Zhao Tianshi,Sun Chao,Huang Yinxia

DOI: https://doi.org/10.3969/j.issn.1000-7458.2012.12.006

2012-01-01

Abstract:The CTCS-3 Train Control System is a kind of typical safety critical systems and its system assessment is complex.Through converting non-formal system requirements into semi-formal requirements,We use safety several analysis tools,such as hazard and operability studies,fault tree analysis,event tree analysis and reason and result analysis,to provide suitable risk assessment techniques for CTCS-3 Train Control System.

Lu Lu,Xu Zhengguo,Wang Wenhai,Sun Youxian

DOI: https://doi.org/10.13879/j.issn1000-7458.2010.05.022

2010-01-01

Abstract:The safety is one of the most important and fundamental requirements for train operation.As the key technical equipment for train monitoring,control,and scheduling,the reliability of train control systems (TCSs) is directly related to the safety of train operation.Fault diagnosis for TCSs is an important way to guarantee the reliability of TCSs.This paper made a review over TCSs fault diagnosis techniques.First,fault diagnosis methods for TCSs are classified and summarized.Then,some research achievements of TCSs fault prediction were summarized.Finally,some potential directions for future TCSs fault diagnosis research are pointed out.

Ehsan Ahmad,YunWei Dong,Brian Larson,JiDong Lü,Tao Tang,NaiJun Zhan

DOI: https://doi.org/10.1007/s11432-015-5346-2

2015-01-01

Science China Information Sciences

Abstract:Train control systems like most digital controllers are, by definition, hybrid systems as they interact with or try to control some aspects of the physical world. Detailed behavior modeling with constraints specification and formal verification, required for reliability prediction, is a great challenge for hybrid system designers. Train control systems further intensify this challenge with extensive interaction between computing units and their physical environment and their mutual dependence on each other. In this paper, we investigate behavior modeling and formal verification of Chinese Train Control System Level 3 (CTCS-3) using Architectural Analysis & Design Language (AADL) to cope with this challenge. AADL is an architecture description language for embedded systems and is based on model-based engineering paradigm. Along with structural modeling of embedded systems using the core language constructs, AADL also provides support for language extension through annex sublanguages. In system requirements specification document, the behavior of the CTCS-3 is specified as a set of basic operation scenarios that cooperate with each other to achieve safe and secure functionality of trains. Movement Authority (MA) scenario, explored in this paper, is considered as a basic and most crucial scenario to prevent trains from colliding with each other. The detailed discrete behavior of control system is modeled and verified using the Behavior Language for Embedded Systems with Software (BLESS) annex sublanguage of AADL, and the continuous behavior of train with the cyber–physical interaction (communication between train and control system) is modeled using the Hybrid annex sublanguage. The behavior of the MA scenario at system level is verified using the Hybrid Hoare Logic theorem prover. Behavior constraints are specified as assertions using first-order logic formulas augmented with a simple temporal operator.

Lian-chuan Ma,Dongmei Huang,Jian-cheng Mu,Yuan Cao

DOI: https://doi.org/10.2991/AIEA-16.2016.61

2016-11-12

Abstract:Commercial off-the-shelf (COTS) software and hardware components are widely used in the design of train control system. In order to satisfy the application requirements of the safety computer in train control system, it is necessary to analyze its safety properties. In this paper, a method of safety analysis for the safety computer is proposed. The safety properties of the safety computer in train control system are verified by establishing the system model of safety mechanism, and establishing a safety base in safety computer management units (SCMU), and measuring the safety of each part of the system step by step, and then establishing a safety chain. Finally, tests are carried out through a designed software fault injection tool to demonstrate the effectiveness of the proposed method.

Computer Science,Engineering

WU Hai-qiao,LIU Chao,GE Hong-juan,WANG Hua-wei

DOI: https://doi.org/10.3969/j.issn.1001-5590.2012.02.005

2012-01-01

Abstract:Traditional system safety analysis,influenced by the personal skills and experiences of analyzers,may cause the error of system failure states and failure effects.Model checking,by means of traversing algorithm,can search all system status in mathematical method without omitting.By using the verification tool,analysis process can be conducted automatically and the dependence of experiences can be reduced.Model checking is introduced into aircraft system safety analysis in this paper and its application process is presented as well.The wheel brake system in the appendix of SAE ARP 4761 is taken as an example.With verification tool NuSMV,the minimum failure combination which lead to the top event can be got automatically,the purpose of fault tree analysis can be achieved at the same time.

Yong Zhang,Jiawei Li,Aled R. Walters,Xuting Duan,Daxin Tian

DOI: https://doi.org/10.1109/itsc55140.2022.9922206

2022-01-01

Abstract:The train-to-train (T2T) based Train-centric Control System (TcCS) is one promising advanced solution to save the life-cycle cost of the railway signalling system by reducing a large number of the ground equipment when compared to the widely used CTCS/ETCS system. However, the reliability performance influence for the transportation mission introduced by this new solution has never been studied. In order to address this problem, we built a reliability model of the whole transportation mission based on the Phase Mission Systems (PMS) modelling methodology. In this paper, the structure of both control systems is described first. Then the fault tree models in three phases of the whole mission under different control systems are constructed according to the railway signalling control principles. The numerical analysis is carried out based on the Binary Decision Diagram (BDD) calculation method, according to relevant reliability parameters of the basic equipment. The results under CTCS-3 and TcCS are then analysed and compared in each phase of the mission, which shows the reliability influence on the transportation mission under different control systems.

Weigang Ma,Xinhong Hei

DOI: https://doi.org/10.1109/ICCASM.2010.5620084

2010-01-01

Abstract:A modeling and verification methodology is presented for railway interlocking system which is regarded as a safety-critical system. The methodology utilizes UML (Unified Modeling Language) to model the function requirement and FSM (Finite State Machine) to verify the safety requirements of the specification. The device specifications of railway interlocking system are modeled with UML, and dynamic behaviors of the device and whole system are modeled with FSM, the safety specification is translated LTL (Linear Temporal Logic) and analyzed with NuSMV. We try to show the feasibility of improving the reliability and reducing revalidation efforts when designing and developing a decentralized railway signaling system.

Weigang Ma,Xinhong Hei

DOI: https://doi.org/10.2991/iccasm.2012.212

2012-01-01

Abstract:A verification methodology is presented for railway interlocking system which is regarded as a safety-critical system.The methodology utilizes UML to model the function requirement and LTL to verify the safety requirements of the specification.The device specifications of railway interlocking system are modeled with UML, then translate into FSM.The safety specification is translated LTL and analyzed with NuSMV.We try to show the feasibility of improving the reliability and reducing revalidation efforts when designing and developing a decentralized railway signaling system.

Wang Le

Abstract:This paper introduces the EMU braking system fault diagnosis and safety design concept and implementation in accordance with the design of intrinsically safe,taking into account the possible failure and the severity of the possible consequences,the corresponding identification,diagnosis,and control methods are designed.The system will automatically deal with the failures or prompt the staff to isolate the faulty equipment,or automatically limit the speed even stop the train to ensure the safety.The design approach of founlt diagnosis and safety measures described in this paper has been well verified.

Engineering,Environmental Science

WANG Peng,WU Wei,JING Wei,WANG Hang-yu

DOI: https://doi.org/10.3969/j.issn.1674-6236.2010.12.013

2010-01-01

Abstract:According to the particular requirements of safety locomotive running,a dynamic train monitoring system can be used to monitoring locomotive running based on ARMS3C2440.This system gave some alerts and braking curve,thus,train ban be braked safely.The paper explicates the constitute of the monitor system and the software framework,and describes the method of building each component part of the monitor system.The system realizes high quality of real-time control,reliability of monitor,and accurate recording of monitor's data based on reliability and modularity theories.Result of experiment showes that it is a practical plan.The monitor system con effectively ensure the safe running of locomotive,and promote the automation of locomotive running management regulation and standardization of locomotive operation.

Ye Jun,Long Zhiqiang

DOI: https://doi.org/10.3969/j.issn.1007-869X.2007.03.008

2007-01-01

Abstract:As one kind of new transportation vehicles , the maglev train has an extremely high request for the security and reliability. Withfunctions of the accident prevention and breakdown diagnosis,the system fault model is ani mportant foundationto en- hancethe safety and reliability of the system. This paper analyzes the structure of CMS-03A Maglev Train whichis researched and developed by the National Defense Science and Technology Univer- sity, describes the structure,the working principal and the mal- functionstate of three major sub-systems :supply system,suspen- sion system and draught/brake system. On these bases ,the key subsystemfault models of maglev train are established.Integrating these key subsystemfault models withthe whole systemand onthe foundation of previous studies ,this paper puts forward a relatively comprehensivesystemfault model for maglev train,and carries on the rank divisiontothe breakdown events . This is an open model , which can be further refined and expanded through the successivework,and employs some commonly used symbols of Dynamic Fault Tree Analysis (FTA/DFTA) to express logical relation. AS the model does not dependent on FTA/DFTA or other specific method of fault diagnosis ,it can be used as a platformfor CMS-03 Afault analysisinthe future.

Liujing Xiong,Gang Niu,Zheng Liu

DOI: https://doi.org/10.1109/PHM-Nanjing52125.2021.9612932

2021-10-15

Abstract:As one of the key actuators of the train braking system, the safety and reliability of the Electromagnetic-Pneumatic (EP) valve has been received extensive attention. First, this paper introduces the specific structure and working principle of the EP valve in the train bogie-based braking control system. Then, a mathematical analytical model of the electromagnetic valve in the EP valve was established by using Matlab/Simulink. Besides, the functional structure model of the pneumatic valve in the EP valve was established by using AMEsim software. Finally, the output response characteristics of electromagnetic valves and pneumatic valves under common failure modes are simulated through fault simulation, which reveals the failure mechanism of EP valve and provides a theoretical basis for subsequent fault diagnosis research.

Engineering

Tengfei Li,Junfeng Sun,Xinjun Lv,Xiang Chen,Jing Liu,Haiying Sun

DOI: https://doi.org/10.1109/COMPSAC57700.2023.00279

2023-01-01

Abstract:Great achievements have improved the efficiency and effectiveness of formal verification fairly, such that it is now applicable to industrial-scale software. However, verifying a full software system is still considered too complex. In practice, industrial control software models to be verified may result in state space explosion. We propose a problem frame-based approach that takes the full software system as input and tries to decompose the full software model into some smaller modules. Our approach decomposes the whole safety requirements to sub safety requirements, and the verification problem of the whole model is projected to sub verification problem according to the decomposed safety requirements. The sub verification problems check the projected sub models against the the sub safety requirements. We carry out an extensive evaluation based on the trackside subsystems in rail transit. Verifying the decomposed model can lead to a significant performance gain, due to the fact that abstract models reduce too much state space.

Jia Lin,Ping Tan,Weiting He,Jian Chu,Zhihua Chen

DOI: https://doi.org/10.1109/SOLI.2011.5986613

2011-01-01

Abstract:As a large-capacity public transport tool, the railway system needs high stability and reliability. In order to reduce cost and satisfy the safety requirements of train control system, a novel safety-related digital input system is designed and implemented based on architectural constraints of safety-related systems and the analysis of the working principle of the specific digital input system. This system is designed as 2-out-of-3 architecture on the basis of vital computer. The method of fault diagnosis has been improved after the analysis of the practical situation. That is, the detection signal sent by the external pulse transmitter module contains the circuit fault information after the signal pass through the input circuit, and the real-time self-diagnosis will be done after using the supporting software to deal with timing diagram. The system uses less CPU resources to achieve the high diagnostic efficiency, which improves safety failure rate. And its failure analysis is discussed. The Markov Model is used to verify the Safety Integrity Level (SIL) of the safety-related system. The analysis shows that this design, with easy implementation and low cost, meets the requirements of SIL4 in railway and is more reliable.

Xi Wang,Huaikou Miao,Weikai Miao

DOI: https://doi.org/10.1007/978-3-319-57708-1_4

2017-01-01

Abstract:Train control system is a kernel component of railway transportation which acts as the controller of the involved equipment. With the popularization of train-based transportation, how to guarantee the safety of train control system becomes an important problem to be solved. This paper proposes a safety analysis method for train control system. It provides a scenario language for practitioners to describe their requirements on the train control system in terms of physical scenarios of the train operations. With the specification written in the scenario language, its implied hazards will be automatically identified by verifying its satisfaction of the given safety properties. In contrast to the traditional textual representation of the analysis result, animation technique is adopted to demonstrate the unsafe requirement in an intuitive way. A software tool has been developed to support the approach. It identifies the hazards of a given scenario specification and animates the physical scenarios that lead to the hazards. We also carried out a case study on the tool and the result shows the efficacy of the proposed approach.

V Hartonas-Garmhausen,S Campos,A Cimatti,E Clarke,F Giunchiglia

DOI: https://doi.org/10.1016/s0167-6423(99)00016-7

IF: 1.039

2000-01-01

Science of Computer Programming

Abstract:Ensuring the correctness of computer systems used in life-critical applications is very difficult. The most commonly used verification methods, simulation and testing, are not exhaustive and can miss errors. This work describes an alternative verification technique based on symbolic model checking that can automatically and exhaustively search the state space of the system and verify if properties are satisfied or not. The method also provides useful quantitative timing information about the behavior of the system. We have applied this technique using the Verus tool to a complex safety-critical system designed to control medium and large-size railway stations. We have identified some anomalous behaviors in the model with serious potential consequences in the actual implementation. The fact that errors can be identified before a safety-critical system is deployed in the field not only eliminates sources of very serious problems, but also makes it significantly less expensive to debug the system.

Ruijun Cheng,Jin Zhou,Dewang Chen,Yongduan Song

DOI: https://doi.org/10.1016/j.ress.2015.09.014

IF: 7.247

2016-01-01

Reliability Engineering & System Safety

Abstract:This paper presents a parameter analysis method to solve the parameter uncertainty problem for hybrid system and explore the correlation of key parameters for distributed control system. For improving the reusability of control model, the proposed approach provides the support for obtaining the constraint sets of all uncertain parameters in the abstract linear hybrid automata (LHA) model when satisfying the safety requirements of the train control system. Then, in order to solve the state space explosion problem, the online verification method is proposed to monitor the operating status of high-speed trains online because of the real-time property of the train control system. Furthermore, we construct the LHA formal models of train tracking model and movement authority (MA) generation process as cases to illustrate the effectiveness and efficiency of the proposed method. In the first case, we obtain the constraint sets of uncertain parameters to avoid collision between trains. In the second case, the correlation of position report cycle and MA generation cycle is analyzed under both the normal and the abnormal condition influenced by packet-loss factor. Finally, considering stochastic characterization of time distributions and real-time feature of moving block control system, the transient probabilities of wireless communication process are obtained by stochastic time petri nets.

Ying Liu,Kai Ting Zhou,Ji Xuan Wan,Guo Chun Wan,Mei Song Tong

DOI: https://doi.org/10.1109/PIERS53385.2021.9694949

2021-01-01

Abstract:China’s heavy haul trains are moving towards the trend of large marshalling and long marshalling. In this case, if the small marshalling train can be embedded into the software environment by using the computer interface, the software and hardware of the system are required to run in real time, so as to simulate the running state of the whole system. Using the small marshalling train and cascade control scheme, the running state of the long marshalling train is simulated on the semi-physical simulation platform, which has important guiding significance for the development of heavy haul trains. Based on the LabVIEW simulation software, this paper develops a hardware-in-the-loop simulation test platform for the braking system of 150 marshalling freight trains. It has the function of combining the small marshalling physical braking system with the control system model, obtaining the braking performance test data of long and large marshalling trains through the cyclic cascade experiment, and controlling the error between the real experimental results and the experimental results of the hardware-in-the-loop simulation within a reasonable range.

Jinchu Zheng,Yong Qin,Xiaoqing Cheng,Shuai Lin,Zhilong Zhang,Hengkui Li,Xiaojun Deng

DOI: https://doi.org/10.1007/978-3-662-49370-0_32

2016-01-01

Abstract:At present, the international high-speed rail on clean and green and intelligent technology received unprecedented attention, especially the integration of security technology has become a core technology development trends. First, this paper does reliability analysis from the high-speed train system. Statistics of the subsystems of the failure rate is done. Then important subsystems bogie system reliability is analyzed combining with the maintenance on the high-speed train system reliability analysis. The parts distribution functions and associated parameters are fitted on software. Finally, we set up truck event tree model and reliability analysis of bogie system.

Jun Lai,Jingmang Xu,Tao Liao,Zhaoguang Zheng,Rong Chen,Ping Wang

DOI: https://doi.org/10.1016/j.engfailanal.2022.106050

IF: 4

2022-04-01

Engineering Failure Analysis

Abstract:Train derailments in low-speed railway turnout areas are very common due to poor track alignment and rail failures, and in extreme cases can lead to casualties and damage to infrastructure and railway vehicles. This study aims to explore the dynamic derailment behaviour caused by rail joint failures before the railway switch panel, and to understand the effects of crucial parameters on the operating safety of trains. To this end, a 3D dynamic coupled freight train-track simulation model is developed based on the MBS-FEM method. The model takes into consideration the lateral difference between rail joint sections that directly cause the wheel to rise. Flexible deformations of the rail and wheelset are modelled, and the derailment mechanism of wheel jumping and climbing in the railway switch panel is revealed. Results show that increasing the curve radius and distance between the rail joint and switch toe can effectively improve passing safety. When a sharp curve has to be placed before the switch panel due to site limitations, reducing the wheel-rail coefficient can also ensure better operating safety. This study indicates that the proposed MBS-FEM dynamic coupled derailment simulation model is able to efficiently evaluate the operating safety as a result of various wheel and track defects, and thus form a basis for providing a cost-effective platform for the future parameter optimization of railway tracks and vehicles.

engineering, mechanical,materials science, characterization & testing