John Thomas presenting on system safety and security

Single loop vs double loop learning

Single Loop

What happened?

What did we do?

->

Two mistakes can appear different though the same methodology led to both

Double Loop

What happened?

What did we do?

Why did we do this?

Reliability Block Diagram

shows redundancies

used in Fault Tree Analysis

Systems Theoretic Process Analysis

Define purpose of analysis

Model of control structure

Identify unsafe control actions

Identify loss scenarios