Show simple item record

dc.contributor.advisorNancy Leveson, Olivier de Weck, Joseph Sussman and Christian Hilbes.en_US
dc.contributor.authorAntoine, Blandineen_US
dc.contributor.otherMassachusetts Institute of Technology. Engineering Systems Division.en_US
dc.date.accessioned2013-07-09T19:30:13Z
dc.date.available2013-07-09T19:30:13Z
dc.date.copyright2013en_US
dc.date.issued2013en_US
dc.identifier.urihttp://hdl.handle.net/1721.1/79424
dc.descriptionThesis (Ph. D.)--Massachusetts Institute of Technology, Engineering Systems Division, 2013.en_US
dc.descriptionThis electronic version was submitted by the student author. The certified thesis is available in the Institute Archives and Special Collections.en_US
dc.descriptionCataloged from student-submitted PDF version of thesis.en_US
dc.descriptionIncludes bibliographical references.en_US
dc.description.abstractTraditional methods to identify and document hazards, and the corresponding safety constraints, are lacking in their ability to account for human, software and sub-system interactions in highly technical systems. STAMP, a systems-theoretic accident causality model, was created to overcome these limitations. The application of STAMP hazard analysis method STPA to five sub-systems of the Paul Scherrer Institute's experimental PROSCAN proton therapy system demonstrated how STPA can augment design and risk review of existing complex systems. Two of the five human controllers active in treatment delivery, two of the four process attributes controlled by the PROSCAN facility, and one of the four control loops that control the beam to target alignment attribute were analyzed. In doing so, the following contributions were made: - Analyzed the regulations currently in place in the US and Europe for the marketing of external beam radiotherapy devices and, more generally, medical devices that do not contain radioactive materials, concluding that STPA would be acceptable in both regulatory systems; - Provided experience in applying STPA to a complex device. Information on efficacy was derived by comparing STPA results with an existing safety assessment but a more formal counterpart is needed for stronger evidence. Information on learnability and usability was obtained when an informal workshop showed that system designers, in the course of one day, could be taught to use STPA to push their thinking about yet to be designed system elements; - Demonstrated the applicability of STPA to an experimental radiotherapy facility and, through this feasibility check, potentially influenced the state of the art in hazard analysis of medical devices and health care delivery; - Advanced the STPA methodology by creating notations and a process to document, query and visualize the possibly large number of hazardous scenarios identified by STPA analyses, with the goal of facilitating their review and use by their intended audience; Showed how STPA is complementary to more traditional hazard analysis techniques such as fault and event trees. Their respective strengths can be summoned when STPA is used to identify areas on which to focus the investigation lens of traditional hazard analysis techniques. Keywords: STAMP, STPA, hazard analysis, risk analysis, risk management, proton therapy, medical devices, safety, certificationen_US
dc.description.statementofresponsibilityby Blandine Antoine.en_US
dc.format.extent260 p.en_US
dc.language.isoengen_US
dc.publisherMassachusetts Institute of Technologyen_US
dc.rightsM.I.T. theses are protected by copyright. They may be viewed from this source for any purpose, but reproduction or distribution in any format is prohibited without written permission. See provided URL for inquiries about permission.en_US
dc.rights.urihttp://dspace.mit.edu/handle/1721.1/7582en_US
dc.subjectEngineering Systems Division.en_US
dc.titleSystems Theoretic Hazard Analysis (STPA) applied to the risk review of complex systems : an example from the medical device industryen_US
dc.typeThesisen_US
dc.description.degreePh.D.en_US
dc.contributor.departmentMassachusetts Institute of Technology. Engineering Systems Division
dc.identifier.oclc849655099en_US


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record