Scenario based STPA analysis in Automated Urban Guided Transport system

Beijing Metro plans to open an Automated Urban Guided Transport (AUGT) Line at the end of 2017. The line will follow GOA4 requirements according to IEC62290-2014 and IEC62267-2009. The main difference between the AUGT line and existing line is no driver or attended people on the train. The system will realize the following functions: Ensure safety movement, Driving Supervising guideway, supervising passenger transfer, Operating a train and Ensuring detection and management of emergency situations. Traditionally, HAZOP (Hazard Operability analysis) or FMEA (Failure Mode and Effect Analysis) method will be used to do the hazard analysis. But the main challenge is that most of human operation and behavior are replaced by equipment in AUGT and it is very difficult to deal with emergency condition. Finally, an operational scenario based method has been used to do hazard analysis which combined with STPA (Systems-Theoretic Process Analysis). As we know, STPA is a systematic analysis method from the view of safety control and it is good at human related error and management related analysis. In this paper, STPA has been used to compare with traditional method. The conclusions are: 1) STPA is more focusing on the safety related interaction and we can easily find the main clue by safety constraints compared to HAZOP; 2) Process Model Analysis should be done in each of scenario in order to find detail safety control measures; 3) In order to identify what could cause the unsafe control action or how control actions may not be executed properly, we also can use low layer control process model to do STPA analysis if we find it is still complex. We can regard this means as nested control process model.