Using STPA in an ISO 26262 Compliant Process

  • Archana Mallya
  • Vera PantelicEmail author
  • Morayo Adedjouma
  • Mark Lawford
  • Alan Wassyng
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9922)


ISO 26262 is the de facto standard for automotive functional safety, and every automotive Original Equipment Manufacturer (OEM), as well as their major suppliers, are striving to ensure that their development processes are ISO 26262 compliant. ISO 26262 mandates both hazard analysis and risk assessment. Systems Theoretic Process Analysis (STPA) is a relatively new hazard analysis technique, that promises to overcome some limitations of traditional hazard analysis techniques. In this paper, we analyze how STPA can be used in an ISO 26262 compliant process. We also provide an excerpt of our application of STPA on an automotive subsystem as per the concept phase of ISO 26262.


Hazard analysis Risk assessment STPA ISO 26262 ASILs Automotive industry Battery Management System 


  1. 1.
    Abdulkhaleq, A., Wagner, S.: A controlled experiment for the empirical evaluation of safety analysis techniques for safety-critical software. In: EASE 2015, pp. 16:1–16:10. ACM (2015)Google Scholar
  2. 2.
    D’Ambrosio, J., Debouk, R., Hartfelder, D., Sundaram, P., Vernacchia, M., Wagner, S., Thomas, J., Placke, S.: Application of STPA to an automotive shift-by-wire system. In: STAMP Workshop, Cambridge, MA (2014)Google Scholar
  3. 3.
    Hommes, Q.V.E.: Review and assessment of the ISO 26262 Draft Road Vehicle - Functional Safety. SAE technical paper (2012)Google Scholar
  4. 4.
    Hommes, Q.V.E.: Safety analysis approaches for automotive electronic controlsystems (2015).
  5. 5.
    ISO 26262: Road Vehicles - Functional Safety. International Organization for Standardization (ISO) (2011)Google Scholar
  6. 6.
    Leveson, N.G.: Engineering a Safer World: Systems Thinking Applied to Safety (Engineering Systems). The MIT Press, Cambridge (2012)Google Scholar
  7. 7.
    Mallya, A.: Using STPA in an ISO 26262 compliant process. M.A.Sc., McMaster University, Canada, October 2015Google Scholar
  8. 8.
    NHTSA: Request for comment on automotive electronic control systems safety and security (2014).
  9. 9.
    SAE J2980: Considerations for ISO 26262 ASIL Hazard Classification, SAE International (2015)Google Scholar
  10. 10.
    Song, Y.: Applying system-theoretic accident model and processes (STAMP) to hazard analysis. M.A.Sc., McMaster University, Canada (2012)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2016

Authors and Affiliations

  • Archana Mallya
    • 1
  • Vera Pantelic
    • 1
    Email author
  • Morayo Adedjouma
    • 2
  • Mark Lawford
    • 1
  • Alan Wassyng
    • 1
  1. 1.McMaster Centre for Software Certification, Department of Computing and SoftwareMcMaster UniversityHamiltonCanada
  2. 2.CEA LIST, LISEGif-sur-Yvette CedexFrance

Personalised recommendations