iYBWG Background & Expectations

advertisement
international Engineering Safety
Management
Overview and what’s new
Paul Cheeseman & Dr Rob Davis
Technical Program Delivery
paul.cheeseman@tpd.uk.com
rob.davis@tpd.uk.com
© TPD 2013
iESM - Aim
• To assist the international railway
industry in delivering
products/systems with acceptable
levels of safety by developing &
sharing good practice in railway
Engineering Safety Management
worldwide.
• Developed as part of the TPD
internal research activities, for the
good of the rail industry.
© TPD 2013
ESM - History
“YB0” – early 1990’s
“YB0” – early 1990’s
Network SouthEast
Network SouthEast
Signalling and Telecomms
Signalling and Telecomms
YB1 -1996
UK Railtrack EE&CS
International
Emerging
Good Practice
YB1 -1996
Railtrack
Electrical Engineering
and Control Systems
YB2 -1997
UK Railtrack
YB2 -1997
YB3 -2000 Railtrack
UK Rail Industry
YB4 2005
Generic
iESM -2013
YB3 -2000
International Handbook on
Rail Industry
Engineering Safety
Management
iESM
© TPD 2013
iESM - Who is producing it?
• Dr Rob Davis – the originator of the riskbased safety engineering process in rail as
part of the BR NSE quality system later
published as “Yellow Book”. Established
Yellow Book and the YB Steering Group
(YBSG) and now chair of iESM WG.
• Paul Cheeseman – part of the BR team and
the last chair of YBSG.
• Bruce Elliot – editor of the Yellow Book
content throughout 1991 -2007 and iESM
2012-13
© TPD 2013
iESM Working Group
• Act as authority for iESM and
develop/support the creation of
associated supporting materials);
• Facilitate the efficient and effective
application of iESM;
• Promote and facilitate the exchange
of ideas for good practice that are
found in the world railway community
and other relevant industries;
• Sponsored by MTR Corporation,
Hong Kong.
© TPD 2013
iESM WG Members
• Recognised as having significant standing
within the industry on matters relating to the
management of engineering safety,
• Available and commit to the work of the
Working Group and promotion of iESM;
• Provide a professional contribution to Working
Group activities based on their skills and
expertise.
..............could that be you?
© TPD 2013
iESM supporters Worldwide
© TPD 2013
iESM - Structure
Layer 1: Principles
and Process
Volume 1
Layer 2: Methods, tools and
techniques
Further
Volume 2
volumes to be
(Projects)
announced
Layer 3: Specialized Guidance
Application
notes as
required
© TPD 2013
Volume 0
iESM - Business benefits
•
•
•
•
•
Identifying risks early
Integrated hazard management – three “legs”
Encouraging consistency and re-use
Scaling with the problem
Empowering project managers and supporting
users through a common approach and
common “language”
© TPD 2013
iESM - What’s in?
Emerging good practice
• Support for Common Safety Methods for Risk
Assessment have been mandated on parts of the
railway by European Directives
• Consistent with:
– Recent EN50128 with focus on roles and competence
– New CENELEC EN50126 incorporating the former
EN50128/9/155 and covering all technical systems
– Guidance from RSSB UK “Taking Safe Decisions”
– Guidance on using “Cross Acceptance” fast track
© TPD 2013
iESM - What’s out?
• Bias towards any one legal system or regulatory
framework (e.g. requirement to reduce risk
ALARP)
• Known deficiencies and poor practice e.g. using
risk matrices as a sole method for risk acceptance
• Templates, checklists, techniques etc to layer 3
• Explicit consideration of maintenance activities –
(temporary)
• English spellings!
© TPD 2013
• Lets look inside ……
© TPD 2013
Snap shot from Vol 1
© TPD 2013
Presentation of Volume 2
© TPD 2013
iESM - Overview #1
DEFINITION
Defining the scope
Determining
safety obligations,
targets and
objectives
Planning safety
activities
To RISK ASSESSMENT
RISK ANALYSIS
Identifying
hazards
Estimating
Risk
Applying
standards
Comparing with a
reference system
To RISK EVALUATION AND CONTROL
© TPD 2013
Estimating risk
explicitly
1. Estimating risk by applying
standards
• The standard shall at least satisfy following
requirements:
– be widely acknowledged in railway domain. If not
the case, the standard will have to be justified;
– be relevant for control of considered hazards in
system under assessment;
– be publicly available for all who want to use it.
© TPD 2013
IEEE1474 – thank you
© TPD 2013
2. Estimating risk by comparing with a
reference system
• A Reference System shall at least satisfy following:
– it has already been proven in-use to have an
acceptable safety level and would still qualify for
acceptance where change is to be introduced;
– it has similar functions and interfaces as system
under assessment;
– it is used under similar operational conditions as
system under assessment;
– it is used under similar environmental conditions as
system under assessment.
© TPD 2013
CBTC Roll out using reference system
Reference to CDL 1
plus specific application
hazard management
Generic Application
Safety Case
for core system
Chengdu Line 2
Xian Line 2
Hangzhou Line 1
Hangzhou Line 2
Zhengzhou Line 1
Specific Application Safety Case
Chengdu Line 1
© TPD 2013
3. Estimating risk by explicit risk
estimation
• The need for the use of an explicit risk estimation
could typically arise:
– when the system under assessment is entirely new,
OR
– where there are deviations from a Standard or a
Reference System, OR
– when the chosen design strategy does not allow the
usage of a Standard or similar Reference System
because e.g. of a wish to produce a more cost
effective design that has not been tried before
© TPD 2013
Explicit Risk Estimation – putting it all
together
Derailment
Derailment
Containment
Fails
Peak
Loading
Consequence
Risk Summation
Frequency
Severity
Yes
OR Gate
Consequence 1
1.0E-05
5 Fatalities
Consequence 2
1.0E-04 10 Serious Injuries
Consequence 3
1.0E-03 5 Minor Injuries
Consequence 4
1.0E-02 No Effect
Yes
Rolling
Stock Fault
No
P-Way
Fault
Yes
AND Gate
No
No
Axle
failure
Undetected in
Maintenance
Basic Events
© TPD 2013
iESM Overview #2
FROM RISK
ANALYSIS
Preparing a cross
acceptance
argument
RISK CONTROL
Evaluating risk
Setting safety
requirements
No
Is risk
acceptable?
Yes
Implementing and
validating control measures
Compiling
evidence of safety
No
Is evidence
adequate?
Yes
Obtaining
approval
© TPD 2013
Monitoring risk
iESM - Risk Control - Overview
1. Product /
System /
Project
development,
(design, build,
test, etc.)
2. iESM activities
(risk evaluation,
risk control, safety
argument, etc.)
3. Independent
Assessment
(checking and
certification)
© TPD 2013
iESM - Technical Support Processes
• Managing hazards
• Independent assessment
• Configuration management & records
© TPD 2013
iESM - Team Support Processes
•
•
•
•
•
Managing safety responsibilities
Promoting a good safety culture
Building & managing competence
Working with suppliers
Communicating and co-ordinating
© TPD 2013
iESM - Summary
• Is advisory, not mandatory;
• Provides good practice guidance and will continue to
reflect emerging good practice;
• Is applicable in an international market;
• Supports use of CENELEC standards and Common Safety
Methods (CSM) for risk assessment, with practical, costeffective advice;
• Assists in discharging legal & professional obligations;
• Is guided by a Working Group of practitioners and
supporters.
• Is supported by training courses from TPD and Lloyd’s
Register
www.intesm.org
© TPD 2013
A final thought
Absolute safety is not achievable in the
real world and therefore success relies on
two fundamentals:
1) good processes, and
2) good people;
such that when there is a problem or
failure in one, the railway can be
sustained by the other.
© TPD 2013
Download