Methods

Description

Application

QL/QT

P/R

The functional resonance analysis method (FRAM)

The FRAM investigates how occupational activities occur retrospectively (“analyses of accidents or events”) or prospectively (“analyses of current work domain or envisioned scenarios for risk management”, etc.) by examining work activities with the purpose of understanding how work is accomplished everyday and how things turned wrong or right (Hollnagel, 2012; Patriarca et al., 2020) .

· It is relevant for modelling and interpreting complex systems. It highlights complexity in the functions, and various circumstantial changes that may influence system performance. It offers better understanding of the system as a whole.

· However, this method lacks numerical aspects involved in the methodology utilized to build the model. It is not appropriate for use in particular areas such as sensitivity analysis. The couplings between the functions can be complex. The FRAM is a time-consuming process.

· In some case, FRAM could be combined with other methods such as FMEA to be useful (Melanson & Nadeau, 2019) .

Various high-risk fields such as:

· Nuclear Power

· Aircraft De-icing

· Air Traffic Management Safety Assessment

· Health Care

· Railway Traffic

· Maritime Mining

· Maritime Transportation

· etc.

For e.g., Hollnagel, 2012; Hollnagel, Woods, & Leveson, 2012; Hollnagel, 2018; Hollnagel et al., 2014; Hounsgaard, 2016; Huang et al., 2019; Lee & Chung, 2018; Macchi, 2010; Nemeth & Hollnagel, 2016; Slater et al., 2022; Slim, 2020 .

QL

P, R

Systems-Theoretic Accident Model and Processes (STAMP)

The STAMP is an accident causality model proposed by Leveson (2016) .

· It is a systemic approach to safety analysis (Allison et al., 2017; Leveson, 2004) , centered on negative effects and countermeasures (Patriarca et al., 2020; Ferjencik, 2011) . For e.g., Ferjencik, 2011; Ouyang et al., 2010 . The STAMP method describes “how complex systems are dynamic and migrate towards accidents due to physical, social and economic pressures, rather than sudden loss of control capacity (Salmon et al., 2012) . The STAMP encompasses an analytical risk assessment method, namely: the System-Theoretic Process Analysis (STPA).

· However, Leveson (2016) indicates that this method is not designed for one looking for someone to blame (Leveson, 2016; Allison et al., 2017) , nevertheless, it can offer, at a system level, information about the adjustment considered necessary to avoid, or reduce the effect of mishaps in the future.

Appropriate for complex systems such as:

· Software

· Space, Aviation

· Human Factors

· Organizational Design

· Medical

· Defense,

· Nuclear,

· etc.

For e.g., Allison et al., 2017 .

QL

P, R

Failure Mode and Effect (Criticality) Analysis (FMEA / FMECA):

FMECA is an extension of the inductive analytical method FMEA by incorporating a criticality assessment. These bottom-up processes help identify, prioritize, then act on likely failure modes. They offer a listing of all potential failure modes and causes. Each breakdown mode is assessed for its criticality then interpreted in term of risk (Dai et al., 2011) .

· It is relevant for identifying hazards and circumstances that can be used as drivers for system changes, in contrast to the FRAM which is more appropriate to model and understand complex systems or processes (Patriarca et al., 2020; Das et al., 2018) .

· However, the FMEA process is simply as good as the subject matter experts behind the analysis in question. Many failure modes might be missed. It is a time-consuming process; it should be consistently revised as new prospective failure modes are identified.

· It does not consider combined failures and human concerns. Combining FMEA with FRAM or used in conjunction with other methods may possibly be beneficial (Melanson & Nadeau, 2019; Das et al., 2018; Sujan & Felici, 2012) .

Various fields such as:

· Manufacturing sector

· Military applications

· Space applications

· Healthcare sector

· Construction industry

· etc.

For e.g., Melanson & Nadeau, 2019; Das et al., 2018; Sujan & Felici, 2012; Rausand & Hoyland, 2004; Chiozza & Ponzetti, 2009; Abdelgawad & Fayek, 2010 .

QL, QT

P

Root-Cause Analysis (RCA)

This method helps identify the set of multiple causes (underlying root causes) of a failure in order to identify suitable solutions to prevent the problem from arising again.

· For e.g., Management Oversight and Risk Tree (MORT) analysis (an analytical method for defining causes and contributing factors.) (Rasmussen et al., 1994; Johnson, 1973) .

· However, in contrast to the FRAM, The RCA does not offer a better insight of the complexity in the processes and the couplings contained by the work settings; it might exist more than one root cause to a malfunction (Patriarca et al., 2020; Alm & Woltjer, 2010; Nakajima, 2017) .

Numerous fields such as:

· risk management tool in nuclear industry

· IT

· Industrial process control

· Accident analysis

· Telecommunications

· etc.

For e.g., Appicharla, 2011; Alm & Woltjer, 2010; Nakajima, 2017 .

QL

P

Fault Tree Analysis (FTA)

This top-down method, based on deductive reasoning (deductive logic), help analyze undesired state of a system (failures, malfunctions) utilizing Boolean logic.

· It supports effective decision-making in identifying root failure modes and identify likely failure causes for the root failure modes (Dai et al., 2011) .

· It might be useful to combine the FTA and the FRAM process (Toroody et al., 2016) . However, the FTA may not be suitable for some complex and dynamic socio-technical systems such as human-centric maritime operations (Patriarca et al., 2020; Toroody et al., 2016; Praetorius & Kataria, 2016) .

Various high-hazard industries such as:

· Nuclear power

· Chemical and process

· Aerospace

· Petrochemical

· Software engineering

· Pharmaceutical

For e.g., Toroody et al., 2016; Praetorius & Kataria, 2016; Goldberg et al., 1994; Center for Chemical Process Safety, 2008; Center for Chemical Process Safety, 1999; U.S. Department of Labor Occupational Safety and Health Administration Process, 1994; Lacey, 2011 .

QL, QT

P

Human Reliability Assessment (HRA)

(1st generation of HRA methodology)

It is represented by methods such as Human Cognitive Reliability Correlation (HCR) and the Technique for Human Error-Rate Prediction (THERP); both intend to evaluate the probability of human error arising throughout the accomplishment of a particular task.

· It can help for error identification, error quantification and error reduction.

· Combining HRA with FRAM or other methods may possibly be valuable. However, this method is not appropriate for use in particular areas such as sensitivity study and comparative model.

Numerous fields such as:

· Manufacturing

· Medicine

· Nuclear power

· etc.

QT

P, R

A Technique for Human Event Analysis (ATHENA)

(2nd generation of HRA methodology).

It aims to evaluate the likelihood of human error arising while performing a specific task.

· It is applied in the wake of the occurrence of an incident and can operate as a diagnostic modelling tool.

· However, it lacks numerical aspects involved in the methodology utilized to build the model, also it is not predictive, and does not consider the Human Error Probability (HEP) as an output (compared to the 1st generation HRA methodologies). It is not appropriate for use in particular areas such as sensitivity analysis.

Various fields such as:

· Healthcare

· Engineering

· Nuclear

· Transportation

· etc.

QT, QL

R

The Cognitive Reliability and Error Analysis Method (CREAM)

(2nd generation of HRA)

It describes an “error taxonomy which integrates individual, technological and organizational factors based on cognitive engineering principles” (Hollnagel, 1998) . It can help to (Hollnagel, 1998) :

· “Identify tasks that require human cognition and therefore depend on cognitive reliability”,

· “Determine the conditions where cognitive reliability and ensuing risk may be reduced”,

· “Provide an appraisal of the consequences of human performance on system safety which can be used in probabilistic safety assessment (PSA)”.

· However, this process is complex and intimidating, it is not employed widely. The CREAM is a time-consuming process.

Fields such as:

· Healthcare

· Manufacturing

· Transportation

· etc.

QL

P

The AcciMap approach

It is “a system-based technique for accident analysis, specifically for analysing the causes of accidents and incidents that occur in complex sociotechnical systems” (Rasmussen, 1997) . It is not a domain-specific approach. The AcciMap approach can supports effective decision-making in addressing systemic accident analysis and formulate safety recommendations. It might be useful to combine the AcciMap, the FRAM process and STAMP (Yousefi et al., 2019) .

To assess accident in various sectors such as:

· Mining

· Bushfire

· Transportation

· etc.

QL

R

The Human Factors Analysis and Classification System (HFACS)

It is a taxonomy-based aviation accident analysis method that can help identify the human causes of an accident (Salmon et al., 2012) . The HFACS is based on the “Swiss Cheese” model of human error by Reason (1990) . It may help investigate four human failure stages, namely: unsafe acts, preconditions for unsafe acts, unsafe supervision, and organizational influences. However, it is only as good as the subject matter experts behind the analysis in question.

To examine and assess human factors aspects such as:

· Aerospace

· Aviation

· etc.

QL

R