The UCA (Unsafe Control Action) table in Astah System Safety is a critical tool for analyzing control actions that have been defined in the Control Structure Diagram. In this table, you scrutinize each control action in the context of specific scenarios to identify which actions could be unsafe and potentially lead to hazards. This focused analysis is essential for pinpointing and addressing safety risks within the system, ensuring a thorough and effective STPA process.
To open a UCA (Unsafe Control Action) table in Astah System Safety, you first need to have a Control Structure Diagram created within your project. This diagram should define the various control actions. Once this diagram is in place, you can proceed to identify UCAs by clicking on [Identify UCA (Unsafe Control Action)] in the [STPA Procedure] tab.
Or go to [Diagram] – [STAMP/STPA] – [UCA Table] to open the UCA table.
When you open a UCA (Unsafe Control Action) table in Astah System Safety, it will display a list of Control Actions as depicted in your Control Structure Diagram. It’s important to note that any edits made to the Control Action names, as well as their source and target names within this table, will be reflected in the Control Structure Diagram. This interconnected functionality ensures consistency and accuracy across your STPA analysis documentation.
There are four ways a control action can be unsafe and these are included in the columns as “guide words” by default:
1. Not Providing – Not providing the control action leads to a hazard.
2. Providing causes hazard – Providing the control action leads to a hazard.
3. Too early / Too late – Providing a potentially safe control action but too early or too late.
4. Stop too soon / Applying too long – The control action is applied too long or is stopped too soon.
In Astah System Safety’s UCA table, by thoroughly filling out all four columns for each control action, you effectively test whether each control action meets critical safety requirements: being the correct action, provided at the right time, and lasting for the appropriate duration. If a control action fails to meet these requirements in any aspect, it can be identified as an Unsafe Control Action. This methodical approach is key in ensuring that all control actions are safe and appropriate for their intended contexts in the system.
In the UCA (Unsafe Control Action) table, it is important to specify for each UCA the specific hazard it leads to, as well as the context in which the control action becomes unsafe. This approach ensures a clear understanding of the risk associated with each control action, facilitating more targeted and effective safety measures.
When filling out the UCA (Unsafe Control Action) table in Astah System Safety, it is recommended to complete all fields for each control action. Avoid leaving any fields blank or simply marking them as N/A, even for control actions identified as Non-UCA. Instead, for these actions, specify the reasons why they are considered safe. This comprehensive approach ensures a thorough analysis and provides clear documentation for why certain actions are deemed safe, contributing to a more robust and transparent safety analysis process.