software systems script
Introduction to real time software systems script
 
System of systems classification
System of systems classificationSystem of systems classification
System of systems classification
 
Reuse landscape
Reuse landscapeReuse landscape
Reuse landscape
 
Scaling agile
Scaling agileScaling agile
Scaling agile
 
Agile methods for large systems
Agile methods for large systemsAgile methods for large systems
Agile methods for large systems
 
User stories
User storiesUser stories
User stories
 
Agile and plan based development processes
Agile and plan based development processesAgile and plan based development processes
Agile and plan based development processes
 
Fundamental software engineering activities
Fundamental software engineering activitiesFundamental software engineering activities
Fundamental software engineering activities
 
Introducing Software Engineering
Introducing Software EngineeringIntroducing Software Engineering
Introducing Software Engineering
 
Why se script
Why se scriptWhy se script
Why se script
 
Airbus Flight Control System
Airbus Flight Control SystemAirbus Flight Control System
Airbus Flight Control System
 
Warsaw airbus accident
Warsaw airbus accidentWarsaw airbus accident
Warsaw airbus accident
 
Stakeholders, viewpoints and concerns
Stakeholders, viewpoints and concernsStakeholders, viewpoints and concerns
Stakeholders, viewpoints and concerns
 
Requirements engineering processes
Requirements engineering processesRequirements engineering processes
Requirements engineering processes
 
Requirements engineering challenges
Requirements engineering challengesRequirements engineering challenges
Requirements engineering challenges
 
Intro to requirements eng.
Intro to requirements eng.Intro to requirements eng.
Intro to requirements eng.
 
Emergent properties
Emergent propertiesEmergent properties
Emergent properties
 
Introducing sociotechnical systems
Introducing sociotechnical systemsIntroducing sociotechnical systems
Introducing sociotechnical systems
 
System success and failure
System success and failureSystem success and failure
System success and failure
 
Cybersecurity 2 cyber attacks
Cybersecurity 2 cyber attacksCybersecurity 2 cyber attacks
Cybersecurity 2 cyber attacks
 

Recently uploaded

Quantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIsQuantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIs
Vlad Stirbu
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
UiPathCommunity
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
Ralf Eggert
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
Guy Korland
 
Assure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyesAssure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyes
ThousandEyes
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
Jemma Hussein Allen
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Paige Cruz
 
Enhancing Performance with Globus and the Science DMZ
Enhancing Performance with Globus and the Science DMZEnhancing Performance with Globus and the Science DMZ
Enhancing Performance with Globus and the Science DMZ
Globus
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance
 
UiPath Community Day Dubai: AI at Work..
UiPath Community Day Dubai: AI at Work..UiPath Community Day Dubai: AI at Work..
UiPath Community Day Dubai: AI at Work..
UiPathCommunity
 
RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
KAMESHS29
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofszkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
Alex Pruden
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Nexer Digital
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance
 
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionGenerative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Aggregage
 
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
UiPathCommunity
 

Recently uploaded (20)

Quantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIsQuantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIs
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
 
Assure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyesAssure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyes
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
 
Enhancing Performance with Globus and the Science DMZ
Enhancing Performance with Globus and the Science DMZEnhancing Performance with Globus and the Science DMZ
Enhancing Performance with Globus and the Science DMZ
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
 
UiPath Community Day Dubai: AI at Work..
UiPath Community Day Dubai: AI at Work..UiPath Community Day Dubai: AI at Work..
UiPath Community Day Dubai: AI at Work..
 
RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofszkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionGenerative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to Production
 
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
 

System safety

  • 2. Safety • Safety is a property of a system that reflects the system’s ability to operate, normally or abnormally, without danger of causing human injury or death and without damage to the system’s environment. System safety, 2013 Slide 2
  • 4. Safety criticality • Primary safety-critical systems – Embedded software systems whose failure can cause the associated hardware to fail and directly threaten people. System safety 2013 Slide 4
  • 6. • Secondary safety-critical systems – Systems whose failure results in faults in other (socio-technical) systems, which can then have safety consequences. – For example, a medical records system is safetycritical as failure may lead to inappropriate treatment being prescribed. System safety 2013 Slide 6
  • 8. Safety and reliability • Safety and reliability are related but distinct • For a system to be safe, it must generally be reliable • However, this is not enough. It must also be safe in the event of system failure System safety 2013 Slide 8
  • 9. • Reliability is concerned with conformance to a given specification and delivery of service • Safety is concerned with ensuring system cannot cause damage irrespective of whether or not it conforms to its specification System safety 2013 Slide 9
  • 10. • A reliable system can be unsafe if the requirements are incorrect or incomplete System safety 2013 Slide 10
  • 11. Unsafe reliable systems The software on this plane operated ‘reliably’ yet the plane crashed- covered in a separate video System safety 2013 Slide 11
  • 12. Unsafe reliable systems • There may be dormant faults in a system that are undetected for many years and only rarely arise. • Specification errors – If the system specification is incorrect then the system can behave as specified but still cause an accident. System safety 2013 Slide 12
  • 13. • Hardware failures generating spurious inputs – Hard to anticipate in the specification. • Context-sensitive commands i.e. issuing the right command at the wrong time – Often the result of operator error. System safety 2013 Slide 13
  • 14. Accident • An unplanned event or sequence of events which results in human death or injury, damage to property, or to the environment. • An overdose of insulin by a softwarecontrolled insulin injection system is an example of an accident. System safety 2013 Slide 14
  • 15. Hazard • A condition with the potential for causing or contributing to an accident. A failure of the sensor that measures blood glucose is an example of a hazard. System safety 2013 Slide 15
  • 16. Damage • A measure of the loss resulting from a mishap. Damage can range from many people being killed as a result of an accident to minor injury or property damage. • Damage resulting from an overdose of insulin could be serious injury or the death of the user of the insulin pump. System safety 2013 Slide 16
  • 17. Safety critical systems development • Hazard avoidance – The system is designed so that some classes of hazard simply cannot arise. System safety 2013 Slide 17
  • 18. • Hazard detection and removal – The system is designed so that hazards are detected and removed before they result in an accident. System safety 2013 Slide 18
  • 19. • Damage limitation – The system includes protection features that minimise the damage that may result from an accident. System safety 2013 Slide 19
  • 20. Summary • Safety is a property of a system that reflects the system’s ability to operate, normally or abnormally, without danger of causing human injury or death. • Safety and reliability are related but reliable systems may be unsafe. System safety 2013 Slide 20
  • 21. Summary • Hazards are conditions that may (but need not) lead to an accident • Safety is achieved through – Hazard avoidance – Hazard detection and removal – Damage limitation System safety 2013 Slide 21