A comparison of three systemic accident analysis methods using 46 SPAD (Signals Passed at Danger) incidents

During the period 1996-2003 there were five fatal accidents on the UK railway network, three of which were Signals Passed at Danger (SPAD) events (Watford Junction, 1996; Southall, 1997; Ladbroke Grove, 1999). SPAD events vary in severity and whilst most are not fatal there is the potential to cause serious injuries to passengers and train staff and damage to railway infra-structure. This paper investigates how the current system accident analysis tool used within the railway, the Incident Factor Classification System (IFCS) identifies and analyses causal factors of SPAD events. To evaluate the effectiveness IFCS was used to analysis SPAD incident reports (n=46) and the outputs were compared with two systemic accident analysis methods and relevant outputs (the Human Factors Analysis and Classification System – HFACS and Acci-Maps). The initial reporting process proved to hinder all systemic accident analysis methods in the extraction of causal factors. However, once extracted, all system accident analysis methods were successful in categorizing causal factors and demonstrated various outputs to illustrate the findings

RiskStructures : A Design Algebra for Risk-Aware Machines

Machines, such as mobile robots and delivery drones, incorporate controllers responsible for a task while handling risk (e.g. anticipating and mitigating hazards; and preventing and alleviating accidents). We refer to machines with this capability as risk-aware machines. Risk awareness includes robustness and resilience, and complicates monitoring (i.e., introspection, sensing, prediction), decision making, and control. From an engineering perspective, risk awareness adds a range of dependability requirements to system assurance. Such assurance mandates a correct-by-construction approach to controller design, based on mathematical theory. We introduce RiskStructures, an algebraic framework for risk modelling intended to support the design of safety controllers for risk-aware machines. Using the concept of a risk factor as a modelling primitive, this framework provides facilities to construct, examine, and assure these controllers. We prove desirable algebraic properties of these facilities, and demonstrate their applicability by using them to specify key aspects of safety controllers for risk-aware automated driving and collaborative robots