Putting the STAMP on a new approach
STAMP analysis is a new approach to engineering safer systems, but what exactly does it involve, and how is it different?
Our principal technical consultant Varun Sarpangal is here to tell you.
STAMP, or System-Theoretic Accident Model and Processes treats the system as a whole, not the sum of its parts.
It’s an accident causality model, based on systems theory and systems thinking, originally developed by Prof Dr Nancy Leveson at MIT around 10 years ago.
STAMP deviates from the traditional hazard analyses which tend to be based on decomposition of the system, where it’s assumed that accidents are caused by component failure.
For instance, some of the popular traditional hazard analyses calculate the probability of failure of each component separately, and later combine the analysis results (based on assumptions about the types of interactions among components that can occur) into a system reliability figure, which is assumed to be a measure of safety or risk.
STAMP expands the traditional model of causality beyond a chain of directly related failure events or component failures to include more complex processes and unsafe interactions among system components.
In STAMP, safety is treated as a dynamic control problem rather than a failure prevention problem. No causes are omitted from the model, but more are included and the emphasis changes from preventing failures to enforcing constraints on system behaviour.
The model integrates causal factors into engineering analysis such as software, human decision-making and human factors, new technology, social and organisational design, and safety culture, which are becoming ever more threatening in our increasingly complex systems.
Although it’s relatively new, it is already being used in many sectors including aerospace, life sciences and of course energy (including nuclear power plants).
Some advantages of using STAMP are that:
The two most widely used STAMP-based tools today are STPA (System Theoretic Process Analysis) and CAST (Causal Analysis based on Systems Theory). STPA is a proactive analysis method that analyses the potential cause of accidents during development so that hazards can be eliminated or controlled.
CAST is a retroactive analysis method that examines an incident that has occurred and identifies the causal factors.