Who Analyses the Analyser? Self-Validating LLM Hazard Analysis with Constitutional Meta-STPA

📅 2026-07-08
📈 Citations: 0
Influential: 0
📄 PDF
🤖 AI Summary
Current LLM-assisted security analysis tools lack rigorous self-validation and are vulnerable to hallucinations, unverifiable constraints, and insufficient auditability. This work addresses this gap by introducing Constitutional Meta-STPA, the first framework to apply Systems-Theoretic Process Analysis (STPA) at the meta-level of such tools. It systematically derives 29 actionable governance principles—including eight meta-safety principles—from hazard analysis and formally binds them to specific code execution points. By integrating Claude Opus/Sonnet, formal verification, and a constitution-driven constraint mechanism, the study successfully instantiates 18 tool-level principles alongside all meta-principles, thereby validating both the efficacy of the meta-analytic approach and its dependence on underlying model capabilities.
📝 Abstract
Large language models (LLMs) are increasingly trusted to draft the artifacts of safety analysis such as, losses, hazards, Unsafe Control Actions (UCAs), and safety constraints, inside rigorous processes such as Systems-Theoretic Process Analysis (STPA). Yet a blind spot runs through this fast-growing literature: every system gets analysed except the LLM-assisted tool doing the analysing, which is itself a safety-relevant system that can hallucinate standards, emit unverifiable constraints, and leave no audit trail from prompt to artifact. We take seriously the question the field has skipped -- {who analyses the analyser?} and answer it by turning STPA on the tool itself. We present \{Constitutional Meta-STPA}, an LLM-assisted STPA tool built around a closed loop: the tool runs a {meta-STPA} of the class of AI-assisted safety tools and {derives} rather than asserts, its governance constitution from the resulting loss$\to$hazard$\to$UCA$\to$constraint chain, yielding a published constitution of $21$ Tool Principles and $8$ Meta-Safety Principles, each bound to a code enforcement point. We formalise the measured object as a constitution-marginal coverage operator over a principle set $P$ ($|P|{=}29$) with a soundness lemma that isolates coverage from model and scanner, and report four findings. {(i)~Self-derivation:} a frontier ensemble ({claude-opus-4.8}${+}${claude-sonnet-4}) recovers $18/21$ canonical and all $8/8$ governance principles from the tool's own design, while a weaker pair recovers $12/21$ and $3/8$, so the meta layer is model-limited, not constitution-limited, and the same $8/8$ re-emerge from a second, independently authored tool.
Problem

Research questions and friction points this paper is trying to address.

LLM safety
hazard analysis
STPA
self-validation
AI auditing
Innovation

Methods, ideas, or system contributions that make the work stand out.

Constitutional Meta-STPA
self-validating LLM
Systems-Theoretic Process Analysis
AI safety governance
meta-hazard analysis