Beyond a series of security nets: applying STAMP & STPA to port security

• Main Author: Williams, Adam David (Contributor)
• Other Authors: Massachusetts Institute of Technology. Engineering Systems Division (Contributor)
• Format: Article
• Language: English
• Published: Springer US, 2016-07-29T17:57:29Z.
• Subjects: Article
• Online Access: Get fulltext

 Port security is an increasing concern given the significant role of ports in global commerce and today's increasingly complex threat environment. Current approaches to port security mirror traditional models of accident causality - 'a series of security nets' based on component reliability and probabilistic assumptions. Traditional port security frameworks result in isolated and inconsistent improvement strategies. Recent work in engineered safety combines the ideas of hierarchy, emergence, control and communication into a new paradigm for understanding port security as an emergent complex system property. The 'System-Theoretic Accident Model and Process (STAMP)' is a new model of causality based on systems and control theory. The associated analysis process - System Theoretic Process Analysis (STPA) - identifies specific technical or procedural security requirements designed to work in coordination with (and be traceable to) overall port objectives. This process yields port security design specifications that can mitigate (if not eliminate) port security vulnerabilities related to an emphasis on component reliability, lack of coordination between port security stakeholders or economic pressures endemic in the maritime industry. This article aims to demonstrate how STAMP's broader view of causality and complexity can better address the dynamic and interactive behaviors of social, organizational and technical components of port security.