列控中心风险分析研究
|
摘要
随着高速铁路的蓬勃发展,原来基于技术规章制度来保障行车安全的管理方法,越来越没办法满足日益增长的安全管理需求。铁道部办公厅于2012年在全路推行安全风险管理,列控中心作为列控系统地面信号控制的关键系统,对其进行风险分析显得尤为重要。
风险分析包括危害识别和风险估计两个过程。本文首先通过对列控中心的组成结构、功能需求、工作状态进行分析,对应建立了列控中心的参考模型、功能分层模型和状态转移模型,然后依照HAZOP方法,对这三种类型模型依次进行分析节点、要素、设计意图、引导词和发生原因的分析,得出其危害日志表,并对状态转移模型中的非正常状态进行半马尔可夫过程分析。
通过对顺序图基本语法和基于XYZ/E的顺序图语义进行定义,对描述语言进行逻辑求反运算,可以识别出程序执行过程中的危害。以轨道电路编码为例,将其识别出的危害与HAZOP方法得出的结果进行对比,表明该方法识别结果更为全面。
为对识别出的危害进行风险估计,本文借鉴欧洲铁路行业标准中的频率等级划分方法,并结合我国相关法规对事故严重等级的划分原则,建立了6×5风险矩阵。进一步运用模糊综合评判方法,构建了我国铁路信号系统后果严重度评价的因素集和评判集,对评判中用到的权重先采用模糊聚类分析先得出专家集中权重,再结合专家打分计算出因素权重,并以站内轨道电路编码错误的危害进行实例分析。最后,结合专家打分法得出的频率等级,依据风险矩阵,得出危害风险等级。
基于以上的风险估计方法,在VC++6.0平台上完成了列控中心风险估计系统的初步研发,以期用于数量较大的危害事件的风险估计计算。
With the rapid development of high-speed railway, originally based on the technical rules and regulations to ensure the traffic safety management methods, more and no way to meet the growing demand for safety management.In2012, General Office of the Ministry of Railways carried out a safety risk management within the whole railway.TCC as a critical system in Train Control System's ground signal control systems, it's obviously important to do risk analysis for it.
Risk analysis including hazard identification and risk estimation process. Firstly, by the analysis of the composition of the Train Control Center, functional requirements and work status, we establish a reference model of the Train Control Center, features hierarchical model and the state transition mode. Use the HAZOP analysis method analyze nodes, elements, design intent, guide words and the causes,then come to the hazard log.And we analyze the abnormal state of state transition model by semi-Markov process.
Based on the definition of basic syntax of sequence diagram and XYZ/E semantics, the paper come up with one kind of hazard identification method that based on the sequence diagram's XYZ/E semantics description. And illustrated by the example of track circuit coding, the paper compare its hazard with the result of HAZOP method's show that the method's result is more comprehensive.
For the risk assessment of identified hazards,this paper drawing on the European railway industry standard's frequency classification method and combine with the China's relevant laws and regulations of the accident severity principle of the division, then establish a6×5risk matrix for risk estimating. Further this paper use the fuzzy comprehensive evaluation method to build the factors set and evaluation set of the serious consequence of China's railway signaling system. The paper analyze the experts'concentrated weight used in the assessment,and combine with expert scoring calculated factor weight, then analyze the station track circuit coding errors hazard as an example. At last, combine with the level of the frequency from expert scoring method, it come to the final level of the risk level with the use of risk matrix.
Take advantage of the risk assessment method introduced above, this paper completed the Train Control Center Risk Assesment System's initial research and development inVC++6.0platform,in order for a larger number of tasks.
风险分析包括危害识别和风险估计两个过程。本文首先通过对列控中心的组成结构、功能需求、工作状态进行分析,对应建立了列控中心的参考模型、功能分层模型和状态转移模型,然后依照HAZOP方法,对这三种类型模型依次进行分析节点、要素、设计意图、引导词和发生原因的分析,得出其危害日志表,并对状态转移模型中的非正常状态进行半马尔可夫过程分析。
通过对顺序图基本语法和基于XYZ/E的顺序图语义进行定义,对描述语言进行逻辑求反运算,可以识别出程序执行过程中的危害。以轨道电路编码为例,将其识别出的危害与HAZOP方法得出的结果进行对比,表明该方法识别结果更为全面。
为对识别出的危害进行风险估计,本文借鉴欧洲铁路行业标准中的频率等级划分方法,并结合我国相关法规对事故严重等级的划分原则,建立了6×5风险矩阵。进一步运用模糊综合评判方法,构建了我国铁路信号系统后果严重度评价的因素集和评判集,对评判中用到的权重先采用模糊聚类分析先得出专家集中权重,再结合专家打分计算出因素权重,并以站内轨道电路编码错误的危害进行实例分析。最后,结合专家打分法得出的频率等级,依据风险矩阵,得出危害风险等级。
基于以上的风险估计方法,在VC++6.0平台上完成了列控中心风险估计系统的初步研发,以期用于数量较大的危害事件的风险估计计算。
With the rapid development of high-speed railway, originally based on the technical rules and regulations to ensure the traffic safety management methods, more and no way to meet the growing demand for safety management.In2012, General Office of the Ministry of Railways carried out a safety risk management within the whole railway.TCC as a critical system in Train Control System's ground signal control systems, it's obviously important to do risk analysis for it.
Risk analysis including hazard identification and risk estimation process. Firstly, by the analysis of the composition of the Train Control Center, functional requirements and work status, we establish a reference model of the Train Control Center, features hierarchical model and the state transition mode. Use the HAZOP analysis method analyze nodes, elements, design intent, guide words and the causes,then come to the hazard log.And we analyze the abnormal state of state transition model by semi-Markov process.
Based on the definition of basic syntax of sequence diagram and XYZ/E semantics, the paper come up with one kind of hazard identification method that based on the sequence diagram's XYZ/E semantics description. And illustrated by the example of track circuit coding, the paper compare its hazard with the result of HAZOP method's show that the method's result is more comprehensive.
For the risk assessment of identified hazards,this paper drawing on the European railway industry standard's frequency classification method and combine with the China's relevant laws and regulations of the accident severity principle of the division, then establish a6×5risk matrix for risk estimating. Further this paper use the fuzzy comprehensive evaluation method to build the factors set and evaluation set of the serious consequence of China's railway signaling system. The paper analyze the experts'concentrated weight used in the assessment,and combine with expert scoring calculated factor weight, then analyze the station track circuit coding errors hazard as an example. At last, combine with the level of the frequency from expert scoring method, it come to the final level of the risk level with the use of risk matrix.
Take advantage of the risk assessment method introduced above, this paper completed the Train Control Center Risk Assesment System's initial research and development inVC++6.0platform,in order for a larger number of tasks.
引文
[1]石坤.CTCS-2列控中心自动化测试平台的研究与实现[D].北京交通大学硕士论文.2010:8.
[2]肖女娥.风险评估技术在铁路信号系统中的研究与应用[D].西南交通大学硕士学位论文.2009:2-3,25.
[3]Engineering Safety Management Issue 4[M]. Rail Safety and Standards Board, 2007:3.
[4]马章.欧洲铁路信号系统安全标准的学习与引进[J].铁道通信信号.2007,43(8):10-11.
[5]A.G.Hessami, N.Karcanias. Complexity,Emergence and the Challenges of Assurance T Need for a Systems Paradigm[J]. Systems magazine.2011.
[6]R.I.Muttram. Railway Safety's Safety Risk Model[C]. Proceedings of the Institution of Mechanical Engineers.2002,216:71.
[7]A.GHessami. ERTMS Scope, Boundary & Hazards[R]. EEIG 2000.
[8]燕飞.轨道交通安全研究中心成立[N].都市快轨交通.2005,18(3):84.
[9]燕飞.轨道交通列车运行控制系统的形式化建模和模型检验方法研究[D].北京交通大学博士论文.2006:40-43.
[10]Peng Zhou, Hongze Xu, Jiangjun Hou. One Method to Evaluate the Safety of Train Control Center[J]. Computer Society.2009:20-23.
[11]赵媛喆.列控中心功能安全分析应用研究[D].西南交通大学硕士论文.2009:33-36.
[12]张亚东,郭进,单娜.铁路信号系统风险严重度综合评判[J].西南交通大学学报.2010,45(5):758-761.
[13]宁航宇.安全评价工程软件的研究与开发[J].西安电子科技大学硕士论文.2011:8-9.
[14]科技运.列控中心与轨道电路接口规范(报批稿)[S].2010.
[15]吴卫.风险评估技术在铁道信号系统中的应用[J].自动化与仪器仪表.2012.
[16]邓琼.安全系统工程[M].西安:西北工业大学出版社,2009:43-44.
[17]罗云,樊运晓,马晓春.风险分析与安全评价[M].北京:化学工业出版社,2009:100-101.
[18]刘双跃.安全评价[M].冶金工业出版社,2010:112-113.
[19]陈宝智.系统安全评价与预测[M].北京:冶金工业出版社,2011:101.
[20]EN 50126-2. Guide to the application of EN 50126-1 for safety[S],1999.
[21]张斌.HAZOP技术在丁辛醇装置上的应用研究[D].中国石油大学硕士论文.2008:10-12.
[22]宿敬新,赵东风.充分识别HAZOP分析中的偏差,提高HAZOP分析可靠性[J].科级传播.2010.
[23]JM Sanne.Framing risks in safety-critical and hazardous work:the case of railway maintenance[J]. Journal of Risk Research.2007.
[24]IEC61882. Hazard and operability studies-Application guide[S].
[25]张艳辉,陈晓春.改进的HAZOP风险评价方法[J].中国安全生产科学技术.2011,7(7):175.
[26]Sheng Huang, Min An. Railway safety risk assessment using FRA and FAHP approaches-A case study on risk analysis of shunting at waterloo depot[J]. The University of Birmingham.2011:181-186.
[27]M.H.Faber. Risk assessment for civil engineering facilities:critical overview and discussion[J]. Reliability Engineering and System Safety.2003,80(2).
[28]A.G.Hessami. Safety Principles ALARP Debate[R]. IEE Railway Professional Network.
[29]林瑜筠,谭丽,涂序跃,魏艳.高速铁路信号技术[M].北京:中国铁道出版社.2012:227.
[30]郑州铁路局编.高速铁路信号[M].北京:中国铁道出版社.2012:38-39.
[31]科技运[2010]138号.列控中心技术规范[S].2010:3.
[32]科技运.列控中心与集中监测接口规范(报批稿)[S].2010.
[33]李鹏.基于UML的铁路应急预案管理系统的研究与设计[D].北京交通大学硕士论文.2012:25-26.
[34]王丙参,魏艳华,张凡弟.马尔可夫更新方程及其应用[J].齐齐哈尔大学学报.2011,27(3):86.
[35]崔竞松,王丽娜,张焕国,傅建明,罗敏.基于状态转换模型的容侵系统研究[J].计算机科学.2003,30(4):61-62.
[36]殷丽华,方滨兴.入侵容忍系统安全属性分析[J].计算机学报.2006,29(8):1508.
[37]蔡敏,徐慧慧,黄炳强.UML基础与Rose建模教程[M].人民邮电出版社.2009:163-164.
[38]陈卉.UML顺序图和状态图的形式化方法研究[D].南京师范大学硕士论文.2008:13.
[39]朱雪阳.软件体系结构形式描述研究[D].中国科学院博士论文.2005:23.
[40]张广泉,戎枚,黄正宝.UML2.0的形式化语义研究[J].南京邮电大学学报.2007,27(3):40.
[41]黄正宝,张广泉.UML2.0顺序图的XYZ/E时序逻辑语义研究[J].计算机科学.2006,33(8):250.
[42]付茂名.模糊综合分析在信息安全评估中的应用[J].西南交通大学学报.2010,45(3):440-444.
[43]谢志坚,刘承平.模糊数学方法及其应用[M].武汉:华中科技大学出版社.2005:149-150.
[44]侯金川.地铁运营风险管理信息系统客户端设计与实现[D].西南交通大学硕士论文.2012:7.
[45]铁道部2007年第30号令.铁路交通事故调查处理规则[S].2007:1-3.
[46]R.Rackwitz. Optimization and risk acceptability based on the life quality index. Structural Safety 24(2002).
[47]周红.大坝运行风险评价方法研究[D].河海大学硕士论文.2004:35.
[48]洪云.大坝安全管理关键技术研究[D].河海大学博士论文.2004:37.
[49]顾冲时,汪自力,刘成栋.堤防工程安全评估专家赋权模型[J].岩土力学.2006.
[50]荣跃,刘志斌,冯吉燕.基于模糊聚类分析的地下水环境质量评价[J].辽宁工程技术大学学报.2006.
[51]陈奕宏,文学珍.模糊综合评价法在警官评价中的应用[J].太原教育学院学报.2006.
[52]金朝光,林焰,纪卓尚.基于模糊集理论事件树分析方法在风险分析中应用[J].大连理工大学学报.2003,43(1):97-98.
[2]肖女娥.风险评估技术在铁路信号系统中的研究与应用[D].西南交通大学硕士学位论文.2009:2-3,25.
[3]Engineering Safety Management Issue 4[M]. Rail Safety and Standards Board, 2007:3.
[4]马章.欧洲铁路信号系统安全标准的学习与引进[J].铁道通信信号.2007,43(8):10-11.
[5]A.G.Hessami, N.Karcanias. Complexity,Emergence and the Challenges of Assurance T Need for a Systems Paradigm[J]. Systems magazine.2011.
[6]R.I.Muttram. Railway Safety's Safety Risk Model[C]. Proceedings of the Institution of Mechanical Engineers.2002,216:71.
[7]A.GHessami. ERTMS Scope, Boundary & Hazards[R]. EEIG 2000.
[8]燕飞.轨道交通安全研究中心成立[N].都市快轨交通.2005,18(3):84.
[9]燕飞.轨道交通列车运行控制系统的形式化建模和模型检验方法研究[D].北京交通大学博士论文.2006:40-43.
[10]Peng Zhou, Hongze Xu, Jiangjun Hou. One Method to Evaluate the Safety of Train Control Center[J]. Computer Society.2009:20-23.
[11]赵媛喆.列控中心功能安全分析应用研究[D].西南交通大学硕士论文.2009:33-36.
[12]张亚东,郭进,单娜.铁路信号系统风险严重度综合评判[J].西南交通大学学报.2010,45(5):758-761.
[13]宁航宇.安全评价工程软件的研究与开发[J].西安电子科技大学硕士论文.2011:8-9.
[14]科技运.列控中心与轨道电路接口规范(报批稿)[S].2010.
[15]吴卫.风险评估技术在铁道信号系统中的应用[J].自动化与仪器仪表.2012.
[16]邓琼.安全系统工程[M].西安:西北工业大学出版社,2009:43-44.
[17]罗云,樊运晓,马晓春.风险分析与安全评价[M].北京:化学工业出版社,2009:100-101.
[18]刘双跃.安全评价[M].冶金工业出版社,2010:112-113.
[19]陈宝智.系统安全评价与预测[M].北京:冶金工业出版社,2011:101.
[20]EN 50126-2. Guide to the application of EN 50126-1 for safety[S],1999.
[21]张斌.HAZOP技术在丁辛醇装置上的应用研究[D].中国石油大学硕士论文.2008:10-12.
[22]宿敬新,赵东风.充分识别HAZOP分析中的偏差,提高HAZOP分析可靠性[J].科级传播.2010.
[23]JM Sanne.Framing risks in safety-critical and hazardous work:the case of railway maintenance[J]. Journal of Risk Research.2007.
[24]IEC61882. Hazard and operability studies-Application guide[S].
[25]张艳辉,陈晓春.改进的HAZOP风险评价方法[J].中国安全生产科学技术.2011,7(7):175.
[26]Sheng Huang, Min An. Railway safety risk assessment using FRA and FAHP approaches-A case study on risk analysis of shunting at waterloo depot[J]. The University of Birmingham.2011:181-186.
[27]M.H.Faber. Risk assessment for civil engineering facilities:critical overview and discussion[J]. Reliability Engineering and System Safety.2003,80(2).
[28]A.G.Hessami. Safety Principles ALARP Debate[R]. IEE Railway Professional Network.
[29]林瑜筠,谭丽,涂序跃,魏艳.高速铁路信号技术[M].北京:中国铁道出版社.2012:227.
[30]郑州铁路局编.高速铁路信号[M].北京:中国铁道出版社.2012:38-39.
[31]科技运[2010]138号.列控中心技术规范[S].2010:3.
[32]科技运.列控中心与集中监测接口规范(报批稿)[S].2010.
[33]李鹏.基于UML的铁路应急预案管理系统的研究与设计[D].北京交通大学硕士论文.2012:25-26.
[34]王丙参,魏艳华,张凡弟.马尔可夫更新方程及其应用[J].齐齐哈尔大学学报.2011,27(3):86.
[35]崔竞松,王丽娜,张焕国,傅建明,罗敏.基于状态转换模型的容侵系统研究[J].计算机科学.2003,30(4):61-62.
[36]殷丽华,方滨兴.入侵容忍系统安全属性分析[J].计算机学报.2006,29(8):1508.
[37]蔡敏,徐慧慧,黄炳强.UML基础与Rose建模教程[M].人民邮电出版社.2009:163-164.
[38]陈卉.UML顺序图和状态图的形式化方法研究[D].南京师范大学硕士论文.2008:13.
[39]朱雪阳.软件体系结构形式描述研究[D].中国科学院博士论文.2005:23.
[40]张广泉,戎枚,黄正宝.UML2.0的形式化语义研究[J].南京邮电大学学报.2007,27(3):40.
[41]黄正宝,张广泉.UML2.0顺序图的XYZ/E时序逻辑语义研究[J].计算机科学.2006,33(8):250.
[42]付茂名.模糊综合分析在信息安全评估中的应用[J].西南交通大学学报.2010,45(3):440-444.
[43]谢志坚,刘承平.模糊数学方法及其应用[M].武汉:华中科技大学出版社.2005:149-150.
[44]侯金川.地铁运营风险管理信息系统客户端设计与实现[D].西南交通大学硕士论文.2012:7.
[45]铁道部2007年第30号令.铁路交通事故调查处理规则[S].2007:1-3.
[46]R.Rackwitz. Optimization and risk acceptability based on the life quality index. Structural Safety 24(2002).
[47]周红.大坝运行风险评价方法研究[D].河海大学硕士论文.2004:35.
[48]洪云.大坝安全管理关键技术研究[D].河海大学博士论文.2004:37.
[49]顾冲时,汪自力,刘成栋.堤防工程安全评估专家赋权模型[J].岩土力学.2006.
[50]荣跃,刘志斌,冯吉燕.基于模糊聚类分析的地下水环境质量评价[J].辽宁工程技术大学学报.2006.
[51]陈奕宏,文学珍.模糊综合评价法在警官评价中的应用[J].太原教育学院学报.2006.
[52]金朝光,林焰,纪卓尚.基于模糊集理论事件树分析方法在风险分析中应用[J].大连理工大学学报.2003,43(1):97-98.