Chronic unease: a growing reliance on data-centric systems
Products, systems and organisations are increasingly dependent on data. In today’s Data-Centric Systems (DCS) data is no longer inert and passive. Its many active roles demand that data is treated as a separate system component.
By Dr Alastair Faulkner and Dr Mark Nicholson
Data is challenging to manage and control; it has a habit of being consumed by systems it was not produced for, by omission or by design, perhaps without the awareness of the system designer. It is common for it to pass (often unchecked or even unwittingly) across system and organisational boundaries.
Assuring the safety of data-centric systems
Data may be fed to systems with safety responsibility. As a result, data error or omission may go undetected with potentially hazardous or catastrophic consequences. Failure of such systems may also contribute to harm indirectly through incorrect decisions made by actors (human or computer) who rely on, or trust, these systems and the data they supply.
An awareness of the potential threats posed by DCS gives rise to a ‘chronic unease’ where DCS are in everyday use. While hardware and software are still important, the increased reliance on data as a determinant of system behaviour demands that data be treated as a separate component. Current standards do not adequately address how to manage data (and the errors it may contain), and this leads to incidents, damaging assets or the environment and possibly loss of life.
As a separate component, data is an asset
Not all data has value to us; not all data is fit to be used in a system with safety implications or as part of the assurance of such systems. So how should we determine what data can be used, and what it can be used for?
How do we assure ourselves that the data used is appropriate and has the right characteristics? How do we engineer our systems to ensure they are robust and resilient to data errors and failures?
A Data Safety Model
We have developed an approach to data-centric safety that is based on a Data Safety Model (DSM). The DSM provides a way to describe and classify the use (and reuse) of data within a DCS.
It employs a nine-step generalised process frame in a three-axis (TAP — transformation, abstraction, and product) multi-layer hierarchy that forms the basis for effective assurance, data safety requirements management, and confidence assessments tasks.
The DSM we have developed provides the basis for a toolkit leading to safety improvement recommendations. The toolset is based on Interface Agreements (IAs) to create soft boundaries to help engineers facilitate proportionate analysis, rationalisation and management of data safety.
Our approach takes a system perspective on safety management. We present core concepts and principles of system safety management and support you through the application of these techniques and measures to DCS.
Find out more in Data-Centric Safety: Challenges, Approaches, and Incident Investigation.
Dr Alastair Faulkner
Dr Mark Nicholson
University of York, Assuring Autonomy International Programme
This blog post is based on the book Data-Centric Safety: Challenges, Approaches, and Incident Investigation, by Dr Mark Nicholson and Dr Alastair Faulkner.