MAXWELL AIR FORCE BASE, Ala. -- The Air Force Institute of Technology (AFIT) School of Systems and Logistics hosted the first ever System Theoretic Process Analysis (STPA) Cybersecurity and Safety Technical Interchange Meeting (TIM) on 22-23 October 2018. Sponsored by the Air Force Cyber Technical Center of Excellence, supported by USAF Test Pilot School (TPS), and endorsed by Lt Gen Steven Kwast, AETC/CC, the TIM identified how USAF Program Managers and Engineers can use STPA to manage complex acquisition problems.
Created by Professor Nancy Leveson of Massachusetts Institute of Technology (MIT) in the early 2000s, STPA is a top-down systems engineering hazard analysis that has been applied to a number of industries around the world. STPA’s ability to identify unsafe emergent system properties makes it ideal for analyzing complex weapon system interactions and cybersecurity requirements. Additionally, STPA includes humans as part the system and as such can be used to analyze technological systems with human operators, organizational systems, and sociotechnical systems.
The two-day TIM brought experts from TPS, 53rd Electronic Warfare Group (EWG), 412th TW Safety, Arnold Engineering Development Complex (AEDC), Boston Cybernetics Institute (BCI), the US Air Force Academy (USAFA), and MIT to discuss the application of STPA to Air Force acquisitions. The first day included a keynote presentation by Professor Leveson, an introduction to STPA by Dr. John Thomas from MIT, and an overview of STPA for Security (STPA-Sec), an adaptation of STPA for application to cybersecurity, by Col William Young. The second day discussed results from STPA pilot-programs conducted at multiple organizations across the Air Force Test Center. Led by Maj Sarah Summers and Maj Stephen Satava, with essential support from Capt Daniel Schelkoph, Lt Col Daniel Montes, and Col William Young, this two day event reached 138 participants (54 in-res and 84 online), with the expectation to reach many more though online content and future courses. For more information about STPA, STPA-Sec, or the TIM, DoD CAC holders should visit https://www.milsuite.mil/book/groups/stpa.