Traditional safety risk analysis methods are rooted in event chain modeling and looking for individual points of failure. This approach allowed tremendous improvement in safety management but starts to be difficult to apply when dealing with large-scale systems constituted by a wide number of interactions among technical and social elements. Therefore, systemic safety management poses new challenges, demanding approaches capable of complementing techno-centric investigations with social-oriented analyses. For this purpose, this study adopts the Systems-Theoretic Accident Model and Processes (STAMP) as a new accident causation model based on systems theory. Such a model is the first element to gain a complete understanding of the system at hand, and subsequently to create a set of safety recommendations. STAMP can lead to both the development or evaluation of safety management systems and the identification of leading indicators related to hazards, in order to improve decision-making domains and strengthen accidents/loss analyses.
The present research incorporates three basic components of systems theory for STAMP models: constraints, hierarchical control structure, and process loops. These items are meant to allow recognizing causes and preventing potential system failures as well as undesired events. In the proposed model, accidents are examined in terms of the ways controls fail and how they may not allow prevention or detection of hazards. This study proposes a hierarchical safety control structure on a demonstrative use case referred to an industrial plant for gas and oil production, The model consists of system-level safety constraints, and a preliminary investigation of system’s components with the purpose of supporting physical and organizational safety requirements elicitation.