ABSTRACT
Defense-in-depth has been a hallmark of safety studies for over fifty years. Recognized under various names across different industries, it is considered a general strategy or philosophy for achieving system safety in complex systems. In this work a novel safety strategy, termed observability-in-depth, is introduced as an essential complement to defense-in-depth, specifically addressing two common criticisms moved to defense-in-depth, namely: 1) that it can render systems more opaque to those who manage/operate them, leaving them blind to the possibility of hazard escalation; 2) that weaknesses in the barriers will always exist, or that the barriers cannot be made extensive enough to cover every possible accident trajectory (leading to the inability to a defense-in-breadth safety strategy in practice). Observability-in-depth can be thought of as the set of provisions designed into the system and its operation, which enables real-time monitoring and identification of hazardous states and accident pathogens, as well as lurking adverse conditions before they have an opportunity to manifest themselves. The “depth” qualifier of observability has a causal and temporal dimension, as it characterizes the ability to identify adverse states and conditions as far upstream as possible in an accident sequence. In this paper we develop various aspects of observability-in-depth, including a formal mathematical definition, and we examine its relevance as a connection between different safety communities. We then argue that observability-in-depth provides an opportunity to conceive of a dynamic defense-in-depth safety strategy in which defensive resources, safety barriers and others, are prioritized and allocated dynamically in response to emerging of risks, as well as real-time monitoring and identifications of adverse conditions. We believe that the concept of observability-in-depth can help expand the intellectual toolkit of safety practitioners and researchers, and that these concepts offer a rich basis and many fruitful venues for further research.
