Redefining rail systems verification and validation: the safety/security STAIRCASE model

George Bearfield, Coen Van Gulijk, Richard James Thomas

Research output: Contribution to journalArticlepeer-review

210 Downloads (Pure)


Safety critical functions of the engineered railway need to perform at levels of integrity that are so high that an acceptable failure rate cannot be demonstrated through testing alone. Where such functions need to be implemented in complex programmable electronic systems certain design, build and test requirements are defined in technical standards and these are deemed to ensure that the correct level of systematic integrity is achieved. These approaches are based on assumptions around how system requirements are managed and delivered which are increasingly challenging to meet in practice. In particular the V&V lifecycle used in functional safety standards and emerging cyber security design standards is idealised. It assumes a top-down cascade of requirements for each delivery project. The approaches have become the de-facto standard internationally and are now mandated to an extent in European railway safety regulations. This paper proposes a different approach: a new lifecycle model that aligns better with the reality of the modern global supply chain and the order in which asset design and project delivery activities are actually undertaken to improve the ability to proactively manage safety.This leads to a fundamental change in the assurance philosophy to bring a simpler and more understandable approach. A framework for applying this approach is set out along with further research objectives to deliver the solution in practice.
Original languageEnglish
JournalProceedings of the Institution of Mechanical Engineers, Part F: Journal of Rail and Rapid Transit
Early online date16 May 2022
Publication statusE-pub ahead of print - 16 May 2022


  • cyber security
  • railway technology
  • railways
  • rams
  • risk analysis
  • safety assurance
  • safety-critical software
  • safety/safety engineering
  • security


Dive into the research topics of 'Redefining rail systems verification and validation: the safety/security STAIRCASE model'. Together they form a unique fingerprint.

Cite this