CRES的危害因素识别方法:以EETD为例
|
摘要
首先厘清传统危害识别方法的局限性,运用系统理论的事故模型及过程(STAMP)的系统理论过程分析(STPA)方法,分析CRES不能使动车组(EMU)制动这一危害事件,将其安全问题看作是控制问题;然后以车载地震紧急处置装置(EETD)为例,分析其引起的不安全控制控制行为,找出产生不安全控制行为的原因,进而分析出其危害因素;最后与传统的故障树分析(FTA)方法结果对比,验证基于STAMP模型的STPA方法的有效性。结果表明:用该方法能比FTA方法识别出更多的危害因素,如设计缺陷、沟通不畅等。
The limitations of traditional hazard identification methods were clarified, and the STPA method of STMAP was applied to analyze the hazard event in which the CRES couldn't break the EMU, the safety problem was regarded as a control problem, the on-board earthquake emergency treatment device was taken as an example to analyze its unsafe control actions, the causes of the unsafe control actions, and it's hazardous factors were analyzed. A comparison was made between the traditional FTA method and the STPA method based on the STAMP model. The effectiveness of the STPA method in identifying hazardous factors was assessed. The results show that the effectiveness of the STPA method is greater than that of the FTA method, and that using the former can identify more than what using the latter can, and the difference includes but is not limited to design faults and poor communication.
The limitations of traditional hazard identification methods were clarified, and the STPA method of STMAP was applied to analyze the hazard event in which the CRES couldn't break the EMU, the safety problem was regarded as a control problem, the on-board earthquake emergency treatment device was taken as an example to analyze its unsafe control actions, the causes of the unsafe control actions, and it's hazardous factors were analyzed. A comparison was made between the traditional FTA method and the STPA method based on the STAMP model. The effectiveness of the STPA method in identifying hazardous factors was assessed. The results show that the effectiveness of the STPA method is greater than that of the FTA method, and that using the former can identify more than what using the latter can, and the difference includes but is not limited to design faults and poor communication.
引文
[1] TJ/GW 147—2016, 高速铁路地震预警监测系统暂行技术条件[S].TJ/GW 147-2016, Technical condition for high-speed railway earthquake early-warning and monitoring system[S].
[2] 李京生,张湜,赵林.基于网闸技术的高速铁路地震预警监测系统安全性研究[J].铁道运输与经济,2018,40(7): 101-104.LI Jingsheng, ZHANG Shi, ZHAO Lin. Research on security of high-speed railway earthquake early-warning and monitoring system based on gap technology[J]. Railway Transport and Economy, 2018,40(7): 101-104.
[3] 刘敬辉,戴贤春,郭湛,等. 铁路系统基于风险的定量安全评估方法[J]. 中国铁道科学, 2009,30(5): 123-128.LIU Jinghui, DAI Xianchun, GUO Zhan, et al. Quantitative safety assessment method based on risk in railway system[J]. China Railway Science, 2009,30(5): 123-128.
[4] 沈伟. 铁路控制系统的FMEA方法[J]. 铁道通信信号, 2015,51(5): 46-48.
[5] 刘金涛. 基于STPA的需求阶段的高速列车运行控制系统安全分析方法研究[D]. 北京:北京交通大学, 2015.LIU Jintao. A safety analysis method for high-speed railway train control system in requirements phase based on STPA[D]. Beijing: Beijing Jiaotong University, 2015.
[6] 韩笑. 基于UML和STPA的RBC交接场景安全分析研究[D]. 北京:北京交通大学, 2016.HAN Xiao. Safety analysis of RBC handover based on UML and STPA[D]. Beijing: Beijing Jiaotong University, 2016.
[7] Q/CR 637—2018, 中国高速铁路地震预警系统型号编制方法(报批稿)[S].Q/CR 637-2018, Model designation method for china high-speed railway earthquake early-warning system[S].
[8] TJ/GW 149—2016, 车载地震紧急处置装置暂行技术条件[S].TJ/GW 149-2016, Interim specifications for on-board earthquake emergency treatment device[S].
[9] LEVESON Nancy G. Engineering a safer world: systems thinking applied to safety[M]. Cambridge: MIT Press, 2012.
[10] LEVESON Nancy G. A new accident model for engineering safer systems[J]. Safety Science, 2004, 42(4): 237-270.
[11] LEVESON Nancy G. A new approach to hazard analysis for complex systems[C]. Proceedings of International Conference of the System Safety Society, 2003: 498-507.
[12] 刘金涛,唐涛,赵林,等. 基于STPA的CTCS-3级列控系统功能安全分析方法[J]. 中国铁道科学, 2014,35(5): 86-95.LIU Jintao, TANG Tao, ZHAO Lin, et al. Functional safety analysis method of CTCS-3 level system based on STPA[J]. China Railway Science, 2014,35(5): 86-95.
[13] 甘旭升,崔浩林,刘卫东,等. STPA危险分析方法及其在ATSA-ITP设计中的应用[J]. 中国安全科学学报, 2015, 25(5): 80-86.GAN Xusheng, CUI Haolin, LIU Weidong, et al. STPA hazard analysis method and its application in ATSA-ITP design[J]. China Safety Science Journal, 2015, 25(5): 80-86.
[14] GB/T 13861—2009, 生产过程危险和有害因素分类与代码[S].GB/T 13861-2009, Classification and code for the hazardous and harmful factors in process[S].
[2] 李京生,张湜,赵林.基于网闸技术的高速铁路地震预警监测系统安全性研究[J].铁道运输与经济,2018,40(7): 101-104.LI Jingsheng, ZHANG Shi, ZHAO Lin. Research on security of high-speed railway earthquake early-warning and monitoring system based on gap technology[J]. Railway Transport and Economy, 2018,40(7): 101-104.
[3] 刘敬辉,戴贤春,郭湛,等. 铁路系统基于风险的定量安全评估方法[J]. 中国铁道科学, 2009,30(5): 123-128.LIU Jinghui, DAI Xianchun, GUO Zhan, et al. Quantitative safety assessment method based on risk in railway system[J]. China Railway Science, 2009,30(5): 123-128.
[4] 沈伟. 铁路控制系统的FMEA方法[J]. 铁道通信信号, 2015,51(5): 46-48.
[5] 刘金涛. 基于STPA的需求阶段的高速列车运行控制系统安全分析方法研究[D]. 北京:北京交通大学, 2015.LIU Jintao. A safety analysis method for high-speed railway train control system in requirements phase based on STPA[D]. Beijing: Beijing Jiaotong University, 2015.
[6] 韩笑. 基于UML和STPA的RBC交接场景安全分析研究[D]. 北京:北京交通大学, 2016.HAN Xiao. Safety analysis of RBC handover based on UML and STPA[D]. Beijing: Beijing Jiaotong University, 2016.
[7] Q/CR 637—2018, 中国高速铁路地震预警系统型号编制方法(报批稿)[S].Q/CR 637-2018, Model designation method for china high-speed railway earthquake early-warning system[S].
[8] TJ/GW 149—2016, 车载地震紧急处置装置暂行技术条件[S].TJ/GW 149-2016, Interim specifications for on-board earthquake emergency treatment device[S].
[9] LEVESON Nancy G. Engineering a safer world: systems thinking applied to safety[M]. Cambridge: MIT Press, 2012.
[10] LEVESON Nancy G. A new accident model for engineering safer systems[J]. Safety Science, 2004, 42(4): 237-270.
[11] LEVESON Nancy G. A new approach to hazard analysis for complex systems[C]. Proceedings of International Conference of the System Safety Society, 2003: 498-507.
[12] 刘金涛,唐涛,赵林,等. 基于STPA的CTCS-3级列控系统功能安全分析方法[J]. 中国铁道科学, 2014,35(5): 86-95.LIU Jintao, TANG Tao, ZHAO Lin, et al. Functional safety analysis method of CTCS-3 level system based on STPA[J]. China Railway Science, 2014,35(5): 86-95.
[13] 甘旭升,崔浩林,刘卫东,等. STPA危险分析方法及其在ATSA-ITP设计中的应用[J]. 中国安全科学学报, 2015, 25(5): 80-86.GAN Xusheng, CUI Haolin, LIU Weidong, et al. STPA hazard analysis method and its application in ATSA-ITP design[J]. China Safety Science Journal, 2015, 25(5): 80-86.
[14] GB/T 13861—2009, 生产过程危险和有害因素分类与代码[S].GB/T 13861-2009, Classification and code for the hazardous and harmful factors in process[S].