Perspectives

Putting the STAMP on a new approach

Aerospace, Renewables, Life sciences, Oil & gas

Putting the STAMP on a new approach

STAMP analysis is a new approach to engineering safer systems, but what exactly does it involve, and how is it different?

Our principal technical consultant Varun Sarpangal is here to tell you.

STAMP, or System-Theoretic Accident Model and Processes treats the system as a whole, not the sum of its parts.

It’s an accident causality model, based on systems theory and systems thinking, originally developed by Prof Dr Nancy Leveson at MIT around 10 years ago.

STAMP deviates from the traditional hazard analyses which tend to be based on decomposition of the system, where it’s assumed that accidents are caused by component failure.

For instance, some of the popular traditional hazard analyses calculate the probability of failure of each component separately, and later combine the analysis results (based on assumptions about the types of interactions among components that can occur) into a system reliability figure, which is assumed to be a measure of safety or risk.

STAMP expands the traditional model of causality beyond a chain of directly related failure events or component failures to include more complex processes and unsafe interactions among system components.

In STAMP, safety is treated as a dynamic control problem rather than a failure prevention problem. No causes are omitted from the model, but more are included and the emphasis changes from preventing failures to enforcing constraints on system behaviour.

The model integrates causal factors into engineering analysis such as software, human decision-making and human factors, new technology, social and organisational design, and safety culture, which are becoming ever more threatening in our increasingly complex systems.

Although it’s relatively new, it is already being used in many sectors including aerospace, life sciences and of course energy (including nuclear power plants).

Some advantages of using STAMP are that:

it works on very complex systems because it works top-down rather than bottom up.
it includes software, humans, organisations, safety culture, etc. as causal factors in accidents and other types of losses without having to treat them differently or separately
it allows creating more powerful tools, such as STPA, accident analysis (CAST), identification and management of leading indicators of increasing risk, organisational risk analysis, etc

The two most widely used STAMP-based tools today are STPA (System Theoretic Process Analysis) and CAST (Causal Analysis based on Systems Theory). STPA is a proactive analysis method that analyses the potential cause of accidents during development so that hazards can be eliminated or controlled.

CAST is a retroactive analysis method that examines an incident that has occurred and identifies the causal factors.

Want to find out more about how your project could benefit from a new approach? Get in touch with Varun to start a discussion.

Perspectives