The Risk Situation Awareness Provision Capability and its Degradation in the Überlingen Accident over Time

This paper presents a STAMP-based indicator of measuring the inherent, in terms of the system design and development, capability of each system part to provide its agent with Situation Awareness (SA) about the presence of system threats and vulnerabilities that may lead to accidents. An agent is a human or automated controller that possesses reasoning mechanisms and demonstrates a capability to influence others or modify situations. This capability – in as far as it pertains to risk modification - is called “risk SA provision capability” (RiskSOAP) and can be modelled in a control loop. This capability is considered as dynamic because it can fluctuate over time due to changes in safety specifications and short- or long-term conditions. In order to demonstrate the fluctuation of the risk SA provision capability along the development of an accident, the STAMP-based RiskSOAP indicator is calculated throughout the Überlingen accident timeline. This timeline incorporates four milestones, each one denoting a particular time point in the accident development. The decline in the value of the RiskSOAP indicator is attributed to the presence of flaws and unsafe control actions, through which accident scenarios are verified and the system is headed for an accident. The main conclusion is that in such socio-technical systems there is a tight coupling between the degradation of the risk SA provision capability and the degradation of safety.