Lazarski Aviation Academy
An airplane is the safest means of transportation. Civil aviation has developed a unique Just Culture safety culture, and safety management systems are built on the Swiss cheese model. The analogy is simple, but it hits the spot.
The Swiss cheese model has seen many adaptations, including describing coronavirus immunity. The basic idea is that any security system consists of a series of barriers. In the figure below, each such barrier is one slice of cheese.
“In the cheese analogy, it is assumed that there is no such slice that is without holes, however, whether it is possible to pass through such a block of cheese depends on how these holes are distributed in relation to each other. Building a safety system is therefore about building strong barriers with the knowledge that none of them is without flaws.” – can be read in an issue of the Civil Aviation Administration’s “Civil Aviation Safety Bulletin.”
Swiss cheese model - Aviation accidents do not have a single cause
This model explains in simple terms why aviation accidents and incidents do not have just one cause, even when it seems obvious on the surface. A hazard materializes when several layers of safeguards cannot cope with it.
That’s why, when investigating aviation accidents, the human factor is taken into account, weather conditions, technical faults, errors in the training and supervision system, the actions of pilots, air traffic controllers, technical personnel – and that’s not the end of the list.
The Swiss cheese model is used by the International Civil Aviation Organization (ICAO) in its safety management guidelines. It can be found in the updated Doc 9859 Safety Management Manual. In it, ICAO stresses that “a single-point failure rarely has consequences,” because safety in civil aviation is an extremely complex system.
Safety culture in the organization
ICAO also draws attention to organizational culture. “Security breaches can be a delayed consequence of decisions made at higher levels of the organization, which may remain dormant until they have an effect or are detrimental,” – the paper emphasized.
The model takes into account both the layers of security at different levels of the organization, and latent conditions, i.e., circumstances conducive to the occurrence of a security breach, and, finally, active actions or inactions that cause the final layers of security to be breached.
“Latent conditions in a system can include circumstances created by the security culture, choice of hardware or procedural design, conflicting organizational goals, faulty system organization or management decisions,” – they wrote. ICAO stresses that latent conditions are not initially perceived as harmful, and their negative consequences can be deferred over time.
Therefore, ICAO recommends adopting an “organizational accident paradigm” and thereby identifying latent conditions on a system-wide scale and minimizing the possible effects of individual errors, thereby strengthening the effectiveness of the entire safety system.
Aviation at Lazarski University
We encourage you to explore the intriguing world of modern aviation by reading our blog and enrolling in aviation majors at Lazarski Aviation Academy at Lazarski University.
