OMG Specification

Risk Analysis and Assessment Modeling Language — Open Issues

Acronym: RAAML
Issues Count: 17
Description: Issues not resolved

Issues Summary

Key	Issue	Reported	Status
RAAML12-22	Add stereotype for Vulnerability	RAAML 1.1	open
RAAML12-23	Add stereotype for Weakness	RAAML 1.1	open
RAAML12-14	Weakness is not stereotyped as Weakness, and is not marked as Abstract and must be made abstract for consistency	RAAML 1.1	open
RAAML12-15	Vulnerability is not currently stereotyped as Vulnerability, and is not marked as Abstract,	RAAML 1.1	open
RAAML12-11	ProcessModelFlaw is not marked as Abstract and the name needs to be changed	RAAML 1.1	open
RAAML12-18	Add ProcessModel and ControlAlgorithm stereotypes to STPA Profile	RAAML 1.1	open
RAAML12-17	Threat should also be a subtype of Limitation-Factor	RAAML 1.1	open
RAAML12-16	Threat is not stereotyped as Threat, and must be stereotyped for consistency	RAAML 1.1	open
RAAML12-13	ProcessModelFlaw is not marked as Abstract and the name needs to be changed	RAAML 1.1	open
RAAML12-9	Revise .xmi files to represent addition of FHA method	RAAML 1.1b1	open
RAAML12-7	Add example for usage of RAAML for security	RAAML 1.1b1	open
RAAML12-5	Add FHA section to Examples document	RAAML 1.1b1	open
RAAML12-2	Add Functional Hazard Assessment (FHA) method to RAAML	RAAML 1.1b1	open
RAAML12-1	ARP 4751 doesn't exist	RAAML 1.1b1	open
RAAML11-29	Add a Causality association class which extends simple Causality association	RAAML 1.0	open
RAAML11-16	Generalization relation from Situation to SysML Block is not loaded in EA	RAAML 1.0b2	open
RAAML11-15	STPA is not properly implemented	RAAML 1.0b2	open

Issues Descriptions

Add stereotype for Vulnerability

Key: RAAML12-22
Status: open
Source: Ford Motor Company ( Mr. Kyle Post)
Summary:
The Vulnerability element is stereotyped by a generic <<Situation>> stereotype and there is no dedicated <<Vulnerability>> stereotype. To resolve this add a stereotype for Vulnerability. This change should help ensure consistency with Factors and Limitations in the STPA Loss Scenario
Reported: RAAML 1.1 — Mon, 13 Apr 2026 12:51 GMT
Updated: Mon, 13 Apr 2026 13:03 GMT

Add stereotype for Weakness

Key: RAAML12-23
Status: open
Source: Ford Motor Company ( Mr. Kyle Post)
Summary:
The Weakness element is stereotyped by a generic <<Situation>> stereotype and there is no dedicated <<Weakness>> stereotype. To resolve this, the ticket calls for adding a stereotype for Weakness. This change should help ensure consistency with Factors and Limitations in the STPA Loss Scenario.
Reported: RAAML 1.1 — Mon, 13 Apr 2026 12:58 GMT
Updated: Mon, 13 Apr 2026 13:02 GMT

Weakness is not stereotyped as Weakness, and is not marked as Abstract and must be made abstract for consistency

Key: RAAML12-14
Status: open Implementation work Blocked
Source: MITRE ( Ms. Mary Tolbert)
Summary:
The issue is that Weakness is not currently stereotyped as Weakness, and is not marked as Abstract, which puts it out of alignment with the other RAAML library elements. To resolve this, the ticket calls for stereotyping it as Weakness and marking it as abstract. This change should help ensure consistency with Factors and Limitations in the STPA Loss Scenario.
Reported: RAAML 1.1 — Tue, 24 Mar 2026 13:52 GMT
Updated: Mon, 13 Apr 2026 12:58 GMT

Vulnerability is not currently stereotyped as Vulnerability, and is not marked as Abstract,

Key: RAAML12-15
Status: open Implementation work Blocked
Source: MITRE ( Ms. Mary Tolbert)
Summary:
The issue is that Vulnerability is not currently stereotyped as Vulnerability, and is not marked as Abstract, which puts it out of alignment with the other RAAML library elements. To resolve this, the ticket calls for stereotyping it as Vulnerability and marking it as abstract. This change should help ensure consistency with Factors and Limitations in the STPA Loss Scenario
Reported: RAAML 1.1 — Tue, 24 Mar 2026 13:54 GMT
Updated: Mon, 13 Apr 2026 12:51 GMT

ProcessModelFlaw is not marked as Abstract and the name needs to be changed

Key: RAAML12-11
Status: open
Source: Ford Motor Company ( Mr. Kyle Post)
Summary:
ProcessModelFlaw is not marked as Abstract. It must be abstract consistent with the other RAAML library elements. In addition the name ProcessModelFlaw is causing confusion and should be called ControlFlaw to be consistent with the Undesired Control Action and Control Structure.
Reported: RAAML 1.1 — Mon, 23 Mar 2026 14:20 GMT
Updated: Mon, 13 Apr 2026 12:10 GMT

Add ProcessModel and ControlAlgorithm stereotypes to STPA Profile

Key: RAAML12-18
Status: open Implementation work Blocked
Source: MITRE ( Ms. Mary Tolbert)
Summary:
The issue is that ProcessModel and ControlAlgorithm are not currently stereotypes in the STPA profile, but is required to accurately model a STPA Control Structure.
Reported: RAAML 1.1 — Tue, 24 Mar 2026 15:52 GMT
Updated: Wed, 8 Apr 2026 15:36 GMT

Threat should also be a subtype of Limitation-Factor

Key: RAAML12-17
Status: open Implementation work Blocked
Source: MITRE ( Ms. Mary Tolbert)
Summary:
The issue is that Threat is not currently considered as a Limitation-Factor, which is necessary in creating STPA Loss Scenarios. To resolve this, the ticket calls for making Threat a subtype of Limitation.
Reported: RAAML 1.1 — Tue, 24 Mar 2026 14:02 GMT
Updated: Wed, 8 Apr 2026 15:35 GMT

Threat is not stereotyped as Threat, and must be stereotyped for consistency

Key: RAAML12-16
Status: open Implementation work Blocked
Source: MITRE ( Ms. Mary Tolbert)
Summary:
The issue is that Threat is not currently stereotyped as Threat, which puts it out of alignment with the other RAAML profile elements. To resolve this, the ticket calls for stereotyping it as Threat.
Reported: RAAML 1.1 — Tue, 24 Mar 2026 13:58 GMT
Updated: Wed, 8 Apr 2026 15:35 GMT

ProcessModelFlaw is not marked as Abstract and the name needs to be changed

Key: RAAML12-13
Status: open
Source: Ford Motor Company ( Mr. Kyle Post)
Summary:
ProcessModelFlaw is not marked as Abstract. It must be abstract consistent with the other RAAML library elements. In addition the name ProcessModelFlaw is causing confusion and should be called ControlFlaw to be consistent with the Undesired Control Action and Control Structure.
Reported: RAAML 1.1 — Mon, 23 Mar 2026 13:42 GMT
Updated: Wed, 8 Apr 2026 15:32 GMT

Revise .xmi files to represent addition of FHA method

Key: RAAML12-9
Status: open
Source: Ford Motor Company ( Mr. Kyle Post)
Summary:
Revise the associated RAAML .xmi files to represent the changes made in the specification to add the new FHA method
Reported: RAAML 1.1b1 — Fri, 30 Jan 2026 21:27 GMT
Updated: Wed, 11 Feb 2026 00:23 GMT
Attachments:
- RAAML_v12_XMIsChangedByFHAAccept.zip 31 kB (application/zip)

Add example for usage of RAAML for security

Key: RAAML12-7
Status: open
Source: Ford Motor Company ( Mr. Kyle Post)
Summary:
Add an example for how the elements relevant to security can be modeled by the end user for a security analysis.
Reported: RAAML 1.1b1 — Mon, 8 Dec 2025 17:34 GMT
Updated: Wed, 11 Feb 2026 00:23 GMT
Attachments:
- OMG RAAML Examples 1.1 changebars SysML4Sec.docx 6.20 MB (application/vnd.openxmlformats-officedocument.wordprocessingml.document)

Add FHA section to Examples document

Key: RAAML12-5
Status: open
Source: Boeing ( Mr. David Duran)
Summary:
RAAML contains the ISO 26262 method to support the analysis and requirement specification aspects of Functional Safety. However, ISO 26262 focuses on the automotive industry. To also cover the aerospace sector, the Functional Hazard Assessment (FHA) method according to ARP 4761A should be brought as a method to RAAML and should be properly linked to Core, General, FMEA and ISO 26262 packages.

The examples document should reflect this change.
Reported: RAAML 1.1b1 — Tue, 21 Oct 2025 21:48 GMT
Updated: Wed, 11 Feb 2026 00:23 GMT
Attachments:
- FHATable.png 126 kB (image/png)
- FailureConditionMatrix.png 53 kB (image/png)
- FailureConditionTable.png 43 kB (image/png)
- FailureEffectAssessments.png 105 kB (image/png)
- FunctionalDecomposition1.png 44 kB (image/png)
- FunctionalDecomposition2.png 15 kB (image/png)
- FunctionalDecomposition3.png 10 kB (image/png)
- FunctionalFailureBDD.png 47 kB (image/png)
- FunctionalFailureTable.png 41 kB (image/png)
- OMG RAAML Examples 1.1.docx 2.72 MB (application/vnd.openxmlformats-officedocument.wordprocessingml.document)
- OMG RAAML Examples 1.1_wFHA_2.docx 3.38 MB (application/vnd.openxmlformats-officedocument.wordprocessingml.document)
- RelationMap.png 42 kB (image/png)
- S18AFHATable.png 149 kB (image/png)

Add Functional Hazard Assessment (FHA) method to RAAML

Key: RAAML12-2
Status: open
Source: Ford Motor Company ( Mr. Kyle Post)
Summary:
RAAML contains the ISO 26262 method to support the analysis and requirement specification aspects of Functional Safety. However, ISO 26262 focuses on the automotive industry. To also cover the aerospace sector, the Functional Hazard Assessment (FHA) method according to ARP 4761A should be brought as a method to RAAML and should be properly linked to Core, General, FMEA and ISO 26262 packages.
Reported: RAAML 1.1b1 — Wed, 26 Mar 2025 13:49 GMT
Updated: Wed, 11 Feb 2026 00:23 GMT
Attachments:
- Assumption.png 3 kB (image/png)
- DevelopmentAssuranceLevel.png 7 kB (image/png)
- EnvironmentalCondition.png 18 kB (image/png)
- ExternalEvent.png 24 kB (image/png)
- FDAL.png 2 kB (image/png)
- FHA.png 70 kB (image/png)
- FailureCondition.png 22 kB (image/png)
- FailureEffectAssessment.png 45 kB (image/png)
- FlightPhase.png 14 kB (image/png)
- FunctionalFailure.png 48 kB (image/png)
- FunctionalFailure_profile.png 18 kB (image/png)
- General.png 62 kB (image/png)
- General_profile.png 87 kB (image/png)
- HarmRealization.png 17 kB (image/png)
- IDAL.png 2 kB (image/png)
- OMG RAAML 1.1_wFHA_2.docx 3.53 MB (application/vnd.openxmlformats-officedocument.wordprocessingml.document)
- OperationalCondition.png 25 kB (image/png)
- OperationalEvent.png 20 kB (image/png)
- STPA.png 136 kB (image/png)

ARP 4751 doesn't exist

Key: RAAML12-1
Status: open
Source: RTX ( Mr. Andrew Muxen)
Summary:
I suspect that this is a typo. I don't think that ARP4751 exists BUT ARP4761 exists. Review and make sure we are referencing the correct standard.
Reported: RAAML 1.1b1 — Wed, 16 Oct 2024 14:38 GMT
Updated: Wed, 11 Feb 2026 00:23 GMT

Add a Causality association class which extends simple Causality association

Key: RAAML11-29
Status: open
Source: Ford Motor Company ( Mr. Kyle Post)
Summary:
Sometimes the transition from one situation to another situation needs additional properties which cannot be captured by a simple association. The common solution for that is to use an association class to express causality allowing for additional properties to be added to the transition. This pattern is already used in the STPA method. The proposal is to create a general pattern so other methods can access this capability. This would include creating an association class on the common core Situation.
Reported: RAAML 1.0 — Mon, 25 Sep 2023 20:15 GMT
Updated: Mon, 30 Oct 2023 12:53 GMT

Generalization relation from Situation to SysML Block is not loaded in EA

Key: RAAML11-16
Status: open
Source: msg Plaut Austria ( Florian Wagner)
Summary:
In Enterprise Architect 15.2 the CoreRAAML.xmi is not loaded completely. The generalization relation from Situation to SysML Block is not loaded. It seems to me that the xmi export has tool-specific content.
Reported: RAAML 1.0b2 — Tue, 15 Nov 2022 12:14 GMT
Updated: Wed, 30 Nov 2022 20:44 GMT

STPA is not properly implemented

Key: RAAML11-15
Status: open
Source: Blue Origin LLC ( Charles F Radley)
Summary:
RAAML claims to implement STPA, but some important elements are missing.

For example,

In Step-1 of the STPA process (in the 2018 Leveson/Thomas STPA Handbook – Figure 2.3) it calls out the need to derive “Safety Constraints” from the Losses. I can find no reference to Safety Constraints in the RAAML.

Furthermore the RAAML does not provide any linkage from Losses to Hazards, which is expected in the Handbook.
Reported: RAAML 1.0b2 — Thu, 3 Nov 2022 13:46 GMT
Updated: Thu, 3 Nov 2022 17:37 GMT