As systems are becoming more complex, their safety assessment dramatically needs powerful tools. Most of the existing tools are poorly connected to the system design process and cannot be associated at early stages of development cycle. We introduce a model-based safety analysis (MBSA) methodology and its supporting tool: Safety Architect that permits better interactivity between design and safety assessment activities. A dysfunctional model is built from the system model described in SySML. It is used to specify possible failure-modes, mitigation barriers and propagation behavior at components level. From the specification of feared events (expressed in safety requirements), it can automatically produce propagation paths and highlight which components are potentially critical. Such critical paths related to feared events can be displayed on the system model for better understanding of failure sources. This cooperative safety analysis framework relies on the Papyrus modeling tool exploiting both its system modeling and advanced customization facilities.