The challenge

The increasingly complex systems we are building today enable us to accomplish tasks that were previously difficult or impossible. At the same time, they have changed the nature of accidents and increased the potential to harm not only life today but also future generations.

Traditional system safety approaches, which started in the missile defense systems of the 1950s, are being challenged by the introduction of new technology and the increasing complexity of the systems we are attempting to build. Software is changing the causes of accidents and the humans operating these systems have a much more difficult job than simply following predefined procedures. We can no longer effectively separate engineering design from human factors and from the social and organizational system in which our systems are designed and operated.

To tackle these challenges, we need to apply systems thinking and take a systems approach to safety.

What is STAMP?

STAMP (System-Theoretic Accident Model and Processes) is the name of the new accident causality model based on systems theory. It expands traditional models that focus on individual component failures or chains of directly-related failure events to include more complex processes and unsafe interactions among system components. Safety is treated as a dynamic control problem rather than a “prevent failures” problem. The STAMP model includes traditional component failures but also considers design flaws, incomplete or inadequate requirements, dysfunctional interactions among subsystems or components (all of which may be operating exactly as specified), human interactions, and other causes of accidents and incidents. With STAMP, the emphasis changes from simply preventing failures to enforcing constraints on system behavior and interactions.

Some advantages of using STAMP are that:

  • It works on very complex systems because it works top-down rather than bottom up.
  • It works extremely well for software-intensive systems (like autonomous self-driving cars and UAS) and human interactions
  • It also applies to management, organizations, safety culture, etc. without having to treat them differently or separately.
  • It allows creating more powerful tools, such as STPA (hazard analysis), safety-guided design, CAST (analyzing previous accidents), identification and management of leading indicators of increasing risk, organizational risk analysis, etc.

What we do

STAMP and STAMP-based methods have become incredibly popular and the demand for qualified experts and training has become overwhelming. STAMP Safety and Security Consulting (S3C) was created in response to the increasing demand to provide industry support, guidance, training, and facilitation for organizations who are adopting or exploring STAMP.

Popular Services:
– Training in STAMP, CAST (accident analysis), STPA (hazard analysis), and other STAMP-based techniques
– Hands-on workshops
– Ongoing support for STAMP-based techniques applied to real projects
– Expert facilitation and guidance
– Preliminary exploration and evaluation of STAMP-based techniques in your domain
– Support for pilot-studies and comparisons to existing processes
– Integration of STAMP-based techniques into overall engineering processes, operations, and policies
– Webinars

Industries where STAMP-based approaches are being used:
– Automotive (autonomous self-driving cars, driver assistance systems, etc.)
– Aircraft systems and equipment (military, commercial, UAVs, etc.)
– Airline operations
– Manufacturing
– Oil & Gas
– Chemical
– Nuclear power
– Space systems
– Military and Defense
– Healthcare
– Medical devices
– Particle Accelerators
– Robotics
– Mining
– Healthcare and patient safety
– Workplace safety
– Production Engineering
– Cyber Security


For more information, feel free to contact us directly or fill out the form below.