Prior to the 1940s, safety was generally achieved by attempting to control obvious hazards in the initial design and then correcting other problems as they appeared after a product was in use or at least in a testing phase. In other words, designers relied, at least in part, on a trial‐and‐error methodology. In the aviation field, this process became known as the fly‐fix‐fly approach. An aircraft would be designed using the best knowledge available, flown until problems were detected (or it crashed), and then the problems would be corrected and the aircraft would be flown again. This method obviously worked best with low, slow aircraft.

This approach was not acceptable for certain programs—such as nuclear weapons and space travel—soon became apparent, at least to some. The consequences of accidents were too great. Trial‐and‐error and fly‐fix‐fly approaches were not adequate for systems that had to be first‐time safe.

Thus, system safety was born or, more accurately, evolved. The history of system safety consists of

• Traditional trial‐and‐error or fly‐fix‐fly approach not adequate for aerospace and nuclear programs
• 1960s—MIL‐STD‐882 (DoD, NASA)
• 1970s—MORT (Department of Energy)
• 1980s—Other agencies
• 1990s—Risk‐based process safety
• 2000s—Quest for intrinsic safety
• 2010s—Risk management integration
• 2020s—Improvements and international approach to risk maturing

The roots of the system safety effort extend back at least to the 1940s and 1950s. ...