Collision detection and resolution of hazard prevention actions in safety critical systems

•Detection and resolution for the occurrence of any collision between hazard prevention actions of different safety devices which may execute simultaneously.•Evaluation on the effect of the interactions between the safety devices.•Fault prevention tree and resource map for identifying and analyzing the colliding actions.•A tool, CAPA that is a Collision Analyzer for Prevention Actions for a safety system.

The importance of safety-critical systems can never be overemphasized, as we have witnessed how devastating the accidents were with the recent nuclear power plant explosions and also with airplane and spaceship crashes. To ensure the safety of such systems, system engineers should consider how to prevent system hazards during the design phase of system development. Although existing techniques, such as event tree analysis and cause-consequence analysis, suggest various ways of hazard prevention for safety-critical systems, they per se do not deal with situations where two distinct actions of two separate safety devices can fail to prevent the very hazard they are supposed to prevent, since they collide, or conflict, with each other. In this paper, we propose a technique for identifying and analyzing the colliding actions of safety devices, using fault prevention tree and resource map. We also propose the use of a mediator for coordinating the actions that otherwise would lead to a collision. Through an empirical study, we demonstrate that this technique can help design (more) robust systems that can prevent hazards, while meeting the software safety requirements in practical system development.