Summary: | All elements (agents) in the STPA control structure (control algorithm, actuator, sensor system, process model) consist of a set of functions. These can be visualised and analysed using the Functional Analysis System Technique (FAST). The control action is executed by the control algorithm agent. By using FAST we can analyse the sub-functions of the control action and identify scenarios that may cause unsafe control actions. In the same way, the actuator agent, sensor agent and the process model agent can be visualised and analysed through FAST to identify scenarios that may cause unsafe control actions. When identifying scenarios that may lead to unsafe control actions, analysts tacitly create a mental model of these dependencies. One of the strengths of STPA is in agent analysis, by identifying the system agents responsible for enforcing safety constraints as well as other agents whose actions (or lack of them) may cause unsafe control actions. The strength of FAST is function analysis through making the functional dependencies explicit. Small FAST trees within the STPA control structure increase the information density without creating too much clutter. The semantics in FAST are relatively easy and quick to learn for Subject Matter Experts (SMEs) and others. FAST trees can guide refinement of the control structure by identifying functions as new lower-level or higher-level control actions that need further investigation in new control structures. The original purpose of FAST was to spark the creativity to find an alternative solution to a problem, or alternative ways of achieving a function. This is valuable early in the concept and design phase of any system development, including when using STPA in early system safety engineering phases.
|