Towards Applying STPA to Autonomous Railway Systems - A Hierarchical Safety Control Structure for GoA2 Train Operations

A key element of Systems-Theoretic Process Analysis (STPA) method is its hierarchical safety control structure (HSCS), which defines how safety constraints have to be enforced within the system. In fact, any hazard analysis conducted using the STPA approach is only as effective as the quality of its underlying control structure. To pave the way for the application of STPA in autonomous railway systems, this paper proposes a HSCS for semi-automated train operations in European railways. The design is based on input data derived from European railway system requirements, functional and technical architectures of subsystems, and a comprehensive review of existing research works in the domain. This structure clarifies the control relationships (controllers and controlled processes) between diverse technical and operational actors, and defines the associated information flows. Starting from this HSCS, it is then possible to effectively perform the remain steps of STPA process (i.e., identifying unsafe control actions and determining loss scenarios).

Keywords: Autonomous railway systems, Railway safety, Systems-Theoretic Process Analysis (STPA), Hierarchical safety control structure, Railway automation.