Assignments
Instead of a final exam, there will be written and oral assignments throughout the term. They will be based on the reading assignments.
Discussion Questions (
PDF)
|
|
|
|
SES # |
|
|
|
ASSIGNMENTS |
|
|
|
|
|
|
|
1 |
|
|
|
• Discussion questions (PDF)
• Identify five examples of systems or subsystems that may be reliable but unsafe or unreliable
but safe (i.e., where safety and reliability are different).
• Preliminary hazard analysis for Matterhorn including hazards, hazard levels, and design
constraints derived from them.
|
|
|
|
|
|
|
|
2 |
|
|
|
Compare the systemic accident factors found in the aerospace accidents paper and Chapter 4 of Safeware with those in the Therac-25 accident. If some particular information is not available for the Therac-25 accident, what additional investigation would you do to collect the information? |
|
|
|
|
|
|
|
3 |
|
|
|
Take the Walkerton e. coli outbreak (Christoffersen, and Vicente. "The Walkerton E. coli Outbreak: A Test of Rasmussen’s Framework for Risk Management in a Dynamic Society.") and model it in STAMP, a fault tree, and an Ishikawa diagram. Compare the results you get with each. |
|
|
|
|
|
|
|
4 |
|
|
|
Take the Titan/Centaur/Milstar loss, using the official report (PDF), and my STAMP analysis (PDF), and apply the techniques for analyzing data described in the DOE standard (Events and Causal Factor Chaining, Barrier Analysis, Change Analysis, Events and Causal Factors Analysis, and Root Cause Analysis). How do they compare to the STAMP analysis of the accident? |
|
|
|
|
|
|
|
7 |
|
|
|
For your level 2 and level 3 models of the Matterhorn, consider each of the requirements completeness factors in S-15 and describe for each how you accounted for it in your Matterhorn design or why it does not apply in this problem. |
|
|
|
|
|
|
|
8 |
|
|
|
Design an HMI for the Matterhorn. Explain how it reflects the principles in the book and the new mode confusion work. |
|
|
|
|