[SystemSafety] Preliminary Hazard Analysis - Approaches

[M Mencke]

Dear all,



I have seen different approaches to Preliminary Hazard Analysis in the
railway sector.



I have come across a top-down method, which (roughly) involves the
following steps:



Use of an “Example Railway Hazard List” based on the hazardous events
modeled by RSSB’s Safety Risk Model. The hazardous events are classified
according to the type of event. For example, Collision, Fire, etc.



The events on this list are linked to the functions of the system being
analysed. For example, avoiding a collision between two passenger trains
can be considered a function of the signaling system.



The functions identified are broken down into components, modules, etc.,
therefore linking them to the top hazard.



This sounds similar to a Fault Tree Analysis; my question is, is it useful
to apply this approach during initial design stages?



>From my point of view, if you select the top hazards which you consider to
be mitigated by your system from a list at the beginning of your analysis,
you could overlook some significant hazards which may be generated by a
(sub)system/function failure that you did not initially identify.



Personally, I prefer a bottom-up approach. It seems to me that by analyzing
failures of system functions through the application of keywords, etc.,
effects on the subsystem and the system can be easily identified, whereas
the other way round, you have to be very familiar with the effects in order
to be able to work downwards.



Any opinions would be appreciated.



Kind regards,



Myriam.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.techfak.uni-bielefeld.de/mailman/private/systemsafety/attachments/20130424/aa026501/attachment.html>