10/24/08

Engineering Ethics
ME 101 Fall 2008 {Modified 10/23/06} Technology - Defines what we can do. Ethics - Defines what we ought to do. Politics - Defines what we will do. What is Morality? "Engineering ethics is (1) the study of the moral issues and decisions confronting individuals and organizations involved in engineering and (2) the study of related questions about moral conduct, character, ideals, and relationships of people and organizations involved in technological development." M&S, p.4 "To say that an act is right is not to express a mere feeling or bias, but instead to assert that the best moral reasons support doing it." M&S p. 32 What are the Moral Problems which Confront Us? "... ethical problems arise most often when there are differences of judgment or expectations as to what constitutes the true state of affairs or a proper course of action." M&S, p.7 "... when we speak of moral problems we have in mind situations where what ought to be done is not so straightforward and obvious." "First, it may be unclear ... which, if any, moral considerations or principles apply to their situation." "Second, the difficulty might be that two different moral principles, both of which apply to one's situation, come into conflict or that one principle seems to point simultaneously in two different directions." M&S p.25 What is a Moral Theory? "...there ought either to be some one fundamental principle or law, at the root of all morality, or if there be several, there should be a determinate order of precedence among them; and the ... rule for deciding between the various principles when they conflict, ought to be self-evident." Mi p.274 What are the Sanctions of Morality? Feelings of Guilt - conscience Public Exposure - humiliation Public (Legal) Punishment

10/24/08

FOUR BASIC TYPES OF MORAL THEORY:

1.) VIRTUE ETHICS Virtue ethics is the oldest of the moral theories, often "rules" based sometimes based upon Divine Command. The emphasis is on becoming a morally good person as opposed to acting in a moral manner. It is a teleological ethical system from telos (goal or end) considering the basic question: What does it mean to be a good person? Three basic concepts are derived from Greek Philosophy: Arte excellence or virtue Phronesis practical or moral wisdom Eudaimonia happiness or flourishing. Virtues are acquired habits that enable us to engage effectively in rational activities. "Virtues are desirable ways of relating to other individuals, groups, and organizations. They have as much to do with motives, attitudes, and emotions, as they do with right and wrong conduct." M&S, p.40 Moral actions are based on virtue. Wrong actions arise from bad character traits vices The rewards of living a virtuous life can vary from eudaimonia a serene and respected old age - to entry into heaven or similar metaphysical rewards. Some Major Proponents of Virtue: Plato discussed the four cardinal virtues in the Symposium. Aristotle (384-322 BC) Virtues enable one to have a happy life (an active life based upon reason.) Listed four cardinal virtues: wisdom (prudence), courage (fortitude), temperance, and justice. "Unity of Virtues" to have one cardinal virtue is to have them all Other authors have expanded the list of cardinal virtues to include: integrity, unity of character, honesty and self-respect. St. Thomas Aquinas Summa Theologiae and Commentary on Nicomachean Ethics David Hume and the Scottish enlightenment. PROFESSIONAL VIRTUES: Responsibility is the fundamental professional virtue some aspects of responsibility include:

10/24/08 can be counted on to do the right thing conscientious diligent in meeting obligations trustworthy considerate of others There are different viewpoints on what responsibility means. A responsible person: has the capacity to make moral judgments. makes a conscientious effort to meet the obligations of one's work. is accountable for actions and their consequences. Accountability - implies that the action is not completely involuntary

Aristotle defined involuntary as: 1.) acts done in ignorance, although ignorance can itself be a moral failing 2.) acts performed under compulsion Responsibility in this sense has two different connotations: Causal and Legal Self-direction Virtues: self understanding, humility, moral autonomy, courage, selfdiscipline, perseverance, self respect, integrity, honesty Public Spirited Virtues: beneficence, generosity, sense of community Team Work Virtues: collegiality, cooperation, respect for authority, loyalty Proficiency Virtues: competence, diligence, creativity. Often , virtue ethics are associated with religious teachings. Divine Command Ethics stipulates that an act is right if commanded by God, and wrong if forbidden by God. 2.) RIGHTS ETHICS John Locke (1632-1704) people have "natural" rights - life, liberty, the property generated by one's labor and the pursuit of happiness. Locke viewed rights as entitlements that prevent other people from meddling in other's lives - these Liberty, or negative rights, place duties on other people not to interfere with one's life our duties to other people arise from our moral need to respect their rights. A.I. Melden (1910-1991) argued that having moral rights presupposes the capacity to show concern for others and to be accountable within a moral community. Melden called these Welfare, or positive, rights. These are the rights we each have to the community benefits needed for living a minimally decent life.

10/24/08 3.) DUTY ETHICS " ... there are duties ... which ought to be performed even though doing so may not always produce the most good." M&S p.33 Immanuel Kant (1724-1804) - Four Types of Duties: Perfect duties to oneself - perfect duties are things that must be done Perfect duties to others Imperfect duties to oneself - imperfect duties are things that should be done Imperfect duties to others First and foremost, Kant said we have a duty to show respect for people. People deserve this respect because they have inherent worth as human beings who have the capacity to make moral judgments and to act with good will. This capacity gives them "human dignity." We must not use people as means to our own ends. To Kant good will is the only unconditional good. Duties to ourselves are also fundamental - they engender integrity and self respect. Duties must be universalizable - they must apply to everyone. They must be categorical imperatives - that is they apply without qualifications or attached conditions. Moral imperatives require us to do certain things whether we want to or not. It is our duty whether it makes us happy or not. Prima Facie Duties - are duties that have conditions that can lead to exceptions.

John Rawls extended duty ethics on the basis of two imperatives: 1.) each person is entitled to the most extensive amount of liberty compatible with an equal amount for others 2.) differences in social power and economic benefits are justified only when they are likely to benefit everyone, including members of the most disadvantaged groups. 4.) UTILITARIANISM - Utility is the overall balance of good over bad. John Stuart Mill (1806-1873) was the major proponent of this ethical theory. "Utilitarianism holds that we ought always to produce the most utility, taking into equal account everyone affected by our actions." M&S p.33

10/24/08 "Utility, or the Greatest Happiness Principle, holds that actions are right in proportion as they tend to promote happiness, wrong as they tend to produce the reverse of happiness. By happiness is intended pleasure, and the absence of pain; by unhappiness, pain, and the privation of pleasure. ... pleasure, and freedom from pain, are the only things desirable as ends; and that all desirable things ... are desirable either for the pleasure inherent in themselves, or as means to the promotion of pleasure and the prevention of pain." Mi p.278 "The standard of right conduct is maximization of goodness." M&S p.35 "Act-Utilitarianism says we should focus on individual actions, rather than general rules. An act is right if it is likely to produce the most good for the most people involved in the particular situation." M&S p.35 "Rule-Utilitarianism regards moral rules as primary we ought always to on those rules that if generally followed would produce the most good for the most people." Rule utilitarianism is designed to close the loopholes which are part of act utilitarianism by discounting the pleasure of an individual when compare to a group.

"Mill believed that happiness is the only intrinsic good .. all other good things are instrumental goods in that they provide means for happiness." M&S p.35 "One kind of pleasure is preferable to another if the majority of people who have experienced both kinds favor it." M&S p.35

HISTORICAL DEVELOPMENT OF ETHICAL THEORY

Plato (429-348 BC) Biography: Founded the Academy about 389 BC in a sacred grove on the outskirts of Athens. The school operated until closed by Justinian in AD 529. Intended to " ... train its pupils to carry out a life of service for their communities and to investigate questions of science and mathematics." Moral arguments from the dialog "Protagoras" c. 370 BC: "The kind of instruction ... which you received from your instructors in letters or music or athletics? Under each of these you were instructed so that you could acquire not some skill or profession, but the kind of liberal education suitable for a free man of independent means." p. 140. "Even in private life our best and wisest citizens are unable to pass on this excellence to others." {the wise man cannot lead others to virtue} ... he lets them roam free, like sacred flocks, in the hope that they will somehow stumble upon this excellence of their own accord." p. 148. REFERENCES:

10/24/08

Mike W. Martin and Roland Schinzinger, Ethics in Engineering, Second Edition, Mc Graw-Hill, 1989. {M&S} Alan Ryan, Editor, John Stuart Mill and Jeremy Bentham - Utilitarianism and Other Essays, Penguin Classics, 1987. J.S. Mill, "Utilitarianism" (1861), pp. 272-338. {Mi} George C. Kerner, Three Philosophical Moralists: Mill, Kant, and Sartre - An Introduction to Ethics, Oxford University Press, 1990. Erich Segal, Editor, The Dialogues of Plato, Bantam Books, 1986 "Protagoras", pp.137-191 {Pl}

10/24/08

ETHICAL ASPECTS OF ENGINEERING PRACTICE

The Engineer's Responsibilities to the Public Public Safety and Welfare and Volunteerism - Public Safety is the paramount responsibility of the engineer. - The "Public" can be subdivided into four groups, each of which can lay claim to a different level of responsibility from the practicing engineer: Expert - an expert consumer should thoroughly understand the use and potential for misuse of the engineered system. By virtue of this expert knowledge the expert consumer is completely responsible for their use of the artifact. The designer has the responsibility of developing the "best" solution to the consumer's specific problem, but does not share the user's responsibility on how the system is actually used. As an example, consider the race car driver who purchase's brake components for his/her automobile. The producer's sole responsibility is to insure that these components have been manufactured to the published specifications. Active Consumer - the active consumer has the knowledge required to operate and maintain the device. The active consumer assumes some of the responsibility by making sure the device is operated in a safe manner, but the designer must insure that the device is intrinsically safe if operated properly, and properly maintained. An airline pilot is an example of an active consumer. Passive Consumer - such as an airliner passenger, assumes no responsibility for the operation of a system. The designer must offer the passive consumer protection from the consequences of a system failure consistent with the economic interests of the consumer. Innocent Bystanders - must not be harmed by the failure of an engineering system under any circumstances. They have not assumed any of the responsibility for the operation of that system. Expert Information on Public Issues Whistleblowing The Engineer's Responsibilities to the Client Disclosure of Design Errors Confidentiality Adherence to Code Monitoring of Sub-Contractors The Engineer's Responsibilities to the Profession Pro bono Recruiting/Service to Public Institutions.

10/24/08 Participation in Professional Societies Conflict of Interest - Occurs whenever an engineer is in a position to make a decision that can result in his/her personal gain. Disclosure of Potential Conflict of Interest Contingency Payments Competition with Former Employers Related Private Consultation After Public Employment Fair Trade Practices Intellectual Property Rights Criticism of Competitors Competence Inflated Claims in Advertising Shared Credit Maintaining Professional Standards Letters of Recommendation Signing off on Drawings

10/24/08

DESIGN FOR SAFETY AND RELIABILITY

"Accidents don't just happen, ... they are permitted to happen by fools who take no thought of misadventure!" William Nelson Cromwell Things fail! Engineers are expected to predict these potential failures and control them in their designs. Great engineers of the past have often reported that they have lost sleep worrying about the design problems they were working on, and anticipating the kinds of problems that might be encountered far into the future. "A safe structure will be one whose weakest link is never overloaded by the greatest force to which the structure is subjected." Petroski p. 41. "all successful design is the proper and complete anticipation of what can go wrong." Petroski, p. 6 " all error is human error, because it is people who have to decide what to do; it is people who have to decide how it should be done; and it is people who have to do it." Blockley 1980. A disaster takes place when a seriously disruptive event (an emergency) coincides with a state of insufficient preparation. Safety - a thing is safe if the risks, if they are fully known, are judged to be acceptable in light of well established principles and values. In this sense, safety is a subjective concept since the "values" used to assess it vary from person to person. Risk (I) - the potential that something unwanted and harmful may occur. Risk (II) - The product of the probability of an event occurring multiplied by the consequences if that event occurs. An engineering system (structure, machine, network or process) will either fail to fulfill its function or it will succeed! While there are many modes of failure, and many mechanisms for triggering these modes, we can measure the performance of a system over a period of time and define a numerical Probability of Failure. This is usually shown as a function of time: PF(t) = probability that a system will fail before a specified time = number of failures up to time t divided by the number of systems that were put into service at time zero. Usually the probability of failure is specified by a statement defining the relative occurence such as one in a hundred, which is numerically equivalent to 1/100 or 0.01

10/24/08

10

Failure and success are mutually exclusive. If something doesnt fail it survives. The probability of a system surviving, up to time t, is called the Reliability of the system and is denoted by the symbol R(t). The probability of failure and the reliability are related by the equation: PF(t) + R(t) = 1 So, the reliability of a system that must not fail more than 1 in a 100 times up to time t is: R(t) = 1 0.01 = 0.99 This inter-relationship is summarized in the following table:

Occurrence
1 in 10 1 in 100 1 in 1000 1 in 10,000 1 in 100,000 1 in 1,000,000 1 in 10,000,000

Probability of Failure
0.1 0.01 0.001 0.0001 0.00001 0.000001 0.0000001

Reliability
0.9 0.99 0.999 0.9999 0.99999 0.999999 0.9999999

Another measure of Reliability that is often used is the Mean Time Between Failures (MTBF). The MTBF is defined as the time it takes for the reliability to fall to 0.632 (1/e.) The reliability can then be expressed by the relationship:

R(t) = e

t MTBF

which is useful in computations. Many consumer products, light bulbs for example, actually show the MTBF on their packaging as a marketing ploy.

The Reliability of Engineering Systems:

Series Systems: A mechanical system is defined as a series system if the failure of any one part in the reliability chain causes the failure of the entire system. See the example on the next page. The reliability of a series system is the product of the reliabilities of all of the elements in the chain:
N

Rsys(t) =

R (t) = R R
i 1 i =1

... RN

10/24/08

11

Note that the over-all reliability of a series system is lower than the lowest reliability of any of the components it is made up of! Parallel Systems: A mechanical system is organized in reliability parallel if all the elements in the system must fail before the system itself fails. In this kind of system there are other paths that will support the systems operations should one fail. For example, all commercial jet aircraft are designed with multiple engines. In general, a jet can continue to fly and land as long as any one engine is working. For a parallel system the probability of failure for the overall system is the product of the probabilities of failure of all of the individual elements:
N N

PFsys = PFi = 1 Rsys = (1 Ri )

i=1 i=1

or,

Rsys = 1 (1 R1) (1 R2 ) ... (1 RN )

Theoretically, the reliability of a parallel system is always greater than the reliability of the best element in the system. Parallel elements are also called Redundant elements.

EXAMPLE: An Automobile Ignition Distributor:

10/24/08 R = 0.9995 R = 0.99 R = 0.99

12

} R = 0.999, combined
R = 0.9999 The working parts of an automobile ignition systems distributor cap are shown above. This system has many ways of failing. The connection to the coil can loosen or corrode, the breaker points can be fouled by electrical arcing, and can be shorted by humidity if the distributor cap cracks. The adjusting screw can loosen up and foul up the ignition timing. The cam and cam follower are continuously subject to wear. Not shown in this figure is a spring that keeps the face of the follower in contact with the cam. Finally the capacitor is subject to electrical and environmental damage. Approximate reliabilities for 5000 hours of operation are shown in the table. Since the ignition system will fail if any of these elements fail the system is in series. The reliability of the entire distributor can be estimated as: Rsys = (0.9995)(0.99)(0.99)(0.999)(0.9999) = 0.978 or, 22 units per thousand will fail before 5000 hours of operation. If we wanted to improve the design we can see that the weak links are the breaker points and adjustment screw.

10/24/08 EXAMPLE: A Modern Wire Rope Elevator

13

The passenger car (5) of the elevator shown at the left is suspended by three cables. If any one of these cables is capable of supporting the entire load then the system is organized in reliability Parallel or, two of the cables are said to be redundant. Assume that the cable has been designed so that the reliability, under full load, for 10,000 hours of operation, is 0.999. The manufacturer warrants that a single cable has a 1 in 1000 chance of failing over the design life. What is the reliability of the total elevator system? 1 Rsys = (1 R cable)3 Rsys = 1 (1 0.999)3 = 0.999999999 Or, there is a one in a billion chance the entire elevator system will fail, dropping the passenger car, in 10,000 hours!

10/24/08

14

There are, of course, more complicated ways of arranging mechanical elements. One other that is mentioned here for the sake of completeness is the k of m system. This type of system will continue to operate as long as k of the original m parallel elements continue to operate. The equation for calculating the reliability of a system like this is:

Rsys =

m! j R j (1 R j )(m j ) j= k (m j)!( j)!

The Management of Risk

It is an inescapable fact of life that engineers cannot design a system that will not fail!
The only ship that will not sink is one that sits on solid ground, but that is not what ships are for! The engineers task is to keep the risk of each possible failure at an acceptable level. As described earlier the risk can be defined as: Risk = (Probability of Failure) x (Consequences of Failure) The consequences of failure may be described in terms of lost time, lost dollars, or, in extreme cases, lost lives. To compare alternatives it is necessary to express risk in the same units. Note there are two ways to control the value of risk inherent in a design. The engineer can either: Control the probability of failure, the goal of Fail Safe Design or, Control the consequences of failure resulting in a Safe Fail Design. In Fail Safe Design the maximum probability of failure (or, alternatively, the reliability) for the design is specified at the outset of the project. The organization of the system and the selection of the individual elements are then manipulated to match the system goal. The PF for a Series system can only be controlled by using components, manufacturing and quality control techniques of such high quality that their individual reliabilities are much higher than the target reliability of the entire system. If parts that are that good exist then they are going to be frightfully expensive! FACTORS THAT MAKE A HIGH QUALITY COMPONENT: - Good, high quality materials - Good manufacturing techniques - Good quality control procedures

10/24/08 Careful handling and shipping Carefully monitored use Frequent maintenance

15

EXAMPLE: The space shuttle is protected by 30,000 thermal ablation tiles. 2000 of these tiles protect vital areas. If the loss of any one of these tiles could jeopardize the shuttles safety what must the individual reliability of these critical tiles be if the over-all probability of failure the shuttle is to remain below 1 in a 100 missions? 0.99 = R2000 R = 0.999995 Or only five tiles in a million could be permitted to fail during testing!