UCA (Unsafe Control Action) table is where you analyze the control actions you defined in the Control Structure Diagram and identify the unsafe ones in a particular context which leads to a hazard.

section divider

Open an UCA Table

In order to open an UCA table, a Control Structure Diagram needs to be created first.
If there is a Control Structure Diagram in the project where the Control Actions are defined, click [Identify UCA (Unsafe Control Action) in the [STPA Procedure] tab.
Create Unsafe Control Actions Tab

Or go to [Diagram] – [STAMP/STPA] – [UCA Table] to open the UCA table.

Now an UCA table opens with a list of Control Actions that are depicted in a Control Structure Diagram.
Editing the Control Action names and source and target names in this table will apply to ones in the Control Structure Diagram.

section divider

Four Guide words in the column

There are four ways a control action can be unsafe and these are included in the columns as “guide words” by default:

1. Not Providing – Not providing the control action leads to a hazard.
2. Providing causes hazard – Providing the control action leads to a hazard.
3. Too early / Too late – Providing a potentially safe control action but too early or too late.
4. Stop too soon / Applying too long – The control action is applied too long or is stopped too soon.

By filling out all the 4 columns for each control action, you are testing if the control action meets these requirements: A correct control action is provided at the correct time with correct duration. And if any fails to meet the requirements, you can identify them as Unsafe Control Actions.

In the UCA table, you should specify which hazard that the UCA leads to, and the context in which the control action is unsafe.

section divider

Identify as UCA

  1. Double-click the column under guide words to open an [UCA] dialog appears.

  2. Click [Add UCA] button.
    Add UCA

  3. UCA box is automatically checked and ID is automatically added. Now specify why you identify this as UCA.

  4. Then double-click the [Violating Safety Constraint] field to open. Then you will see a list of Safety Constraints which you defined in the Accident Hazard Safety Constraint Table. Select one that this Control Action does violates.

  5. Now the Control Action is identified as UCA and it shows the description and the ID of Safety Constraint that the Control Action is violating in the UCA table.
    UCA Sample
section divider

Identify as Non-UCA

We suggest you fill out all the fields in UCA table. So do not leave any fields blank or put N/A even when the Control Action is identified as Non-UCA. Instead, specify the reason why this Control Action is safe.

  1. Double-click the column under guide words to open an [UCA] dialog appears.
  2. Click [Add UCA] button.
    Identify as Non-UCA

  3. Noe specify the reason why this Control Action is identified as non-UCA.

    – The ‘UCA’ checkbox will be unchecked
    – ID will not be added
    – You cannot select the Safety Constraint because this Control Action is not violating any.