Self-adaptive systems are able to change their behaviour at run-time in response to changes. Self-adaptation is an important strategy for managing uncertainty that is present during the design of modern systems, such as autonomous vehicles. However, assuring the safety of self-adaptive systems remains a challenge, particularly when the adaptations have an impact on safety-critical functions. The field of safety engineering has established practices for analyzing the safety of systems. System Theoretic Process and Analysis (STPA) is a hazard analysis method that is well-suited for self-adaptive systems. This paper describes a design-time extension of STPA for self-adaptive systems. Then, it derives a reference model and analysis obligations to support the STPA activities. The method is applied to three self-adaptive systems described in the literature. The results demonstrate that STPA, when used in the manner described, is an applicable hazard analysis method for safety-critical self-adaptive systems.

翻译：自适应系统能够在运行时根据变化改变自身行为。自适应是管理现代系统（如自动驾驶车辆）设计过程中存在不确定性的重要策略。然而，确保自适应系统的安全性仍是一项挑战，尤其是当自适应行为对安全关键功能产生影响时。安全工程领域已建立分析系统安全的成熟实践。系统理论过程分析（STPA）是一种适用于自适应系统的危害分析方法。本文描述了一种针对自适应系统的设计阶段STPA扩展方法，并据此推导出支持STPA活动的参考模型与分析义务。该方法被应用于文献中描述的三个自适应系统。结果表明，按所述方式使用的STPA，是适用于安全关键自适应系统的危害分析方法。