Deriving verification objectives and scenarios for maritime systems using the systems-theoretic process analysis

The process applied for verification of maritime systems lacks the ability to properly examine complex networks of interconnections. Verification is mainly focused on single failures of components, not properly accounting for the complexity emerging through interactions between human operators, computer systems and electro-mechanical components. The problem apparently resides in the supporting studies, or the lack thereof, for the development of test cases. A new methodology that can be introduced to the current verification process for these systems is proposed in this article. It employs Systems-theoretic process analysis (STPA) to generate verification objectives and related hazardous scenarios. These specify or extend the scope and provide acceptance criteria for verification activities, and may further serve as input to test case generation. The method is used in a case study to identify verification objectives for an automated module in the power management system of a maritime vessel. The results show that the method is able to reduce the number of context variables that verification results depend upon, and to highlight remaining context dependency, to allow for an integrated system view. It will help capture accidental scenarios with more complex causal relations than what is currently considered during verification of these systems.

[1]  Jan Erik Vinnem,et al.  Analysis of Dynamic Positioning System Accidents and Incidents with Emphasis on Root Causes and Barrier Failures , 2017 .

[2]  Nancy G. Leveson,et al.  Safeware: System Safety and Computers , 1995 .

[3]  Roger Skjetne,et al.  Hardware-in-the-loop testing of marine control systems¶ , 2006 .

[4]  Nancy G. Leveson,et al.  Engineering a Safer World: Systems Thinking Applied to Safety , 2012 .

[5]  Nancy G. Leveson,et al.  Hazard Analysis of Complex Spacecraft Using Systems-Theoretic Process Analysis , 2014 .

[6]  Asgeir J. Sørensen,et al.  Dynamic consequence analysis of marine electric power plant in dynamic positioning , 2016 .

[7]  Tsun S. Chow,et al.  Testing Software Design Modeled by Finite-State Machines , 1978, IEEE Transactions on Software Engineering.

[8]  Nancy G. Leveson,et al.  Systems thinking for safety and security , 2013, ACSAC.

[9]  Steven J Pereira,et al.  A System-Theoretic Hazard Analysis Methodology for a Non-advocate Safety Assessment of the Ballistic Missile Defense System , 2006 .

[10]  Jan Erik Vinnem,et al.  A systems approach to risk analysis of maritime operations , 2017 .

[11]  Nancy G. Leveson,et al.  A new accident model for engineering safer systems , 2004 .

[12]  J Rasmussen,et al.  On the Structure of Knowledge - A Morphology of Metal Models in a Man-Machine System Context, , 1979 .

[13]  Yu Lei,et al.  Introduction to Combinatorial Testing , 2013 .

[14]  Alf Kåre Ådnanes,et al.  Maritime Electrical Installations And Diesel Electric Propulsion , 2003 .

[15]  Blandine Antoine Systems Theoretic Hazard Analysis (STPA) applied to the risk review of complex systems : an example from the medical device industry , 2013 .

[16]  Jens Rasmussen,et al.  Risk management in a dynamic society: a modelling problem , 1997 .

[17]  Cody H. Fleming,et al.  Safety assurance in NextGen and complex transportation systems , 2013 .

[18]  Stefan Wagner,et al.  A comprehensive safety engineering approach for software-intensive systems based on STPA , 2015, ArXiv.