Recently, industrial products, such as cars, medical apparatuses, and aerospace apparatuses, are developed as the systems that are combined the hardware and software, and their confi guration of the apparatuses and controls become complex. As a result, unintended accidents occur when using the industrial products. Those accidents occur when hazards that are occurred by interactions between hardware and software when using an apparatus and some negative conditions that cause the accident are satisfi ed. This accident model is called as Systems-Theoretic Accident Model and Process (STAMP) model. Additionally, based on the STAMP model, the safety analysis method that clarifi es hazards and hazard scenarios is called STAMP based Process Analysis (STPA) [1]. This paper proposes a method that clarifi es the hazards and proposes safety countermeasures after completing the development of the functional specifi cations for Embedded Control Software (ECSW). In the proposed method, STPA is conducted by inputting the ECSW system specifi cations that are consisted use-case diagrams and class diagrams that are written in Unifi ed Modeling Language (UML). As a result of conducting STPA, hazards are clarifi ed, and hazard scenarios are developed. Sequence diagrams corresponding to the hazard-scenarios are developed and the Hazard Causal Factors (HCFs) are clarifi ed. In this case, the reasons of the HCFs are the execution of methods and/or the non-execution of methods in the class. Based on the STAMP model, the safety analysis method that clarifi es the hazards and the hazard scenarios is called a System-Theoretic Process Analysis (STPA). The organization of this paper is explained below. Section 2 describes the related works. Section 3 describes the outline of the proposed method. Section 4 describes the applications and evaluations of the proposed method. And section 5 describes future works.