Decision Support Approach for Assessing of Rail Transport: Methods Based on AI and Machine Learning

Decision Support Approach for Assessing of Rail Transport: Methods Based on AI and Machine Learning

Habib Hadj-Mabrouk
DOI: 10.4018/978-1-7998-8040-0.ch005
(Individual Chapters)
No Current Special Offers


As part of the certification process for a new rail transport system, one of the essential steps is to examine, from a safety point of view, that the system (and its technical and human environment) satisfies the regulatory requirements of safety and in particular that it can in no case be a source of risk for travelers. This intellectual process by which a certification expert assesses a situation, predicts an event, or makes a decision is often difficult to model in the form of reliable and definitive algorithms. This difficulty can be partially overcome by using artificial intelligence (AI) techniques. In order to improve the usual approaches to analysis and evaluation of safety studies used in the context of certification, this chapter presents several methods and tools based on AI techniques and in particular on knowledge acquisition methods, supervised machine learning (SML), case-based reasoning (CBR), and knowledge-based systems (KBS).
Chapter Preview


A careful study of the certification expert's reasoning mechanisms, of his problem-solving strategies and heuristics, shows that he mainly involves symbolic, evolutionary, qualitative data and that he simultaneously calls on inferences of the type inductive and deductive. This is what led us to resort to Artificial Intelligence (AI) techniques in order to systematize the approach of the experts and consequently to reinforce the conventional methods of safety analysis. The aim of the research is to supplement and strengthen the usual methods of safety analysis; streamline and harmonize the safety review process and finally have tools based on AI techniques to systematize the accident risk management process. The proposed approach, which relies on the use of several machine learning (ML) methods, is structured around two main phases. The first phase focuses on the acquisition and modeling of knowledge involved in the safety analysis process in the form of accident scenarios. This process entailed the use of knowledge acquisition techniques. On the basis of these accident or potential incident scenarios which derive in particular from experience feedback on transport systems already certified and put into service in France, the second phase of the study seeks to exploit this historical data with a view to discovering possible dangerous situations not taken into account during the development of a new transport system. These new accident risks are likely to help and stimulate the imagination of safety experts during the process of evaluating the completeness and consistency of safety studies prepared by the designer of the transport system. This second phase of the study focuses on improving three safety analysis methods: functional safety, safety of critical software and safety of hardware equipment. For each of these three methods of safety analysis, we have developed several feasibility models that are based in particular on the use of ML: Learning by grouping concepts, Rule-based ML (RBML) and Reasoning case-based (RBC). This study, which is based on several ML methods, resulted in the development of three complementary research projects:

  • 1.

    Project “ACASYA” for help in the evaluation of functional safety analysis (FSA).

  • 2.

    Project “SAUTREL” for help in analyzing critical software safety and in particular Software Error Effect Analysis (SEEA).

  • 3.

    Project “SASEM” for help in analyzing hardware safety and especially Failure Modes, Effects and Criticality Analysis (FMECA).

This chapter is organized in three main paragraphs. The first presents the general context of the study and in particular the regulatory context, the railway safety assessment process and some examples of the application of artificial intelligence techniques in the field of rail transport. After positioning this study, the second paragraph is devoted to the objectives and results of the study. It first proposes the approach adopted for decision support and in particular for the certification of a new rail transport system. This approach, which is based on AI techniques (machine learning, case-based reasoning, expert system), uses historical data and knowledge from experience feedback on already certified systems in order to produce new knowledge likely to assist safety experts in the safety assessment process of a new transport system. In order to show the feasibility and the validity of this approach, this second paragraph successively presents the results of three research projects: “Acasya” project to aid in the evaluation of FSA, Project “Sautrel” for help SEEA and Project “Sasem” for help FMECA. The third and last paragraph presents the conclusions and future directions of the study.

Key Terms in this Chapter

Learning by Conceptual Classification: From a series of individual descriptions of objects, the goal is to build groupings into conceptual classes organized (for example in a hierarchical structure) and characterized in such a way as to satisfy a fixed quality criterion. The objective is not only to increase the precision of the classification (by increasing the intra-class similarity and by reducing the inter-class similarity), but also to guarantee the evolutionary character of the classification (the grouping by classes must be able to be reconfigured dynamically).

Knowledge-Based System (KBS): SBCs or expert systems have emerged as intelligent tools capable of reproducing certain intellectual tasks usually performed by human experts. The ability to exploit and especially to perpetuate the experience of the latter gives the SBCs information and decision-making power with a view to guiding non-specialist human operators. Usually, a KBS is presented as the association of a Knowledge Base, an inference engine and a Human-Machine interface.

Machine Learning (ML): Learning is a very broad term that describes the process by which humans or machines can increase their knowledge. Machine learning relies on the application of inductive, deductive, abductive, or analogous techniques. To learn is to reason, to discover analogies and similarities, to generalize or particularize an experience, to take advantage of past failures and errors for subsequent reasoning. New learning is used to solve new problems, accomplish a new task, or increase performance in accomplishing an existing task, explain a situation or predict behaviour. ML facilitates the transfer of knowledge, in particular from experimental examples. It contributes to the development of knowledge bases of Knowledge Base Systems while reducing the intervention of the knowledge engineer (cognitician). In our approach, the learning exploits the historical database (accident or incident scenarios) to generate new knowledge that can help certification experts to assess the degree of safety of a new transport system.

Quantified Safety Objectives: Safety is the ability of an entity to avoid the occurrence of critical or catastrophic events. The opposite ability will be referred to as “insecurity”. Three approaches are generally distinguished to define quantified security objectives: 1) Setting an objective from the statistical observation: we start from a statistical observation of accidents for a given activity and we want to do better in the future. The application of new technologies in the transport sector should not lead to a worse safety situation than that observed in existing systems; 2) Setting an objective based on economic reasoning: we compare the risk incurred and the benefit to the individual or the community; 3) Setting an objective based on considerations of acceptable individual and collective risks: the study of individual and collective risks incurred in society makes it possible to locate levels of acceptability of the risk. In summary, the principle of this regulation by quantified safety objectives is based on the definition, from accident statistics, of quantified objectives in terms of accident rates allocated a priori to the new transport system, by requiring a level of security at least similar to that of reference systems.

Risk Level: Since safety is generally defined as “the absence of any unacceptable level of risk”, it is therefore important to determine the “Level of Risk”. The latter requires two dimensions: 1) the Level of Probability of Occurrence of the potential accident and 2) the Level of Severity of the Damage caused by this accident. In practice, to assess safety and therefore the level of risk, the “Occurrence / Severity” Matrix is generally used, which jointly takes into account the two previous levels (Probability and Severity). Standard EN 50126 identifies 4 levels of risk: 1) Intolerable risks (must be eliminated), 2) Undesirable risks (cannot be accepted), 3) Tolerable risks (acceptable and with appropriate precautions) and 4) Negligible risks (acceptable, with the agreement of the safety manager).

Knowledge Base (KB): It has specific knowledge of a field of application (know-how and methods of reasoning of the expert). It is commonly organized around the following two entities: 1) a “fact base” representing the information that describes situations established by the user or deduced by the inference engine and 2) a “rule base” that constitutes the know-how on the domain and therefore indicates the actions to be taken when faced with a specific situation.

Accident Scenario: An accident scenario describes a combination of circumstances which can lead to an undesirable or even dangerous situation. It is characterized by a context and a set of events and parameters. An accident scenario is an adequate and orderly succession of events that may be the source of a potential accident risk (collision, derailment, electrocution, etc.). Each risk of accident likely to endanger the safety of travellers or to impair the ability of the system to perform the required safety functions is translated by safety experts into an accident scenario. The development of an accident scenario is based in particular on the history of transport systems already certified.

Hierarchies of Concepts: In conceptual classification learning, the knowledge learned is generally hierarchies of concepts. These are taxonomic descriptions that share an object class into subclasses.

Failure Modes, Effects, and Criticality Analysis (FMECA): For each failure mode of system components, the FMECA approach makes it possible to perform a complete” inductive “analysis in order to determine the causes, effects and criticalities on the system. The criticality of a failure mode is assessed using the “probability-severity” pair. The conclusions and recommendations for each failure mode identified are generally presented in a table.

Certification: Certification is the recognition by an official technical service or body that a function, equipment, or system obeys national, European or international regulations. This involves evaluating the system's compliance with the applicable requirements which are generally specified in a “regulatory framework” which includes a set of legislative and regulatory texts as well as certain recognized recommendations. In the area of railway safety, certification is essentially based on the assessment and analysis of accident risks due to insufficient protective equipment in a particular event configuration combined with a given geographic configuration.

Incident Functions (IF): These functions are linked to the operation of the system and which are likely to favor the impact of a scenario affecting the security of the system. These functions can act as a trigger (catalyst). In our context, several incidental functions have been distinguished: Traffic regulation, Route management, Transmission, Operating instructions.

Risk (R): Is defined as the measure of a danger combining a measure of the occurrence of an undesirable event and a measure of its effects or consequences. It is characterized by the couple “probability” of occurrence of the potential accident and the “severity” of the damage and consequences “. The risk is expressed, for example, in monetary unit per unit of time, in number of deaths per unit of time or in probability of death per unit of time. In our context, we use the term “risk” to denote a circumstance which can lead to bodily harm. In the field of rail transport safety, several potential risks have been identified such as collision, derailment, electrocution.

Learning Concepts: From a base of learning examples that describes a given area of expertise, detecting the common properties of the examples (finding similarities) constitutes concept learning. This involves developing a general description (or characterization) of a concept from multiple descriptions of examples.

Preliminary Hazard Analysis (PHA): The objectives of the PHA method are to identify potential accidents in a system, their possible causes and to assess the severity of the consequences. This analysis leads to the definition of all the means, all the preventive and corrective actions aimed at reducing, controlling and / or eliminating dangerous situations or the potential risks of accidents.

Learning of Rules and Learning by Detection of Empirical Regularities: From a set of examples (and possibly counter-examples) describing a class of problems C, the learning system induces (by research of empirical regularities) a characterization G common to the examples which excludes each of the counter-examples. Once this characterization G has been found, we can generate the rule: If G Then C. Most of the learning systems currently developed focus on producing knowledge in the form of rules that can be used by a KBS. These are “condition-action” pairs (C ® A) where C is a set of conditions and A is a sequence of actions.

Hazard (H): A hazard is a situation prior to the occurrence of a potential accident which could harm humans, society, or the environment. The hazard can result from the equipment of the system, its environment, procedures, human and organizational factors, interactions between humans, the system and / or the environment.

Intuitive Reasoning: One of the crucial problems of certification lies in the simulation of intuitive reasoning derived from the common sense of certification experts when imagining new accident scenarios. This intuitive reasoning which, the result of accumulated experience, is difficult to justify. Indeed, the expert may have the feeling that a breakdown or failure risks jeopardizing the safety of the system or of passengers, without being able to justify his reasoning and clearly describe the course of the events leading to the state of insecurity.

Method of Combining Summarized Failures (MCSF): A purely “inductive” method, the MCSF first examines the effects of component failure modes and then studies the combinations of these failure modes in order to generate failures corresponding to abnormal operations or to adverse events. It seeks to identify only the combinations that are significant from a safety point of view and is presented as an extension of the FMECA method. The use of the SCFM method requires the implementation of 4 steps: 1) decomposition of the system and development of an FMECA; 2) Elaboration of Internal Summary Failures (ISF); 3) Elaboration of External Summary Failures (ESF); 4) Elaboration of Global Summary failures (GSF).

Decision Trees: A decision tree is made up of nodes corresponding to the attributes of the selected objects and of branches characterizing the alternative values of these attributes. The leaves of the tree represent the sets of objects of the same class. The construction of decision trees is a top-down generalization approach. The QUINLAN method (ID3 algorithms) consists of successively testing each attribute to know which one to use first so as to optimize the information gain, that is, the attribute which best allows to distinguish the examples of different classes.

Summary Failures (SF): A SF is a generic failure resulting from the grouping of a set of benign elementary failures having the same consequence on the behaviour of the system. Indeed, it is observed for a given failure mode or for several combined with one another, that the effects or the consequences on the system or systems considered are identical. These failure modes, called simple failures, are then grouped together into sets of more dangerous failures called “Summary Failures”.

Incrementality: A learning system is said to be incremental if it is endowed with the ability to change the knowledge learned during a previous cycle, without having to reprocess all of the examples collected each time. For a learning process to be continuous, most of the information contained in the examples must be retained so that the learning continues with the new examples, without having to go back to the example initials.

Potential Accident (PA): Is an accident or a near miss (incident). Unlike the incident, the accident causes damage to the system, people and / or the environment.

Classes of Objects: The exhaustive enumeration of examples constituting a class of objects determined by the expert in the field is qualified in machine learning as an “extension” or “extended” description of the class.

Fault Tree Analysis (FTA): The FTA method is also known as the Cause Tree. It is the most widely used method for analyzing the reliability, availability and safety of systems. The cause tree represents graphically (by logical AND and OR operators) the combinations of events that lead to the occurrence of a single adverse event; the latter constitutes the “first” event of the tree of causes and is determined by a Preliminary Hazard Analysis (PHA). This “deductive” process is continued until elementary events are obtained, independent of each other and of which the probability of occurrence is known.

Artificial Intelligence (AI): AI has set itself the goal of studying and simulating human intellectual activities. It strives to create machines capable of “intelligent” behavior and has the ambitious vocation of providing the computer with some of the faculties of the human mind: learning, recognizing, reasoning, etc. The ability to understand natural language and to reason is the keystone of intelligence.

Hazard-Related Functions (HRF): These are protection and defence functions intended to make the risk null or acceptable for the user.

Intrinsic Safety: A system is said to be intrinsically safe if it is ensured that any failure of one or more components can only cause it to go into a less permissive situation than the situation in which it finds itself at the time of the failure, the least permissive situation being the complete shutdown.

Deductive Reasoning: Deduction proceeds from a rule and a fact to obtain a result: from A and A ® B, we “deduce” B. Example: “Socrates is a man, men are mortal, therefore Socrates is mortal “. Deduction is reasoning from causes to effects.

Inference Engine (IE): This reasoning mechanism uses the data contained in the knowledge base (KB) in order to develop the solution of the problems posed. It implements “deductive” (forward chaining operation) or “inductive” (backward chaining operation) mechanisms. The objective is to solve a problem described by the data contained in the fact base, by selecting and triggering the rules contained in the rule base.

Abductive Reasoning: Abduction leads to the fact by starting from the rule and a result: from B and A implies B, we “abduct” A. Example: “Socrates is mortal, cats are mortal, therefore Socrates is a cat”. Abduction is reasoning from effects to probable causes.

Learning Examples: The learning examples constitute the experimental set on which the process will operate to generate new knowledge, concepts, characterizations, or rules. To arrive at consistent rules, the set of examples must be sufficiently representative of the field of application. An example is qualified as “positive” if it belongs to an object class or “negative” if it does not belong to this class and is in fact a counterexample. The examples may be subject to prior classification by the expert. In the absence of classification, they are called “observations”.

Safety: The European standard CENELEC 50129 defines safety as “the absence of any unacceptable level of risk”. The probability of occurrence of a potential accident as well as the severity of the damage caused by this potential accident are the two components that identify the notion of risk. Therefore, to define the level of probability of a potential accident, the CENELEC 50126 standard proposes a set of categories, each of which is associated with a frequency range. Given the difficulty of estimating these frequencies, this quantitative / qualitative association is favorable. Likewise, the CENELEC 50126 standard defines the level of severity by associating the quantifications with the consequences generated by the potential accident. Indeed, the level of risk acceptability is identified and assessed using the “Occurrence / Severity” Matrix.

Empirical Reasoning: The reasoning involved in the certification process can be qualified as empirical. It is based, in fact, on the lived experience of concrete situations of insecurity encountered by transport systems already certified or approved.

Complete Chapter List

Search this Book: