8.1. Systems do not always behave as they should

Despite the fact that a given system was well architected, internal and external hazards, dysfunctions and failures may unfortunately always occur and lead to unexpected consequences, either on the system and or on its environment¹. Systems are indeed not always behaving as they should!

Due to the potential severity of such consequences, there is a specific domain within engineering – safety, or dysfunctional, analysis – which is especially dedicated to the study of failures, that is, of what the system shall normally not do, in order to be able to design and define the best mitigation strategies in such situations. Any systems architect shall therefore know how to interact with safety experts, which is the purpose of the current chapter. The point is not to become a safety specialist, but to know the basic concepts of safety and to efficiently manage the interface² between systems architecting and safety, which is key, due to the core importance of this last domain.

In this matter, the safety/dysfunctional analysis process can in particular be defined as the systems engineering process which is dedicated to the analysis of the potential risks to which may be exposed a given system. Safety/dysfunctional analysis especially intends to identify, classify and quantify the risks associated with a given system and to define the safety requirements that this system will have to ...