Experiences with Applying STPA to Software-Intensive Systems in the Automotive Domain
نویسندگان
چکیده
Hazard analysis is one of the most important elements in developing safe-critical systems. STPA (SystemsTheoretic Process Analysis) is a modern technique based on the new accident causation model STAMP (System-Theoretic Accident Model and Process) for analyzing hazard and safety issues, which can be applied early in the design process of a system to achieve an acceptable risk level. We have applied STPA to a well-known example of safety-critical systems in the automotive industries: Adaptive Cruise Control (ACC). The results of the application of STPA to our case study and the limitations and difficulties of applying STPA are presented.
منابع مشابه
A comprehensive safety engineering approach for software-intensive systems based on STPA
Formal verification and testing are complementary approaches which are used in the development process to verify the functional correctness of software. However, the correctness of software cannot ensure the safe operation of safety-critical software systems. The software must be verified against its safety requirements which are identified by safety analysis, to ensure that potential hazardous...
متن کاملXSTAMPP: An eXtensible STAMP Platform As Tool Support for Safety Engineering
STPA (Systems-Theoretic Processes Analysis) is a new hazard analysis technique based on STAMP. STPA is already being used in different industrial domains (e.g. space, aviation, medical or automotive). To support the application of STPA and make using STPA more efficient, we developed an open tool called A-STPA. However, the current usage of ASTPA by safety analysts in different areas shows a nu...
متن کاملUsing STPA in an ISO 26262 Compliant Process
ISO 26262 is the de facto standard for automotive functional safety, and every automotive Original Equipment Manufacturer (OEM), as well as their major suppliers, are striving to ensure that their development processes are ISO 26262 compliant. ISO 26262 mandates both hazard analysis and risk assessment. Systems Theoretic Process Analysis (STPA) is a relatively new hazard analysis technique, tha...
متن کاملVariability — Concepts and Patterns ∗
Most software-intensive systems rely on a componentbased design and are therefore made up of encapsulated structural units which are hierarchically composed of one another. In this paper, we (1) propose a scheme for rigorously managing variability in the context of such a compositional hierarchy, which consistently extends the paradigm of component-based design to variability management, (2) pr...
متن کاملApplication of Aspect-based Modeling and Weaving for Complexity Reduction in Development of Automotive Distributed Real-time Embedded System
To meet the stringent resource and costs constraints in developing modern automotive embedded electronic systems requires careful consideration of various aspects, such as the target hardware structure, component collaboration model, and timing models. An emerging trend in automotive systems is to apply Model-Driven Development (MDD) to understand and formalize these aspects. The growing size a...
متن کامل