Core Concepts
This paper proposes an approach to automatically generate a Safe Behavior Model (SBM) from the results of a System-Theoretic Process Analysis (STPA), ensuring that the generated model fulfills the safety properties identified during the STPA process.
Abstract
The paper presents a method for automatically generating a Safe Behavior Model (SBM) from the results of a System-Theoretic Process Analysis (STPA). The key steps are:
Translating the Unsafe Control Actions (UCAs) identified in the STPA process into corresponding Linear Temporal Logic (LTL) formulas. The authors propose translation rules for different types of UCAs, including not-provided, provided, too-early, too-late, applied-too-long, and stopped-too-soon.
Synthesizing an SBM as a statechart based on the generated LTL formulas. Each control action is represented as a state, and the transitions between states are derived from the LTL formulas.
Extending STPA with Desired Control Actions (DCAs) to capture the desired system behavior, in addition to the unsafe behavior. The DCAs are also translated to LTL formulas and incorporated into the SBM synthesis.
The authors demonstrate the approach using an Adaptive Cruise Control (ACC) example and implement the synthesis in the PASTA tool. The generated SBM is not necessarily complete, as it does not automatically infer the calculations and initializations of internal variables. However, it provides a solid foundation that covers the safety and liveness properties identified in the STPA process.