Cover -- Title Page -- Copyright -- Contents -- List of Figures -- List of Tables -- Foreword -- Introduction -- PART 1: General Approaches for Crisis Management -- Chapter 1: Dealing with the Unexpected -- 1.1. Introduction -- 1.2. From mechanics to software to computer network -- 1.3. Handling complexity: looking for new models -- 1.4. Risk taking: dealing with nonlinear dynamic systems -- 1.5. Discussion -- 1.6. Conclusion -- 1.7. Bibliography -- Chapter 2: Vulnerability and Resilience Assessment of Infrastructures and Networks: Concepts and Methodologies -- 2.1. Introduction -- 2.2. Risk and vulnerability -- 2.2.1. Concept of risk -- 2.2.2. Concept of vulnerability -- 2.3. Vulnerability analysis and assessment -- 2.4. Resilience and main associated concepts -- 2.4.1. Resilience: a multifaceted concept -- 2.4.2. Main resilience components -- 2.5. Paradigms as consequence of risk analysis extension -- 2.5.1. Risk analysis extension and systemic approaches -- 2.5.2. Paradigms emerging from risk analysis extension -- 2.6. Resilience analysis and assessment -- 2.7. Conclusion: new challenges -- 2.8. Bibliography -- Chapter 3: The Golden Hour Challenge: Applying Systems Engineering to Life-Critical System of Systems -- 3.1. Introduction -- 3.2. The Golden hour: toward a resilient life-critical system of systems -- 3.2.1. Accident technical reports: getting experience feedback -- 3.2.2. Resilience: reducing the damage -- 3.2.3. The Golden hour: managing serious accidents as soon as possible -- 3.2.4. The challenge -- 3.3. Systems of systems engineering -- 3.3.1. The systems of systems engineering principles -- 3.3.2. Applying systems of systems engineering to life-critical systems -- 3.4. Next steps forward -- 3.5. Bibliography -- Chapter 4: Situated Risk Visualization in Crisis Management -- 4.1. Introduction.

4.2. Crisis management, emergency management and business continuity -- 4.2.1. Crisis management -- 4.2.2. Emergency management -- 4.2.3. Business continuity and disaster recovery -- 4.3. Risk management in critical operations -- 4.3.1. Human systems integration risk perspective -- 4.3.2. Effectiveness of risk definitions in critical operations -- 4.4. Situated risk visualization in critical operations -- 4.4.1. Rationale and requirements -- 4.4.2. Integrated structure and ontology -- 4.4.3. Interactive 3D visual scene -- 4.4.4. Evaluation results -- 4.5. Conclusions and perspectives -- 4.6. Bibliography -- Chapter 5: Safety Critical Elements of the Railway System: Most Advanced Technologies and Process to Demonstrate and Maintain Highest Safety Performance -- 5.1. Railways demonstrate the highest safety performance for public transportation -- 5.2. Key success factors -- 5.3. The European very high-speed rail technology: a safety concept with more than 30 years of experience and continuous innovation in the technology -- 5.3.1. Guidance and dynamic behavior -- 5.3.2. Environment with avoidance of external events -- 5.3.3. Velocity with capacity to guarantee the emergency braking -- 5.3.4. Lifetime spanning several decades: operation and maintenance -- 5.4. Project management and system integration -- 5.4.1. Robust industry standards in project management -- 5.4.2. System integration -- 5.5. Procedure for risk management -- 5.5.1. The regulatory framework -- 5.5.2. The EC common safety method -- 5.5.3. High technical and safety standards -- 5.5.4. Independent safety assessment -- 5.5.5. Significant change -- 5.5.6. Safety management system -- 5.5.7. Safety authorization and safety management system -- 5.6. Conclusion -- Chapter 6: Functional Modeling of Complex Systems -- 6.1. Introduction -- 6.1.1. Dimensions of system complexity.

6.2. The modeling paradigm of MFM -- 6.2.1. The concept of function -- 6.2.1.1. Functions are social facts -- 6.2.1.2. Functions are relative to goals -- 6.2.1.3. Functions and roles -- 6.2.1.4. Functions, dispositions and structure -- 6.2.2. The means-end relation -- 6.2.3. Means-end structure -- 6.3. Uses of functional modeling -- 6.3.1. Operator support systems -- 6.3.2. Control systems design -- 6.4. Multilevel flow modeling -- 6.4.1. MFM concepts -- 6.4.2. A modeling example -- 6.4.2.1. MFM of heat transfer loop without control -- 6.4.2.2. MFM of the heat transfer loop with control systems -- 6.4.3. Modeling safety functions -- 6.5. Conclusions -- 6.6. Bibliography -- PART 2: Risk Management and Human Factors -- Chapter 7: Designing Driver Assistance Systems in a Risk-based Process -- 7.1. Risk-based design in perspective -- 7.1.1. Risk-based design principles -- 7.1.2. Short historical review of RBD process -- 7.2. Human factors in risk-based design -- 7.2.1. Human reliability assessment -- 7.2.2. Models of human behavior -- 7.2.2.1. Human behavior modeling in the control loop -- 7.2.2.2. The motivational aspects of human modeling -- 7.2.3. Models of error and taxonomies -- 7.2.4. Dynamic nature of needs -- 7.3. A quasi-static methodology -- 7.3.1. The methodology -- 7.3.2. The expanded human performance event-tree -- 7.3.3. Evaluation of consequences and risk assessment -- 7.3.3.1. Evaluating severities and consequences of sequences -- 7.3.3.2. Assessment of the risk -- 7.4. Implementation on board vehicles for driver assistance -- 7.5. A case study -- 7.5.1. Scenario definition -- 7.5.2. Initiating event -- 7.5.3. Development of the expanded event tree -- 7.5.3.1. Event characterization -- 7.5.3.1.1. Driver event families -- 7.5.3.1.2. ADAS event families -- 7.5.3.2. Preliminary screening of event families -- 7.5.3.2.1. Driver event families.

7.5.3.2.2. ADAS event families -- 7.5.3.3. Qualitative EET -- 7.5.4. Probability assessment -- 7.5.5. Consequence evaluation -- 7.5.6. Risk evaluation -- 7.6. Conclusions -- 7.7. Bibliography -- Chapter 8: Dissonance Engineering for Risk Analysis: A Theoretical Framework -- 8.1. Introduction -- 8.2. The concept of dissonance -- 8.2.1. Dissonance engineering and risk analysis -- 8.2.2. Dissonance reduction and knowledge reinforcement -- 8.3. A theoretical framework for risk analysis -- 8.3.1. The DIMAGE model -- 8.3.2. The human-machine learning process -- 8.3.3. The behavior analysis for dissonance identification -- 8.3.4. The knowledge-based analysis for dissonance evaluation -- 8.3.5. The knowledge-based analysis for dissonance reduction -- 8.4. Examples of application of the theoretical framework -- 8.4.1. An application of the automated dissonance identification -- 8.4.2. An application of the automated dissonance evaluation -- 8.4.3. An application of the automated dissonance reduction -- 8.5. Conclusion -- 8.6. Bibliography -- Chapter 9: The Fading Line between Self and System -- 9.1. Introduction -- 9.2. Four events -- 9.2.1. Turkish Airlines 1951 -- 9.2.2. Night charter with a Piper Seneca -- 9.2.3. Air France Flight 447 -- 9.2.4. US Airways Flight 1549 -- 9.3. Development, drama -- 9.4. Views on human error -- 9.5. Peirce's triadic semiotic system -- 9.6. Abduction, or how do humans form conclusions -- 9.7. Heidegger and Descartes -- 9.8. Designing the signs -- 9.9. Consequences -- 9.10. Conclusions -- 9.11. Bibliography -- Chapter 10: Risk Management: A Model for Procedure Use Analysis -- 10.1. Introduction -- 10.2. Procedures in nuclear power -- 10.3. Description of the model -- 10.3.1. Description -- 10.3.1.1. Level 1: Availability -- 10.3.1.2. Level 2: Situational awareness -- 10.3.1.3. Level 3: Decision authority.

10.3.1.4. Level 4: Performance -- 10.3.1.5. Level 5: Outcome -- 10.3.2. Assumptions -- 10.3.3. Peer review of the model -- 10.4. Application of the model -- 10.4.1. Generic applications -- 10.4.2. Specific applications -- 10.4.3. Real-world application of the model -- 10.5. Significance -- 10.6. Conclusions -- 10.7. Acknowledgements -- 10.8. Bibliography -- Chapter 11: Driver-assistance Systems for Road Safety Improvement -- 11.1. Introduction -- 11.2. Driver's vigilance diagnostic -- 11.2.1. Diagnostic of driver hypovigilance -- 11.2.2. Diagnostic of driver impairment -- 11.3. Driver distraction diagnostic -- 11.4. Human-machine interaction concept -- 11.5. Conclusions -- 11.6. Bibliography -- PART 3: Managing Risk via Human-Machine Cooperation -- Chapter 12: Human-Machine Cooperation Principles to Support Life-Critical Systems Management -- 12.1. Context -- 12.2. Human-machine cooperation model -- 12.2.1. The "know-how" or the abilities to control the process -- 12.2.2. Know-how-to-cooperate or the agent's ability to cooperate -- 12.3. Common work space -- 12.4. Multilevel cooperation -- 12.5. Towards a generic modeling of human-machine cooperation -- 12.5.1. Cooperation to decide combination of tasks -- 12.5.2. Cooperation to decide authority -- 12.6. Conclusion and perspectives -- 12.7. Bibliography -- Chapter 13: Cooperative Organization for Enhancing Situation Awareness -- 13.1. Introduction -- 13.2. Procedure-based behavior versus innovative behavior -- 13.3. Situation awareness: between usefulness and controversy -- 13.3.1. Situation awareness: several controversial definitions -- 13.3.2. Several SA definitions suffer from a lack of assessment methods -- 13.3.3. Collective situation awareness: an incomplete framework -- 13.4. Collective SA: how to take the agent's organization into account?.

13.4.1. Examples of task distribution and SA distribution among the agents.