3.2.3 An Approach to Design for Safety in Complex Systems

Abstract: Most traditional hazard analysis techniques rely on discrete failure events that do not adequately handle software intensive systems or system accidents resulting from dysfunctional interactions between system components. This paper demonstrates a methodology where a hazard analysis based on the STAMP accident model is performed together with the system development process to design for safety in a complex system. Unlike traditional hazard analyses, this approach considers system accidents, organizational fact… Show more

“…Effective leaders make efforts to organize activities in such a way that they make better use of resources, information, and equipment; they plan activities, assign tasks, determine resource requirements, and coordinate interrelated activities (Dulac and Leveson, 2004). To achieve these goals, effective leaders need to apply a variety of different relation-oriented behaviors.…”

“…emergent behavior (Leveson, 2002). The control processes that enforce these constraints must limit system behavior to the safe changes and adaptations implied by the constraints (Dulac and Leveson, 2004). Dulac and Leveson (2004) showed that as the complexity of engineered systems increases, hazard analysis techniques have continued to lag behind the state-of-the-art engineering practice.…”

A systems thinking approach of occupational safety and health applied in the micro-, meso- and macro-levels: A Finnish survey

“…Effective leaders make efforts to organize activities in such a way that they make better use of resources, information, and equipment; they plan activities, assign tasks, determine resource requirements, and coordinate interrelated activities (Dulac and Leveson, 2004). To achieve these goals, effective leaders need to apply a variety of different relation-oriented behaviors.…”

“…emergent behavior (Leveson, 2002). The control processes that enforce these constraints must limit system behavior to the safe changes and adaptations implied by the constraints (Dulac and Leveson, 2004). Dulac and Leveson (2004) showed that as the complexity of engineered systems increases, hazard analysis techniques have continued to lag behind the state-of-the-art engineering practice.…”

A systems thinking approach of occupational safety and health applied in the micro-, meso- and macro-levels: A Finnish survey

“…Hazard analysis is essentially the investigation of an accident before it occurs. A proactive accident investigation, i.e., hazard analysis, using STAMP rather than the traditional analysis techniques based on event-chain models (e.g., fault tree analysis, event tree analysis, and failure modes and effects criticality analysis) can provide the information necessary to design an integrated socio-technical system, including development and operations, to prevent accidents in software-intensive systems [6].…”

“…Figure 4 shows a categorization of control flaws that can lead to the violation of the four conditions above. This categorization can be used in the creation of new hazard and accident analysis techniques (see, for example, [14,6]). …”

“…However, LMA decided to leave the filter in place for the first and subsequent Milstar flights for consistency. 6 No further explanation is included in the report.…”

A systems-theoretic approach to safety in software-intensive systems

5.3.1 A Safety‐Driven Systems Engineering Process