Network Modeling and Risk Assessment of Multi-Stakeholder-Coupled Unsafe Events in the Airspace System

Abstract

Unsafe events in civil aviation increasingly arise from multi-stakeholder interactions, motivating system-level methods to quantify event risk and coupling. This study analyzes 1551 airspace unsafe-operation reports and models each report as a node with four attributes; edges capture co-occurrence based on cosine similarity, and risk is scored via an entropy-weight TOPSIS (Technique for Order Preference by Similarity to an Ideal Solution) scheme. Risk scores range 0–0.858, with 7% of nodes above 0.8 forming a high-risk tail; entropy weights emphasize recovery time and hazard level. Community detection yields three modules aligned with Controller, Resource, and User stakeholders; key nodes occur predominantly in Controller and Resource groups, with Controller nodes showing the highest betweenness. Coupling analysis using an N–K perspective and edge-based inter-stakeholder strength further highlights controller-centric links. The proposed framework objectively ranks node risk, reveals cross-stakeholder coupling patterns, and isolates structurally influential events, providing evidence to prioritize monitoring and mitigation in airspace safety management.

1. Introduction

With the rapid development of civil aviation transport, the number of flight operations and flight volumes carried by the airspace system has continuously increased, and the operating environment has become increasingly complex, presenting new challenges for aviation safety assurance. Although the overall safety level of the civil aviation industry remains among the highest worldwide, unsafe events—such as general accident precursors—continue to occur with a rising frequency and exhibit diverse types and complex causal factors. Civil aviation safety information management regulations classify any deviation from normal safety conditions or any anomaly that may affect flight safety as an unsafe event, encompassing occurrences of varying severity, including aircraft accidents, serious accident precursors, and general accident precursors. Airspace system operations involve multiple stakeholders—controllers, flight crews, and airlines—and unsafe events often result from the combined influence of multiple factors, demonstrating notable systemic coupling. Especially under conditions of high airspace saturation, multiple interrelated events may occur within the same time–space context, whereby the impact of a single event can be amplified through multi-stakeholder coupling effects. Currently, the safety situation of China’s airspace system remains severe, and the complexity and diversity of unsafe events pose challenges to traditional safety management methods. Therefore, there is an urgent need to conduct coupling-relationship and risk-analysis research on airspace unsafe events from a systems perspective to enhance safety-risk prevention and control capabilities.

In recent years, a substantial body of research has focused on the identification of aviation unsafe events, network modeling, coupling-relationship analysis, and risk assessment [1,2]. Olive et al. proposed an automatic detection framework for significant events based on ADS-B (Automatic Dependent Surveillance Broadcast System) trajectory data, introducing a clustering network to detect, identify, and describe anomalies in historical aircraft trajectories [3]. Xu et al. employed the BERT (Bidirectional Encoder Representation from Transformers) language model to classify large volumes of safety oversight reports and assess their severity via text mining, presenting a method for categorizing narrative text in safety incident reports [4]. In the domain of precursor identification, Xiang et al. introduced the concept of accident precursor indicators and used machine learning on operational data to identify potential precursors in real time, enabling intervention prior to an accident; data-driven methods have demonstrated promising performance in aviation safety event warning [5]. Lee et al. developed a deep spatiotemporal neural network framework to predict flight-path risk, providing decision support for operational monitoring [6]. For modeling event associations, Zhuang et al. extracted risk factors and their interrelations from flight-training accident reports using text mining and constructed an accident-risk network model to uncover key safety factors and their dynamic evolution [7]. More recent work has merged the Threat-Error Management framework with complex-network theory to build a flight-operation hazard network and identify its critical nodes [8]. These studies demonstrate that situating unsafe events within a complex-network context helps to reveal inter-event association patterns and the overall safety posture, thereby delivering scientific support for risk identification.

To delve deeper into causal mechanisms, various functional-dependency-based modeling methods have been proposed. Traditional analyses—such as nonlinear modeling, event vulnerability analysis, Bayesian theory, and fault trees [1,9] struggle to simultaneously uncover latent inter-event relationships and risk-evolution patterns. Modern text-analysis approaches, including Apriori, FP-growth, and Onto-BN, can extract airspace risk factors and identify multi-level association rules among different unsafe-event attributes. Zhang et al. introduced Bayesian networks into aviation safety, combining diagnostic and predictive inference to analyze multifactor causal chains across human–machine–environment–management interactions and unveil intrinsic interplays among factors [10]. In causation pattern mining, Zhang et al. used an improved Apriori algorithm to discover association rules between trigger probabilities and relative strengths, quantitatively exposing latent interaction patterns among historical aircraft events [11]. Nosrati et al. proposed a comprehensive sequential analysis model for commercial aviation accidents based on historical data and reports, employing fuzzy cognitive maps to assess existing interactions among risk factors and prioritize accident risks [12]. Advances in text-analysis technology have also markedly enhanced the efficiency of safety-report processing: Yang et al. reviewed NLP (Natural Language Processing) methods, relevant machine-learning algorithms, and causal-relation models in aviation safety, highlighting the potential of NLP to bolster system safety and efficiency [13]. Michael et al. developed a supervised NLP framework for automated classification of narrative safety reports by varying the quantity of reports used to train the model, thereby segmenting them into three discrete event categories [14]. Wu et al. constructed a hybrid HFACS-SD (Human Factors Analysis and Classification System-System Dynamics) model to reveal the evolution mechanism of human-factor risks in aviation and characterize human–factor risk coupling effects, reproducing accident-rate trends to identify critical loops and parameters [15]. Unsafe events in aviation systems typically result from the coupling of multiple stakeholders and factors; the high interdependency of modern aviation subsystems means that a local failure can cascade into a system-wide accident. Accordingly, coupling-relationship analyses often emphasize the joint influence of multiple factors and stakeholders on safety events. Xu et al. proposed an accident-causation association-analysis framework based on knowledge graphs, using multidimensional topological metrics to build an aviation-accident-causation correlation model that uncovers latent patterns among causative factors, flight phases, accident types, and outcomes, offering new insights for multi-stage risk-chain modeling [16]. Chauvin et al. systematically evaluated the safety of air-traffic-control automatic speech recognition technology and recommended risk-mitigation measures [17]. No et al. developed an integrated framework combining Safety-I and Safety-II principles for aviation safety management, bridging the gap between SMS theory and practice and providing airlines with a systematic predictive-safety-management pathway [18]. Stroeve et al. introduced SMART, a universal tool for assessing organizational SMS maturity, advancing continuous SMS improvement from a maturity-assessment perspective [19]. More recently, Chen et al. leveraged the large-scale pretrained language model Claude 3.5 to propose a Claude-Prompt-based method for extracting aviation-accident causation information, further enriching the automated construction of aviation-safety knowledge graphs [20].

These studies have provided valuable insights for aviation safety management. In addition, weather conditions are a critical external factor influencing unsafe events in the airspace system. Recent studies have quantified the causal mechanisms of weather impacts, such as Lui applied Bayesian statistics to analyze the effect of adverse weather on airport arrival performance [21], and Li employed deep causal inference to assess how meteorological variations affect traffic operations [22]. These works provide valuable insights into integrating weather impact into broader risk-assessment frameworks. However, existing research still exhibits several deficiencies: in multi-stakeholder interaction modeling, it often focuses on a single domain or factor and does not adequately capture the complex coupling relationships among multiple operational stakeholders in the airspace system; in risk-causation analysis, it frequently remains at the level of linear chain inference and thus cannot fully reveal the underlying cascade-triggering mechanisms among unsafe events and in data-driven modeling, constrained by data availability and analytical methods, there is not yet a large-scale event-network model that can objectively quantify the system-level risk of events based on extensive operational data. Accordingly, it is necessary to develop new methods to address these gaps by identifying the key elements and coupling characteristics of airspace safety risk from a systems perspective.

To address the above issues, this study proposes a multi-stakeholder network analysis framework for unsafe airspace events. The remainder of this paper is organized as follows. Section 2 introduces the data sources, event classification, and methodological design, including the construction of the unsafe-event network and the entropy-weight TOPSIS risk evaluation model. Section 3 reports the empirical results, presenting the risk evaluation outcomes, network structure, key node identification, and stakeholder coupling analysis. Section 4 provides a discussion of the main findings and their implications for airspace safety governance and concludes the paper and outlines future research directions.

To overcome these shortcomings, this paper proposes an unsafe-event network analysis framework that accounts for multi-stakeholder coupling relationships, based on large-scale airspace operational safety data. First, airspace system participants are classified into three stakeholder categories—Air Traffic Management, Airspace Resource, and Airspace User Systems—and for each category, their responsibilities and representative unsafe-event types are delineated, thereby defining the scope and connotation of unsafe events in flight operations. Second, an event-attribution classification system is constructed, and a labeling strategy for multi-stakeholder incidents is introduced: when an event involves multiple parties, it is primarily classified according to the principal responsible stakeholder and secondarily tagged with additional stakeholder labels. This approach both ensures the uniqueness of each event’s primary classification and preserves its multi-stakeholder context, thus resolving classification ambiguity in jointly caused incidents and enhancing the event-taxonomy framework. By explicitly distinguishing synchronous co-occurrence triggers, the network model more precisely characterizes the interactive coupling mechanisms among complex unsafe events. Third, node attribute features—such as response time, intervention count, hazard level, and fault-tolerant recovery time—are incorporated to comprehensively describe each event’s risk profile and support quantitative evaluation. Finally, building on this model, an entropy-weight–TOPSIS method is proposed for event-node risk assessment: the entropy-weight method objectively determines indicator weights based on the variance of event-attribute data, avoiding subjective bias, and the TOPSIS method computes each event’s proximity to the ideal safe state and the worst-risk state to derive a comprehensive risk membership degree. This enables quantitative ranking of event-node risk levels, facilitating the identification of high-risk key nodes and providing airspace safety regulators with prioritized targets for risk mitigation.

The N-K model is a coupling model for studying biological evolution theory. Its application in different fields has demonstrated its feasibility in safety risk factor analysis, such as its use in flight training risk coupling assessment [23]. It also provides a theoretical basis for the coupled evolutionary analysis of air traffic operation safety risks. To further analyze overall risk-coupling characteristics, the complex-system N–K model is innovatively applied to the airspace-safety domain to compute coupling degrees among the three stakeholder modules. Treating Air Traffic Management, flight crews, and airlines as three independent modules, the number of cross-stakeholder connections in the unsafe-event network is counted to quantify each module’s coupling degree K with the others. This yields pairwise risk-coupling intensities among the three stakeholder systems, revealing their differential roles and coupling features within the risk-propagation network and underscoring the central hub function of the Air Traffic Management System.

In summary, through these innovations, this paper constructs an integrated evaluation model that captures multi-stakeholder interactions, event-chain coupling, and node-level risk quantification for airspace unsafe events, offering a novel approach for system-level safety-risk assessment and key-risk-source identification in the airspace domain.

2. Materials and Methods

2.1. Airspace System Unsafe Operation Event

To conduct a comprehensive analysis of operational safety risks in the airspace system, it is essential to distinguish the key stakeholder categories involved. Airspace participants are classified into three groups: the Air Traffic Management System (Controller), the Airspace Resource System (Resource), and the Airspace User System (User). This categorization approach is consistent with established practices in aviation safety and complex network research [24,25]. The duties and characteristic unsafe event types associated with each stakeholder group should be described separately. Furthermore, the procedure for assigning reported unsafe events to their respective stakeholders—based on incident report data—must be defined, including a clear classification strategy for events implicating multiple parties. A detailed account of each stakeholder category’s responsibilities and typical risk types is presented in

Table 1. Classification of three stakeholder categories.

Stakeholder Category	Responsibilities	Specific Event Example
Air Traffic Management System	Coordinate and command; provide control directives and information; maintain safe separation	Controller’s erroneous clearance leading to an aircraft proximity hazard
Airspace Resource System	Execute flight missions; operate the aircraft in accordance with regulations and directives	Pilot’s failure to follow instructions causing an airborne conflict alert
Airspace User System	Request and utilize airspace, coordinate flight plans	Failure to timely communicate a flight plan resulting in a proximity incident

.

(a) Air Traffic Management System: The Air Traffic Management System refers to the air traffic controllers responsible for coordinating and directing aircraft within the airspace, including tower control, approach control, and area control positions. Their main duties are to issue clearances and information during airspace operations, maintain safe separation between aircraft, and ensure that traffic flow is efficient and orderly. Because controllers directly influence the order of air traffic, their operational errors can trigger typical unsafe events, for example, an incorrect or omitted clearance leading to insufficient separation between aircraft, thereby causing airborne proximity incidents and conflict alerts.

(b) Airspace Resource System: The Airspace Resource System comprises the personnel or organizations that execute flight missions, covering pilots, flight crews, airspace facilities, and airports; typical representatives are pilots and crew members. Operators are responsible for operating the aircraft in accordance with regulations and controller instructions, making real-time decisions to ensure flight safety. Execution-level errors manifest as regulatory violations or improper operations during flight, such as a crew’s failure to follow instructions resulting in a deviation from an assigned altitude or route, which may trigger airborne conflict alerts.

(c) Airspace User System: The Airspace User System consists of entities or individuals that submit and utilize airspace operation requests, including aircraft operating organizations and their flight-planning departments, as well as users who file temporary flight missions under specific circumstances. Users are typically responsible for drafting flight plans and coordinating mission requests in advance, with the duty of using airspace resources reasonably at a macro level and coordinating planned flights with air traffic control departments. User-level errors occur during the planning and coordination stages; typical unsafe events include flight-plan coordination failures causing flight conflicts or delays, unauthorized flights intruding into restricted airspace leading to airborne hazards, and safety risks arising from improper resource allocation by operators.

The Central-South Air Traffic Management Bureau provided a total of 1551 airspace system unsafe operation event reports, all drawn from the Bureau’s safety oversight reports, covering recent years of operational data. Each report includes a report identifier, date/time, location, operating environment, aircraft information, personnel information, cause analysis, and a description of the event process. These reports are internal supervisory materials rather than a publicly accessible database. The classification of unsafe events into the three stakeholder categories was conducted by the research team according to the principle of primary responsibility attribution, supplemented by cross-checking with the responsibility descriptions given in the reports. This classification process is not public, but its reliability was enhanced through repeated verification and expert review, ensuring consistency and accuracy of the human classification. Figure 1 presents a processed sample of an airspace system unsafe operation event report.

Based on the delineation of the three stakeholder categories in the airspace system, this study assigns each of the 1551 unsafe event reports provided by the Central-South Air Traffic Management Bureau to its corresponding stakeholder category, as shown in Figure 2. From the stakeholder perspective, unsafe events are classified into the Air Traffic Management System, the Airspace Resource System, and the Airspace User System. In performing the classification, the principal-responsibility attribution principle is strictly applied to ensure the rigor and completeness of the process. Each unsafe event is assigned to only one primary category, thereby avoiding statistical bias from duplicate classifications and ensuring a comprehensive consideration of event complexity.

2.2. Unsafe Event Node Network

In this study, each unsafe event is defined as a node in the network, and the event’s attributes serve as the basis for the node’s feature description. The selection of node attributes integrates the three stakeholder categories defined in Section 2.1: Air Traffic Management, Airspace Resource, and Airspace User system attributes. Each unsafe event node contains the following key attribute fields:

(a) Response Time: The time elapsed from the occurrence of the event to the implementation of control or emergency measures, used to measure the efficiency of the response.

(b) Intervention Count: The number of personnel interventions required to control or mitigate the event, reflecting the complexity of event handling.

(c) Hazard Level: A classification of the event’s severity based on its consequences, used to quantify the inherent risk level of the event.

(d) Recovery Time: The time cost required for the airspace system to restore safe and stable operations after the event, describing the duration of impact and the difficulty of recovery.

In addition, each node’s attributes include the time and location of the event, the resources involved, and other contextual information to fully characterize the event environment. By defining nodes in this way, we capture both the intrinsic characteristics of each unsafe event and provide quantitative foundations for subsequent analyses. These four operational attributes were selected because they are directly observed and consistently recorded across reports and map onto canonical constructs in safety management and resilience theory (response capacity, intervention effort, inherent hazard, and recovery adaptability). Although the available dataset includes only these four attributes due to data collection constraints of the regional Air Traffic Management Bureau, they provide a representative and consistent basis for risk evaluation because these indicators are uniformly and objectively recorded across all events, correspond to the essential dimensions of an unsafe event’s lifecycle, and thus capture the core factors determining operational risk within the current data scope.

Taking the event in Figure 1 as an example, four key indicators characterizing risk features can be extracted from the analysis of the event report records: response time, intervention count, hazard level, and fault-tolerant recovery time. Based on the event timeline and records of control measures provided in the unsafe-event report, the extraction logic and criteria are as follows: the difference between the time at which the conflict alert was triggered and the time at which the avoidance instruction was issued corresponds to the response time; the cumulative number of interventions by controllers and related personnel constitutes the intervention count; the hazard level is given directly in the report and the duration from the appearance of the conflict to the restoration of normal airspace operations corresponds to the recovery time. In the dataset of 1551 unsafe events, the numerical values of these four parameters exhibit distinct distributions: response time typically ranges from several seconds to a few minutes; intervention count varies from 1 to about 10 interventions; hazard level is categorized into three grades (I–V) as specified in the oversight reports and recovery time spans from several tens of seconds to multiple hours, depending on the severity and complexity of the event.

When constructing the unsafe event network, it is essential to explicitly define the coupling relationships between event nodes. These coupling relationships reflect the mechanisms by which events are interrelated or influence one another. Introduce two types of coupling:

(a) Co-occurrence Relationship: Two events are considered co-occurring when they overlap in time and space or share common resources or stakeholders. If two events occur at similar times and locations or involve the same operational entities, they are objectively concurrent and thus related. Co-occurrence does not imply causality but emphasizes the simultaneity of events; it is represented by an undirected edge between the corresponding nodes.

(b) Causal Relationship: A causal coupling exists when the occurrence of one unsafe event directly triggers another. Causal relationships have directionality, reflecting a clear trigger-and-response sequence consistent with accident causation chain theory. These directed edges capture the chain of unsafe events, reflecting the sequential causation consistent with accident causation theory.

Distinguishing between co-occurrence and causal relationships enhances the network model’s ability to accurately represent complex interaction mechanisms among unsafe events.

Based on the definitions of unsafe event nodes and coupling relationships, the airspace system unsafe-event coupling network model is formally constructed. Let the set of unsafe event nodes be the following:

$$V=\left\{E_1,E_2,\dots ,E_N\right\}$$

(1)

where E_i represents the ith unsafe event node, and N represents the total number of unsafe event nodes. The set of edges constituting the coupling relationships among unsafe event nodes:

$$\epsilon ={\epsilon }_{co}\cup {\epsilon }_{causal}$$

(2)

where $\epsilon$_co represents the set of undirected edges representing co-occurrence relationships, and $\epsilon$_causal represents the set of directed edges representing causal relationships. The unsafe-event coupling network can be represented as a complex network graph, denoted as follows:

$$G=\left(V,\epsilon \right)$$

(3)

To facilitate quantitative analysis and topological computations of the network, an adjacency matrix $W={\left[w_{ij}\right]}_{N\times N}$ is introduced to formally describe the network structure, with its elements defined as follows:

$$w_{ij}=\left\{\begin{array}{c}{w}_{ij}^{co},if {event E}_i and E_j have a co-occurrence relationship\\ w_{ij}^{causal}, if {event E}_i and E_j have a causal relationship\\ 0,if no direct relationship between event E_i and E_j\end{array}\right.$$

(4)

For co-occurrence relationships, the adjacency matrix entries are symmetric:

$$w_{ij}^{co}=w_{ji}^{co}\ge 0$$

(5)

For causal relationships, the adjacency matrix elements exhibit directionality:

$$w_{ij}^{causal}\ge 0 · w_{ij}^{causal}\ne w_{ji}^{causal}$$

(6)

In this study, causal relationships are identified based on explicit trigger–response descriptions documented in the reports. Therefore, the results primarily capture observable correlational couplings, and the causal interpretation is confined to documented sequential dependencies rather than full statistical causal inference. In the practical implementation of this paper, an unweighted network model is adopted; thus, the adjacency matrix can be simplified to a binary form:

$$w_{ij}=\left\{\begin{array}{c}1,have a coupling relationship\\ 0,no coupling relationship\end{array}\right.$$

(7)

Furthermore, the attribute vector of each event node E_i can be expressed as follows:

$$A_i=\left[T_i,N_i,S_i,R_i\right]$$

(8)

where T_i, N_i, S_i, R_i, respectively, represent the response time, intervention count, hazard level, and recovery time of event E_i. In order to characterize the coupling relationships among unsafe event nodes in the unweighted network model, the cosine similarity between any two event nodes E_i and E_j is defined as follows:

$$\cos (E_i,E_j)={\displaystyle \frac{E_i{E}_j}{‖E_i‖‖E_j‖}}={\displaystyle \frac{{\displaystyle \sum _{k=1}^4{A}_{ik}{A}_{jk}}}{\sqrt{{\displaystyle \sum _{k=1}^4{(A_{ik})}^2}}\sqrt{{\displaystyle \sum _{k=1}^4{(A_{jk})}^2}}}}$$

(9)

where cos(E_i, E_j) represents the cosine similarity between event E_i and event E_j, and A_ik represents the ith component of the attribute vector of event. After deriving the pairwise similarities among all unsafe events, the similarity matrix for the unsafe events is obtained as follows:

$$S=\left[\begin{array}{cccc}{s}_{11}& s_{12}& \dots & s_{1N}\\ s_{21}& s_{22}& \dots & s_{2N}\\ ⋮& ⋮& \ddots & ⋮\\ s_{N1}& s_{N2}& \dots & s_{NN}\end{array}\right]$$

(10)

where S represents the similarity matrix of unsafe events, and represents the cosine similarity between the ith and jth unsafe event nodes. The adjacency matrix and similarity matrix of the unsafe-event coupling network G = (V, $\epsilon$) are as follows:

$$S=\left\{\begin{array}{l}1,\cos (A,B)\ge \varphi \\ 0,\cos (A,B)<\varphi \end{array}\right.$$

(11)

where $\varphi$ represents the critical similarity threshold, set $\varphi =0.85$ based on existing research findings [24].

2.3. Node Risk Evaluation

A comprehensive risk evaluation method based on the multidimensional attributes of events is proposed, employing the entropy-weight method combined with the TOPSIS evaluation model. The entropy-weight method is used to determine each indicator’s weight according to its degree of dispersion in the sample data. On this basis, the TOPSIS evaluation method is introduced to calculate each event node’s closeness to the ideal best and the ideal worst states, thereby obtaining its comprehensive risk membership degree.

The entropy-weight method is an objective weighting technique that employs information entropy to measure the information content of each indicator. The greater the dispersion of an indicator’s values among the evaluation objects, the more information it conveys and the lower its entropy; consequently, its weight is higher. By deriving weights from the statistical distribution of the data itself, the entropy-weight method effectively eliminates the subjectivity inherent in manual weighting.

Assuming there are n unsafe event nodes and four attribute indicators, the evaluation objects and indicators form the original matrix:

$$X=\left[\begin{array}{cccc}{x}_{11}& x_{12}& x_{13}& x_{14}\\ x_{21}& x_{22}& x_{23}& x_{24}\\ ⋮& ⋮& ⋮& ⋮\\ x_{n1}& x_{n2}& x_{n3}& x_{n4}\end{array}\right]$$

(12)

The two indicators, Response Time and Recovery Time, involve time units and contain many outliers and extreme values. To address this issue, this paper employs the 95th percentile threshold method to compress the indicator values. The specific calculation formula is as follows:

$$x_{ij}^{’}=\left\{\begin{array}{c}{x}_{ij},x_{ij}\le Q_{0.95}\\ Q_{0.95},x_{ij}>Q_{0.95}\end{array}\right.$$

(13)

where x_ij represents the ith observation of the jth indicator, and Q_0.95 represents the 95th-percentile threshold of the jth indicator.

To further reduce scale disparities among indicators and improve the data distribution shape, a logarithmic transformation is applied to the compressed data as follows:

$$x_{ij}^{’’}=\ln (x_{ij}^{’}+1)$$

(14)

Since all selected indicators are of the cost type, to ensure comparability and facilitate computation, the Min–Max normalization method is applied to perform positive normalization on every indicator, thereby converting them into benefit indicators:

$$z_{ij}={\displaystyle \frac{x_{ij}^{’’}-\min (x_{ij}^{’’})}{\max (x_{ij}^{’’})-\min (x_{ij}^{’’})}},i=1,2,\dots ,n;j=1,2,3,4$$

(15)

where $\max (x_{ij}^{’’})$ and $\min (x_{ij}^{’’})$ denote the maximum and minimum of the log-transformed values for indicator j across all i, $z_{ij}\in \left[0,1\right]$ represents the dimensionless normalized value of the indicator.

The proportion of the ith observation under the jth indicator is as follows:

$$p_{ij}={\displaystyle \frac{z_{ij}}{{\displaystyle \sum _{i=1}^n{z}_{ij}}}}$$

(16)

For the jth indicator, its information entropy is as follows:

$$e_j=-{\displaystyle \frac{1}{\ln n}}{\displaystyle \sum _{i=1}^n{p}_{ij}\ln (p_{ij})}$$

(17)

Subsequently, the difference coefficient of the indicator is calculated as follows:

$$d_j=1-e_j$$

(18)

By Gibbs’ inequality, $-{\displaystyle \sum _{i=1}^n{p}_{ij}\ln (p_{ij})}\in [0,\ln n]$, with the minimum 0 attained when one pij = 1 (all others 0), and the maximum lnn attained when pij = 1/n for all i. Therefore, ej is in [0, 1]. Hence, dj is in [0, 1].

By normalizing the difference coefficients, the entropy weight of each indicator is obtained as follows:

$$W_j={\displaystyle \frac{d_j}{{\displaystyle \sum _{j=1}^4{d}_j}}},{\displaystyle \sum _{j=1}^4{W}_j=1}$$

(19)

After obtaining the weights of each indicator, they are incorporated into the TOPSIS model for comprehensive risk evaluation. TOPSIS ranks the evaluation objects by comparing their distances to the ideal best and ideal worst solutions, thereby calculating each object’s closeness to the ideal solution. The specific steps for the TOPSIS evaluation are as follows:

Construct the weighted normalized decision matrix by applying vector normalization to the original indicator data matrix:

$$r_{ij}={\displaystyle \frac{x_{ij}}{\sqrt{{\displaystyle \sum _{i=1}^n{x_{ij}}^2}}}},i=1,2,\dots ,n;j=1,2,3,4$$

(20)

Using the entropy-derived weights, compute the weighted normalized decision matrix as follows:

$$v_{ij}=W_j\cdot r_{ij}$$

(21)

Determine the positive and negative ideal solutions. The positive ideal solution vector, corresponding to the lowest risk scenario, is formed by extracting the maximum value from each column of the matrix:

$$V^{+}=\left\{{v_1}^{+},{v_2}^{+},{v_3}^{+},{v_4}^{+}\right\},{v_j}^{+}=\max (v_{ij}),i=1,2,\dots ,n$$

(22)

Similarly, the negative ideal solution vector, corresponding to the highest risk scenario, is formed by extracting the minimum value from each column of the matrix:

$$V^{-}=\left\{{v_1}^{-},{v_2}^{-},{v_3}^{-},{v_4}^{-}\right\},{v_j}^{-}=\min (v_{ij}),i=1,2,\dots ,n$$

(23)

Calculate the distance of each node to the ideal solutions. The distance from the node to the positive ideal solution is as follows:

$${D_i}^{+}=\sqrt{{\displaystyle \sum _{j=1}^4{(v_{ij}-{v_j}^{+})}^2}}$$

(24)

The distance of the node to the negative ideal solution is as follows:

$${D_i}^{-}=\sqrt{{\displaystyle \sum _{j=1}^4{(v_{ij}-{v_j}^{-})}^2}}$$

(25)

Calculate the risk membership degree for each node. The relative risk evaluation result for each node is as follows:

$$C_i={\displaystyle \frac{{D_i}^{-}}{{D_i}^{+}+{D_i}^{-}}},0\le C_i\le 1$$

(26)

The smaller the membership degree value, the more the node tends toward a high-risk state and should be the primary focus of safety risk governance.

By applying the entropy-weight–TOPSIS method to compute each node’s comprehensive risk score, the risk ranking of airspace unsafe-event nodes is obtained, thereby laying a quantitative foundation for both the structural analysis of the event network and the identification of priority events. The node risk evaluation results not only facilitate the identification of key risk nodes within the network but also, through network topology analysis, clarify risk propagation pathways and reveal critical nodes in the risk chain, thus providing scientific support for the effective management of airspace system safety risks.

3. Results

3.1. Evaluation Results for Unsafe Event Nodes

The weights of each attribute indicator, calculated using the entropy-weight method, are shown in

Table 2. Indicator weight values.

Indicator Name	Information Entropy (ej)	Difference Coefficient (dj)	Entropy Weight of Indicator (Wj)
Response Time	0.9452	0.0548	0.2195
Intervention Count	0.9631	0.0369	0.1478
Hazard Level	0.9247	0.0753	0.3016
Recovery Time	0.9173	0.0827	0.3312

. It should be emphasized that while the network structure incorporates both co-occurrence and sequentially reported causal couplings, the latter are limited to documented event chains; thus, the results mainly reflect coupling relationships rather than strict causal inference.

The information entropy, difference coefficients, and weights for each indicator are presented in Table 2. The contribution of each indicator to risk assessment varies: indicators with lower information entropy and higher difference coefficients convey more information and thus receive larger weights. For example, recovery time and hazard level exhibit considerable variability across events and are, therefore, assigned higher weights, indicating that changes in these indicators more significantly distinguish risk levels. In contrast, response time and intervention count are relatively uniformly distributed in the sample, resulting in higher entropy, lower difference coefficients, and correspondingly smaller weights, which reflect their more limited contribution to risk differentiation.

Together, these four indicators form the foundation of a comprehensive risk evaluation; even those with lower weights provide necessary supplementary information, ensuring the objectivity and completeness of the assessment. Figure 3 depicts the distributions of information entropy, difference coefficients, and weights for each indicator, clearly illustrating the alignment between information content and weight allocation: indicators with lower entropy receive higher weights, and vice versa. This outcome further validates the efficacy of the entropy-weight method for weight determination, enabling the risk evaluation model to highlight key risk factors while still accounting for the combined influence of all indicators on unsafe-event risk.

Using the entropy-weight–TOPSIS model, the risk levels of 1551 unsafe-event nodes were quantitatively evaluated. The resulting risk scores ranged from 0 to 0.858, with a mean of 0.575, a median of 0.596, and a standard deviation of 0.179. Scores were predominantly concentrated in the medium–high interval, with only a few nodes exhibiting extremely high or low values. As shown in Figure 4, nodes with scores above 0.8 comprised approximately 7% of the total, whereas those with scores below 0.2 accounted for only 4%. This distribution reflects the heterogeneity of operational risk within the airspace system: most events bear moderate risk levels, while a small number of nodes display substantially higher scores, forming a high-risk tail. From an operational safety perspective, this implies that severe precursors or high-risk events remain a minority, with general-risk events predominant, consistent with the high-safety expectations of civil aviation. Furthermore, due to reporting-threshold constraints, events of extremely low risk are seldom recorded. Overall, the network risk score distribution exhibits a “small–large–small” structure, only a very small fraction of events are exceptionally hazardous or trivial, and the vast majority fall into the medium-to-high risk category. This pattern indicates that risk management must address both the overall elevation of risk levels and maintain particular vigilance toward the extremely high-risk nodes in the distribution tail, as they may serve as ignition points for cascading failures.

Figure 5 presents violin plots of risk-score distributions for events associated with different stakeholder categories. Unlike conventional histograms, violin plots provide a more comprehensive depiction of distributional shape and dispersion for each group’s risk scores. In each “violin,” the width at a given risk-score level corresponds to the density of events at that value, and the internal markings for median and quartiles reveal distributional differences. It is immediately evident that events within the Airspace User System exhibit an overall higher risk-score distribution—its median exceeds those of other stakeholders and it maintains a longer high-risk tail. By contrast, events in the Airspace Resource System are more tightly concentrated in lower-risk ranges, thereby clearly highlighting the distinct distributional characteristics across stakeholder categories.

In the identified high-risk nodes, events associated with different stakeholder systems exhibit distinct characteristics. High-risk nodes in the Air Traffic Management System are often accompanied by a larger number of interventions and shorter response times, indicating that controllers executed frequent and timely interventions under emergency conditions, yet the events themselves retained high potential hazard. High-risk nodes in the Airspace Resource System frequently involve cross-event coupling triggers—for example, pilot operational deviations precipitating multiple related incidents—manifesting as hub-like accidents that propagate risk along multiple network paths. Although high-risk nodes in the Airspace User System are comparatively few, they are nonetheless often interconnected with events from other stakeholder groups.

These findings indicate that unsafe events linked to the Air Traffic Management and Airspace Resource Systems occupy more critical positions in the overall risk structure, and therefore, should be prioritized in airspace system risk governance. Although such high-risk nodes represent only a small proportion of all events, they function as high-risk bridges within the network, whose failure or loss of control is most likely to trigger systemic risk transmission and cascading effects. Consequently, airspace safety governance should reinforce monitoring and prevention measures focused on these key risk sources to effectively mitigate overall operational risk. To ensure that the evaluation results are not overly sensitive to parameterization, we conducted brief robustness checks. Specifically, we compared the outcomes under entropy-derived weights and equal weights, and also varied the similarity threshold from 0.45 to 0.55. The ranking of high-risk nodes and the overall community structure remained stable under these changes, confirming the robustness of the results.

3.2. Airspace System Unsafe-Event Network Structure and Key Node Identification

3.2.1. Analysis of Network Topological Characteristics

Based on the entropy-weight–TOPSIS evaluation of unsafe events in the airspace system, the unsafe-event network was constructed in Gephi 0.10.1 using similarity measures. This network visualization displays the interrelations among event nodes and enables computation of various topological metrics. The resulting network graph comprises 1551 nodes and 7544 edges, as shown in Figure 6. In this network, each node represents an unsafe event, and each edge denotes a co-occurrence relationship between two event nodes. The node size is positively correlated with its risk score from the evaluation—larger nodes indicate higher risk levels—while the edge width is positively correlated with the cosine similarity between the connected events, such that wider edges signify stronger co-occurrence relationships.

Basic topological metrics of the constructed airspace system unsafe-event network were statistically analyzed using Gephi, and the resulting metrics are presented in

Table 3. Topological metrics of the unsafe-event network.

Topological Indicator	Value
Number of nodes	1551
Number of edges	7544
Graph density	0.006
Average degree	9.728
Average path length	4.287
Average clustering coefficient	0.341

.

Based on the computed topological metrics, a comprehensive analysis of the constructed airspace-system unsafe-event network was conducted. The network density is approximately 0.006, indicating that only about 0.6 % of all potential node pairs are actually connected, which reflects a markedly sparse structure. In terms of topology, the average degree is 9.728, meaning that each node is, on average, connected to approximately 9.728 other nodes, so that locally the connections among nodes are relatively dense. Given the overall sparsity, this comparatively high average degree indicates that, despite the low overall edge density, nodes tend to form tightly connected neighborhoods. This local connectivity is further evidenced by a global clustering coefficient of approximately 0.341, demonstrating a substantial presence of triadic closures, that is, neighbors of a node are often directly connected. Several distinct local clusters appear in the network, with event nodes forming compact communities. The average path length is 4.287, which, despite the network’s sparse global structure, shows that any two event nodes can be reached via only a few intermediaries on average, thus exhibiting a “small-world” characteristic.

A small number of high-degree hub nodes act as critical bridges, significantly reducing overall path lengths; these nodes hold high centrality and play key roles in risk propagation. Moreover, the degree distribution is highly heterogeneous: most event nodes have only a few direct connections, whereas a few nodes connect to many others. This heterogeneity underscores the importance of the hub nodes for network stability. Should one of these hubs fail or lose control, it could rapidly affect large portions of the network and trigger swift risk diffusion. Therefore, in practical risk governance, special attention should be paid to monitoring and managing these high-centrality, strong-bridging nodes to prevent local risks from evolving into systemic threats.

3.2.2. In-Depth Analysis of Key Unsafe Event Node Identification

Based on the entropy-weight–TOPSIS evaluation results, the threshold method is applied to screen key unsafe-event nodes within the network. Yang et al. found that when only 10–20% of the high-risk nodes are impacted, the entire network nearly collapses, and the removal of the top 20% of ranked nodes typically precipitates a rapid deterioration of network connectivity [25].

Accordingly, the top 25% of nodes by TOPSIS composite score are designated as key nodes. Focusing on this highest-scoring subset facilitates the identification of the most influential hub events within the risk-propagation chain. This threshold rule ensures that the selected nodes correspond to the extreme high-end distribution of network risk, thereby supporting subsequent targeted analysis and management.

To reveal the potential relationships among the three stakeholder categories, the Louvain clustering algorithm [26] is applied to the airspace-system unsafe-event network for community detection. The Louvain algorithm is a widely used method based on multi-level modularity optimization, which efficiently partitions large networks into communities characterized by dense internal connections and sparse external links. This method partitions nodes into communities characterized by high internal cohesion and low external coupling, maximizing intra-community connection strength while minimizing inter-community links, and achieves large-scale clustering at multiple resolutions without predefining the number of communities.

Applying the Louvain algorithm to the constructed unsafe-event network separates event nodes into distinct modules, with nodes in the same module depicted in the same color. The result is an unsafe-event network divided into three modules, as shown in Figure 7. Within each module, event nodes exhibit relatively dense interconnections, whereas connections between nodes in different modules are comparatively sparse.

In high-risk events, the Controller stakeholder contributes the greatest number of key nodes, reflecting that failures or operational vulnerabilities within the Air Traffic Management System have the most significant impact on airspace safety; the Operator and User stakeholders each account for approximately 30% of the key nodes, indicating that unsafe events often arise from a combination of resource-provision and user-behavior factors.

From the three-stakeholder perspective, key nodes in the Air Traffic Management System typically exhibit high intervention counts and rapid response times; key nodes in the Airspace Resource System often involve coupling triggers across multiple events and key nodes in the Airspace User System, although relatively few are frequently connected to events from other stakeholder groups.

Overall, although these key nodes represent only a small fraction of the network, they constitute its “high-risk backbone,” consistent with existing research showing that safeguarding critical network nodes can markedly enhance system robustness.

Figure 8 presents boxplots of centrality distributions for key nodes associated with the three stakeholder categories. Figure 8 depicts degree centrality, closeness centrality, and betweenness centrality. The boxplots illustrate the differences in each centrality measure among key nodes belonging to the Air Traffic Management System, the Airspace Resource System, and the Airspace User System.

Key nodes of different stakeholder types exhibit significant differences in centrality measures. Controller nodes have the highest overall betweenness centrality, Operator nodes show a markedly higher degree centrality distribution compared with other stakeholders, and User nodes have relatively low degree and betweenness centralities. In terms of closeness centrality, all three stakeholder categories register high values, indicating that these key nodes can typically reach other nodes in the network within a short distance. The closeness centrality of Operator and Controller nodes is slightly higher than that of User nodes, reflecting their more central positions in the network. Although User nodes have low degree and betweenness centralities, their connections via Controller and Operator nodes result in a relatively short average path length to other nodes, thus maintaining high closeness centrality.

These findings demonstrate that the Air Traffic Management System, as the command and dispatch hub, serves as a bridge in the network and exhibits the highest betweenness centrality; Airspace Resource nodes connect numerous User and Controller nodes, and therefore, have the highest degree centrality and Airspace User nodes, being peripheral entities with limited connections, have lower degree and betweenness centralities.

In the identified key nodes, two representative nodes are selected for in-depth analysis. For example, key node N1, with a score of 0.858, belongs to the Air Traffic Management System; it has a relatively short response time of only a few dozen seconds and an intervention count of five. Due to its extended fault-tolerant recovery time, it is coupled with multiple other event types. Network structural analysis indicates that N1 functions as a highly coupled hub node, connecting events from various stakeholder categories and acting as a bridge in the risk propagation chain.

The other key node, N2, with a score of 0.857, belongs to the Airspace Resource System and has an intervention count of eight. Although the conflict level it generates is moderate, its event exhibits strong connectivity with other stakeholders, making it a typical “high-degree” node. Both nodes occupy central positions in the network topology; if they fail or are not addressed in a timely manner, they may cause localized network disconnections or large-scale risk spillovers. Conducting a detailed evaluation of these representative nodes’ attribute indicators—such as extremely short response time, high coupling interactions, and frequent interventions is a critical component of network risk analysis.

3.2.3. Analysis of Coupling Relationship Characteristics Among the Three Stakeholder Groups

When analyzing the coupling degree among factors using the N–K model, N denotes the number of independent modules in the system and K denotes the number of coupling connections each module has with other modules (0 ≤ K ≤ N − 1). Generally, as K increases, inter-module dependence strengthens and the system’s network structure becomes more complex.

For the airspace system’s operational unsafe events, N = 3 corresponds to the three stakeholder categories: the Air Traffic Management System, the Airspace Resource System, and the Airspace User System. Based on the network analysis results, a three-node N–K model framework is constructed. Each stakeholder category is treated as a module, and its coupling degree K with the other two categories is quantified using the network data. By mapping Figure 7 onto the N–K model, each stakeholder can be assigned a coupling degree K as a measure of its risk-coupling strength. Under the scenario of three stakeholder categories, the coupling strengths are as follows:

$$T(X,Y,Z)={\displaystyle \sum _{i=1}^I{\displaystyle \sum _{j=1}^J{\displaystyle \sum _{k=1}^K{P}_{ijk}{\log }_2\frac{P_{ijk}}{P_{i\cdot \cdot }{P}_{\cdot j\cdot }{P}_{\cdot \cdot k}}}}}$$

(27)

where P_ijk represents the joint probability of the three stakeholders being in states i, j, k, respectively, $P_{i\cdot \cdot }$, $P_{\cdot j\cdot }$, $P_{\cdot \cdot k}$ represent the marginal probabilities of each stakeholder being in the corresponding state. The larger the coupling degree T, the stronger the coupling among the three stakeholders and the higher the system’s risk interdependence. By comparing the results for different K values, the impact of the coupling structure is analyzed as follows:

(a) The coupling degree is highest between the Air Traffic Management System and the other two stakeholder categories. Network data show that the ATM System interacts extensively with both the Resource System and the User System, yielding K_ATM = 2. In contrast, the Resource and User Systems are each primarily coupled only to the ATM System. This indicates that the ATM System serves as a global connector with the highest overall coupling degree.

(b) As the coupling hub, the ATM System links simultaneously to both the Resource and User Systems, playing a pivotal role in the coupling network. Any perturbation within the ATM System can rapidly propagate to the other stakeholder groups, thereby exacerbating system-level cascading responses.

(c) The most sensitive coupling pairs are ATM–User and ATM–Resource. Both pairs exhibit pronounced coupling effects: when a risk event occurs in one subsystem, it typically triggers a strong impact on the other, and the system displays highly complex response characteristics. In contrast, the direct coupling between the Resource and User Systems is relatively weak, resulting in more moderate system responses.

To more precisely characterize the coupling strength among the three stakeholder categories within the airspace system, we further define a method for calculating coupling strength based on the event-node network data. The numerical formula for computing the coupling strength is as follows:

$$K_{ij}={\displaystyle \frac{E_{ij}}{E_{total}}}$$

(28)

where K_ij represents the coupling strength between stakeholder i and stakeholder j; E_ij represents the number of edges connecting nodes between stakeholder i and stakeholder j and E_total represents the total number of edges in the network. The coupling strengths between stakeholder groups are presented in

Table 4. Coupling strength, representative unsafe events, and propagation characteristics.

Coupled Stakeholder Combination	Coupling Strength	Representative Unsafe Event Example	Risk Propagation Characteristics
Air Traffic Management System—Airspace Resource System	0.229	Controller’s erroneous instruction leading to crew operational violation	Misguided controller instructions can quickly destabilize the resource system, resulting in rapid risk propagation
Air Traffic Management System—Airspace User System	0.134	Delay in controller information causing airport traffic backlog	Risk propagation is evident, with pronounced chain reaction effect
Airspace Resource System—Airspace User System	0.074	Airport equipment malfunction forcing flight delays	Risk propagation is slower and relatively localized in scope

.

The coupling strength calculations indicate that the Air Traffic Management System and the Airspace Resource System exhibit the highest coupling intensity, reflecting the pronounced risk association arising from frequent interactions between controllers and flight crews. The next highest coupling is between the Air Traffic Management System and the Airspace User System, demonstrating a clear risk-propagation channel between controller decisions and actual user operations, though its intensity is slightly lower than that of the controller–resource coupling. In contrast, the coupling strength between the Airspace Resource System and the Airspace User System is the lowest, indicating relatively weaker risk-transmission pathways and a tendency toward localized coupling effects.

Notably, the sum of the above inter-stakeholder coupling strengths is 0.437, indicating that intra-stakeholder risk propagation occupies a dominant position within the network. This characteristic reflects that risk transmission among nodes within the Air Traffic Management, Airspace Resource, and Airspace User systems occurs more frequently; however, the systemic impact of cross-stakeholder risk propagation is greater and thus warrants particular attention. In particular, since the Air Traffic Management System occupies a bridging and hub position within the overall network structure, any risk event occurring within this system will not only be rapidly transmitted to the Airspace Resource System but may also further propagate to the Airspace User System, thereby generating cross-stakeholder risk coupling effects.

Through the analysis of inter-stakeholder coupling relationships, the core position and bridging role of the Air Traffic Management System within the overall network are further revealed. The high coupling between controller-system nodes and nodes of other stakeholders indicates that, once a critical node in the Air Traffic Management System experiences a risk event, it may rapidly trigger risk diffusion and systemic cascading effects. In contrast, although the coupling intensity between the Airspace Resource System and the Airspace User System is lower, risk events within these systems often lead to the gradual accumulation of localized regional risks, which also need to be addressed within long-term governance strategies. These network patterns not only characterize the abstract structure of unsafe-event interactions but also offer operational implications for airspace safety management, including the identification of key monitoring points, the prioritization of cross-stakeholder coordination, and the design of rapid-response mechanisms.

4. Discussion

The constructed multi-stakeholder coupling network of airspace unsafe events and its risk evaluation results clearly elucidate the risk characteristics of airspace system operations. By integrating the Controller, Crew, and User stakeholder categories into a unified network model, it is revealed that airspace safety risks exhibit pronounced heterogeneity and hub concentration. The majority of unsafe events have medium-to-high risk levels, with only a very small proportion classified as extremely high risk. This implies that, while the overall safety posture is relatively stable, the distribution’s tail contains a few high-risk events that form risk peaks. These high-risk events typically involve complex cross-stakeholder couplings, demonstrating significant hazard amplification through multi-stakeholder interactions.

Network analysis demonstrates that the connections among unsafe events present “small-world” characteristics and a highly heterogeneous structure: among 1551 event nodes and 7544 edges, only approximately 0.6% of all potential connections actually exist, indicating a sparse global network but with evident local clustering. On average, each event is directly connected to about 9.7 other events, forming several tightly coupled subnet clusters. A small number of hub event nodes connect to a large number of other events. Risk levels are not uniformly distributed across all events but are concentrated in a few critical nodes and coupling channels. These include cascades initiated by controller-instruction errors as well as multi-event triggers resulting from crew operational deviations; these nodes exhibit the highest risk membership degrees and centrality measures in the network.

Through quantitative assessment using the entropy-weight–TOPSIS method, indicator weights are objectively determined based on event attribute data, and each event node’s risk membership degree relative to the ideal safe state is calculated, enabling a comprehensive risk ranking of all nodes. Empirical results indicate that approximately 7% of events qualify as high-risk key nodes requiring prioritized attention. Coupling analysis based on the N–K model further quantifies the risk-association strengths among the three stakeholder categories. In summary, the proposed network model and risk evaluation framework reveal that airspace system risks arise from multi-stakeholder couplings, but their harmful effects are concentrated in a small number of key nodes and principal propagation channels.

The identification of key unsafe-event nodes holds critical importance for network risk control and governance strategy optimization. As complex-network theory emphasizes, key nodes are vital for enhancing network resilience and survivability. For the identified key event nodes, priority should be given to strengthened monitoring, governance, and resource allocation. Dedicated teams should be established within the stakeholder systems hosting these key nodes to develop rapid-response protocols and improve on-site intervention efficiency, enabling immediate engagement when a risk event occurs and thereby severing risk propagation channels. Additionally, control strategies should be adjusted based on the attribute characteristics of these nodes—for example, shortening fault-tolerance windows and adding verification steps—to minimize the potential for risk-cascade diffusion. The nodes selected via the TOPSIS evaluation not only occupy central positions in the network structure but also directly influence the overall operational safety posture of the airspace system; consequently, they warrant special attention and investment in risk-mitigation measures.

From a theoretical standpoint, these patterns align with Safety Management System principles and resilience engineering: high-betweenness nodes correspond to critical control points in hazard identification and risk mitigation; elevated clustering reflects locally tight couplings where layered defenses may be thinnest (consistent with accident-causation perspectives) and rapid network reachability underscores the need for monitoring and responding capacities central to resilience. Framing the findings within these perspectives clarifies why controller-centric hubs and cross-stakeholder bridges emerge as dominant risk channels and how governance should prioritize them.

In practical terms, the graph metrics provide operationally meaningful guidance. For example, nodes with high betweenness centrality correspond to unsafe events that bridge multiple stakeholders, highlighting critical points where enhanced monitoring or redundancy measures can break risk-propagation chains. High clustering coefficients reveal tightly coupled groups of events, indicating the need for localized systemic interventions such as sector-specific training or procedural reviews. Similarly, short average path lengths suggest that risks can spread quickly across the network, underscoring the importance of rapid response protocols and cross-stakeholder communication mechanisms. These operational interpretations transform abstract network properties into actionable strategies for strengthening airspace safety management.

The systemic risk to airspace safety exhibits both stakeholder diversity and structural concentration. A small number of key nodes within the Air Traffic Management System serve as primary conduits for information flow and risk propagation, while nodes in the Airspace Resource System, through extensive connectivity, function as hubs of risk transmission. Strengthening protection and monitoring of these critical nodes will effectively reduce the risk of unsafe events across the entire airspace system. The foregoing analysis provides quantitative justification for airspace safety management, highlighting the differentiated roles of key nodes across stakeholder categories in the network and offering essential guidance for formulating targeted risk-control strategies. While additional organizational, environmental, and technological indicators would enrich the model, they are not consistently available in the present oversight data; the four uniformly recorded attributes constitute the largest high-quality common denominator for objective evaluation, to be extended in future multi-source studies. Finally, while the dataset is drawn from Chinese airspace, the mechanisms identified hub concentration, heterogeneous connectivity, and controller-centric bridging are generic network properties. While this study is based on data from Chinese airspace, the proposed framework and identified mechanisms are generalizable to other airspace systems, and future research will extend the analysis through international comparative validation. In addition, future studies will incorporate comparative evaluations with other data-driven safety assessment frameworks once broader and comparable datasets become accessible, in order to further verify the robustness and generalizability of the proposed approach.