Next Article in Journal
Current Progress Regarding Cordyceps militaris, Its Metabolite Function, and Its Production
Previous Article in Journal
Fast-M Adversarial Training Algorithm for Deep Neural Networks
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
Journals
Applied Sciences
Volume 14
Issue 11
10.3390/app14114609
applsci-logo
Submit to this Journal Review for this Journal Propose a Special Issue
Article Menu

Article Menu

share Share announcement Help format_quote Cite question_answer Discuss in SciProfiles
first_page
settings
Order Article Reprints
Font Type:
Arial Georgia Verdana
Font Size:
Aa Aa Aa
Line Spacing:
Column Width:
Background:
Article

Enhancing Urban Public Safety through UAS Integration: A Comprehensive Hazard Analysis with the STAMP/STPA Framework

by
Eutteum Go
1,
Hee-Chang Jeon
2,
Jong-Sup Lee
3 and
Joong-Yeon Lim
1,*
1
Department of Mechanical, Robotics and Energy Engineering, Dongguk University, Jung-gu, Seoul 04620, Republic of Korea
2
Quantum Functional Semiconductor Research Center, Dongguk University, Jung-gu, Seoul 04620, Republic of Korea
3
Development of SMART Community Policing System (Googi) Research Center, Dongguk University, Jung-gu, Seoul 04620, Republic of Korea
*
Author to whom correspondence should be addressed.
Appl. Sci. 2024, 14(11), 4609; https://doi.org/10.3390/app14114609
Submission received: 26 February 2024 / Revised: 22 May 2024 / Accepted: 26 May 2024 / Published: 27 May 2024
Browse Figures
Versions Notes

Abstract

:
Rapid urbanization in developing countries poses challenges such as rising crime rates and resource scarcity. Unmanned Aircraft Systems (UAS) offer a promising solution to enhance public safety, but their integration requires addressing specific challenges. This study employs the Systems-Theoretic Accident Model and Processes (STAMP) and System-Theoretic Process Analysis (STPA) methodologies to identify potential hazards and requirements for integrating UAS into public safety systems in urban environments. The research objectives include identifying hazards and challenges, developing safety requirements and guidelines, and proposing strategies for efficient infrastructure investment. The proposed framework, based on STAMP/STPA, includes additional steps to consider early-stage systems and maintain stakeholder traceability. A risk matrix approach is utilized to prioritize risk mitigation measures for cost-effectiveness. The findings of this study provide valuable insights for policymakers and urban planners in developing countries seeking to harness the potential of UAS technology for enhancing public safety while addressing the unique challenges posed by rapid urbanization.

1. Introduction

More than half of the world’s population currently resides in urban areas, with this trend increasing more rapidly in developing countries [1]. Urbanization leads to higher population densities, bringing with it a variety of complex challenges, such as environmental issues, poverty, and resource scarcity [2]. Particularly, rapid urbanization in developing countries highlights the difficulty of meeting the growing demand for infrastructure within the constraints of limited financial resources [3]. While the costs associated with most infrastructure, such as transportation and environmental services, tend to decrease with increased efficiency as population density rises, it is important to note that costs related to crime prevention and public safety infrastructure tend to increase instead [4]. This increase is directly linked to the adverse outcomes of urbanization, such as poverty and inequality, which in turn correlate with rising crime rates, necessitating effective solutions [5,6,7,8].
Surveillance, especially through CCTV, has played a crucial role in enhancing public safety and reducing crime rates, yet it faces limitations such as installation constraints, reliance on human operators, and blind spots [9,10,11,12]. UAS, which include Unmanned Aerial Vehicles (UAVs) as their operational components, represent a pivotal advancement in addressing these challenges. UAS offer unparalleled mobility, equipped with cameras and sensors for comprehensive evidence collection. Central to the UAS framework is the integration of Ground Control Stations (GCS) and sophisticated data links, facilitating a level of surveillance efficiency, rapidity, and scope previously unattainable [13,14,15]. These technological advances and their ease of use, flexibility, and relatively low cost are not only augmenting traditional law enforcement tactics but also pioneering new dimensions of urban public safety. This is evidenced by increased police deployment and significant satisfaction reported in police operations [16,17,18].
However, integrating UAS into urban public safety systems presents several challenges that need to be addressed to ensure their safe and effective operation. To facilitate the integration of UAS into urban airspaces, several initiatives have been launched. For example, the U.S. Federal Aviation Administration (FAA) has developed the UAS Traffic Management (UTM) system [19], while the European Union Aviation Safety Agency (EASA) has introduced the U-space framework [20]. These projects aim to provide a comprehensive ecosystem for the safe and efficient operation of UAS in low-altitude urban airspaces, encompassing technologies, services, procedures, and regulations [21,22].
While these initiatives provide a foundation for UAS integration into urban airspaces, they may not fully address the specific challenges and requirements of public safety applications. Public safety missions demand additional considerations such as privacy protection, public trust and transparency, data security, and accountability [23,24,25,26,27]. Moreover, specialized operations such as emergency response and hazardous area monitoring necessitate the involvement of various stakeholders and present unique operational challenges [28,29,30]. Therefore, a proactive risk analysis that reflects these distinct characteristics is essential for the successful integration of UAS into public safety systems.
This study employs the STAMP/STPA to proactively identify potential hazards and requirements for integrating UAS into existing public safety systems amid rapid urbanization. STAMP/STPA, grounded in systems theory, adopts a holistic perspective, emphasizing the entire system’s interactions within its environment [31]. It scrutinizes the control and feedback mechanisms between components to anticipate hazardous scenarios stemming from complex interactions, software anomalies, and human factors domains that are often overlooked by traditional methods [32,33,34]. Furthermore, STAMP/STPA is also applicable to systems in early development stages, such as autonomous vehicles and autonomous ships, which may lack fine-grained design details, making it an important tool to guide safety-centered design and decision-making processes [35,36,37,38].
The main objectives of this research are:
  • To identify and analyze the potential hazards and challenges associated with integrating UAS into public safety/law enforcement systems in urban environments.
  • To develop a comprehensive set of safety requirements and guidelines for the safe and effective deployment of UAS in public safety missions.
  • To propose strategies for efficient infrastructure investment and resource allocation based on STAMP/STPA results.
By applying STAMP/STPA, this study aims to deliver a comprehensive hazard analysis, a set of safety requirements and constraints, and recommendations for efficient infrastructure investment and resource allocation. These outcomes will support the safe integration of UAS into public safety systems in rapidly urbanizing areas, providing valuable insights and guidance for policymakers, system designers, and public safety agencies in addressing the challenges of UAS integration and ensuring their safe and effective deployment in urban environments while optimizing resources and investments.

2. Methods

In this paper, we propose a STAMP/STPA-based framework for identifying potential risks associated with the integration of UAS into existing public safety systems and for carrying out the proposed research objectives. This section describes the theory applied in the analysis and the proposed framework.

2.1. STAMP/STPA

STAMP is an accident causality model grounded in systems theory, created to analyze modern complex systems [31]. Unlike traditional models that view accidents as chains of component failure events, STAMP treats safety as an emergent property arising from the interactions among system components [39]. In STAMP, accidents occur when component interactions violate the system safety constraints. The key principles of STAMP are [31]:
  • Safety constraints define the boundaries of safe system behavior. Accidents result from inadequate control and violation of these constraints.
  • Complex systems are viewed as hierarchical control structures, where each level enforces safety constraints on the level below it.
  • Control loops consisting of controllers, actuators, sensors, and controlled processes are the building blocks of the hierarchical control structure.
  • Controllers must have accurate process models reflecting the state of the controlled processes. Flawed process models and inadequate feedback can lead to accidents.
  • Continuous adaptation through feedback is necessary to cope with changes and maintain safety.
From the STAMP perspective, the goal of safety management is to control the behavior of system components to ensure that safety constraints are upheld. This approach treats safety not merely as a component reliability problem but as a matter of controlling the overall system behavior.
By adopting a systems theoretical perspective, STAMP enables a more comprehensive analysis of hazards in complex socio-technical systems by considering both component failures and dysfunctional interactions. Consequently, in this study, STAMP is used as a basic framework for gaining a broader perspective on the safety of complex systems and for systematic hazard identification.
STPA is a hazard analysis technique based on STAMP. It offers a step-by-step approach to identifying and addressing potential hazards in complex systems by examining the control structure and the enforcement of safety constraints. The main steps of STPA are (Figure 1) [40]:
This structured approach enables a comprehensive analysis of system safety, from defining the analysis goals to identifying specific hazards and understanding the underlying causes of unsafe control actions. Through these steps, the STPA method systematically uncovers and addresses potential safety issues in complex systems, guiding the development of safer system designs and operations.

2.2. STAMP/STPA-Based Framework for UAS Integration in Public Safety

The proposed framework is based on STAMP/STPA. As shown in Figure 2, STAMP/STPA specifies the guidelines and outcomes that need to be achieved, but it does not specify the tools and models to be used in the detailed steps [40]. This flexibility allows for highly adaptable application, enabling the development of the proposed framework to achieve the research objectives.
Figure 2 presents a framework based on the existing STAMP/STPA methodology, with the addition of STEP 0 and STEP 4 to the conventional STPA steps. STEP 0 considers the early stage of the system and defines the necessary aspects for analysis based on the existing literature and case studies. Furthermore, two approaches were employed to enhance cost-effectiveness, which is one of the objectives of this research. In a typical STPA, stakeholders are identified to define losses. However, because of the nature of the system under consideration, which involves a wide range of stakeholders, the framework aims to maintain traceability by linking stakeholders with losses, preventing redundancy in resource allocation and roles. The other approach is to prioritize risk migration using a risk matrix, enabling cost-effective operations.
A risk matrix is a tool used to assess and prioritize risks based on their likelihood and potential consequences. It provides a visual representation of risk levels, allowing decision-makers to focus on the most critical risks. The matrix consists of a grid with likelihood on one axis and severity on the other. Each cell in the matrix represents a risk level determined by the combination of likelihood and severity ratings. The risk matrix enables a semi-quantitative prioritization of risks, helping organizations allocate resources effectively to mitigate the most significant threats. Risk matrices are frequently used in the aviation industry, including EASA and FAA, and the risk is calculated as “Risk = probability × severity”, which is then converted into a matrix to determine the risk level. However, STPA does not generate a probability number related to the hazard. In fact, it discourages the use of probability in the analysis because of the uncertainty in predictions and false beliefs in complex systems [21,22]. Therefore, in this framework, the risk matrix is used to derive cost priorities for risk mitigation [41]. Moreover, to avoid relying on probability predictions, a statistical approach based on UAS accident data was employed.

3. Results

3.1. Step 0: Identify Case Study and Analysis Accident Data

3.1.1. Case Study Description

This step defines a hypothetical case of integrating UAS into an existing public safety system. The case study is based on a comprehensive literature review of existing public safety systems, UAS applications, surveillance, and situational awareness [27,42,43,44,45,46,47].
Existing public safety systems consist of law enforcement, fire, rescue, and emergency medical services. They also include communication with external agencies that provide mission-relevant information.
The primary purpose of this system is to monitor vulnerable areas within urban environments and patrol CCTV blind spots. The Operational Management Center (OMC) plays a central role in this system, as described in Figure 3. Within the OMC, the Operational Management System (OMS) monitors weather information and current situations in real time and handles communication with government agencies, including law enforcement agencies and fire departments. Based on the collected information, it issues mission directives to the Ground Control Station (GCS). The GCS, in turn, sets flight paths considering no-fly zones and undertakes control related to the UAVs. Following the GCS instructions, UAVs perform flights, collecting and transmitting information. In cases of crimes or specific situations where deterrence is necessary, warning broadcasts are conducted through speakers to address the issue.

3.1.2. Define Stakeholder

Identifying and understanding the roles of various stakeholders is crucial for the successful implementation and operation of the UAS-integrated public safety systems. Table 1 presents a comprehensive list of stakeholders and their respective roles, derived from a thorough review of the relevant literature [23,24,25,26,27,28,29,30]. These stakeholders represent a diverse range of interests and perspectives, including government authorities, emergency service agencies, department personnel, community groups, lawmakers, and citizens.
The roles of these stakeholders span from strategic decision-making and oversight to on-the-ground operations and community engagement. For instance, local government and municipal authorities (SH-1) are responsible for approving budgets, enacting policies, and evaluating system performance, while emergency service agencies (SH-2) focus on rapid response and effective collaboration with the system during on-site incidents.
By considering the diverse roles and perspectives of these stakeholders, the proposed framework aims to facilitate a more inclusive and effective approach to integrating UAS into public safety systems.

3.1.3. UAS Accident Data

To inform the risk assessment and prioritization process, an analysis of historical UAS accident data was conducted. This analysis aims to identify common causes and consequences of UAS accidents, providing a data-driven foundation for the subsequent steps in the framework.
These accident data were obtained from two primary sources: the UK Air Accidents Investigation Branch (AAIB) database and the NASA Aviation Safety Reporting System (ASRS) database.
The AAIB database, accessible at https://www.gov.uk/aaib-reports (accessed on 26 February 2024), was queried by setting the category filter to “Unmanned Aircraft Systems (UAS)”. This initial search yielded 80 reported incidents/accidents. After removing duplicates and noise from the dataset, a total of 61 relevant UAS accident reports were identified for analysis.
The ASRS database, available at https://asrs.arc.nasa.gov/search/database.html (accessed on 26 February 2024), was searched using the “Text: Narrative/Synopsis” field with the keywords “drone”, “UAV”, or “UAS”. The search returned approximately 1000 incident reports. Following the removal of duplicates and noise, a total of 397 UAS-related incident/accident reports were selected for further analysis.

3.1.4. Categorization and Probability

The primary purpose of analyzing the UAS accident and incident reports was to inform the risk matrix analysis. To this end, each report was classified according to the main contributing factors, namely Human Factors, Hardware, Software, Procedure/Policy, and Environment/Weather. This classification scheme was adopted to ensure compatibility and consistency in the analysis of data from both the AAIB and ASRS databases.
In cases where the primary cause was not clearly stated or fell outside the predefined categories, the report was considered as noise data and excluded from further analysis. For incidents/accidents involving multiple contributing factors, a qualitative assessment was conducted to determine the primary cause based on the available information in the report. The results were presented in the following order:
  • Human Factors: 246 cases (Pilot error, inadequate training, fatigue, loss of situational awareness, etc.)
  • Hardware: 80 cases (Mechanical failures, structural defects, engine malfunctions, loss of power, etc.)
  • Procedure/Policy: 53 cases (Non-compliance with regulations, lack of standard operating procedures, etc.)
  • Environment/Weather: 28 cases (Strong winds, turbulence, icing, bird strikes, etc.)
  • Software: 22 cases (Autopilot glitches, navigation errors, software bugs, etc.)
These priorities and categories are applied as weights in the risk matrix.

3.2. Step 1: Define the Purpose of the Analysis

STPA is a process for evaluating system safety and identifying potential hazards, following a systematic series of steps. In the “Define Purpose of the Analysis” phase, losses are first identified, which then serve as a basis for determining system-level hazards. Subsequently, system-level safety constraints are defined to prevent these hazards. Clarifying the relationship between losses, hazards, and safety constraints is crucial. This ensures traceability throughout the analysis process, clearly demonstrating how measures to improve system safety contribute to preventing losses. Additionally, since the system is intended to integrate with existing infrastructure, identifying stakeholder-related information is deemed necessary in subsequent identification processes. Therefore, the analysis yields the following results.
For stakeholder traceability, connect stakeholders to losses, as shown in Table 2 below.
Table 2 underscores the essential task of identifying potential losses to guide the development of safety measures and system design. It outlines each loss along with its impacts on stakeholders and ensuing consequences, highlighting the extensive implications of each identified loss. For instance, the loss of public trust affects law enforcement and municipal governance, potentially undermining future urban safety initiatives. Similarly, the risk of injury or death has far-reaching effects, not just on civilians and law enforcement but also in terms of legal and societal consequences. This succinct analysis aids in crafting targeted safety constraints and mitigation strategies by offering a comprehensive perspective on the stakes involved.
For example, the loss of “L-1: Loss of Human Life or Injury” is linked to multiple stakeholder groups, including Emergency Service Agencies (SH-2), Department Personnel (SH-3), and Citizens (SH-8). This indicates that these groups have a critical role in preventing or responding to situations that could lead to loss of life or injury. Similarly, the loss of “L-7: Loss of sensitive information” is mapped to stakeholders such as Community Groups (SH-4), Lawmakers and Policy Makers (SH-5), and Citizens (SH-8), highlighting their shared responsibility in maintaining public trust and the system’s reputation.
By establishing these links between losses and stakeholders, the analysis provides a foundation for developing targeted risk mitigation measures and assigning clear responsibilities for loss prevention. It also helps to ensure that the concerns and values of all relevant stakeholders are considered in the system’s design and operation.
Table 3 presents a comprehensive overview of potential hazards that could arise in the operation of UAS within the defined system. Each hazard is categorized by its unique identifier and described in terms of how it could potentially compromise system safety or efficiency. Importantly, the table links each hazard to specific losses identified in Table 2, reinforcing the traceability aspect of STPA. This traceability is crucial as it ensures that mitigation strategies can be directly aligned with preventing or reducing the identified losses.
For example, Hazard H-1 addresses the risk of UAS operating in a manner that causes harm to people or property, which could lead to injuries, fatalities, or damage to assets. This hazard directly links to losses of human life or injury (L-1), damage to UAVs (L-2), and damage to objects outside the UAVs (L-3), highlighting the interconnected nature of system operations and the broad implications of such hazards. Moreover, the identification of system-level hazards emphasizes the importance of considering both technical and operational aspects of UAS usage. For instance, H-5 concerns unauthorized access to surveillance data, pointing to the critical need for robust data security measures to protect sensitive information and maintain operational integrity.
System-level safety constraints translate identified hazards into specific design requirements that aim to prevent these hazards from leading to accidents or losses. Each constraint addresses a distinct aspect of UAS operation, grounded in the hazards outlined earlier, ensuring that the system’s design inherently mitigates potential safety issues.
  • SSC-1: UAS must be operated in a manner that does not harm people or property [H-1]
  • SSC-2: UAS must be operated in authorized or unrestricted airspace [H-2]
  • SSC-3: UAS must maintain safety distance during surveillance missions [H-3]
  • SSC-4: UAS operations must not exacerbate emergency situations [H-4]
  • SSC-5: UAS must maintain communication integrity under all operating conditions [H-5]
  • SSC-6: UAS operations must not interfere with or degrade the effectiveness of emergency response [H-6]
System-level safety constraints are instrumental in guiding the UAS’s design and operational protocols to address safety hazards pre-emptively, ensuring a safer integration of UAS into varied environments and missions. By directly linking these constraints with identified hazards, the analysis fosters a systematic approach to enhancing UAS safety through design and operational strategies.

3.3. Step 2: Model the Control Structure

Modeling the Control Structure involves crafting a detailed schematic of control action execution within a system. This hierarchical structure model serves as the blueprint for the system’s functional architecture, pinpointing how control decisions are made, communicated, and executed across the system’s components. The hierarchical structure delineates layers of control and communication from the pinnacle of decision-making to the specific control actions executed by the UAVs (Figure 4).
In this model, control actions and feedback mechanisms are pivotal. Control actions are directives issued by a controller (such as a human operator or an automated system) intended to influence the state or behavior of the system’s operational elements (such as UAVs). Feedback mechanisms, conversely, are processes through which the system reports its state back to the controller, facilitating informed decisions and adjustments to control actions in real time. This feedback loop is essential for maintaining system stability and achieving desired outcomes, especially in dynamic or uncertain operational environments. Through this control structure, clear identification of control actions and feedback is achievable, facilitating the derivation of Unsafe Control Actions (UCAs) in the subsequent step.

3.4. Step 3: Identify Unsafe Control Actions

In the system structure, it’s crucial to recognize that certain control actions can lead to hazardous system states. These situations are classified as UCAs and can be categorized into four main types:
(1)
Necessary control actions for safety are not taken or properly followed (occurring when required actions are omitted or ignored)
(2)
Control actions are taken when not needed (meaning controls are applied at inappropriate times)
(3)
Potentially safe control actions are taken too late, too early, or not in the correct sequence (happening when timing or sequence is incorrect)
(4)
Safe control actions are stopped too soon or continue for too long (problems with continuous or discontinuous control actions).
The analysis results of these unsafe control actions are presented in Table 4.
The next step is to specify the controller actions that must be fulfilled to prevent the derived UCAs.
Once the UCAs are identified, they can be transformed into constraints on the actions of each controller. Generally, each UCA can be inverted to define the constraints for each controller.
  • CC1-N-1: Ensure that the GCS Administration Module always has the capability to provide GCS control. [UCA1-N-1]
  • CC1-P-1: Implement validation and verification checks to ensure that the GCS control provided is correct. [UCA1-P-1]
  • CC1-T-1: Establish timely responsiveness in the GCS control provision process to prevent delays. [UCA1-T-1]
  • CC2-N-1: Ensure GCS always has the capability to provide UAV Flight Commands. [UCA2-N-1]
  • CC2-P-1: Implement validation and error checking in the UAV Flight Command issuance process. [UCA2-P-1]
  • CC2-P-2: Disable UAV Flight Command capabilities during abort/return flight unless specifically required under safe conditions. [UCA2-P-2]
  • CC2-T-1: Implement real-time monitoring and alerts to ensure timely command delivery. [UCA2-T-1]
  • CC3-N-1: Ensure ACM always provides necessary UAV direction and speed controls. [UCA3-N-1]
  • CC3-P-1: Validate and calibrate UAV direction and speed controls to prevent incorrect control actions during flights. [UCA3-P-1]
  • CC3-P-2: Prevent the ACM from altering UAV direction and speed during abort/return flight unless necessary. [UCA3-P-2]
  • CC3-T-1: Ensure ACM controls are responsive and timely during active flights. [UCA3-T-1]
  • CC3-D-1: Ensure ACM does not cease control prematurely and maintains functionality until the safe completion of the flight. [UCA3-D-1]
  • CC4-N-1: Ensure GCS is always capable of issuing Danger Situation Alerts during emergencies. [UCA4-N-1]
  • CC4-P-1: Validate the correctness of Danger Situation Alerts commands to ensure they are appropriate for the actual emergency situations. [UCA4-P-1]
  • CC4-P-2: Implement checks to prevent the issuance of Danger Situation Alerts when no emergency is present. [UCA4-P-2]
  • CC4-P-3: Introduce lifecycle management for speaker components with proactive replacements. [UCA4-P-3]
  • CC4-T-1: Ensure timely delivery of Danger Situation Alerts to prevent late responses in emergencies. [UCA4-T-1]
  • CC4-D-1: Configure GCS to cease Danger Situation Alerts once an emergency is adequately resolved. [UCA4-D-1]
  • CC4-D-2: Ensure that Danger Situation Alerts are not discontinued prematurely during ongoing emergencies. [UCA4-D-2]
  • CC5-N-1: Ensure that OMS is always capable of reporting dangerous situations. [UCA5-N-1]
  • CC5-P-1: Implement accuracy checks in the reporting mechanism to ensure correct reporting of dangerous situations. [UCA5-P-1]
  • CC5-T-1: Enhance the timeliness of the OMS’s danger reporting system to ensure prompt alerts. [UCA5-T-1]
  • CC6-D-1: Set appropriate limits on the duration of the CCTV video requested by the OMS to avoid excessive demands. [UCA6-D-1]

3.5. Step 4: Risk Priority

To determine the risk priority, the probabilities of the five categories of causal factors summarized in Section 3.1.4 were used. In order, we applied a 5-point scale from the lowest frequency of Software to the highest frequency of human factors. For severity, we applied a 5-point scale with the following bands for a total of seven losses, as shown in Figure 5.
Apply this matrix to the scenarios in the next step to prioritize them.

3.6. Step 5: Identify Loss Scenarios

In the STPA method, the “Identify Loss Scenarios” step comes after identifying the UCAs. The main goal of this step is to figure out how each UCA could happen and lead to potential losses or accidents.
To accomplish this, we look at each UCA and think about the possible reasons or scenarios that could cause it to occur. We consider things such as:
  • What could go wrong with the control loop components (controllers, actuators, sensors, etc.)?
  • What might cause the controllers to have incorrect or incomplete information about the system?
  • How could the control actions be applied in the wrong way or at the wrong time?
By brainstorming these potential scenarios, we develop a better understanding of the risks associated with each UCA. We document these scenarios and use them to develop more specific safety requirements and constraints for the system (Table 5).
The scenarios were matched to the five categories and the number of losses to obtain the results shown in Table 6.

3.7. Step 6: Final Report

In the final report stage, the connectivity of the framework that has been developed throughout the study is demonstrated. Figure 6 presents a list of IDs generated during the STPA process.
By applying the proposed framework, as shown in Figure 7, to these fundamental steps, the following results can be obtained.
For example, consider CA1: GCS Control (Controller: GCS Administration Module, Controlled Process: Ground Control System) and its associated unsafe control action UCA1-P-1: GCS Administration Module provides incorrect GCS control. This UCA is linked to hazards H-1, H-4, and H-6, as well as losses L-1, L-2, L-3, and L-6. Through the analysis of UCA1-P-1, a corresponding critical control command CC1-P-1 is derived: GCS Administration Module must always provide correct GCS control. Additionally, system safety constraints SSC-1, SSC-4, and SSC-6 are identified.
By examining the causal factors and scenarios associated with UCA1-P-1, represented by HCF1-P-1-1 through HCF1-P-1-11, specific safety constraints (e.g., SC1-P-1) and recommendations (e.g., a, b, c) can be generated to mitigate the risks associated with incorrect GCS control.
  • SC1-P-1-1: External information such as weather, geography, and flight restriction zones must be accurate and updated in real time to ensure correct GCS control commands are generated.
    • Implement an automated system for collecting and updating external information in real time.
    • Establish a dedicated team responsible for verifying and validating external information.
    • Develop a protocol for handling discrepancies or inconsistencies in external information.
Also, stakeholders can be connected and defined for roles such as:
  • SH-1: Local Government and Municipal Authorities
    • Provide funding and resources for implementing the recommended automated systems, dedicated teams, and protocols (SC1-P-1-1a,b,c)
    • Establish policies and guidelines for setting mission priorities and goals (SC1-P-1-4a)
    • Facilitate coordination between relevant departments for smooth communication and cooperation (SC1-P-1-8a,b,c)
  • SH-2: Emergency Service Agencies (Fire Departments, Emergency Medical Services, etc.)
    • Participate in joint training and simulations to practice detecting and responding to changes in GCS status (SC1-P-1-11c)
    • Collaborate with the UAS team to establish clear communication channels and protocols (SC1-P-1-7b)
    • Provide input on mission objectives and situational changes to keep OMS administrators informed (SC1-P-1-7c)
  • SH-3: Department Personnel (Administrator, Pilot, Manager, etc.)
    • Undergo comprehensive training and certification on command entry, manipulation processes, and interpreting GCS status information (SC1-P-1-6a, SC1-P-1-10a)
    • Adhere to standardized communication protocols and participate in joint training to improve communication and cooperation skills (SC1-P-1-8a,c)
    • Regularly review and validate the GCS Administration Module’s algorithms and decision-making logic (SC1-P-1-3c)
  • SH-6: Other Government Agencies (urban planning, transportation, public safety, etc.)
    • Provide data and information for updating external information in real-time (SC1-P-1-1a)
    • Collaborate in developing guidelines and criteria for setting mission priorities and goals (SC1-P-1-4a)
    • Assist in establishing data exchange protocols and compatibility testing for interfaces with external systems (SC1-P-1-5a,c)
  • SH-7: Media
    • Disseminate accurate information to the public about the UAS operation’s safety measures and benefits (SC1-P-1-7a)
    • Serve as a communication channel between the UAS team and the public during emergencies.
    • Help build public trust and understanding of UAS operations through responsible reporting.
  • SH-8: Citizens
    • Provide feedback and report inconsistencies in external information (SC1-P-1-1c)
    • Cooperate with UAS operations and comply with instructions from relevant agencies during emergencies.
    • Express concerns or provide feedback related to UAS operations to help identify areas for improvement.
  • SH-9: Technology Providers
    • Develop and update video analysis algorithms to enhance accuracy and reliability (SC1-P-1-2a)
    • Provide technical support for implementing automated systems, data validation, and error-checking mechanisms (SC1-P-1-1a, SC1-P-1-5b, SC1-P-1-6b)
    • Offer training and support services for UAS technology users (SC1-P-1-6a, SC1-P-1-10a)

4. Discussion

In this study, the STAMP/STPA methodology was applied to address the problems arising from rapid urbanization by integrating UAS into public safety systems. This research aimed to achieve the following objectives:
  • To identify and analyze the potential hazards and challenges associated with integrating UAS into public safety/law enforcement systems in urban environments.
  • To develop a comprehensive set of safety requirements and guidelines for the safe and effective deployment of UAS in public safety missions.
  • To propose strategies for efficient infrastructure investment and resource allocation based on STAMP/STPA results.
As most existing UAS applications in public safety do not involve specific systems but rather direct control for mission execution, a case study was conducted based on considerations necessary for public safety missions derived from a literature review and case studies. As a result, 99 loss scenarios, 99 safety constraints, and 297 recommendations were identified. These findings align with previous research indicating that the STAMP/STPA method is suitable for identifying hazards at the initial concept stage and thus fulfills research objective 1 [35,36,37,38]. Moreover, the analysis process and proposed framework provided safety constraints and recommendations, which satisfy research objective 2. Regarding UAS integration, while UTM and U-space envision a comprehensive ecosystem of technologies, services, procedures, and regulations for safe and efficient UAS operations in low-altitude urban airspace, these frameworks do not sufficiently consider the specificities of public safety applications, emphasizing the need for research such as this [21,22].
Since rapid urbanization primarily affects developing countries, cost-effective approaches are needed to address this issue. Therefore, this study applied a simple risk matrix within the proposed framework to prioritize cost investments. Although the method was relatively simple, it demonstrated potential scalability. The framework aimed to prevent duplicate spending during budgeting, development, and operation by involving stakeholders in the analysis process and identifying their roles and contributions. However, these attempts revealed various limitations and areas for improvement concerning research objective 3. STPA proved to be a highly effective method for risk analysis. However, the risk matrix approach had limitations in addressing stakeholder roles and cost-efficiency, merely providing prioritization. To overcome this, considering the actual costs of implementing the proposed safety constraints and recommendations, along with Cost-Benefit Analysis (CBA) and Cost-Utility Analysis (CUA), would be necessary to assess the utility of alternatives [48].
Meanwhile, the analysis of AAIB and ASRS reports revealed that the content and format of the reports vary depending on each country’s regulations. In addition, as shown in Figure 8, the statistics on the causes of accidents/incidents differed significantly between the two organizations, which is likely due to the differences in regulations of each country.
The purpose of AAIB is to formally investigate and report on actual accidents and serious incidents, potentially identifying more non-human factors. In contrast, ASRS is a voluntary and confidential system for pilots, controllers, and maintenance personnel to report safety issues. These differences highlight the need for consistent guidelines for UAS integration, making the stakeholder-inclusive analysis in this study meaningful.
In this study and the statistics from the ASRS, human factor-related risks and incidents/accidents are prominent, but this could potentially be addressed as the level of autonomy increases. This can also be seen in the ASRS yearly accident statistics in Table 7.
This statistic is the result of aggregating keyword frequency by year. The results above show that in the early years, keywords related to airframe and equipment defects, such as Aircraft and Equipment Problems, were relatively high in frequency, but from the 2010s onward, the frequency of keywords related to human factors, such as Human Factors and Situational Awareness, increased. Also, we can see that the share of keywords related to human factors has increased since 2016. This suggests that while advances in UAS technology have improved aircraft reliability, pilot error and lack of situational awareness continue to pose a safety threat. However, it is worth noting that the absolute frequency of the Aircraft/Equipment Problem keyword has not decreased in recent years. This suggests that despite advances in UAS technology, there are still instances of defects, indicating the need for continued technological advancement and quality control. Given these results, it can be effective to prioritize by Technology Readiness Level (TRL), considering the rate of technological advancement and its impact. Applying this to a STAMP/STPA analysis can also help identify cost-effectiveness and prioritize safety measures.
The STAMP/STPA analysis conducted in this study identified a total of 99 loss scenarios, 99 safety constraints, and 297 recommendations. Among the identified scenarios, 12 were categorized as extreme risk, 7 as very high risk, 13 as high risk, 56 as medium risk, and 12 as very low risk, based on the risk matrix approach. These quantitative results provide a clearer understanding of the distribution of risk levels associated with UAS integration into public safety systems. Furthermore, the analysis revealed that human factors accounted for the highest proportion of causal factors at 57.3%, followed by hardware at 18.6%, procedures at 12.4%, environment at 6.5%, and software at 5.1%. These findings highlight the critical need to address human factor-related risks through targeted training, standardized protocols, and enhanced situational awareness.

5. Conclusions

The STAMP/STPA analysis yielded quantitative results, identifying 99 loss scenarios, 99 safety constraints, and 297 recommendations. The risk matrix approach categorized 12 scenarios as extreme risk, 7 as very high risk, 13 as high risk, 56 as medium risk, and 12 as very low risk. Furthermore, the analysis revealed that human factors accounted for 57.3% of causal factors, hardware for 18.6%, procedures for 12.4%, environment for 6.5%, and software for 5.1%. These quantitative findings provide valuable insights into the distribution of risk levels and the predominance of human factor-related risks in UAS integration for public safety applications.
This study systematically applied the STAMP/STPA framework to analyze the potential risks associated with integrating UAS into existing public safety and law enforcement systems, a measure prompted by the challenges of rapid urbanization. The comprehensive analysis identified critical intersections between current UAS technology and public safety practices, detailing potential risks and safety constraints. STAMP/STPA proved to be a rational methodology, especially at the initial stages of implementation, where actual operational experience is scarce. By leveraging system theory and focusing on potentially unsafe control actions, STAMP/STPA offers a powerful framework for identifying hazards and suggesting mitigation measures early in the system development and deployment phases. The study also highlights the need for consistent guidelines and the importance of stakeholder engagement in the successful integration of UAS. Future research should explore emerging technologies, evolving regulatory frameworks, and the long-term effects of UAS deployment on public perception and effectiveness. By prioritizing safety, considering human factors, and actively engaging stakeholders, the integration of UAS into public safety and law enforcement operations can be achieved responsibly and effectively, ultimately enhancing public safety in rapidly urbanizing environments.

Author Contributions

Conceptualization, E.G.; Methodology, E.G.; Formal analysis, E.G. and J.-S.L.; Investigation, E.G.; Resources, J.-S.L.; Data curation, E.G.; Writing—original draft, E.G.; Writing—review & editing, H.-C.J. and J.-Y.L.; Supervision, H.-C.J. and J.-Y.L.; Project administration, H.-C.J. and J.-Y.L.; Funding acquisition, J.-Y.L. All authors have read and agreed to the published version of the manuscript.

Funding

This work was supported by the National Research Foundation of Korea (NRF) grant funded by the Korean government (MSIT, Education) (No. 2018R1A5A7023490) and the Dongguk University Research Fund for 2022.

Institutional Review Board Statement

Not applicable.

Informed Consent Statement

Not applicable.

Data Availability Statement

The raw data supporting the conclusions of this article will be made available by the authors on request.

Conflicts of Interest

The authors declare no conflict of interest.

References

  1. United Nations. The World’s Cities in 2018; United Nations: New York, NY, USA, 2018.
  2. Kuddus, M.A.; Tynan, E.; McBryde, E. Urbanization: A problem for the rich and the poor? Public Health Rev. 2020, 41, 1. [Google Scholar] [CrossRef]
  3. Henderson, J.V. Chapter 24 Urbanization and Growth. In Handbook of Economic Growth; Elsevier: Amsterdam, The Netherlands, 2005; Volume 1. [Google Scholar]
  4. Mattson, J. Relationships between Density and per Capita Municipal Spending in the United States. Urban. Sci. 2021, 5, 69. [Google Scholar] [CrossRef]
  5. Liddle, B. Urbanization and Inequality/Poverty. Urban. Sci. 2017, 1, 35. [Google Scholar] [CrossRef]
  6. Ha, N.M.; Le, N.D.; Trung-Kien, P. The Impact of Urbanization on Income Inequality: A Study in Vietnam. J. Risk Financ. Manag. 2019, 12, 146. [Google Scholar] [CrossRef]
  7. Cabrera-Barona, P.F.; Jimenez, G.; Melo, P. Types of crime, poverty, population density and presence of police in the metropolitan district of Quito. ISPRS Int. J. Geo-Inf. 2019, 8, 558. [Google Scholar] [CrossRef]
  8. Welsh, B.C.; Farrington, D.P. Science, politics, and crime prevention: Toward a new crime policy. J. Crim. Just 2012, 40, 128–133. [Google Scholar] [CrossRef]
  9. Engberts, B.; Gillissen, E. Policing from Above: Drone Use by the Police; T.M.C. Asser Press: The Hague, The Netherlands, 2016. [Google Scholar]
  10. Welsh, B.C.; Farrington, D.P. Making Public Places Safer: Surveillance and Crime Prevention; Oxford University Press: Oxford, UK, 2009. [Google Scholar]
  11. Yeganegi, K.; Moradi, D.; Obaid, A.J. Create a wealth of security CCTV cameras. J. Phys. Conf. Ser. 2020, 1530, 012110. [Google Scholar] [CrossRef]
  12. Welsh, B.C.; Farrington, D.P. Effects of Closed Circuit Television Surveillance on Crime. Campbell Syst. Rev. 2008, 4, 1–73. [Google Scholar] [CrossRef]
  13. Mohsan, S.A.H.; Othman, N.Q.H.; Li, Y.; Alsharif, M.H.; Khan, M.A. Unmanned aerial vehicles (UAVs): Practical aspects, applications, open challenges, security issues, and future trends. Intell. Serv. Robot. 2023, 16, 109–137. [Google Scholar] [CrossRef]
  14. Kim, H.; Mokdad, L.; Ben-Othman, J. Designing UAV Surveillance Frameworks for Smart City and Extensive Ocean with Differential Perspectives. IEEE Commun. Mag. 2018, 56, 98–104. [Google Scholar] [CrossRef]
  15. Mohd Daud, S.M.S.; Mohd Yusof, M.Y.P.; Heo, C.C.; Khoo, L.S.; Chainchel Singh, M.K.; Mahmood, M.S.; Nawawi, H. Applications of drone in disaster management: A scoping review. Sci. Justice 2022, 62, 30–42. [Google Scholar] [CrossRef] [PubMed]
  16. Mohsan, S.A.H.; Khan, M.A.; Noor, F.; Ullah, I.; Alsharif, M.H. Towards the Unmanned Aerial Vehicles (UAVs): A Comprehensive Review. Drones 2022, 6, 147. [Google Scholar] [CrossRef]
  17. Coldren, J.R.; Huntoon, A.; Medaris, M. Introducing Smart Policing: Foundations, Principles, and Practice. Police Q. 2013, 16, 275–286. [Google Scholar] [CrossRef]
  18. Klauser, F. Police Drones and the Air: Towards a volumetric geopolitics of security. Swiss Polit. Sci. Rev. 2021, 27, 158–169. [Google Scholar] [CrossRef]
  19. Kopardekar, P.H. Unmanned Aerial System (UAS) Traffic Management (UTM): Enabling Low-Altitude Airspace and UAS Operations; National Aeronautics and Space Administration: Washington, DC, USA, 2014.
  20. SESAR Joint Undertaking. U-Space—Blueprint; Publications Office of the European Union: Luxembourg, 2017. [Google Scholar]
  21. Jiang, T.; Geller, J.; Ni, D.; Collura, J. Unmanned Aircraft System traffic management: Concept of operation and system architecture. Int. J. Transp. Sci. Technol. 2016, 5, 123–135. [Google Scholar] [CrossRef]
  22. Barrado, C.; Boyero, M.; Brucculeri, L.; Ferrara, G.; Hately, A.; Hullah, P.; Martin-Marrero, D.; Pastor, E.; Rushton, A.P.; Volkert, A. U-Space Concept of Operations: A Key Enabler for Opening Airspace to Emerging Low-Altitude Operations. Aerospace 2020, 7, 24. [Google Scholar] [CrossRef]
  23. Nunn, S. Police technology in cities: Changes and challenges. Technol. Soc. 2001, 23, 11–27. [Google Scholar] [CrossRef]
  24. Jackson, J.; Bradford, B. What is Trust and Confidence in the Police? Policing 2010, 4, 241–248. [Google Scholar] [CrossRef]
  25. Fox, S.J. Policing—The technological revolution: Opportunities & challenges! Technol. Soc. 2019, 56, 69–78. [Google Scholar] [CrossRef]
  26. Jensen, O.B. New ‘Foucauldian Boomerangs’: Drones and Urban Surveillance. Surveill. Soc. 2016, 14, 20–33. [Google Scholar] [CrossRef]
  27. Gohari, A.; Ahmad, A.B.; Rahim, R.B.A.; Supa’at, A.S.M.; Abd Razak, S.; Gismalla, M.S.M. Involvement of Surveillance Drones in Smart Cities: A Systematic Review. IEEE Access 2022, 10, 56611–56628. [Google Scholar] [CrossRef]
  28. Ison, D.; Terwilliger, B.; Vincenzi, D. Privacy, Restriction, and Regulation Involving Federal, State and Local Legislation: More Hurdles for Unmanned Aerial Systems (UAS) Integration? J. Aviat./Aerosp. Educ. Res. 2014, 24, 41–80. [Google Scholar] [CrossRef]
  29. Valdovinos, M.C.; Specht, J.; Zeunik, J. Community Policing & Unmanned Aircraft Systems (UAS): Guidelines to Enhance Community Trust; COPS Office: Washington, DC, USA, 2016.
  30. Mazur, A.M.; ten Thije, J.; Vreeken, J.; Hesselink, H.; Dziugieł, B.; Wyka, S.; Liberacki, A.; Idzikowska, T.; Stanczyk, A.D.; Utracka, A.; et al. Regulatory framework on the UAM operational concepts of the ASSURED-UAM project. Aircr. Eng. Aerosp. Technol. 2022, 94, 1491–1498. [Google Scholar] [CrossRef]
  31. Leveson, N.G. Engineering a Safer World: Systems Thinking Applied to Safety; The MIT Press: Cambridge, MA, USA, 2016. [Google Scholar]
  32. Ahn, S.I.; Kurt, R.E.; Turan, O. The hybrid method combined STPA and SLIM to assess the reliability of the human interaction system to the emergency shutdown system of LNG ship-to-ship bunkering. Ocean Eng. 2022, 265, 112643. [Google Scholar] [CrossRef]
  33. Bjerga, T.; Aven, T.; Zio, E. Uncertainty treatment in risk analysis of complex systems: The cases of STAMP and FRAM. Reliab. Eng. Syst. Saf. 2016, 156, 203–209. [Google Scholar] [CrossRef]
  34. Bensaci, C.; Zennir, Y.; Pomorski, D. A Comparative Study of STPA Hierarchical Structures in Risk Analysis: The Case of a Complex Multi-Robot Mobile System. In Proceedings of the 2018 2nd European Conference on Electrical Engineering and Computer Science (EECS), Bern, Switzerland, 20–22 December 2018; pp. 400–405. [Google Scholar]
  35. Abdulkhaleq, A.; Lammering, D.; Wagner, S.; Röder, J.; Balbierer, N.; Ramsauer, L.; Raste, T.; Boehmert, H. A Systematic Approach Based on STPA for Developing a Dependable Architecture for Fully Automated Driving Vehicles. Procedia Eng. 2017, 179, 41–51. [Google Scholar] [CrossRef]
  36. Chaal, M.; Valdez Banda, O.A.; Glomsrud, J.A.; Basnet, S.; Hirdaris, S.; Kujala, P. A framework to model the STPA hierarchical control structure of an autonomous ship. Saf. Sci. 2020, 132, 104939. [Google Scholar] [CrossRef]
  37. Khastgir, S.; Brewerton, S.; Thomas, J.; Jennings, P. Systems Approach to Creating Test Scenarios for Automated Driving Systems. Reliab. Eng. Syst. Saf. 2021, 215, 107610. [Google Scholar] [CrossRef]
  38. Yang, R.; Utne, I.B. Towards an online risk model for autonomous marine systems (AMS). Ocean Eng. 2022, 251, 111100. [Google Scholar] [CrossRef]
  39. Leveson, N. A new accident model for engineering safer systems. Saf. Sci. 2004, 42, 237–270. [Google Scholar] [CrossRef]
  40. Leveson, N.G.; Thomas, J.P. STPA Handbook; PSASS: Cambridge, MA, USA, 2018. [Google Scholar]
  41. Qazi, A.; Shamayleh, A.; El-Sayegh, S.; Formaneck, S. Prioritizing risks in sustainable construction projects using a risk matrix-based Monte Carlo Simulation approach. Sustain. Cities Soc. 2021, 65, 102576. [Google Scholar] [CrossRef]
  42. Sandino, J.; Vanegas, F.; Maire, F.; Caccetta, P.; Sanderson, C.; Gonzalez, F. UAV Framework for Autonomous Onboard Navigation and People/Object Detection in Cluttered Indoor Environments. Remote Sens. 2020, 12, 3386. [Google Scholar] [CrossRef]
  43. Abubakar, A.; Ahmad, I.; Omeke, K.; Ozturk, M.; Ozturk, C.; Abdel-Salam, A.; Mollel, M.; Abbasi, Q.; Hussain, S.; Imran, M. A Survey on Energy Optimization Techniques in UAV-Based Cellular Networks: From Conventional to Machine Learning Approaches. Drones 2023, 7, 214. [Google Scholar] [CrossRef]
  44. Richhariya, S.; Wanaskar, K.; Shrivastava, S.; Gao, J. Surveillance Drone Cloud and Intelligence Service. In Proceedings of the 2023 11th IEEE International Conference on Mobile Cloud Computing, Services, and Engineering (MobileCloud), Athens, Greece, 17–20 July 2023; pp. 1–10. [Google Scholar]
  45. Lappas, D.; Fessakis, G.; Karampelas, P. Recognizing the Threats of Drone Surveillance. A Case Study. In Proceedings of the 2022 IEEE 14th Image, Video, and Multidimensional Signal Processing Workshop (IVMSP), Nafplio, Greece, 26–29 June 2022; pp. 1–5. [Google Scholar]
  46. Muneem, I.A.; Fahim, S.M.; Khan, F.R.; Emon, T.A.; Islam, M.S.; Khan, M.M. Research and Development of Multipurpose Unmanned Aerial Vehicle (Flying Drone). In Proceedings of the 2021 IEEE 12th Annual Ubiquitous Computing, Electronics & Mobile Communication Conference (UEMCON), New York, NY, USA, 1–4 December 2021; pp. 402–406. [Google Scholar]
  47. Mojib, E.B.S.; Haque, A.K.M.B.; Raihan, M.N.; Rahman, M.; Alam, F.B. A Novel Approach for Border Security; Surveillance Drone with Live Intrusion Monitoring. In Proceedings of the 2019 IEEE International Conference on Robotics, Automation, Artificial-Intelligence and Internet-of-Things (RAAICON), Dhaka, Bangladesh, 29 November–1 December 2019; pp. 65–68. [Google Scholar]
  48. Manning, M.; Johnson, S.D.; Tilley, N.; Wong, G.T.; Vorsina, M. Economic Analysis and Efficiency in Policing, Criminal Justice and Crime Reduction: What Works? Springer: Berlin/Heidelberg, Germany, 2016. [Google Scholar]
Applsci 14 04609 g001
Figure 1. General process of STPA.
Figure 1. General process of STPA.
Applsci 14 04609 g001
Applsci 14 04609 g002
Figure 2. The steps of the proposed STAMP/STPA-based frameworks.
Figure 2. The steps of the proposed STAMP/STPA-based frameworks.
Applsci 14 04609 g002
Applsci 14 04609 g003
Figure 3. System Architecture of the Case Study.
Figure 3. System Architecture of the Case Study.
Applsci 14 04609 g003
Applsci 14 04609 g004
Figure 4. Hierarchical control structure of the system.
Figure 4. Hierarchical control structure of the system.
Applsci 14 04609 g004
Applsci 14 04609 g005
Figure 5. Risk prioritization matrix.
Figure 5. Risk prioritization matrix.
Applsci 14 04609 g005
Applsci 14 04609 g006
Figure 6. A list of IDs generated during the STPA process.
Figure 6. A list of IDs generated during the STPA process.
Applsci 14 04609 g006
Applsci 14 04609 g007
Figure 7. Final report with the proposed enhancements.
Figure 7. Final report with the proposed enhancements.
Applsci 14 04609 g007
Applsci 14 04609 g008
Figure 8. Comparison of UAS incident/accident statistics.
Figure 8. Comparison of UAS incident/accident statistics.
Applsci 14 04609 g008
Table 1. List of stakeholders and their roles.
Table 1. List of stakeholders and their roles.
Stakeholder IDStakeholdersLinked Stakeholders
SH-1Local Government and Municipal AuthoritiesApprove and oversee budgets for system implementation and operation, enact relevant policies and regulations, and monitor and evaluate system operation performance.
SH-2Emergency Service Agencies (Fire Departments, Emergency Medical Services, etc.)Rapid response is based on information collected through the system, establishing system operating procedures, participating in drills, and effective collaboration with the system during on-site response.
SH-3Department Personnel (Administrator, Pilot, Manager, etc.)System operation, maintenance, and data analysis, rapid response and reporting in the event of an abnormal situation, performing cooperative work with other departments and organizations.
SH-4Community Groups (Citizen Advisory Committees, Privacy Advocates, Community Members, etc.)Providing opinions on system introduction and operation, monitoring activities to protect privacy and civil liberties, and acting as a communication channel between the community and the system operating organization.
SH-5Lawmakers and Policy MakersEnact system-related laws and policies, oversee the legality and ethics of system operations, and mediate and arbitrate conflicts of interest among stakeholders.
SH-6Other Government Agencies (urban planning, transportation, public safety, etc.)Coordination with policies and projects in related fields such as urban planning, transportation, public security etc., joint utilization, and cooperation of information collected through the system.
SH-7MediaRaising public awareness of system introduction and operation, objective reporting on system performance and issues, promoting communication among stakeholders, and shaping public opinion.
SH-8CitizensExpress opinions on system introduction and operation, participate in community safety and policing activities, monitoring and reporting system misuse and adverse events.
SH-9Technology ProvidersBuild and provide technical support for the system, identify the latest technology trends, and propose ways to apply them, as well as training and technical support for system operating organizations and end users.
Table 2. Identified Potential Losses.
Table 2. Identified Potential Losses.
Loss IDLoss DescriptionLinked Stakeholders
L-1Loss of Human Life or Injury[SH-2], [SH-3], [SH-8]
L-2Loss of or Damage to UAVs[SH-3], [SH-9]
L-3Loss of or damage to objects outside the UAVs[SH-3], [SH-6], [SH-8]
L-4Loss of Mission[SH-1], [SH-3], [SH-9]
L-5Loss of Public Trust or Reputation[SH-1], [SH-4], [SH-7]
L-6Loss of Coordination and Efficiency in Emergency Response[SH-2], [SH-3], [SH-6]
L-7Loss of sensitive information[SH-4], [SH-5], [SH-8]
Table 3. Identified System-level hazards.
Table 3. Identified System-level hazards.
Hazard IDSystem-Level HazardsLink to LossesLinked Stakeholders
H-1UAS operate in a manner that causes harm to people or property[L-1], [L-2], [L-3][SH-2], [SH-3], [SH-6], [SH-8], [SH-9]
H-2UAS operate in unauthorized or restricted airspace[L-4], [L-5][SH-1], [SH-3], [SH-4], [SH-5], [SH-7]
H-3UAS does not maintain safety distance in surveillance mission[L-1], [L-3], [L-4][SH-2], [SH-3], [SH-4], [SH-6], [SH-8], [SH-9]
H-4UAS operations exacerbate emergency situations[L-1], [L-6][SH-1], [SH-2], [SH-3], [SH-6], [SH-7], [SH-8]
H-5UAS lost communication integrity[L-2], [L-4], [L-5], [L-7][SH-1], [SH-3], [SH-5], [SH-7], [SH-9]
H-6UAS operations interfere with or degrade the effectiveness of emergency response[L-1], [L-6][SH-1], [SH-2], [SH-3], [SH-6], [SH-7], [SH-8]
Table 4. Unsafe control actions.
Table 4. Unsafe control actions.
Control Actions
(Controller/Controlled Process)		Unsafe Control Actions
Not Providing (N)Providing Causes
Hazard (P)		Too Early/Too Late (T)Stop too Soon/
Applying Too Long (D)
CA1: GCS Control
(GCS Administration Module/GCS)		(UCA1-N-1) GCS Administration Module does not provide GCS control [H-4](UCA1-P-1) GCS Administration Module provides incorrect GCS control [H-1, H-4, H-6](UCA1-T-1) GCS Administration Module provides GCS control too late [H-4]N/A
CA2: UAV Flight Command
(GCS/Automatic Control Module)		(UCA2-N-1) GCS does not provide UAV Flight Command [H-4](UCA2-P-1) GCS provides incorrect UAV Flight Command
[H-1, H-2, H-3, H-4, H-6]
(UCA2-P-2) GCS provides UAV Flight Command during abort/return flight
[H-1, H-3, H-6]		(UCA2-T-1) GCS provides UAV Flight Command too late [H-1, H-4]N/A
CA3: UAV Direction and Speed Control
(Automatic Control Module/Motor)		(UCA3-N-1) Automatic Control Module (ACM) does not provide UAV Direction and Speed Control during a flight mission [H-1, H-3, H-4, H-6](UCA3-P-1) ACM provides incorrect UAV Direction and Speed Control during a flight mission [H-1, H-2, H-3, H-4, H-6]
(UCA3-P-2) ACM provides UAV Direction and Speed Control during abort/return flight
[H-1, H-3, H-6]		(UCA3-T-1) ACM provides UAV Direction and Speed Control too late during a flight mission [H-1, H-3](UCA3-D-1) ACM stops providing UAV direction and speed control too soon during a flight mission [H-1, H-3]
CA4: Danger Situation Alerts
(GCS/Speaker)		(UCA4-N-1) GCS does not provide Danger Situation Alerts commands during emergency situations [H-4, H-6](UCA4-P-1) GCS provides incorrect Danger Situation Alerts command [H-4, H-6]
(UCA4-P-2) GCS provides incorrect Danger Situation Alerts commands when no emergency situations are present [H-6]
(UCA4-P-3) GCS provides Danger Situation Alerts commands speakers at non-maximum volume settings
[H-6]		(UCA4-T-1) GCS provides Danger Situation Alerts commands too late [H-4, H-6](UCA4-D-1) GCS continues to provide Danger Situation Alerts commands well after the emergency has been resolved [H-6]
(UCA4-D-2) GCS Danger Situation Alerts command stops too soon during an emergency [H-4, H-6]
CA5: Reporting a dangerous situation
(OMS/Government System)		(UCA5-N-1) OMS do not Report a dangerous situation
[H-1, H-4, H-6]		(UCA5-P-1) OMS provides incorrect Reporting of a dangerous situation [H-4, H-6](UCA5-T-1) OMS provides Reporting a dangerous situation too late [H-1, H-4, H-6]N/A
CA6: CCTV Video Request
(OMS/Government System)		N/AN/AN/A(UCA6-D-1) OMS requesting too long CCTV video [H-5]
Table 5. Identify Loss Scenarios (Partial list due to space constraints).
Table 5. Identify Loss Scenarios (Partial list due to space constraints).
UCA IDHazardous Causal FactorHCF IDLoss Scenarios
UCA1-N-1 Absence or delay in decision-making by the administratorHCF1-N-1-1The OMS administrator is absent, or there is a delay in approving commands, GCS control commands may not be delivered.
Malfunction or failure of the GCS Administration ModuleHCF1-N-1-2The GCS Administration Module does not operate normally due to hardware or software problems, and GCS control functions may not be provided.
Communication disruption or data transmission failureHCF1-N-1-3GCS control commands may not be delivered due to communication disruptions or data transmission failures between OMS and GCS.
Power supply interruption or instabilityHCF1-N-1-4The GCS Administration Module may stop or intermittently operate due to a power outage or unstable power supply.
Inattention or negligence of the administratorHCF1-N-1-5The OMS administrator may fail to issue necessary commands due to a lack of concentration or responsibility.
Lack of decision-making ability of the administratorHCF1-N-1-6The OMS administrator may not be able to issue appropriate commands due to a lack of situation assessment or decision-making ability.
Non-reception or loss of GCS status informationHCF1-N-1-7The GCS Administration Module may not issue control commands due to non-reception or loss of status information from the GCS.
Failure to process or analyze GCS status informationHCF1-N-1-8The GCS Administration Module may not issue necessary control commands due to failure to process or analyze received GCS status information properly.
UCA1-P-1Inaccuracy or lack of real-time updates in external informationHCF1-P-1-1GCS control commands may be incorrectly generated if external information such as weather, geography, or flight restriction zones is inaccurate or not updated in real time.
UCA6-D-1Excessive information requirements for situation assessmentHCF6-D-1-2The tendency to request more information than necessary for assessing dangerous situations may lead to requesting unnecessarily long video durations.
Absence of video storage and management policiesHCF6-D-1-3Without clear policies for storing and managing CCTV videos, unnecessarily long videos may be repeatedly requested and stored.
Table 6. Summarize risk prioritization matrix results.
Table 6. Summarize risk prioritization matrix results.
Risk LevelTotal ScenariosHuman FactorsHardwareSoftwareProceduresEnvironment
Extreme (20~25)1212N/AN/AN/AN/A
Very high (15~16)714N/A2N/A
High (10~12)137N/AN/A41
Medium (4~9)56N/A734141
low (3~4)N/AN/AN/AN/AN/AN/A
Very low (1~2)12N/AN/A12N/AN/A
Table 7. Incident/Accident type statistics by year.
Table 7. Incident/Accident type statistics by year.
YearsAircraftEquipment ProblemHuman FactorsSituational Awareness
1993–2000432N/A
2001–2005323N/A
2006–2010547N/A
2011–201523122
2016–202068275
2021–2024:812359
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content.

Share and Cite

MDPI and ACS Style

Go, E.; Jeon, H.-C.; Lee, J.-S.; Lim, J.-Y. Enhancing Urban Public Safety through UAS Integration: A Comprehensive Hazard Analysis with the STAMP/STPA Framework. Appl. Sci. 2024, 14, 4609. https://doi.org/10.3390/app14114609

AMA Style

Go E, Jeon H-C, Lee J-S, Lim J-Y. Enhancing Urban Public Safety through UAS Integration: A Comprehensive Hazard Analysis with the STAMP/STPA Framework. Applied Sciences. 2024; 14(11):4609. https://doi.org/10.3390/app14114609

Chicago/Turabian Style

Go, Eutteum, Hee-Chang Jeon, Jong-Sup Lee, and Joong-Yeon Lim. 2024. "Enhancing Urban Public Safety through UAS Integration: A Comprehensive Hazard Analysis with the STAMP/STPA Framework" Applied Sciences 14, no. 11: 4609. https://doi.org/10.3390/app14114609

APA Style

Go, E., Jeon, H.-C., Lee, J.-S., & Lim, J.-Y. (2024). Enhancing Urban Public Safety through UAS Integration: A Comprehensive Hazard Analysis with the STAMP/STPA Framework. Applied Sciences, 14(11), 4609. https://doi.org/10.3390/app14114609

Note that from the first issue of 2016, this journal uses article numbers instead of page numbers. See further details here.

Article Metrics

Back to TopTop