Syllabus

Class description

With the increasing complexity of systems today, new causes of accidents are being found that have their roots in the complex automation we’re building and human interactions with them. In this class, you will learn about the foundations of system safety as well as the latest generation of system and safety engineering based on systems theory and systems thinking. The approach, System Theoretic Process Analysis (STPA), is used widely across many industries including defense, aerospace, automotive, nuclear power, and other industries. The approach is designed to handle enormously complex systems and so-called “systems of systems.”

The class will be useful to any engineers, managers, or practitioners who have an interest in making safer systems. There are no prerequisites. The class is intended for those who are new to STPA.

The class will cover:

  • Fundamental concepts and principles in system safety
  • The Systems View of software and human interactions
  • Modeling safety control structures in STPA
  • Lessons learned across industries, common mistakes, and solutions
  • The STPA process step-by-step
  • Using STPA to avoid errors and flaws that lead to costly rework
  • Identifying STPA Losses, Hazards, Unsafe Control Actions, and Loss Scenarios
  • Anticipating and analyzing human error using STPA
  • Using STPA to identify functional automation requirements (including missing requirements)
  • Using STPA to produce automation that accounts for and reduces human error
  • Designing safety into complex systems containing hardware, software, and human components

Levels of enrollment

Three levels of enrollment are offered at different price points.

1.      Self-paced instruction (this course)

Instruction is delivered through recorded videos that can be watched at your own pace. The videos are recorded from previous live classes. This option includes instruction in each topic, educational materials, reading assignments, exercises, results submitted by past students, in-class instructor review comments on past student submissions, step-by-step templates to complete the exercises yourself, and guidance on how to review your own work to catch mistakes and fix them. This option does not include the certificate assessment, so no certificate is provided.

 2.      Class with live exercises (available separately)

Includes video-based instruction (#1 above) followed by live STPA exercises in a virtual classroom setting with other participants. You will be given a real-world system to analyze using the lessons learned in class. Each step of the analysis will be explained by the instructor, and you will work in small groups of ~2-5 people to complete the step. You'll be able to ask for help as you complete the exercise, and each step will be reviewed before moving to the next step. By the end, you will have demonstrated how to apply each step of STPA on a real problem. The scope of the live exercise will be limited to focus on learning the overall process. Due to time constraints, guidance will be provided about which aspects of the system explore and which should be ignored for the purpose of the exercises. This option does not include the STPA project or certificate assessment, so no certificate is provided.

 3.      Class with project and certification assessment (available separately)

Includes all of the above (#1 and #2) plus an STPA project. You will apply STPA iteratively to a system of your choice, submitting interim results and receiving individual instructor feedback before the final submission. The final submission is an STPA report based on a provided template. The report is evaluated to determine if the STPA Practitioner Certificate criteria have been correctly demonstrated. The certificate must be earned and is not guaranteed. In previous years, about 80% of those enrolled in the certificate option were able to earn their certificate.

Reading Assignments

The class will follow the STPA Handbook, which is available from MIT as a free PDF download. Class participants will be expected to read Chapter 2 (40 pages) either before or during the class. Chapter 1 is also required for any participants with a background in traditional safety, and optional for others.

- Read STPA Handbook Chapter 1 (13 pages)- Read STPA Handbook Chapter 2 (40 pages)
- Optional: Read other chapters in STPA handbook as appropriate

Additional reading is strongly recommended:

- Engineering a Safer World, Nancy Leveson (available as free PDF from MIT Press)
- An Introduction to System Safety Engineering, Nancy Leveson

Use of Class Materials

The instructional materials provided in this course, including but not limited to slides, videos, and written documents, are the exclusive property of the instructor and are protected under applicable copyright laws. Enrolled participants are granted a limited, non-transferable license to use these materials solely for personal educational purposes.

Distribution of these materials to individuals not enrolled in this course is strictly prohibited. Any commercial exploitation of the materials, including but not limited to selling, reproducing, or using the materials for promotional purposes of any kind, is expressly forbidden without the prior written consent of the instructor.

Use of these materials with, or disclosure of these materials to, generative artificial intelligence systems or large language models (LLMs) is strictly prohibited.

Unauthorized use of the instructional materials may result in civil and/or criminal penalties.

Complete and Continue