A framework for dynamic safety and risk management modeling in complex engineering systems

Thesis (Ph. D.)--Massachusetts Institute of Technology, Dept. of Aeronautics and Astronautics, June 2007.

[1]  Veikko Rouhiainen,et al.  Quality management of safety and risk analysis , 1993 .

[2]  W. Weaver,et al.  A quarter century in the natural sciences. , 1961, Public health reports.

[3]  John D. W. Morecroft,et al.  Rationality in the Analysis of Behavioral Simulation Models , 1985 .

[4]  B. Turner Man Made Disasters , 1995 .

[5]  William G. Johnson,et al.  Mort Safety Assurance Systems , 1980 .

[6]  K. Roberts Some Characteristics of One Type of High Reliability Organization , 1990 .

[7]  W. Freudenburg Perceived risk, real risk: social science and the art of probabilistic risk assessment. , 1988, Science.

[8]  Peter M. Madsen,et al.  A case of the birth and death of a high reliability healthcare organisation , 2005, Quality and Safety in Health Care.

[9]  David Okrent,et al.  Man-made disasters , 1998 .

[10]  R. Cook,et al.  “Going solid”: a model of system dynamics and consequences for patient safety , 2005, Quality and Safety in Health Care.

[11]  J. Sterman A behavioral model of the economic long wave , 1985 .

[12]  David L. Cooke,et al.  A system dynamics analysis of the Westray mine disaster , 2003 .

[13]  Arwen Mohun,et al.  The Limits of Safety: Organizations, Accidents, and Nuclear Weapons , 1993 .

[14]  Hugh McManus,et al.  A framework for understanding uncertainty and its mitigation and exploitation in complex systems , 2006, IEEE Engineering Management Review.

[15]  Jens Rasmussen,et al.  Cognitive Systems Engineering , 2022 .

[16]  Joseph H. Saleh,et al.  Archetypes for organizational safety , 2006 .

[17]  Howard E. McCurdy,et al.  Inside NASA: High Technology and Organizational Change in the U.S. Space Program , 1993 .

[18]  Jos A. Rijpma,et al.  Complexity, Tight–Coupling and Reliability: Connecting Normal Accidents Theory and High Reliability Theory , 1997 .

[19]  T. L. Porte High Reliability Organizations: Unlikely, Demanding and At Risk , 1996 .

[20]  K. Weick Organizational Culture as a Source of High Reliability , 1987 .

[21]  Gustavo Stubrich The Fifth Discipline: The Art and Practice of the Learning Organization , 1993 .

[22]  Peter Neumann,et al.  Safeware: System Safety and Computers , 1995, SOEN.

[23]  S. Straus Risk Analysis in Engineering and Economics , 2004 .

[24]  John D. Sterman,et al.  Diagnosing surprise model behavior: A tool for evolving behavioral and policy insights (1981) , 1991 .

[25]  K. J. Vicente,et al.  Cognitive Work Analysis: Toward Safe, Productive, and Healthy Computer-Based Work , 1999 .

[26]  Scott D. Sagan The Limits of Safety: Organizations, Accidents, and Nuclear Weapons , 1993 .

[27]  N. Repenning,et al.  Disaster Dynamics: Understanding the Role of Quantity in Organizational Collapse , 2002 .

[28]  Jos A. Rijpma,et al.  From Deadlock to Dead End: The Normal Accidents‐ High Reliability Debate Revisited , 2003 .

[29]  Eric F. Wolstenholme,et al.  System Enquiry: A System Dynamics Approach , 1990 .

[30]  James G. March,et al.  Learning from samples of one or fewer* , 1991 .

[31]  J. Tankard The Challenger Launch Decision: Risky Technology, Culture, and Deviance at NASA , 1996 .

[32]  James M. Lyneis,et al.  System dynamics for market forecasting and structural analysis , 2000 .

[33]  N. Repenning,et al.  Unanticipated side effects of successful quality programs: exploring a paradox of organizational improvement , 1997 .

[34]  Nancy G. Leveson,et al.  Incorporating Safety Risk in Early System Architecture Trade Studies , 2009 .

[35]  Jay Wright Forrester,et al.  Urban Dynamics , 1969 .

[36]  C. Levenstein Bhopal: Anatomy of a Crisis , 1988 .

[37]  M E Paté-Cornell,et al.  Organizational aspects of engineering system safety: the case of offshore platforms. , 1990, Science.

[38]  Karlene H. Roberts,et al.  The Self-Designing High- Reliability Organization , 1998 .

[39]  A. Strauss,et al.  Grounded theory methodology: An overview. , 1994 .

[40]  David N Ford The dynamics of project management : an investigation of the impacts of projects process and coordination on performance , 1995 .

[41]  T. Laporte,et al.  Working in Practice But Not in Theory: Theoretical Challenges of “High-Reliability Organizations” , 1991 .

[42]  W. G. Johnson,et al.  MORT: The Management Oversight and Risk Tree , 1975 .

[43]  John W. Creswell,et al.  Research Design: Qualitative and Quantitative Approaches , 1997 .

[44]  I. Svedung,et al.  Proactive Risk Management in a Dynamic Society , 2000 .

[45]  John D. W. Morecroft,et al.  System dynamics and microworlds for policymakers , 1988 .

[46]  Lotfi A. Zadeh,et al.  General System Theory , 1962 .

[47]  Erik Hollnagel,et al.  Understanding accidents-from root causes to performance variability , 2002, Proceedings of the IEEE 7th Conference on Human Factors and Power Plants.

[48]  James T. Reason,et al.  A systems approach to organizational error , 1995 .

[49]  Pierre R. Belanger Control Engineering: A Modern Approach , 1994 .

[50]  M. Borowitzka Limits to Growth , 1998 .

[51]  Jay W. Forrester,et al.  Policies, decisions and information sources for modeling☆ , 1992 .

[52]  Sally Sieloff Magnan,et al.  Research Design: Qualitative and Quantitative Approaches , 1997 .

[53]  Nancy G. Leveson,et al.  Safety and Risk -Driven Design in Complex Systems -of - Systems , 2005 .

[54]  V. A. Harris,et al.  The Attribution of Attitudes , 1967 .

[55]  J. E. Groves,et al.  Made in America: Science, Technology and American Modernist Poets , 1989 .

[56]  Viktor Mikhaĭlovich Glushkov,et al.  An Introduction to Cybernetics , 1957, The Mathematical Gazette.

[57]  P. Slovic Trust, Emotion, Sex, Politics, and Science: Surveying the Risk‐Assessment Battlefield , 1999, Risk analysis : an official publication of the Society for Risk Analysis.

[58]  Ajay Mehra The Development of Social Network Analysis: A Study in the Sociology of Science , 2005 .

[59]  Peter Checkland,et al.  Systems Thinking, Systems Practice , 1981 .

[60]  Jens Rasmussen,et al.  Risk management in a dynamic society: a modelling problem , 1997 .

[61]  Dan S. Nielsen The cause/consequence diagram method as a basis for quantitative accident analysis , 1971 .

[62]  J.D. Sterman,et al.  Nobody Ever Gets Credit for Fixing Problems That Never Happened: Creating and Sustaining Process Improvement , 2001, IEEE Engineering Management Review.

[63]  Jacques Leplat,et al.  Occupational accident research and systems approach , 1984 .

[64]  Nancy G. Leveson,et al.  A new accident model for engineering safer systems , 2004 .

[65]  Nancy G. Leveson,et al.  An Approach to Design for Safety in Complex Systems , 2004 .

[66]  David N. Ford,et al.  Expert knowledge elicitation to improve formal and mental models , 1998 .

[67]  Nancy G. Leveson,et al.  A New Approach To System Safety Engineering , 2005 .

[68]  Jay W. Forrester The System Dynamics National Model: Macrobehavior from Microstructure , 1989 .

[69]  R. Ackoff Towards a System of Systems Concepts , 1971 .

[70]  Nancy G. Leveson,et al.  Role of Software in Spacecraft Accidents , 2004 .

[71]  George E Apostolakis,et al.  How Useful Is Quantitative Risk Assessment? , 2004, Risk analysis : an official publication of the Society for Risk Analysis.

[72]  Diane Vaughan,et al.  The Challenger Launch Decision: Risky Technology, Culture, and Deviance at NASA , 1996 .

[73]  James M. Lyneis,et al.  Strategic management of complex projects: a case study using system dynamics , 2001 .

[74]  J. Sterman Misperceptions of feedback in dynamic decision making , 1989 .

[75]  Ward Edwards,et al.  How to Use Multiattribute Utility Measurement for Social Decisionmaking , 1977, IEEE Transactions on Systems, Man, and Cybernetics.

[76]  J Swanson,et al.  Business Dynamics—Systems Thinking and Modeling for a Complex World , 2002, J. Oper. Res. Soc..

[77]  Howard E. McCurdy,et al.  Faster, Better, Cheaper: Low-Cost Innovation in the U.S. Space Program , 2001 .

[78]  Nelson P. Repenning,et al.  Capability Traps and Self-Confirming Attribution Errors in the Dynamics of Process Improvement , 2002 .

[79]  Joel Cutcher-Gershenfeld,et al.  Addressing NASA ’ s Organizational and Safety Culture : Insights from Systems Safety and Engineering Systems , 2004 .

[80]  Scott D. Sagan,et al.  The Problem of Redundancy Problem: Why More Nuclear Security Forces May Produce Less Nuclear Security † , 2004, Risk analysis : an official publication of the Society for Risk Analysis.

[81]  D. Meadows,et al.  Beyond the limits: confronting global collapse envisioning a sustainable future. , 1992 .

[82]  Nancy G. Leveson Intent Specifications: An Approach to Building Human-Centered Specifications , 2000, IEEE Trans. Software Eng..

[83]  J. Lyneis,et al.  The dynamics of project performance: benchmarking the drivers of cost and schedule overrun , 1999 .

[84]  Markus Salge,et al.  Who is to blame, the operator or the designer? Two stages of human failure in the Chernobyl accident , 2006 .

[85]  R. F.,et al.  Statistical Method from the Viewpoint of Quality Control , 1940, Nature.

[86]  Gene I. Rochlin Iran Air Flight 655 and the USS Vincennes , 1990 .

[87]  Christopher L. Magee,et al.  Complex System Classification , 2004 .

[88]  C. Waddington Limits of Growth , 1972, Nature.

[89]  L. Ross The Intuitive Psychologist And His Shortcomings: Distortions in the Attribution Process1 , 1977 .

[90]  Paul R. Schulman,et al.  The Negotiated Order of Organizational Reliability , 1993 .

[91]  E. F. Wolstenholme,et al.  Towards the definition and use of a core set of archetypal structures in system dynamics , 2003 .

[92]  U. Jensen Probabilistic Risk Analysis: Foundations and Methods , 2002 .

[93]  C. Perrow The organizational context of human factors engineering. , 1983, Administrative science quarterly.

[94]  Jay W. Forrester,et al.  “The” model versus a modeling “process” , 1985 .

[95]  Todd R. La Porte,et al.  Social responses to large technical systems : control or anticipation , 1991 .

[96]  B. Fischhoff,et al.  Hindsight ≠ foresight: the effect of outcome knowledge on judgment under uncertainty* , 2003 .

[97]  Roger M. Boisjoly Ethical Decisions -- Morton Thiokol and the Space Shuttle Challenger Disaster. , 1987 .

[98]  K. Weick,et al.  Collective mind in organizations: Heedful interrelating on flight decks. , 1993 .

[99]  N. Repenning Understanding fire fighting in new product development , 2001 .

[100]  Nancy G. Leveson,et al.  A Systems Theoretic Approach to Safety Engineering , 2003 .

[101]  K. Roberts Managing High Reliability Organizations , 1990 .

[102]  Steven B. Andrews,et al.  Structural Holes: The Social Structure of Competition , 1995, The SAGE Encyclopedia of Research Design.

[103]  W. P. Rogers,et al.  Report of the Presidential Commission on the Space Shuttle Challenger Accident, Volume 1 , 1986 .

[104]  Ravi Rajani Generic Structures ∗ , 2002 .

[105]  Jeffrey S. Lavell,et al.  Report on the Loss of the Mars Polar Lander and Deep Space 2 Missions , 2000 .

[106]  James S. Dyer,et al.  Systems Concepts: Lectures on Contemporary Approaches to Systems , 1974 .

[107]  David N. Ford,et al.  Dynamic modeling of product development processes , 1998 .

[108]  N. Leveson What System Safety Engineering Can Learn from the Columbia Accident , 2004 .

[109]  Richard I. Cook,et al.  Nine Steps to Move Forward from Error , 2002, Cognition, Technology & Work.

[110]  I. Svedung,et al.  Graphic representation of accident scenarios: mapping system structure and the causation of accidents , 2002 .

[111]  John N. Warfield,et al.  World dynamics , 1973 .

[112]  D. Sterman,et al.  Misperceptions of Feedback in a Dynamic Decision Making Experiment , 1989 .

[113]  Karen Marais,et al.  A new approach to risk analysis with a focus on organizational risk factors , 2005 .

[114]  Kenneth F. Alvin,et al.  A New Methodology for the Estimation of Total Uncertainty in Computational Simulation , 1999 .

[115]  Nancy G. Leveson,et al.  Evaluating Accident Models Using Recent Aerospace Accidents, Part 1: Event-Based Models , 2001 .

[116]  Frances J. Milliken,et al.  Challenger: Fine-Tuning the Odds Until Something Breaks , 1988 .

[117]  M. Elisabeth Paté-Cornell,et al.  Human and management factors in probabilistic risk analysis: the SAM approach and observations from recent applications , 1996 .

[118]  Nadine B. Sarter,et al.  How in the World Did We Ever Get into That Mode? Mode Error and Awareness in Supervisory Control , 1995, Hum. Factors.

[119]  E. Schein Process Consultation : Its Role in Organization Development , 1969 .

[120]  Nicolas Dulac,et al.  Incorporating Safety in Early System Architecture Trade Studies , 2005 .