Yang Li,Dongqin Feng

DOI: https://doi.org/10.1007/978-3-642-34528-9_86

2013-01-01

Abstract:Automatic train protection system (ATP) is the key safety-related system of train control system, so its safety reliability requirements are much higher. This article studies functional safety assessment (FSA) including function analysis, hazard identification, risk rank evaluation, risk reduction, and safety integrity verification during the development of carborne ATP. A risk rank evaluation method is proposed combining as low as reasonably practically (ALARP) criteria and risk matrix. Many safety defects of carborne ATP are found and then the design scheme is improved through FSA. The results of risk analysis software Isograph prove that carborne ATP meets the safety integrity level of its design goals at last.

Vitalii Gaievskyi

DOI: https://doi.org/10.18664/1994-7852.204.2023.284024

2023-06-21

Collection of scientific works of the Ukrainian State University of Railway Transport

Abstract:The article examines the issues of improving the methodology for identification and assessment of the limits of existing risks of technical operation and maintenance of automated railway transport control systems, determining and classifying the level of severity of the consequences of failures for the further selection of appropriate risk management methods that will be applied in the development of innovative control systems of railway infrastructure transport. To resolve the issue, it is proposed to consider the effects of external factors and means of the system itself, which are designed to reduce risk in order to comply with a given level of functional safety using a risk-oriented approach. The main functions of risk are defined: protective, analytical, innovative, regulatory. The risk management process is based on the results of risk identification and assessment in order to reduce the consequences of dangerous factors and threats, based on the results of which a structural block diagram of the process was built using the principle "as low as reasonably achievable" (ALARP). 9 stages of risk management are defined: - risk assessment of potential consequences; - decision-making regarding risk and its acceptability; - development of measures to eliminate risks or reduce them to the lowest acceptable level; - determination of risk probabilities and completion of the table of risk probabilities - categories of the probability of occurrence of dangerous factors or threats; - assessment of the severity of their consequences and completion of the risk severity table with the definition of the severity category of the consequences of dangerous factors; - determination and classification of the level of severity of the consequences of train traffic control system failures; - assessment of risk acceptability using the risk assessment matrix and determination of risk acceptability indices; - risk assessment and decision-making regarding the acceptability or unacceptability of risks. - making a decision about the need to control the assessed risk. According to the results of the study, taking into account simplifications and assumptions, it was determined that the most vulnerable elements of the control system and timely and high-quality maintenance require identification and assessment of risks. That is, using statistical data on the failure of technical equipment on the one hand and statistical data on their technical maintenance, it is possible to calculate and assess risk levels and determine and classify the level of severity of the consequences of failures and the degree of their acceptability using quantitative and qualitative methods. The obtained results will be applied to the selection of appropriate risk management methods and further improvement of automated management systems by expanding their capabilities and providing them with additional functions.

Jianxin Xu,Dongqin Feng

DOI: https://doi.org/10.1155/2017/2430835

IF: 1.968

2017-01-01

Security and Communication Networks

Abstract:This paper discusses two aspects of major risks related to the cyber security of an industrial control system (ICS), including the exploitation of the vulnerabilities of legitimate communication parties and the features abused by unauthorized parties. We propose a novel framework for exposing the above two types of risks. A state fusion finite state machine (SF-FSM) model is defined to describe multiple request-response packet pair sequence signatures of various applications using the same protocol. An inverted index of keywords in an industrial protocol is also proposed to accomplish fast state sequence matching. Then we put forward the concept of scenario reconstruction, using state sequence matching based on SF-FSM, to present the known vulnerabilities corresponding to applications of a specific type and version by identifying the packet interaction characteristics from the data flow in the supervisory control layer network. We also implement an anomaly detection approach to identifying illegal access using state sequence matching based on SF-FSM. An anomaly is asserted if none of the state sequence signatures in the SF-FSM is matched with a packet flow. Ultimately, an example based on industrial protocols is demonstrated by a prototype system to validate the methods of scenario reconstruction and anomaly detection.

Przemysław Ilczuk,Magdalena Kycko,Dariusz Szmel

DOI: https://doi.org/10.24136/tren.2023.016

2023-12-22

Journal of Civil Engineering and Transport

Abstract:In rail transport, increasing emphasis has been placed in recent years on improving safety levels. Therefore, more requirements and legal documents require risk analyses to be carried out at various stages of investment implementation. One of the leading legal documents that introduce the obligation to monitor risk is Directive (EU) 2016/798 of the European Parliament and of the Council of 11 May 2016 on railway safety and Commission Implementing Regulation (EU) No 402/2013 of 30 April 2013 on the common safety method for risk evaluation and assessment and re-pealing Regulation (EC) No 352/2009. Additionally, for traffic control systems, the requirements of CENELEC standards are mandatory. These documents present the subject of safety level and show its relation with the safety targets defined in the railway system, including the different ways of measuring them. Methods are also available to analyse the safety level of railway system components in detail, both at the level of individual components, subsystems, and the whole national railway system. However, after conducting an in-depth analysis of the literature, the authors of the article indicate that these methods are not consistent with each other. There is no method defined to present the direct relation of the safety level of the components of the system on the achievement of safety targets for the national railway system. The research and analysis aimed to define an approach, a method that would meet all legal requirements but at the same time would allow to clearly and reliably determine the safety level of the railway system. To define a unified approach, the authors of the article propose to develop a model of a dynamic object - a railway system safety model, which has also been verified on accurate safety data in rail transport in recent years. This model organises the process of safety management on railways and allows to determine values influencing the achievement of safety targets on an assumed level.

F.A. Smirnov,A.V. Novichikhin,K.E. Kovalev

DOI: https://doi.org/10.1051/e3sconf/202454906008

2024-07-16

E3S Web of Conferences

Abstract:The article presents methodological features of the development of intelligent information technology (hereinafter referred to as IIT) for implementation in the transportation process in railway transport. The purpose of this study is to integrate intelligent information technology into the railway transportation process using the IDEF0 functional modeling methodology. The implementation of IIT will ensure monitoring of the condition of wagons and cargo from the moment of loading to the moment of unloading along the entire route. Methods: Analysis of the current state of the subject area, synthesis of solutions, mathematical modeling, provisions of the theory of automatic control are applied. Results: World experience in the use of intelligent technologies in railway transport was analyzed, a diagram of a control system for the process of accepting a car for transportation and a mathematical model of the problem that IIT solves was developed. The role of IIT in the transportation process is determined using the IDEF0 functional modeling methodology. The importance of integrating IIT into the process of freight transportation by rail in increasing their efficiency through the use of new methods is shown.

N. F. Sirina,D. L. Rusin,,

DOI: https://doi.org/10.20291/2079-0392-2023-3-23-35

2023-01-01

Herald of the Ural State University of Railway Transport

Abstract:In the context of introduction of railway test site technologies for organization of train traffic, the issue of eliminating the main reasons for inefficiency of freight transportation is acute - uncontrolled delays of locomotives under technological operations, difficulty in forming a single schedule, instability of the daily transportation plan and lack of a suitable train at the time of formation at the locomotive stations. It is necessary to optimize the specific processes of organizing and managing the fleet of traction resources. The methodological framework of the research is based on modern perception about provisions for the synthesis of correct adaptive mechanisms with identification, principles of comprehensive assessment, organizational and economic action of intelligent and automated transport systems of organization and management in production, the methods of expert assessments, Monte Carlo, Delphi, graphic and analytical planning and evaluation of indicators are used, which enable to organize the supply of traction and locomotive crews at the request of carriers by independent commercial structures and individuals on a competitive basis. The mechanism of predictive reduction of losses in the management of traction resources at the railway test site, ensuring the fulfillment of established parameters of the use of locomotives, is given, and the method of adaptive regulation and management of traction resources is proposed, which allows analyzing the production and economic indicators of the use of traction to develop and evaluate the proposed management solutions to improve efficiency of a transportation process.

Huishan Song,Yanbin Yuan,Yuhe Wang,Jianbai Yang,Hang Luo,Shiming Li

DOI: https://doi.org/10.3390/s24227135

IF: 3.9

2024-11-07

Sensors

Abstract:With the rapid advancements in information technology and industrialization, the sustainability of industrial production has garnered significant attention. Industrial control systems (ICS), which encompass various facets of industrial production, are deeply integrated with the Internet, resulting in enhanced efficiency and quality. However, this integration also introduces challenges to the continuous operation of industrial processes. This paper presents a novel security assessment model for ICS, which is based on evidence-based reasoning and a library of belief rules. The model consolidates diverse information within ICS, enhancing the accuracy of assessments while addressing challenges such as uncertainty in ICS data. The proposed model employs evidential reasoning (ER) to fuse various influencing factors and derive security assessment values. Subsequently, a belief rule base is used to construct an assessment framework, grounded in expert-defined initial parameters. To mitigate the potential unreliability of expert knowledge, the chaotic mapping adaptive whale optimization algorithm is incorporated to enhance the model's accuracy in assessing the security posture of industrial control networks. Finally, the model's effectiveness in security assessment was validated through experimental results. Comparative analysis with other assessment models demonstrates that the proposed model exhibits superior performance in ICS security assessment.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Junting Lin,Qian Li,Yang Wang

DOI: https://doi.org/10.1177/1748006x241234700

2024-02-28

Proceedings of the Institution of Mechanical Engineers Part O Journal of Risk and Reliability

Abstract:Proceedings of the Institution of Mechanical Engineers, Part O: Journal of Risk and Reliability, Ahead of Print. In order to achieve the goal of transforming China into a modernized railway powerhouse, a comprehensive evaluation model of intrinsic safety is constructed in this paper by focussing on the intrinsic safety of railway facilities and equipment. Firstly, the index system for evaluating the intrinsic safety of railway facilities and equipment is divided. Secondly, the fuzzy Petri net (FPN) model for intrinsic safety evaluation is constructed according to the fuzzy generative rules, and the similarity calculation method of the cloud model based on shape and distance is applied to derive the initial state value of the FPN model and carry out the calculation of fuzzy reasoning of the intrinsic safety. Finally, the comprehensive evaluation of intrinsic safety is carried out using the example of railroad facilities and equipment at one China Railway Group bureau's station section. The results indicate that the intrinsic safety level of the station section falls into Class IV intrinsic safety, exhibiting a few vulnerabilities. However, the risk level is low, aligning with the findings of the actual research. Moreover, the evaluation results based on the FPN, the cloud model's similarity calculation method and the suggested method are compared and analysed with the findings of the actual research. The comparative results demonstrate the accuracy and scientificity of the proposed method, providing a reference for enhancing the intrinsic safety of railway facilities and equipment.

engineering, industrial, multidisciplinary,operations research & management science

Shu Yidan,Zhao Jinsong

DOI: https://doi.org/10.3969/j.issn.1001-4160.2011.12.023

2011-01-01

Abstract:Safety instrumented system(SIS) is important for safety of industrial production.IEC 61508 require the establishment of safety integrity levels(SIL) for all the SIS for confirmation that they meet the requirement for functional safety.SIS in process industry are commonly in low demand rate.Research andvances of SIL verification for SIS in this mode is reviewed in this article,with summary of research on common cause failure modeling and caculation of average probability of failure on demand(PFD_(avg)).In the aspect of caculation of PFD_(avg),three common methods are introduced,including reliability block diagram,fault tree analsis and Markov model.Finally,several commercial softwares with SIL verificition function are introduced.

Yu.S. Tverskoy,I.A. Kolesov,A.V. Golubev,I.K. Muravyov,J.A. Gaidina,,,,,

DOI: https://doi.org/10.17588/2072-2672.2022.3.045-056

2022-06-30

Vestnik IGEU

Abstract:Modern production machinery is equipped with multifunctional automated process control systems (APCS) based on software and hardware complexes (SHC) of a network hierarchical structure. The experience of designing and operating multifunctional process control systems proves that the efficiency of the systems being developed significantly depends on the array of problems at different stages of the technology design and system modernization. It is to be developed, both at the fundamental level of local automatic control systems and at a higher level of hierarchical system structure. At the same time, special attention is paid to the software failure, which is fixed, as a rule, by periodically updating all the content. For process control systems, such an approach under the operation conditions of power equipment is unacceptable. In this regard, the effectivity problems of complex systems are to be classified in terms of technological process factors, the theory of automatic control and instrumental factors associated with the proper software implementation. As a theoretical basis to solve the problem of information sufficiency and synthesis of structurally stable systems, the methods of potentials and coordinates of the thermodynamics of irreversible processes are used. The testing method is applied as a tool to analyze and diagnose software and hardware tools. The authors have defined three groups of factors: system, controller and local. The task to analyze the conformity of information and algorithmic support means to expert and verify the absence of defects in the software of a multifunctional system and the fulfillment of the declared requirements. The automated testing system is a unified environment to analyze the execution of test scenarios. It provides continuous validation and verification of the information and algorithmic support of the SHC. In particular, a methodology has been developed to carry out resource tests of the software and hardware complex and checking the operation of the mechanisms for backing up, synchronizing, and replacing its components by simulating failures in the processor modules, hardware and software components. A set of methodological factors has been defined to develop advanced software and hardware systems for process control systems. It significantly affects the adequacy of the information and algorithmic support of a complex system. A technology of automated testing of software and hardware tools of the SHC has been developed. Methods to solve interdisciplinary problems are generalized. The authors recommend solving the problems at the earlier stages of a complex system design. The proposed technology to develop and diagnose automatically software and hardware of the SHC by implementing a single environment to study, compare and detect the defects of the SHC software throughout the entire life cycle of the process control system allows you to identify and eliminate the mutual negative influence of the SHC components both at the development stage and at the stage of the subsequent system organization, including solving the problem of information security at the stage of system installation and operation. The developed approach to solve complex interdisciplinary problems that require solution at the early stages of designing complex systems makes it possible to avoid fundamentally erroneous decisions and increase the competitiveness of the SHC as a systemically important APCS complex at the time of installation.

Yuriy Abramov,Oleksii Basmanov,Valentina Krivtsova,Andriy Mikhayluk,Yevhen Makarov

DOI: https://doi.org/10.15587/1729-4061.2024.300647

2024-04-30

Abstract:The object of research is the fire safety subsystem of hydrogen storage and supply systems. The subject of the study is the efficiency index of the fire safety subsystem of hydrogen storage and supply systems for different modes of its operation. As such an efficiency indicator, the conditional probability that the fire safety subsystem correctly recognizes the actual state of the hydrogen storage and supply system is used. The fire safety subsystem functions under the control mode and under the test mode. Mathematical models of the operation of the fire safety subsystem were built for such modes, based on the use of graph theory. The weight matrices of these graphs include the completeness of control or testing and the intensity of transition of the fire safety subsystem from one state to another. Determination of the effectiveness of such a subsystem – reliability of functioning – is carried out using Kolmogorov’s equations. It is shown that during the testing of hydrogen storage and supply system, the probability of its being in a fire-safe state has a maximum. It is shown that with values of completeness of control (testing) that do not differ from 1.0, the effectiveness of the functioning of the fire safety subsystem is invariant with respect to the mode of its functioning. With values of completeness of control (testing), which are significantly different from 1.0, the functioning of the fire safety subsystem under the testing mode is more effective. The identified features of the functioning of the fire safety subsystem make it possible in practice to implement an optimal or adaptive algorithm for the functioning of such subsystems. For example, with the appropriate selection of testing parameters, the fire safety subsystem provides determination of the location of the hydrogen storage and supply system with maximum probability

P.K. Parshin,T.G. Sergeeva

DOI: https://doi.org/10.1051/e3sconf/202454904012

2024-07-16

E3S Web of Conferences

Abstract:The expansion of intelligent transport systems is a notable trend in the current stage of transport infrastructure development. The use of intelligent transport systems will enhance the quality of transport process management and ensure strict compliance with safety requirements in the transportation process. The Russian Federation's transport strategy up to 2030 envisages the development of intelligent transport systems, which is one of the directions for forming a unified transport space in Russia based on balanced development of an efficient transport infrastructure. The introduction of innovative informational and educational technologies is one of the promising and relevant issues in the context of the digital transformation of the transport complex. The situational information and training model developed in this study will enable operational management personnel to minimize the time required to find the necessary route, prepare it, and reduce or completely avoid train delays at entry signals, thereby enhancing train traffic safety. This article presents an algorithm of measures that will enable the development of specific practical solutions for improving the technology of railway station operations in the event of failures in existing railway automation and telemechanics systems. The use of a situational information and training model "Management of switches in the route" in conjunction with the developed "Route Tables" adapted for various extra-class railway stations will allow eliminating errors made by station duty officers when preparing routes and reducing the time spent on these operations..

Leonid Ozirkovskyy,Bohdan Volochiy,Oleksandr Shkiliuk,Mykhailo Zmysnyi,Pavlo Kazan

DOI: https://doi.org/10.32620/reks.2022.2.12

2022-05-18

RADIOELECTRONIC AND COMPUTER SYSTEMS

Abstract:The subject of research is to determine the functional safety indicators of a fault-tolerant safety-critical system, namely, the minimal cut sets’ probability for a given duration of the system’s operation, using the state transition diagram (STD). The aim is to create a new method for analyzing the functional safety of a fault-tolerant safety-critical system. This method is based on the methodology of developing models of operational reliability behavior in the form of STD. This methodology provides a detailed representation of inoperable states and their relation with pre-failure (inoperable critical) states. The task is to propose a new classification for inoperable states of the STD to obtain all possible emergencies in the same space of inoperable states. This approach allows consideration the correlations between the failures, that it is impossible to use the fault trees. Since the space of inoperable states can reach hundreds and thousands of states, a method is proposed for their automated determination according to the classification. The state space method was used to conduct the validation of the method of functional safety analysis. The following results were obtained: the system of Chapman-Kolmogorov differential equations is formed in accordance with the STD and it provides the dependence of the functional safety indicator – the minimal cut sets’ probability as a function of the operational duration of the fault-tolerant safety-critical system. This dependence is called the emergency function. The method for determining the emergency function is based on the usage of the emergency mask. Note that the proposed model of operational reliability behavior in the form of STD provides the possibility to conduct both the functional safety and the reliability indicators. The value of the minimal cut sets’ probability for a given duration of operation is determined using the fault tree for the validation of the proposed method of functional safety analysis. The fault tree was built by Reliasoft BlockSim software. The obtained value coincides with the value of the minimal cut sets’ probability, which was defined by the emergency function for the same operational duration. Thus, the designer can comprehensively analyze the feasibility of introducing redundancy (structural, temporal, functional). Conclusions: the scientific novelty of the obtained results is the following: the new method for determining safe, critical and catastrophic states in the set of inoperable states is used in the methodology of the STD developing to obtain the stochastic model of operational reliability behavior of fault-tolerant safety-critical system. This technique ensures an automated defining of emergency function by using an improved structural-automatic model.

Ali Shehadeh,Odey Alshboul,Eman Saleh

DOI: https://doi.org/10.1016/j.ress.2024.110458

IF: 7.247

2024-08-27

Reliability Engineering & System Safety

Abstract:Ensuring safety and reliability in multistory concrete construction necessitates rigorous assessment methodologies capable of addressing the inherent uncertainties of the construction process. This paper introduces a novel reliability assessment methodology for shoring/reshoring (S/R) operations, framed within a multi-state parallel-series system (MSS). Our approach innovatively combines concrete slab capacities, forming system strengths, and construction quality, integrating cost and time efficiencies. Central to our method is the use of Interval Universal Generating Functions (IUGF), which leverage Dempster-Shafer (D-S) theory and interval analysis to robustly estimate system reliability under uncertainty. For instance, the model considers concrete strength ranging from 0.72 × 2.1D to 0.96 × 2.1D at different curing stages, producing a system reliability index between 0.63 and 0.76, against a desired threshold of 0.8. This methodology produces interval-valued belief functions that capture a comprehensive range of potential system states and their likelihoods, offering a refined perspective on system safety. An illustrative case study demonstrates the practical application of this methodology in optimizing formwork removal and S/R schedules, significantly enhancing decision-making in construction operations. This paper aligns with the core themes of reliability engineering and system safety by addressing critical safety and reliability issues in complex technological systems through advanced probabilistic safety assessment methods. It significantly enriches the professional discourse by presenting a robust method that can be adapted across various engineering fields facing similar reliability challenges.

engineering, industrial,operations research & management science

Alexei Iliasov,Dominic Taylor,Linas Laibinis,Alexander Romanovsky

DOI: https://doi.org/10.48550/arXiv.2108.10091

2021-08-23

Software Engineering

Abstract:The increasing complexity of modern interlocking poses a major challenge to ensuring railway safety. This calls for application of formal methods forassurance and verification of their safety. We have developed an industry-strength toolset, called SafeCap, for formal verification of interlockings. Our aim was to overcome the main barriers in deploying formal methods in industry. The approach proposed verifies interlocking data developed by signalling engineers in the ways they are designed by industry. It ensures fully-automated verification of safety properties using the state of the art techniques (automated theorem provers and solvers), and provides diagnostics in terms of the notations used by engineers. In the last two years SafeCap has been successfully used to verify 26 real-world mainline interlockings, developed by different suppliers and design offices. SafeCap is currently used in an advisory capacity, supplementing manual checking and testing processes by providing an additional level of verification and enabling earlier identification of errors. We are now developing a safety case to support its use as an alternative to some of these activities.

Xiaoli She,Jiyuan Zhao,Jian Yang

DOI: https://doi.org/10.1109/itsc.2014.6958124

2014-01-01

Abstract:Signaling system acts very important safety role in both national railway and urban rail transportation. This paper provides a formal verification framework on functional safety desired by railway industry application. The presented work chooses Colored Petri Nets for functional modeling and verification. The modelling approaches of internal faults and undesired external influences are proposed by introducing a countering place, and the verification criteria is established based on credible hazard set. An application of this framework on Communication Based Train Control system is also presented.

Yuan Cao,Yuntong An,Shuai Su,Yongkui Sun

DOI: https://doi.org/10.1016/j.aap.2023.107267

IF: 5.9

2023-09-15

Accident Analysis & Prevention

Abstract:Safety is paramount in rail transportation. The International Safety Standard IEC 61508, issued by the International Electrotechnical Commission (IEC) in 2000, describes the modern concept of safety and the specifications for safety evaluation in a systematic manner. On this basis, the EN 50129 railway transportation safety standard and safety integrity level(SIL) are established. Through the above analysis, the relationship between safety-related system reliability, acceptable risk, and safety index is summarized. It is clear that the safety index is based on acceptable risks. Nonetheless, as the economy and society advance, the safety index mandated by the SIL falls behind. Consequently, the principles and methodologies for calculating the safety index are presented. The paper proposes a reference for the Chinese railway safety index based on actual data from the Chinese railways over the past few years.

public, environmental & occupational health,transportation,ergonomics,social sciences, interdisciplinary

Naveen Mohan,Martin Törngren,Sagar Behere

DOI: https://doi.org/10.48550/arXiv.1912.03178

2019-12-06

Systems and Control

Abstract:With the advent of ISO 26262 there is an increased emphasis on top-down design in the automotive industry. ISO 26262 lacks detailed requirements for its various constituent phases. The lack of guidance becomes evident for the reuse of legacy components and subsystems, leaving vehicle architects and safety engineers to rely on experience without methodological support for their decisions. This poses challenges in the industry which is undergoing many significant changes due to new features like connectivity, electrification and automation. Here we focus on automated driving where multiple subsystems, both new and legacy, need to coordinate to realize a safety-critical function. This paper introduces a method to support consistent design of an ISO 26262 work product, the Functional Safety Concept (FSC). The method addresses a need within the industry for architectural analysis, rationale management and reuse of legacy subsystems. The method makes use of an existing work product, the diagnostic specifications of a subsystem, to assist in performing a systematic assessment of the influence a human driver, in the design of the subsystem. The output of the method is a report with an abstraction level suitable for a vehicle architect, used as a basis for decisions related to the FSC such as generating a Preliminary Architecture (PA) and building up argumentation for verification of the FSC. The proposed method is tested in a safety-critical braking subsystem at one of the largest heavy vehicle manufacturers in Sweden, Scania C.V. AB. The results demonstrate the benefits of the method including (i) reuse of pre-existing work products, (ii) gathering requirements for automated driving functions while designing the PA and FSC, (iii) the parallelization of work across the organization on the basis of expertise, and (iv) the applicability of the method across all types of subsystems.

Chuangxin Guo,Bin Yu,Jia Guo,Bojian Wen,Jinjiang Zhang,Li Zhang,Haibo Lu,Bo Li

DOI: https://doi.org/10.13334/j.0258-8013.pcsee.2014.04.022

2014-01-01

Abstract:Substation automation system (SAS) based on IEC61850 is the development direction of SAS. The security issues of the SAS have become increasingly prominent, so it is meaningful to carry out security risk assessment for the SAS. This paper proposed a methodology for the security risk assessment of the SAS. The function-based model (FBM) was proposed according to IEC 61850, by which the SAS could be decomposed into functions and described in mathematical language, and the security risk of the SAS was divided into "system risk" and "function risk". Secondly, a method for calculating the function failure probability was presented. And concepts, such as logical connection value, logical node value and function value, were defined to measure the loss of function failure. A 9-level risk assessment criteria and a system risk integration method based on analytic hierarchy process were established. Taking T1-1 substation SAS system as an example, the feasibility and applicability of the proposed method was verified. ? 2014 Chin. Soc. for Elec. Eng.

Weigang Ma,Xinhong Hei

DOI: https://doi.org/10.2991/iccasm.2012.212

2012-01-01

Abstract:A verification methodology is presented for railway interlocking system which is regarded as a safety-critical system.The methodology utilizes UML to model the function requirement and LTL to verify the safety requirements of the specification.The device specifications of railway interlocking system are modeled with UML, then translate into FSM.The safety specification is translated LTL and analyzed with NuSMV.We try to show the feasibility of improving the reliability and reducing revalidation efforts when designing and developing a decentralized railway signaling system.