4. Content
• • An introduction to railway and functional safety with some important facts and statistics • Definitions of failures,
hazards and safety • Overview of CENELEC standards and how they fit into European interoperability and safety
directives, Technical Standards for Interoperability (TSIs) and the Common Safety Method (CSM) • Overview of
EN50126, the risk based approach and the safety lifecycle model • The meaning of railway RAMS(S), Safety
Management and Quality Management • The relationships between EN50126, EN50128 and EN50129 • Safety
requirements and risk acceptance criteria • Overview of EN50129 content • Hardware and software • Random
and systematic failure • The ‘safety case’ • Risk analysis and hazard control • Tools employed e.g. HAZOP, FMECA,
FRACAS, FTA, Markov etc. • Overview of Tolerable Hazard Rates and Safety Integrity Level (SIL) determination and
allocation • Allocation of SILs to safety functions at system and sub-system level, utilising case studies • The use
and misuse of SILs • Definition of Verification & Validation • Independent safety assessment and the
independence of the roles involved in safety, including real examples • Safety Acceptance, Cross Acceptance and
Approval • The use of systems engineering to optimise system safety and reliability • Key accident case studies;
learning from accidents • Overview of EN50128 • The main differences between EN50128:2011 and 2001 versions
• Software lifecycle and overview of the software development phases: - Software safety requirements - Software
planning and quality assurance - Software SILs • The application of software to railway high integrity systems,
hands-on guidance for the application of techniques of EN50128, and how to best satisfy particular SIL
requirements • How to use commercial off-the-shelf products as part of system development to reduce cost while
maintaining high integrity • How to ensure both hardware and software architecture is optimised, yet achieves the
required integrity for safety-critical systems • A short comparison of rail safety-critical systems development
standards with other industries, including defence and aerospace • Practical examples of the application of
EN50126/8/9 to product development • Practical examples of the application of EN50126/8/9 to application
projects • How to implement course content in future activities D.
5. Very Dry Topic
• Gamification required!!
• Research suggest this is
the optimum approach –
Use the technology!!
• Has not been a feasible
route until recently but
technology now makes it
an exciting prospect.
• E-learning has failed to
deliver on promise due to
lack of thought and
creativity
8. Kick Off Project Meeting
• Briefing of Game Given
• Project objectives
• To develop safe new
level crossing control
• Resources
• Expert Information
• Points scoring criteria
• Game generally team
game.
9. Project Team Development
• Before team starts you must
assemble a group of team
members
• 1st you must pass the
competency assessment
with the exert. You have
resources and information
available.
• Questions will cover risk,
safety, high level rail issues
etc.
• Good answers give you
resources to buy experts,
data and standards
10. Virtual On-Line Experts and Panels
• These will be the voice
of the standards and
guidance.
• They will be the gate
keepers for safety
acceptance
• You can buy more
expertise as you achieve
milestone goals
11. Databases and Standards
• Failure rate data will be
available via hyper links
• Standards will be
available
12. Virtual Railways
• We will be working on
our virtual railway.
• This initial game will
look at level crossings
but subsequent games
will work up to installing
a full ERTMS system as
part of the digital
Railway.
http://www.trainzportal.com/product/view/trainz-simulator-a-new-era
13. Level Crossing Safety
• 1st give some level
crossing accidents to
analyse at high level
• Then Perform HAZOP
14. HAZOP
• Experts, standards and
data can be bought here.
• HAZOP output assessed
against model outputs
and further points scored.
• Penalties if key risks
missed.
• Consult standards for
software/hardware/contr
oller.
15. Safety Assessment of Crossing
Controller
• National Initiative to
improve crossing control!
• You must be interviewed
to head up the initiative
for safety.
• you must pass the
competency assessment
with the exert. You have
resources and
information available.
16. Questions in Interview
• Given that risks of
hardware software
covered in HAZOP,
questions about SILs,
software reliability could
be asked.
• Online experts can be
consulted at a Price,
standards and guidance
also available cheaper,
• Points available for next
phase.
17. Develop New Crossing Controller
It has been decided
to develop a new
crossing controller
nationally.
Steps
Follow EN50126
Requirements
Safety Targets
Go out to tender
Get ISA
Go through lifecycle
Test and Commision
19. The Game will have levels and gates to
pass
• Safety deliverable will be
submitted and assessed
and virtual stakeholders
included
• Requirements managed.
• Points scored and
deducted. Time delays
will cost money.
• When game passed then
onto next game, for
example APT project?
• Then digital rail platform?
20. The statistics become the game!
The four areas are:
• points – something for
‘players’ to earn;
• rewards – something for
‘players’ to spend their
earned points on;
• badges – something to
show peers the
achievements ‘players’ have
unlocked;
• leader boards – a method of
gaining some real-time
feedback which is visible to
everyone.
21. Lifelike Project Scenarios
• Latent faults with the
system that have to be
identified, assessed and
mitigated
• Risk based decision
making.
24. Swiss Cheese Model / Bow Ties
• We will emphasis these
ideas in our risk
assessment and it will
be further elaborated in
the simulations.
25. Simulation
• Good for capturing
performance
• Good for capturing
improvements
• Further questioning will
be determined by
performance record
• Simulations will be run
this will determine
success of failure of
objectives
• Outcome could be a
train disaster or a minor
incident or a safe day
on the railway.
29. Pedagogy
• Without question, blended
learning using face to face
and technology driven
gamification is proven as best
practice [xx][xx].
30. Why Now?
• Will fit in seamlessly with new digital railway
approach
31. Lets do this for the Digital Rail Era!
• Can be expanded to teach Digital railway
skills and structure
• Easily configurable to inputs from experts
and changes
• Great modern training facilities
• Data Driven
• Captures best
practice
Editor's Notes
Consider a level crossing controller. The purpose of the controller is to co-ordinate road and rail traffic. The sequence of crossing control operations is:-
When the controller receives an occupied signal from the approach train detection then it causes flashing lights to be presented to road traffic immediately.
5 seconds later the barriers will start to lower and be fully down after a further 5 seconds.
At a minimum of 30 seconds from the approach detection the train will arrive at the crossing.
After the train has cleared the second detection point at the crossing, the barriers will raise and when completely raised the lights will stop flashing.
The lights and barriers are immediately activated if the crossing train detection unexpectedly indicates occupied.
Identify some of the hazards of the controller. You can do this by following the steps below:
1. Choose a design intention and perform a partial HAZOP for it.
2. Keywords you may want to consider include:
NO/NOT (No part of the intention is achieved)
MORE (Some quantitative increase over what was intended)
LESS (Some quantitative decrease over what was intended)
AS WELL (Some qualitative increase over what was intended)
PART OF (Some qualitative decrease over intent)
REVERSE (The logical opposite of the intention)
OTHER THAN (Something completely different)