It is exactly a year since The Attributer last visited this attribute. Then the issue was with the Board of Disney and its decisions over cyber security. A group of shareholders were unhappy with the Board position and the company was heading for a clash at the forthcoming annual stockholders meeting. This time we are dealing with the ongoing story of Boeing. Whilst the entertainment industry and the aviation industry are both multi-billion-dollar businesses, no-one ever got killed watching a movie, unless they were on a flight at the time. In the case of Boeing more than 340 people were killed in two crashes involving the ill-fated but hugely popular 737 Max airplane.
Let’s once again look at the definition of ‘accountable’:
Accountable: required or expected to justify actions or decisions; responsible, liable, answerable, chargeable, to blame for failures. Examples: “Ministers are accountable to Parliament.” “The government was held accountable for the food shortage.”
Boeing has a complicated statement of its vision and mission, covering multiple points of view. (https://www.boeing.com/principles/vision.page ). Interestingly one of the points is about safety, as you would expect:
“Safety: We value human life and well-being above all else and take action accordingly. We are personally accountable for our own safety and collectively responsible for the safety of our teammates and workplaces, our products and services, and the customers who depend on them. When it comes to safety, there are no competing priorities.”
That’s fairly clear, but the Board obviously failed to take account of its own vision statement. After much talking about the crashes as an ‘unfortunate sequence of events’, eventually Dennis Muilenburg, the Chief Executive of Boeing has had to resign. To suggest that such accidents are nothing more than ‘bad luck’ is an outdated and offensive message. The Attributer has written about a safety engineering methodology called STPA (see a previous article entitled SAFE), systems theoretic process analysis. This new approach to safety engineering is the work of Professor Nancy Leveson and her team at the MIT department of Aeronautics and Astronautics. The so-called ‘swiss cheese’ model in which the holes in cheese slices line up accidentally from time to time is not part of this modern approach. David Calhoun, Mr. Muilenburg’s successor, take note.
There are many parallels between STPA and SABSA, one of which being the essential presence of governance and accountability. Both frameworks deal with systems engineering. Both make huge reference to the need for good governance at every level of the system, including the high-level corporate system that produces the lower level systems. Whilst the 737 Max is a system, it is only a sub-system of the larger system: the Boeing Corporation. And Boeing is only a sub-system of the entire aviation industry.
The key to safe and secure operations of any systems is therefore embedded in the way they are engineered, and systems engineering demands governance at every level and accountability of the human players who hold responsibility for governing the systems. One of the essential first steps in engineering a system is to state the purpose of the system. What is it meant to do? According to most industry commentators, Boeing has clearly attempted to put profit before safety, violating its own vision statement. The Board saw the purpose of the system to make profits. They neglected to take account of the purpose also being to protect the safety of passengers and to maintain the confidence of the flying public at large.
Every organisation writes and publishes vision and mission statements., but if they don’t actually use them as guiding principles for how they do business then it’s all smoke and mirrors – merely window dressing in a world greedy for profit. If good systems engineering principles are applied, then those mission statements mean something. If not, then the words are empty. Both SABSA and STPA are clear about governance and accountability. If you follow and apply these frameworks, then you will not go far wrong in the world.