|
2005 Q2 - Safety Case
|
Hi,
I have attempted Question 2 on Module 7 2005 paper. Please provide any feedback and comments. I have noticed that Saftey Case question has been asked regularly since 2005. Many Thanks Regards Aditi  (27-06-2010, 03:37 PM)adikarina Wrote: Hi, [i]I am no expert myself in this area, so I am hoping that someone who knows more will provide more information and correct anything which I have got wrong or have described in a misleading way. However in an attempt to be helpful, I have decided to
PJW
29-06-2010, 08:57 AM
Thanks Peter,
I will look at your information and adapt myself into providing examples appropriate for the question. Thanks Regards Aditi (29-06-2010, 08:57 AM)adikarina Wrote: Thanks Peter, I have called in a favour from yet another Peter (!) who has kindly provided me the following that I can now post below. Seems that I wasn't too far off the mark, but there is more detailed commnetary that I felt able to give and you can have the confidence that it is from one of the experts in the field =============================================================================== Question 2 Part A Whilst the student has correctly identified the three types of Safety Case that can be found in the Yellow Book or EN50129, they haven't quite got the descriptions of each safety case type right and, more to the point, they haven't actually answered the question as to which sort of safety case is appropriate in the introduction of a novel design of interlocking. [As a matter of interest I would expect the Safety Case to be just a Specific Application or a Generic Application with a Specific Application for the first use.] I would score 4/7 Question 2 Part B I remain concerned that this answer is from memory of the Yellow Book, rather than an understanding of the contents of the Safety Case. For example, the Executive Summary should identify the outstanding issues that remain open, it should give the reader and insight into what they are going to find, the answer looks more like an overview. Similarly, I would have described "Introduction" as "What are we doing and why are we doing it?" "System Definition" is correct and identifies the key areas of boundaries. "Quality Management Report" is just that and has no effect on Human Error or Systematic Failures, this should be covered in the "Technical Safety Report". The "Safety Management Report" description is also partially incorrect as it simply reports that safety processes defined in the Safety Plan by the project have been followed, it has nothing to do with systematic failures or human errors. The "Technical Safety Report" is broadly correct. The "Conclusion" is broadly correct but does not normally contain the Assumptions, Dependencies or Caveats. I would score 4/7 Question 2 Part C The student correctly identifies the need for a "Cross Acceptance Safety Case". However the student then confuses the Cross Acceptance Safety Case, which is a new safety case, requiring a Hazard Identification and Risk Assessment that builds on the existing safety case and the existing safety case which the student considers should be modified, but in reality remains unchanged. However the student does correctly identify the changes in environment, operational and test differences, possibly only missing out on any "cultural" differences (which it is agreed are hard to spot, but can undermine the safe operation of a product from another administration). I would score 5/7 On the whole not a bad answer, although there is some evidence of quoting paragraphs from the Yellow Book without a full understanding. Disappointing that part A spent a lot of time describing safety cases and not answering the question asked. I hope that helps. Regards Peter Sheppard Principal Safety Engineer BSc (Hons), FIET, FIRSE, FSaRS =========================================================================== What is "interesting" is that the wording which I was querying (and Peter seems to be supporting me) re the different types of Safety Cases in Part A seems to be taken directly from the Yellow Book 18.3.6. Hmmm....... I'll try to get some more clarity!
PJW
30-06-2010, 08:06 PM
Thanks Peter.
Please pass my thanks to the Peter S as well. I will taken all this and understand it. After that i will attempt another Safety Case question. Thanks Regards Aditi (30-06-2010, 05:52 PM)PJW Wrote: What is "interesting" is that the wording which I was querying (and Peter seems to be supporting me) re the different types of Safety Cases in Part A seems to be taken directly from the Yellow Book 18.3.6. Hmmm....... As I suspected there's a difference between "real world" and "ivory tower theory"...... Peter has kindly supplied the following: Thank you for the prompt response. Yellow Book is after all, only guidance, I was giving my personal views on what the appropriate use of the Safety Cases are for based on personal experience. Generic Product This in essence cannot be used alone, it is usually associated with a Generic Application or Specific Application Safety Case. It considers the product, but in an assumed environment (which considers not only
PJW
(30-06-2010, 05:52 PM)PJW Wrote: What is "interesting" is that the wording which I was querying (and Peter seems to be supporting me) re the different types of Safety Cases in Part A seems to be taken directly from the Yellow Book 18.3.6. Hmmm....... I have now obtained the views of another Safety Case professional (who would prefer that I didn't reveal their identity). Compare and contrast..... The answers are pure generic textbook. I would expect to see the description focus on the purpose and elements of an interlocking safety case not just a safety case in general. For example Generic Product Safety Cases (GPSC) will give the safety justifications related to a system or equipment independent of an application. GPSCs will be required for each hardware, software and interface element of the interlocking product. The GPSCs will form the safety baseline for the safety case build-up. A Generic Application Safety Case (GASC) is the key document required for the general use of a new interlocking. This should provide the safety justifications for any changes made to the core products, as well as justifying the application and configuration of each item. A GASC should cover interface hazard analysis, functional hazard analysis, data preparation process analysis, software regression analysis and safety validation. An interlocking GASC should address critical aspects of the adaptation including the following areas: * The specification, review and approval of the required signalling principles. * Compliance of the interlocking with relevant standards. * The approach to verification and validation of the interlocking principles, including the necessary competences of the staff involved. * The design, review and approval of the interface circuits that connect to lineside equipment. The Specific Application Safety Case (SASC) will reference a number of supporting Generic Product and Generic Application Safety Cases for the main constituents. It will also demonstrate that the overall specific application design and configuration is safe, that the defined data preparation processes have been followed, and that adequate testing has been carried out. The key issue for the cross acceptance safety case is whether there is sufficient evidence of operation of the interlocking in its proposed configuration and build state in a similar environment, where the "environment" needs to relate to the signalling, and to an extent operational, principles.
PJW
Thanks Peter,
There is a lot usefull information here and i will use this and prepare accordingly. Thanks Regards Aditi |
|
« Next Oldest | Next Newest »
|
