Legal information

Copyright DB Netz AG, licensed under CC-BY SA 3.0 DE (see full text in CC-BY-SA-3.0-DE)

AMOD-030 Accident and hazard state model

Created byARCH.026 Define the state model of accidents, hazardous and safe state
ConcernsDescribe the possible accidents and contributing hazardous states of railway operation under DBS
Modified by

Used by

ARCH.020 Identify & classify operational deviations

ARCH.014 Evaluate risks to business effectiveness

ARCH.021 Evaluate security risks

ARCH.027 Evaluate operational safety risks

ARCH.028 Define operational safety measures

Viewpoint

Transition trigger typeExplanation
UnmodifiedDeviationOccurrence

This is the natural occurrence of a deviation - as it happens without any treatment by the engineer

It has an initial hourly probability (or a likelihood category).

UnmodifiedDeviationNonOccurrence

This is the natural non-occurrence of a deviation - that is, by luck (not by design) the deviation does not happen

The likelihood of this should be 1 - likelihood of the UnmodifiedDeviationOccurrence (set in ARCH.027 Evaluate operational safety risks)

ModifiedDeviationOccurrence

This replaces an UnmodifiedDeviationOccurrence when we make a design decision to restrict the likelihood of a deviation at ARCH.028; therefore it has attributes for specified maximum probability in one hour and for achieved maximum probability in one hour.

The specified maximum probability over one hour should be less than the DeviationInitialHourlyRate of the replaced UnmodifiedDeviationOccurrence, otherwise no improvement in risk is achieved.

ModifiedDeviationNonOccurrenceThis replaces an UnmodifiedDeviationNonOccurrence at ARCH.028 as the complement (that is, the logical opposite) of the ModifiedDeviationOccurrence.
AddedMitigationSuccessThis is added at ARCH.028 to represent the likelihood that an additional mitigation (that is, a mitigation that was not in a bare business process) succeeds.
AddedMitigationFailureThis is added at ARCH.028 to represent the likelihood that an additional mitigation (that is, a mitigation that was not in a bare business process) is not provided (other failure modes would be examined at system level).
Diagram modelling rules8. Modelling Rules for Risk Model#ModRules_VP_RiskView
Element modelling rules8. Modelling Rules for Risk Model#ModRules_VE_RiskElements
Viewpoint modelling rules

8. Modelling Rules for Risk Model#ModRules_VS_AMOD-030_130_131