Guidance for Use of CSM Recommendation - ERA - Europa

04.07.2015 Views
European Railway Agency Collection of examples of risk assessments and of some possible tools supporting the CSM Regulation 3. DEMONSTRATION OF COMPLIANCE WITH SAFETY REQUIREMENTS 3.1. Prior to the safety acceptance of the change, fulfilment of the safety requirements resulting from the risk assessment phase shall be demonstrated under the supervision of the proposer. [G 1] As explained in points [G 3] to [G 6] in section 2.1.1, the "demonstration of the system compliance with the safety requirements" includes the phases "6 to 10" of the CENELEC V- Cycle (see BOX 3 in Figure 5). Refer to point [G 3] in section 2.1.1. [G 2] Refer also to point [G 4] in section 2.1.1 of this document. 3.2. This demonstration shall be carried out by each of the actors responsible for fulfilling the safety requirements, as decided in accordance with point 1.1.5. [G 1] An example of safety assessments and safety analyses that can be performed at the subsystem level are causal analyses: see Figure 10. But any other method can be used to demonstrate the sub-system compliance with the input safety requirements. Cause (of a Hazard at System Level) Hazard (at Sub-System Level) Hazard (at System Level) Accident k Accident l Cause (of a Hazard at Sub- System Level) Sub-System Boundary System Boundary CAUSES CONSEQUENCES Figure 10 : Figure A.4 of EN 50 129: Definition of hazards with respect to the system boundary. [G 2] The hierarchical structuring of hazards and causes, with respect to systems and subsystems, can be repeated for each lower level phase of the CENELEC V-Cycle in Figure 5, The hazard identification and causal analysis activities (or any relevant method), as well as the use of codes of practice, similar reference systems and explicit analyses and evaluations, can also be repeated for each phase of the system development cycle in order to derive, from the safety measures identified at the sub-system level, the safety requirements to be fulfilled by the next phase. This is illustrated in Figure 11. [G 3] Refer also to point [G 4] in section 2.1.1 of this document. Reference: ERA/GUI/02-2008/SAF Version: 1.1 Page 48 of 105 File Name: Collection_of_RA_Ex_and_some_tools_for_CSM_V1.1.doc European Railway Agency ● Boulevard Harpignies, 160 ● BP 20392 ● F-59307 Valenciennes Cedex ● France ● Tel. +33 (0)3 27 09 65 00 ● Fax +33 (0)3 27 33 40 65 ● http://www.era.europa.eu

European Railway Agency Collection of examples of risk assessments and of some possible tools supporting the CSM Regulation Phase N-1 in CENELEC V-Cycle Safety Requirements for Phase N Phase N in CENELEC V-Cycle Safety Measures in Phase N Safety Requirements (i.e. safety measures to be implemented) Safety Requirements for Phase N+1 Phase N+1 in CENELEC V-Cycle Safety Measures in Phase N+1 Safety Requirements (i.e. safety measures to be implemented) Safety Requirements for Phase N+2 Figure 11 : Derivation of the safety requirements for lower level phases. 3.3. The approach chosen for demonstrating compliance with the safety requirements as well as the demonstration itself shall be independently assessed by an assessment body. [G 1] All the activities represented in BOX 3 (14) of the CENELEC V-Cycle in Figure 5 are therefore also independently assessed. [G 2] The kind and level of detail for the independent assessment that is carried out by the assessment bodies (i.e. detailed or macroscopic assessment) is dealt within the explanations of the Article 6. 3.4. Any inadequacy of safety measures expected to fulfil the safety requirements or any hazards discovered during the demonstration of compliance with the safety requirements shall lead to reassessment and evaluation of the associated risks by the proposer according to section 2. The new hazards shall be registered in the hazard record according to section 4. [G 1] For example, the way for extinguishing fire could lead to a new hazard (suffocation) that will impose new safety requirements (e.g. a specific procedure for the passenger evacuation). Another example is the use of toughened glass to avoid that windows are broken in crashes and that passengers are harmed by glass or even thrown out. The new hazard induced is (14) The correspondence of activities between the CSM's and Figure 5 (i.e. Figure 10 of CENELEC 50 126 V-Cycle) is described in section 2.1.1. In particular, point [G 3] in section 2.1.1 lists what CENELEC activities are included in the CSM's phase "demonstration of the system compliance with the safety requirements". Reference: ERA/GUI/02-2008/SAF Version: 1.1 Page 49 of 105 File Name: Collection_of_RA_Ex_and_some_tools_for_CSM_V1.1.doc European Railway Agency ● Boulevard Harpignies, 160 ● BP 20392 ● F-59307 Valenciennes Cedex ● France ● Tel. +33 (0)3 27 09 65 00 ● Fax +33 (0)3 27 33 40 65 ● http://www.era.europa.eu

Page 1 and 2: European Railway Agency Collection











Page 23 and 24: INDEPENDENT ASSESSMENT System Defin





Page 33 and 34: BOX 1 BOX 2 European Railway Agency







Page 47: European Railway Agency Collection




























Page 105: European Railway Agency Collection

railway

assessment

hazard

european

regulation

hazards

examples

requirements

technical

measures

guidance

recommendation

europa

saferail.nl

Guidance for Use of CSM Recommendation - ERA - Europa

Guidance for Use of CSM Recommendation - ERA - Europa ... View more Guidance for Use of CSM Recommendation - ERA - Europa

Delete template?

Save as template ?

Guidance for Use of CSM Recommendation - ERA - Europa Guidance for Use of CSM Recommendation - ERA - Europa