Copyright DB Netz AG, licensed under CC-BY SA 3.0 DE (see full text in CC-BY-SA-3.0-DE)
ARCH.069 Add system level risk measures
SM-2811
-
Populate Confluence page for activity definition: ARCH.069 Add system level risk measure
IN PEER REVIEW
Goal | Add system functionality to lower the probability of a related operational level deviation occurrence. |
---|---|
Requirements met by this process step | EN 50126-1 6.4.3.1, 6.4.3.2 ISO 15288 6.4.3.3 d) |
Inputs | AMOD-004 Fault tree (per operational deviation) AMOD-059 Initial system functional chain description AMOD-115 External interface behaviour AMOD-056 System functions and exchanges (single system capability) |
Outputs | AMOD-056 System functions and exchanges (single system capability) (updated) |
Methodology | Following prerequisite activities have been completed in ARCH.066 and ARCH.067:
After the assessment of system level deviations of incoming functional exchanges have been reflected in the fault tree and the result is that the related operational deviation probability is exceeded this activity is carried out to add additional safety measure, i.e. to add system functions and functional exchanges to compensate where incoming functional exchanges are of safety integrity lower than needed:
Example: Functionality for visual object recognition in a train unit is of insufficient safety integrity, functionality for visual object recognition in another train unit can be used to produce a validated object recognition result of higher safety integrity.
|
Tools and non-human resources | Team for Capella (tbd - possibly a further tool or plugin for modelling fault trees - ticketed |
Cardinality | Once, with allowed revisions after changes in the operational level risk model or the system function definitions |
Completion criteria | All needs for additional safety measures (as per ARCH.068) have been addressed, their deviations have been assessed and documented in the fault tree and these measures can be proven as effective via means like the fault tree. |
Design review | |
Step done by (Responsible) | System architect |
Provides input to/assists (Contributes) | RAMS architect Security architect |
Uses outputs (Informed) | None identified. |