This course is primarily intended to give system safety engineers an introduction to the issues that must be considered when computers are used in safety-critical or safety-related applications. The course starts with a rapid overview of how computer systems work, from basic hardware components up to application software. The emphasis throughout this introduction is on highlighting areas that are of potential concern to safety engineers. This introduction is followed by a more in-depth examination of the software development process, considering especially aspects of requirements specification, design and analysis that are critical to deployment of computers in safety-critical applications. The course also considers the structuring and collection of evidence for the software safety case.

This module is an introduction to the principles of system safety, including risk, basic terminology, and the main types of hazard and safety assessment techniques. It also provides a brief overview of material which will be covered in greater depth in later modules, such as legal issues, management of safety critical projects, and human factors.

This module teaches systematic approaches to hazard identification and risk assessment, including principles of risk reduction and ALARP. It effectively covers the first half of the safety process in the system development lifecycle. It encompasses predictive, target-setting techniques and should ideally be taken as a pair with System Safety Assessment, which addresses concepts and techniques appropriate to the later stages of a development project.

This course focuses on the provision of Human Factors support to safety related system design / engineering projects. It provides a foundational introduction to key Human Factors topic areas and the opportunity to apply key Human Factors techniques related to human error identification / human reliability analysis, with an eye on the strengths and limitations of each.

In this module, we will consider the challenges posed to safety engineering techniques and praxis by Robotics and Autonomous Systems in three broad areas: technical, engineering and social. Among the technical challenges, we will explore the nature of decision-making technologies and will consider the implications for data management, model learning, verification and deployment and understanding of the interaction between AS and the 'outside world', including humans. Engineering challenges include the elicitation and validation of safety requirements, identifying and analysing new classes of hazard and understanding how failures propagate in systems with an autonomous component, implications for incident report and investigation etc.. Social challenges include the role and expectations of the human in interactions with RAS, ethical concerns, acceptance and communication of risk and challenges for the law, governance and regulatory regimes in a number of domains. Implications for the safety case, particularly with reference to machine understanding and decision-making, will be considered throughout the module.

The module will be taught in a blended fashion, using a combination of pre-recorded lectures and live exercises sessions in which students will be taught in small groups. After the taught part of the module, students will select a topic and conduct a short critical literature review (formative). They will use this as a basis for a short talk, in a small group session, on which they will receive feedback both from other members of the group and from the course tutor. There will also be an open assessment (summative), undertaken over 7 weeks following the taught part of the module.

This module addresses the production and assessment of safety cases within safety projects. The module covers the role, purpose and typical content of safety case; explains how safety case arguments and evidence can selected; relates the development and maintenance of safety cases to the engineering lifecycle; details how safety case arguments can be critically assessed; and explains the regulatory context for a safety case development regime.

This module aims to provide students with an understanding of the interrelationships between safety and security. In particular the module focuses on how security threats can develop into hazardous events. The module is aimed at students with knowledge of safety engineering, but little or no understanding of security. The module therefore provides a broad awareness of security principles, measures and techniques.

This module aims to cover the analysis and assessment phase of the system safety engineering life-cycle for a proposed product or service. It does so by considering the inputs to this phase, the qualitative and quantitative analysis techinques that can be employed within this phase and the outputs from this phase in terms of evidence into the safety case regime. It also considers the changing assessment requirements as more integrated and complex systems are developed.