Download presentation
Presentation is loading. Please wait.
Published byPoppy Rich Modified over 9 years ago
1
Challenges and Successes of Independent Safety Assessment on New CBTC Railways Paul Cheeseman Technical Programme Delivery Ltd paul.cheeseman@tpd.uk.compaul.cheeseman@tpd.uk.com+44(0) 7775 631033 © TPD 2014
2
Overview The scale of the problem..... The ISA role Acceptance into service Case study © TPD 2014 Cross acceptance + Reference system = Cost and time effective success!
3
© TPD 2014
4
Independent Assessment “Your organization must ensure that activities are reviewed by competent people who are not involved with the activities concerned.” iESM Principle © TPD 2014 Free download from www.intesm.org
5
ISA – Project interface 1. Product / System / Project development, (design, build, test, etc.) 2. iESM activities (risk evaluation, risk control, safety argument, etc.) 3. Independent Assessment (checking and certification) © TPD 2014
6
Risk-based: “In this situation, with these assumptions, caveats and dependencies this is adequate” A judgement based on professional opinion, supported by objective evidence of process, inspection of output and compliance with standards Compliance-based: “This complies with the specified standard” A statement of fact where no judgement, risk assessment or test of reasonable practicability is necessary Assessment or Certification? © TPD 2014
7
Compliant, but hazards still exist © TP D 201 4
8
1. Applying standards Before deciding that just referring to standards is enough, make sure that: : They are acknowledged to represent good practice in the railway sector; All of the risk associated with the hazard is covered by the standards; The standards cover the specific application; There are no obvious and straightforward ways of reducing risk further. But standards seldom show which risks they are addressing (IEEE1474 is a notable exception) © TPD 2014
9
Acceptance into service © TPD 2014 “Your organization must demonstrate that risk has been controlled to an acceptable level.” “Your organization must support this demonstration with objective evidence.” iESM Principle Free download from www.intesm.org
10
EN50129 CENELEC Scope of Safety Cases © TP D 201 4 Wayside On board CBTC System GASC SASC
11
Generic features - GASC A Wayside system (ZC) that implements a SIL4 trains management system (Movement Authority, safe trains separation, safe interface with SIL 4 Interlocking system). An On-Board system (CC and tags) that implements a SIL4 ATP and localization system. © TPD 2014
12
So to the first specific application.. Chengdu Line 1 SASC: 1.Core CBTC with a subset of equipment and functions defined as iATPM (intermittent ATP mode). 2.Core CBTC with the communication between the trains and the wayside equipment defined as ATPM with limited AM. 3.Additional functionality leading to full AM CBTC with ATO © TPD 2014
13
Step #1 Cross Acceptance © TPD 2014 “Where a similar product has been found safe in a similar environment and approved for use in that environment, your organization may use that approval as evidence for the safety of new products and new applications of products but it must identify and allow for the differences between the products and between their environments.” iESM Principle CENELEC TR50506-1 Free download from www.intesm.org
14
© TPD 2014
15
Specific application differences GA Safety-related Constraints (SRC) GA functions not implemented Site specific hazard identification focussing on: Different train interfaces Local products e.g. PSD, axle counter Operator preferences (e.g. blue / dark signal aspect for CBTC, driver display) Site specific verification and validation Plus lessons learnt from DRACAS © TPD 2014
16
Chengdu Line 1 © TPD 2014 August 2011
17
Step #2 Reference System A Reference System shall at least satisfy following: it has already been proven in-use to have an acceptable safety level and would still qualify for acceptance; it has similar functions and interfaces as system under assessment; it is used under similar operational conditions as system under assessment; it is used under similar environmental conditions as system under assessment. © TPD 2014 Free download from www.intesm.org
18
CBTC roll out using reference system Specific Application Safety Case Chengdu Line 1 Generic Application Safety Case for core system Chengdu Line 2 Reference to CDL 1 plus specific application hazard management Xian Line 2 Hangzhou Line 1 Hangzhou Line 2 Zhengzhou Line 1 DRACAS data © TPD 2014 Cross Acceptance
19
The key issues for the assessment Is a function generic or specific? If its generic, are there any limitations (Safety-related Constraints) If its specific, is it different to before? If its different, does it matter? If it matters, where is the evidence in SASC to demonstrate safety? © TPD 2014
20
Summary 1.Establish firm GA and reference baselines 2.Specify (target) application and environment 3.Identify key differences 4.Specify any technical, operational and procedures adaptations 5.Manage the risk associated with the differences 6.Produce a credible a safety argument 7.Goto 1 © TPD 2014
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.