Transactions on the Built Environment vol 7, 1994 WIT Press, ISSN

Similar documents
Safety-critical systems: Basic definitions

Availability analysis of railway track circuit

CHAPTER 1 INTRODUCTION TO RELIABILITY

C. Mokkapati 1 A PRACTICAL RISK AND SAFETY ASSESSMENT METHODOLOGY FOR SAFETY- CRITICAL SYSTEMS

Reliability Analysis Including External Failures for Low Demand Marine Systems

Accelerometer mod. TA18-S. SIL Safety Report

Chapter Capacity and LOS Analysis of a Signalized I/S Overview Methodology Scope Limitation

Transducer mod. T-NC/8-API. SIL Safety Report

Efficiency of Choice Set Generation Methods for Bicycle Routes

Determining Occurrence in FMEA Using Hazard Function

3. Real-time operation and review of complex circuits, allowing the weighing of alternative design actions.

Critical Gust Pressures on Tall Building Frames-Review of Codal Provisions

Probabilistic Models for Pedestrian Capacity and Delay at Roundabouts

How to Design Medical Accelerator Systems for Reliability: IBA PT System

Steam-Boiler Control Specification Problem

Models for Pedestrian Behavior

Understanding safety life cycles

Measuring Heterogeneous Traffic Density

Hydraulic and Economic Analysis of Real Time Control

Chapter 5: Methods and Philosophy of Statistical Process Control

CHAPTER 4 FMECA METHODOLOGY

Mathematics of Planet Earth Managing Traffic Flow On Urban Road Networks

Effects of Traffic Signal Retiming on Safety. Peter J. Yauch, P.E., PTOE Program Manager, TSM&O Albeck Gerken, Inc.

Transmitter mod. TR-A/V. SIL Safety Report

A study on the relation between safety analysis process and system engineering process of train control system

Software Reliability 1

Queue analysis for the toll station of the Öresund fixed link. Pontus Matstoms *

Quantifying the Bullwhip Effect of Multi-echelon System with Stochastic Dependent Lead Time

Safety-Critical Systems

Evaluating and Preventing Capacity Loss when Designing Train Control to Enforce NFPA 130 Compliance

Quality Planning for Software Development

Reliability of Safety-Critical Systems Chapter 4. Testing and Maintenance

HSIS. Association of Selected Intersection Factors With Red-Light-Running Crashes. State Databases Used SUMMARY REPORT

The Willingness to Walk of Urban Transportation Passengers (A Case Study of Urban Transportation Passengers in Yogyakarta Indonesia)

LECTURE 3 MAINTENANCE DECISION MAKING STRATEGIES (RELIABILITY CENTERED MAINTENANCE)

DEVELOPMENT OF A SET OF TRIP GENERATION MODELS FOR TRAVEL DEMAND ESTIMATION IN THE COLOMBO METROPOLITAN REGION

ENHANCED PARKWAY STUDY: PHASE 2 CONTINUOUS FLOW INTERSECTIONS. Final Report

SUBJECT: Board Approval: 4/29/04

MODULE III - PROCESS DESIGN

ASSESSMENT OF THE CAPACITY OF ROADS WEAVING SEGMENTS

DATA ITEM DESCRIPTION Title: Failure Modes, Effects, and Criticality Analysis Report

Sharing practice: OEM prescribed maintenance. Peter Kohler / Andy Webb

Ch.5 Reliability System Modeling.

Operational Comparison of Transit Signal Priority Strategies

Defining Purpose and Need

Road accidents. Preliminary estimates. January-June 2015

Webinar: Exploring Pedestrian Responsive Traffic Signal Timing Strategies in Urban Areas

Gdynia s bicycle model

Justification of Risk Reduction through In-Service Inspection / REDUCE

Safety of railway control systems: A new Preliminary Risk Analysis approach

Gravity Probe-B System Reliability Plan

Multimodal Arterial Level of Service

Analysis of hazard to operator during design process of safe ship power plant

Lane changing and merging under congested conditions in traffic simulation models

Why do I need dual channel safety? Pete Archer - Product Specialist June 2018

Queue Jump Lane, Transit Signal Priority, and Stop Location: Evaluation of Transit Preferential Treatments using Microsimulation

This test shall be carried out on all vehicles equipped with open type traction batteries.

Analysis of the Interrelationship Among Traffic Flow Conditions, Driving Behavior, and Degree of Driver s Satisfaction on Rural Motorways

Safety Critical Systems

EXAMINING THE EFFECT OF HEAVY VEHICLES DURING CONGESTION USING PASSENGER CAR EQUIVALENTS

Risk-Based Condition Assessment and Maintenance Engineering for Aging Aircraft Structure Components

ANALYSIS OF SATURATION FLOW RATE FLUCTUATION FOR SHARED LEFT-TURN LANE AT SIGNALIZD INTERSECTIONS *

Traffic circles. February 9, 2009

The risk assessment of ships manoeuvring on the waterways based on generalised simulation data

Proposal for a System of Mutual Support Among Passengers Trapped Inside a Train

Examples of Carter Corrected DBDB-V Applied to Acoustic Propagation Modeling


ITU PARATRIATHLON Fair Start System

Eutectic Plug Valve. SIL Safety Manual. SIL SM.015 Rev 0. Compiled By : G. Elliott, Date: 19/10/2016. Innovative and Reliable Valve & Pump Solutions

POWER Quantifying Correction Curve Uncertainty Through Empirical Methods

SAFE EGRESS FROM DEEP STATIONS Flawed Criteria in NFPA 130

A new methodology for cost-benefit-risk analysis of oil metering station lay-outs

Combining disturbance simulation and safety analysis techniques for improvement of process safety and reliability

System Operating Limit Definition and Exceedance Clarification

Calculation of Trail Usage from Counter Data

LONGITUDINAL AIR VELOCITY CONTROL IN A ROAD TUNNEL DURING A FIRE EVENT

Tokyo: Simulating Hyperpath-Based Vehicle Navigations and its Impact on Travel Time Reliability

How to achieve fluid traffic

Chapter 5: Comparison of Inspection and Testing Results

An Analysis of Reducing Pedestrian-Walking-Speed Impacts on Intersection Traffic MOEs

(C) Anton Setzer 2003 (except for pictures) A2. Hazard Analysis

Sports Analytics: Designing a Volleyball Game Analysis Decision- Support Tool Using Big Data

Blocking time reduction for level crossings using the genetic algorithm

Safety Analysis Methodology in Marine Salvage System Design

Value of time, safety and environment in passenger transport Time

E. Agu, M. Kasperski Ruhr-University Bochum Department of Civil and Environmental Engineering Sciences

A Depletion Compensated Wet Bath Simulator For Calibrating Evidential Breath Alcohol Analyzers

Analysis of Pressure Rise During Internal Arc Faults in Switchgear

It is essential that the maintenance staff is qualified for electrical works and follows safety procedures.

A quantitative software testing method for hardware and software integrated systems in safety critical applications

Determination of the Design Load for Structural Safety Assessment against Gas Explosion in Offshore Topside

MIL-STD-883G METHOD

Addressing Deficiencies HCM Bike Level of Service Model for Arterial Roadways

Determining bicycle infrastructure preferences A case study of Dublin

A Novel Gear-shifting Strategy Used on Smart Bicycles

'Dipartimento di Ingegneria Elettrica, Universita di Genova Via all 'Opera Pia, lla Genova, Italy

Determination of Safety Level for the Train Protection System at Ringbanen in Copenhagen

FP15 Interface Valve. SIL Safety Manual. SIL SM.018 Rev 1. Compiled By : G. Elliott, Date: 30/10/2017. Innovative and Reliable Valve & Pump Solutions

Param Express. Param Sankalp December Newsletter winners. Key Activities Concluded. Watch Out For

Risk Management Qualitatively on Railway Signal System

Transcription:

Service dependability of Italian high speed railway system: modeling and preliminary evaluations R. Calabria, L. Delia Ragione, G. Pulcini & M. Rap one Istituto Motori CNR, Via Marconi 8, 80125 Napoli, Italy Abstract In this paper a dependability model is proposed in order to predict the effect of failures on the service quality of a transit system. The model has been developed for analysing the Italian High Speed railway system and applied to the Turin-Milan line. Numerical evaluations of the service quality have been carried out to assess the effect of failures of the train power supply system and sensitivity analyses have been performed to indicate how service quality can be improved. 1 Introduction Since the conception phase of the life cycle of transit systems, reliability and quality analyses play an important role to define the structural and operative characteristics of the system and to set reliability and maintainability specifications which could assure that service quality goals will be met. Thus, mathematical methods have been developed in order to provide quantitative tools to designers and managers of transit systems for a) evaluating service quality measures of transit systems, b) detecting the critical (from a service quality viewpoint) subsystems, and c) suggesting changes both in reliability or maintainability specifications of subsystems and in structural characteristics of the whole system. To describe service quality of transit systems, the dependability has been recognized in the transportation reliability literature as an effective measure which represents the user's viewpoint (see Prascker [1], Heimann [2, 3]). Dependability models link up system dependability with reliability and maintainability characteristics of all subsystems which constitute transit system, incorporating operating characteristics and recovery policy

464 Railway Operations from failure of each particular transit system. In this paper, a dependability model is proposed, which has been developed in order to analyze the Italian High Speed railway system, which is actually in the development phase. This model has been developed taking into account that it has to be used in the pre-design phase when the definition level of reliability and maintainability characteristics does not allow detailed analyses of failure mode and recovery policy from failure to be performed. The proposed model assumes as a measure of system service dependability (SSD) the probability that any total delay a passenger experiences on his trip will be no greater than an acceptable quantity 8: SSD = Pr{delay < 6} This measure reflects the fact that a passenger is willing to accept a delay only if it is of short duration and happens with low frequency over the long-term use of the transit system. An analytical approach is used to evaluate SSD, assuming that a) the passenger cannot experience more than one elementary delay in his trip, and b) all elementary delays are independent random variables. The dependability model has been applied to the Turin-Milan line (120 km length) and the effect of the failures of some technological subsystems on SSD has been evaluated. In particular, all the subsystems which constitute the train power supply system in the selected line have been considered: a) the overhead contact line, b) three electric traction substations which feed the overhead contact line, and c) three high-voltage transmission networks (one for each electric power substation). Numerical evaluations of SSD are based on the preliminary analyses and evaluations (given in Capasso et al. [6]) of the reliability and maintainability characteristics of the above subsystems. Sensitivity analyses have been also carried out to evaluate the influence both of reliability characteristics of some subsystems and of design alternatives on SSD. 2 Dependability modeling Many approaches exist in the development of a dependability model which evaluate SSD starting from a) the identification of all possible failure modes of subsystems which constitute the transit system, b) the probability that each failure mode occurs, and c) the distribution function of elementary delay caused by each failure. Such approaches can be classified into analytical and numerical ones. Analytical approaches are based on the following hypotheses: a) the passenger cannot experience more than one elementary delay in his trip, and b) all elementary delays are independent variables. Models which use

Railway Operations 465 such an approach are very attractive because, as a result of their semplicity, they require short run time and can run on most personal computers. However, thay can be used with a good approximation only if the probability of occurrence of more than one failure in a single trip is negligible. The numerical approach, on the contrary, does not assume any restrictive hypothesis on the number of delays and/or on the stochastic independence among the elementary delays (see Rapone et al [4] and Calabria et al. [5]). Such an approach requires longer run times and produces more accurate results, with respect to the analytical one, only if input data are very accurate. In developing the dependability model which analyses a line of the Italian High Speed system, the analytical approach has been chosen due to both the large reliability values of the analysed subsystems and the very short travel distance and time. This choice is strengthened by the fact that in the conception phase of a transit system the specification level of reliability and maintainability characteristics does not allow failure modes and recovery policy from failure to be defined in details. Notice that if the hypothesis on the number of elementary delays is not satisfied, then the analytical approach tends to overestimate the SSD. In the analitical models, the SSD is expressed as: N SSD = Pr{delay < 6} = [] Pr{d, < 6} 2=1 (I) where di is the elementary delay caused by the i-th failure mode, and N is the total number of failure modes which can delay the train. By using the Bayes theorem on the conditional probabilities, the probability that each elementary delay is no greater than the acceptable quantity 8 is given by: PrR <«} =!- Pr{f,} PrR > #} (2) where f; denote the i-th failure mode event. If the i-th failure mode produces different delay distributions (as a function, for example, of the position of the failed subsystem with respect to the train, or of different recovery policies) different failure dynamics are defined. Thus (2) is rewritten: (3) where mi denote the number of failure dynamics of i-th failure mode and dij is the elementary delay caused by the j-th failure dynamic. (Notice that the m^ events f*j must be mutually exclusive.) The above situation occurs frequently when the distribution of delay times changes if: a) the

466 Railway Operations Table 1. Input data for dependability evaluations HTN's ETS's CL MTBF#I = 1.945 h MTBF -- = 3457^3 h MTBF = 182150 h MTBF#2 = 1.786.# h RT = 5 min di 0.80 MTBF#3 = 1.923.# h T#l = 0.154 h 0.04 RT=t> min 0.167 h #3 0.16 T #1 = 0.154 h 0.115 h MT7^R = 3 h T#2 = 0.167 T#3 = 0.115 h h ~R = 0. 930933 T = 0. 436 h failure of a subsystem occurs when the train is using that subsystem, or b) the failure occurs before the train uses that subsystem. In subsections 2.1-2.3, for each subsystem the explicit expression of Pr{di < 8} is given. Note that, in evaluating the failure probability Pr{f^}, times between two successive failures are assumed to be independent and identically distributed, according to an exponential distribution. Under this hypothesis, the mean time between failures (MTBF) is equal to the inverse of the (constant) failure rate. 2.1 High- Volt age Transmission Network On the basis of the engineering analyses given in Capasso et al [6] and under the assumption that the success probability of the restoring and rearrangement (R&R) action is equal to 1, the probability (2) that the delay caused by the failure of each high-voltage transmission network (HTN) is no greater than the acceptable quantity 6 is given by: where R(T) is the reliability of each HTN at the 'use' time T. In case of failure, the HTN is restored through R&R action which is in the average 5 minutes long (see Table 1). Thus, the availability A of each HTN is evaluated by using such an R&R time, say RT, as mean time to repair: (4) A= MTBF -h RT (5) ^ ' Since the failure of HTN produces a delay approximately equal to.rt, then Pr{d,HTN > f/rzw} is set equal to 1 for any 6 < 5 minutes. 2.2 Electric Traction Substation When an electric traction substation (ETS) fails, an R&R action is tried. If this action fails, then the section of overhead contact line fed by the failed ETS is fed, through appropriate switching operations, by the contiguous ETS. The success probability of such a switching is practically

Railway Operations 467 equal to the probability that the ETS contiguous to that failed is functioning. Such a probability is given by: where M DT is the mean down time of the ETS. Such M DT is given by: (6) (1 - ^R) (7) where RT is the R&R time, R is the success probability of the R&R action of the ETS (see Capasso et al. [6]), and MTTR is the mean time to repair. In the conservative hypothesis of series structure, MTTR is evaluated as the weighted average of the mean times to repair of the components of ETS, where the weights are the failure rates of each component. By using data in Capasso et al. [6](see also Table 1), we have: M7T# = 168h MD7=16.3h (8) from which the success probability of feeding through the contiguous ETS is equal to 0.9995. Such a value seems to be sufficiently high to disregard the case where a failed ETS finds the contiguous ETS unavailable. Since, from preliminary analyses, the success probability of the R&R action of ETS cannot be set equal to 1, two different failure dynamics have been recognized for each ETS: 1. ETS fails and the R&R action successes, 2. ETS fails and the R&R action fails. A different delay distribution is associated to each failure dynamic. Thus, (3) can be written: 6} = 1 - [(1 -,4 a(t)) ' ^ ' Pr{d^,i > ^1 Ws,i} 4- (9) where T denotes the 'use' time of ETS (equal to the 'use' time of the segment of overhead contact line fed by that ETS), and A denotes the probability that the segment of overhead contact line is fed when the train is going to use it. For evaluating A, the mean time of no feed (MTN F) is used as down time. MTN F is given by: M7WF = #7 7? + TF (1 - ^R) (10) where TF = 10 min is the time needed to feed the overhead contact line through the ETS contiguous to that failed. Thus, by using data in Table 1, MT7VF=5.35 min. The conditional distributions of delay times, given the occurrence of the above failure dynamics, can be derived by noting that, if the R&R action successes (failure dymanic #1), the delay is equal to RT = 5 minutes, whereas, if that action fails (failure dynamic # 2), the delay is greater than 10 minutes.

468 Railway Operations Table 2. Conditional distribution of delays, given CL failure 5 CROSIS-O\ 'ER POINTS CL.,1 CLl,2 CL2,2 CL3,2 tj} 1.000 0.606 1.000 1.000 Pr{dij>2 f, tf) 1.000 0.600 0.925 0.921 Pr{dij > 5 f, y} 0.454 0.369 0.925 0.921 ij} 0.039 Pr{^>15 f(;} 0.013 0.209 0.185 0.925 0.925 0.921 0.921 4 C-O CL.,1 1,.000 1,.000 0,.605 0.166 0.026 POINTS CL1,2 0.606 0.600 0.435 0.245 0.208 2.3 Overhead Contact Line Three different failure modes of the overhead contact line (CL) have been defined: 1. failure independent from train passing (CL1), 2. failure caused by short-circuit on board (CL2), 3. failure caused by breakage of locomotive pantograph (CL3). For each failure mode, two dynamics have been detected: 1. the failure occurs before the train uses CL, 2. the failure occurs when the train is using CL. Thus, for example, in case of failure mode CL1, the probability (3) is: < 6} = 1 - [(1-4 The mean time between failures relative to each failure mode is to be computed in order to evaluate the reliability and availability of CL. For example: MTBFi = MTBF/gi, where MTBF is the total mean time between failures relative to all failure modes of CL, and g± is the occurence frequency of failure mode # 1. Hence, by using data in Table 1: MTBFi = 15319h MTBF^ = 306375 h MT Fs = 76594 h (12) The availability A has been evaluated by setting the mean time to repair equal to 3 h. The delay distributions relative to all the failure modes and dynamics have been derived, via Monte Carlo simulation, in Capasso et al. [6] and are summarized in Table 2. Notice that the failure dynamic #1 produces the same delay distribution, independently from the failure mode. 3 Dependability Evaluation The proposed dependability model has been applied to the Turin- Milan line and the effect of the failures of the train power supply system has

Railway Operations 469 Table 3. SSD evaluation for different 8 values Acceptable delay 6 (minutes) 0 0,,999710 2 0.999711 5 0.999870 10 0.999977 15 0.999985 been evaluated. In particular, seven subsystems have been considered: 1) CL, 2) ETS #1, 3) HTN #1, 4) ETS #2, 5) HTN #2, 6) ETS #3, 7) HTN #3, for a total of 7V=9 failure modes. The choice of considering different failure modes for CL, only, is motivated both by engineering considerations on the failure mechanism of the above subsystems, and by the fact that the failure probability of CL is quite greater than that of the other subsystems. By using data provided by Capasso et al [6] and summarized in Tables 1 and 2, SSD has been evaluated for different values of the acceptable delay 8 (see Table 3). These SSD values, which take into account the effect of failures of the train power supply system only, seem to show that the design choices on that system allow high dependability values to be achieved. Of course, the larger potentiality of such dependability models is in performing sensitivity analyses. In fact, such analyses allow to indicate how the SSD can be improved and how much this improvement is. Hence, alternative options can be compared in a trade off analysis, and the consequent operational and/or design modifications can be done. In Figure 1, results of sensitivity analyses versus mean time between failures of ETS's and of CL are shown. It appears that reliability improvements of ETS's do not produce sensible increments in SSD, and that the failures of CL produce large effect on SSD. This fact strengthens the choice of defining three different failure modes of CL. CD < Q Q 111 O g 0.9999-0.9998 - OVERHEAD CONTACT LINE ELECTRIC TRACTION SUBSTATIONS 8=2min ELECTRIC TRACTION SUBSTATIONS 2 4 6 8 ACTUAL / NOMINAL MTBF Figure 1. Sensitivity analyses of SSD versus reliability changes

470 Railway Operations Table 4. Sensitivity analyses of SSD versus design options 6 (min) 0 2 5 10 15 5 CROSS-OVER POINTS 0.999710 0.999711 0.999870 0.999977 0.999985 4 CROSS-OVER POINTS 0.999710 0.999711 0. 999832 0,,999944 0. 999981 In Table 4, results of sensitivity analyses versus different design options are given. In particular, the reduction of the number of cross-over points (by eliminating the point at 50 km) is analysed. Such a reduction causes variations in some conditional distribution of delay times (see Table 2). The above results show that SSD is not sensibly degraded by the elimination of that cross-over point, thus suggesting the opportuneness of such an option. Acknowledgment This research is funded by Finalized Project on Transportation Research of National Research Council (CNR) of Italy. References 1. Prashker, J.N. Direct analysis of the perceived importance of attributes of reliability of travel modes in urban travel, Transportation, 1979, 8, 329-346. 2. Heimann, D.I. Availability: concepts and definitions, pp. 486-490, Proc. of Annual Reliability & Maintainability Symposium, Las Vegas, USA, 1976. 3. Heimann, D.I. The determination of transit system dependability, pp. 314-322, Proc. of Annual Reliability & Maintainability Symposium, Washington, USA, 1979. 4. Rapone, M., Calabria, R. & Pulcini, G. A multi-failure additive dependability model for transit system effectiveness analysis, Quality and Reliability Engineering International, 1989, 5, 47-52. 5. Calabria, R., Delia Ragione, L., Pulcini, G. & Rapone, M. Service dependability of transit systems: a case study, pp. 366-371, Proc. of Annual Reliability & Maintainability Symposium, Atlanta, USA, 1993. 6. Capasso, A., Ciaccio, N., Lamedica, R. & Prudenzi, A. Service dependability of Italian high speed railway system: influence of fixed installation design. Submitted to COMPRAIL 94-

2024 © sportdocbox.com Privacy Policy | Terms of Service | Feedback