Using a systems-theoretic approach to analyze safety in radiation therapy-first steps and lessons learned

Natalia Silvis-Cividjian, Wilko Verbakel, Marjan Admiraal

Research output: Contribution to journalArticleAcademicpeer-review

Abstract

Radiation therapy is an important technique to treat cancer. Due to the high occupational risks involved, the process is subject to severe safety regulations and standards. However, these standards do not mandate the usage of a particular hazard analysis method. The de facto methods currently used are the reliability theory-based Fault Tree Analysis (FTA) and Healthcare Failure Mode and Effects Analysis (HFMEA). Systems Theoretic Process Analysis (STPA) is a new, essentially different hazard analysis method, based on systems theory. Although successfully applied in many industries, there are only a few reports on STPA implementation in radiation therapy. This paper contributes to filling this gap with a preliminary assessment of STPA applied to a mature Intensity Modulated Radiation Therapy (IMRT) process. The analysis was conducted by a team consisting of two experts in radiation therapy and one software systems engineer, with little domain knowledge. 142 potentially unsafe control actions were identified and compared with the results of an earlier HFMEA. The main lesson we have learned is that a graphical, system-wise modeling of the analyzed process, although challenging for beginners, is a powerful instrument to catch the same and even other, new hazards. A causal analysis of a subset of these newly found hazards has led to meaningful and valuable risk mitigation measures. These results suggest considering STPA as a viable option for safety analysis in radiation therapy. We expect that this top-down, well-structured way of analysis can especially be advantageous for safety assessment in early design phases, when an HFMEA is not possible yet, because most of system's implementation and behavior is still unknown.
Original languageEnglish
Article number104519
JournalSafety Science
Volume122
DOIs
Publication statusPublished - 2020

Cite this

@article{8a975d8e31504cc3a2a24bdc42bab5d0,
title = "Using a systems-theoretic approach to analyze safety in radiation therapy-first steps and lessons learned",
abstract = "Radiation therapy is an important technique to treat cancer. Due to the high occupational risks involved, the process is subject to severe safety regulations and standards. However, these standards do not mandate the usage of a particular hazard analysis method. The de facto methods currently used are the reliability theory-based Fault Tree Analysis (FTA) and Healthcare Failure Mode and Effects Analysis (HFMEA). Systems Theoretic Process Analysis (STPA) is a new, essentially different hazard analysis method, based on systems theory. Although successfully applied in many industries, there are only a few reports on STPA implementation in radiation therapy. This paper contributes to filling this gap with a preliminary assessment of STPA applied to a mature Intensity Modulated Radiation Therapy (IMRT) process. The analysis was conducted by a team consisting of two experts in radiation therapy and one software systems engineer, with little domain knowledge. 142 potentially unsafe control actions were identified and compared with the results of an earlier HFMEA. The main lesson we have learned is that a graphical, system-wise modeling of the analyzed process, although challenging for beginners, is a powerful instrument to catch the same and even other, new hazards. A causal analysis of a subset of these newly found hazards has led to meaningful and valuable risk mitigation measures. These results suggest considering STPA as a viable option for safety analysis in radiation therapy. We expect that this top-down, well-structured way of analysis can especially be advantageous for safety assessment in early design phases, when an HFMEA is not possible yet, because most of system's implementation and behavior is still unknown.",
author = "Natalia Silvis-Cividjian and Wilko Verbakel and Marjan Admiraal",
year = "2020",
doi = "10.1016/j.ssci.2019.104519",
language = "English",
volume = "122",
journal = "Safety Science",
issn = "0925-7535",
publisher = "Elsevier",

}

Using a systems-theoretic approach to analyze safety in radiation therapy-first steps and lessons learned. / Silvis-Cividjian, Natalia; Verbakel, Wilko; Admiraal, Marjan.

In: Safety Science, Vol. 122, 104519, 2020.

Research output: Contribution to journalArticleAcademicpeer-review

TY - JOUR

T1 - Using a systems-theoretic approach to analyze safety in radiation therapy-first steps and lessons learned

AU - Silvis-Cividjian, Natalia

AU - Verbakel, Wilko

AU - Admiraal, Marjan

PY - 2020

Y1 - 2020

N2 - Radiation therapy is an important technique to treat cancer. Due to the high occupational risks involved, the process is subject to severe safety regulations and standards. However, these standards do not mandate the usage of a particular hazard analysis method. The de facto methods currently used are the reliability theory-based Fault Tree Analysis (FTA) and Healthcare Failure Mode and Effects Analysis (HFMEA). Systems Theoretic Process Analysis (STPA) is a new, essentially different hazard analysis method, based on systems theory. Although successfully applied in many industries, there are only a few reports on STPA implementation in radiation therapy. This paper contributes to filling this gap with a preliminary assessment of STPA applied to a mature Intensity Modulated Radiation Therapy (IMRT) process. The analysis was conducted by a team consisting of two experts in radiation therapy and one software systems engineer, with little domain knowledge. 142 potentially unsafe control actions were identified and compared with the results of an earlier HFMEA. The main lesson we have learned is that a graphical, system-wise modeling of the analyzed process, although challenging for beginners, is a powerful instrument to catch the same and even other, new hazards. A causal analysis of a subset of these newly found hazards has led to meaningful and valuable risk mitigation measures. These results suggest considering STPA as a viable option for safety analysis in radiation therapy. We expect that this top-down, well-structured way of analysis can especially be advantageous for safety assessment in early design phases, when an HFMEA is not possible yet, because most of system's implementation and behavior is still unknown.

AB - Radiation therapy is an important technique to treat cancer. Due to the high occupational risks involved, the process is subject to severe safety regulations and standards. However, these standards do not mandate the usage of a particular hazard analysis method. The de facto methods currently used are the reliability theory-based Fault Tree Analysis (FTA) and Healthcare Failure Mode and Effects Analysis (HFMEA). Systems Theoretic Process Analysis (STPA) is a new, essentially different hazard analysis method, based on systems theory. Although successfully applied in many industries, there are only a few reports on STPA implementation in radiation therapy. This paper contributes to filling this gap with a preliminary assessment of STPA applied to a mature Intensity Modulated Radiation Therapy (IMRT) process. The analysis was conducted by a team consisting of two experts in radiation therapy and one software systems engineer, with little domain knowledge. 142 potentially unsafe control actions were identified and compared with the results of an earlier HFMEA. The main lesson we have learned is that a graphical, system-wise modeling of the analyzed process, although challenging for beginners, is a powerful instrument to catch the same and even other, new hazards. A causal analysis of a subset of these newly found hazards has led to meaningful and valuable risk mitigation measures. These results suggest considering STPA as a viable option for safety analysis in radiation therapy. We expect that this top-down, well-structured way of analysis can especially be advantageous for safety assessment in early design phases, when an HFMEA is not possible yet, because most of system's implementation and behavior is still unknown.

UR - https://www.scopus.com/inward/record.uri?partnerID=HzOxMe3b&scp=85074451199&origin=inward

U2 - 10.1016/j.ssci.2019.104519

DO - 10.1016/j.ssci.2019.104519

M3 - Article

VL - 122

JO - Safety Science

JF - Safety Science

SN - 0925-7535

M1 - 104519

ER -