Towards An Improved β-factor Estimation for Safety-Critical Railway Systems

Industries rely on a variety of safety-critical systems, such as signaling systemsin railways and fire protection systems in nuclear plants. These systems performsafety functions to protect against undesired and harmful events. Therefore, thefailure or malfunction of these systems has serious consequences, includingloss of life, environmental damage, and property destruction. Hence, to achievehigh reliability of these systems, it is common practice to include redundancyto ensure system functioning despite individual component failure. In particular,Common Cause Failures (CCF) pose a significant threat to these systemsas they can cause multiple components to fail simultaneously due to a singleunderlying root cause. Thus, quantifying CCF is crucial in probabilistic failureanalysis, i.e., the evaluation of the likelihood of system failures and theirpotential consequences in safety-critical industries.For quantifying CCF, explicit and implicit methods are available. Explicitmethods model each failure event in detail, including its possible causes andcombinations, to directly represent the dependencies and interactions among thesystem components. In contrast, implicit methods avoid modeling individualfailure events and instead rely on aggregate parameters to account for dependenciesamong components and their impact on system reliability. These models areadvantageous when CCF are not directly observable at the component level, suchas those arising from systematic issues related to design, operational practices,or environmental influences, commonly referred to as residual causes. Severalimplicit models are available, including the α-factor model, which distributescommon cause failures among components based on their conditional probabilities,and the Binomial Failure Rate model, which estimates the probability of multiple component failures using a binomial distribution approach. However,the most widely adopted approach across industries such as nuclear, railway,and process sectors is the β-factor model.The international functional safety standard, IEC 61508, provides a methodologyto estimate the β-factor, applicable in a wide range of safety-criticalindustries. In this methodology, scores are derived from expert-designed checklistquestions, answered based on aspects such as system design, implementation,and operational practices. The scores are aggregated across a relevant, thoughlimited, set of defense measures and mapped to estimate the overall β-factor,representing the fraction of failures caused by common causes. The methodologyrelies on generic assumptions and is closely tied to the original checklistquestions, reflecting the technologies available when the standard was written.Although this enables broad application without requiring detailed CCF datafor every system, it often produces conservative estimates, which can lead tounnecessary design features or safety measures that increase system complexityand cost. It also limits practitioners’ ability to account for factors from emergingtechnologies or updated practices that could influence the β-factor accuracy.This thesis explores how the β-factor estimation methodology outlined inIEC 61508 can be adapted to strengthen its applicability within the railwayindustry. The work begins by identifying a foundational gap in the literature:the absence of a comprehensive and structured overview of existing β-factormodels. A literature review was conducted, identifying 20 distinct models andorganizing them to support accurate and efficient application. Building on thisfoundation, the thesis proposes an extensible β-factor estimation methodologythat incorporates a new set of checklist questions and a structured scoringsystem. This extension improves flexibility, allowing the methodology to betteraccommodate emerging technologies and evolving safety practices. Furthermore,the applicability of the defense measures of IEC 61508 is critically evaluatedusing historical safety data from the railway industry. The analysis reveals thatoperational factors are the primary contributors to CCF, contrasting with theemphasis of the standard on design-focused defenses. These findings underscorethe need for industry-specific strategies and support the development of a morecontext-aware β-factor methodology.