Marco Conceptual

Railway safety risk analysis is a complex subject. Efficient use of risk analysis methods in the risk assessment process involves the study of the characteristics of each risk analysis method and assessment process in terms of the way in which risk analysis is carried out. A safety risk assessment method may be classified as either a top-down approach or a bottom-up approach by studying the way in which risks associated with a railway system are identified (An et al, 2000, 2006 and 2007; Wang et al, 1998).

Railway safety risk analysis may be summarised to answer the following four questions (An et al., 2000a; Hashemi et al., 1995; Wang, 1998):

1. What can go wrong?

CHAPTER 2: LITERATURE REVIEW

To answer the above questions, an actual railway system must be examined to identify and assess potential hazardous situations and associated risks in order to provide a rational basis for determining where risk reduction measures are required.

Either a top-down or a bottom-up safety risk analysis approach can be used to identify accident scenarios. The decision as to which kind of analysis is more appropriate is dependent on the availability of the safety risk data and information of the railway system being studied, the indenture level of analysis required, the degree of complexity of the inter-relationships of the components and sub-systems, and the level of innovation.

2.3.3.1. Top-down risk assessment approach

A top-down safety risk assessment process, as shown in Figure 2-2, starts with the study of previous accident and incident reports. After the top events which must be studied further have been determined, the causes leading to them are then identified deductively in increasing detail until all of the causes are identified at the required level of resolution. In a top-down safety risk assessment approach, both qualitative analysis and quantitative analysis can be carried out to estimate and evaluate risks regarding the demand for safety. A risk response can then be undertaken by making use of the information produced from the safety risk assessment, to close the loop of the risk assessment process.

CHAPTER 2: LITERATURE REVIEW

Figure 2-2 A top-down safety risk assessment process (An et al, 2000a and b)

For simple systems, a top-down risk assessment approach may prove convenience and time-saving, because it only deals with failure paths leading to particularly serious system failure events by studying the relationships of the subsystems and components, and the risk data from previous accidents and incident reports of similar systems. Obviously, experience, good judgement and understanding of the system are very important for an efficient and effective use of this approach.

However, for large systems such as a railway system, there will often be a lack of knowledge or experience regarding the determined system solutions and their possible effects on safety. In such a case, the top-down approach may have the following problems (Wang, 1997; An et al., 2000a and b):

 data and information may not be available from previous accident and incident reports of similar systems;

Identify data and information from previous accident and

incident reports

Apply to the relevant system

Demand safety level

Identify the causes leading to the top events

Risk evaluation

Safety performance reviews Demand safety

CHAPTER 2: LITERATURE REVIEW

 deductive characteristics in a top-down safety risk assessment process may not address the complex interactions present in a complex system in a rigorous way.

Therefore, a bottom-up risk assessment approach is required.

2.3.3.2. Bottom-up risk assessment approach

In a bottom-up safety risk assessment process, a system to be analysed can be broken down into subsystems which can be further broken down to components in order to identify all possible hazards. The hazard identification can be initially carried out at the component level, and then progressed firstly up to the subsystem level and finally to the system level. All combinations of possible failure events at both of the component and the subsystem levels may be studied to identify all the possible system failure events. The analysis at subsystem level may make use of the information produced at the component level. Finally, risk evaluation and review can be conducted.

A bottom-up risk assessment process is shown in Figure 2-3. In this approach, risk assessment can be initially carried out at the component level, and then progressed up to the subsystem level and finally to the system level. Risk estimation can also be conducted in a similar manner. The information produced from the risk estimation phase can be evaluated together with a risk review.

CHAPTER 2: LITERATURE REVIEW

Figure 2-3 A bottom-up assessment approach (An et al, 2000a and b)

The use of a bottom-up risk assessment process yields a higher level of confidence that all of the failure events of a railway system and their respective causes are identified. Therefore, compared with the top-down approach, the bottom-up approach has the following characteristics (Wang 1997, An et al. 2000a and b):

 omission of system failure events and their respective causes are less likely;  it may be more convenient to incorporate into a computer package;

 it may be more suitable to apply to safety risk analysis of a large railway system with a high level of uncertainty.

In railway safety risk analysis, the risk assessment of a railway system is often a hierarchical process where risk assessments at higher levels (i.e. system) are determined by the safety risk assessment at lower levels (i.e. component/subsystem).

Problem definition

Hazard identification from component level to system level

Risk estimation from component level to system level

Analytical results

CHAPTER 2: LITERATURE REVIEW

the development of a safety risk assessment model. The use of a bottom-up safety risk assessment approach can obtain a higher level of confidence that all of the failure events of a railway system and their respective causes are identified. Therefore, the development of a railway safety risk model adopts a bottom-up safety risk assessment process. Details of the developed railway safety risk model are described in Chapter 4.