Contents: This book examines past accidents and what is currently known about building safe electromechanical systems to see what lessons can be applied to new computer-controlled systems. One lesson is that most accidents are not the result of unknown scientific principles but rather of a failure to apply well-known, standard engineering practices. A second lesson is that accidents will not be prevented by technological fixes alone, but will require control of all aspects of the development and operation of the system. The features of a methodology for building safety-critical systems are outlined.

   PART 1: The Nature of Risk (126 pages)

Is there a problem?
How safe is safe enough?
The role of computers in accidents
Software myths
Why software engineering is hard
Problems in ascribing causality
A hierarchical model of causality
Root causes of accidents
Do humans cause most accidents?
The need for and role of humans in automated systems

PART 2: Introduction to System Safety (50 pages)

Foundations of system safety (systems theory and systems engineering)
Historical development
Basic concepts (hazard analysis, design for safety, management)
Software system safety
Cost and effectiveness of system safety
Other approaches to safety (industrial engineering, reliability engineering).

PART 3: Definitions and Models (75 pages)

Terminology
Accident models
Human task and error models

PART 4: Elements of a Safeware Program (290 pages)

Managing safety (the role of management, setting policy, communication channels, setting up a system safety organization, place in the organizational structure, documentation)
The system and software safety process (general tasks, real examples)
Hazard analysis (what it is, how to do it, types of models, types of analysis, current models and techniques, limitations, evaluations)
Software hazard analysis and requirements analysis
Designing for safety
Design of the human--machine interface
Verification of safety (testing, software fault tree analysis).

APPENDICES: (132 pages)

Detailed descriptions of well-researched accidents along with brief descriptions of industry-specific approaches to safety

Appendix A

Medical Devices: The Therac-25 story

Appendix B

Aerospace: The civil aviation approach to safety, Apollo 13, DC-10, and Challenger

Appendix C

The Chemical Industry: The chemical process industry approach to safety, Seveso, Flixborough, and Bhopal

Appendix D

Nuclear Power: How a nuclear power plant works, The nuclear power approach to safety, Windscale, Three Mile Island, and Chernobyl

REFERENCES: (20 pages)