Skip to content

Eclipse Trustable Software Framework

Using STPA for RAFIA

Eclipse Trustable Software Framework

About
About
- Overview
- Rationale
- Compliance
- Releases
  Releases
  - Release Process
  - Release Notes
- Media
Objectives
Objectives
- TSF
Model & Methodology
Model & Methodology
- Overview
- Model
- Architecture
- Methodology
- Scoring
  Scoring
  - Implementation
  - Roadmap
Tools
Tools
- Installation
- Dotstop
- Usage
- Plugins
  Plugins
  - References
  - Validators
- Artifact
- Data Store
- Remote Graph
- Remote Subgraph Use Cases
- Rust Tooling
- API Reference
  API Reference
  - trudag
    trudag
    
    init
    
    config
    config
    
    init
    
    config
    
    schemas
    
    dotstop
    dotstop
    
    init
    
    core
    core
    
    init
    
    artifact
    
    constants
    
    data_store
    data_store
    
    init
    
    data_model
    
    data_store_client
    
    version
    
    exception
    
    fallacy
    
    graph
    graph
    
    init
    
    base_graph
    
    graph_factory
    
    pydot_graph
    
    trustable_graph
    
    item
    
    reference
    reference
    
    init
    
    builder
    
    references
    
    validator
    
    error
    
    graphalyzer
    graphalyzer
    
    init
    
    analysis
    
    graph
    
    manage
    
    plot
    
    publish
    
    score
    
    utils
  - frontends
    frontends
    
    cli
    cli
    
    init
    
    utils
Reports
Reports
- Trustable Report
  Trustable Report
  - Compliance report
  - Dashboard
  - TA
  - TRUSTABLE
  - TT
Extensions
Extensions
- Overview
- RAFIA
  RAFIA
- STPA
  STPA
- Safety Requirements

Using STPA for RAFIA

This section describes how System Theoretic Process Analysis is used as part of Risk Analysis. While other analysis techniques may be used to accomplish the same goals, the provided procedure and glossary introduce and discuss some of the core concepts that underpin RAFIA.

Note that many of the examples and some of the terminology used are focussed on safety-related hazard analysis, but the STPA methodology and RAFIA itself are also intended to be applicable to the analysis and management of risk in other domains, most notably cyber-security.

The tabular data structures used to record STPA results as described in the STPA procedure are documented in an informal schema.