A New Accident Analysis Method Based on Complex Network and Cascading Failure

Luo, Ziyan; Li, Keping; Ma, Xin; Zhou, Jin

doi:https://doi.org/10.1155/2013/437428

Discrete Dynamics in Nature and Society

On this page

Abstract Introduction Conclusions Acknowledgments References Copyright Related Articles

Research Article | Open Access

Volume 2013 | Article ID 437428 | https://doi.org/10.1155/2013/437428

A New Accident Analysis Method Based on Complex Network and Cascading Failure

Ziyan Luo,¹Keping Li,¹Xin Ma,¹and Jin Zhou¹

Academic Editor: Xiaohua Ding

Received07 Jun 2013

Accepted08 Oct 2013

Published15 Dec 2013

Abstract

A new accident causation model is proposed for accident analysis based on the complex network theory. By employing the cascading failure scheme, a new accident investigation method is performed on the associated new model, by which we can reveal key causation factors and key causation factor chains that lead to the final accident. The efficiency of a network is introduced for evaluating the severity of the damage of the whole network and hence the severity of the accident if it happens. All these can provide the government or associations with recommendations for accident prediction and prevention.

1. Introduction

Accident causation models are tools to describe scenarios for accident occurrences, explain possible causation mechanisms of accidents, provide conceptual or theoretical basis for accident investigation methods, and hence give evidence to formulate specific recommendations for accident prevention. As a fundamental but essential task of accident analysis, the modelling of accident causation mechanisms has concentrated great interests of researchers and engineers in many fields, especially in those high-risk industries such as aviation, nuclear plants, and railway system. As Svenson [1] has stated that “an accident can be explained in different ways depending on the accident analysis model that is used,” different models focus of different aspects on the accident occurrences and provide different recommendations for improving measurements.

To get a clear understanding of the accidents, a number of different accident causation models have been proposed, which can be roughly divided into three major groups according to Hollnagel’s classification [2]. The first group, also the earliest one, is termed as the “sequential accident model” [3], with the well-known Domino theory [4] as a typical example. In this group of models, accidents are regarded as a one-dimensional sequence of events that happened in a specific order. The second group is called the “epidemiological accident model” [5], in which accidents are regarded as analog to the spreading of epidemiological diseases, with the Swiss Cheese model [6, 7] as a major contribution to this group. The third group, also known as the most modern one, is the “systemic accident model” (e.g., see [8–11]), in which accident processes are described as a complex and interconnected network of events rather than a simple cause-effect chain of events as in the first two groups. Rasmussen’s [11] risk management model and Leveson’s [10] STAMP (Systems-Theoretic Accident Model and Processes) model are two notable examples in the third group which endeavored to model the dynamics of complex sociotechnical systems of accidents.

Accident causation models can provide theoretical basis or conceptualization for accident investigation methods. With the development of accident causation models, a number of methods for accident investigation have emerged and evolved. Examples include the widely used fault tree analysis [3], management oversight and risk tree [12], multilinear events sequencing [13], systematic cause analysis technique [14], causal tree method [15], occupational accident research unit [16], TRIPOD [17], accident evolution and barrier function [18], integrated safety investigation methodology [19], work accidents investigation technique [20], control change cause analysis [21], Accimap [22], HFACS [23], CREAM [8], FRAM [9], and STAMP [10], to just name a few. The detailed alignments for the previous methods and causation models are well discussed [24, 25].

With the rapid development in technology and automation, the underlying sociotechnical systems are becoming more and more complex and of high risk. This motivates us to tailor more powerful accident causation models to capture the complexity of the highly technological systems from a broad systemic view for understanding characteristics of accidents.

Mentioning that causation factors and their relationships for accidents are always complex in terms of uncertainty, randomness, abstractness, fuzziness, and other properties, it would be a nice try to employ the complex network theory [26–28] to reveal the involved complexity in accidents causation analysis. The primary purpose of this paper is to construct an accident causation network for causality analysis based on the complex theory. With the influence or relation between accident causation models and accident investigation methods as mentioned above, we apply the cascading failure scheme to characterize the process of the accident occurrence performed on the proposed model as an investigation approach. Together with the help of the network efficiency of the underlying accident causation network, we can evaluate the injury severity of the whole system with unexpected disturbances from technical, human, social, organizational, and environmental aspects of the whole system.

This paper is organized as follows. Some selected fundamental concepts in complex network are recalled in Section 2. The new accident causation network model is constructed in Section 3, and the cascading failure scheme is applied to characterize the evolution of the proposed causation network in Section 4. Simulation based on our proposed accident causation analysis method is described in Section 5. Conclusions are drawn in Section 6.

2. Basic Concepts in Complex Network

The complex network is a graph with complex topological features that may not occur in simple networks such as lattices or random graphs but often occur in real graphs. The study of complex networks has attracted great interest inspired largely by the empirical study of real-world networks such as computer networks and social networks. In mathematical terms, a network is represented by a graph. A graph is a pair of sets , where is a set of nodes (or vertices) and is a set of edges (or links) that connect two elements of . Graphs are usually represented as a set of dots, each corresponding to a node, two of these dots being joined by a line if the corresponding nodes are connected. Usually, we use to denote the set of all nodes in that are connected to node . A path in a graph is a sequence of edges which connect a sequence of vertices. The shortest path length of two nodes is defined as the smallest number of edges that connect these two nodes.

Figure 1 shows an illustration of a graph with nodes and 6 edges. With the complexity of real networks, the edge sets are sometimes not determined, which means there are some pairs of nodes with a random or uncertain link, such as the random network shown in Figure 2 with probability for every pair of nodes being connected [29]. To distinguish the adjacent nodes with deterministic connections and those with probability less than 1, we use to denote the set of all nodes in that are connected to node with probability less than 1.

3. Accident Causation Network

Causation factors and their relationships for sociotechnical system accidents are always complex with uncertainty, randomness, abstractness, fuzziness, and other properties. For example, the relation between two causation factors might be related under some special circumstances which can be regarded as a dash-line edge between them in the network with some associated conditional probability. This might be a clue for us to employ the complex network to characterize this complex system. We call this model the accident causation network, which can be viewed as an undetermined graph consisting of nodes connected by edges with the nodes and edges representing those causation factors and their possible causal or relevant relationships, respectively.

In order to get a relatively comprehensive and complete extraction of causation factors and their relationships to construct this railway accident causation network, we can employ some classification approach for specific accidents. We take the 7.23 China Yongwen railway accident as an example to illustrate the proposed accident causation network. By utilizing Rasmussen’s hierarchical sociotechnical framework [11], causation factors of the 7.23 China Yongwen railway accident are distributed into the following six hierarchies: the ministry of railways, the Railway Bureau, train control center, train dispatcher, train drivers, and driving environment including line environment and the natural environment, as presented in Table 1.

Evidently, the above classification approach covers causation factors with respect to human, equipment, environment, and organizational management, which form a complex system. Figure 3 shows the causation network of Yongwen railway accident which happened in July 23, 2011, in China.

4. The Accident Cascading Failure Process

From the systemic theory perspective, any accident can be regarded as a result of a series of unsatisfied constraints or factors which are out of control. These failures or incidents can be spread and might eventually lead to an accident. In this regard, the failure cascading scheme might be applicable to characterize the evolution process on our proposed accident causation network. With some unexpected disturbances in the system, this network will be evolved to a determined network or graph, which might lead to an accident.

The cascading scheme for accident analysis based on the proposed accident causation network is elaborated as follows. Let be the graph of the underlying accident causation network at time , , and is the number of nodes (i.e., the number of possible causation factors) of the network. For any , is the load of node at time and is the tolerance of node . For any distinct and , denotes the efficiency between nodes and at time with . When the load of node exceeds its capacity, that is, , that is, the constraint at this node fails to hold, then the associated efficiency between node and any other node will be reduced. Assume that it evolves in the following simple manner:

Define the efficiency of the whole network at time as

It is trivial that if any failure or incident happens in some nodes, this efficiency will be reduced. Therefore, this quantity can, to some extent, indicate how badly the underlying accident causation network is damaged at any time . Moreover, it could provide an index for defining the severity level of the accident if it finally happens. There are some basic assumptions involved.

Assumption 1. Let node be defined as the accident indicator with the meaning that the accident happens at time if . The evolution stops once the accident happens.

Assumption 2. Each node has its shortest path length to node as its capacity, and the load evolves in the following manner with equal spreading loads: with being the set of all adjacent nodes which are connected to node with dashed line at time .

Assumption 3. Each node with will have solid lines to its adjacent nodes after time .

See Figure 4 as a simple illustration for the evolution of an accident causation network.

From the previous assumptions, we can find that if node is out of control at time , that is, , then it will affect all its adjacent nodes at time since the corresponding conditional probabilities increase. These growing loads will add the burden of its adjacent nodes and might lead to cascading failures or even accident in the future. For example, in Figure 4, if node 9 is the accident indicator, then the accident happens at time with an original attack on node 2.

Assumption 1 provides a direct way to predict an accident by calculating the load . In this case, we can analyze key causation factors for accidents by testing each failure node in terms of the occurrence of accidents. Specifically, if only node fails at the beginning and it leads to the failure of node according to the above revolution rules, then it is reasonable to say it is a key causation factor for the final accident. Those paths formed by failure nodes to the accident node during the whole cascading process are called the key causation chains. In Figure 4, node 2 is a key causation factor and the corresponding key causation chains are 2—1—3—8—9 2—5—9Denote be the matrix with all entries 1 and be the matrix with its th and th entries 1 and 0 elsewhere. For any and any time , define

By direct calculation, we can obtain the evolution formulas for the efficiency of the network at each time period as follows: where is the sign function, is the trace operator of matrix, is defined as in (4), and is the identity matrix. This could provide a way to quantify the accident severity level in terms of the corresponding efficiency matrix which can be calculated as in (5).

5. A Case Study

The “7.23” Yongwen railway accident is chosen as a case study here to test the efficiency of our proposed accident causation model-method. Based on its accident causation network as constructed in Figure 3, we perform our cascading evolution process as follows.

Step 1. The capacity or tolerance of node is chosen as the shortest path length of node to node E14 (the accident indicator) for simplicity, which is shown in Table 2 by direct calculation. This assumption is reasonable since the further the factor away from the accident indicator, the less impact (or more robust) of leading to the accident.

Step 2. The initial load for each node is chosen as ; that is, for each . It is realistic to choose a normal and safe state as a start.

Step 3. Disturbances

Case I (4 times of the capacity). (1) Take the hub node as the first attacking point with the attacking load 8 (4 times of its capacity) at time . The evolution process is performed as follows.

. Attacking the hub node with a load 8:

. Changing all dashed lines connected to to solid: Changing all dashed lines connected to , , and to solid:

The evolution stops at time by Assumption 1 since the accident happens. By (3), the efficiency of the whole network turns out to be . The load distributions of each vertex in the whole process are illustrated below. For simplicity, nodes A1 to F15 are renumbered as 1 to 59 in Figure 5 and similarly in Figures 6, 7, and 8.

(2) Take the natural environment node F7 as another attacking point with the load 40, which is also 4 times of its capacity.

. Attacking node with a load 16: . Changing all dashed lines connected to to solid: . Changing all dashed lines connected to , , , , to solid: . Changing all dashed lines connected to , to solid: . Changing all dashed lines connected to , , , and to solid: The evolution stops at time by Assumption 1 and the efficiency of the whole network turns out to . The load distributions of all vertices in the whole process are illustrated in Figure 6.

Case II (10 times of the capacity). (3) Take the hub node F14 as the attacking point as a load 20 (10 times of its capacity) at time , which largely exceeds its capacity. Similar to case I, the evolution process can be described in Figure 7. The load distributions of each vertex in the whole process are illustrated in Figure 7.

We can also get (accident happens) and the efficiency of the whole network .

(4) Take the natural environment node F7 as another attacking point with the load 40, which is also 10 times of its capacity. Similarly, we can obtain the following load distributions of the whole evolution process.

By direct calculation, we have (accident happens) with the efficiency .

From the analysis for case I, it indicates that F14 is a key causation factor to the accident with respect to a 4 times capacity attack, with the efficiency loss 0.07, while for the same severity of attack on F7, the accident indicator will not get a heavy load larger than its capacity, which means that the accident will not happen. This tells us that, with a 4 times attacking load, node F7 could not be a key causation factor for the occurrence of the accident. This is reasonable since the thunder strike (F7) might be a trigger and may play a role in the 7.23 Yongwen accident but is not essential, while the equipments’ failure (F14) is the key causation factor. However, with the analysis of case II, it is also worth mentioning that, with bad natural disasters, such as hurricanes or earthquakes, which result in a super heavy attacking load, the environment factor would turn to a key causation factor as well. Meanwhile, from the comparison of cases I and II, it is easy to see that the heavier the attack is, the larger the efficiency loss is, and hence the higher severity the accident is. On the other hand, as we can find in cases (1), (3), and (4), the involved key causation chains contain E8, E12, and E13 which are all related to the control flaws of the train operation system. This tells us that more attention should be paid to the control flaws to prevent or encumber the spreading of cascading failure which is essential to the accident occurrence.

It is known that nodes with large degrees play an important role in the cascading failure for a network. Thus, those nodes with largest degrees in each level are chosen, and their critical loads to lead an accident by means of the proposed cascading failure scheme are calculated. To characterize their sensitivities and also for the sake of comparison, the ratio of the critical load to the capacity of each of them is illustrated in Figure 9.

As we can see in Figure 9, E6 and F14 possess small ratios, which means that they are quite sensitive for the accident occurrence with a small attacking intensity. Thus, it is important to prevent failures made by the related staff and also the control equipment. In contrast, A1 and C5 have relatively large ratios. This tells us that the culture of seeking quick success and benefits in the ministry of railways and the unwise decision on update of the LKD2-T1 are not that sensitive, but they do have effect on the accident. With any attacking intensity larger than their corresponding ratios, it will lead to an accident in the cascading failure process. Thus, it is urgent to build a healthy, safe, and sustainable culture for the railway development in China, and the design of the equipment must enforce the safety constraints in face of an environment disturbance or other factors’ failure.

6. Conclusions

In this paper, we have introduced an accident causation network model based on the complex network theory. By utilizing the cascading failure scheme, the evolution process of the proposed causation network has been described and key causations of accidents have been explored and analyzed. Based on some reasonable assumptions, the sensitivities of some important key causation factors for accident occurrence are characterized and compared. The severity of the accident has been characterized via the network efficiency of the evolved network quantitatively as well. It is worth pointing out that the accuracy of the method can be greatly improved by a relatively comprehensive and complete extraction of causation factors and their relationships for the causation network construction and by the expert knowledge and reliable statistical results for the cascading failure process. Approaches to improve the accuracy desire further investigation which is our future research topic.

Research Highlights

(i)We propose a new network model for accident causation analysis.(ii)We regard the accident occurrence as a cascading failure.(iii)We reveal key causation factors and key causation chains.(iv)We design a way for accident severity evaluation.

Acknowledgments

This work was supported by Research Foundations of State Key Laboratory of Rail Traffic Control and Safety (no. RCS2012ZQ001 and no. RCS2012ZZ001), Beijing Jiaotong University, and the National High Technology Research and Development Program of China (no. 2011AA110502).

References

O. Svenson, “On models of incidents and accidents,” in Proceedings of the 7th European Conference on Cognitive Science Approaches to Process Control, pp. 169–174, Villeneuve d’Ascq, France, September 1999.
View at: Google Scholar
E. Hollnagel, “Understanding accidents-from root causes to performance variability,” in Proceedings of the 7th Conference on Human Factors Meeting, pp. 1–6, Scottsdale, Ariz, USA, September 2002.
View at: Google Scholar
T. S. Ferry, Ed., Modern Accident Investigation and Analysis, John Wiley & Sons, New York, NY, USA, 1988.
W. H. Heinrich, Ed., Industrial Accident Prevention, McGraw-Hill, New York, NY, USA, 1941.
E. Hollnagel, Ed., Barriers and Accident Prevention, Ashgate, Hampshire, UK, 2001.
J. Reason, Ed., Human Error, University Press, Cambridge, UK, 1990.
J. Reason, Ed., Managing the Risks of Organisational Accidents, Ashgate, Aldershot, UK, 1997.
E. Hollnagel, Ed., Cognitive Reliability and Error Analysis Method: CREAM, Elsevier, San Diego, Calif, USA, 1998.
E. Hollnagel, Barriers and Accident Prevention, Ashgate, Hampshire, UK, 2004.
N. G. Leveson, “A new accident model for engineering safer systems,” Safety Science, vol. 42, no. 4, pp. 237–270, 2004.
View at: Publisher Site | Google Scholar
J. Rasmussen, “Risk management in a dynamic society: a modelling problem,” Safety Science, vol. 27, no. 2-3, pp. 183–213, 1997.
View at: Publisher Site | Google Scholar
W. G. Johnson, Ed., MORT Safety Assurance Systems, Marcel Dekker, New York, NY, USA, 1980.
L. Benner Jr., “Accident investigations: multilinear events sequencing methods,” Journal of Safety Research, vol. 7, no. 2, pp. 67–73, 1975.
View at: Google Scholar
U. Kjellén and J. Hovden, “Reducing risks by deviation control—a retrospection into a research strategy,” Safety Science, vol. 16, no. 3-4, pp. 417–438, 1993.
View at: Publisher Site | Google Scholar
J. Leplat, “Accident analyses and work analyses,” Journal of Occupational Accidents, vol. 1, no. 4, pp. 331–340, 1978.
View at: Google Scholar
U. Kjellén and T. J. Larsson, “Investigating accidents and reducing risks—a dynamic approach,” Journal of Occupational Accidents, vol. 3, no. 2, pp. 129–140, 1981.
View at: Publisher Site | Google Scholar
W. A. Wagenaar, J. Groeneweg, P. T. W. Hudson, and J. T. Reason, “Promoting safety in the oil industry,” Ergonomics, vol. 37, no. 12, pp. 1999–2013, 1994.
View at: Google Scholar
O. Svenson, “Accident Analysis and Barrier Function (AEB) Method: Manualfor Incident Analysis,” SKI Project 97176, Stockholm University, 2000, http://www.irisk.se/ref.htm.
View at: Google Scholar
M. Ayeko, “Integrated safety investigation method (ISIM)—investigating for risk mitigation,” in Proceedings of the Workshop on Investigation and Reporting of Incidents and Accidents, pp. 115–126, Glasgow, UK, July 2002.
View at: Google Scholar
C. Jacinto and E. Aspinwall, “Work accidents investigation technique (WAIT)—part I,” Safety Science Monitor, vol. 7, no. 1, article IV-2, 2003.
View at: Google Scholar
J. Kingston, “3CA-Investigato's Manual, NRI-3,” 2007, http://www.nri.eu.com/NRI3.pdf.
View at: Google Scholar
J. Clarkson, A. Hopkins, and K. Taylor, “Report of the board of inquiry into F-111 (Fuel tank) deseal/reseal and spray seal programs,” vol. I, Canberra, ACT, Royal Australian Air Force.
View at: Google Scholar
D. A. Wiegmann and S. A. Shappell, A Human Error Approach to Aviation Accident Analysis: The Human Factors Analysis and Classification System, Ashgate, Hampshire, UK, 2003.
Z. H. Qureshi, A Review of Accident Modeling Approaches for Complex Social-Technical Systems, Australian Computer Science, Sydney, Australia, 2007.
P. Katsakiori, G. Sakellaropoulos, and E. Manatakis, “Towards an evaluation of accident investigation methods in terms of their alignment with accident causation models,” Safety Science, vol. 47, no. 7, pp. 1007–1015, 2009.
View at: Publisher Site | Google Scholar
D. J. Watts and S. H. Strogatz, “Collective dynamics of “small-world” networks,” Nature, vol. 393, no. 6684, pp. 440–442, 1998.
View at: Google Scholar
A.-L. Barabási and R. Albert, “Emergence of scaling in random networks,” Science, vol. 286, no. 5439, pp. 509–512, 1999.
View at: Publisher Site | Google Scholar | Zentralblatt MATH | MathSciNet
S. H. Strogatz, “Exploring complex networks,” Nature, vol. 410, no. 6825, pp. 268–276, 2001.
View at: Publisher Site | Google Scholar
R. Albert and A.-L. Barabási, “Statistical mechanics of complex networks,” Reviews of Modern Physics, vol. 74, no. 1, pp. 47–97, 2002.
View at: Publisher Site | Google Scholar | Zentralblatt MATH | MathSciNet
“The state investigation team of the China-Yongwen railway accident,” The investigation report on the “7. 23” Yongwen line major railway accident, 2011 (Chinese).
View at: Google Scholar

Copyright

Copyright © 2013 Ziyan Luo et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

PDF Download Citation

Download other formats

Order printed copies

Views

2077

Downloads

1554

Citations