The Risk Situation Awareness Provision Capability and its Degradation in the Überlingen Accident over Time

This paper presents a STAMP-based indicator of measuring the inherent, in terms of the system design and development, capability of each system part to provide its agent with Situation Awareness (SA) about the presence of system threats and vulnerabilities that may lead to accidents. An agent is a h...

Full description

Saved in:
Bibliographic Details
Published in:Procedia engineering 2015, Vol.128, p.44-53
Main Authors: Chatzimichailidou, Maria Mikela, Dokas, Ioannis M.
Format: Article
Language:English
Subjects:
EWaSAP
RiskSOAP methodology
Safety
STAMP
STPA
timeline
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:This paper presents a STAMP-based indicator of measuring the inherent, in terms of the system design and development, capability of each system part to provide its agent with Situation Awareness (SA) about the presence of system threats and vulnerabilities that may lead to accidents. An agent is a human or automated controller that possesses reasoning mechanisms and demonstrates a capability to influence others or modify situations. This capability – in as far as it pertains to risk modification - is called “risk SA provision capability” (RiskSOAP) and can be modelled in a control loop. This capability is considered as dynamic because it can fluctuate over time due to changes in safety specifications and short- or long-term conditions. In order to demonstrate the fluctuation of the risk SA provision capability along the development of an accident, the STAMP-based RiskSOAP indicator is calculated throughout the Überlingen accident timeline. This timeline incorporates four milestones, each one denoting a particular time point in the accident development. The decline in the value of the RiskSOAP indicator is attributed to the presence of flaws and unsafe control actions, through which accident scenarios are verified and the system is headed for an accident. The main conclusion is that in such socio-technical systems there is a tight coupling between the degradation of the risk SA provision capability and the degradation of safety.
ISSN:1877-7058
1877-7058
DOI:10.1016/j.proeng.2015.11.503