System theoretic process analysis for identification of sources of mode confusion

Research from the Engineering Systems Lab presents an approach to conducting System Theoretic Process Analysis that is tailored to issues of mode confusion in systems with interactions between human and automated controllers.

Authors: Bishop, Brittany; Harrington, Polly; Rose, Rodrigo; Leveson, Nancy
Citation: Proceedings of the Human Factors and Ergonomics Society Annual Meeting, October 23-28, 2023

Abstract
As systems grow increasingly complex, the likelihood of mode confusion regarding automation and system processes also increases. Mode confusion stems from inaccurate mental models that lead operators to execute inappropriate control actions that result in losses. System Theoretic Process Analysis (STPA) is a holistic risk analysis method that examines the emergent properties of complex systems with interacting components. Such components may include humans, software, organizations, safety culture, and more. By allowing users to clearly understand controllers’ process models, STPA provides a methodology to identify sources of mode confusion and generate requirements to eliminate them. This paper presents an approach to conducting STPA that is tailored to issues of mode confusion in systems with interactions between human and automated controllers. Additionally, an example STPA is applied to the Boeing 777 autopilot system to illustrate how inappropriate feedback and mode confusion can be identified and prevented in complex systems.