Guidance for Use of CSM Recommendation - ERA - Europa
Share Embed Flag
Download ePaper

Guidance for Use of CSM Recommendation - ERA - Europa

Guidance for Use of CSM Recommendation - ERA - Europa Guidance for Use of CSM Recommendation - ERA - Europa

saferail.nl
04.07.2015 Views

European Railway Agency Collection of examples of risk assessments and of some possible tools supporting the CSM Regulation APPENDIX C: EXAMPLES C.1. C.1.1. C.1.2. Introduction The purpose of this appendix is to facilitate the reading of the present document. It gathers all the collected examples which aim to facilitate the application of the CSM. The examples of risk or safety assessments that are given in this appendix do not result from the application of the CSM process as they were carried out before the existence of CSM Regulation. The examples can be classified into: (a) examples, with reference to their origin, received from experts in the CSM working group (b) examples, intentionally without reference to their origin, also received from experts in the CSM working group. The related experts requested the origin to remain confidential; (c) examples, whose origin is not mentioned, and which were produced by members from the Agency staff based on their earlier personal professional experience. For each example, a traceability is given between the applied process and the one required by the CSM, as well as the argumentation and added value to perform the additional steps (if any) requested by the CSM. C.2. Examples of application of significant change criteria in Article 4 (2) C.2.1. C.2.2. The Agency is working on the definition of what can be considered as a "significant change". One example from that work is provided in this section how to apply the criteria in Article 4 (2). The change consists to modify at a manually operated level crossing the way signalmen communicate the information about the direction of a coming train to the level crossing operator. The change is represented in Figure 15. ² A Manual level crossing (LC) B Tone 1 sent by Operator A Tone 1 confirmation by Level Crossing Operator Tone 1 confirmation by Operator B Tone 2 confirmation by Operator A Tone 2 confirmation by Level Crossing Operator Tone 2 sent by Operator B Change: tone replaced by a vocal message and confirmed by both the other signalman and the level crossing Operator Figure 15 : Example of a not significant change Telephone message for controlling a level crossing. C.2.3. Existing system: before making the intended change, the information about the direction of a coming train was automatically indicated to the level crossing operator by the ringing tone of the telephone. The tone was different depending on where the call was coming from. Reference: ERA/GUI/02-2008/SAF Version: 1.1 Page 72 of 105 File Name: Collection_of_RA_Ex_and_some_tools_for_CSM_V1.1.doc European Railway Agency ● Boulevard Harpignies, 160 ● BP 20392 ● F-59307 Valenciennes Cedex ● France ● Tel. +33 (0)3 27 09 65 00 ● Fax +33 (0)3 27 33 40 65 ● http://www.era.europa.eu

European Railway Agency Collection of examples of risk assessments and of some possible tools supporting the CSM Regulation C.2.4. C.2.5. C.2.6. Intended change: as the old telephone system becomes obsolete and must be replaced by a new digital one, technically the relevant information cannot be included any more in the tone. The tone is exactly the same regardless which signalman it is coming from. It is thus decided to achieve the same function by an operational procedure: (a) on train departure, the signalman informs verbally the level crossing operator on the direction of the coming train; (b) the information is checked against the timetable and acknowledged by both the level crossing operator and the other signalman in order to avoid misunderstanding from the operator. The intended change and associated operational procedure are illustrated in Figure 15. Although the change appears to have a potential safety impact (risk of not closing the level crossing barrier in time), other criteria in Article 4 (2) like: (a) low complexity; (b) lack of innovation, and; (c) easy monitoring; may suggest that the intended change is not a significant one. In this example, some safety analysis or argument is anyway necessary to show that, for this safety critical task, replacing an old technical system by an operational procedure (with personnel cross-checking each other) would lead to a similar level of safety. The question is whether this would require the application of the full CSM process, with hazard record, independent assessment by an assessment body, etc. In this case, it is questionable whether this would bring any added value, implying that such a change could then not be qualified as significant. C.3. C.3.1. Examples of interfaces between rail sector actors Here are some examples of interfaces and reasons for cooperation between actors of the rail sector: (a) IM – IM: for example both infrastructures shall foresee safety measures for ensuring a safe transition of trains from one infrastructure to the other one; (b) IM – RU: for example there could be specific operational rules dependent on the infrastructure that must be observed by the train driver; (c) IM – Manufacturer: for example manufacturer's sub-systems could have restrictions of use that must be fulfilled by the IM; (d) IM – Service Provider: for example there could be specific maintenance constraints for the infrastructure that must be fulfilled by the subcontractor of the maintenance activities; (e) RU – Manufacturer: for example manufacturer's sub-systems could have restrictions of use that must be fulfilled by the RU; (f) RU – Service Provider: for example there could be specific maintenance constraints for the infrastructure that must be fulfilled by the subcontractor of the maintenance activities; (g) RU – Keepers: for example there could be vehicle specific restrictions of use that must be fulfilled by the railway undertaking operating those vehicles; (h) Manufacturer – Manufacturer: for example the management of safety related technical interfaces between sub-systems from two different manufacturers; Reference: ERA/GUI/02-2008/SAF Version: 1.1 Page 73 of 105 File Name: Collection_of_RA_Ex_and_some_tools_for_CSM_V1.1.doc European Railway Agency ● Boulevard Harpignies, 160 ● BP 20392 ● F-59307 Valenciennes Cedex ● France ● Tel. +33 (0)3 27 09 65 00 ● Fax +33 (0)3 27 33 40 65 ● http://www.era.europa.eu

European Railway Agency<br />

Collection <strong>of</strong> examples <strong>of</strong> risk assessments and <strong>of</strong> some possible tools<br />

supporting the <strong>CSM</strong> Regulation<br />

<br />

C.2.4.<br />

C.2.5.<br />

C.2.6.<br />

Intended change: as the old telephone system becomes obsolete and must be replaced by a<br />

new digital one, technically the relevant in<strong>for</strong>mation cannot be included any more in the tone.<br />

The tone is exactly the same regardless which signalman it is coming from. It is thus<br />

decided to achieve the same function by an operational procedure:<br />

(a) on train departure, the signalman in<strong>for</strong>ms verbally the level crossing operator on the<br />

direction <strong>of</strong> the coming train;<br />

(b) the in<strong>for</strong>mation is checked against the timetable and acknowledged by both the level<br />

crossing operator and the other signalman in order to avoid misunderstanding from the<br />

operator.<br />

The intended change and associated operational procedure are illustrated in Figure 15.<br />

Although the change appears to have a potential safety impact (risk <strong>of</strong> not closing the level<br />

crossing barrier in time), other criteria in Article 4 (2) like:<br />

(a) low complexity;<br />

(b) lack <strong>of</strong> innovation, and;<br />

(c) easy monitoring;<br />

may suggest that the intended change is not a significant one.<br />

In this example, some safety analysis or argument is anyway necessary to show that, <strong>for</strong> this<br />

safety critical task, replacing an old technical system by an operational procedure (with<br />

personnel cross-checking each other) would lead to a similar level <strong>of</strong> safety. The question is<br />

whether this would require the application <strong>of</strong> the full <strong>CSM</strong> process, with hazard record,<br />

independent assessment by an assessment body, etc. In this case, it is questionable<br />

whether this would bring any added value, implying that such a change could then not be<br />

qualified as significant.<br />

C.3.<br />

C.3.1.<br />

Examples <strong>of</strong> interfaces between rail sector actors<br />

Here are some examples <strong>of</strong> interfaces and reasons <strong>for</strong> cooperation between actors <strong>of</strong> the rail<br />

sector:<br />

(a) IM – IM: <strong>for</strong> example both infrastructures shall <strong>for</strong>esee safety measures <strong>for</strong> ensuring a<br />

safe transition <strong>of</strong> trains from one infrastructure to the other one;<br />

(b) IM – RU: <strong>for</strong> example there could be specific operational rules dependent on the<br />

infrastructure that must be observed by the train driver;<br />

(c) IM – Manufacturer: <strong>for</strong> example manufacturer's sub-systems could have restrictions <strong>of</strong><br />

use that must be fulfilled by the IM;<br />

(d) IM – Service Provider: <strong>for</strong> example there could be specific maintenance constraints <strong>for</strong><br />

the infrastructure that must be fulfilled by the subcontractor <strong>of</strong> the maintenance<br />

activities;<br />

(e) RU – Manufacturer: <strong>for</strong> example manufacturer's sub-systems could have restrictions <strong>of</strong><br />

use that must be fulfilled by the RU;<br />

(f)<br />

RU – Service Provider: <strong>for</strong> example there could be specific maintenance constraints <strong>for</strong><br />

the infrastructure that must be fulfilled by the subcontractor <strong>of</strong> the maintenance<br />

activities;<br />

(g) RU – Keepers: <strong>for</strong> example there could be vehicle specific restrictions <strong>of</strong> use that must<br />

be fulfilled by the railway undertaking operating those vehicles;<br />

(h) Manufacturer – Manufacturer: <strong>for</strong> example the management <strong>of</strong> safety related technical<br />

interfaces between sub-systems from two different manufacturers;<br />

<br />

Reference: <strong>ERA</strong>/GUI/02-2008/SAF Version: 1.1 Page 73 <strong>of</strong> 105<br />

File Name: Collection_<strong>of</strong>_RA_Ex_and_some_tools_<strong>for</strong>_<strong>CSM</strong>_V1.1.doc<br />

European Railway Agency ● Boulevard Harpignies, 160 ● BP 20392 ● F-59307 Valenciennes Cedex ● France ● Tel. +33 (0)3 27 09 65 00 ● Fax +33 (0)3 27 33 40 65 ● http://www.era.europa.eu

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!