Table Judged Reasons for Failure in Events Cited 22 XIV




Скачать 202.63 Kb.
НазваниеTable Judged Reasons for Failure in Events Cited 22 XIV
страница9/18
Дата14.11.2012
Размер202.63 Kb.
ТипДокументы
1   ...   5   6   7   8   9   10   11   12   ...   18

3.2Herald of Free Enterprise Sinking off Zeebrugge, Netherlands (poor management planning)


In March of 1987, the roll-on, roll-off ferry Herald of Free Enterprise was en route to Dover with her bow doors open. Shortly after departure, water came over the bow sill and flooded the lower deck. She sank in less than 2 minutes, drowning 150 passengers and 38 crew. The accident investigation pointed to lax management, both on board and on shore, and the crew’s lack of comprehension of their duties (Reason, 1990).

3.3BMW 7 Series iDrive Electronic Dashboard (designer gadget fantasy gone wild)


The 2003 BMW 7 series featured an electronic dashboard called “iDrive” that had roughly 700 features and was satirized by the automotive press. Car and Driver called it “a lunatic attempt to replace intuitive controls with silicon, an electronic paper clip on a lease plan.” Road and Track headlined an article “iDrive? No, you drive, while I fiddle with the controller” and asserted that the system “forced the driver to think too much” (just the opposite of good human factors engineering) (Vicente, 2004).

3.4Milstar Satellite Loss (poor assumptions and lack of design coordination)


A Milstar satellite was lost due to inadequate attitude control of the Titan/Centaur launch vehicle, which used an incorrect process model based on erroneous inputs in a software load tape. After the accident, it was discovered that no one had tested the software using the actual load tape and that all software testers had assumed someone else was doing so. (Leveson, 2001) System engineering and mission assurance activities were missing or ineffective, and individual development and assurance groups did not have a common control or management function (Leveson, 2004).

3.5Failed Ariane Liftoff (poor assumptions in anticipating of software requirement)


Even though the French Ariane 5 spacecraft trajectory had been changed from that of the Ariane 4, the inertial reference system software had not been updated sufficiently, resulting in a failed launch (Leveson, 2004).

3.6Solar Heliospheric Observatory (failure to communicate a procedure change to operators)


A principal factor in the loss of contact with SOHO (SOlar Heliosperic Observatory) in 1998 was the failure to communicate to operators that a functional change had been made in a procedure to perform gyro spin down (Leveson, 2004).

4.0FAILURE EVENTS IN PROCESS CONTROL SYSTEMS

4.1Bhopal, India, Union Carbide Leak (multiple failures in design, maintenance, and management)


From a fatality standpoint, the worst single human-automation accident in history was the Union Carbide plant accident in Bhopal, India, in December of 1984. At least 2,500 people were killed and 200,000 injured by a gas leak involving the influx of water into a storage tank of methyl isocyanate.


The accident was variously attributed to “botched maintenance, operator errors, need for improved by-pass pipes, failed safety systems, incompetent management, drought, agricultural economics and bad government decisions.” The plant should not have been located close to a densely populated area. There were poor evacuation measures, few available gas masks, and an inadequate siren alarm system. The inexperienced operators neglected inspector warnings and failed to notice or control pressure buildup. Pressure and temperature gauges were faulty, there was no indication of valve settings, and scrubbers lacked sufficient capacity. This accident clearly resulted from a concomitance of factors (Reason, 1990).

4.2Nuclear Meltdown at Three Mile Island (failures in design, procedures, management [including maintenance], training, and regulation)


In March 1979, a turbine tripped at one of the two nuclear plants on Three Mile Island near Harrisburg PA. As a maintenance crew was working on water treatment, some water leaked through a faulty seal and entered the plant’s instrument air system, interrupting the air pressure applied to two feedwater pumps and giving a false indication that something was operating incorrectly. This automatically caused the pumps to stop, cutting water flow to the steam generator, tripping the turbine, and activating emergency feedwater pumps that drew water from emergency tanks. The pipes from these tanks had erroneously been left blocked two days earlier during maintenance. With no heat removal by the cooling water, the temperature rose rapidly and caused an automatic reactor “scram” (boron rods dropped into the reactor core to stop the chain reaction). Pressure from residual heat at that point (now only 13 seconds into the accident) was dissipated through a pressure-operated relief valve that is supposed to open briefly and close. The valve stuck open, and the radioactive water under high pressure poured into the containment area and down into the basement.


The indicator light on the valve showed that it had been commanded to shut, but there was no indication of the actual valve status. The hundreds of alarms that lit up were not organized in a logical fashion and gave little indication of causality. The crew cut back on high-pressure emergency water injection, having been taught never to fill to the limit and not realizing that water was emptying out.


Although no one was killed, loss of cooling water caused significant damage to the reactor core and brought nuclear power plant construction in the U.S. to a halt (Reason, 1990).
1   ...   5   6   7   8   9   10   11   12   ...   18

Похожие:

Table Judged Reasons for Failure in Events Cited 22 XIV iconTime 2 Beat 122 Entries (12” dogs judged by barbara Bounds; remainder judged by Sandy Moody)

Table Judged Reasons for Failure in Events Cited 22 XIV iconTable Substance identity 2 XI Table Constituents 3 XI Table Impurities 3 XI

Table Judged Reasons for Failure in Events Cited 22 XIV iconAppendix Bibliography (list of all articles cited and what chapter cited in)

Table Judged Reasons for Failure in Events Cited 22 XIV iconTable Substance identity 2 VII Table Constituents 2 VII Table Overview of physico-chemical properties 3 VII

Table Judged Reasons for Failure in Events Cited 22 XIV iconRound Table  Table ronde The New Citizenship Guide. A round Table  Le nouveau guide sur la citoyenneté

Table Judged Reasons for Failure in Events Cited 22 XIV iconNote for Philip: Each section of the content is preceded by the columned table, copied over from your original document. The main body text for each section is outside of the table

Table Judged Reasons for Failure in Events Cited 22 XIV iconTable structure for table `authors`

Table Judged Reasons for Failure in Events Cited 22 XIV iconThese publications cited papers and books authored and coauthored by S. A. Ostroumov
Примеры работ, цитирующих публикации с авторством и соавторством д б н. С. А. Остроумова. These publications cited papers and books...
Table Judged Reasons for Failure in Events Cited 22 XIV iconWere medieval muslims really tolerant when judged by modern standards?

Table Judged Reasons for Failure in Events Cited 22 XIV iconWere medieval muslims really tolerant when judged by modern standards?

Разместите кнопку на своём сайте:
Библиотека


База данных защищена авторским правом ©lib.znate.ru 2014
обратиться к администрации
Библиотека
Главная страница