søndag den 2. januar 2011

Putting it all together


How do we grab the airy key concepts of EN 50126 / IEC 62278 and convert them into a well working Safety Management System?

 

Case 1: Small Supplier Company

A minor Developing house with twenty employees is producing a control circuit for industrial applications.
They realize that the control circuit is suited to control points in railway tracks, but the circuit has to be Safety Approved.
Firstly, a plan for converting the control circuit into a safety approved circuit is written in a living document, named the Safety plan.
A further investigation of the company shows that they already have an ISO certificate. This means most quality and configuration management are in place.
However, the audit also discloses that the company has one key software developer who keeps all source files on his own computer and most software decision are taken at informal meetings.
Nobody in the company, except the programmer, can tell how the software code works in details.
In order to fulfil EN 50216 / IEC 62278, the programmer is asked to make a System definition of the software, hardware and developing environment, read EN 50128 and make a flowchart of the code.
All interfaces to the system definition have to be described and the developing engineers are asked to write a document describing the Safety principles in the design (TR 50129).
A Hazard workshop is performed, describing all hazards that can arise, if the control circuit does not work as expected. Mitigating actions for the hazards is listed in a Hazard log and derivate Safety requirements are found.
The proof for fulfilling the Safety requirements and closing the hazards are written in a Safety Case.
The quality system is updated with change management procedures for changing functionality on the control circuit. The process includes Minutes of meetings, Responsibilities and Mandatory actions in each Phase.
The company already has parted developing and validating testing into to independent departments.
There is no need to change this organization; however a new procedure regarding mandatory education ensures that all current and future employees will have to participate in this course.
Finally, an external Assessor is hired to supervise the fulfilling of the Safety plan.
Basic concepts of EN 50126 are now implemented and the company is ready to meet the local Safety Authority.

Case 2: Major Operator

See "Quick Guide to Safety Management based on EN50126"

Case 3: The Cut-off Safety Authority

See "Quick Guide to Safety Management based on EN50126"

Next chapter >> 7.1 How are the standards produced?

3 kommentarer:

Anonym sagde ...

I have a question, rather than a comment. As far as I can see the EN 50126 applies to Railway Applications, as it is titled "Railway Applications, the specification and demonstration of ... RAMS". That seems to mean it applies to both Rolling Stock and Fixed installations such as Radio Block Centres, Lineside Electronic Units (Components of ERTMS 2). However, part 3 of the EN 50126, eventhough it is still in "draft" version, seems to apply only to Rolling Stock. "Part 3. Guide to the application of EN 50126-1 for rolling stock RAMS". Does that mean it would be correct to apply the methods in EN 50126 Part 3 to RAMS analysis of fixed installations such as the components of an ERTMS system? Any comments on this matter would be appreciated. Kind Regards, Myriam.

Anonym sagde ...

Just curious....Before last paragraph i saw this sentence :
"Finally, an external Assessor is hired to supervise the fulfilling of the Safety plan."
Did you mean :
"Finally, an external Assessor is hired to supervise the fulfilling of the Safety Case." ?

Indsafe sagde ...

Information is pretty good and impressed me a lot. This article is quite in-depth and gives a good overview of the topic. If you are looking for Process Safety Gap Assessment than contact us.