Guidance for Use of CSM Recommendation - ERA - Europa
Guidance for Use of CSM Recommendation - ERA - Europa
Guidance for Use of CSM Recommendation - ERA - Europa
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
European Railway Agency<br />
Collection <strong>of</strong> examples <strong>of</strong> risk assessments and <strong>of</strong> some possible tools<br />
supporting the <strong>CSM</strong> Regulation<br />
<br />
(a) description <strong>of</strong> system:<br />
(1) definition <strong>of</strong> system scope/boundaries;<br />
(2) description <strong>of</strong> functions;<br />
(3) description <strong>of</strong> system structure;<br />
(4) description <strong>of</strong> operating and environmental conditions;<br />
(b) description <strong>of</strong> external interfaces;<br />
(c) description <strong>of</strong> internal interfaces;<br />
(d) description <strong>of</strong> life cycle phases;<br />
(e) description <strong>of</strong> safety principles;<br />
(f) description <strong>of</strong> the assumptions defining the limits <strong>for</strong> the risk assessment;<br />
A.4.4.<br />
A.4.5.<br />
A.4.6.<br />
In order to enable the risk assessment to be done, the context <strong>of</strong> the intended change is<br />
taken into account in the system definition:<br />
(a) if the intended change is a modification <strong>of</strong> an existing system, the system definition<br />
describes both the system be<strong>for</strong>e the change and also the intended change:<br />
(b) if the intended change is the construction <strong>of</strong> a new system, the description is limited to<br />
the definition <strong>of</strong> the system as there is no description <strong>of</strong> any existing system.<br />
Evidences required from hazard identification phase:<br />
(a) description and justification (including limitations) <strong>of</strong> methods and tools <strong>for</strong> hazard<br />
identification (top down method, bottom up, HAZOP, etc.);<br />
(b) results:<br />
(1) lists <strong>of</strong> hazards:<br />
(2) system (boundary) hazards;<br />
(3) sub-system hazards;<br />
(4) interface hazards;<br />
(5) the safety measures that could be identified during this phase;<br />
The following evidences is also needed from risk analysis phase:<br />
(a) when codes <strong>of</strong> practice are used <strong>for</strong> controlling hazards, demonstration that all relevant<br />
requirements from the codes <strong>of</strong> practice are fulfilled <strong>for</strong> the system under assessment.<br />
This includes the demonstration <strong>of</strong> the correct application <strong>of</strong> the relevant codes <strong>of</strong><br />
practice;<br />
(b) when similar reference systems are used <strong>for</strong> controlling hazards:<br />
(1) definition <strong>for</strong> the system under assessment <strong>of</strong> the safety requirements from the<br />
relevant reference systems;<br />
(2) demonstration that the system under assessment is used under similar operational<br />
and environmental conditions as the relevant reference system. If this cannot be<br />
done demonstration that the deviations from the reference system are correctly<br />
assessed;<br />
(3) evidence that the safety requirements from reference systems are correctly<br />
implemented in the system under assessment;<br />
(c) when explicit risk estimation is used <strong>for</strong> controlling hazards:<br />
(1) description and justification (including limitations) <strong>of</strong> method and tools <strong>for</strong> risk<br />
analysis (qualitative, quantitative, semi-quantitative, non-regression analysis, ...);<br />
(2) identification <strong>of</strong> existing safety measures and risk reduction factors <strong>for</strong> each hazard<br />
(including human factor aspects);<br />
(3) evaluation and ranking <strong>of</strong> risk <strong>for</strong> each hazard:<br />
(i)<br />
estimation <strong>of</strong> consequences <strong>of</strong> hazard and justification (with assumption and<br />
conditions);<br />
<br />
Reference: <strong>ERA</strong>/GUI/02-2008/SAF Version: 1.1 Page 69 <strong>of</strong> 105<br />
File Name: Collection_<strong>of</strong>_RA_Ex_and_some_tools_<strong>for</strong>_<strong>CSM</strong>_V1.1.doc<br />
European Railway Agency ● Boulevard Harpignies, 160 ● BP 20392 ● F-59307 Valenciennes Cedex ● France ● Tel. +33 (0)3 27 09 65 00 ● Fax +33 (0)3 27 33 40 65 ● http://www.era.europa.eu