16.63J | Spring 2016 | Undergraduate

System Safety

Assignments and Class Project

Assignment 1: Citichem video

  1. Watch the Citichem video Acceptable Risks. Directed by Rick Wallace. Color, 92 min. 1986 and identify the factors contributing to the accident that you see in the video. Write down the answers to the following questions:
    • Is there a “root cause”?
    • Are some factors more important than others?
  2. In addition to the written, submit brief power point slides for a short presentation to the class (only about 5 minutes).

Assignment 2: Summarize Accident Report

  1. Read the SBS Tank 731 overflow accident report (PDF) and analysis and find at least 2 instances of hindsight bias in this report.
  2. Select an accident report from the list of accidents (provided below) and summarize the report in a 5-10 minute presentation. When you read this accident report, answer the questions provided below.
    • What was the cause identified in the report?
    • Is there a chain of events described? What was it?
    • Do you see any hindsight bias? Who or what was blamed and what type of bias was involved?
    • You may also pick your own accident report with liapproval of instructor. Since some of the reports are quite long, for this assignment you should read at least the introduction and conclusions of the report. Include in your presentation the main events, the causes identified in the report, and their recommendations. If you can find a short (under 2 minute) video online about your accident, feel free to include a link to it in your presentation. We’ll download any videos to a computer for class use.

List of Accident Reports

  • Air France 447
  • Anacortes Tesoro Refinery
  • Texas City: BP Refinery explosion [West Texas explosion would be interesting also but I don’t know if there is enough information available]
  • Chevron Richmond report (CSB)
  • Gol 1907 and Embraer collision (interesting because investigated by both Brazil and NTSB and they reached different conclusions. What would CAST show? I have access to people in Brazil to question about this (both in Brazilian ATC and Embraer)
  • Cali Columbia American Airlines crash (especially interesting human factors information provided)
  • Deepwater Horizon (Presidential Oil Spill Commission report is very well done and lots of information available about this accident)
  • Woodley Park DC Metro
  • Mars Polar Lander
  • Minneapolis highway bridge collapse
  • Hudson river midair collision between a helicopter and small plane
  • 2009 Schiphol airport (Amsterdam), Turkish Airlines B737
  • Shell Moerdijk accident

Assignment 3: CAST Analysis

Create a CAST analysis on the accident report you selected. Compare your results with the results in the official report. Feel free to use information from online resources or news articles to supplement the information in the report if you want. Be sure to cite any resources you use. Here are some hints:

  • Make sure your hazard describes the overall state of the system, and not specific behavior of an individual component like software, engines, pilots, etc.
  • Your control structure should include the responsibilities for each controller, the possible control actions, and feedback arrows. Label each arrow with the particular actions / information they represent. Add controllers if necessary to capture any additional causes you found.
  • Analyze the physical process / system. Identify:
    • Safety responsibilities of physical system (what must it do)
    • Physical controls (what design features were meant to fulfill the safety responsibilities)
    • Failures and inadequate controls (what went wrong)
    • Contextual factors (why did those things go wrong)
  • Analyze the controllers: Remember that a controller can be automated software, human operator, human manager, or an organization like FAA or congress. Identify:
    • Safety-related responsibilities (what goals they should achieve)
    • Unsafe Decisions and Control Actions (what they did that was unsafe)
    • Process model flaws (what did they believe about the system that explains their actions)
    • Context (what other factors—pressures, incentives, history, etc.—explain their actions)

Class Project Instructions

Do a hazard analysis of a real system; use this textbook as the reference book:

[ESW] = Buy at MIT Press Leveson, Nancy G. Engineering a Safer World: Systems Thinking Applied to Safety. MIT Press, 2012. ISBN: 9780262016629. [Preview with Google Books]

P1: Write a description of the system, what are the goals, have there been accidents in the past with it (if it is not new)? What are the technical system safety requirements? Read [ESW] Section 7.3 and what are the overall management or organizational requirements (also see [ESW] Section 7.4 )?"

P2: Define the accidents and hazards of importance to the stakeholders. Select one or two important ones to analyze.

P3: Describe the hierarchical safety control structure that either exists or needs to be created.

P4: Perform a Step 1 analysis in P1 for at least one human (operator) and one automated (software) part of your control structure. Rewrite the results as requirements.

P5: Perform a Step 2 analysis in P2 for the unsafe control actions you identified in Step 4. Generate recommendations for human factors design and technical design from the results.

P6: What information should be passed to operations that you have created in your analysis? Create a plan for operators to use that information.[See an example]

P7: What recommendations do you have for the overall safety control structure for the organization that will use this system?

P8: Is there an existing hazard analysis for this system? If so, compare the results with what you got using STPA. If not, did you find hazard causes that involved non-failure of components?

Course Info

Learning Resource Types
Lecture Notes
Online Textbook
Written Assignments