Modern engineering systems are complex socio-technical structures with a mission to offer services of high quality, while in parallel ensuring profitability for their owners. However, practice has shown that accidents are inevitable, and the need for the use of systems-theoretic tools to support safety-driven design and operation has been acknowledged. As indicated in accident investigation reports, the degradation of risk situation awareness (SA) usually leads to safety issues. However, the literature lacks a methodology to compare existing systems with their ideal composition, which is likely to enhance risk SA. To fill this gap, the risk SA provision (RiskSOAP) is a comparison-based methodology and goes through three stages: (1) determine the desired/ideal system composition, (2) identify the as-is one(s), (3) employ a comparative strategy to depict the distance between the compared units. RiskSOAP embodies three methods: STPA (System Theoretic Process Analysis), EWaSAP (Early Warning Sign Analysis) and dissimilarity measures. The practicality, applicability and generality of RiskSOAP is demonstrated through its application to three case studies. The purpose of this work is to suggest the RiskSOAP indicator as a measure for safety in terms of the gap between system design and operation, thus increasing system’s risk SA. RiskSOAP can serve as a criterion for planning system modifications or selecting between alternative systems, and can support the design, development, operation and maintenance of safe systems.
This paper utilises a methodology named “Risk SituatiOn Awareness Provision” (RiskSOAP). RiskSOAP expresses the capability of a system to meet its safety objectives by controlling its processes and communicating threats and vulnerabilities to increase the situation awareness of its end-users and support their decision-making. In reality safety-related system features might be partially available or unavailable due to design incompleteness or malfunctions. Therefore, respectively, the availability and capability of RiskSOAP mechanisms might fluctuate over time. To examine whether changes in RiskSOAP values correspond to a system degradation, we used the results of a previous study that applied the RiskSOAP methodology to the Überlingen mid-air collision accident. Complementary to the previous application where the RiskSOAP was calculated for four milestones of the specific event, in this study we divided the accident further into seventeen time-points and we calculated the RiskSOAP indicator per time-point. The results confirmed that the degradation of the RiskSOAP capability coincided with the milestones that were closer to the mid-air collision, while the plotting of the RiskSOAP indicator against time showed its nonlinear fluctuation alongside the accident development.
The remarkable and continuous growth of the unmanned aircraft market has brought new safety related challenges, as those are recorded in various accident and incident reports. Although drones with an operating weight higher than 20-25Kgs are technologically advanced and often subject to standards (e.g., technical reliability, airspace management, licensing, certification), the regulatory framework for (ultra) light drones focuses almost exclusively on the limitations that the operator needs to consider. Thus, the protection from accidents seems to rely mostly on the competency of the operator to fly a drone safely, and his/her observance of the rules published by the respective authorities. In addition, the hazards lying in the interaction between an operator and a small drone have not been systematically studied. In this paper, we present (1) the first results from a System-Theoretic Process Analysis (STPA) based approach to the identification of hazards and safety requirements in small drone operations, and (2) an adaptation of the Risk Situation Awareness Provision Capability (RiskSOAP) methodology in order to quantify the differences amongst 4 drone models regarding the extent to which they fulfill the safety requirements identified through STPA. The results showed that the drones studied satisfy the safety requirements at low and moderate levels and they present high dissimilarities between them regarding the extent to which they meet the same safety requirements. Future work will include: (a) comparison of a larger sample of small drones against the safety requirements, as well as pairwise, and (b) assessment of the degree to which various regulatory frameworks worldwide address the safety requirements generated with STPA and assigned to the authority level.
