Incident and Accident Investigation Techniques to Inform Model-Based Design of Safety-Critical Interactive Systems

  • Sandra Basnyat
  • Nick Chozos
  • Chris Johnson
  • Philippe Palanque
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3941)


The quality of the design of an interactive safety-critical system can be enhanced by embedding data and knowledge from past experiences. Traditionally, this involves applying scenarios, usability analysis, or the use of metrics for risk analysis. In this paper, we present an approach that uses the information from incident investigations to inform the development of safety-cases that can, in turn, be used to inform a formal system model, represented using Petri nets and the ICO formalism. The foundations of the approach are first detailed and then exemplified using a fatal mining accident case study.


Interactive System Accident Investigation Safety Case Accident Report Fuel Line 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Bastide, R., Palanque, P., Le Duc, H., Munoz, J.: Integrating Rendering Specifications into a Formalism for the Design of Interactive Systems. In: Proceedings Design, Specification and Verification of Interactive Systems DSV-IS 1998, pp. 171–191. Springer, Heidelberg (1998)Google Scholar
  2. 2.
    Bastide, R., Sy, O., Palanque, P., Navarre, D.: Formal specification of CORBA services: experience and lessons learned. In: ACM Conference on Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA 2000), pp. 105–117. ACM Press, New York (2000)CrossRefGoogle Scholar
  3. 3.
    Johnson, C.W.: Handbook of Accident and Incident Reporting. Glasgow University Press (2003)Google Scholar
  4. 4.
    Genrich, H.J.: Predicate/Transitions Nets. In: Jensen, K., Rozenberg, G. (eds.) High-Levels Petri-Nets: Theory and Application., pp. 3–43. Springer, Berlin (1991)Google Scholar
  5. 5.
    Haiko, S., Lehto, E., Virvaldo, T.: Modelling of Water Hammer Phenomenon- Based Pressure Intensifier, (Last accessed 23/2/05)
  6. 6.
    Hill, J.C., Wright, P.C.: From text to Petri-Nets: The difficulties of describing accident scenarios formally. In: Design, Specification and Verification of Interactive Systems (DSVIS 1997), Granada, Spain, pp. 161–176. Springer, Heidelberg (1997)Google Scholar
  7. 7.
    Kelly, T., Weaver, R.: The Goal Structuring Notation: A Safety Argument Notation. In: Proceedings of the Dependable Systems and Networks 2004 Workshop on Assurance Cases (2004)Google Scholar
  8. 8.
    Ladkin, P., Loer, K.: Why Because Analysis: Formal Reasoning About Incidents, Technical Report RVS-BK-98-01, University of Bielefeld, Germany (1998)Google Scholar
  9. 9.
    Leveson, N.: A New Accident Model for Engineering Safer Systems. Safety Science 42, 237–270 (2004)CrossRefGoogle Scholar
  10. 10.
    Navarre, D., Palanque, P., Bastide, R.: A Formal Description Technique for the Behavioural Description of Interactive Applications Compliant with ARINC 661 Specification. In: HCI-Aero 2004, Toulouse, France, September 29 - October 1 (2004)Google Scholar
  11. 11.
    Navarre, D., Palanque, P., Bastide, R.: A Tool-Supported Design Framework for Safety Critical Interactive Systems in Interacting with computers, vol. 15(3), pp. 309–328. Elsevier, Amsterdam (2003)Google Scholar
  12. 12.
    Navarre, D., Palanque, P., Bastide, R., Sy, O.: Structuring Interactive Systems Specifications for Executability and Prototypability. In: Palanque, P., Paternó, F. (eds.) DSV-IS 2000. LNCS, vol. 1946, pp. 97–109. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  13. 13.
    Palanque, P., Basnyat, S.: Task Patterns for taking into account in an efficient and systematic way both standard and erroneous user behaviours. In: HESSD 2004, 6th International Working Conference on Human Error, Safety and System Development, Toulouse, France, pp. 109–130 (2004)Google Scholar
  14. 14.
    Petri, C.A.: Kommunikation mit automaten. Technical University Darmstadt (1962)Google Scholar
  15. 15.
    Thorley, A.R.D.: Fluid Transients in Pipeline Systems, Co-published by Professional Engineering Publishing, UK. ASME Press (2004)Google Scholar
  16. 16.
    United States Department Of Labor Mine Safety And Health Administration Report Of Investigation Surface Area Of Underground Coal Mine Fatal Exploding Pressure Vessel Accident January 28, 2002 At Island Creek Coal Company Vp 8 (I.D. 44-03795) Mavisdale, Buchanan County, Virginia Accident Investigator Arnold D. Carico Mining Engineer Originating Office Mine Safety And Health Administration District 5 P.O. Box 560, Wise County Plaza, Norton, Virginia 24273 Ray Mckinney, District Manager Release Date: June 20 (2002)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Sandra Basnyat
    • 1
  • Nick Chozos
    • 2
  • Chris Johnson
    • 2
  • Philippe Palanque
    • 1
  1. 1.LIIHS – IRITUniversity Paul SabatierToulouse
  2. 2.Dept. of Computing ScienceUniversity of GlasgowGlasgowScotland

Personalised recommendations