D>

Engineering a Safer World

This website contains a link to my new book "Engineering a Safer World" plus some related papers
that might interest you. This website is under construction and will grow, including the addition of
more teaching materials for the book.

Engineering is experiencing a technological revolution, but the basic engineering techniques applied
in safety and reliability engineering, created for a simpler, analog world, have changed very little over
the years. In this book, I describe a new approach to safety and risk management--better suited to
today's complex, sociotechnical, software-intensive world. The approach is based on modern
systems thinking and systems theory.

The new approach has now been used extensively on real-world systems and it is proving to be
more effective, less expensive, and easier to use. The book describes a new model of causation
(STAMP or Systems-Theoretic Accident Model and Processes) that can be used to improve the design,
operation, and management of potentially dangerous systems or products.

There was a WORKSHOP ON ENGINEERING A SAFER WORLD at MIT on April 17-19, 2012.
The first day was a tutorial on STPA, the new hazard analysis method based on STAMP.
Materials from the workshop can be obtained by clicking here.

Because the book has now been published, as agreed in my contract with the publisher,
MIT Press, they are now controlling the distribution of the book. There is still a free on-line version
(readable but not printable) but it is located on the MIT Press website (look in the left column and
click on the link that says "Read the complete text of this book."
Click here to read or buy "Engineering a Safer World"
A copy can also be purchased at one of the on-line book sellers.

Related papers:

• Paper on the application of STAMP to the analysis of the Comair 5191 Aircraft Accident by Paul Nelson
  
  
• Comparison of SOAM and STAMP for ATM incident investigation by Richard Arnold
  
  
• Modeling and Hazard Analysis Using STPA
  The application of STPA on the JAXA HTV (unmanned transfer vehicle to the ISS)
  
  
• A System-Theoretic Hazard Analysis Methodology for a Non-advocate Safety Assessment of the Ballistic Missile Defense System
  A paper on the results of using STPA
  
  
• Accident Analysis and Hazard Analysis for Human and Organizational Factors by Margaret Stringfellow
  A recent Ph.D. dissertation from MIT (October 2010)
  
  
• A Framework for Dynamic Safety and Risk Management Modeling in Complex Systems by Nicolas Dulac
  A Ph.D. dissertation from MIT (February 2007) that creates a methodology for dynamic analysis of complex
  systems using the NASA Constellation Program as the example.
  
  
• This is an example of what I consider to be a good high-level Operational Safety Policy . A detailed
  implementation, of course, is also needed. The company that produced this policy had previously experienced
  several serious accidents. After that, they created this policy and a new focus on system integrity and safety
  (from what had been primarily a focus on growth and expansion) and worked hard to change the corporate
  culture and make Safety, System Integrity, and Operational Excellence as the key pillars of their success.
  I was told that the three young ladies shown beside one of their pipeline markers attend a nearby school
  and the picture is intended as ``a strong reminder of what we in operations are really protecting.''
  
  
• Safety Guided Spacecraft Design using Model-Based Specifications. This paper was presented at
  Conference of the International Association for the Advancement of Space Safety, Versailles, France, October 2011.
  
  
• A paper on hazard analysis of multiple controllers. This paper was presented at the
  Conference of the International Association for the Advancement of Space Safety, Versailles, France, October 2011.
  
  
• Using STAMP in the early concept design phase of a JAXA manned spacecraft . This paper was presented at
  Conference of the International Association for the Advancement of Space Safety, Versailles, France, October 2011.
  
  
• A Hazard Analysis Based Approach to Improve the Landing Safety of a Blended-wing-body Remotely Piloted Vehicle.
  This paper, written by Lu Yi, Zhang Shu-guang, and Li Xue-qing from the School of Transportation Science and Engineering,
  Beihang University, Beijing, describes their use of STPA to investigate the cause of an unexpected landing safety problem in
  flight experiments for a UAV. They were able to identify an uncontrolled system behavior "path sagging phenomenon"
  and validate it by wind tunnel experiment data. Subsequent flight experiments showed that the hazard had been correctly
  identified and landing safety improved. An additional paper on the details of the STPA analysis is currently in journal review.
  
  
• An example of using CAST to analyze a real overflow accident at a petroleum refinery. The first part of
  this report contains the same information as my new book, but you may find useful the CAST
  accident analysis (starting on Page 18) and comparison with the actual analysis of the accident by the company.
  
  
• The Use of Safety Cases in Certification and Regulation This is a paper that has been circulating in various places
  (I wrote it originally for a NASA grant and then rewrote it for the use of the Presidential Oil Spill Commission
  and a Dept. of Interior advisory committee. It will appear in the Nov/Dec 2011 edition of the Journal of System Safety.
  
  
• Safety Assurance in NextGen The first year report on a NASA aviation safety grant demonstrating the application of
  STPA on a NextGen component (ITP). A comparison of the results of STPA with those of the official NextGen safety analysis is provided.
  
  
• Application of System Safety Framework in Hybrid Socio-Technical Environment of Eurasia. .
  A master's thesis thesis by Azamat Abdymomunov applying STAMP in the electricity sector using the
  particular example of the Sayano-Shushenskaya Hydroelectric Power Station accident. This thesis won
  the "best master's thesis" award at MIT last year for the System Design and Management Program.
  
  
• A CAST analysis of a U.S. Coast Guard aviation mishap. The results are compared with the standard HFACS approach.
  
  
• Application of CAST and STPA to Railroad Safety. CAST is used to analyze the recent high-speed rail accident in China.
  STPA is used to create safety requirements for IEEE STD 1474 Communication-Based Train Control.
  
  
• A Systems Approach to Food Accident Analysis , May 2011. This thesis won the "best master's thesis" award at MIT last year
  for the System Design and Management Program.
  
  
• Engineering Financial Safety A case study of Bear Stearns using CAST.
  
  
• Balgos thesis on application of STAMP to Medical Diagnosis Devices.> The results are compared to the original
  FMEA on the device.

A syllabus for a class using both my books can be found here [currently broken, will be fixed when I can do it]