Citation

Johnson C. Safety Sci. 2002; 40(9): 835-847.

Copyright

(Copyright © 2002, Elsevier Publishing)

DOI

unavailable

PMID

unavailable

Abstract

There is a growing realization that existing accident investigation techniques fail to meet the challenges created by incidents that involve software failures. Existing software development techniques cannot easily be used to provide retrospective information about the complex and systemic causes of major accidents. This paper, therefore, argues that we must develop specific techniques to support forensic software engineering. It is important that these techniques should look beyond 'programmer error' as a primary cause of software failure. They must enable investigators to identify the systemic problems that are created by inadequate investment, by poor management leadership and by the breakdown in communication between development teams. This argument builds on previous work by Leveson and by Reason. They have focused on the importance of a systemic approach to the development of safety-critical applications. Relatively little attention has been paid to a systemic analysis of their failure. Later sections of this paper analyze the potential problems that can arise when a systemic approach is extended from systems development to accident investigation.