How software drives safety in aerospace, healthcare, oil and gas

Safety-focused industries have developed safety-critical software and services from which other sectors can learn

Software is used to maintain safety in many high-risk fields, including aerospace, railways, automotive, nuclear power and healthcare.

“If you look at many sectors, at least 85% of the functions seen by users, whether a car driver or an aircraft pilot, are, to some extent, enabled by software,” says John McDermid, professor of software engineering at the University of York.

This is particularly true for aerospace, where the use of software in safety has been growing slowly over a long period. Some 10-15 years ago, aircraft depended much more heavily on software than other engineered domains, but other areas have been catching up rapidly, says McDermid.

Particularly in automotive, medical and consumer technologies, “it has been increasing at an incredible rate”, he adds.

This has left different industries regulating safety-critical software in different ways, says McDermid, with aerospace and nuclear power using a regulator to assess software and decide whether it complies with standards. “In some other sectors, for example automotive, in effect there is self-regulation,” he adds.

McDermid says there is a tension over whether or not safety-critical software should be formally approved. Regulatory checks are expensive and often quite slow, but aerospace software has an excellent record. “It’s a question of what balance of risk you take,” he says.

The US Federal Aviation Authority is currently looking at the cost of assuring aviation software, to see if this can be reduced, says McDermid. “As we develop more autonomy in road vehicles, I think we’ll find that the standards in automotive get more stringent,” he adds.

Medical devices have rapidly made more use of software, says McDermid, and although the US Federal Drug Authority has some regulatory power, more rigour may be required, with numerous examples of failures.

“I think that would be the one obvious area where more care and attention is needed,” he says. “We’re going from individual devices, such as the pacemaker, to connecting lots of devices in hospitals and also trying to support people in their homes more. We need to do much more to understand the interactions of these systems.”

One way in which healthcare providers are using software for safety is by analysing the data staff already collect. Some hospitals run an algorithm on basic patient observations to allocate risk levels, with people in more danger being checked more often by more senior staff as a result.
Digitising the National Early Warning Score

Many NHS hospitals use the Royal College of Physicians’ National Early Warning Score for this, calculated from measures such as temperature, blood pressure and level of consciousness.

The calculation can be worked out by hand, but this is time-consuming and prone to error. In research published in the Elsevier journal Resuscitation, Portsmouth Hospitals NHS Trust and the universities of Portsmouth and Bournemouth found that moving the calculation from paper to electronic entry via iPods cut the average time from 67 to 43 seconds, while the resulting incorrect clinical actions dropped from 14% to 5%.

The score, which includes recommended action, also makes it easier for nurses to provide a measure of severity to colleagues, rather than simply saying they are worried about a patient. “By having a score they can refer to, it makes that communication much quicker and slicker – there’s a common language,” says Paul Schmidt, a Portsmouth Hospitals consultant in acute medicine.

Portsmouth Hospitals began developing the VitalPAC software it uses for this in 2005, and deployed it across the hospital in 2009. It was originally intended to capture nurses’ observations for research on patient deterioration, but the trust realised it could use the data to help slow or prevent such deterioration.

Electronic records help reduce outbreaks of norovirus

One example has been to greatly reduce outbreaks of the norovirus winter vomiting bug. Portsmouth Hospitals cut the number of cases by 91% between 2009-10 and 2013-14, far more than the 28% drop recorded across England, according to a 2015 paper for BMJ Quality and Safety.

Through functionality developed with The Learning Clinic to record nausea and vomiting electronically, the trust was able to rapidly notify its infection prevention and control team, which could move patients into isolation, increase hygiene measures and order intensive cleaning.

“Our responses are much more targeted and much quicker,” says Schmidt. “The consequence is to virtually eradicate ward closures.”

The trust has also used the VitalPAC system to reduce mortality rates from cardiac arrests suffered by patients while in hospital and is using it to compare the frequency of patient observations on different wards.

Schmidt says standard electronic patient record systems in hospitals simply digitise what healthcare professionals used to write on paper. “That is not necessarily transformative,” he says. “If you look at how industry uses this technology, it’s for process control.

“People aren’t widgets, but they are subject to harm,” he adds, with 30% suffering some kind of damage during a hospital admission. “What we’re bringing to healthcare is the kind of technology that industry and airlines use.”

Safety software in oil and gas

Some of these industries are expanding their use of software for safety by extending it to staff training. In oil and gas extraction, certificates (and a passport) are used to check people boarding helicopters to rigs on the UK continental shelf, with similar systems operating in other countries.

The certificates show that an individual has up-to-date training on everything from escaping from a crashed helicopter underwater to medical checks.

Some certificates are permanent, while others last between six months and three years. Handling these certificates is a big administrative task – but an essential one.

“If you arrive at the gate to be mobilised without the correct certificate, you won’t be allowed to travel,” says Kevin Coll, managing director of Solutions Aberdeen, an oil industry-focused software and consultancy firm.

Coll, whose firm has provided IT services to oil and gas firms for 25 years, noticed many clients had tried to build systems to manage these certificates, or managed them through a set of spreadsheets. This led Solutions Aberdeen to develop Onboard, a web-based software suite that records certification and levels of competency. It can also track staff and contractor contact details, their location and availability, and integrate with other software when customers want to retain existing applications.

Features particularly useful in the North Sea include nicknames, so that someone commonly known as Jock can be found by this in the system, as well as by his actual name; and the ability to hold different contact details for emergency and routine queries. The system covers mobilisations on 59 of the 146 manned platforms in the North Sea.

Norwegian oilfield services firm Archer has 1,400 people on the system, gathering data previously held on separate systems and spreadsheets. “No longer did we need to lose time tracking down data – it was right there and we could access it when needed,” says Archer operations manager Mark Cowieson, quoted in a University of Aberdeen Business School case study.

Getting certification wrong can have a major impact on safety. If someone is blocked from travelling to a rig, that may leave it short of staff. And if they manage to get there without the right training – including on something specific to that rig – the consequences can be dire. Different rigs employ identical equipment, such as pipeline valves, but with different settings – one may be set to 150psi while another is at 1,500psi.

“If you go out on a rig using a piece of equipment that could blow up, you have to be trained and competent in its use for everyone’s safety there,” says Solutions Aberdeen’s Coll.

Money-saving opportunities

Onboard can also be used to avoid wasting money on safety issues. “An operator might insist that all of a group of personnel are trained on forklifting, but having reporting visibility would allow you to push back on the operators and query why it is needed when only a select few actually ever use them,” says Coll. “We could then save £250,000 a year by not training people who are never going to be allowed to operate the forklift anyway.”

The spare skills capacity adds little to the safety of a rig, because such skills require regular practice as well as training, he adds.

Similar software could be used in other regulated industries, such as in the health service to fill gaps in rotas and show the availability of locums, says Coll. “There is no high-level nationwide system that we are aware of that says who is available and what skills they have,” he adds. “That used to be the case in the North Sea.”

There is also potential in the nuclear industry and for providers of public-service vehicles, he points out.

Danger of over-reliance on software

But is there a danger of over-reliance on software to avoid disasters?

“There are a lot of things that computers and software are better at doing than human beings. They are much better at being consistent and reliable, and so on. But human beings are very much better at dealing with unanticipated things,” says the University of York’s McDermid.

However, this leads to the paradox of automation, with evidence mounting over a number of years that with aircraft increasingly run by software, pilots are not dealing with problems as well as before. “When something goes wrong, they don’t necessarily have the seat-of-the-pants flying skills or the understanding of the aircraft that they used to,” adds McDermid.

Software can also provide part of the solution, by improving training for disasters through simulations. This may not quite be real world, but there are clear advantages to pilots and others gaining experience of unsafe events without risking any lives.

First published by, 19 January 2016