Third Workshop, Bielefeld, 12-13 February 2004

An Event of German Chapter of System Safety Society

12-13 February 2004
Center of Interdiciplinary Research (ZiF), University of Bielefeld

Program
Talks
Participants
Photos

Program

Thursday 12.02.2004: Root-Causal Analysis
1000-1015	Welcoming Comments (Ladkin)
1015-1115	Peter Ladkin, Jörn Stuphorn (RVS, Uni Bielefeld): Analysis of a Friendly Fire Accident with WBA
1115-1200	Babette Fahlbruch (TU Berlin): Analysis of the BrÃ¼hl Rail Accident with SOL-VE
1200-1330	Lunch (ZiF Restaurant)
1330-1415	Jens Braband, Ernesto de Stefano, Sonja-Lara Kurz (Siemens TS): Comparison of Event-Based Root Cause Analysis Models
1415-1500	Timm Grams (FH Fulda): The Three Dimensions of Risk
1500-1530	Coffee Break (ZiF Restaurant)
1530-1600	Oliver Lemke (IfEV, TU Braunschweig), Bernd Sieker (RVS, Uni Bielefeld): Causal ML and its ciedit-Tools
1615-1800	Discussion: RCA Technique Comparison Criteria Revisited
2000 - late	Dinner at Wernings Weinstube
Friday 13.02.2004: Risk Analysis
0900-0945	Jens Braband (Siemens TS): A Remedy for a Serious Flaw in the Risk Priority Number Concept
0945-1030	Michael Miller (FH Gelsenkirchen): Probabilistic Risk Analysis and the Concept of Bayesian Networks
1030-1100	Coffee Break (ZiF Restaurant)
1100-1145	Claire Blackett (UC Dublin): Analysis of the Royal Majesty Grounding Using SOL
1145-1230	Roman Slovak (IVA, TU Braunschweig): Risk Analysis with the PROFUND Modelling Approach
1230-1400	Lunch (ZiF, as yesterday)
1400-1430	Christina Junge (FH Gelsenkirchen): Analyse der Midair-Collision bei Überlingen (WBA)
1430-1600	Discussion: Visualisation
1600	End of Workshop

Talks

Back to Contents

Peter Ladkin, Jörn Stuphorn (RVS, Uni Bielefeld): Analysis of a Friendly Fire Accident with WBA
Scott Snook analysed the 1994 shootdown by USAF F-15 aircraft over Northern Iraq of two US Army UH-60 helicopters ferrying leaders of Operation Provide Comfort between meetings with local residents. He provided a cursory "causal analysis" based on the Counterfactual Test, then considered in detail the social and psychological determinants of the individual factors (the F-15s' misidentification of the helicopters), the group factors (the failure to intervene of the "supervisory" AWACS command aircraft), the organisational factors (that the helos were not integrated into the Operation Provide Comfort flight planning), and formulated an additional theory that he felt to be useful. In previous work, we have identified and corrected significant mistakes in Snook's causal reasoning, and will present that again in the first talk. Then we shall show how the WBA approach represents straightforwardly the social and psychological factors posited by Snook, and allows some consistency and coherence checks previously unavailable to social theorists constructing social explanations of complex events.

Slides (PDF) | Hand Out (PDF) | Paper (PDF)
Babette Fahlbruch (TU Berlin): Analysis of the BrÃ¼hl Rail Accident with SOL-VE
No Abstract available
Jens Braband, Ernesto de Stefano, Sonja-Lara Kurz (Siemens TS): Comparison of Event-Based Root Cause Analysis Models
Three widely used event-based root cause analysis methods (SOL, ECF and MES) are applied to the Warngau railway accident and the Herold of Free Enterprise ferry acccident. The strengths and weaknesses of the methods are compared and discussed. Recommendations and directions are given for further research, in particular for a hybrid approach based on event-based techniques and WBA or STAMP.

Slides (PDF)
Claire Blackett (UC Dublin): Analysis of the Royal Majesty Grounding Using SOL
The talk presents an analysis of the grounding accident to the cruise ship Royal Majesty, using the method Safety through Organisational Learning (SOL). The analysis is based on the U.S. National Transportation Safety Board report MAR-97-01, and may be compared with the Why-Because Analysis of the same accident presented at the Second Bieleschweig Workhop.

Slides (PDF)
Oliver Lemke (IfEV, TU Braunschweig), Bernd Sieker (RVS, Uni Bielefeld): Causal ML and its ciedit-Tools
CausalML is a XML-based file format for storing causal relationship data. Causal relationships are one of the results of a Why-Because-Analysis and are usually displayed as a Why-Because-Graph. CausalML provides a standarised platform-independent way to store causal relationship data. One may also say that CausalML is a data exchange format for Why-Because-Graphs (WB-Graphs). It allows handling of the following information entities:
- Information on the nodes of a WB-Graph
- Information on the relationships between the nodes
- Information on the layout of a certain graph
The talk explains the ideas behind CausalML and its basic concepts, and illustrates the adaptation of the tool ciedit to the CausalML data interchange format.
Jens Braband (Siemens TS): A Remedy for a Serious Flaw in the Risk Priority Number Concept Risk Priority Numbers (RPNs) are a powerful qualitative method for discovering and prioritising critical issues in early design phases. They have become very popular in particular as a tool in automotive or software Failure Modes, Effects, and Criticality Analysis (FMECA). However, it has been shown that the existing RPN concept is seriously flawed. This paper presents a theoretical approach towards a new RPN concept, called the Improved Risk Priority Number (IRPN), which is based on a sound model of risk and can be used with equal ease, but does not suffer from the shortcomings of the existing RPN concept. A particular example from a railway application is discussed.

Slides (PDF)
Michael Miller (FH Gelsenkirchen): Probabilistic Risk Analysis and the concept of Bayesian Networks
The developments of the theory an application areas for Bayesian probabilistic nets or Bayesian belief networks has been and is still evolving rapidly. It is at present possible to utilise the technique for almost any aspect of probabilistic modelling and decision making, ranging from inference problems, model building and data mining over to pre-posterior decision analysis. In the following some of the most basic aspects of Bayesian probabilistic networks will be presented. The presentation is far from complete and should be seen as a very first instruction to the application of Bayesian nets for Risk Analysis.

Slides (PDF)
Timm Grams (FH Fulda): The Three Dimensions of Risk
The talk is on my 2002/4 R&D activities aiming at a broader understanding of the concept of risk. Starting point is the proposition ?Risk has three dimensions?: technics, man and society. The notion of risk can only be understood through an interdisciplinary approach. At a colloquium held in Fulda, experts in engineering (Adolf Birkhofer, Munich) , psychology (Ortwin Renn, Stuttgart) and sociology (Klaus Japp, Bielefeld) discussed the various aspects of risk. The proceedings and some further material can be found on the page http://www.fh-fulda.de/fb/et/Brett2002/Kolloquium.htm. As a resume I published the essay "Risk-optimization versus risk-limitation"Analysis of an old and ongoing policy dispute? (Automatisierungstechnische Praxis atp (2003 ) 8, 50-57). (All publications are in German.)

Slides (PDF)
Roman Slovak (IVA, TU Braunschweig): Risk Analysis with the PROFUND Modelling Approach
Today one deficit of CENELEC-standards for Railway applications (EN 50 126, EN 50 128, EN 50 129) is that while providing comprehensive guidance regarding the achievement of particular safety targets (Safety Integrity Levels - SIL), they do not precisely define the method and rules for deriving SIL's for system elements from system safety targets or tolerable operational risk.
The process for definition of safety targets for all components of the train control system is firstly based on the risk evaluation resulting from its operational behaviour and secondly on the system design analysis carried out under consideration of a concrete technical system solution. A risk analysis assumes a functional specification which must result from the well defined control task of the system in the railway traffic process.
Application of universal railway operation control systems designed in order to fulfil the highest safety requirements is related with high cost of investment, operation and maintenance. The new operation risk based safety definition of the standard EN 50126 theoretically allows deriving the safety targets of the system according to the expected traffic densities. It is the question of a sensitivity analysis to quantify the relation between several stochastic processes.
The talk presents a formal approach to the integrated safety system design named PROFUND (Process Function Dependability Modeling) using Petri Nets taking an example of a level crossing. Using the method based on a stochastic analysis of Extended and Deterministic Stochastic Petri Nets the quantitative value of operational risk can be evaluated and compared with the given risk acceptance criterion. It will be shown, how a Petri net model can be used for the sensitivity analysis with the aim to find the traffic parameters of the controlled operational process and system functions with the highest risk relevance. An approach for integration of human behaviour in the risk analysis will be presented. Finally the potential of the use of formal description of stochastic Petri nets by the design and analysis of railway operation control systems will be given.
Christina Junge (FH Gelsenkirchen): Analyse der Midair-Collision bei Überlingen (WBA)
Ziel des Vortrags ist es, die Zusammenhänge, die zum Eintreten der Midair-Collision bei Überlingen geführt haben, darzustellen. Es werden die Grundursachen herausgearbeitet, die sich aufgrund der WB-Analyse für den Unfall ergeben haben. Darüber hinaus erfolgt ein kurzer Ausblick auf bereits realisierte bzw. noch zu realisierende Gegenmaßnahmen zur Vermeidung eines ähnlichen Unfalls in der Zukunft.

Slides (PDF) | WBGraph (Visio) | Diplomarbeit at FH Gelsenkirchen (PDF)

Participants

Back to Contents

Participants who attend Third Bieleschweig Workshop were (arranged alphabeticaly) :

No	Name of Participant	Institution	email
1	Andre Döring	Uni Bielefeld RVS	andre_at_rvs_dot_uni-bielefeld_dot_de
2	Avinanta Tarigan	Uni Bielefeld RVS	avinanta_at_rvs_dot_uni-bielefeld_dot_de
3	Babette Fahlbruch	TU Berlin	bfahlbr_at_gp_dot_tu-berlin_dot_de
4	Bernd Sieker	Uni Bielefeld RVS	bsieker_at_freenet_dot_de
5	Bernhard Wilpert	TU Berlin	Bernhard_dot_Wilpert_at_tu-berlin_dot_de
6	Christina Junge	FH Gelsenkirchen	christina_dot_junge_at_web_dot_de
7	Claire Blackett	University College Dublin	claire_dot_blackett_at_ucd_dot_ie
8	Dieter Meisner	DB AG	Dieter_dot_Meisner_at_bahn_dot_de
9	Enrico Anders	TU Dresden	enrico_dot_anders_at_mailbox_dot_tu-dresden_dot_de
10	Ernesto de Stefano	Siemens TS	ernesto_dot_destefano_at_siemens_dot_com
11	Gunnar Bosse	TU Braunschweig IfEV	g_dot_bosse_at_tu-bs_dot_de
12	I Made Wiryana	Uni Bielefeld RVS	mwiryana_at_rvs_dot_uni-bielefeld_dot_de
13	Jan Hennig	Uni Bielefeld RVS	jhennig_at_rvs_dot_uni-bielefeld_dot_de
14	Jan Sanders	Uni Bielefeld RVS	jsanders_at_TechFak_dot_uni-bielefeld_dot_de
15	Jan-Tecker Gayen	TU Braunschweig IfEV	j_dot_gayen_at_tu-bs_dot_de
16	Jens Braband	Siemens TS	jens_dot_braband_at_siemens_dot_com
17	Jörg May	TU Braunschweig IVA	may_at_iva_dot_ing_dot_tu-bs_dot_de
18	Jörn Drewes	TU Braunschweig IVA	drewes_at_iva_dot_ing_dot_tu-bs_dot_de
19	Jörn Stuphorn	Uni Bielefeld RVS	joern_at_stuphorn_dot_de
20	Marc Fezer	FH Gelsenkirchen	marc_dot_fezer_at_gmx_dot_de
21	Michael Miller	FH Gelsenkirchen	michael_dot_miller_at_fh-gelsenkirchen_dot_de
22	Oliver Lemke	TU Braunschweig IfEV	o_dot_lemke_at_tu-bs_dot_de
23	Peter Ladkin	Uni Bielefeld RVS	ladkin_at_rvs_dot_uni-bielefeld_dot_de
24	Robert Lehmann	DE.Consult	Robert_dot_Lehmann_at_de-consult_dot_de
25	Roman Slovak	TU Braunschweig IVA	r_dot_slovak_at_tu-bs_dot_de
26	Sonja-Lara Kurz	Siemens TS	Sonja-Lara_dot_Kurz_at_bwg1_dot_siemens_dot_de
27	Stefanie Schwartz	DLR	Stefanie_dot_Schwartz_at_dlr_dot_de
28	Timm Grams	FH Fulda	Timm_dot_Grams_at_et_dot_fh-fulda_dot_de
29	Ulrich Maschek	TU Dresden	u_dot_maschek_at_mailbox_dot_tu-dresden_dot_de

Photos

Back to Contents

Photos from Third Bieleschweig Workshop can be found in RVS Photo Album