POLIFEMO/Cyclop Transducer
POLIFEMO is a current/voltage transducer for use on board the train formed to create the electrical interface between the high voltage line and the energy meter on board the train.
Final Customer: Interfleet UK
Project: RAM Analysis and Risk Assessment
Description: Z Lab produced RAM Analysis and Risk Assessment documentation, as Reliability Prediction, Hazard Analysis, FMECA Analysis, FTA Analysis and ALARP Evaluation for Voltage/Current Transducer “Cyclop”.
The RAMS is a long-term characteristic of a system and is obtained by the application of data, concepts, methods, techniques and tools of engineering during the system lifecycle (EN 50126). It is defined as a quality and quantity indicator of the system degree, regarding to the system function and to the availability.RAMS is the acronym of Reliability Availability Maintainability, Safety.
Reliability is the probability that an item can perform a required function under given conditions for a given time interval n(t1 –t2).
Availability is the ability of a product to be in state to perform a required function under given conditions at a given instant of time or over a given time interval assuming that the required external resources are provided.
Maintainability is the probability that a given active maintenance action for an item under given conditions of use can be carried out within a stated time interval when the maintenance is performed under stated conditions and using procedures and resources.
Safety is defined as freedom from unaccettable risk of harm.
Reliability prediction is a method to calculate the constant failure rate during the system life time. The reliability predictions is conducted at various system levels and detail’s degrees. It is based, on a system decomposition as tree that is called WBS (Work Breakdown Structure), in order to identify the major components and assign to each of them a failure rate, in accordance with the standard NPRD-2011 (mechanical parts) and MIL-HDBK-217F Notice 2 or Siemens 29500 (electriconic parts). The basic failure rate of the system is calculated by summing up the failure rates of each component in each category multiplied by their quantity (based on probability theory). This is applied under the assumption that a failure of any component is assumed could lead to a system failure. This model assumes that the component failure rate under reference or operating conditions is constant. The failure rate of the electonic items can be calculated:
- at reference conditions (parts count method);
- at operating conditions (parts stress method).
In the part-count method, the failure rate is calculated by appropriate databases that provide the basic failure rate value relative to the component operating environment. The Part-Stress method required detailed information such as: type of technology, year of manufacture, junction temperature, stress factors, thermal expansion characteristics, number of thermal cycles, thermal amplitude of variation, application of the device, etc.. It is also possible evaluate the mission reliability prediction. This analysis can be done after the FMECA analysis : through the FMECA is possible to analyze the failure modes and the percentage of occurrence of each failure mode. In this way it is possible to identify the critical components of the system. For Reliability Calculation of mechanical parts is used the standard NPRD-95 (Non Electronic Parts Reliability Data), whereas for Reliability Calculation of electronic parts are used the standards MIL-HDB-217 F (Reliability Prediction of Electronic Equipment) or SIEMENS 29500 (Failure Rate, Component, Expected Value, Dependability).
Hazard analysis (HA) technique is a safety analysis of the RAMS analysis. This process uses design information to identify the hazard and causal factor, effects, level of risk, and mitigating measures. The Hazard analysis begins with hazards identified from the PHL. The next step is to once again employ the use of hazard checklists (as done in the PHL analysis) and undesired mishap checklists. The basic inputs for the HA include:
- the system functional diagram,
- the reliability block diagram,
- system component list
- all documents that allow to understand the system function.
In railway field, the Preliminary Hazard List (PHA) is into EN 50126-2:2007. The risk evaluation is the result of the matrix that connect frequency and severity according to the categories described in the standard EN 50126-1: 2006. The risk analysis is performed in relation to the severity of the possible dangers, probability of occurrence and the system's mission profile.
FMECA analysis is a tool used to examine all possible failures, their consequences and the critical components or functions in the system under analysis. The FMECA purpose is to improve and ensure the reliability of complex systems. It is composed of two separate analyzes: FMEA (Failure Modes and Effects Analysis) and CA (Criticality Analysis). The FMECA Analisys can have a functional approach or structural approach:
- functional approach: It is performed on the functions. This approach focuses on the ways in which the functional objectives are not complied
- structural approach: it is performed on the HW system components. This approach tends to provide more detail about the system failure modes and effects at component level
Furthermore, to provide a qualitative assessment of the potential consequences, the level of criticality of failure modes is assigned, according to their effect on the regularity and / or service "comfort" and safety; Evaluating these results, it is possible to suggest mitigation measures relating to the failure mode under analysis. FMECA analysis allows to identify components failures that could be critical in terms of reliability and / or safety, in relation to a particular mission profile. FMECA is the basis of design choices in order to eliminate critical fault, or at least, to reduce the criticality (through corrective actions). “Yellow book” for is the standard used for the Reliability Failure Mode Classification and Mishap Severity Categories.
Fault tree analysis (FTA) is a systems analysis technique used to determine the root causes and probability of occurrence of a specified undesired event. The FTA foresees the construction of a graphical model using logic gates and fault events to model the cause–effect relationships and identifies a series of events that cause, through an undesirable event (TOP event), a dangerous event. The Fault Tree Analysis is therefore a structured methodology that requires the application of some Boolean algebra rules, logic and theory of probability. It is a Bottom-up analysis that allows to evaluate the system items that involved on the occurrence of an hazard. The basic events are the same identified in the FMECA. All events that contribute to undesired hazardous situations, are considered as causes, alone or in combination with others. The analysis proceeds by determining how the TOP event can be caused by individual or combined lower level failures or events. The FTA is thus an important tool because provides the information needed to support risk management decisions. The validity of action taken to eliminate or control fault events can be enhanced in certain circumstances by quantifying the FT and performing a numerical evaluation.
The ALARP Evaluation defines the risk acceptance principle “As Low As Reasonably Practicable “ and how the principle is to be applied to evaluate the risk in term of safety. In the operational environment, an ALARP Determination establishes whether an existing risk is ALARP or a program of work is required to further reduce safety risks. In the safety change environment (i.e. projects), an ALARP Demonstration establishes whether a change can be accepted safely into the operational environment. The key steps to apply the ALARP principle are the following:
- identify and assess the nature of the risk
- review and evaluate existing controls
- consider options for further risk reduction
- decide which controls options will be adopted
- implement controls
- develop ALARP argument
- monitor/review residual risk
The quality evaluation is done in accordance to diagram in the EN 50126-1:2006; this standard defines the zone in which the risk can be considered unacceptable, tolerable or broadly acceptable.
RAM Analysis are in compliance with EN50126 and EN50129 standards.
EN 50126 “Railway applications - The specification and demonstration of Reliability, Availability, Maintainability and Safety (RAMS)”: the Standard EN 50126 defines a systematic process for specifying requirements for RAMS and demonstrating that these requirements are achieved.
EN 50129 “Railway Applications - Safety related electronic systems for signalling”: the standard EN 50129 defines the HW architectures for electronic security systems for railway signaling applications.