Course Meeting Times
Sessions: 2 sessions / week, 1.5 hours / session
Teaching Objectives for the Class
We are increasingly designing and operating potentially very dangerous systems while, at the same time, our systems are becoming much more complex than in the past. Events like Air France 477, the Columbia Space Shuttle losses, Deepwater Horizon, Fukushima and Chernobyl, and many other lesser known accidents, are contributing to a demand for greater skills and accountability on the part of engineers and managers.
When engineers were creating systems that were relatively simple and the impact of design errors and failures was limited, learning on the job was adequate. But the situation is changing: Complexity is increasing rapidly in the systems we are building, partly because of the extensive use of software. The result is an increase in the physical and environmental harm that engineers can cause. This class will teach us how to use state-of-the-art system engineering techniques to build safer systems and to operate them in a safe manner.
- Understanding the cause of past major accidents: Preventing future accidents requires knowing why accidents in the past have occurred. We will look at well-known accidents in the past to understand the common causal factors.
- Learning to perform a causal analysis of new accidents / incidents: Too often, accidents are blamed on the system operators without adequate consideration of the role of poor system design and poor management decision-making. You will learn how to analyze the cause of accidents in a blame-free context.
- Performing hazard analysis: Hazard analysis has been described as “investigating an accident before it occurs.” The goal is to identify potential causes of accidents so the system can be designed and operated to avoid those causes. The first step in designing safety into the high-tech, complex systems we are building today is to perform a hazard analysis, including the potential of the system design to induce human errors in its use. You will learn both traditional and new state-of-the-art hazard analysis techniques.
- Using the results of hazard analysis in the design process: The results of the hazard analysis should be used during system design to either eliminate the hazards or to control and mitigate them in some way. Potential hazards in the physical, software, and human-automation interaction need to all be considered to accomplish this goal. You will learn how to design for safety.
- Operating and managing safety-critical systems and projects: Operations is not taken into account enough in designing systems. In addition, our new systems are so complex that engineers are increasingly involved in the operation, management, and regulation of complex systems. Regulators are increasingly requiring companies to have a Safety Management System. You will learn how to create an operations safety management plan and some of the unique requirements for designing and operating a safety management system.
There are two textbooks for the class:
- Leveson, Nancy G. Safeware: System Safety and Computers. Addison-Wesley Professional, 1995. ISBN: 9780201119725.
- ———. Engineering a Safer World: Systems Thinking Applied to Safety (Engineering Systems). MIT Press, 2012. ISBN: 9780262016629. This book is available for purchase or as a free download from the MIT Press website. [Preview with Google Books]
In addition, a few other readings will be assigned through out the semester. Our new STPA Primer (draft) will also be provided for reference, but you are not required to read it.
Each homework assignment will be graded with a number from 1–10 as listed in the following table:
For the final grade, there are 3 assignments, a class project, and a take home exam (in the ninth week of class). The breakdown of the final grade is summarized as follows:
|Three Assignments||30% (10% of each)|