Embedding STPA into a highly successful risk management software application

Since the introduction of STPA to a broader audience through the book Engineering a Safer World and the first MIT STAMP Workshop in 2012, the interest in this method of hazard analysis has been ever increasing. During the time of introduction to now, STPA has not only been applied to many different...

Full description

Bibliographic Details
Main Authors: Björnsdóttir, Svana Helen, Rejzek, Martin
Format: Text
Language:English
Published: ZHAW Zürcher Hochschule für Angewandte Wissenschaften 2017
Subjects:
Software
Risk
STPA
EERMF
005 Computerprogrammierung, Programme und Daten
363 Umwelt- und Sicherheitsprobleme
Reykjavík
Iceland
Online Access:https://dx.doi.org/10.21256/zhaw-3306
https://digitalcollection.zhaw.ch/handle/11475/16831
id ftdatacite:10.21256/zhaw-3306
record_format openpolar
spelling ftdatacite:10.21256/zhaw-3306 2023-05-15T16:53:07+02:00 Embedding STPA into a highly successful risk management software application Björnsdóttir, Svana Helen Rejzek, Martin 2017 application/pdf https://dx.doi.org/10.21256/zhaw-3306 https://digitalcollection.zhaw.ch/handle/11475/16831 en eng ZHAW Zürcher Hochschule für Angewandte Wissenschaften Licence according to publishing contract Software Risk STPA EERMF 005 Computerprogrammierung, Programme und Daten 363 Umwelt- und Sicherheitsprobleme Text Konferenz: Poster article-journal ScholarlyArticle 2017 ftdatacite https://doi.org/10.21256/zhaw-3306 2021-11-05T12:55:41Z Since the introduction of STPA to a broader audience through the book Engineering a Safer World and the first MIT STAMP Workshop in 2012, the interest in this method of hazard analysis has been ever increasing. During the time of introduction to now, STPA has not only been applied to many different domains, has also been constantly developed and extended. We consider the availability of a professional, state-of-the art software application supporting STPA as a crucial agitator for further evolvement and expansion of STPA. Although some software tools are currently available, we are of the opinion that none fully meets the needs for a productive application of STPA outside of the context of research projects and case studies. Furthermore, we believe enterprises demand not only a professionally developed and highly streamlined software application, but also associated support, such as a proper user manual and instructions, along with regular updates and upgrades. The decision to effectively use STPA requires an investment into more than new software, thorough training of staff and a process supporting lessons learned are crucial. This investment will pay for itself through the additional insights that will be uncovered through the STPA methodology, along with the efficiencies and effectiveness enhanced through the software tool, the investment will pay off double! Stiki - Information Security, headquartered in Reykjavík, Iceland and the Safety-Critical Systems Research Lab at the Zurich University of Applied Sciences in Switzerland have successfully applied for an EU grant to develop a software solution satisfying the above mentioned characteristics. The software solution being developed will share the same framework as the software toolkit Risk Management Studio, developed by Stiki and available on the global market since 2005. The objectives are to allow enterprises to use STPA as standalone methodology through the software, and integrated into an enhanced enterprise risk management framework, enabling efficient risk identification and management. The joint development project bases on the software prototype SAHRA, which extends the UML/SysML case tool Enterprise Architect with the ability to perform STPA and on research projects conducted by both partners in the past. The development work commenced in October 2016 and spans over a total of 30 calendar months. With the poster presented we would not only like to outline the project and its end-result, but also motivate stakeholders interested in participating in this project for example by testing and providing feedback of beta-versions of the application. Text Iceland Reykjavík Reykjavík DataCite Metadata Store (German National Library of Science and Technology) Reykjavík
institution Open Polar
collection DataCite Metadata Store (German National Library of Science and Technology)
op_collection_id ftdatacite
language English
topic Software
Risk
STPA
EERMF
005 Computerprogrammierung, Programme und Daten
363 Umwelt- und Sicherheitsprobleme
spellingShingle Software
Risk
STPA
EERMF
005 Computerprogrammierung, Programme und Daten
363 Umwelt- und Sicherheitsprobleme
Björnsdóttir, Svana Helen
Rejzek, Martin
Embedding STPA into a highly successful risk management software application
topic_facet Software
Risk
STPA
EERMF
005 Computerprogrammierung, Programme und Daten
363 Umwelt- und Sicherheitsprobleme
description Since the introduction of STPA to a broader audience through the book Engineering a Safer World and the first MIT STAMP Workshop in 2012, the interest in this method of hazard analysis has been ever increasing. During the time of introduction to now, STPA has not only been applied to many different domains, has also been constantly developed and extended. We consider the availability of a professional, state-of-the art software application supporting STPA as a crucial agitator for further evolvement and expansion of STPA. Although some software tools are currently available, we are of the opinion that none fully meets the needs for a productive application of STPA outside of the context of research projects and case studies. Furthermore, we believe enterprises demand not only a professionally developed and highly streamlined software application, but also associated support, such as a proper user manual and instructions, along with regular updates and upgrades. The decision to effectively use STPA requires an investment into more than new software, thorough training of staff and a process supporting lessons learned are crucial. This investment will pay for itself through the additional insights that will be uncovered through the STPA methodology, along with the efficiencies and effectiveness enhanced through the software tool, the investment will pay off double! Stiki - Information Security, headquartered in Reykjavík, Iceland and the Safety-Critical Systems Research Lab at the Zurich University of Applied Sciences in Switzerland have successfully applied for an EU grant to develop a software solution satisfying the above mentioned characteristics. The software solution being developed will share the same framework as the software toolkit Risk Management Studio, developed by Stiki and available on the global market since 2005. The objectives are to allow enterprises to use STPA as standalone methodology through the software, and integrated into an enhanced enterprise risk management framework, enabling efficient risk identification and management. The joint development project bases on the software prototype SAHRA, which extends the UML/SysML case tool Enterprise Architect with the ability to perform STPA and on research projects conducted by both partners in the past. The development work commenced in October 2016 and spans over a total of 30 calendar months. With the poster presented we would not only like to outline the project and its end-result, but also motivate stakeholders interested in participating in this project for example by testing and providing feedback of beta-versions of the application.
format Text
author Björnsdóttir, Svana Helen
Rejzek, Martin
author_facet Björnsdóttir, Svana Helen
Rejzek, Martin
author_sort Björnsdóttir, Svana Helen
title Embedding STPA into a highly successful risk management software application
title_short Embedding STPA into a highly successful risk management software application
title_full Embedding STPA into a highly successful risk management software application
title_fullStr Embedding STPA into a highly successful risk management software application
title_full_unstemmed Embedding STPA into a highly successful risk management software application
title_sort embedding stpa into a highly successful risk management software application
publisher ZHAW Zürcher Hochschule für Angewandte Wissenschaften
publishDate 2017
url https://dx.doi.org/10.21256/zhaw-3306
https://digitalcollection.zhaw.ch/handle/11475/16831
geographic Reykjavík
geographic_facet Reykjavík
genre Iceland
Reykjavík
Reykjavík
genre_facet Iceland
Reykjavík
Reykjavík
op_rights Licence according to publishing contract
op_doi https://doi.org/10.21256/zhaw-3306
_version_ 1766043634459738112

Similar Items