STPA, a new hazard analysis technique, has been developed by Leveson based on a new systems-theoretic model ofaccidents. Accidents have traditionally been viewed as sequences of events. A component failure, unintendedcomponent interaction, or unanticipated environmental condition sets in motion the sequence of events that leads tothe accident. This narrow view often overlooks causal factors. With STPA, analysts instead regard accidents as theresult of inadequate safety controls exerted by the system, operators, or social organizations building and employingthe system. Hazard analysis techniques can be made more or less effective by their written notation. Appropriatediagrammatic symbols and textual templates make it easier to track important information, making hazards and theircauses stand out from the vast amount of information generated by any realistically sized engineering effort. Wedescribe a notation for performing STPA analyses and recording results.
展开▼
