Department of Computer Science
- » Computer Science
- » Postgraduate Study
- » Taught Postgraduate Courses
- » MSc in Safety Critical Systems Engineering
MSc in Safety Critical Systems Engineering
Overview & Contacts
For general information:
Mr Alex King
Tel: +44 (0)1904 325402
Postgraduate Programmes Administrator
Fax: +44 (0)1904 325599
E-mail: postgraduate@cs.york.ac.ukFor informal discussion:
Dr Mark Nicholson
Tel: +44 (0)1904 325568
Course Organiser
Fax: +44 (0)1904 325599
E-mail: mark.nicholson@cs.york.ac.ukRelated Links
Full Time and Part Time - This course is available on both - full time and part time basis. The part time course is typically taken over three years.
Full Time students take 9 Assessed Modules
- 6 of which are Core (C) - 3 Optional (O) - Plus a six
person-month individual project carried out either at York or on site
in industry.
Part Time students take the same format of modules as above, plus a two person-month literature survey on a SCSE topic and a four person-month project. See the Project tab for more details.
This modular MSc course is designed to prepare students for work in the demanding field of Safety Systems Engineering (SSE) by exposing them to the latest science and technology within this field.
Why take this course?
"As a practitioner of system/functional safety in the automotive industry I cannot recommend this MSc highly enough. The course structure and the core modules cover the fundamentals of system safety in such depth and breadth as to be applicable to any safety standard, for example the ISO 26262. To the core modules I chose the optional modules of Sensors and Effects, Human factors and Computers and Software and believe this to be a very good combination for anybody working in the automotive industry. Unlike previous degree courses I refer to my York notes a great deal since they are extremely relevant to my day to day safety activities.”
[Student from Automotive industry, 2010]
“As a clinician working for the Department of Health Informatics Directorate I have found this course to be absolutely essential. I would recommend that anyone working in healthcare with an interest in patient safety should take the Foundations of System Safety Engineering module at the very least. For those who have a more focused safety role, particularly in healthcare technology, The University offers a number of modules to choose from, working up to the award of a Postgraduate Certificate, Diploma or MSc Safety Critical Systems Engineering.”
[Student from NHS 2010]
The
discipline of SSE has developed over the last half of the twentieth
century. It can be viewed as a process of systematically analysing
systems to evaluate risks, with the aim of influencing design in order
to reduce risks, i.e. to produce safer products. In mature industries,
such as aerospace and nuclear power, the discipline has been remarkably
successful, although there have been notable exceptions to the
generally good safety record, e.g. Fukushima, Buncefield and the Heathrow 777 accident.
Various trends pose challenges for traditional approaches to SSE.
For example, classical hazard and safety analysis techniques deal
poorly with computers and software where the dominant failure causes
are errors and oversights in requirements or design. Thus these
techniques need extending and revising in order to deal effectively
with modern systems. Also, in our experience, investigation of issues
to do with safety of computer systems have given some useful insights
into traditional system safety engineering, e.g. into the meaning of
important concepts such as the term hazard. The course therefore has a number of optional modules looking at software safety.
The courses may be used as part of a Continuing Professional Development programme for The Institution of Engineering & Technology (IET) or British Computer Society (BCS) members.
Any of the modules listed for this course can also be taken as an individual Continuing Professional Development course. You apply as a short courses attendee.
Learning Outcomes
The course aims to provide participants with a thorough grounding and practical experience in the use of state-of-the-art techniques for development and operation of safety critical systems, together with an understanding of the principles behind these techniques so that they can make sound engineering judgements during the design, deployment and operation of such a system. Graduates completing the course will be equipped to play leading and professional roles in safety-critical systems engineering related aspects of industry and commerce. New areas of teaching will be developed in response to new advances in the field as well as the requirements of the organisations that employ our graduates.
The course aims to equip students with knowledge, understanding and practical application of the essential components of Safety Critical Systems Engineering, to complement previously gained knowledge and skills. A York Safety Critical Systems Engineering graduate will have a solid grounding of knowledge and understanding of the essential areas, as represented by the core modules. The optional modules give students the opportunity to gain knowledge in other areas which are of interest to them and which are taught by recognized experts in those areas.
Transferable Skills
Information-retrieval skills are an integrated part of many modules; students are expected to independently acquire information from on-line and traditional sources. These skills are required within nearly all modules, are an essential part of project work.
Numeracy is required and developed in some modules. Time management is an essential skill for any student on the course. The formal timetable has a substantial load of lectures and labs. Students must fit their private study in around these fixed points. In addition, Open Assessments are set with rigid deadlines which gives students experience of balancing their time between the different commitments.
All students in the University are eligible to take part in the York Award in which they can gain certified transferable skills. This includes the Languages for All programme which allows students to improve their language skills.
Modules
The MSc Safety Critical Systems Engineering is a full time or part time course comprising:
Full Time
- Nine assessed modules, six of which are core. The remaining three are chosen from the available optional modules.
- A six person-month individual project carried out either at York or on site in industry.
Modules on the full time scheme are taken over two terms, in the autumn and spring. The project is completed in the summer terms and over the summer vacation.
Part Time
- Nine assessed modules, six of which are core. The remaining three are chosen from the available optional modules.
- A two person-month literature survey and a four person-month individual project.
The modules are taken over two years, in the autumn and spring terms
of the first two years. The literature survey is completed in the Summer and vacation term of the second year. The individual project is taken in the third year.
Modules for both part time and full time students are taught full time in York for one week. Its associated assessed exercise, which may be completed on or off site, takes approximately 65 hours in addition. All assessed exercises are open, comprising a report, case study, or documented piece of software. There are no closed examinations. The project is examined by dissertation; the amount of time required to complete it is approximately six person-months.
Each student (part time and full time) is allocated a personal supervisor from within the Department who meets the student regularly to discuss progress during both the teaching and project phases. In addition, industrial supervisors will be responsible for the day to day supervision of projects that are undertaken in industry.
Timescales, module and project descriptions for 2012/2013:
Timescales, module and project descriptions for 2011/2012:
 Module Title |
Start Date |
Assessment |
Core/ Optional |
||
|---|---|---|---|---|---|
| Hand-out | Hand-in | Feedback | |||
| Foundations of System Safety Engineering (FSSE) | 03/10/11 | 06/10/11 |
09/11/11 |
07/12/11 |
C |
| Systems Engineering 1 (GSE1) | 10/10/11 | 13/10/11 | 16/11/11 | 21/12/11 | O |
| Software Requirements and Architectures (SWRE) | 31/10/11 | 03/11/11 | 21/12/12 | 15/02/12 | O |
| Hazard and Risk Assessment (HRAS) | 07/11/11 |
10/11/11 | 11/01/12 | 22/02/12 | C |
| Electronic Systems Design (ESDE) | 28/11/11 | 01/12/11 | 25/01/12 | 07/03/12 | O |
| System Safety Assessment (SSAS) | 05/12/11 | 08/12/11 |
01/02/12 |
14/03/12 |
C |
| Human Factors for Safety Critical Systems (HUFS) | 09/01/12 | 12/01/12 |
29/02/12 |
11/04/12 |
O |
| Safety Case Development & Review (SCDR) | 30/01/12 | 02/02/12 | 21/03/12 | 02/05/12 | C |
| Software Testing Analysis and Review (STAR) | 13/02/12 | 16/02/12 | 04/04/12 | 16/05/12 | O |
| Safety Management Systems (SMSY) | 20/02/12 | 23/02/12 | 11/04/12 | 23/05/12 | C |
| Through Life Safety (TLSA) | 12/03/12 | 15/03/12 | 09/05/12 | 20/06/12 | C |
| Computers & Safety (CASA) | 26/03/12 | 29/03/12 | 23/05/12 (PT) 04/05/12 (FT) |
04/07/12 | O |
| Sensors & Effectors (SAEF) | 25/06/12 | 28/06/12 | 22/08/12 | 03/10/12 | O |
| Full Time (90): Independent Study Project (PRCM)
Part Time (60): MSc SCSE Final Project (PRCP)
|
01/04/2012 - 12/09/12 | Project Submission: 12/09/12 | - | C | |
| Presentation: 19/09/12 - 20/09/12 | |||||
- All modules occupy 5 days, starting on Monday
- Modules may be cancelled if there are insufficient numbers.
- Any cancellations may incur a charge.
- Core (C) and Optional (O) modules are assessed.
- A choice of three Optional modules are to be taken for the MSc.
- One option to be taken on the Certificate course.
- SCSE = Safety Critical Systems Engineering; SSE = System Safety Engineering.
Please Note: This is a provisional timetable and may be subject to change.
Project
The MSc SCSE project for part-time students has two elements:
1. Literature survey (30 credits) on a subject (PCRM) to determine the state of the art in that area. This survey is handed in September of year 2. It must be passed to progress to:
2. A Masters project (60 credits) (PCRC) where a gap in the state of the art identified in the first part is addressed, a proposal made and evidence provided for the proposal. This project is completed in September of a student's third year.
The MSc SCSE project for full-time students has a single element (PR9)
For full-time and part-time students the Project(s) enable(s) students to:
- Demonstrate knowledge of an area by means of a literature review covering all significant developments in the area and placing them in perspective;
- Exhibit critical awareness and appreciation of best practice and relevant standards;
- Investigate particular techniques and methods for the construction of safe systems, possibly involving the construction of a prototype;
- Evaluate the outcome of their work, drawing conclusions and suggesting possible further work in the area.
The project(s) address(es) a major technical problem concerned with real issues. It should, if possible, include the development and application of a practical method, technique or system. It is a natural progression from the taught modules, and builds on material covered in them. Ideally it addresses the problem from a system perspective, including hardware, software and human factors. It will typically have an industrial flavour. Part-timers are encouraged, with the help of their managers and academic staff, to select a project which is relevant to their own work.
The project begins at the start of the Summer term after completion of the taught modules, and lasts 18 months part-time / 6 months full-time. For part-time students there are three weeks attendance at York during the project, for progress assessment and access to library facilities: in July near the start of the project; and in the following January and July. Full details are provided during the course.
Past projects have covered a wide range of issues in safety critical systems engineering. A list of titles can be obtained by form the past projects page of Safety Critical Systems Engineering MSc course.
How to Apply
To apply for this MSc please complete and submit your application electronically using the University's online application system.
Prerequisites
Typically applicants for MSc Safety Critical Systems Engineering
will have achieved at a first degree in a numerate, technical discipline.
Industrial experience is also useful. This course is
specifically directed at those with several years of industrial
experience. Applicants who do not have a first degree but who have relevant expertise will be considered on a case by case basis.
We welcomes students of all backgrounds and circumstances. You can request a hard copy of the Postgraduate prospectus upon request by filling out the informal enquiry form.
Applicants are required to nominate two referees, of which at least one should be from the applicant's current employer or place of study. Applicants are normally interviewed before acceptance either in person if UK based or by telephone for international students.
International Students
The University welcomes international students. Read more information specifically for prospective international students.
Non-English speaking candidates are required to have certain English language qualifications prior to admission.
Meeting IET Principles
IET Position Statement on Safety-Critical Systems – A response
The IET position statement issued in October 2009 sets forward 10 principles and two recommendations for Safety-Critical Software-based systems in safety-related applications. Here we show how the MSc Safety-Critical Systems Engineering course can be used to address this position statement.
Principle 1: The fundamental starting point for the development of any SCS is the creation of a rigorous and and consistent statement of user requirements.
Addressed by:
Core modules: Foundations of System Safety, Hazard and Risk Assessment and Safety Critical Project Management
Optional Modules: System Engineering 1, Software requirements and software testing
Principle 2: Every SCS must have a comprehensive hazard analysis carried out
Addressed by:
Core modules: Hazard and Risk Assessment, Hazard and Risk Management, System Safety Assessment
Optional Modules: Computers and Safety, Through-Life Safety
Principle 3: The architecture of the SCS should avoid major hazards wherever possible.
Addressed by:
Core modules: Hazard and Risk Assessment, System Safety Assessment, Hazard and Risk Management
Optional Modules: Computers and Safety, Systems Engineering 1, Software Requirements, Sensors and Effectors, Electronic System Design
Principle 4: Where overall safety depends on correct actions taken by human operators, the human-computer interface and the training of operators should be considered.
Addressed by:
Core modules: Foundations of System Safety
Optional Modules: Human Factors for Safety
Principle 5: Every SCS must have a documented safety analysis
Addressed by:
Core modules: System Safety Assessment
Optional Modules: Computers and Safety, Software Testing
Principle 6: Showing that a particular set of development processes have been followed is never sufficient to demonstrate that the resulting system meets its safety target
Addressed by:
Core modules: Foundations of System Safety, Hazard and Risk Assessment, Hazard and Risk Management,
Optional Modules: Computers and Safety, Software Implementation, Software Testing
Principle 7: Developer's competencies should be appropriate to their project roles and kept current.
Addressed by:
Core modules: Foundations of System Safety, Safety Critical Project Management,
Optional Modules: Ethics of SCS work dealt with throughout the course
Principle 8: Software systems are mathematically formal objects and it is possible to reason about their behaviour and to prove that they have certain properties
Addressed by:
Optional Modules: Software Requirements, Software implementation, software testing
Principle 9: It is generally impractical to rely on test based evidence in advance of putting a system into widespread service
Addressed by:
Core modules: Foundations of System Safety, Hazard Risk Management
Optional Modules: Software Requirements, Software implementation, software testing, Computers and Safety
Principle 10: There should be regular reviews of systems in service to assess whether the threat profile has changed and whether risks are still as low as reasonably practicable
Addressed by:
Core modules: Through life safety, hazard and risk management, safety critical project management
The IET Recommends:
- Use of tools and approaches that industry best practice
Addressed by: all modules - Research and development effort and financing directed towards extending the scale and range of system properties that can be proven through analysis
Addressed by: Assessments and the MSc project.
Fees
Non-standard annual tuition fees for postgraduate students in 2011/12 can be found here: Non-Standard Tuition fees for 2011/12
Fees all include all relevant course materials, tuition and examinations and are payable in advance. They do not include text books or living expenses. VAT is not applicable. Find out more about fees and how to pay them.
Modules on this course can be attended individually as a short course.
Discounts may apply if you are a self financing student, to find out if you are eligible to qualify as a self-financing student please contact us at postgraduate@cs.york.ac.uk.