The presenters will show how they are approaching the challenges of integrating STAMP methods into Google's engineering culture:
- Preventing waterfall delivery of analysis results
- Teaching control structure modeling and UCAs
- Working with an informal requirements engineering culture

Over the last decade, STPA use in aviation has led to thousands of publications including findings and lessons learned from industry use. Past MIT STAMP/STPA workshops have hosted 60 presentations from the aviation industry with independent evaluations and findings from applying STPA. This talk will review the empirical data that exists from the aviation industry to date, including lessons learned, mistakes to avoid, and what is known and not yet known about STPA in aviation.

- The program structure of American Airline's STAMP program
- CAST/STPA is widely accepted and understood at American Airlines
- CAST leads to deeper insights compared to traditional industry methods
- STAMP helps reinforce resiliency within our systems

Aerospace manufacturing faces a challenge in combining cutting-edge technology and long product lifecycles, which can lead to significant process model divergence within production systems and result in producibility problems. This talk presents a CAST analysis of a loss of producibility following a transfer of a manufacturing process from one facility to another.
Key findings:
-Configuration control measures must be designed with an understanding of their limitations, and assumptions about supplier processes must be carefully validated.
-Production organizations must be designed for the task they are assigned to accomplish, based on experience and experimentation whenever possible.

This presentation highlights how the STAMP application integrates Embraer Requirements Engineering process.

Teams of controllers exhibit complex collaborative interactions that can be defined and captured using Systems Theory or STAMP. This talk defines those interactions and introduces extensions to STAMP/STPA to systematically identify causal factors associated with collaboration. The technique has been demonstrated to help analyze novel human-machine and multi-machine teaming systems.

Application of STPA to solid rocket manufacturing, particularly with respect to automated propellant cutting, has provided insight into the design and development of the process. Some of those key insights are:
1. A change in the perspective of the analysis from motor centric to robot centric
2. Inclusion of an independent chip catcher
3. How to handle abort commands with this delicate process
The framework provided by STPA has been influential in seeing the overall connectivity of the various components in the control structure and consequently in designing a better process.

This talk will share a few lessons that we've learned while incorporating safety into Google's engineering culture in the areas of education, SME engagement, analysis completeness, and CAST.

Lessons learned and strategy from our implementation of STAMP at American Airlines.
- Feedback is important
- Union buy-in is critical
- CAST/STPA is different than traditional models
- STPA can be used on existing systems. Even less complex systems!

- Systems-Theoretic Process Analysis (STPA) is applied to investigate decision-making for a novel approach to radiotherapy.
- The analysis process spanned the phases of STPA familiarization, results generation, and results finalization. Facilitation of the analysis was achieved through videos, electronic worksheets, and virtual meetings.
- Nontrivial causal scenarios involve inaccessibility of feedback, mismatch between the feedback and the mental model required for good decision-making, and under-specification of control input.
- STPA provides an effective technique to examine operational decision-making in radiotherapy. Targeted facilitation to leverage domain expertise is a feasible app

This presentation outlines the preliminary findings from an application of STPA to the safety of diagnostic medical data in the United States. We present a model of the sociotechnical system, developed through 30+ interviews with subject matter experts representing laboratories, care facilities, health IT vendors, regulatory bodies, public health agencies, patients, and more. We identify UCAs and scenarios, and provide both targeted and general recommendations to improve the safety of the ecosystem, with
particular attention to missing or weak control loops.

Developing a comprehensive control structure for sociotechnical systems presents challenges for the adoption of STPA. We present a process for iteratively developing a control structure. Using the diagnostic laboratory data ecosystem as a case study, we will walk through the process of starting from scratch and iteratively fine tuning a control structure. Topics include identifying missing information, interview techniques, and common obstacles and ways to address them.

This presentation will provide recommendations for the application of STPA in the early phase of design. It will include a specific focus on:
-Facilitation of STPA
-Application of STPA outcomes to the design of digital twins

Although human-system integration approaches are necessary for the effective design of socio-technical systems, there are few methods that can successfully combine the considerations of mental models with those of technology process models. This presentation will demonstrate that:
- STPA control structures are useful cognitive artifacts that offer decision making stability in the face of strategic uncertainty.
- Blending STPA with human factors methods can surface system vulnerabilities and unlock opportunities for creative decision making and innovation.
- STPA provides structure and processes to consider humans and machines as collaborative agents during the design of complex systems.

- The Nuclear Regulatory Commission (NRC) has investigated STPA and CAST through a series of formal training classes and workshops
- NRC staff including Digital I&C, Human Factors, PRA, Fault Tree Analysis, Cyber Security, and other SMEs participated
- NRC staff learned the methods, applied them in hands-on work shops, evaluated the methods, and developed conclusions and recommendations
- This talk will review the findings developed by NRC staff related to future STPA and CAST use by regulators as well as by industry

- Introduction to a novel power supply concept for battery ferries and its demonstration
- STPA results of the novel concept: main findings and challenges
- Prioritizing the results: method and results
- Discussion for prioritizing STPA results and future works

The talk will refer to the application of STPA on a ship’s navigation system in order to identify leading indicators for monitoring the level of marine safety, including the following aspects:
- The importance of establishing efficient leading indicators concerning accidents’ prevention in the maritime domain.
- The way STPA was applied.
- The results of the implemented methodology, including the control structure and the assumption based leading indicators. The derived leading indicators are related to human factor, concerning aspects such as fatigue and situational awareness.
- Discussion about the usefulness of STPA as a method for establishing leading indicators in the maritime domain.

- L3H SAS is increasingly utilizing MBSE techniques to design system architectures
- STPA has been adopted within L3H SAS as a safety analysis method because it can be incorporated into a MBSE environment
- OMG recently released (2021) a new standard, Risk Analysis and Assessment Modeling Language, which includes standard relations for creating STPA elements within a SysML model.
- L3H SAS has recently developed a RAAML compliant tool to perform STPA analysis within a SysML model. This presentation highlights some of the lessons learned along this journey.

In this presentation, we will exhibit a fascinating research that showcases the successful application of STPA (Systems-Theoretic Process Analysis) to a unique system. Our analysis focused on activities with energetic materials in research laboratories by identifying potential hazards, reducing damages and mishaps, optimizing performance, and minimizing wasted time and materials. We will discuss how the use of STPA led to the discovery of new solutions and opportunities for improving safety and operational efficiency in the laboratory.

STPA Automation Tool:
- Provide a template for the STPA analysis
- Guide the user through the STPA process
- Automate some of the manual work that is necessary to perform an STPA
Tool is built in Google Sheets and will be free for use in the STAMP community.

This talk will review the state of industry standards that incorporate STPA and recent milestones in STPA certification. A uniform set of requirements has been defined for individual certification, and the International Center for STAMP Certification and Accreditation has been created to oversee accreditaion of qualified STAMP/CAST/STPA educational programs. The center's mission is to enable high-quality CAST and STPA work products by recognizing qualified practitioners and defining a uniform standard for CAST and STPA practice, facilitation, and training.