Courses:

When you click the Amazon logo to the left of any citation and purchase the book (or other media) from Amazon.com, MIT OpenCourseWare will receive up to 10% of this purchase and any other purchases you make during that visit. This will not increase the cost of your purchase. Links provided are to the US Amazon site, but you can also support OCW through Amazon sites in other regions. Learn more.

This class will cover fundamental concepts and techniques in building mission-critical and safety critical systems that have software components. Most system reliability and many safety approaches in engineering have focused on redundancy of some sort. For new systems built from digital components and for the new types of accidents related to complexity and tight coupling in these systems, redundancy is not effective.

We will investigate state-of-the-art approaches to engineering these systems. Topics to be covered include the nature of risk, formal accident and human error models, fundamental concepts of system safety engineering and other approaches to ensuring safety, system and software hazard analysis, designing for safety, software fault tolerance, designing safe human-computer interaction, and verifying safety. The topics will be illustrated using real accidents.

Upon completion of this course, the student should be able to: distinguish between reliability and safety and critically read accident reports, perform a hazard analysis on a computer-based system, write requirements for a safety-critical system and trace safety constraints to design, work with human factors experts in the design of safe human-computer interaction, apply the principles of safe design to both systems and software, critique and evaluate a system design for safety, and design a process for building a safety-critical system.

Leveson, Nancy. Safeware: System Safety and Computer. Reading, MA: Addison-Wesley, 1995. ISBN: 0201119722.

The draft of the completed chapters in the new Leveson book (available in the readings section).

You will apply the things you are learning throughout the semester to an automobile adaptive cruise control (ACC) system. In terms, you will identify and analyze the system hazards, design safety features for the ride, model your designs (using a state-machine language), and perform hazard analyses on the models.

Instead of a final exam, there will be written and oral assignments throughout the term. They will be based on the reading assignments.