The role of maintenance in safety-critical systems, both preventing and causing hazards

A system that has been engineered to meet its safety requirements may initially be acceptably safe, but it is unlikely to remain so unless it is properly maintained; a process which starts with how maintainability was treated during development of a system.

The maintenance procedures are an important part of a system, and should be carefully documented and their use monitored to ensure that they are properly followed.

Maintenance issues such as configuration change control and a permit to work system are often overlooked until it is too late.

Apart from invalidating a system maintenance activities need to be considered to see if they involve any hazards for the personnel performing the maintenance.


The Union Carbide leak in Bhopal was caused by a technically advanced plant that was poorly maintained.


Poor railway track maintenance contributed to the Granville train crash.


Adoption of incorrect maintenance procedures caused the Flight 191 takeoff crash.


The permit to work system broke down in the Piper Alpha oil platform inferno.