10/24/08

Engineering Ethics
ME 101 Fall 2008
{Modified 10/23/06}
Technology - Defines what we can do.
Ethics - Defines what we ought to do.
Politics - Defines what we will do.
What is Morality?
"Engineering ethics is (1) the study of the moral issues and decisions confronting
individuals and organizations involved in engineering and (2) the study of related
questions about moral conduct, character, ideals, and relationships of people and
organizations involved in technological development." M&S, p.4
"To say that an act is right is not to express a mere feeling or bias, but instead to
assert that the best moral reasons support doing it." M&S p. 32
What are the Moral Problems which Confront Us?
"... ethical problems arise most often when there are differences of judgment or
expectations as to what constitutes the true state of affairs or a proper course of
action." M&S, p.7
"... when we speak of moral problems we have in mind situations where what
ought to be done is not so straightforward and obvious."
"First, it may be unclear ... which, if any, moral considerations or principles apply
to their situation."
"Second, the difficulty might be that two different moral principles, both of which
apply to one's situation, come into conflict or that one principle seems to point
simultaneously in two different directions." M&S p.25
What is a Moral Theory?
"...there ought either to be some one fundamental principle or law, at the root of
all morality, or if there be several, there should be a determinate order of precedence
among them; and the ... rule for deciding between the various principles when they
conflict, ought to be self-evident." Mi p.274
What are the Sanctions of Morality?
Feelings of Guilt - conscience
Public Exposure - humiliation
Public (Legal) Punishment

10/24/08

FOUR BASIC TYPES OF MORAL THEORY:

1.) VIRTUE ETHICS
Virtue ethics is the oldest of the moral theories, often "rules" based sometimes
based upon Divine Command.
The emphasis is on becoming a morally good person as opposed to acting in a moral
manner. It is a teleological ethical system from telos (goal or end) considering the
basic question: What does it mean to be a good person?
Three basic concepts are derived from Greek Philosophy:
Arte excellence or virtue
Phronesis practical or moral wisdom
Eudaimonia happiness or flourishing.
Virtues are acquired habits that enable us to engage effectively in rational activities.
"Virtues are desirable ways of relating to other individuals, groups, and
organizations. They have as much to do with motives, attitudes, and emotions, as
they do with right and wrong conduct." M&S, p.40
Moral actions are based on virtue. Wrong actions arise from bad character traits
vices
The rewards of living a virtuous life can vary from eudaimonia a serene and
respected old age - to entry into heaven or similar metaphysical rewards.
Some Major Proponents of Virtue:
Plato discussed the four cardinal virtues in the Symposium.
Aristotle (384-322 BC)
Virtues enable one to have a happy life (an active life based upon reason.)
Listed four cardinal virtues: wisdom (prudence), courage (fortitude), temperance,
and justice.
"Unity of Virtues" to have one cardinal virtue is to have them all
Other authors have expanded the list of cardinal virtues to include: integrity, unity
of character, honesty and self-respect.
St. Thomas Aquinas Summa Theologiae and Commentary on Nicomachean Ethics
David Hume and the Scottish enlightenment.
PROFESSIONAL VIRTUES:
Responsibility is the fundamental professional virtue
some aspects of responsibility include:

10/24/08

3
can be counted on to do the right thing
conscientious
diligent in meeting obligations
trustworthy
considerate of others

There are different viewpoints on what responsibility means. A responsible

person:
has the capacity to make moral judgments.
makes a conscientious effort to meet the obligations of one's work.
is accountable for actions and their consequences.
Accountability - implies that the action is not completely involuntary
Aristotle defined involuntary as:
1.) acts done in ignorance, although ignorance can itself be a moral failing
2.) acts performed under compulsion
Responsibility in this sense has two different connotations: Causal and Legal
Self-direction Virtues: self understanding, humility, moral autonomy, courage, selfdiscipline, perseverance, self respect, integrity, honesty
Public Spirited Virtues: beneficence, generosity, sense of community
Team Work Virtues: collegiality, cooperation, respect for authority, loyalty
Proficiency Virtues: competence, diligence, creativity.
Often , virtue ethics are associated with religious teachings. Divine Command
Ethics stipulates that an act is right if commanded by God, and wrong if
forbidden by God.
2.) RIGHTS ETHICS
John Locke (1632-1704)
people have "natural" rights - life, liberty, the property generated by one's labor
and the pursuit of happiness.
Locke viewed rights as entitlements that prevent other people from meddling in
other's lives - these Liberty, or negative rights, place duties on other people not to
interfere with one's life
our duties to other people arise from our moral need to respect their rights.
A.I. Melden (1910-1991) argued that having moral rights presupposes the capacity to
show concern for others and to be accountable within a moral community.
Melden called these Welfare, or positive, rights. These are the rights we each have
to the community benefits needed for living a minimally decent life.

10/24/08

3.) DUTY ETHICS

" ... there are duties ... which ought to be performed even though doing so may
not always produce the most good." M&S p.33
Immanuel Kant (1724-1804) - Four Types of Duties:
Perfect duties to oneself - perfect duties are things that must be done
Perfect duties to others
Imperfect duties to oneself - imperfect duties are things that should be done
Imperfect duties to others
First and foremost, Kant said we have a duty to show respect for people. People
deserve this respect because they have inherent worth as human beings who have
the capacity to make moral judgments and to act with good will. This capacity
gives them "human dignity."
We must not use people as means to our own ends.
To Kant good will is the only unconditional good.
Duties to ourselves are also fundamental - they engender integrity and self respect.
Duties must be universalizable - they must apply to everyone. They must be
categorical imperatives - that is they apply without qualifications or attached
conditions.
Moral imperatives require us to do certain things whether we want to or not. It is our
duty whether it makes us happy or not.
Prima Facie Duties - are duties that have conditions that can lead to exceptions.
John Rawls extended duty ethics on the basis of two imperatives:
1.) each person is entitled to the most extensive amount of liberty compatible with an
equal amount for others
2.) differences in social power and economic benefits are justified only when they are
likely to benefit everyone, including members of the most disadvantaged groups.
4.) UTILITARIANISM - Utility is the overall balance of good over bad. John Stuart
Mill (1806-1873) was the major proponent of this ethical theory.
"Utilitarianism holds that we ought always to produce the most utility, taking into
equal account everyone affected by our actions." M&S p.33

10/24/08

"Utility, or the Greatest Happiness Principle, holds that actions are right in
proportion as they tend to promote happiness, wrong as they tend to produce the
reverse of happiness. By happiness is intended pleasure, and the absence of pain; by
unhappiness, pain, and the privation of pleasure. ... pleasure, and freedom from pain,
are the only things desirable as ends; and that all desirable things ... are desirable
either for the pleasure inherent in themselves, or as means to the promotion of
pleasure and the prevention of pain." Mi p.278
"The standard of right conduct is maximization of goodness." M&S p.35
"Act-Utilitarianism says we should focus on individual actions, rather than
general rules. An act is right if it is likely to produce the most good for the most
people involved in the particular situation." M&S p.35
"Rule-Utilitarianism regards moral rules as primary we ought always to on
those rules that if generally followed would produce the most good for the most
people." Rule utilitarianism is designed to close the loopholes which are part of act
utilitarianism by discounting the pleasure of an individual when compare to a group.
"Mill believed that happiness is the only intrinsic good .. all other good things are
instrumental goods in that they provide means for happiness." M&S p.35
"One kind of pleasure is preferable to another if the majority of people who have
experienced both kinds favor it." M&S p.35

HISTORICAL DEVELOPMENT OF ETHICAL THEORY

Plato (429-348 BC)
Biography:
Founded the Academy about 389 BC in a sacred grove on the outskirts of
Athens.
The school operated until closed by Justinian in AD 529.
Intended to " ... train its pupils to carry out a life of service for their
communities and to investigate questions of science and mathematics."
Moral arguments from the dialog "Protagoras" c. 370 BC:
"The kind of instruction ... which you received from your instructors in letters
or music or athletics? Under each of these you were instructed so that you
could acquire not some skill or profession, but the kind of liberal
education suitable for a free man of independent means." p. 140.
"Even in private life our best and wisest citizens are unable to pass on this
excellence to others." {the wise man cannot lead others to virtue} ... he
lets them roam free, like sacred flocks, in the hope that they will somehow
stumble upon this excellence of their own accord." p. 148.
REFERENCES:

10/24/08

Mike W. Martin and Roland Schinzinger, Ethics in Engineering, Second Edition, Mc

Graw-Hill, 1989. {M&S}
Alan Ryan, Editor, John Stuart Mill and Jeremy Bentham - Utilitarianism and Other
Essays, Penguin Classics, 1987.
J.S. Mill, "Utilitarianism" (1861), pp. 272-338. {Mi}
George C. Kerner, Three Philosophical Moralists: Mill, Kant, and Sartre - An
Introduction to Ethics, Oxford University Press, 1990.
Erich Segal, Editor, The Dialogues of Plato, Bantam Books, 1986
"Protagoras", pp.137-191 {Pl}

10/24/08

ETHICAL ASPECTS OF ENGINEERING PRACTICE

The Engineer's Responsibilities to the Public
Public Safety and Welfare and Volunteerism
- Public Safety is the paramount responsibility of the engineer.
- The "Public" can be subdivided into four groups, each of which can lay claim to
a different level of responsibility from the practicing engineer:
Expert - an expert consumer should thoroughly understand the use and
potential for misuse of the engineered system. By virtue of this expert
knowledge the expert consumer is completely responsible for their use of
the artifact. The designer has the responsibility of developing the "best"
solution to the consumer's specific problem, but does not share the user's
responsibility on how the system is actually used.
As an example, consider the race car driver who purchase's brake
components for his/her automobile. The producer's sole responsibility is to
insure that these components have been manufactured to the published
specifications.
Active Consumer - the active consumer has the knowledge required to
operate and maintain the device. The active consumer assumes some of
the responsibility by making sure the device is operated in a safe manner,
but the designer must insure that the device is intrinsically safe if operated
properly, and properly maintained. An airline pilot is an example of an
active consumer.
Passive Consumer - such as an airliner passenger, assumes no responsibility
for the operation of a system. The designer must offer the passive
consumer protection from the consequences of a system failure consistent with the economic interests of the consumer.
Innocent Bystanders - must not be harmed by the failure of an engineering
system under any circumstances. They have not assumed any of the
responsibility for the operation of that system.
Expert Information on Public Issues
Whistleblowing
The Engineer's Responsibilities to the Client
Disclosure of Design Errors
Confidentiality
Adherence to Code
Monitoring of Sub-Contractors
The Engineer's Responsibilities to the Profession
Pro bono Recruiting/Service to Public Institutions.

10/24/08
Participation in Professional Societies
Conflict of Interest - Occurs whenever an engineer is in a position to make a decision
that can result in his/her personal gain.
Disclosure of Potential Conflict of Interest
Contingency Payments
Competition with Former Employers
Related Private Consultation After Public Employment
Fair Trade Practices
Intellectual Property Rights
Criticism of Competitors Competence
Inflated Claims in Advertising
Shared Credit
Maintaining Professional Standards
Letters of Recommendation
Signing off on Drawings

10/24/08

DESIGN FOR SAFETY AND RELIABILITY

"Accidents don't just happen, ... they are permitted to happen by fools
who take no thought of misadventure!" William Nelson Cromwell
Things fail! Engineers are expected to predict these potential failures and control
them in their designs. Great engineers of the past have often reported that they have lost
sleep worrying about the design problems they were working on, and anticipating the
kinds of problems that might be encountered far into the future.
"A safe structure will be one whose weakest link is never overloaded by the greatest
force to which the structure is subjected." Petroski p. 41.
"all successful design is the proper and complete anticipation of what can go wrong."
Petroski, p. 6
" all error is human error, because it is people who have to decide what to do; it is
people who have to decide how it should be done; and it is people who have to do it."
Blockley 1980.
A disaster takes place when a seriously disruptive event (an emergency) coincides
with a state of insufficient preparation.
Safety - a thing is safe if the risks, if they are fully known, are judged to be acceptable in
light of well established principles and values. In this sense, safety is a subjective
concept since the "values" used to assess it vary from person to person.
Risk (I) - the potential that something unwanted and harmful may occur.
Risk (II) - The product of the probability of an event occurring multiplied by the
consequences if that event occurs.
An engineering system (structure, machine, network or process) will either fail to fulfill
its function or it will succeed!
While there are many modes of failure, and many mechanisms for triggering these
modes, we can measure the performance of a system over a period of time and define a
numerical Probability of Failure. This is usually shown as a function of time:
PF(t) = probability that a system will fail before a specified time = number of failures up
to time t divided by the number of systems that were put into service at time zero.
Usually the probability of failure is specified by a statement defining the relative
occurence such as one in a hundred, which is numerically equivalent to 1/100 or 0.01

10/24/08

10

Failure and success are mutually exclusive. If something doesnt fail it survives. The
probability of a system surviving, up to time t, is called the Reliability of the system and
is denoted by the symbol R(t).
The probability of failure and the reliability are related by the equation:
PF(t) + R(t) = 1
So, the reliability of a system that must not fail more than 1 in a 100 times up to time t is:
R(t) = 1 0.01 = 0.99
This inter-relationship is summarized in the following table:

Occurrence

Probability of Failure

Reliability

1 in 10
1 in 100
1 in 1000
1 in 10,000
1 in 100,000
1 in 1,000,000
1 in 10,000,000

0.1
0.01
0.001
0.0001
0.00001
0.000001
0.0000001

0.9
0.99
0.999
0.9999
0.99999
0.999999
0.9999999

Another measure of Reliability that is often used is the Mean Time Between Failures
(MTBF). The MTBF is defined as the time it takes for the reliability to fall to 0.632 (1/e.)
The reliability can then be expressed by the relationship:

R(t) = e

t
MTBF

which is useful in computations. Many consumer products, light bulbs for example,
actually show the MTBF on their packaging as a marketing ploy.

The Reliability of Engineering Systems:

Series Systems: A mechanical system is defined as a series system if the failure of any
one part in the reliability chain causes the failure of the entire system. See the example
on the next page.
The reliability of a series system is the product of the reliabilities of all of the elements in
the chain:
N

Rsys(t) =

R (t) = R R
i

i =1

... RN

10/24/08

11

Note that the over-all reliability of a series system is lower than the lowest reliability of
any of the components it is made up of!
Parallel Systems: A mechanical system is organized in reliability parallel if all the
elements in the system must fail before the system itself fails. In this kind of system there
are other paths that will support the systems operations should one fail. For example,
all commercial jet aircraft are designed with multiple engines. In general, a jet can
continue to fly and land as long as any one engine is working.
For a parallel system the probability of failure for the overall system is the product of the
probabilities of failure of all of the individual elements:
N

PFsys = PFi = 1 Rsys = (1 Ri )

i=1

i=1

or,

Rsys = 1 (1 R1) (1 R2 ) ... (1 RN )

Theoretically, the reliability of a parallel system is always greater than the reliability of
the best element in the system. Parallel elements are also called Redundant elements.

EXAMPLE:
An Automobile Ignition Distributor:

10/24/08

12
R = 0.9995
R = 0.99
R = 0.99

} R = 0.999, combined
R = 0.9999
The working parts of an automobile ignition systems distributor cap are shown above.
This system has many ways of failing. The connection to the coil can loosen or corrode,
the breaker points can be fouled by electrical arcing, and can be shorted by humidity if
the distributor cap cracks. The adjusting screw can loosen up and foul up the ignition
timing. The cam and cam follower are continuously subject to wear. Not shown in this
figure is a spring that keeps the face of the follower in contact with the cam. Finally the
capacitor is subject to electrical and environmental damage.
Approximate reliabilities for 5000 hours of operation are shown in the table. Since the
ignition system will fail if any of these elements fail the system is in series. The
reliability of the entire distributor can be estimated as:
Rsys = (0.9995)(0.99)(0.99)(0.999)(0.9999) = 0.978
or, 22 units per thousand will fail before 5000 hours of operation. If we wanted to
improve the design we can see that the weak links are the breaker points and adjustment
screw.

10/24/08

13

EXAMPLE: A Modern Wire Rope Elevator

The passenger car (5) of the elevator shown
at the left is suspended by three cables. If
any one of these cables is capable of
supporting the entire load then the system
is organized in reliability Parallel or, two
of the cables are said to be redundant.
Assume that the cable has been designed so
that the reliability, under full load, for
10,000 hours of operation, is 0.999. The
manufacturer warrants that a single cable
has a 1 in 1000 chance of failing over the
design life. What is the reliability of the
total elevator system?
1 Rsys = (1 R cable)3
Rsys = 1 (1 0.999)3 = 0.999999999
Or, there is a one in a billion chance the
entire elevator system will fail, dropping
the passenger car, in 10,000 hours!

10/24/08

14

There are, of course, more complicated ways of arranging mechanical elements. One
other that is mentioned here for the sake of completeness is the k of m system. This
type of system will continue to operate as long as k of the original m parallel elements
continue to operate. The equation for calculating the reliability of a system like this is:
m

m!
j
R j (1 R j )(m j )
j= k (m j)!( j)!

Rsys =

The Management of Risk

fact of life that engineers cannot design a system that will not fail!
It is an inescapable
The only ship that will not sink is one that sits on solid ground, but
that is not what ships are for!
The engineers task is to keep the risk of each possible failure at an acceptable level.
As described earlier the risk can be defined as:
Risk = (Probability of Failure) x (Consequences of Failure)
The consequences of failure may be described in terms of lost time, lost dollars, or, in
extreme cases, lost lives. To compare alternatives it is necessary to express risk in the
same units.
Note there are two ways to control the value of risk inherent in a design. The engineer
can either:
Control the probability of failure, the goal of Fail Safe Design
or,
Control the consequences of failure resulting in a Safe Fail Design.
In Fail Safe Design the maximum probability of failure (or, alternatively, the
reliability) for the design is specified at the outset of the project. The organization of the
system and the selection of the individual elements are then manipulated to match the
system goal.
The PF for a Series system can only be controlled by using components,
manufacturing and quality control techniques of such high quality that their individual
reliabilities are much higher than the target reliability of the entire system. If parts that
are that good exist then they are going to be frightfully expensive!
FACTORS THAT MAKE A HIGH QUALITY COMPONENT:
- Good, high quality materials
- Good manufacturing techniques
- Good quality control procedures

10/24/08
-

15

Careful handling and shipping

Carefully monitored use
Frequent maintenance

EXAMPLE: The space shuttle is protected by 30,000 thermal ablation tiles. 2000 of these
tiles protect vital areas. If the loss of any one of these tiles could jeopardize the shuttles
safety what must the individual reliability of these critical tiles be if the over-all
probability of failure the shuttle is to remain below 1 in a 100 missions?
0.99 = R2000
R = 0.999995
Or only five tiles in a million could be permitted to fail during testing!