Lessons Learned from a Fault Tree Analysis of an Automatic Train Protection System

摘要

A system safety analysis of an Automatic Train Protection (ATP) system was performed to investigate its compliance with industry standard specification requirements, particularly with respect to the "fail-safe" attribute (i.e., design criteria). A Fault Tree Analysis (FTA) was performed to identify single or multiple failures that could lead to a Category I Hazard in the vehicle ATP subsystem and the associated rate of occurrence of such hazards. The analysis focused on overspeed protection enforcement and door control protection under Automatic mode operation. The analysis concluded that the current vehicle ATP subsystem design did not meet the "fail safe" design criteria and industry safety guideline under full Automatic mode operation. As a result of the FTA, recommendations were provided to enhance the safety of the vehicle ATP Overspeed Protection under Automatic operation mode. Quantitative analysis showed that the implementation of these recommendations can reduce the expected rate of occurrence of the speed sensor failure scenarios to meet the transit industry acceptable safety standard.