A multi-view extended software control structure modeling and safety analysis method

System-theoretic Process Analysis (STPA) is an emerging safety analysis method which can recognize the impact on system safety of non-linear interactions between system components. However, the implementation of STPA mainly depends on the experience of the analyst and his/her understanding of the system. The results of the analysis vary from person to person, and it is difficult to guarantee the quality of the analysis. In this paper, the UML views are used to expand the control model, system object model is established to acquire system information, functional model and dynamic model are established to recognize unsafe control actions and reasons these actions, respectively. A case study of a train door control system is also provided to further describe the operating procedures and verify the applicability of this method.