1. Introduction
    1. System Requirements
    2. Setup and Installation
  2. Getting Started
    1. Creating a Database
    2. Email Configuration
    3. Web Module Setup
    4. Web Module Update
  3. Navigating RM Studio
    1. Main Menu
      1. Save Function
      2. Import External Data
        1. Import Assets
      3. Clear User Cache
      4. Security
      5. Properties
      6. Languages
      7. Registration
      8. User Manual
      9. Manage Checkouts
      10. About
      11. Application Style
    2. Navigation Tree
    3. Tabs
    4. The Grid
    5. Context & Flow
  4. Common Entities
    1. Business Entities
      1. Asset Details - Basic Information tab
      2. Asset Details - Risks tab
      3. Asset Details - Categories tab
      4. Asset Details - Business Entities tab
    2. Contacts
    3. Teams
    4. Assets
    5. Asset Categories
    6. Asset Attributes
    7. Threats
    8. Standards/Controls
      1. How to: Standards, Regulations, Controls
      2. Standards Implementation Comparison
    9. Documents
  5. Gap Analysis
    1. How to: Gap Analysis
    2. Reporting
  6. Risk Assessment
    1. How to: Risk Assessment
      1. Risk Assessment Overview
      2. Adding Assets
      3. Adding Risks
      4. Evaluation Values
      5. Evaluating Risks
      6. Various Definitions
      7. Risk Assessment Reporting
    2. Risk Owner Tasks
    3. Risk Profile
  7. Web Module
    1. Dashboard
    2. My Tasks
    3. Reports
    4. Standards/Regulations
    5. Documents
    6. Incidents
    7. Risk Owner Web Solution
  8. Control Assessment
    1. Control Assessment Templates
    2. Control Assessment
    3. Reports - Control Assessment
  9. Risk Treatment
    1. How to: Risk Treatment
      1. Risk Treatment Templates
      2. Risk Criteria
      3. Asset Level
      4. Controls Tab
      5. Scheduling a Future Control
      6. Future Controls Tab
      7. Overview
      8. Reload Assets, Threats and Controls
    2. Risk Treatment Reports
  10. STPA
    1. STPA Projects
    2. Models and Diagrams
      1. How to: Create CS Models
      2. How to: Create CS Diagram
        1. Diagram Elements
        2. Models Progress Check
    3. Analyses
      1. How to: Define Purpose of Analysis
      2. Losses
      3. Hazards
      4. Relationship
      5. Constraints
      6. How to: Identify UCAs
      7. How to: Identify Loss Scenarios
        1. Loss Scenario Progress Check
    4. Reporting
    5. Global Properties
  11. Business Continuity Management Module
    1. Organization
      1. New Organization
      2. Stakeholders
      3. Resources/Processes
        1. Impact Analysis
        2. Requirements
    2. Incident Response/Recovery
      1. Associated Threats
      2. Plans
        1. Steps
      3. Maintenance
        1. Test plans
        2. Test Results
    3. Templates
    4. Maintenance
    5. Reports BCM
  12. Database Settings
    1. Database Upgrade
    2. Add Existing
    3. Remove
    4. Migrate
    5. Backup
    6. Restore
  13. Glossary
  14. Calculations

10.STPA

Systems-Theoretic Process Analysis

STPA is a hazard analysis methodology for socio-technologic systems based on systems thinking with modeling of accident causation. STPA, a relatively new methodology centered on systems theory rather than reliability, is used to depict hazardous scenarios and the context that produces the scenario. By knowing the conditions for creating a possible hazardous scenario, measures can be created to eliminate, reduce, and control the scenarios in system design, development, manufacturing, and operations. STPA has achieved a reputation for identification of more casual factors and hazardous scenarios than traditional methods, particularly those related to software, system design, and human behaviors.

The RM Studio – STPA tool provides users with the necessary features, functions and reporting to properly complete the STPA:

  • Diagramming canvas and tools utilized to design and capture Hierarchical Control Structure (HCS), hazards – losses relationship, and Loss Scenarios Modeling;
  • Automation throughout the STPA tool, specifically analyzing Unsafe Control Actions and Loss Scenarios with the data from the control structure
  • Relationship linking of hazards to losses and constraints
  • Progress and consistency checking of the analysis process with a meter automatically measuring completeness of the analysis for each step: HCS, UCAs, & Loss Scenarios.
  • Report generation (full or by section) and data export including models and diagrams;
  • Information traceability throughout the system.

10.1. STPA Projects

10.2. Models and Diagrams

10.3. Analyses

10.4. Reporting

10.5. Global Properties


For a more detailed description on STPA or publications on the methodology refer to the following resources.

Book by Nancy G. Leveson introducing STAMP/STPA (note free download link in the lower left corner).

https://mitpress.mit.edu/books/engineering-safer-world

The STPA Handbook by Nancy G. Leveson and John P. Thomas published in March 2018.

http://psas.scripts.mit.edu/home/get_file.php?name=STPA_handbook.pdf

Suggest Edit