Risk Assessment in the Design of Railroad Control Command and Signaling Devices Using Fuzzy Sets

: Risk assessment in the design of control command and signaling devices (CCS) is one of the elements required by law. These analyses should be carried out at many stages of investment with the participation of various teams. This article presents a risk analysis method based on fuzzy sets, which can support and increase the safety of investment processes involving the railroad traﬃc control industry. The article analyz es hazards identiﬁed in CCS design. These risks were identiﬁed using a survey method based on a set of questions prepared by the authors and by conducting interviews among experts from design oﬃces. As part of the sur vey, responses were obtained from 28 respondents who are specialists in the railway traﬃc control industry. Workshop meetings were held in six diﬀerent design oﬃces and at manufactur ing plants of motion control systems. The iden-tiﬁed risks were analy z ed using the FMEA ( failure mode and e ﬀect analysis) method and the fuzzy set method, as well as various methods of fuzziﬁcation and defuzziﬁcation. The results of all of the methods were compared with each other. The best solution from the analyzed ones was proposed.


Introduction
The proper functioning of the economy requires an efficient and safe transport system, in which rail transport plays an important role.In this context, the fact that many investments in rail infrastructure are currently being made in Poland should be evaluated very positively [1].However, these are difficult investments for both technical and formal reasons.In technical terms, they cover three large areas often implemented, to some extent, independently: − Railroad (tracks and sub-tracks) together with engineering structures (e.g., bridges, embankments, crossings); − Traction power supply (catenary power systems and catenary networks); − Traffic control systems (including signal boxes and traffic control systems), operational communications systems, and supporting teletechnical systems.
The above areas, in accordance with European requirements [2], are defined as structural subsystems that form the infrastructural part of the railway system [3].In the formal dimension, the investments in question are carried out simultaneously in accordance with the rigors of the construction law and in accordance with the requirements of the Railway Transport Act [4], as a result of which their completion requires obtaining both construction permits for use and railway permits for commissioning.Railway investments are complex and multi-stage.he investment process requires meeting many requirements in accordance with national and European law in order to achieve the required level of traffic safety.Therefore, investment processes involve various risks.
Each investment has its own multiple technical and operational conditions that should be taken into account at the earliest possible stage of implementation.Therefore, it is not possible to develop one universal rail traffic control system defined in detail at the application level.Each implementation is, in many respects, "tailor-made" for a specific single location.For this reason, it should be considered appropriate to develop a solution or solutions based on risk management in investments introducing changes to rail traffic control systems.
The railway system consists, among other things, of various structural subsystems.These subsystems are usually covered by investment processes, and one of the most serious challenges in the implementation of railway investments is railway traffic control systems (control command and signaling subsystem).They must be compatible with track systems but also adapted to future operational needs from the point of view of the possibility of simultaneous implementation of different train routes.They must be protected against interference, including interference from traction currents.They require their own power supply and significantly affect teletechnical installations, for example, due to numerous cable collisions [1].
For these reasons, the preparation and implementation of investment works in the field of railway traffic control are the domain of a few specialized business entities.Such entities, in many cases, have to cooperate with construction contractors with limited knowledge in the field of rail traffic control and sometimes even specialists coming from the road or even the development market, as well as companies building teletechnical installations that have never dealt with rail transport before.At the same time, the increase in the number of investments requires building new teams directly dealing with rail traffic control systems.In order to ensure significant support for existing and new teams designing and implementing rail traffic control systems, solutions supporting the introduction of changes in rail traffic control as part of investments should be developed.
For several years, due to the requirements of European law, it has been required to apply risk analysis [5] to changes in the railway system.It is assumed that this should increase the awareness of the participants in the investment process and thus reduce the level of risk.The conducted processes are limited, however, to the safety of railway traffic, not taking into account other risks typical of investment processes.Despite the fact that a risk analysis is required, there is no information anywhere on which analysis methods to use to make the analysis accurate and cover the specificity of a given industry.There are a number of methods that can be used, like hazard and operability studies (HAZOP), Markov diagrams, reliability block diagrams, zonal analysis [6], common cause failure analysis [7], historical event analysis [8], cause-consequence diagrams [9], and event trees [10], and a few that are used more often, such as FMEA [7,11] analysis and fault tree analysis [8,12].Nevertheless, these analyses do not cover the specificity of the railway industry, especially when it comes to railway traffic control systems and devices [13].Therefore, in this article, the authors present the use of fuzzy sets in investment processes, introducing changes in the railway traffic control subsystem as a method that can increase the level of investment security and support the decision-making process.

Requirements Related to Risk Analysis in Investment Processes
Recently, more and more attention has been paid to risk and safety assessment [14][15][16].In rail transport, there are many documents that talk about the need to analyze and monitor risk; documents explaining the legal requirements, in particular, in terms of Regulation 402/2013 on the Common Risk Assessment Methodology [17][18][19]; and articles demonstrating the application of the FMEA method [20][21][22] or bowtie method [23] and showing the allocation of safety integrity levels [24,25].But these documents do not specify the procedure and do not define the methods that should be used to analyze a given risk.In investment processes, risk should also be analyzed at every stage of investment implementation.Currently, most people express reluctance to carry out a risk analysis [26], which is associated, among other things, with a lack of knowledge on how to conduct such an analysis.Additionally, this process is considered redundant and time-consuming.The condition for getting rid of risk aversion or achieving neutrality towards it is comprehensive knowledge of the types and methods of risk assessment, as well as the ability to apply these methods in investment processes.
According to the regulation [27], one of three methods can be chosen for risk estimation: codes of conduct, similar reference systems, or explicit risk estimation.For each investment, an appropriate risk analysis method should be selected that would best describe the existing risk.The choice of risk analysis method depends on many different factors characterizing the investor, as well as the specificity of the investment itself.Decisionmakers have an individual propensity to take risks and specific knowledge, skills, and experience, which affects the way in which risk is assessed and analyzed.The selection of an appropriate method is influenced, among others, by the availability of information, the scope of risk, the estimation of the level, and the probability of events.Added to this are the conditions under which the investment decision was made, the awareness of the decision-maker about the level of labor, and the cost of the methods used.The most commonly used methods have been described and presented in [1], which also presents the author's method of risk analysis in investment processes involving rail traffic control systems.However, as part of the continuation of research, the method presented in the doctoral dissertation in Ref. [1] was supplemented by the use of fuzzy sets, which is presented in the following sections of this article.Fuzzy sets are used in the literature to present various research results.For example, in Ref. [28], the theory of fuzzy sets is used in supplier evaluation and selection, various models of fuzzy sets are used in supplier evaluation and selection, and the advantages and limitations of these models are discussed.The main thesis of Ref. [29] is to conduct a comprehensive review of risk assessment methods and techniques used in seaports.The article aims to identify the key factors and hazards that pose risks to seaport operations and to provide an overview of the different risk assessment methods that have been used to evaluate and manage these risks.Ref. [30] presents a review of the literature on fuzzy set theory and risk analysis using FMEA.
There are several articles in the search results that discuss the application of fuzzy sets theory in railway transport and provide a literature review on the topic.One relevant article is Ref. [31], which reviews previous literature on fuzzy set theory in the context of railway transport and proposes a fuzzy-based approach to solve the freight-routing problem.Another relevant article is Ref. [32], which discusses the use of fuzzy set theory in railway transport and provides a comprehensive review of the different applications of artificial intelligence in this field.There is also Ref. [33], which provides a literature review of the concept of resilience in railway transport and discusses the potential role of fuzzy set theory in achieving resilience.Ref. [34] discusses the use of fuzzy set theory in safety and reliability engineering and provides a review of the different applications of fuzzy sets in these areas.The article explains how fuzzy sets can be used to quantify uncertainty in safety and reliability analysis and highlights the advantages and limitations of using fuzzy sets in these fields.The application of fuzzy set theory in terms of risk and safety has also been presented in articles on civil engineering [35,36], multi-criteria analysis processes [37], the ERTMS railway system [38], and even land expropriation [39].

Analysis of Risks Occurring in Railway Investment Processes
In investment processes, risk analysis is an important element of the design, production, and operation of systems and subsystems.Provisions appearing in some standards for rail traffic control devices and systems, especially those related to safety, even impose on design teams and device manufacturers the obligation to carry out a risk analysis.
Data on the most common risks in investment processes involving the modernization of the rail traffic control subsystem were presented and analyzed in the dissertation in Ref. [1].The risks presented in Ref. [1] were determined on the basis of surveys and workshop meetings, and then they were analyzed and grouped depending on the area they concerned.Eight risk groups were identified in the following areas: Based on the data collected in Ref. [1], an original method of risk analysis was presented, which was mainly based on calculating the risk level for each risk factor.For this purpose, for each risk factor present in a given investment process, the following should be specified:

−
Urgency (PCR)-how quickly preventive actions should be implemented to mitigate the risk.There are four levels of urgency: urgent, imperative, mandatory, and recommended.− Greatness (WCR)-the degree of damage, i.e., how serious the consequences of a given threat can be.Four levels were defined: critical, high, medium, and low.− Difficulty (TCR)-the degree of difficulty of introducing measures to eliminate a given threat.Four levels of difficulty were defined: impossible, difficult, medium, and easy.For each risk factor, the risk (RCR) can be calculated by multiplying the urgency (PCR), the weighting of the magnitude of the risk's impact (WCR), and the difficulty (TCR): Urgency PCR can take the following values: Table 1 presents the urgency PCR categories and the numerical values assigned to them, which are defined for individual investments.The difficulty TCR can take the following values: The categories and numerical values for the difficulty indicator TCR are presented in Table 2 together with a description of the individual categories.3

Difficult
The introduction of leveling measures is very difficult, time-consuming, and costly.

Medium
The introduction of measures is difficult, but it can be done in a relatively short amount of time and does not require large financial outlays.

Easy
Implementing actions is easy to do right away.The implementation of activities does not require financial outlays.
The greatness WCR can take the following values: The greatness WCR categories are set out in Table 3, with the given numerical values and a description of each category.

A Greatness Rating (WCR) of the Degree of Damage The Value of the Greatness (WCR)
Category Name Description 4 Critical Project not completed, life lost.Huge financial loss.

High
The consequences can lead to serious damage to health and property damage.Significant delay in work.

Medium
The consequences can lead to damage to health and property damage, but they are not high.Slight work delay.
1 Low Minor effects that may lead to health and property damage are identified.No delays in the execution of work.
The risk RCR can take the following values: Based on the determined values of the urgency PCR, difficulty TCR, and greatness WCR, the investment risk value RCR is determined.Depending on the calculated RCR value, the risk category is determined, which is presented in Table 4. Security alerts are assigned to individual risk categories.The green alert was assigned to the Tolerated risk category, the orange one to Unacceptable and the red one to Critical.Determination of the individual values described above for each risk factor is based mainly on expert knowledge.When collecting expert opinions, there is a concern about the inaccuracy and ambiguity of each estimate.Therefore, it was decided to supplement the method described in Ref. [1] with the use of fuzzy logic in this article.

Application of Fuzzy Sets
Risk analysis is very difficult to implement in investment projects.It is not easy to see and adequately quantify risk factors in an increasingly volatile environment.Therefore, this article proposes the use of fuzzy sets.The great advantage of the fuzzy set theory is that it allows imprecise concepts to be described in mathematical language and manipulated and decisions to be made [38,40].An analysis of data collected on the basis of the results of surveys and workshop meetings, which are input data for the use of fuzzy sets, was carried out.The analysis was carried out in the Matlab R2022a environment as part of the toolbox shown in Figure 1.The fuzzy set X is defined by a membership function µ(xi), which associates each value within X with a real number from 0 to 1, denoting the degree of membership in X.The membership function must satisfy one condition: the membership degree for all fuzzy elements of the set should range from 0 to 1. Within this constraint, membership functions can take any form (triangular, sigmoid, stepwise, Gaussian, etc.) depending on the dataset and context.
Fuzzification, or blurring, is the determination of the degree of belonging of a value to a set.The specificity of the fuzzification process lies in the fact that it allows a measure of imprecision to be added for three factors, represented by the membership function.For each category, each factor can be assigned an inaccuracy defined in words such as "more than," "between," or "less than."This way, inaccuracy is incorporated into the process and allows for a better analysis of possible choices.The scoring and inference phases for a specific investment begin with a subjective assessment of each indicator.Instead of defining the risk categories and calculating the RCR by multiplying the PCR by the TCR and WCR, the proposed method transforms the language terms related to these aspects into fuzzy numbers using previously invoked Gaussian membership functions, trapezoidal membership functions, and triangular membership functions invoked in the MatLab Fuzzy Logic Toolbox, shown in Figures 2-4, respectively.
For each of the belonging functions (urgency, difficulty, and greatness), a set of real number values covering a range from 1 to 4 was proposed, similar to the traditional FMEA method.The difference is that the specific values could also take the form of fractions (adapted to respondents' answers).Various membership functions (Gaussian, trapezoidal, and triangular) were then applied, and the resulting values were compared with each other.Then, an expert system was built, which consisted of using the tool designed and presented in Ref. [1].Meetings were held again with the same experts, who are long-time designers and producers of railway traffic control systems.The experts were asked the same questions using a fuzzy rule base in which conditional tasks are a combination of linguistic terms and logical operators triggering subsequent, more detailed risk categories.A set of rules was created for combinations of PCR, TCR, and WCR values, whose product results were classified according to the breakdown in the classical method in Table 4.The authors thus transferred the risk valuation used in the classical method to the fuzzy method.
These two steps make up the inference phase.Defuzzification is the last block of the fuzzy control system.Its input is the resultant membership function.This is the result of the system operation presented in a fuzzy form.In order to be able to output it to the controlled object, it is converted into a specific numerical value (this process is called sharpening or defuzzification).The most popular methods of defuzzification are [41]: (1) First maximum method; (2) Last maximum method; (3) The method of the center of maximum; (4) Center of gravity method (centroid); (5) Height method.
Defuzzification is required to convert fuzzy numbers to single explicit results, which are FIS-RCR, a substitute for the previously computed RCR.
Figure 5 shows the stages of fuzzification of the input variables, the obtained estimated FIS-RCR value, and the modified risk category.The process begins with identifying the features that the analysis must cover.The function acts as the basis for the development of the method described in the dissertation in Ref. [1].The first five steps constitute the traditional risk analysis procedure using the technique described in point 3 of this article.Identification of component functions for urgency PCR, greatness WCR, and difficulty TCR is required as an input for the creation of appropriate membership functions [42].The process of applying fuzzy logic was shown at Figure 6.As a result of the work carried out, risks were identified and assessed for the previously defined risk areas.Risk assessment and valuation were carried out in two stages.In the first stage, the classical method was used, using rigidly assigned numerical values for sets PCR, TCR, and WCR and obtaining RCR as the product of their mean values.In the second step, the values of the PCR, TCR, and WCR, sets were assigned the attributes "greater than," "between," or "less than," thus obtaining FIS-PCR, FIS-TCR, and FIS-WCR, respectively.In the second stage, the fuzzy FIS-RCR set was obtained using the MatLab Fuzzy Logic Toolbox.The following methods were used for defuzzification:

•
Center of gravity-centroid; The selected results are presented in Table 5.The results obtained with different methods of defuzzification were compared with each other, as shown in Figure 7.As the method chosen for further consideration, the center of gravity-centroid method was adopted due to the fact that those results were the closest to the median of all of the solutions.Further analysis was performed using Shewart's control charts [43].The control chart is the most basic and the oldest tool for statistical process control.It is a graphical method of presenting and comparing information from a series of samples representing the current state of the process, with the limits resulting from taking into account its own variability.
The main purpose of the cards is to signal a deviation from statistical stability, which can occur for various reasons, regardless of whether they affect, in particular, the average value or the scatter in the process.
Median control charts were used, for which the upper control limit (UCLMe) was determined using the following relationship: The upper control limit is to determine the level of critical risk requiring immediate countermeasures.The upper control limit UCLMe determined for the results of the classical product method RCR was 20,645, whereas for the method using fuzzy sets the FIS-RCR was 25,043.The upper control limit obtained for the results, taking into account the use of fuzzy logic, coincides with the limit set for the critical risk category.In the case of the evaluation of the classical product method, the upper control limit indicated lowered assessment thresholds in relation to the original assumptions.

Results and Analysis
This research used the risk analysis results for selected railroad investments at the design stage presented in the dissertation in Ref. [1].It can be concluded that, by applying the method described in Ref. [1] to risk assessment in investment processes involving modernization of the control subsystem, it is possible to additionally include a fuzzy expert system in the assessment.The advantage of fuzzy logic is that it allows a measure of imprecision to be added in three variables-PCR, WCR, and TCR, incorporating imprecision into the process and enabling better analysis of possible choices.The adoption of an expert system by means of a fuzzy rule base combines linguistic terms and logical operators, creating further categories of risk.Defuzzification transforms the fuzzy numbers into a single clear result with the same RCR scale as the traditional method.
All FIS-RCR results were treated as belonging to one of three levels of risk, and the corresponding categories were subject to varying degrees of control and prevention depending on the priority.
The comparison of the results obtained from the product method and the fuzzy logic method is presented in Table 6.As a rule, the results obtained from the fuzzy logic method are greater than or equal to those obtained from the product method.Therefore, it can be concluded that this approach is harsher.Similar conclusions are presented in Ref. [44], which describes the use of fuzzy logic as an extension of FMEA analysis.The use of fuzzy logic is also supported by adopting a critical level in accordance with Shewart's cards.The use of fuzzy sets allows for more accurate results to be obtained, which shows that the risks considered acceptable may, after applying fuzzy sets, reach the level of unacceptable or critical risk, as shown in Table 6.This is the main advantage of using fuzzy sets compared to other methods.

Conclusions
The data collected during the implementation of the surveys and workshop meetings were transferred, and risk groups (sets) were determined based on them.These data were subjected to fuzzy risk modeling.The results indicate that it is necessary to use new methods to support the implementation of railroad investments, which, like fuzzy sets, will make it possible to create a fuzzy model of the inference system that allows for the generalization of the information held.Fuzzy logic improves the consistency and reliability of risk analysis results.The deployment of an expert system makes it possible to adjust the RCR to reasonable expectations, which is an essential contribution to risk monitoring in investment processes.
In rail transport, there is an increasing emphasis on risk analysis, but there are no guidelines on the use of risk analysis methods and there are no methods that take into account the specificity of the railway industry.The most frequently used method is the FMEA method, but this method is not always sufficient.Therefore, the proposed method, based on fuzzy sets, is more accurate and allows for the level of security at every stage of investment implementation to be increased.The presented method can be used to support decisions made by designers and contractors in the railway traffic control industry.

Figure 1 .
Figure 1.View of the window of the application created in MatLab R2022a (source: own elaboration).

Figure 5 .
Figure 5. Window of rules created in MatLab (source: own elaboration).

Figure 6 .
Figure 6.The process of applying fuzzy logic.

Figure 7 .
Figure 7.The comparison of different fuzzy logic methods.

Table 1 .
Evaluation of the urgency category (PCR).

Table 3 .
Evaluation of the greatness category (WCR).

Table 4 .
Categories and numerical values of investment risk.

Table 5 .
Results of threat analysis using the MatLab Fuzzy Logic Toolbox.

Table 6 .
Comparison of the results obtained from the product method and the fuzzy logic method.