EN50126 鐵路應(yīng)用軟件-可靠性、有效性、可維護(hù)性和安全性的規(guī)范和示范.doc
《EN50126 鐵路應(yīng)用軟件-可靠性、有效性、可維護(hù)性和安全性的規(guī)范和示范.doc》由會(huì)員分享,可在線閱讀,更多相關(guān)《EN50126 鐵路應(yīng)用軟件-可靠性、有效性、可維護(hù)性和安全性的規(guī)范和示范.doc(78頁珍藏版)》請(qǐng)?jiān)谘b配圖網(wǎng)上搜索。
Std. ref. : EN 50126 Project Nr. : 4675 dav : Tech. Body: TC9X Language : E Title : Railway applications - The specification and demonstration of Reliability, Availability, Maintainability and Safety (RAMS) Software : Word97 Remarks : n/a Page 2 EN 50126:1999 Foreword This European Standard was prepared by the Technical Committee CENELEC TC 9X, Electrical and electronic applications in railways. The text of the draft was submitted to the formal vote and was approved by CENELEC as EN 50126 on 1998-10-01. The following dates were fixed: – latest date by which the EN has to be implemented at national level by publication of an identical national standard or by endorsement (dop) 2000-04-01 – latest date by which the national standards conflicting with the EN have to be withdrawn (dow) 2000-04-01 Annexes designated “normative” are part of the body of the standard. Annexes designated “informative” are given for information only. In this standard, annexes A to E are informative. __________ Page 3 EN 50126:1999 Content Page Introduction 5 1 Scope. 6 2 Normative references . 7 3 Definitions 8 4 Railway RAMS 11 4.1 Introduction .11 4.2 Railway RAMS and quality of service11 4.3 Elements of railway RAMS12 4.4 Factors influencing railway RAMS 14 4.4.1 General .14 4.4.2 Categories of factors.14 4.4.3 Management of factors .18 4.5 The means to achieve railway RAMS requirements .19 4.5.1 General .19 4.5.2 RAMS specification:19 4.6 Risk .20 4.6.1 Risk concept: 20 4.6.2 Risk analysis: 20 4.6.3 Risk evaluation and acceptance .21 4.7 Safety integrity.22 4.8 Fail-safe concept.24 5 Management of railway RAMS . 25 5.1 General .25 5.2 System lifecycle 25 5.3 Application of this standard.31 6 RAMS lifecycle . 34 6.1 Phase 1: Concept34 6.2 Phase 2: System definition and application conditions.36 6.3 Phase 3: Risk analysis39 6.4 Phase 4: System requirements.41 6.5 Phase 5: Apportionment of system requirements.45 6.6 Phase 6: Design and implementation .47 6.7 Phase 7: Manufacturing50 6.8 Phase 8: Installation52 6.9 Phase 9: System validation (including safety acceptance and commissioning) .54 6.10 Phase 10: System acceptance .56 6.11 Phase 11: Operation and maintenance 57 6.12 Phase 12: Performance monitoring 58 6.13 Phase 13: Modification and retrofit .59 6.14 Phase 14: Decommissioning and disposal .60 Annex A (informative) Outline of RAMS specification - example 61 Annex B (informative) RAMS programme 66 Annex C (informative) Examples of parameters for railway. 71 Annex D (informative) Examples of some risk acceptance principles 73 Annex E (informative) Responsibilities within the RAMS process throughout the lifecycle.76 Page Page 4 EN 50126:1999 Figures Figure 1: Quality of Service and Railway RAMS 12 Figure 2: Inter-relation of Railway RAMS elements . 12 Figure 3: Effects of Failures Within a System 13 Figure 4: Influences on RAMS . 14 Figure 5: Factors Influencing Railway RAMS. 16 Figure 6: Example of a Cause/Effect Diagram. 18 Figure 7: Certified Products in Safety Systems 23 Figure 8: System Lifecycle. 26 Figure 9: Project Phase Related Tasks (Sheet 1 of 2). 27 Figure 9: Project Phase Related Tasks (Sheet 2 of 2). 28 Figure 10: The V Representation. 30 Figure 11: Verification and Validation 31 Figure 12:RAMS Eng. and Manag't Implemented within a System Realisation Process 33 Tables Table 1: RAM Failure Categories 19 Table 2: Frequency of Occurrence of Hazardous Events . 20 Table 3: Hazard Severity Level. 21 Table 4: Frequency - Consequence Matrix . 21 Table 5: Qualitative Risk Categories. 22 Table 6: Typical Example of Risk Evaluation and Acceptance 22 Table B.1: Example of a Basic RAMS Programme Outline 67 Table C.1: Examples of Reliability Parameters 71 Table C.2: Examples of Maintainability Parameters. 71 Table C.3: Examples of Availability Parameters 72 Table C.4: Examples of Logistic Support Parameters 72 Table C.5: Examples of Safety Performance Parameters 72 Page 5 EN 50126:1999 Introduction This European Standard provides Railway Authorities and the railway support industry, throughout the European Union, with a process which will enable the implementation of a consistent approach to the management of reliability, availability, maintainability and safety, denoted by the acronym RAMS. Processes for the specification and demonstration of RAMS requirements are cornerstones of this standard. This European Standard aims to promote a common understanding and approach to the management of RAMS. This European Standard can be applied systematically by a railway authority and railway support industry, throughout all phases of the lifecycle of a railway application, to develop railway specific RAMS requirements and to achieve compliance with these requirements. The systems-level approach defined by this European Standard facilitates assessment of the RAMS interactions between elements of complex railway applications. This European Standard promotes co-operation between a railway authority and railway support industry, within a variety of procurement strategies, in the achievement of an optimal combination of RAMS and cost for railway applications. Adoption of this European Standard will support the principles of the European Single Market and facilitate European railway inter-operability. The process defined by this European Standard assumes that railway authorities and railway support industry have business-level policies addressing Quality, Performance and Safety. The approach defined in this standard is consistent with the application of quality management requirements contained within the ISO 9000 series of International standards. Page 6 EN 50126:1999 1 Scope 1.1 This European Standard: ? defines RAMS in terms of reliability, availability, maintainability and safety and their interaction; ? defines a process, based on the system lifecycle and tasks within it, for managing RAMS; ? enables conflicts between RAMS elements to be controlled and managed effectively; ? defines a systematic process for specifying requirements for RAMS and demonstrating that these requirements are achieved; ? addresses railway specifics; ? does not define RAMS targets, quantities, requirements or solutions for specific railway applications; ? does not specify requirements for ensuring system security; ? does not define rules or processes pertaining to the certification of railway products against the requirements of this standard; ? does not define an approval process by the safety regulatory authority. 1.2. This European Standard is applicable: ? to the specification and demonstration of RAMS for all railway applications and at all levels of such an application, as appropriate, from complete railway routes to major systems within a railway route, and to individual and combined sub-systems and components within these major systems, including those containing software; in particular: ? to new systems; ? to new systems integrated into existing systems in operation prior to the creation of this standard, although it is not generally applicable to other aspects of the existing system; ? to modifications of existing systems in operation prior to the creation of this standard, although it is not generally applicable to other aspects of the existing system. ? at all relevant phases of the lifecycle of an application; ? for use by Railway Authorities and the railway support industry. NOTE: Guidance on the applicability is given in the requirements of this standard. Page 7 EN 50126:1999 2 Normative references This European Standard incorporates by dated or undated reference, provisions from other publications. These normative references are cited at the appropriate places in the text and the publications are listed hereafter. For dated references, subsequent amendments to or revisions of any of these publications apply to this standard only when incorporated in it by amendment or revision. For undated references, the latest edition of the publication referred to applies. EN ISO 9001 1994 Quality systems – Model for quality assurance in design, development, production, installation and servicing EN ISO 9002 1994 Quality systems – Model for quality assurance in production, installation and servicing EN ISO 9003 1994 Quality systems – Model for quality assurance in final inspection and test EN 50128 (*) Railway applications - Software for railway control and protection systems ENV 50129 1998 Railway applications - Safety related electronic systems for signalling IEC 60050(191) 1990 International Electrotechnical Vocabulary Chapter 191: Dependability and quality of service IEC 61508 series Functional safety of electrical/electronic/programmable electronic safety-related systems _____________________ (*) In preparation Page 8 EN 50126:1999 3 Definitions For the purposes of this standard, the following definitions apply. 3.1 apportionment: A process whereby the RAMS elements for a system are sub-divided between the various items which comprise the system to provide individual targets. 3.2 assessment: The undertaking of an investigation in order to arrive at a judgement, based on evidence, of the suitability of a product. 3.3 audit: A systematic and independent examination to determine whether the procedures specific to the requirements of a product comply with the planned arrangements, are implemented effectively and are suitable to achieve the specified objectives. 3.4 availability: The ability of a product to be in a state to perform a required function under given conditions at a given instant of time or over a given time interval assuming that the required external resources are provided. 3.5 commissioning: A collective term for the activities undertaken to prepare a system or product prior to demonstrating that it meets its specified requirements. 3.6 common cause failure: A failure which is the result of an event(s) which causes a coincidence of failure states of two or more components leading to a system failing to perform its required function. 3.7 compliance: A demonstration that a characteristic or property of a product satisfies the stated requirements. 3.8 configuration management: A discipline applying technical and administrative direction and surveillance to identify and document the functional and physical characteristics of a configuration item, control change to those characteristics, record and report change processing and implementation status and verify compliance with specified requirements. 3.9 corrective maintenance: The maintenance carried out after fault recognition and intended to put a product into a state in which it can perform a required function. 3.10 dependent failure: The failure of a set of events, the probability of which cannot be expressed as the simple product of the unconditional probabilities of the individual events. 3.11 down time: The time interval during which a product is in a down state. (IEC 60050(191)) 3.12 failure cause: The circumstances during design, manufacture or use which have led to a failure. (IEC 60050(191)) 3.13 failure mode: The predicted or observed results of a failure cause on a stated item in relation to the operating conditions at the time of the failure. 3.14 failure rate: The limit, if this exists, of the ratio of the conditional probability that the instant of time, T, of a failure of a product falls within a given time interval (t, t+?t) and the length of this interval, ?t, when ?t tends towards zero, given that the item is in an up state at the start of the time interval. 3.15 fault mode: One of the possible states of a faulty product for a given required function. (IEC 60050(191)) 3.16 fault tree analysis: An analysis to determine which fault modes of the product, sub- products or external events, or combinations thereof, may result in a stated fault mode of the product, presented in the form of a fault tree. 3.17 hazard: A physical situation with a potential for human injury. Page 9 EN 50126:1999 3.18 hazard log: The document in which all safety management activities, hazards identified, decisions made and solutions adopted are recorded or referenced. Also known as a ”Safety Log”. (ENV 50129) 3.19 logistic support: The overall resources which are arranged and organised in order to operate and maintain the system at the specified availability level at the required lifecycle cost. 3.20 maintainability: The probability that a given active maintenance action, for an item under given conditions of use can be carried out within a stated time interval when the maintenance is performed under stated conditions and using stated procedures and resources. (IEC 60050(191)) 3.21 maintenance: The combination of all technical and administrative actions, including supervision actions, intended to retain a product in, or restore it to, a state in which it can perform a required function. (IEC 60050(191)) 3.22 maintenance policy: A description of the inter-relationship between the maintenance echelons, the indenture levels and the levels of maintenance to be applied for the maintenance of an item. (IEC 60050(191)) 3.23 mission: An objective description of the fundamental task performed by a system. 3.24 mission profile: Outline of the expected range and variation in the mission with respect to parameters such as time, loading, speed, distance, stops, tunnels, etc., in the operational phases of the lifecycle. 3.25 preventive maintenance: The maintenance carried out at pre-determined intervals or according to prescribed criteria and intended to reduce the probability of failure or the degradation of the functioning of an item. (IEC 60050(191)) 3.26 railway authority: The body with the overall accountability to a Regulator for operating a railway system. NOTE: Railway authority accountabilities for the overall system or its parts and lifecycle activities are sometimes split between one or more bodies or entities. For example: ? the owner(s) of one or more parts of the system assets and their purchasing agents; ? the operator of the system; ? the maintainer(s) of one or more parts of the system; ? etc. Such splits are based on either statutory instruments or contractual agreements. Such responsibilities should therefore be clearly stated at the earliest stages of a system lifecycle. 3.27 railway support industry: Generic term denoting supplier(s) of complete railway systems, their sub-systems or component parts. 3.28 RAM programme: A documented set of time scheduled activities, resources and events serving to implement the organisational structure, responsibilities, procedures, activities, capabilities and resources that together ensure that an item will satisfy given RAM requirements relevant to a given contract or project. (IEC 60050(191)). 3.29 RAMS: An acronym meaning a combination of Reliability, Availability, Maintainability and Safety. 3.30 reliability: The probability that an item can perform a required function under given conditions for a given time interval (t1, t2). (IEC 60050(191)) 3.31 reliability growth: A condition characterised by a progressive improvement of a reliability performance measure of an item with time. (IEC 60050(191)) 3.32 repair: That part of a corrective maintenance in which manual actions are performed on a item. (IEC 60050(191)) Page 10 EN 50126:1999 3.33 restoration: That event when an item regains the ability to perform a required function after a fault. (IEC 60050(191)) 3.34 risk: The probable rate of occurrence of a hazard causing harm and the degree of severity of the harm. 3.35 safety: Freedom from unacceptable risk of harm. 3.36 safety case: The documented demonstration that the product complies with the specified safety requirements. 3.37 safety integrity: The likelihood of a system satisfactorily performing the required safety functions under all the stated conditions within a stated period of time. 3.38 safety integrity level (SIL): One of a number of defined discrete levels for specifying the safety integrity requirements of the safety functions to be allocated to the safety related systems. Safety Integrity Level with the highest figure has the highest level of safety integrity. 3.39 safety plan: A documented set of time scheduled activities, resources and events serving to implement the organisational structure, responsibilities, procedures, activities, capabilities and resources that together ensure that an item will satisfy given safety requirements relevant to a given contract or project. 3.40 safety regulatory authority: Often a national government body responsible for setting or agreeing the safety requirements for a railway and ensuring that the railway complies with the requirements. 3.41 system lifecycle: The activities occurring during a period of time that starts when a system is conceived and end when the system is no longer available for use, is decommissioned and is disposed. 3.42 systematic failures: Failures due to errors in any safety lifecycle activity, within any phase, which cause it to fail under some particular combination of inputs or under some particular environmental condition. 3.43 tolerable risk: The maximum level of risk of a product that is acceptable to the Railway Authority. 3.44 validation: Confirmation by examination and provision of objective evidence that the particular requirements for a specific intended use have been fulfilled. 3.45 verification: Confirmation by examination and provision of objective evidence that the specified requirements have been fulfilled. NOTE: For clarification between verification and validation see figure 11 and 5.2.9. Page 11 EN 50126:1999 4 Railway RAMS 4.1 Introduction 4.1.1 Clause 4 of this standard provides baseline information on the subject of RAMS and RAMS engineering. The purpose of this clause is to provide the reader with sufficient background information to enable the effective application of this standard to railway systems. 4.1.2 Railway RAMS is a major contributor to the Quality of Service provided by a Railway Authority. Railway RAMS is defined by several contributory elements; consequently, this clause of this European Standard is structured as follows: a) Subclause 4.2 examines the relationship between railway RAMS and quality of service. b) Subclauses 4.3 to 4.8 examine aspects of railway RAMS, namely: ? the elements of RAMS; ? the factors which influence and means to achieve RAMS; ? risk and safety integrity. 4.1.3 Where possible within this clause, internationally defined terms are used but where new terms are required or where recognised terms have been made specific in the railway context, these are defined in clause 3 of this standard. 4.1.4 Within this European Standard, the sequence ”system, sub-system, component” is used to demonstrate the breakdown of any complete application into its constituent parts. The precise boundary of each term (system, sub-system and component) will depend upon the specific application. 4.1.5 A system can be defined as an assembly of sub-systems and components, connected together in an organised way, to achieve specified functionality. Functionality is assigned to sub-systems and components within a system and the behaviour and state of the system is changed if the sub-system or component functionality changes. A system responds to inputs to produce specified outputs, whilst interacting with an environment. 4.2 Railway RAMS and quality of service 4.2.1 This subclause introduces the link between RAMS and quality of service for an undertaking. 4.2.2 RAMS is a characteristic of a system’s long term operation and is achieved by the application of established engineering concepts, methods, tools and techniques throughout the lifecycle of the system. The RAMS of a system can be characterised as a qualitative and quantitative indicator of the degree that the system, or the sub-systems and components comprising that system, can be relied upon to function as specified and to be both available and safe. System RAMS, in the context of this European Standard, is a c- 1.請(qǐng)仔細(xì)閱讀文檔,確保文檔完整性,對(duì)于不預(yù)覽、不比對(duì)內(nèi)容而直接下載帶來的問題本站不予受理。
- 2.下載的文檔,不會(huì)出現(xiàn)我們的網(wǎng)址水印。
- 3、該文檔所得收入(下載+內(nèi)容+預(yù)覽)歸上傳者、原創(chuàng)作者;如果您是本文檔原作者,請(qǐng)點(diǎn)此認(rèn)領(lǐng)!既往收益都?xì)w您。
下載文檔到電腦,查找使用更方便
5 積分
下載 |
- 配套講稿:
如PPT文件的首頁顯示word圖標(biāo),表示該P(yáng)PT已包含配套word講稿。雙擊word圖標(biāo)可打開word文檔。
- 特殊限制:
部分文檔作品中含有的國旗、國徽等圖片,僅作為作品整體效果示例展示,禁止商用。設(shè)計(jì)者僅對(duì)作品中獨(dú)創(chuàng)性部分享有著作權(quán)。
- 關(guān) 鍵 詞:
- EN50126 鐵路應(yīng)用軟件-可靠性、有效性、可維護(hù)性和安全性的規(guī)范和示范 鐵路 應(yīng)用軟件 可靠性 有效性 可維護(hù)性 安全性 規(guī)范 示范
鏈接地址:http://www.820124.com/p-1545705.html