The Safety Achievement Model describes the three necessary conditions for genuine safety — not in parallel, but in sequence.
Over the past few years, safety work around AI-enabled systems has expanded significantly. Organisations perform hazard analyses, scenario-based testing, dataset validation, runtime monitoring, alignment with ISO standards and emerging regulatory frameworks such as the EU AI Act.
Yet safety incidents still occur.
The cause is rarely a shortage of activity. It is a shortage of structure — specifically, the absence of a declared boundary for acceptable residual risk, and the absence of a coherent model that connects design decisions to that boundary.
Before any analysis can be meaningful, an organisation must declare what level of residual risk is acceptable. This is not a general policy statement — it is a technical boundary that every subsequent decision must reference.
Without it, hazard analyses produce lists, not conclusions. Compliance activities produce artefacts, not evidence.
"We do not chase compliance. We start by defining what safety actually means for this system."
Safety cannot be achieved piecemeal. When architectural decisions, validation datasets, runtime monitoring thresholds, and regulatory documentation exist in separate silos, it is impossible to demonstrate that they collectively achieve a declared safety objective.
Structure means that these domains are connected — that every artefact traces back to a safety claim, and every safety claim is supported by evidence.
"Isolated analyses and disconnected artefacts are not enough."
The third condition is the hardest. Safety Realised means that the safety concept is implemented in the architecture, that validation evidence is sufficient to support the safety claims, that operational monitoring is sensitive to safety-relevant signals, and that conformity documentation reflects engineering reality rather than optimistic interpretation of standards.
"Safety must be realised in the product, the evidence, and the lifecycle governance."
PragmaSafe provides the structure that transforms safety activity into safety achievement. Through PISA, we make the three conditions operational — not as a framework to be documented, but as an engineering approach to be applied.
