Back to list of courses

MSc in Safety Critical Systems Engineering

Funding now available: If you can demonstrate a commitment to the UK Aerospace industry, you may be eligible for up to £9,500 to cover tuition fees through the Aerospace MSc Bursary Scheme.

Overview & Contacts

For general information:

Ms Jo Maltby
Postgraduate Programmes Administrator

Tel: +44 (0)1904 325641
Fax: +44 (0)1904 325599
E-mail: postgraduate@cs.york.ac.uk

For informal discussion:

Dr Mark Nicholson
Course Organiser

Tel: +44 (0)1904 325568
Fax: +44 (0)1904 325599
E-mail: mark.nicholson@york.ac.uk

Full Time and Part Time - This course is available on both - full time and part time basis.  The part time course is typically taken over three years.

Full Time students take 9 Assessed Modules - 7 of which are Core (C) - 2 Optional (O) - Plus a six person-month individual project carried out either at York or on site in industry.

Part Time students take the same format of modules as above, plus a two person-month literature survey on a safety critical systems engineering topic and a four person-month project. See the Project tab for more details.

This modular MSc course is designed to prepare students for work in the demanding field of Safety Systems Engineering (SSE) by exposing them to the latest science and technology within this field.

Why take this course?

"The course structure and the core modules cover the fundamentals of system safety in such depth and breadth as to be applicable to any safety standard, for example the ISO 26262. I chose the modules Human Factors for Safety Critical Systems and Computers and Safety and believe this to be a very good combination for anybody working in the automotive industry. Unlike previous degree courses I refer to my York notes a great deal since they are extremely relevant to my day to day safety activities.”  
Robert, Jaguar Land Rover

“As a clinician, I have found this course to be absolutely essential. I would recommend that anyone working in healthcare with an interest in patient safety should take the Foundations of System Safety Engineering module at the very least.  For those who have a more focused safety role, particularly in healthcare technology, the University offers a number of modules to choose from, working up to the award of a Postgraduate Certificate, Diploma or MSc Safety Critical Systems Engineering.”
Beverley, Department of Health Informatics Directorate

The discipline of SSE has developed over the last half of the twentieth century. It can be viewed as a process of systematically analysing systems to evaluate risks, with the aim of influencing design in order to reduce risks, i.e. to produce safer products. In mature industries, such as aerospace and nuclear power, the discipline has been remarkably successful, although there have been notable exceptions to the generally good safety record, e.g. Fukushima, Buncefield and the Heathrow 777 accident.

Various trends pose challenges for traditional approaches to SSE. For example, classical hazard and safety analysis techniques deal poorly with computers and software where the dominant failure causes are errors and oversights in requirements or design. Thus these techniques need extending and revising in order to deal effectively with modern systems. Also, in our experience, investigation of issues to do with safety of computer systems have given some useful insights into traditional system safety engineering, e.g. into the meaning of important concepts such as the term hazard. The course therefore has a number of optional modules looking at software safety.

The courses may be used as part of a Continuing Professional Development programme for The Institution of Engineering & Technology (IET) or British Computer Society (BCS) members.

Any of the modules listed for this course can also be taken as an individual Continuing Professional Development course. You apply as a short courses attendee.

As a practitioner of system/functional safety in the automotive industry I cannot recommend the MSc in Safety Critical Systems Engineering highly enough. The course structure and the mandatory modules cover the fundamentals of system safety in such depth and breadth as to be applicable to any safety standard. Unlike previous degree courses, I refer to my York notes a great deal, since they are extremely relevant to my day to day safety activities.

Robert Palin, Jaguar Land Rover

Learning Outcomes

The course aims to provide you with a thorough grounding and practical experience in the use of state-of-the-art techniques for development and operation of safety critical systems, together with an understanding of the principles behind these techniques so that you can make sound engineering judgements during the design, deployment and operation of such a system. On completing the course, you will be equipped to play leading and professional roles in safety-critical systems engineering related aspects of industry and commerce.

New areas of teaching are developed in response to new advances in the field as well as the requirements of the organisations that employ our graduates.

We aim to equip you with the knowledge, understanding and practical application of the essential components of Safety Critical Systems Engineering, to complement previously gained knowledge and skills. As a York Safety Critical Systems Engineering graduate, you will have a solid grounding of knowledge and understanding of the essential areas, as represented by the core modules. The optional modules give you the opportunity to gain knowledge in other areas which are of interest and these are taught by recognised experts in those areas.

Transferable Skills

Information-retrieval skills are an integrated part of many modules; you are expected to independently acquire information from on-line and traditional sources. These skills are required within nearly all modules, are an essential part of project work.

Numeracy is required and developed in some modules. Time management is an essential skill for any student on the course. The formal timetable has a substantial load of lectures and practical sessions. You are expected to fit your private study in around these fixed points. In addition, Open Assessments are set with rigid deadlines, so you must balance your time between the different commitments.

All students in the University are eligible to take part in the York Award in which they can gain certified transferable skills. This includes the Languages for All programme which allows students to improve their language skills.

Professional Recognition

When you are awarded the MSc in Safety Critical Systems Engineering, you will automatically meet some of the conditions for professional engineering status in the UK, as follows:

Logo from BCS (Chartered Institute of IT) showing our accredited status

This course is recognised by the BCS, the Chartered Institute for IT, in partial fulfilment of the educational requirement for Chartered Engineer (CEng) registration.

 

IET Accredited programmes logo

This course is also recognised by Institution of Engineering and Technology (IET) for the purposes of partial fulfilment of the educational requirement for CEng registration.

Find out more about what this means.

Modules

The MSc in Safety Critical Systems Engineering is a full time or part time course comprising:

Full Time

  • Nine assessed modules, seven of which are core. The remaining two are chosen from the available optional modules.
  • A six person-month individual project carried out either at York or on site in industry.

Modules on the full time scheme are taken over two terms, in the autumn and spring.  The project is completed in the summer terms and over the summer vacation.

Part Time

  • Nine assessed modules, seven of which are core. The remaining two are chosen from the available optional modules.
  • A two person-month literature survey and a four person-month  individual project.

The modules are taken over two years, in the autumn and spring terms of the first two years.  The literature survey is completed in the Summer and vacation term of the second year.  The individual project is taken in the third year.

Modules for both part time and full time students are taught full time in York for one week.  Its associated assessed exercise, which may be completed on or off site, takes approximately 65 hours in addition. All assessed exercises are open, comprising a report, case study, or documented piece of software. There are no closed examinations. The project is examined by dissertation; the amount of time required to complete it is approximately six person-months.

Each student (part time and full time) is allocated a personal supervisor from within the Department who meets the student regularly to discuss progress during both the teaching and project phases. In addition, industrial supervisors will be responsible for the day to day supervision of projects that are undertaken in industry.

 

Module Timetable 2013/14

Module Title Start
Date
Core/
Optional
Software Testing, Analysis & Review (STAR) 07/04/14 O
Sensors & Effectors (SAEF) 12/05/14 O
Electronic Systems Design (ESDE)  09/06/14 O
Predictable Software Systems (PSSY)  09/06/14 O
Full Time (90): Independent Study Project (PRCM)

Part Time (60): MSc SCSE Final Project (PRCP)

Part Time (30): Critical Evaluation PRCE

 

Oct 13 - Sept 14

Project Submission: 09/09/14

Project Presentation: tbc



 

Module Timetable 2014/15

Module Title Start
Date 
Core/
Optional 
Foundations of System Safety Engineering (FSSE) 22/09/14 C
Systems Engineering for Safety (SEFS) 20/10/14

C

Hazard and Risk Assessment (HRAS)  10/11/14 C
Software Requirements (SWRE) 24/11/14 O
System Safety Assessment (SSAS)  01/12/14 C
Safety Management Systems (SMSY)  05/01/15 C
Safety Case Development & Review (SCDR) 19/01/15 C
Human Factors for Safety (HUFS) 09/02/15 O
Computers & Safety (CASA) 23/02/15  O
Through Life Safety (TLSA)  09/03/15  C
Introduction to Security for Embedded and Safety Critical Systems (ISES) 13/04/15 O
Full Time (90): Independent Study Project (PRCM)

Part Time (60): MSc SCSE Final Project (PRCP)

Part Time (30): Critical Evaluation PRCE

 Oct 14 - Sept 15

Project Submission: 08/09/15

Project Presentation: tbc

  • All modules occupy 5 days, starting on Monday
  • Modules may be cancelled if there are insufficient numbers.
  • Any cancellations may incur a charge.
  • Core (C) and Optional (O) modules are assessed.
  • A choice of three Optional modules are to be taken for the MSc.
  • One option to be taken on the Certificate course.
  • SCSE = Safety Critical Systems Engineering; SSE = System Safety Engineering.

Please Note: This is a provisional timetable and may be subject to change.

Project

The project for part-time students on the MSc in Safety Critical Systems Engineering has two elements:

1. Literature survey (30 credits) on a subject (PCRM) to determine the state of the art in that area. This survey is handed in September of year 2. It must be passed to progress to:

2. A Masters project (60 credits) (PCRC) where a gap in the state of the art identified in the first part is addressed, a proposal made and evidence provided for the proposal.  This project is completed in September of a student's third year.

For full-time students the project has a single element: a 90 credit Independent Study Project.

For both full-time and part-time students, the project(s) enable(s) students to:

  • Demonstrate knowledge of an area by means of a literature review covering all significant developments in the area and placing them in perspective;
  • Exhibit critical awareness and appreciation of best practice and relevant standards;
  • Investigate particular techniques and methods for the construction of safe systems, possibly involving the construction of a prototype;
  • Evaluate the outcome of their work, drawing conclusions and suggesting possible further work in the area.

The project(s) address(es) a major technical problem concerned with real issues. It should, if possible, include the development and application of a practical method, technique or system. It is a natural progression from the taught modules, and builds on material covered in them. Ideally it addresses the problem from a system perspective, including hardware, software and human factors. It will typically have an industrial flavour. If you are a part-time student, you are encouraged, with the help of your managers and academic staff, to select a project which is relevant to your own work in industry.

The project begins at the start of the Summer term after completion of the taught modules, and lasts 18 months part-time / 6 months full-time. For part-time students there are three weeks attendance at York during the project, for progress assessment and access to library facilities: in July near the start of the project; and in the following January and July. Full details are provided during the course.

Past projects have covered a wide range of issues in safety critical systems engineering. A list of titles can be obtained by form the past projects page of Safety Critical Systems Engineering MSc course.

How to Apply

You can apply through our online application system (SELECT).

Prerequisites

Typically, you will have achieved at a first degree in a numerate, technical discipline, though industrial experience is also useful. This course is specifically directed at those with several years of industrial experience. If you do not have a first degree but who have relevant expertise, this will be considered on a case by case basis.

You will be are required to nominate two referees, of which at least one should be from the your current employer or place of study. You will normally be interviewed before acceptance either in person if UK based or by telephone for international students.

International Students

The University welcomes international students. Read more information specifically for prospective international students

Non-English speaking candidates are required to have English language qualifications prior to admission.

Fees & Funding

Non-standard annual tuition fees for postgraduate students in 2013/14 can be found here:  Non-Standard Tuition fees for 2013/14

Fees all include all relevant course materials, tuition and examinations and are payable in advance. They do not include text books or living expenses. VAT is not applicable. Find out more about fees and how to pay them.

Modules on this course can be attended individually as a short course.

Discounts may apply if you are a self financing student, to find out if you are eligible to qualify as a self-financing student please contact us at postgraduate@cs.york.ac.uk.

Funding for the MSc in Safety Critical Systems Engineering - Aerospace MSc Bursary Scheme

This scheme will pay MSc tuition fees of up to £9,500 for successful applicants to our MSc in Safety Critical Systems Engineering. Bursaries will be awarded if you can demonstrate your commitment to working in the UK aerospace sector and who have been offered a place on the MSc.

Applications will be accepted before you have the offer of a place on the MSc but will be conditional on receiving, and taking up, the MSc offer from a university.

The purpose of the scheme is to generate a skilled workforce in the aerospace industry, and is backed by the following organisations:

  •     Department for Business, Innovation and Skills
  •     Department for Employment and Learning, Northern Ireland
  •     Aerospace Growth Partnership
  •     BAE Systems
  •     Bombardier Aerospace Belfast
  •     EADS/Airbus
  •     Finmeccanica UK
  •     GKN
  •     MBDA Missile Systems
  •     Messier-Bugatti-Dowty (a Safran group company)
  •     Rolls Royce
  •     Spirit Aerosystems (Europe)

You are advised to apply as soon as possible - once each academic year's quota is achieved, the scheme will be closed.

You can apply for the bursary whether you are planning to study the MSc full-time or part-time. However, if you are a part-time student, please note there are some eligibility requirements that must be met if you already work within the UK aerospace industry:

  1. If you work for one of the nine partner companies named above, there are no restrictions to you applying to the bursary.
  2. If you work for an SME in the supply chain serving the UK aerospace industry, the scheme will provide 75 per cent of your tuition fees each year. Your employer will be ask to make up the remaining 25 per cent.
  3. If you work for any other organisation that does not fall into 1. or 2. above, you will not be eligible for a bursary.

In both cases 1. and 2. above, you will need a letter of support from your employer to submit with your application.

If you currently work outside the sector, you can apply as an independent candidate without employer support, and you will be eligible (if you are successful) for 100 per cent of the bursary.

Find out more about the scheme and how to apply.

Meeting the IET Principles

IET Position Statement on Safety-Critical Systems – A response

The IET position statement issued in October 2009 sets forward 10 principles and two recommendations for Safety-Critical Software-based systems in safety-related applications. Here we show how the MSc Safety-Critical Systems Engineering course can be used to address this position statement.

Principle 1: The fundamental starting point for the development of any SCS is the creation of a rigorous and and consistent statement of user requirements. 
Addressed by: 
Core modules: Foundations of System Safety, Hazard and Risk Assessment and Safety Management Systems.
Optional Modules: System Engineering for Safety, Software Requirements and Architectures, Software Testing Analysis and Review.

Principle 2: Every SCS must have a comprehensive hazard analysis carried out
Addressed by: 
Core modules: Hazard and Risk Assessment, System Safety Assessment
Optional Modules: Computers and Safety, Through-Life Safety

Principle 3: The architecture of the SCS should avoid major hazards wherever possible.
Addressed by: 
Core modules: Hazard and Risk Assessment, System Safety Assessment.
Optional Modules: Computers and Safety, System Engineering for Safety, Software Requirements and Architectures, Sensors and Effectors,

Principle 4: Where overall safety depends on correct actions taken by human operators, the human-computer interface and the training of operators should be considered.
Addressed by: 
Core modules: Foundations of System Safety
Optional Modules: Human Factors for Safety

Principle 5: Every SCS must have a documented safety analysis
Addressed by: 
Core modules: System Safety Assessment
Optional Modules: Computers and Safety, Software Testing Analysis and Review.

Principle 6: Showing that a particular set of development processes have been followed is never sufficient to demonstrate that the resulting system meets its safety target 
Addressed by: 
Core modules: Foundations of System Safety, Hazard and Risk Assessment, System Safety Assessment 
Optional Modules: Computers and Safety, Software Testing Analysis and Review.

Principle 7: Developer's competencies should be appropriate to their project roles and kept current. 
Addressed by: 
Core modules: Foundations of System Safety, Safety Management Systems,  
Optional Modules: Ethics of SCS work dealt with throughout the course

Principle 8: Software systems are mathematically formal objects and it is possible to reason about their behaviour and to prove that they have certain properties
Addressed by: 
Optional Modules: Software Requirements and Architectures, Software Testing Analysis and Review

Principle 9: It is generally impractical to rely on test based evidence in advance of putting a system into widespread service
Addressed by: 
Core modules: Foundations of System Safety, Hazard Risk Assessment
Optional Modules: Software Requirements and Architectures, Software Testing Analysis and Review, Computers and Safety

Principle 10: There should be regular reviews of systems in service to assess whether the threat profile has changed and whether risks are still as low as reasonably practicable
Addressed by: 
Core modules: Through Life Safety, Hazard and Risk Assessment, Safety Management Systems

The IET Recommends:

  • Use of tools and approaches that industry best practice
    Addressed by: all modules
  • Research and development effort and financing directed towards extending the scale and range of system properties that can be proven through analysis
    Addressed by: Assessments and the MSc project.

Back to Top