Safeware Engineering employs a STAMP (Systems-Theoretic Accident Modeling and Processes) based hazard analysis, called STPA, to analyze system interactions involving software and develop appropriate software safety requirements.  STPA analysis views systems as interacting loops of control.  Software controls other software components and hardware by issuing outputs.  Software inputs provide feedback about the state of the controlled system.  Similarly, operators control the software automation by issuing commands and receiving feedback in the form of displays and aural alerts.  Safety analysts employing STPA map out the system control structure, examining the interactions between the software, hardware, and human operators.  The system control structure diagram and system specification information is used to identify safety-critical components and interfaces and to identify control actions (software outputs) that are potentially inadequate to maintain the safety of the system.

To review related articles on STAMP and STPA, click here.