Ingénierie de modèle pour la sécurité des systèmes critiques ferroviaires

Development and application of formal languages are a long-standing challenge within the computer science domain. One particular challenge is the acceptance of industry. This thesis presents some model-based methodologies for modelling and verification of the French railway interlocking systems (RIS). The first issue is the modellization of interlocking system by coloured Petri nets (CPNs). A generic and compact modelling framework is introduced, in which the interlocking rules are modelled in a hierarchical structure while the railway layout is modelled in a geographical perspective. Then, a modelling pattern is presented, which is a parameterized model respecting the French national rules. It is a reusable solution that can be applied in different stations. Then, an event-based concept is brought into the modelling process of low-level part of RIS to better describe internal interactions of relay-based logic. The second issue is the transformation of coloured Petri nets into B machines, which can help designers on the way from analysis to implementation. Firstly, a detailed mapping methodology from non-hierarchical CPNs to abstract B machine notations is presented. Then the hierarchy and the transition priority of CPNs are successively integrated into the mapping process, in order to enrich the adaptability of the transformation. This transformation is compatible with various types of colour sets and the transformed B machines can be automatically proved by Atelier B. All these works at different levels contribute towards a global safe analysis frameworkLe développement et l’application des langages formels sont un défi à long terme pour la science informatique. Un enjeu particulier est l’acceptation par l’industrie. Cette thèse présente une approche pour la modélisation et la vérification des postes d’aiguillage français. La première question est la modélisation du système d’enclenchement par les réseaux de Petri colorés (RdPC). Un cadre de modélisation générique et compact est introduit, dans lequel les règles d’enclenchement sont modélisées dans une structure hiérarchique, tandis que les installations sont modélisées dans une perspective géographique. Ensuite, un patron de modèle est présenté. C’est un modèle paramétré qui intègre les règles nationales françaises qui peut être appliquée pour différentes gares. Puis, un concept basé sur l’événement est présenté dans le processus de modélisation des parties basses des postes d’aiguillage. La deuxième question est la transformation des RdPCs en machines B, qui va aider les concepteurs sur la route de l’analyse à application. Tout d’abord, une méthodologie détaillée, s’appuyant sur une table de correspondance, du RdPCs non-hiérarchiques vers les notations B est présentée. Ensuite, la hiérarchie et la priorité des transitions du RdPC sont successivement intégrées dans le processus de mapping, afin d’enrichir les possibilités de types de modèles en entrées de la transformation. Les machines B produites par la transformation permettent la preuve automatique intégrale par l’Atelier B. L’ensemble de ces travaux, chacun à leur niveau, contribuent à renforcer l’efficacité d’un cadre global d’analyse sécuritair

Optimisation of Rail-road Level Crossing Closing Time in a Heterogenous Railway Traffic: Towards Safety Improvement - South African Case Study

The gravitation towards mobility-as-a service in railway transportation system can be achieved at low cost and effort using shared railway network. However, the problem with shared networks is the presence of the level crossings where railway and road traffic intersects. Thus, long waiting time is expected at the level crossings due to the increase in traffic volume and heterogeneity. Furthermore, safety and capacity can be severely compromised by long level crossing closing time. The emphasis of this study is to optimise the rail-road level crossing closing time in order to achieve improved safety and capacity in a heterogeneous railway network. It is imperative to note that rail-road level crossing system assumes the socio-technical and safety critical duality which often impedes improvement efforts. Therefore, thorough understanding of the factors with highest influence on the level crossing closing time is required. Henceforth, data analysis has been conducted on eight active rail-road level crossings found on the southern corridor of the Western Cape metro rail. The spatial, temporal and behavioural analysis was conducted to extract features with influence on the level crossing closing time. Convex optimisation with the objective to minimise the level crossing closing time is formulated taking into account identified features. Moreover, the objective function is constrained by the train's traction characteristics along the constituent segments of the rail-road level crossing, speed restriction and headway time. The results show that developed solution guarantees at most 53.2% and 62.46% reduction in the level crossing closing time for the zero and nonzero dwell time, respectively. Moreover, the correctness of the presented solution has been validated based on the time lost at the level crossing and railway traffic capacity consumption. Thus, presented solution has been proven to achieve at most 50% recovery of the time lost per train trip and at least 15% improvement in capacity under normal conditions. Additionally, 27% capacity improvement is achievable at peak times and can increase depending on the severity of the headway constraints. However, convex optimisation of the level crossing closing time still fall short in level crossing with nonzero dwell time due to the approximation of dwell time based on the anticipated rather than actual value

Optimisation of railway terminal design and operations using villon generic simulation model

Railway service terminals (nodes) are the places of a railway network equipped with costly technology based on high complexity technological procedures demanding a high degree of coordination and control skills. Great effort is therefore exerted to find an optimal configuration of infrastructure to extensively exploit technical and human resources and to effectively organize technological procedures. Due to the complex system, a simulation model seems to be the only suitable tool for performing investigations under realistic conditions. The paper focuses on the possible utilization of simulation methods to support the design and optimisation of infrastructure process control algorithms in railway terminals. The paper also deals with the most important properties and possibilities offered by the simulation tool Villon and comments on the experience gained during its utilisation. The tool supports tactical (middle‐term) and strategic (long‐term) planning usually related to infrastructural or operational proposals which are supposed to guarantee the optimal (or at least effective) behaviour of the modelled terminal. First published online: 27 Oct 201

Selection of a new hardware and software platform for railway interlocking

The interlocking system is one of the main actors for safe railway transportation. In most cases, the whole system is supplied by a single vendor. The recent regulations from the European Union direct for an “open” architecture to invite new game changers and reduce life-cycle costs. The objective of the thesis is to propose an alternative platform that could replace a legacy interlocking system. In the thesis, various commercial off-the-shelf hardware and software products are studied which could be assembled to compose an alternative interlocking platform. The platform must be open enough to adapt to any changes in the constituent elements and abide by the proposed baselines of new standardization initiatives, such as ERTMS, EULYNX, and RCA. In this thesis, a comparative study is performed between these products based on hardware capacity, architecture, communication protocols, programming tools, security, railway certifications, life-cycle issues, etc

Methodologies synthesis

This deliverable deals with the modelling and analysis of interdependencies between critical infrastructures, focussing attention on two interdependent infrastructures studied in the context of CRUTIAL: the electric power infrastructure and the information infrastructures supporting management, control and maintenance functionality. The main objectives are: 1) investigate the main challenges to be addressed for the analysis and modelling of interdependencies, 2) review the modelling methodologies and tools that can be used to address these challenges and support the evaluation of the impact of interdependencies on the dependability and resilience of the service delivered to the users, and 3) present the preliminary directions investigated so far by the CRUTIAL consortium for describing and modelling interdependencies

Developing a distributed electronic health-record store for India

The DIGHT project is addressing the problem of building a scalable and highly available information store for the Electronic Health Records (EHRs) of the over one billion citizens of India

Evaluation of railway system performance under changing levels of automation using a simulation framework

Modern mainline railways are under constant pressure to meet the demands of higher capacity and to improve their punctuality. Railway system designers and operators are increasingly looking to use automation as tool to enable proactive strategies to optimise the timetable, improve the reliability of the infrastructure & rolling stock, to allow for a more dynamic command & control system which can respond to passenger demand and overall to linearize the response behaviour of the system under duress. In the first part of this thesis, I, the author, will discuss the development of automation over the years and the techniques that have been developed to analyse automation changes in a system. Further to this, I outline the various changes to the railway technology over the last century in brief. In the second part, I apply the techniques described earlier to design an automation framework to develop a grade of automation for the railway system to meet the demands of improved capacity and performance. Further to this, I develop parallel testable levels of automation using existing railway technology to demonstrate the effectiveness of a framework developed using the methodology discussed before. These levels are then tested on a network topology using micro-simulation to verify if they produce improved capacity and performance. In the final part, A case study is developed for the network from Kings Cross station to Welwyn Garden on the East Coast Main Line with the traffic dense branch line from Hertford north joining this line. The network is simulated under similar conditions to that adopted for the theoretical network and the results are compared with the previous outcomes. Results from the above studies have several significant outcomes. Firstly, the methodology developed over the course of this thesis can produce automation levels that are distinct from each other. Secondly, these simulation results show that there is a step change in the performance of the systems when organised into distinct levels of automation. Thirdly, and perhaps the most important conclusion from the studies, I show that automation of a single railway sub-system does not yield beneficial results unless there are complementary solutions produced for the surrounding sub-systems. In the theoretical phase of the study, the journey time calculations were repeated for 5000 iterations using a Quasi Monte Carlo framework. The results indicate a clear separation between each of the level and stages of automation proposed within the framework. The results from the simulation show that the reduction in journey times between the various levels can be as much as 5%. In the case study, the results were not as distinct but the overall trendlines indicate a reduction in journey times for both intercity and suburban services. Publications produced during the research period: • Venkateswaran, K., Nicholson, G., Chen, L. & Pelligrini, P. 2017. D3.3.2 Analysis of European best practices and levels of automation for traffic management under large disruptions In: IFFSTAR (ed.) Capacity for Rail. UIC. • Venkateswaran, K. G., Nicholson, G. L., Roberts, C. & Stone, R. Impact of Automation on the Capacity of a Mainline Railway: A Preliminary Hypothesis and Methodology. 2015 IEEE 18th International Conference on Intelligent Transportation Systems, pages 2097-2102