DRSRG Chairman's address Brian Tomlinson 18 April 2016

advertisement
DRSRG
Chairman's address
Brian Tomlinson
18 April 2016
Attendance
Welcome to our guests
Delayed arrivals Coen van Gulijk, University of Huddersfield
Andrei Loukianov, University of Huddersfield
Ross McLarnon, Ideagen Plc
Early departures Johnny Schute, ORR & HSL
Joseph Januszewski from HSL
Annette Edgington, GB Railfreight
Nigel Nevis, ORR Liz Davies, RSSB Joining DRSG at various times from RSSB
Apologies
Jeff Brewer, Siona Vass, Maria Grazia Vigliotti,
Steve Enright, Abellio
Namrita Kohil & Jay Heavisides Priti Patel, Network Rail
Meeting support
Stephanie Lavy, Meeting Manager, stepping in for Irene
Tracey Hammond, Programme Support
2
John Collins, Angel Trains
SSRG Chairman’s address
18 April 2016
Confidentiality level
Key topics for today’s meeting
This morning Review our action tracker
SMIS+ presentations and group work
‐ All
‐ Jeff, Siona, Johnny Schute and Ross This afternoon
Projects, updates from
‐ Marcus, Namrita, Cajetan and Coen
Cyber Security & Safety Management, presentation and group work
‐ Maria
Rail Safety Legislation Update ‐ No 78
Rail Industry Health & Safety Strategy
‐ Ian DRSG ‐ Strategy for approval
‐ Marcus
SSRG Update and DRSG Terms of Reference
High Integrity Systems Group ‐ George and Brian
3
SSRG Chairman’s address
18 April 2016
Confidentiality level
Agenda item 2 – Minutes and actions
Minutes
‐ Any feedback or comments?
Membership and alternates, administration update
‐ Will be circulated post meeting to capture any updates and your alternates.
Top 5 key messages
‐ Following today’s session DRSG will be releasing a summary email of the top 5 key messages to all members and each sub group Chair.
‐ Released from our own new DRSG@rssb.co.uk email account.
‐ Please forward any communications to the inbox going forward.
Open Actions
0009
4
MARs Task Force –Coordinate the work of the MARs Task Force to develop a roadmap, with clear short/medium/long terms actions, for presentation SSRG Chairman’s address
18 April 2016
Confidentiality level
IM / TD
Open
Item 3
SMIS+ Jeff Brewer, RSSB
SMIS+ update to DRSG
Jeff Brewer, RSSB
18th April 2016
Agenda • Overview of the 5 projects that make up SMIS+
• Update on progress to date
• What functionality will be in the first two phases and how we intend to reduce the impact • Overview of the agile development process • Enabling infrastructures (RSSB Business Change)
• Stakeholder engagement • What more do you need from us?
• And this isn’t all. High level SMIS+ road map Presentation title
• Your questions
20 April 2016
Confidentiality level
SMIS+ Programme workstreams
SMIS +
Data
Presentation title
System
20 April 2016
Business change
Confidentiality level
Enabling infrastructure
Road map
High‐level programme plan
2015
Dec
2016
Jan Feb
Mar Apr
May June July
Aug Sep
2016
2017
Nov Dec Mar
Oct
Phase 1
Initiation
Phase 2
Design, build, test and business impact/change
Themes x 17
Project planning
Bowtie workshops – Draft specification – Theme Discovery workshops – functional specification ‐ UAT
Activities Update on the Stakeholder Engagement Strategy ‐ Jane
Planning
Theme identification
Benefit mapping
Capabilities x 18
U
A
T
Workshops – functional specification ‐ UAT Training
Plan for phase 2
P g
h o
a ‐
s l
e i
v
1 e
Phase 2
Design/
Build/
UAT
Infrastructure support and RSSB business change
Presentation title
20 April 2016
Stakeholder engagement & communication to ensure organisations Confidentiality level
are aware and prepared
SMIS+ Implementation Phases
 Phase 1 – 30th Nov 2016
 Phase 2 – 31st March 2017 (TBC)
– New user‐friendly web based system  Capture and record a safety event or risk via a mobile device – New data event model that is risk based
 Close call recording and – Investigation recording and recommendation tracking
management
 Links to Network Rail’s asset – Business process workflow and KPI’s systems
to assist with the collection of safety  Improved data quality processes
data and investigation management
– New state‐of‐the‐art business intelligence software 5
Presentation title
20 April 2016
 Investigation management functionality following industry best practice
Confidentiality level
Close call
Other events
YDS
Infrastructure work
Train ops & failures
July
Level crossings
June
Fires & explosions
People on trains
May
ERTMS
April
Ill health
Road driving
Fixed infrastructure
People in stations
PTI
Confidentiality level
20 April 2016
Presentation title
Train accidents
Dangerous goods
6
August
SPADs & signalling
March
Trespass and suicide
Assaults and abuse
February
SMIS+ themes and schedule
An example of agile working
Scoping
Analysis
Industry
workshop
Review
SMIS+ Design Advisory Group
Industry Risk Groups
Theme discovery Functional workshop
spec Review
Build
User acceptance testing
Presentation title
20 April 2016
Confidentiality level
Forms
Presentation title
20 April 2016
Confidentiality level
Input Fields
Presentation title
20 April 2016
Confidentiality level
Enabling infrastructure (RSSB Business Change activities)
 Close Call Strategy
 Guidance
 Group standards
 SMIS Business Support Team
 On‐going developments
 Meeting our stakeholders on‐going BI requirements
 Access rights/RSSB membership
 Systems Safety Case
 Data protection Act
 Operational safety requirements
 On‐going governance  Data quality processes/dispute management and escalation
10
Presentation title
20 April 2016
 Change requests
 Investigation management training
Confidentiality level
SMIS+ stakeholder engagement strategy
• Relate SMIS+ to your needs
Business sponsors
Industry business change leads
Industry
groups
Business Impact Assessment
• Co‐
ordinated contact
11
Presentation title
20 April 2016
• Plan and lead change in your business
• Describe required changes
Confidentiality level
Planning guidance for SMIS+
We’ve produced a pack that contains activities to help SMIS+ business change leads to think about how to prepare for the changes that come with SMIS+, and consider what decisions need to be made by who and when. Content covers:
•
•
•
•
•
•
•
Business impact assessments
Identify stakeholders
Align with strategy and plans
Communications
Training and tools
Technology
Company culture
To achieve smooth implementation, we advise that they work with their organisation’s SMIS+ business sponsor and IT lead. We recommend they set up a project team where the three of them meet regularly Presentation title
20 April 2016
Confidentiality level
12
to prepare their organisation for SMIS+. What do you need to know to be able to talk confidently about SMIS+ to your industry contacts?
13
Presentation title
20 April 2016
Confidentiality level
SMIS+ Roadmap
Single SMS
SMS Improvement Plan
Enterprise Safety Management System Software
Effectiveness of Controls (MOC)
Training & Competence
Phase 1
Future phases
Future phases SMIS
/CCS
Predictive analytics
Integration with SIDB
Interfaces
Safety Event Analysis
Safety Event Reporting NIR On‐Line
Rail Notices
Audits
Health & well‐being
Investigation
Action and recommendation Tracking
Risk Assessments
Future phases
Bowties
Setting up Environments
Presentation title
Group Standards Management
and Compliance to Group Risk Assessments Standards
& Standards Management
20 April 2016
Inspections
Confidentiality level
Inspections & Audits
SMIS+ Future Phases
 What are they?
Category
Phase/ Requirement
 How are they categorised?
SYSTEM REPLACEMENT
Priority
System
Industry
NIR
MED
EASY
MED
CIRAS
LOW
EASY
MED
 How are they prioritised?
CCIL (control logging)
MED
MED
DIFF
TOC/ FOC/ Supplier systems
LOW
EASY
MED
a) in terms of demand;
Health & Wellbeing
HIGH
EASY
MED
Data/ tools/ profile/ models
HIGH
MED
MED
Bowties
MED
DIFF
MED
Asset Management
LOW
MED
MED
British Transport Police
MED
MED
MED
Predictive analytics
MED
EASY
MED
Lessons learned
MED
MED
MED
RSSB SYSTEMS
Sharepoint/ RSSB
LOW
EASY
MED
REPLACEMENT
SPARK
MED
MED
MED
RMDB consultation
LOW
MED
MED
Freedom of Information
MED
MED
MED
Good practice/ Community
MED
EASY
MED
LOW
EASY
EASY
b) capacity of the system and;
c) engagement from industry
 What could the timeline look like from 2017? 15
Presentation title
RISK MANAGEMENT
INTEGRATION
INTELLIGENT ALERTS
OTHER
20 April 2016
Social media
Confidentiality level
SMIS+ Future Phases
…Continued
SMS FUNCTIONALITY
INTERFACES
16
Presentation title
20 April 2016
Training and competence
MED
EASY
EASY
Audit & Inspections
MED
EASY
EASY
Improvement plan
MED
EASY
EASY
Compliance to Group Standards
MED
EASY
EASY
Document Management
MED
EASY
EASY
Building interfaces to organisations’ bespoke SMS systems
HIGH
MED
EASY
Confidentiality level
Thank you
How do we use SMIS+ to improve reporting quality and scope?
Presented by Siona Vass
20 April 2016
Current reporting requirements
• Group Standard GE/RT8047
• ROGS
• RAIB
• RIDDOR (Health and Safety at Work)
2
DRSG
20 April 2016
Confidentiality level
Future reporting requirements
• Standards Policy are currently reviewing RGSs.
• Potential to mandate reporting requirements with a conditions of use of SMIS+.
• Close call events to be entered in SMIS+ (non‐
mandatory).
3
DRSG
20 April 2016
Confidentiality level
Scope
Undesired event (SMIS) Accident (injury/damage/failure/loss)
Includes any undesired circumstances which give rise to ill‐health or injury; damage or failure to property, plant, products or the environment; production losses or increased liabilities.
No injury or damage
Near miss
In relation to trains with people or road vehicles and other events that do not result injury or damage to persons involved.
4
DRSG
20 April 2016
Operational incident
Incidents affecting or with the potential to affect the operation of trains and the safety and health of persons involved.
Confidentiality level
SMIS+
Close call
A circumstance or behaviour that has the potential to cause injury, damage, failure or loss to persons involved.
Group discussions – 10 minutes
Green Q. What guidelines will achieve better reporting compliance in SMIS+? Blue Q. Who should have access to SMIS+ and what data should be made available? Red Q. What areas of SMIS+ can strengthen or weaken an open reporting culture?
Black Q. What opportunities are available to improve reporting scope within SMIS+?
5
DRSG
20 April 2016
Confidentiality level
Thank you
Find‐IT
Mr Joseph Januszewski
HSL: HSE’s Health and Safety Laboratory
© Crown Copyright, HSL 2016
Data Analytics
Health and Safety Laboratory
•
Founded in 1911 to study explosions in coal mines

Health & Safety at Work etc Act 1974

Science Directorate of HSE
•
Support HSE mission to protect health and safety in the workplace by providing incident response support plus proactive health and safety research •
Support Improvements in regulation across government
•
Large laboratory and test site at Harpur
Hill, Buxton
HSL: HSE’s Health and Safety Laboratory
© Crown Copyright, HSL 2016
Data Analytics
Health and Safety Laboratory
•
HSL is Britain’s leading industrial health and safety facility •
Employs almost 400 staff of which more than a third hold doctorates.
Experience across all sectors, including: •
–
–
–
–
–
–
–
Behavioural Change (nudge) Fire & process safety Computational modelling
Mechanical engineering
Metallurgy
Exposure control
Toxicology
HSL: HSE’s Health and Safety Laboratory
© Crown Copyright, HSL 2016
Data Analytics
HSE ‐ Data Analytics Centre
DataAnalyticsCentre
70 Team members ‐ Data scientists, Software Developers, Statisticians, Epidemiologists, Mathematicians, Economists, Project Managers, Database Architects. Picture here HSL: HSE’s Health and Safety Laboratory
© Crown Copyright, HSL 2016
Data Analytics
Context
•
HSL has been working in this area for 10 years
•
Initially population & demographics work for HSE
•
Have developed key, even unique, expertise
Algorithms
Text Mining
Advanced Statistics
HSL: HSE’s Health and Safety Laboratory
Link rather than combine
Start with the questions
Rapid access to data
© Crown Copyright, HSL 2016
Data Analytics
Creating Intelligent Solutions
Concept ‐ combining different data to create systems to provide intelligence Better use of existing
data
Population
Data
Regulatory
Data
Health
Data
Evidence for decision
making
Information
Creation
Engine
Audit trail
Better Regulation
Transparent
Regulation
Business
Data
Better Emergency
Planning
Creating Solutions to improve government and wider services
HSL: HSE’s Health and Safety Laboratory
© Crown Copyright, HSL 2016
Find‐IT Process
Transformation
User Requirements
Data Modelling
HSL: HSE’s Health and Safety Laboratory
Extract Transform Load (ETL)
Address & Organisation Matching
Find‐IT UI & Data Analytics
© Crown Copyright, HSL 2016
Data Analytics
Regulatory Intelligence
•
•
•
Concept - combining data to create systems to provide intelligence to
improve regulation and intervention
Aim - more efficient, effective, transparent regulation
Addressing key challenges – data sharing, Red Tape challenge
IRIS Cross Regulatory Intelligence Tool 2014
HSE Regulatory Intelligence tool 2011
National Population Database 2005
Cabinet Office Hidden Economy Intelligence tool 2015
DEFRA Farm Regulation tool 2014
Common issues
Identifying and Prioritising
Based on Risk
HSL: HSE’s Health and Safety Laboratory
Under Discussion
Interested parties
Welsh Government
Home Office
Office of Rail and Road
HM Revenue & Customs
Food Standards Agency
Environment Agency
Defence Safety Authority
Gangmaster
Licensing Authority
Wales & West Utilities
© Crown Copyright, HSL 2016
Data Analytics
Regulatory Intelligence - Find-IT
Drivers behind current ‘Find‐It’ project HSE ‐ Requirement to ‐ Reduce pro‐active inspection
‐ Target inspection to high risk sectors
Used to answer ‐ Is company still operating and doing what HSE thinks it does?
‐ Is it in a high risk sector? ‐ Why should we be going there?
• Defra ‐ One complete overview of compliance landscape of a farm
• Better Regulatory Delivery Office (BRDO) – sharing regulatory information across different sectors, view of cross compliance
• Cabinet Office/DCLG – Joint tasking to address illicit economy issues • DSA – joining of regulatory data to improve decisions based on risk HSL: HSE’s Health and Safety Laboratory
© Crown Copyright, HSL 2016
Data Analytics
Find‐IT
Find‐IT
•
•


1 Web Application > 6 Data Views
1.
Filter ‐ Expandable filters that enable the user to create complex queries to run against the business intelligence database
2.
Results ‐ Paged results of sites and companies that allows the user to access different areas of the application, save results and create reports
3.
Details ‐ Expandable tables that hold the combined detailed data that is held about a site or company.
4.
Network ‐ Navigable network of inferred connections between companies and sites.
5.
Map ‐ Interactive map that allows the user to explore sites and companies spatially
6.
Dashboard ‐ Interactive statistics that present useful graphics to end user
Predictive models
Text mining
HSL: HSE’s Health and Safety Laboratory
© Crown Copyright, HSL 2016
Data Analytics
ORR Find‐IT

Exploratory phase of work with ORR looking to help contribute improvements to :
–
–
–
–
–
–

Reassurance that resource is being used appropriately
Target resources where they will have greatest effect
Base strategic decisions on sound evidence
Prioritise interventions and resource based on risk
Forecast the future impact of actions taken now
Improve organisational efficiency and cost‐effectiveness
RSSB Involvement
–
–
–
–
–
Key stakeholders
Data experts and owners
Help in utilising key safety performance datasets Early engagement from RSSB to make sure that success can be achieved
Identifying long term benefits of the work for RSSB
HSL: HSE’s Health and Safety Laboratory
© Crown Copyright, HSL 2016
Enlighten
Overview and Future
My Role
Product Management
The role of the Product Manager
Product manager
Validate with
stakeholders
customers
sales
Product
manager
One product manager for each of Gael’s main products.
Lives and breathes the product.
Gather product feedback
Talks to customers, sales, consultants and stakeholders
Gathers feedback, listens to pains, and understands real life scenarios.
Consultants
Validate requirements
etc
Validates requirements with stakeholders, consultants and customers.
Rapid prototypes
Brief rapid prototyping team and validate solution with customers.
Organise prototypes
with development
Product
backlog
Update backlog
Once requirements are validated, they are broken down into user stories
and added to the backlog along with acceptance criteria.
Overview
• Designed for Enterprise & built for the cloud
• Risk based approach to Quality, Safety and Risk
• Reliable, scalable and secure • Hugely accessible
• Single point of maintenance and roll out, reducing operating costs
• Extensible Platform that can integrate with other systems
Seamless Functional Integration
• Policy and Procedure repository with full Change Control
• Full Audits Management from scheduling to closure
• Corrective/Preventive Action (CA/PA) Management
• Extensive Incident and Near Miss Reporting, Investigation and Action Tracking
• Wide ranging, intuitive and highly visual Risk Management capability
• Dashboards, Analysis and Business Intelligence to provide extensive oversight
Enlighten Product Strategy
Customers
Why we built it
• Combination of 23 years learning & feedback across industries
• Partnering with enterprise organisations across the globe
• Taking a risk based approach to managing quality and safety
• Goal: to build a world class Quality, Safety & Risk Management solution
The aviation approach
• Risk Based Approach to Safety Management
• Industry traction from:
•
ICAO SMS framework •
UK CAA Significant 7
• UKCAA Significant 7
•
Loss of Control, Runway Excursion, Controlled Flight into Terrain, Runway Incursion, Airborne Conflict, Ground Handling & Fire
• Rail is catching up
Enlighten Vision
T972: Piloting a GeoSRM
for the rail network in GB
Namrita Kohli
20 April 2016
Background
2
What are the origins of the GeoSRM?
 It’s an output from T972: Piloting a geo‐referenced safety risk model for the rail network in Great Britain.
 Making network‐wide safety improvements is no longer reasonably practicable. We now need to understand localised risk profiles.
 We need to identify areas where safety measures are disproportionate to the risk they are mitigating.
 We need to identify areas where safety measures could be improved and justified on a location specific basis.
 The GeoSRM is a pilot model demonstrating the capability of the model concept.
3
Presentation title
20 April 2016
Confidentiality level
Scope of the pilot GeoSRM?
 Geographical
 Risk areas
Derailments
 ~10% network
 193 stations
 1755 km track
Suicides
 44 million passenger train km / year
Slips, trips and falls
London
Exeter
Southampton
4
Presentation title
20 April 2016
Confidentiality level
What is the GeoSRM?
 Based on the Safety Risk Model (SRM)
 It provides geo‐referenced safety risk estimates
SRM
GeoSRM
Single national estimate of risk for each precursor/hazard
Calculates risk distributed across the network
Modelling assumptions based on national averages
Uses local infrastructure asset data and timetable information
Results disseminated through reports/spreadsheets
Results disseminated through web‐based interface
5
Presentation title
20 April 2016
Confidentiality level
Outputs of the model
Allows users to pan, zoom in and out
Allows users to filter display
Allows interrogation of contributory factors
6
Presentation title
20 April 2016
Confidentiality level
Compare results and breakdown of risk by person type
Trialling the pilot model
 The GeoSRM was briefed to representatives from South West Trains, Network Rail and the steering group.
 The sessions conceptually described how the model works and demonstrated how the tool could be used.
 A three month trial followed the briefing sessions.
 Feedback was collected throughout the trial.
7
Presentation title
20 April 2016
Confidentiality level
Lessons learnt
8
Lessons learnt part 1
Data
Lesson 1: Managing large volumes of data.
Lesson 2: Managing issues with data quality and availability.
Lesson 3: Processing big data sets.
Interface
Lesson 4: Querying large databases.
9
Presentation title
Lesson 5: Improving the GeoSRM user interface.
20 April 2016
Confidentiality level
Lessons learnt part 2
Process
Lesson 6: Developing the models.
Lesson 7: Improving the process.
Lesson 8: Applying the outputs of the model.
Collaboration
Lesson 9: Managing and organising briefing sessions.
10
Lesson 10: Gathering and specifying data requirements.
Lesson 11: Building the GeoSRM models and interface.
Presentation title
20 April 2016
Confidentiality level
Conclusions & next steps
11
Conclusions
 Project has shown the feasibility of a GeoSRM.
 Developed new approaches to modelling risk.
 Good feedback on the concept of modelling and visualising risk distributed geospatially. Possible benefits have been identified:
– The potential to be able to inform and justify local safety decisions on the basis of quantified risk rather than judgement.
– It enables the consideration of asset configuration and interrelation and the impact this has on risk.
– Visual aid to start an informed conversation about safety risk
– The potential to link this to driver training by identifying key risk areas and raising awareness if the tool can include or match the training requirements
12
Presentation title
20 April 2016
Confidentiality level
Conclusions (continued)
 Issues currently prevent the GeoSRM from being scaled to cover more of the network or risk profile:
– Ability to automatically analyse train movements
– Suitable availability, quality and format of asset and causal factor data
 Not all hazards benefit from visualising risk in this way.
 Require improvement to the quality of geospatial data and adjustments to the user interface.
13
Presentation title
20 April 2016
Confidentiality level
Potential next steps
 This approach to modelling aligns with the DRSG objective to develop models and tools to support localised risk assessments.
 We need to prioritise the areas of risk modelling that can be taken forward and how.
 We also need to ensure that the enabling technologies are available for future phases of the tool:
– Capturing future data requirements with SMIS+
– Work with industry programmes to deliver supporting data and architecture  We need to revisit modelling requirements, as these have evolved since the project started.
– Understand the impacts of a decentralised rail industry – Align development with SRM and Network Rail tools
14
Presentation title
20 April 2016
Confidentiality level
DRSG is asked to:
 Approve the closure of the project
– Provide comments any on the project brief by 25th April 2016
 Advise on a suitable group for a workshop on the next steps of localised risk modelling
15
Presentation title
20 April 2016
Confidentiality level
Thank you
Integrated Safety Risk Platform
Broken Rail, ECM1 156m 858y, 29/08/2013, LNE
Track Buckle, BML1 0m 573y, 15/07/2013, Wessex
ALCRM
CRSM4S
CCT
Cajetan Chukwulozie
(Head of Risk Management - STE)
20-Apr-16
1
Current State (Issues)

Multiple operational safety risk tools (ALCRM, SORAT, LCMP, TSERAT, CCT, CRSM4S, CBA, Track
Worker Safety Risk Tool, Temporary Speed Restriction (TSR), Risk assessment mobile app).

Different risk ratings (ALCRM (A1 – M13), SORAT (A – M; 1 – 4 in each band); non-uniformed use of
the same data sources, non-streamlined administration and technical support, no synergy in design,
development, and management of risk tools, and look and feel are all different).

Multiple suppliers and maintenance contracts (Small, knowledge transfers, costly, updating and
modernising to new environment (recommendations, SRM).

Inefficient allocation of resources (Costs, people and time, training workshops and assessors, and
steering groups not aligned to proper governance arrangements).

Diverse/Duplication of risk calculating algorithms e.g. CBA tool is also duplicated in SORAT, vs
Corporate, CCT exists in ALCRM vs CCT, difficulty in updating and modernising algorithms.

RSSB risk tools (CBA, SRM, PTI, Red Aspect Approach Tool System (RAATS), SPAD Risk Ranking
(SRR), Suicide Prevention, Network Model Framework (NMF)).

Generally, there has been a lack of a strategic vision that those responsible for scoping / design /
specification for risk tools can align and work towards.
20-Apr-16
2
Integrated Safety Risk Platform (Future state)

A modular operational safety risk platform with risk engines in areas like Signalling, Temporary
Speed Restriction, Track Worker Safety, Irregular Working, Level Crossing, Station Interface, Route
Crime & Asset Failures.

Will build on current tools like ALCRM & SORAT but will link to a single database library of all risk
assessments or risk outputs, with warehousing functionality to ensure historic risk profiles and look
back ability to allow accurate and consistent trend analysis and predictive modelling.

The Safety Risk Platform should take into consideration related aspects of programmes like
ORBIS, SMIS+ and have a link (be joined up) with organisations strategic risk.

The Safety Risk Platform will share key data like Common Consequence and Safety Risk Model
(SRM) and will provide a single version of operational safety risk information critical for decision
making (including KPI dashboards, narrative risk assessments, business object reporting and hazard
log, forecasting & trend Analysis).

The solution should be extensible following deployment i.e. this will not be a ‘one-off’
development and there must be capability to evolve the solution and easily make changes going
forward.
/
Visionary Modular Integrated Safety Risk Platform
(please note that this is only a vision to demonstrate what can be achieved)
20-Apr-16
4
Outcome/Benefits













One stop shop – ease of usage and knowing where to go.
Establish common currency / language for risk understanding
(standardisation).
Removal of possibility of double counting of risk.
Reduced resources required and duplication of effort (people and funds).
Reduced supplier base – potentially for financial savings.
Improved ability to compare / benchmark with other industries.
Appropriate contracting structures are in place for implementation.
In-house capability to update the tool i.e. not reliant on external parties to
apply changes.
Tool is easily configurable (i.e. principle is for configuration not
customisation of the solution).
Rationalisation of existing tools undertaken.
Visible linkage between this (safety) platform and the organisational risk
tools.
The ability to predict safety risk on the network (however this may not be
a phase 1 deliverable).
Scope encompasses full auditing capability.
20-Apr-16
5
Improvement Plan Methodology
1. Undertake a study to better understand the plethora of “risk tools” and the type of
modular integrated safety risk platform stakeholders will want.
2. As part of the study, establish a strategic vision for the future management of
safety operational risk tools in the form of an “integrated safety risk platform”.
3. Work with the necessary internal and/or external stakeholders to develop the
“integrated safety risk platform”.
20-Apr-16
6
Agenda item 7c
Augmented bow ties Safety – Coen Van Gulijk, UOH
1
Institute of Railway Research
Augmented Bow Tie
or
Getting the Enterprise Research line
up and running
RSSB-HUD partnership:
Part of SMIS+ delivery mechanism
Institute of Railway Research
Digital transformation of SMS
Institute of Railway Research
TO SUPPORT
• The risk intelligence that a world class railway needs,
efficiently provided to the right people in the right format
and at the right time.
BY WORKING ON
• Risk models that are easy to access and use and
support the development of local and predictive risk
profiles
WHERE WE FOCUS ON FUTURE SYSTEMS FOR
• Risk profiles
Now working on
Application development for
• Text analysis (CC & Ontology)
• Numbers (RAATS & OTMR)
Institute of Railway Research
Close Call text analysis
Institute of Railway Research
With NR have worked together to map Close Call reports to
bowtie diagrams and report trends.
Visualization CC text to identify risksInstitute of Railway Research
OTMR Data Analysis:
Braking Curve
Institute of Railway Research
In the Pipeline
Close Call support:
• TAVIZON
Safety Enterprise architecture
• Middleware for Economic Modeling
• BDRA pilot
• Augmented Bow-Tie for PTI
Institute of Railway Research
TAVIZON: extracting ontology from text
using Visual Analytics to support CC Institute of Railway Research
Enterprise Research Line
Institute of Railway Research
Safety Enterprise Architecture: to map
Institute of Railway Research
digital business requirements
Data Linking for Economic Evaluation
Institute of Railway Research
based on Evans’ financial model
Digital SMS support:
SMIS+ aligned Augmented Bow-Tie Institute of Railway Research
Multiple real-time input data
Real-time reports
Trend reporting
Alerts
SMIS
Close Call
Timetables
Train movements
Track work
Signal aspects
Ticket sales
Delays
BTP data
-
It is about:
Creating a backbone for integrated risk & barrier monitoring
The engine for easy navigation through hundreds of safety controls
Collated safety control engine
Flexible and scalable bow-tie adjustment
Coordinated industry discussion about risks and safety controls through
basic safety-science tool
Augmented Bow-Ties support process
•
•
•
•
•
•
•
•
•
•
•
Institute of Railway Research
Asset name (safety control)
Background documentation
Responsible persons/workers
Interface with suppliers
Relevant databases
Support processes for asset
Reporting:
• Condition monitoring
• Management reports
• KPI’s
Implementing existing risk models
Numbers for risk calculations
Interface with suppliers
£££££££££
• Online instantaneous for all nodes
in the bow-ties
BDRA Production Pipeline for
risk models and SMIS+ aligned SMS
Institute of Railway Research
Added value for digital transformation
Institute of Railway Research
•
•
•
•
•
•
•
•
•
Unprecedented operational insight in risk factors
Wider span-of control
Alignment with SMIS+ processes
Reduces time to respond
The organization of safety-relevant documents is easier:
they are directly attached to bow-tie nodes
Facilitates quick identification risk trouble areas
Viewpoint in existing Enterprise Architectures
Superior control makes safety cheaper and better at the
same time
Game changer in safety business process/management
But next to RSSB’s input
Institute of Railway Research
We require direct industry involvement for developing:
• Safety Enterprise Architecture
• Augmented bow-tie
• BDRA Production process
ENGAGE
Institute of Railway Research
Considering cyber security risk in safety
Presented by Maria Grazia Vigliotti
20 April 2016
Why cyber security?
 Critical systems are increasingly dependent on remote computing applications.
 European Rail Traffic Management System (ERTMS) new signalling is autonomous and potentially at risk.
 Several control systems and interlocking will be remotely connected (IP).
 As the railway will get more digitalised, security will become a more prominent issue.
Cyber security is about the protection and the resilience of digital systems.
2
Considering cyber security risk in safety
18 April 2016
Public
Vulnerabilities
Two categories of vulnerabilities:
• Vulnerabilities in people and procedures
• Technical vulnerabilities i.e. ways to gain digital access •
•
•
•
•
•
3
authentication windows
UBS port
IP/TCP connections
specialised connections (Bluetooth,.Citrix,.), Email browsers (Explorer, Safari, Firefox),…
Considering cyber security risk in safety
18 April 2016
Public
Impact of digital vulnerabilities
An attacker exploiting vulnerabilities could: •
Stop the computing device from running •
Destroy or changing data – could lead to safety incidents
•
Send information to other unauthorised parties ( Violation of privacy –SMIS+ ?)
4
Considering cyber security risk in safety
18 April 2016
Public
Why should we consider cyber risk in safety? • I went to visit a maintenance depot last week
• I saw a lot of PCs and Tablets used to maintain the trains. • Is the impact of the digital equipment fully understood and considered in the safety management system? • With the digital railway programme coming, is the safety community prepared to consider safety hazards caused by cyber attacks? 5
Considering cyber security risk in safety
18 April 2016
Public
Cyber risk in safety 6
Considering cyber security risk in safety
18 April 2016
Public
Activities taking place
• High Integrity systems Group (HISG) commissioned an R&D project on: Security informed safety case general methodology
• Department for Transport has promoted another project in this direction to produce a code of practice.
7
Considering cyber security risk in safety
18 April 2016
Public
How prepared is the safety community for managing cyber risk?
8
Considering cyber security risk in safety
18 April 2016
Public
What support does the safety community need?
9
Considering cyber security risk in safety
18 April 2016
Public
Framework for cyber security Identify
vulnerabilities and threats
Protect/Prevent (technical and procedures)
Recover/Report
Detect/monitor critical systems
Respond
10
Considering cyber security risk in safety
18 April 2016
Public
Cyber security risk‐based approach
Security cyber risk assessment
Hazard identification
Hazard mitigation
Risk evaluation
Risk management
Risk acceptance
Risk assurance
Cyber security competencies
Commercial and other drivers
Monitoring
Identify vulnerabilities
Detect attacks
Risk identification
Security incidents
Logs or audit trail entries
ng of information – SMIS+?
Cyber security concern?
Yes
Implement
No
Review
Scope problem
Analyse
Monitor
Monitoring safety
11
Considering cyber security risk in safety
18 April 2016
Analyse options
Determine cyber security measures
Select options
Define change
Make change?
No
Analysing and selecting options
Public
Assurance process
Yes
Making
a change
How can the safety community and the cyber security community communicate better?
12
Considering cyber security risk in safety
18 April 2016
Public
Should incidents related to cyber security be reported in SMIS+?
13
Considering cyber security risk in safety
18 April 2016
Public
Thank you
RSLU survey update
Ian Moreton
DRSG – 18 April 2016
Background
•
The RSLU has evolved over time to become a document circa 70 pages
•
RSSB wanted to ensure industry was served in the most effective way, and sought DRSG approval to proceed with gaining industry feedback. •
The RSLU was reviewed in detail by RSSB’s H&S Mgt and Comms teams, and a survey questionnaire was developed to gain industry views
•
Survey sent to current 200 Users plus Heads of Safety of RSSB members
•
Received 58 responses which were reviewed by the H&S Mgt Team
•
Overall feedback was highly positive, reaffirming the value of the RSLU
•
Some points were identified as easy ‘quick fix’ improvements and so incorporated into Issue 78 e.g. removal of some legacy information
•
Others points now form recommendations for endorsement by DRSG
2
DRSG ‐ Update
18 Apr 2016
Recommended future changes based on industry feedback
•
Distribution: Heads of Safety and Heads of Operations and where RSSB has contact details to public affairs managers. Users, who are not any of the above, will be given the option to continue to receive the RSLU.
•
Frequency: Continue with quarterly issues, but to supplement these with alerts as significant legal changes / policy developments become known.
•
Format/style: Continue existing approach over offered options (website, social media, video), but with a notification email for each update. Note: RSSB continues to improve its website so this may be an option to revisit.
•
Archive: Older, legacy information to be removed, and a summary will contain a reference to the previous RSLU Issue where it will be retained.
•
Opting in/out: To be introduced with clear instructions, starting Issue 79. Note: Feedback that RSSB need to maintain an up to date list of key safety contacts which has been passed to RSSB’s Engagement team for action.
3
DRSG ‐ Update
18 Apr 2016
End
Leading health & safety on Britain’s railway
A strategy for working together Ian Moreton
DRSG – 18 April 2016
The purpose of the strategy
1.
To provide a focus for leadership in key areas where collaboration will deliver health and safety performance benefit
2.
To be a reference point for how health and safety is managed on the railway
3.
To identify collaborative strategies where cross industry action will deliver improved management of health and safety risk
2
DRSG ‐ Update
18 Apr 2016
Update on progress
1. Identified the need for a strategy
2. 2015 – created by industry for industry
3. RSSB Board approval – Jan 2016
4. ORR Endorsement
5. Securing industry endorsement, recognition and alignment
6. IHSM 21st April ‐ launch of the strategy
7. Material development to support and deliver the telling of the health and safety story
3
DRSG ‐ Update
18 Apr 2016
Roles and interfaces on the mainline railway
4
DRSG ‐ Update
18 Apr 2016
12 priority areas
1. Workforce health and wellbeing
2. Public behaviour
3. Station operations
4. Road risk
5. Level crossings
6. Fatigue
7. Workforce safety
8. Infrastructure asset integrity
9. Workforce assaults and trauma
10. Train operations
11. Freight
12. Rolling stock asset integrity
5
DRSG ‐ Update
18 Apr 2016
12 priority areas
1. Workforce health and wellbeing
2. Public behaviour
3. Station operations
4. Road risk
5. Level crossings
6. Fatigue
7. Workforce safety
8. Infrastructure asset integrity
9. Workforce assaults and trauma
10. Train operations
11. Freight
12. Rolling stock asset integrity
6
DRSG ‐ Update
18 Apr 2016
Areas of influence over the safety risk profile
7
DRSG ‐ Update
18 Apr 2016
Health and safety risks
8
DRSG ‐ Update
18 Apr 2016
Health and safety risk gaps
9
DRSG ‐ Update
18 Apr 2016
Areas we already have identified as improvement areas
10
DRSG ‐ Update
18 Apr 2016
Alignment of industry groups to the Strategy
# 12 priority areas
Industry Group
1 Workforce health and wellbeing
Health Policy Group
2 Public behaviour
Suicide Reduction Group
Trespass Risk Group
3 Station operations
People on Trains and at Stations Group
4 Road Risk
Road Risk Group
5 Level crossings
Level Crossing Risk Group
6 Fatigue
System Safety Risk Group
Train Operations Risk Group
7 Workforce safety
No central group yet identified
8 Infrastructure asset integrity
Technical Strategy Leadership Group
11
DRSG ‐ Update
18 Apr 2016
Lead
Alignment of industry groups to the Strategy
#
12 priority areas
Indsutry Group
9
Workforce assaults and trauma
People on Trains and at Stations Group
10 Train operations
Train Operations Risk Group
11 Freight
National Freight Safety Group
12 Rolling stock asset integrity
No central group yet identified
12 Rolling stock asset integrity
No central group yet identified
Lead
 Similar mapping will need to take place for each of the 9 management capability areas, significant elements of which relate to the existing remit of DRSG and so should be identified in DRSG’s own strategy.
12
DRSG ‐ Update
18 Apr 2016
Identified 9 management capability priority areas to improve on
13
DRSG ‐ Update
18 Apr 2016
How is it all going to work?
 RSSB board is accountable for governance ‐ System Safety Risk Group ToR
to be amended to align activities within industry.
 Monitoring progress will take place against: 3 stated purposes; Leadership commitments; 12 risk priority areas; 9 capability areas
– RSSB board will receive updates from duty holders, SSRG , national, sector and regional groups.
 Twice‐yearly Industry Health and Safety Meetings will engage leaders and review progress on the different.
 Responsibility for working together to deliver this strategy lies with the duty holders, RSSB, and other relevant organisations.
 This strategy recognises that delivery of some of its components will be through other cross‐industry strategies and groups eg Rail Technical Strategy and Rail Supplier Group 14
DRSG ‐ Update
18 Apr 2016
Summary
•
Soft launch to trade press is underway – feature in the latest edition of Railway Strategies magazine
•
All industry leaders have been sent a letter to ask for their endorsement in writing. Names/logos will be on the website alongside the final version
•
External launch 21st April at the Industry Health and Safety Meeting, and at the Regional Engagement days during May
•
SSRG has begun the process of reviewing its scope in relation to the strategy, and will be seeking responses from each sub‐group as to their role and specific actions in delivering the strategy. DRSG’s response?
•
Stakeholders committed to communicate the strategy within their own organisations and to suppliers
•
Promotion of strategy to parliament in the summer
15
DRSG ‐ Update
18 Apr 2016
16
DRSG ‐ Update
18 Apr 2016
End
Data and Risk Strategy
Marcus Dacre, RSSB
18th April 2016
Data and Risk Strategy
This strategy identifies where collaborative industry effort is required to develop the tools, processes and competence that will deliver the Data and Risk Strategy Group’s vision for “the risk intelligence that a world class railway needs, efficiently provided to the right people in the right format and at the right time”. • First draft presented to DRSG Strategy Sub‐Group on 29th January
• Updated in response to their comments
Data and Risk Strategy
18th April 2016
Alignment to Rail Health and Safety Strategy
Data and Risk Strategy
18th April 2016
DRSG is asked to
• DISCUSS the strategy (at a high level)
– Any remaining concerns?
• COMMENT by correspondence
– Deadline: Friday 29th April.
• APPROVE the Strategy
– Subject to comments being addressed.
• SCHEDULE time in its next meeting to prioritise objectives / activities and develop its road map for delivering them.
Data and Risk Strategy
18th April 2016
Download