During engineering school in the late 1960s I was taught to ignore friction as a force and use first order approximate linear models. When measuring distance, ignore the curvature of earth and treat as a straight line. Break things down into its parts, analyze each component, fix it, and then put it all back together. In the 1990s another paradigm coined Systems Thinking came about we jumped from Taylorism to embrace the Fifth Discipline, social-technical systems, Business Process Reengineering. When human issues arose, we bolted on Change Management to support huge advances in information technology. All industries have benefited and been disrupted by business and technological breakthroughs. Safety as an industry is no exception.
In January 2000, Stephen Hawking stated: “I think the next century will be the century of complexity.” In the spirit of safety differently, let’s explore safety from a non-linear complexity science perspective. Safety is no longer viewed as a static product or a service but as an emergent property in a complex adaptive system (CAS). Emergence is a real world phenomenon that System Thinking does not address or perhaps, chooses to ignore to keep matters simple. Glenda Eoyang defines a CAS as “a collection of individual agents who have the freedom to act in unpredictable ways, and whose actions are interconnected such that one agent’s actions changes the context for other agents.”
Let’s be clear. I’m not advocating abandoning safety rules, regulations, hierarchy of controls, checklists, etc. and letting workers go wild. We just need to treat them as boundaries and constraints that either enable or prevent safety as a CAS property from emerging. By repurposing them in our mind, we can better see why rules prevent danger from emerging and why too many constraining rules might create the conditions for danger such as confusion, distraction, anger to emerge. As overloading increases, a tipping point is reached, the apex of a non-linear parabola curve. A phase transition occurs and a surprise emerges, typically the failure of a brittle agent.
As the eras of business have evolved from scientific management to systems thinking, so has safety in parallel. The graphic below is a modification of an Erik Hollnagel slide presented at the 2012 Resilience Learning Lab in Vancouver and extends beyond to an Age of Cognitive Complexity.
In this age of cognitive complexity, the whole is greater than the sum of its parts (aka agents).
- “Different is more” which means the greater the diversity of agents, the greater the distributed cognition. Think wisdom of crowds, crowdfunding, crowdsourcing.
- “More is different” which means when you put the pieces of a complex system together you get behavior that is only understandable and explainable by understanding how the pieces work in concert (see Ron Gantt’s enlightening posting). In a CAS, doing the same thing over and over again can lead a different result.
- ”Different is order within unorder” which means in a complex environment full of confusion and unpredictability, order can be found in the form of hidden patterns. Think of a meeting agenda that shapes the orderly flow of discussion and contributions of individuals in a meeting. In nature, think of fractals that can be found everywhere.
When working in a Newtonian-Cartesian linear system, you can craft an idealistic Future state and develop a safety plan to get there. However, in a CAS, predicting the future is essentially a waste of time. The key is to make sense of the current conditions and focus on the evolutionary potential of the Present.
Is the shift to complexity-based safety thinking sufficient to warrant a new label? Dare we call this different paradigm Safety-III? It can be a container for the application of cognition and complexity concepts and language to safety: Adaptive safety, Abductive safety reasoning, Exaptive safety innovation, Viral safety communication to build trust, Autopoietic SMS, Dialogic safety investigation, Heuristics in safety assessment, Self-organizing role-based crew structures, Strange attractors as safety values, Cognitive activation using sensemaking safety rituals, Feedback loops in safety best practices, Brittleness in life saving rules, Swarm intelligent emergency response, Human sensor networks, Narrative safe-to-fail experiments, Attitude real-time monitoring as a safety lead indicator, Cynefin safety dynamics. Over time I’d like to open up an exploratory dialogue on some of these on the safetydifferently.com website.
From a review of past and current publications, I sense compelling support for a complexity-based safety approach. Here are a few on my list (my personal thoughts are the bulleted points not in quotes.)
System Safety Engineering: Back to the Future (Nancy Leveson 2002)
- ‘Safety is clearly an emergent property of systems.’
- ‘It is not possible to take a single system component, like a software module, in isolation and assess its safety. A component that is perfectly safe in one system may not be when used in another.’
The Complexity of Failure (Sidney Dekker, Paul Cilliers, Jan-Hendrik Hofmeyr 2011)
- ‘When accidents are seen as complex phenomena, there is no longer an obvious relationship between the behavior of parts in the system (or their malfunctioning, e.g. ‘‘human errors’’) and system-level outcomes.’
- ‘Investigations that embrace complexity, then, might stop looking for the ‘‘causes’’ of failure or success. Instead, they gather multiple narratives from different perspectives inside of the complex system, which give partially overlapping and partially contradictory accounts of how emergent outcomes come about.
- ‘The complexity perspective dispenses with the notion that there are easy answers to a complex systems event—supposedly within reach of the one with the best method or most objective investigative viewpoint. It allows us to invite more voices into the conver- sation, and to celebrate their diversity and contributions.’
Drift into Failure (Sidney Dekker 2011)
- By taking complexity theory ideas like the butterfly effect, unruly technology, tipping points, diversity, we can understand that failure emerges opportunistically, non-randomly, from the very webs of relationships that breed success and that are supposed to protect organizations from disaster.
- ‘Safety is an emergent property, and its erosion is not about the breakage or lack of quality of single components.’
- ‘Drifting into failure is not so much about breakdowns or malfunctioning of components, as it is about an organization not adapting effectively to cope with the complexity of its own structure and environment.’
Safety-I and Safety-II (Erik Hollnagel 2014)
- ‘Karl Weick in a 1987 California Management Review article introduced the idea of reliability as a dynamic non-event. This has often been paraphrased to define safety as a ‘dynamic non-event’…even though it may be a slight misinterpretation.’
- ‘Safety-I defines safety as a condition where the number of adverse outcomes (accidents/incidents/near misses) is a low as possible.’
- When there is an absence of an adverse outcome, it becomes a non-event which people take for granted. When people see nothing, they presume that nothing is happening and that nothing will continue to happen if they continue to act as before.
- ‘Safety-II is defined as a condition where as much as possible goes right.’
- ‘In Safety-II the absence of failures is a result of active engagement. This is not safety as a non-event but safety as something that happens. Because it is something that happens, it can be observed, measured, and managed.’
- Safety-III is observing, measuring, maybe managing but definitely influencing changes in the conditions that enables safety to happen in a CAS. In addition, it’s active engagement in observing, measuring, maybe managing but definitely influencing changes in the complex conditions that prevent danger from emerging.
Todd Conklin PAPod 28 with Ivan Pupulidy (July 2015)
- 18:29 ‘If we could start an emerging dialogue amongst our workers around the topic of conditions, we accelerate the learning in a really unique way.’
- ‘We started off with Safety-I, Safety-II. That was our original model. What we really recognized rather quickly was that there was a Safety-III.’
- ‘Safety-III was developing this concept of expertise around recognition of changes in the environment or changes in the conditions.’
Peter Sandman (Dave Johnson article, ISHN Magazine Oct 2015)
- ‘The fast pace of change in business today arguably requires a taste for chaos and an ability to cope well with high uncertainty.’
- ‘What is called ‘innovation’ may actually be just coping with an ever-faster pace of change: anticipating the changes on the horizon and adapting promptly to the changes that are already occurring. This sort of flexible adaptability is genuinely antithetical to orderly, rule-governed, stable behavioral protocols.’
- ‘Safety has traditionally been prone to orderly, rule-governed, stable behavioral protocols. For the sorts of organizational cultures that succeed in today’s environment, we may need to create a more flexible, adaptable, innovative, chaos-tolerating approach to safety.’
- ‘With the advent of ‘big data,’ business today is ever-more analytic. I don’t know whether it’s true that safety people tend to be intuitive/empathic – but if that’s the case, then safety people may be increasingly out of step. And safety may need to evolve in a more analytic direction. That needn’t mean caring less about others, of course – just using a different skill set to understand why others are the way they are.’
- I suggest that different skill set will be based on a complexity-based safety approach.
Resilience Engineering Concepts and Precepts (Hollnagel, Woods & Leveson, 2006)
- Four essential abilities that a system or an organisation must have: Respond, Anticipate, Monitor, Learn. Below is how I see the fit with complexity principles.
- We respond by focusing on the Present. Typically it’s an action to quickly recover from a failure. However, it can also be seizing opportunity that serendipitously emerged. Carpe Diem. Because you can’t predict the future in a CAS, having a ready-made set of emergency responses won’t help if unknowable and unimaginable Black Swans occur. Heuristics and complex swarming strategies are required to cope with the actual.
- We anticipate by raising our awareness of potential tipping points. We don’t predict the future but practice spotting weak signals of emerging trends as early as we can. Our acute alertness may sense we’re in the zone of complacency and need to pull back the operating point.
- We learn by making sense of the present and adapting to co-evolve the system. We call out Safety-I myths and fallacies proved to be in error by facts based on complexity science. We realize the importance of praxis (co-evolving theory with practice).
- We monitor the emergence of safety or danger as adjustments are made to varying conditions. We monitor the margins of maneuver and whether “cast in stone” routines and habits are building resilience or increasing brittleness.
What publications am I missing that support or argue against a complexity-based safety approach? Will calling it Safety-III help to highlight the change or risk it being quickly dismissed as a safety fad?
If you’d like to share your thoughts and comments, I suggest entering them at the safety differently.com website.