Design And Application Of The Hazard Identification Method For Socio-technical Systems Based On The BFM-STPA

While the Chinese high-speed train control system (CTCS-3system) continues to move forward to the goal of high-speed and high-density train operation, it has to be facing more challenges in terms of system safety. The traditional hazard analysis approaches applied to the socio-technical system (STS) cannot cover all the potential hazardous aspects brought by the complex organization structures any more. Thus, this paper presents an integrated hazard identification methodology named BFM-STPA based on formalization model, which can solve the above issues.Firstly, the previous related literature was reviewed to elaborate the current domestic and international research status and the background. The fact that those classical hazard analysis methods invented along with the development of the mechanical systems are not suitable for today’s STS had been point out, which showed the significance of this research.Secondly, the concept of the STS was explained and the elements that impact the the work of hazard identification of the STS were listed. Meanwhile, the restricted effects which mainly come from the complexity of the STS and outdated accident causation model were elaborated.Thirdly, the hazard identification method based on formalization model (BFM-STPA) was proposed. A set of hierarchical control structure models of the CTCS-3was built with CPN due to its strong descriptive ability, the function of dynamic simulation and formal analysis. According to the BFM-STPA method, the hazards of CTCS-3were identified; and the comprehensive contributing factors were found out by tracing the former states within the reachable graph generated from CPN model. Then, the safety requirements were derived from the hazards and the causes, and these three aspects composed the final hazard log.Finally, in this paper, the aformentioned method was applied to the CTCS-3. And the process of hazard identification for the scenario of Temporary Speed Restriction issued was elaborated in details.49hazards and relative causes and safety requirements were obtained. Compared with the hazard log generated by Hazard and Operability (HAZOP), it was proved that the hazard log generated by BFM-STPA contained more valid hazards and covered more comprehensive aspects.