Extending the STPA to model the control structure with Finite State Machine

Cyber–physical systems (CPSs) are becoming increasingly complex, integrating physical entities with diverse computing and communication resources, multiple processors, networks, and devices. One example is the Unmanned Aircraft Systems (UAS) Traffic Management (UTM) system, where interactions among components can lead to UAS collisions and harm to people and property. System Theoretic Process Analysis (STPA) is a systems theory-based technique for conducting early-stage safety analyses of complex systems. The Model the Control Structure step in STPA involves identifying each controller component, its process models, and its control actions. However, conventional STPA process models use only variables and states, which may be insufficient for systems involving entities that transition through multiple state flows. This study introduces a novel extension by integrating Finite State Machine (FSM) modeling into the Model the Control Structure step. The FSM-based approach captures detailed behaviors of entities requiring control by explicitly modeling their states and transitions in an iterative process. This extended STPA was applied to the UTM to control the delivery of UAV packages. The results demonstrate that the FSM extension enhances identifying control actions, feedback loops, process model variables, and unsafe control actions. The study concludes that the extended STPA provides a systematic approach for analyzing CPSs with entities that undergo complex state transitions, contributing to improved systematization and consistency of safety analyses.