The autonomous ship carrying valuable cargoes and passengers in a more effective and cost-saving manner will soon be state of the art technology, which most likely shall be introduced into the public horizon as the remote control mode within the foreseeable future. The highly connected intelligent systems though come at the cost of the increased system vulnerability to cyber-attacks. To smooth this innovative system can be released into actual context of operation, a novel STPA-based methodology is proposed that synthesizes safety and security, namely STPA-SynSS. In the novel method, a comprehensive process to identifying hazards and revealing causal factors is provided, hazard elimination/mitigation strategies are implemented into system design via system safety and security requirements, so that hazards can be continually tracked and closed-loop managed. The insight regards the operations of the method was demonstrated in a remotely-controlled ship with seafarers onboard, the analysis process focused on encountering ship-ship collision accidents and related security incidents. Results indicate that generated inadvertent/intentional causal factors and developed elimination/mitigation strategies can assist the processes of design and operational planning of the autonomous ships and its shore control centre. Further, the proposed method of this paper also has general relevance for other intelligent systems.

以更有效和节省成本的方式运载有价值的货物和乘客的自动驾驶船将很快成为最先进的技术，最有可能在可预见的将来将其作为远程控制模式引入公众视野。高度连接的智能系统的代价是增加了系统对网络攻击的脆弱性。为了使这个创新的系统能够顺利发布到实际操作环境中，提出了一种基于STPA的综合安全性的方法，即STPA-SynSS。在这种新方法中，提供了识别危害和揭示因果关系的综合过程，并根据系统的安全性要求将危害消除/缓解策略应用于系统设计中，这样就可以持续跟踪危害并进行闭环管理。关于该方法操作的见解是在船上载有海员的遥控船上进行的，分析过程的重点是遇到船舶碰撞事故和相关的安全事件。结果表明，产生的无意/故意因果因素和发达的消除/缓解策略可以协助自主船及其海岸控制中心的设计和运营计划。此外，本文提出的方法对其他智能系统也具有普遍意义。分析过程的重点是遇到船舶碰撞事故和相关的安全事件。结果表明，产生的无意/故意因果因素和发达的消除/缓解策略可以协助自主船及其海岸控制中心的设计和运营计划。此外，本文提出的方法对其他智能系统也具有普遍意义。分析过程的重点是遇到船舶碰撞事故和相关的安全事件。结果表明，产生的无意/故意因果因素和发达的消除/缓解策略可以协助自主船及其海岸控制中心的设计和运营计划。此外，本文提出的方法对其他智能系统也具有普遍意义。