Professional Ethics and Functional Safety
Professional Ethics and Functional Safety is a catchy title. But what does that mean? Let’s start with the definition of Functional Safety. A search on the internet results in this from Wikipedia:
“Functional safety is the part of the overall safety of a system or piece of equipment that depends on automatic protection operating correctly in response to its inputs or failure in a predictable manner (fail-safe).”
Ok. But what does that mean?
Simply put, most industrial machines today have some sort of logic device such as a safety relay or safety controller that the door sensors, light curtains, etc. are connected to. When a door or other guarding measure is breached, the logic of the system should in turn bring whatever hazard that might be contained within the machine to a safe state. But further than that, it has to do so in a “predictable manner”, implying the use of well-tried components, knowledge of the failure modes of the various components, monitoring of those failure modes, and suitable compensation of the failures. Three words you will see commonly used in Functional Safety literature are “redundancy”, “diversity”, and “diagnostics”.
Perhaps it’s not so simple.
In fact, it seems based on that description that there is quite a bit of technical knowledge and understanding required to implement Functional Safety properly. Think about it. Well tried components, failure modes, diagnostics. If you just slap together a system without considering the technical merits of the components or the method of connection you could be creating something that, although immediate problems are not apparent, down the road could result in failure and possibly an injury. Keep in mind how long any given machine might be in production. Personally, I’ve seen equipment from the 50’s and 60’s still in production today. I suppose that’s where maintenance and upgrades come in.
That aside, what about the other part of the title: Professional Ethics. For Engineers in Ontario the Code of Ethics is actually defined within the Professional Engineers Act, Regulation 941 Section 77. The duty of a Professional Engineer is set out as follows:
It is the duty of a practitioner to the public, to the practitioner’s employer, to the practitioner’s clients, to other members of the practitioner’s profession, and to the practitioner to act at all times with,
- fairness and loyalty to the practitioner’s associates, employer, clients, subordinates and employees,
- fidelity to public needs,
- devotion to high ideals of personal honour and professional integrity,
- knowledge of developments in the area of professional engineering relevant to any services that are undertaken, and
- competence in the performance of any professional engineering services that are undertaken.
That’s actually some pretty lofty stuff. Professional Engineers essentially are required to be fair to everyone, faithful to public need, have a high sense of honour and integrity, keep informed about the technology and methods they use, and maintain competence in what they do. But how does that apply to Functional Safety?
Fairness and Loyalty
One interpretation of fairness and loyalty would be just to be nice to everyone. But beyond that think about how safety systems are designed. The first thing that should be done is a risk assessment which in turns tells us the required performance level of the system. Being fair to everyone means everyone’s input on the design needs to be considered. That’s everyone from the equipment owner to maintenance to the operator to supervision right on down to the cleaners. At some point of the machine life cycle they are all going to have some interaction with the machine hazards and they deserve to be considered.
Fidelity to public needs
The “public” is broad set of individuals, some of whom definitely would be the very people directly involved with the machine. But more generally, we Engineers are offering our services to the public. We need to consider the welfare of the public paramount. One of the items defining Professional Misconduct in the Act is “failure to act to correct or report a situation that the practitioner believes may endanger the safety or the welfare of the public”. We are all human, we all make mistakes, and I believe in this case that fidelity to public needs is to own-up to one’s mistakes and correct them. This could well mean that in the course of a safety design process that revisions need to be made and sometimes that requires acting to make such corrections in the face of embarrassment and possibly loss of reputation. The other side of that, however, is not ignoring the errors of others. If you see something, say something, or so people like to say these days.
Honour and Integrity
This goes hand-in-hand with a fidelity to public needs. Having honour is adhering to what is right, and having integrity is to steel yourself to maintain your honour in the face of those that would disagree. With any machine on a plant floor there will be those that just don’t understand why Functional Safety is required. Perhaps they want to compromise the design in some way for the sake of expedience, such as allowing manual loading of the machine with some hazard whizzing away. It can be difficult to convince others when they just don’t understand, or worse, don’t care.
Knowledge of Developments
It seems kind of obvious, but we’ve gone from simple hard-wired circuits in the 80’s to safety relays with Category levels in the 90’s, and now today we can also calculate the Performance Level of systems based on the probability of dangerous failures. To boot, there are significant technologies now available such as programmable safety controllers and vision-based safety systems. Knowing what technology or “best practices” are coming down the pipe, knowing what’s available now, and knowing how it applies to the customer’s individual situation is the Engineer’s job.
Competence
This is the ability to do something successfully and efficiently. Suffice it to say, competence in Functional Safety means being able to identify hazards, assess the risk associated with them, and being able to effectively mitigate those hazards in an efficient manner. This requires knowing the machine process and how it needs to be operated. Anyone can grab a safety relay datasheet and follow the example schematics to kill power every time a door is opened. But perhaps that will cause a problem with the process, or perhaps frequent power cycling will damage the machine itself. Do it wrong and you could make the machine so difficult to use that it’s no longer cost effective to operate it. It’s up to the Engineer to understand the process, understand the available technology, and come-up with a way to mitigate the risks but yet leave the customer with a usable productive machine.
So, there you have it. Professional Ethics and Functional Safety. There are a great many different kinds of machines out there, many different processes to contend with, and many more different people that are our customers. As engineers it is up to us not just to give them the tools that they need to do their job, but to make sure those tools are safe and easy to use so they don’t need to put themselves in danger.