Course Meeting Times

Lectures: 2 sessions / week, 1.5 hours / session

Course Description

As new technology changes engineering practice and introduces almost unlimited complexity into our engineered systems, the potential for losses from unsafe operation of our systems must be addressed by engineers. Simply adding redundancy and increasing component reliability is no longer enough. The complexity required to achieve our goals is driving the need for the use of special engineering approaches to designing safety into our systems.

This class introduces students to modern concepts of system safety, including hazard analysis and design for safety and gives them the opportunity to apply these concepts in the design of a safety-critical system. Students also learn to analyze causality in accidents by studying important past accidents in a variety of industries and identifying the engineering and organizational flaws that led to these losses.


Buy at MIT Press Buy at Amazon Leveson, Nancy. Engineering a Safer World: Systems Thinking Applied to Safety. MIT Press, 2011. ISBN: 9780262016629. [Preview with Google Books] (Online version)

Course Overview

  1. Accident Analysis
    1. Understand goals and purpose
    2. Analyze a real accident report
    3. Apply a systems-theoretic accident analysis technique (i.e. CAST)
  2. Traditional Safety Design
    1. Learn basic safety design principles
    2. Recommend additional design features
  3. Hazard Analysis
    1. Understand goals and purpose
    2. Learn traditional methods (FMEA, FTA, HAZOP, PRA, Risk Matrices, etc.)
      1. Know strengths/limitations
      2. Apply them to systems designs
    3. Introduction to systems theory and a systems-theoretic accident model (i.e. STAMP)
    4. Learn and apply a systems-theoretic hazard analysis method (STPA)
  4. Safety-driven design
  5. Introduction to human factors, "new view" vs. "old view"
  6. Operations and management considerations


Each homework assignment will be graded with a number 1–10 as follows:

  • A: 8–10
  • B: 6–7
  • C: 4–5
  • F: 1–3

Each of the 13 assignments will be weighted the same amount. Together the assignments will account for 50% of the final class grade. With 13 assignments, each assignment is worth about 3.8% of the final grade.

The exams and final project will account for the remaining 50% of the final grade.

Homework assignments 1/2
Exam 1 1/6
Exam 2 1/6
Final project 1/6


1 Introduction, Uberlingen video  
2 Present causes found in assignment 1; lecture on analyzing accidents, hindsight bias, control structures and safety constraints (hazards) Assignment 1 due
3 Students present assignment 2; lecture on analyzing accidents and intro to CAST Assignment 2 due
4 Students present assignment 3; lecture on analyzing accidents using CAST (cont.) Assignment 3 due
5 Students present assignment 4; lecture on introduction to basic fault tolerance and safe design techniques to deal with hazards Assignment 4 due
6 Basic fault tolerant design Assignment 5 due
7 Discuss assignments 5 and 6 Assignment 6 due
8 Exam 1: accident analysis, basic design techniques  
9 Review exam  
10 Hazard analysis—what is it?  
11 Fault tree analysis  
12 FMEA, HAZOP Assignment 7 due
13 Introduction to system theory, control theory, and STAMP Assignment 8 due
14 STPA hazard analysis  
15 Students present assignment 9; lecture on STPA Step 1 Assignment 9 due
16 Review assignment 10; lecture on STPA Step 2 Assignment 10 due
17 Review assignment 11; finish lecture on STPA Step 2 Assignment 11 due
18 Exam 2: covers material through STPA Step 2  
19 Design using STPA  
20 Design  
21 Design (cont.) Assignment 12 due
22 Human factors design  
23 Human factors design (cont.)  
24 Students present assignment 13; lecture on human factors design Assignment 13 due
25 Safety during operations, examples from the Challenger space shuttle Assignment 14 due
26 Discuss management factors identified in Deepwater Horizon video; discuss the overall class, get student feedback