第1页 / 共80页
第2页 / 共80页
第3页 / 共80页
第4页 / 共80页
第5页 / 共80页
第6页 / 共80页
第7页 / 共80页
第8页 / 共80页
EN50126(Part 2) 2017.pdf
undefined
Annex A (informative)ALARP, GAME, MEM
A.1 ALARP, GAME, MEM as methods to define risk acceptance criteria
A.2 ALARP (As Low As Reasonably Practicable)
A.2.1 General
A.2.2 Tolerability and ALARP
A.3 Globalement Au Moins Equivalent (GAME) principle
A.3.1 Principle
A.3.2 Using GAME
A.3.2.1 General
A.3.2.2 Basic principles
A.3.2.3 Using GAME to construct a qualitative safety argument
A.3.2.4 GAME using quantitative risk targets
A.4 Minimum Endogenous Mortality MEM
Annex B (informative)Using failure and accident statistics to derive a THR
Annex C (informative)Guidance on SIL Allocation
Annex D (informative)Safety target apportionment methods
D.1 Analysis of the system and methods
D.2 Example of qualitative apportionment method
D.2.1 General
D.2.2 Example of qualitative method for barrier efficiency
D.3 Example of quantitative apportionment method
D.3.1 Introduction
D.3.2 Functions with independent failure detection and negation mechanisms
D.3.3 Function and independent barrier acting as failure detection and negation mechanism
D.3.4 Apportionment of a probability safety target
D.3.5 Apportionment of a “per hour” safety target
Annex E (informative)Common mistakes in quantification
E.1 Common misuses
E.2 Mixing failure rates with probabilities
E.3 Using formulas out of their range of applicability
Annex F (informative)Techniques / methods for safety analysis
Annex G (informative)Key system safety roles and responsibilities
Annex ZZ(informative)Relationship between this European Standard and the Essential Requirements of EU Directive 2008/57/EC
BS EN 50126‑2:2017
BSI Standards Publication
Railway Applications - The Specification and
Demonstration of Reliability, Availability,
Maintainability and Safety (RAMS)
Part 2: Systems Approach to Safety
National foreword
BRITISH STANDARD
This British Standard is the UK implementation of EN 50126‑2:2017. It
supersedes PD CLC/TR 50126-2:2007, which is withdrawn.
The National Committee is in favour of this standards series (which
represents a significant change from BS EN 50126:1999), and
acknowledges the considerable efforts and progress which has been
made. However, it regrets that a majority of UK comments to improve its
clarity were not incorporated. Consequently, the National Committee
recommends that users read the requirements carefully as the resultant
documents might, in some circumstances, make it challenging for users
to understand correctly. This is most likely to be the case in those fields
of application and to those aspects of RAMS where EN 50126 may not be
applied historically.
The UK participation in its preparation was entrusted to Technical
Committee GEL/9, Railway Electrotechnical Applications.
A list of organizations represented on this committee can be obtained on
request to its secretary.
This publication does not purport to include all the necessary provisions
of a contract. Users are responsible for its correct application.
© The British Standards Institution 2017
Published by BSI Standards Limited 2017
ISBN 978 0 580 91693 9
ICS 45.020
This British Standard was published under the authority of the Standards
Policy and Strategy Committee on 30 November 2017.
Date
Compliance with a British Standard cannot confer immunity from
legal obligations.
Amendments/corrigenda issued since publication
Text affected
BS EN 50126‑2:2017
EUROPEAN STANDARD
NORME EUROPÉENNE
EUROPÄISCHE NORM
EN 50126-2
October 2017
ICS 45.020
Supersedes CLC/TR 50126-2:2007
English Version
Railway Applications - The Specification and Demonstration of
Reliability, Availability, Maintainability and Safety (RAMS) - Part
2: Systems Approach to Safety
Applications ferroviaires - Spécification et démonstration de
la fiabilité, de la disponibilité, de la maintenabilité et de la
sécurité (FDMS) - Partie 2: Approche systématique pour la
sécurité
Bahnanwendungen - Spezifikation und Nachweis von
Zuverlässigkeit, Verfügbarkeit, Instandhaltbarkeit und
Sicherheit (RAMS) - Teil 2: Systembezogene
Sicherheitsmethodik
This European Standard was approved by CENELEC on 2017-07-03. CENELEC members are bound to comply with the CEN/CENELEC
Internal Regulations which stipulate the conditions for giving this European Standard the status of a national standard without any alteration.
Up-to-date lists and bibliographical references concerning such national standards may be obtained on application to the CEN-CENELEC
Management Centre or to any CENELEC member.
This European Standard exists in three official versions (English, French, German). A version in any other language made by translation
under the responsibility of a CENELEC member into its own language and notified to the CEN-CENELEC Management Centre has the
same status as the official versions.
CENELEC members are the national electrotechnical committees of Austria, Belgium, Bulgaria, Croatia, Cyprus, the Czech Republic,
Denmark, Estonia, Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia,
Lithuania, Luxembourg, Malta, the Netherlands, Norway, Poland, Portugal, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden,
Switzerland, Turkey and the United Kingdom.
European Committee for Electrotechnical Standardization
Comité Européen de Normalisation Electrotechnique
Europäisches Komitee für Elektrotechnische Normung
CEN-CENELEC Management Centre: Avenue Marnix 17, B-1000 Brussels
© 2017 CENELEC All rights of exploitation in any form and by any means reserved worldwide for CENELEC Members.
Ref. No. EN 50126-2:2017 E
BS EN 50126‑2:2017
EN 50126-2:2017 (E)
Contents
Page
European foreword ............................................................................................................... 5
Introduction .......................................................................................................................... 6
1 Scope ............................................................................................................................ 7
2 Normative references..................................................................................................... 8
3 Terms and definitions .................................................................................................... 8
4 Abbreviations ................................................................................................................. 8
5 Safety process ............................................................................................................... 9
5.1 Risk assessment and hazard control ..................................................................... 9
5.2 A. Risk assessment ............................................................................................ 10
5.2.1 General .................................................................................................. 10
5.2.2 Conducting risk assessment ................................................................... 11
5.3 B. Outcome of the risk assessment ..................................................................... 11
5.4 C. Hazard control ............................................................................................... 11
5.5 D. Revision of risk assessment ........................................................................... 12
5.6 Responsibilities .................................................................................................. 13
6 Safety demonstration and acceptance ......................................................................... 13
6.1
Introduction ........................................................................................................ 13
6.2 Safety demonstration and safety acceptance process ......................................... 13
6.3 Responsibility in managing the Safety Case ....................................................... 17
6.4 Modifications after safety acceptance ................................................................. 17
6.5 Dependencies between Safety Cases ................................................................. 17
6.6 Relationship between safety cases and system architecture ............................... 18
7 Organisation and Independence of Roles ..................................................................... 19
7.1 General .............................................................................................................. 19
7.2 Early phases of the lifecycle (phases 1 to 4) ....................................................... 19
7.3 Later phases of the lifecycle (starting from phase 5) ........................................... 20
7.4 Personnel Competence....................................................................................... 21
8 Risk assessment .......................................................................................................... 22
8.1
Introduction ........................................................................................................ 22
8.2 Risk Analysis ...................................................................................................... 22
8.2.1 General .................................................................................................. 22
8.2.2 The risk model ........................................................................................ 22
8.2.3 Techniques for the consequence analysis ............................................... 24
8.2.4 Expert Judgement ................................................................................... 25
8.3 Risk acceptance principles and risk evaluation ................................................... 25
8.3.1 Use of Code of Practice .......................................................................... 25
8.3.2 Use of a reference system ...................................................................... 26
8.3.3 Use of Explicit Risk Estimation................................................................ 27
8.4 Application of explicit risk estimation .................................................................. 28
8.4.1 Quantitative approach ............................................................................. 28
8.4.2 Variability using quantitative risk estimates ............................................. 30
8.4.3 Qualitative and semi-quantitative approaches ......................................... 31
2
BS EN 50126‑2:2017
EN 50126-2:2017 (E)
9 Specification of System Safety Requirements .............................................................. 32
9.1 General .............................................................................................................. 32
9.2 Safety requirements ........................................................................................... 32
9.3 Categorization of Safety Requirements ............................................................... 32
9.3.1 General .................................................................................................. 32
9.3.2 Functional safety requirements ............................................................... 33
9.3.3 Technical safety requirements ................................................................ 34
9.3.4 Contextual safety requirements ............................................................... 34
10 Apportionment of functional Safety Integrity requirements ............................................ 35
10.1 Deriving and apportioning system safety requirements ....................................... 35
10.2 Functional safety integrity for electronic systems ................................................ 35
10.2.1 Deriving functional safety requirements for electronic systems................ 35
10.2.2 Apportioning safety requirements ............................................................ 35
10.2.3 Safety Integrity Factors ........................................................................... 38
10.2.4 Functional safety integrity and random failures ....................................... 38
10.2.5 Systematic aspect of functional safety integrity ....................................... 38
10.2.6 Balanced requirements controlling random and systematic failures ......... 38
10.2.7 The SIL table .......................................................................................... 39
10.2.8 SIL allocation .......................................................................................... 40
10.2.9 Apportionment of TFFR after SIL allocation ............................................ 40
10.2.10 Demonstration of quantified targets ........................................................ 40
10.2.11 Requirements for Basic Integrity ............................................................. 41
10.2.12 Prevention of misuse of SILs .................................................................. 42
10.3 Safety Integrity for non-electronic systems – Application of CoP ......................... 42
11 Design and implementation .......................................................................................... 43
11.1 Introduction ........................................................................................................ 43
11.2 Causal analysis .................................................................................................. 43
11.3 Hazard identification (refinement) ....................................................................... 44
11.4 Common cause analysis ..................................................................................... 44
Annex A (informative) ALARP, GAME, MEM ..................................................................... 46
A.1 ALARP, GAME, MEM as methods to define risk acceptance criteria ............................ 46
A.2 ALARP (As Low As Reasonably Practicable) ............................................................... 47
General .............................................................................................................. 47
A.2.1
A.2.2
Tolerability and ALARP ....................................................................................... 48
A.3 Globalement Au Moins Equivalent (GAME) principle .................................................... 48
Principle ............................................................................................................. 48
A.3.1
A.3.2
Using GAME ....................................................................................................... 49
A.3.2.1 General .............................................................................................................. 49
A.3.2.2 Basic principles .................................................................................................. 49
A.3.2.3 Using GAME to construct a qualitative safety argument ...................................... 49
A.3.2.4 GAME using quantitative risk targets .................................................................. 49
A.4 Minimum Endogenous Mortality MEM .......................................................................... 50
Annex B (informative) Using failure and accident statistics to derive a THR ...................... 52
Annex C (informative) Guidance on SIL Allocation ............................................................ 53
Annex D (informative) Safety target apportionment methods ............................................. 55
D.1 Analysis of the system and methods ............................................................................ 55
3
BS EN 50126‑2:2017
EN 50126-2:2017 (E)
D.2 Example of qualitative apportionment method .............................................................. 55
General .............................................................................................................. 55
D.2.1
D.2.2
Example of qualitative method for barrier efficiency ............................................ 56
D.3 Example of quantitative apportionment method ............................................................ 58
Introduction ........................................................................................................ 58
D.3.1
Functions with independent failure detection and negation mechanisms ............. 59
D.3.2
D.3.3
Function and independent barrier acting as failure detection and negation
mechanism .................................................................................................................. 61
Apportionment of a probability safety target ........................................................ 62
D.3.4
Apportionment of a “per hour” safety target ........................................................ 62
D.3.5
Annex E (informative) Common mistakes in quantification ................................................. 64
E.1 Common misuses ........................................................................................................ 64
E.2 Mixing failure rates with probabilities ........................................................................... 64
E.3 Using formulas out of their range of applicability .......................................................... 65
Annex F (informative) Techniques / methods for safety analysis ....................................... 66
Annex G (informative) Key system safety roles and responsibilities................................... 69
Annex ZZ (informative) Relationship between this European Standard and the Essential
Requirements of EU Directive 2008/57/EC ................................................................... 73
Bibliography ....................................................................................................................... 77
4
BS EN 50126‑2:2017
European foreword
This document (EN 50126-2:2017) has been prepared by CLC/TC 9X "Electrical and electronic applications
for railways".
EN 50126-2:2017 (E)
The following dates are fixed:
•
•
latest date by which this document has
to be implemented at national level by
publication of an
identical national
standard or by endorsement
latest date by which
the national
standards conflicting with this document
have to be withdrawn
(dop)
2018-07-03
(dow)
2020-07-03
This document supersedes CLC/TR 50126-2:2007.
The former edition of CLC/TR 50126-2:2007 is made obsolete by the new editions EN 50126-1:2017 and
EN 50126-2:2017; the reason is that the scope of the present part was modified compared to the
superseded edition.
Attention is drawn to the possibility that some of the elements of this document may be the subject of patent
rights. CENELEC shall not be held responsible for identifying any or all such patent rights.
EN 50126 "Railway applications – The specification and demonstration of Reliability, Availability,
Maintainability and Safety (RAMS)" consists of the following parts:
– Part 1: Generic RAMS process;
– Part 2: System approach to safety.
This document has been prepared under a mandate given to CENELEC by the European Commission and
the European Free Trade Association, and supports essential requirements of EU Directive(s).
For the relationship with EU Directive(s) see informative Annex ZZ, which is an integral part of this
document.
5
BS EN 50126‑2:2017
EN 50126-2:2017 (E)
Introduction
EN 50126-1:1999 was aiming at introducing the application of a systematic RAMS management process
in the railway sector. Through the application of this standard and the experiences gained over the last
years, the need for revision and restructuring became apparent with a need to deliver a systematic and
coherent approach to RAMS applicable to all the railway application fields Command, Control and
Signalling, Rolling Stock and Fixed Installations.
The revision work improved the coherency and consistency of the standards, the concept of safety
management and the practical usage of EN 50126 and took into consideration the existing and related
Technical Reports as well.
This European Standard provides railway duty holders and the railway suppliers, throughout the European
Union, with a process which will enable the implementation of a consistent approach to the management
of reliability, availability, maintainability and safety, denoted by the acronym RAMS.
Processes for the specification and demonstration of RAMS requirements are cornerstones of this
standard. This European Standard promotes a common understanding and approach to the management
of RAMS.
EN 50126 forms part of the railway sector specific application of IEC 61508. Meeting the requirements in
this European Standard together with the requirements of other suitable standards is sufficient to ensure
that additional compliance to IEC 61508 does not need to be demonstrated.
With regard to safety, EN 50126-1 provides a Safety Management Process which is supported by guidance
and methods described in EN 50126-2.
EN 50126-1 and EN 50126-2 are independent from the technology used. As far as safety is concerned,
EN 50126 takes the perspective of safety with a functional approach.
The application of this standard should be adapted to the specific requirements for the system under
consideration.
This European Standard can be applied systematically by the railway duty holders and railway suppliers,
throughout all phases of the life-cycle of a railway application, to develop railway specific RAMS
requirements and to achieve compliance with these requirements. The systems-level approach developed
by this European Standard facilitates assessment of the RAMS interactions between elements of railway
applications even if they are of complex nature.
This European Standard promotes co-operation between the stakeholders of Railways in the achievement
of an optimal combination of RAMS and cost for railway applications. Adoption of this European Standard
will support the principles of the European Single Market and facilitate European railway inter-operability.
In accordance with CENELEC editing rules 1), mandatory requirements in this standard are indicated with
the modal verb “shall”. Where justifiable, the standard permits process tailoring.
Specific guidance on the application of this standard for Safety aspects is provided in EN 50126-2.
EN 50126-2 provides various methods for use in the safety management process. Where a particular
method is selected for the system under consideration, the mandatory requirements of this method are by
consequence mandatory for the safety management of the system under consideration.
This European Standard consists of the main part (Clause 1 to Clause 11) and Annexes A, B, C, D, E, F,
G and ZZ. The requirements defined in the main part of the standard are normative, whilst Annexes are
informative.
—————————
1) CEN/CENELEC Internal Regulations Part 3: Rules for the structure and drafting of CEN/CENELEC Publications
(2017-02), Annex H.
6
BS EN 50126‑2:2017
相关推荐
2023年江西萍乡中考道德与法治真题及答案.doc
2012年重庆南川中考生物真题及答案.doc
2013年江西师范大学地理学综合及文艺理论基础考研真题.doc
2020年四川甘孜小升初语文真题及答案I卷.doc
2020年注册岩土工程师专业基础考试真题及答案.doc
2023-2024学年福建省厦门市九年级上学期数学月考试题及答案.doc
2021-2022学年辽宁省沈阳市大东区九年级上学期语文期末试题及答案.doc
2022-2023学年北京东城区初三第一学期物理期末试卷及答案.doc
2018上半年江西教师资格初中地理学科知识与教学能力真题及答案.doc
2012年河北国家公务员申论考试真题及答案-省级.doc
2020-2021学年江苏省扬州市江都区邵樊片九年级上学期数学第一次质量检测试题及答案.doc
2022下半年黑龙江教师资格证中学综合素质真题及答案.doc
