Can STPA be used for a System-of-Systems? Experiences from an Automated Quarry Site

Automation is becoming prevalent in more and more industrial domains due to the potential benefits in cost reduction as well as the new approaches/solutions they enable. When machines are automated and utilized in system-of-systems, a thorough analysis of potential critical scenarios is necessary to derive appropriate design solutions that are safe as well. Hazard analysis methods like PHA, FTA or FMEA help to identify and follow up potential risks for the machine operators or bystanders and are well-established in the development process for safety critical machinery. However, safety certified individual machines can no way guarantee safety in the context of system-of-systems since their integration and interactions could bring forth newer hazards. Hence it is paramount to understand the application scenarios of the system-of-systems and to apply a structured method to identify all potential hazards. In this paper, we 1) provide an overview of proposed hazard analysis methods for system-of systems, 2) describe a case from construction equipment domain, and 3) apply the well-known System-Theoretic Process Analysis (STPA)f to our case. Our experiences during the case study and the analysis of results clearly point out certain inadequacies of STPA in the context of system-of-systems and underlines the need for the development of improved techniques for safety analysis of system-of-systems.