Change search
ReferencesLink to record
Permanent link

Direct link
Safety-Guided Design through System-Theoretic Process Analysis, Benefits and Difficulties
KTH, School of Industrial Engineering and Management (ITM), Machine Design (Dept.), Mechatronics.ORCID iD: 0000-0001-5704-4504
(Mekatronik, Mechatronics)ORCID iD: 0000-0002-0889-5190
(Mekatronik, Mechatronics)ORCID iD: 0000-0002-4300-885X
2012 (English)In: 30th International System Safety Conference Proceedings, 2012Conference paper (Refereed)
Abstract [en]

Development environments for embedded systems are moving towards increased automation between Commercial Of The Shelf (COTS) engineering tools. While automation provides new opportunities for e.g. verification, it also to some extent decreases the possibility of identifying and acting on safety issues that arise during development. To investigate the relationship between tool integration and safety we performed a System-Theoretic Process Analysis (STPA) of a tool chain from an industrial case study. This tool chain was then reanalyzed and redesigned twice, in part motivated by identified hazards.

This paper presents our experiences from applying STPA to safety-guided design in the context of integrating COTS engineering tools into tool chains. We discuss the benefits of and difficulties with applying STPA. We also suggest improvements that complement STPA with support methods and tools.

The primary benefit was the support in categorizing risks and causes. The three difficulties we encountered were identifying context-specific causal factors, defining control structures across several domains (management, user, technical, etc.) and limiting the domains taken into account. The use of STPA during safety-guided design would be facilitated by the use of expert systems and simulation, especially in regard to relating different domains.

Place, publisher, year, edition, pages
Keyword [en]
Tool Integration, Safety, STAMP, STPA, Safety-Guided Design
National Category
Embedded Systems
URN: urn:nbn:se:kth:diva-102717OAI: diva2:556095
30th International System Safety Conference


Available from: 2012-09-27 Created: 2012-09-24 Last updated: 2012-09-27Bibliographically approved
In thesis
1. Tool Integration and Safety: A Foundation for Analysing the Impact of Tool Integrationon Non-functional Properties
Open this publication in new window or tab >>Tool Integration and Safety: A Foundation for Analysing the Impact of Tool Integrationon Non-functional Properties
2012 (English)Licentiate thesis, comprehensive summary (Other academic)
Abstract [en]

The increasing complexity of embedded systems development is becoming difficult to handle with development environments based on disjoint engineering tools. Support for interactions between various engineering tools, especially through automated means, has therefore received an increased amount of attention during the last few years. The subsequent increase in the amount of tool integration is leading to an increased impact of tool integration on non-functional properties of development efforts, development environments and end products. At the same time there is a lack of methods and tools for analysing the relationship between these properties and tool integration. To establish a foundation for analysing this generic relationship, the specific relationship between tool integration and the safety of end products is analysed in this thesis.

A survey was conducted to analyze the State of the Art of tool integration as related to safety. This survey specifically identified the lack of an efficient handling of tool integration by modern safety standards as an important concern. In relation to this survey, three theories were identified as of specific importance. These are the school of thought known as Systems Thinking, the Systems-Theoretic Accident Model and Processes (STAMP) causality model and the System-Theoretic Process Analysis (STPA) hazard analysis technique.

Building on these theories, this thesis provides original contributions intended to (1) describe concepts and models related to tool integration and safety (the first and second contribution), (2) link tool integration to safety in a way that reduces complexity during analysis (the third contribution) and (3) propose how to interpret and make use of the implications of the presented theories and the first three contributions (the fourth and fifth contribution).

• The first contribution is a new conceptual model of a development effort that emphasizes tool integration.

• The second contribution is a new reference model for tool integration in highly heterogeneous environments.

• The third contribution consists of nine safety-related tool chain properties, i.e. properties of tool chains that could mitigate at least part of the risks introduced by tool integration.

• The fourth contribution is a proposition on how to identify safety implications due to a high level of automation of tool integration.

• The fifth contribution is a proposition for a new software tool qualification process.

Place, publisher, year, edition, pages
Stockholm: KTH Royal Institute of Technology, 2012. xiii, 84 p.
Trita-MMK, ISSN 1400-1179 ; 2012:17
Tool Integration, Integrated Development Environments, Embedded Systems, Safety Standards, Certification, Qualification, Systems Thinking, System Safety, STAMP, STPA
National Category
Embedded Systems
urn:nbn:se:kth:diva-102876 (URN)978-91-7501-487-6 (ISBN)
2012-10-05, B319, Brinellvägen 85, KTH, Stockholm, 09:00 (English)
Available from: 2012-09-27 Created: 2012-09-27 Last updated: 2012-09-27Bibliographically approved

Open Access in DiVA

No full text

Other links


Search in DiVA

By author/editor
Asplund, FredrikEl-khoury, JadTörngren, Martin
By organisation
Embedded Systems

Search outside of DiVA

GoogleGoogle Scholar
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Total: 430 hits
ReferencesLink to record
Permanent link

Direct link