scholarly journals A comparison of hazard analysis methods capability for safety requirements generation

2021 ◽  
pp. 1748006X2110034
Author(s):  
Nanda Anugrah Zikrullah ◽  
Hyungju Kim ◽  
Meine JP van der Meulen ◽  
Gunleiv Skofteland ◽  
Mary Ann Lundteigen
Keyword(s):  
Process Analysis ◽  
Hazard Analysis ◽  
Functional Requirements ◽  
Critical System ◽  
Safety Requirements ◽  
Safety Critical System ◽  
Analysis Methods ◽  
Resilience Management ◽  
Requirements Generation ◽  
Software Intensive

A safety-critical system comprising several interacting and software-intensive systems must be carefully analyzed to detect whether new functional requirements are needed to ensure safety. This involves an analysis of the systemic properties of the system, which addresses the effect of the interaction between systems and system parts. The paper compares two hazard analysis methods, which are often considered well-suited for such software-intensive systems: the Functional Hazard Analysis (FHA) and Systems-Theoretic Process Analysis (STPA). The focus is on the selection and improvement of the best methods, based on the lesson learned from the comparison of FHA and STPA. The analyses cover the hazard analysis processes, systemic properties, and the criteria of requirements. The paper concludes that STPA is the better choice over FHA. Insights are obtained to align both STPA and FHA methods with the broader topic on risk management, that is, hazard analysis method improvement, cautionary thinking, uncertainty management, and resilience management.

scholarly journals A Novel Hazard Analysis and Risk Assessment Approach for Road Vehicle Functional Safety through Integrating STPA with FMEA

2020 ◽  
Vol 10 (21) ◽  
pp. 7400
Author(s):  
Lei Chen ◽  
Jian Jiao ◽  
Tingdi Zhao
Keyword(s):  
Risk Assessment ◽  
Process Analysis ◽  
Hazard Analysis ◽  
International Standards ◽  
Functional Safety ◽  
Road Vehicles ◽  
Effect Analysis ◽  
Automotive Safety ◽  
Safety Requirements ◽  
Assessment Approach

ISO26262: 2018 is an international functional safety standard for electrical and/or electronic (E/E) systems within road vehicles. It provides appropriate safety requirements for road vehicles to avoid unreasonable residual risk according to automotive safety integrity levels (ASILs) derived from hazard analysis and risk assessment (HARA) required in the ISO26262 concept phase. Systems theoretic process analysis (STPA) seems to be designed specifically to deal with hazard analysis of modern complex systems, but it does not include risk evaluation required by most safety related international standards. So we integrated STPA into Failure Mode and Effect Analysis (FMEA) template to form a new method called system theoretic process analysis based on an FMEA template, STPAFT for shot, which could not only meet all the requirements of the concept phase in ISO26262, but also make full use of the advantages of the two methods. Through the focus of FMEA on low-level components, STPAFT can obtain more detailed causal factors (CFs), which is very helpful for derivation of safety goals (SGs) and the functional safety requirements (FSRs) in the concept phase of ISO26262. The application of STPAFT is described by the case study of fuel level estimation and display system (FLEDS) to show how the concept phase of ISO26262 could be supported by STPAFT.

scholarly journals How Completely and Similarly Do Safety Authorities Address Hazards Posed by New Technology? A Paradigm from Small-drone Operations

2016 ◽  
Vol 2 (2) ◽  
pp. 79 ◽  
Author(s):  
Anastasios Plioutsias ◽  
Nektarios Karanikas ◽  
Maria Mikela Chatzimichailidou
Keyword(s):  
Gap Analysis ◽  
Process Analysis ◽  
Hazard Analysis ◽  
New Technology ◽  
End User ◽  
Continuous Increase ◽  
Market Growth ◽  
The Public ◽  
Safety Requirements ◽  
Regulatory Frameworks

<p class="Default">The continuous increase of accident and incident reports has indicated the potential of drones to threaten public safety. The published regulatory framework for small drones is not visibly based on a comprehensive hazard analysis. Also, a variety in the constraints imposed by different regulatory frameworks across the globe might impede market growth and render small-drone operations even more complicated since light drones might be easily transferred and operated in various regions with diverse restrictions. In our study we applied the Systems-Theoretic Process Analysis (STPA) method to small-drone operations and we generated a first set of Safety Requirements (SR) for the authority, manufacturer, end-user and automation levels. Under the scope of this paper, we reviewed 56 drone regulations published by different authorities, and performed (1) a gap analysis against the 57 SRs derived by STPA for the authority level, and (2) Intra-Class Correlations in order to examine the extent of their harmonization. The results suggest that the regulations studied satisfy 5.3% to 66.7% of the SRs, and they are moderately similar. The harmonization is even lower when considering the range of values of various SRs addressed by the authorities. The findings from the drones’ case show that regulators might not similarly and completely address hazards introduced by new technology; such a condition might affect safety and impede the distribution and use of products in the international market. A timely and harmonized standardization based on a systematic hazard analysis seems crucial for tackling the challenges stemmed from technological advancements, especially the ones available to the public.</p>

Rotorcraft Transmission System HUM Requirements Derived from Design Safety Analysis

1996 ◽  
Vol 210 (3) ◽  
pp. 271-279 ◽  
Author(s):  
D G Astridge
Keyword(s):  
Failure Modes ◽  
Safety Analysis ◽  
Transmission System ◽  
Functional Requirements ◽  
Critical System ◽  
Safety Critical System ◽  
Direct Design ◽  
Potential Failure ◽  
Additional Support ◽  
Indirect Action

Design safety analysis provides a sound basis for determining the functional requirements of a rotorcraft health and usage monitoring (HUM) system for flight safety purposes, since it considers the vulnerability to catastrophic failure of every component in each safety-critical system. The process thereby identifies the components that may be dependent upon effective monitoring systems in order to achieve the system safety objectives. From the analysis of a new transmission system design, examples are given of component potential failure modes that either (a) are expected to be preventable by direct design action, or (b) will require the additional support of indirect action such as HUM provisions. Many of these examples are expected to be applicable to new rotorcraft transmission designs in general. A brief review of analysis procedures appropriate to rotorcraft transmission systems is included.

Improved Systemic Hazard Analysis Integrating with Systems Engineering Approach for Vehicle Autonomous Emergency Braking System

2021 ◽  
Author(s):  
Jianyu Duan
Keyword(s):  
System Design ◽  
Systems Theory ◽  
Systems Engineering ◽  
System Development ◽  
Process Analysis ◽  
Hazard Analysis ◽  
Safety Analysis ◽  
Critical System ◽  
Emergency Braking ◽  
Braking System

Abstract Safety analysis is a significant step for the safety-critical system development. Compared with traditional vehicles, the system interactions for autonomous vehicles are more abundant and complex. Traditional hazard analysis methods, such as Failure Mode and Effects Analysis (FMEA) and Fault Tree Analysis (FTA) which are on the basis of the component failure and reliability theory, can not identify the system hazards related to system interactions. An emerging hazard analysis method based on systems theory, Systems Theory Process Analysis (STPA) mainly focuses on identifying the control system hazards caused by system interactions. In this study, STPA method is used to identify the potential hazards and casual factors for autonomous emergency braking system by concentrating on system interactions. To improve the consistency between system design and safety analysis, the workflow combining model-based systems engineering (MBSE) and STPA is proposed. The systems modeling language (SysML) is used to describe control structure and system interaction relationships. According to the identified casual factors, the certain constraints and requirements can be derived, which can provide the guidance for system development with respect to system design. Furthermore, the quantitative analysis of the certain unsafe control action is conducted by simulation, which shows effectiveness and feasibility of the proposed method in safety analysis and system design.

Comparison of the HAZOP, FMEA, FRAM and STPA Methods for the Hazard Analysis of Automatic Emergency Brake Systems

2021 ◽  
Author(s):  
Liangliang Sun ◽  
Yan-Fu Li ◽  
Enrico Zio
Keyword(s):  
Process Analysis ◽  
Hazard Analysis ◽  
Autonomous Vehicle ◽  
Risk Identification ◽  
The Road ◽  
Emergency Braking ◽  
Analysis Methods ◽  
Potential System ◽  
Comprehensive Comparison ◽  
On The Road

Abstract As autonomous vehicle (AV) intelligence for controllability continues to develop, involving increasingly complex and interconnected systems, the maturity level of AV technology increasingly depends on the systems reliability level, also considering the interactions among them. Hazard analysis is typically used to identify potential system risks and avoid loss of AV system functionality. Conventional hazard analysis methods are commonly used for traditional standalone systems. New hazard analysis methods have been developed that may be more suitable for AV system-of-systems complexity. However, a comprehensive comparison of hazard analysis methods for AV systems is lacking. In this study, the traditional hazard analysis methods, hazard and operability (HAZOP) and failure mode and effects analysis (FMEA), as well as the most recent methods, like functional resonance analysis method (FRAM; Hollnagel, 2004, 2012) and system-theoretic process analysis (STPA; Leveson, 2011), are considered for implementation in the automatic emergency braking system. This system is designed to avoid collisions by utilizing the surrounding sensors to detect objects on the road, warning drivers with alerts about any collision risk, and actuating automatic partial/full braking through calculated adaptive braking deceleration. The objective of this work is to evaluate the methods in terms of their applicability to AV technologies. The advantages of HAZOP, FMEA, FRAM, and STPA, as well as the possibility of combining them to achieve systematic risk identification in practice, are discussed.

Safety Requirements Model-Based Safety Test Automation of Train Control System of High Speed Railway in China

2010 ◽  
Vol 29-32 ◽  
pp. 2768-2774
Author(s):  
Gang Yu ◽  
Zhong Wei Xu
Keyword(s):  
Control System ◽  
Automatic Testing ◽  
Test Automation ◽  
Critical System ◽  
Safety Requirements ◽  
Safety Critical ◽  
Train Control ◽  
Safety Critical System ◽  
Safety Test ◽  
Train Control System

Train control system is a safety-critical system, which requires a thorough safety testing before they are deployed. But the traditional technology of test automation is not sound for safety test of safety-critical software system because of its just aiming at the system functional requirements. Focusing on the safety requirements, this paper addresses a new method to perform safety test of safety-critical system based on safety requirement by using model-based test. The method presents safety automata to express safety properties in term of safety requirements and extract safety model from the safety requirements. It also provides a new technique for automatic generation of safety test case suite. By using the method, we have designed an automatic testing framework and developed an automatic testing platform, which has been applied to standard testing the product of train control system in term of the requirements of Ministry of railways in china, and implement effectively the functional and safety test of the product of train control system in china.

Sign in / Sign up

Export Citation Format

Share Document