[[Chapter 2]]

Good overall summary in the first page:

[[Pasted image 20210718144905.png]]

I wonder what the formalism is in this diagram. It is not an STPA diagram in the "main" sense as it doesn't model control loops explicitly, but is it part of the STPA framework?

[[Pasted image 20210718150828.png]]

First step: defining the purpose of the analysis.

[[Pasted image 20210718150742.png]]


[[Pasted image 20210718150713.png]]

[[Pasted image 20210718155038.png]]

[[Stakes]] are [[values]]:

[[Pasted image 20210718151545.png]]

Definition of [[system]]:

[[Pasted image 20210718162616.png]]

[[hazards]] + [[environmental conditions]] = [[losses]]

[[Pasted image 20210718231941.png]]

The heart of STPA: the control loop.

[[Pasted image 20210718234343.png]]

Refining control structures:

[[Pasted image 20210719000525.png]]

[[Pasted image 20210719000516.png]]

[[Pasted image 20210719001721.png]]

[[Pasted image 20210719003446.png]]

[[Pasted image 20210719003520.png]]

On [[control]] proper:

[[Pasted image 20210719005502.png]]

tips to prevent common mistakes in a control structure:

[[Pasted image 20210719010243.png]]

Step three:

[[Pasted image 20210719010634.png]]