The Investigation Process Research Resource Site
A Pro Bono site with hundreds of resources for Investigation Investigators
Home Page Site Guidance FAQs Old News Site inputs Forums
. . . .. . . . . . . . last updated 4/28/07


to advance the
State-of-the-Art of
investigations, through
investigation process

Research Resources:

Search site for::

Launched Aug 26 1996.


One of a series of reviews and commentaries on publications of interest to the investigation process research community. The views are expressed are those of the authors of the reviews.



by Ludwig Benner, Jr.

Leveson, Nancy G., SAFEWARE: System Safety and Computers - A Guide to Preventing Accidents and Losses Caused by Technology, Addison Welsley Publishing Company, Reading MA Hardcover - 680 pages (April 1995) ISBN: 0201119722

The book examines what is currently known about building safe electromechanical systems and looks at the accidents of the past to see what lessons can be applied to new computer-controlled systems.


This is an informative book for investigation researchers, with examples of cases that show the role of software and its investigation in accidents. It also presents detailed discussion of system safety concepts that guide system safety practitioners in their work, which can be applied during investigations.

Recommended reading.

This book contains a useful compendium of ideas about software safety issues, and includes case studies in the appendices that provide worthwhile reading. The discussion of system safety approaches and techniques and the search for problems in computer software involved in the control of systems illustrates the kinds of issues confronting software designers, analysts, buyers, users and investigators.

Some precautions for readers.
1. The work reflects anthor's ambiguity about the nature of the accident phenomenon and causality concepts which show up in internal contradictions and illustrative models, detract from an otherwise illuminating work. The definitions and models presented do not provide useful guidance that disciplines the investigation processes of potential actions before new or changed systems are activated, for which the book makes such a strong case.

2. The work illustrates another problem facing users of investigation data. Leveson accepts and builds on the findings of the earlier NASA Challenger Investigation, refuted in Vaughan's work. Both developed their books about the same time, using different data sources analytical methodologies. The use of original data by Vaughan produces entirely different conclusions from Leveson's which used secondary data. See Vaughan reference.

3. The author focuses on analysis of accident reports, rather than the investigation process - providing another example of the consequences of the dichotomy between investigation practices and analysis practices. The book reinforces the need to clarify the distinction between the study of investigator process to define investigation problems impeding valid outputs, and the analyst's approach of trying to define investigation problems by analyzing work products resulting from traditional investigation practices.

Ludwig Benner, Jr. April 1998