A new analytical approach to evaluate the critical-event probability due to wireless communication errors in train control systems

Wireless communication links tend to be employed more and more in safety-critical railway applications. Their safe use in an advanced train control system (TCS) is an issue that is addressed in this paper by characterizing the TCS service inter- ruption due to communication errors. More precisely, occurrence probabilities of single errors are first discussed. Then, we obtain probabilistic analytical expressions of several temporal conditions that lead to a TCS service interruption, here a train emergency braking (the critical event). The accuracy of this analytical ap- proach is proved when the results are compared with those given by a simulation approach with a Petri net model. Additionally, as the use case related to the “trains’ separation” is considered in this paper, an analytical evaluation process is proposed to discuss the tolerated time margins that can be fixed to limit the critical-event occurrence probability due to the wireless communication errors

Formal verification of safety protocol in train control system

In order to satisfy the safety-critical requirements, the train control system (TCS) often employs a layered safety communication protocol to provide reliable services. However, both description and verification of the safety protocols may be formidable due to the system complexity. In this paper, interface automata (IA) are used to describe the safety service interface behaviors of safety communication protocol. A formal verification method is proposed to describe the safety communication protocols using IA and translate IA model into PROMELA model so that the protocols can be verified by the model checker SPIN. A case study of using this method to describe and verify a safety communication protocol is included. The verification results illustrate that the proposed method is effective to describe the safety protocols and verify deadlocks, livelocks and several mandatory consistency properties. A prototype of safety protocols is also developed based on the presented formally verifying method

Access point deployment optimisation in communication-based train control systems

Through the use of new communication-based train control (CBTC) systems, modern metro railways have been able to provide a more efficient, more reliable and more eco-friendly transport services. The main advantages of the CBTC systems are achieved by utilising modern communication technologies. The performance of the communications network is dependent on a well-designed access point (AP) deployment, as this determines the overall communication capability and impacts the cost. In this thesis, a systematic methodology is proposed for formulating and solving AP deployment planning (ADP) problems in two scenarios: (i) a tunnel section area; and (ii) a real-world metro system. Different mathematical models are presented for modelling the ADP problem in these two scenarios. In addition to mathematical models, an exhaustive search and a customized search algorithm, which uses a multi-objective evolutionary algorithm based on decomposition (MOEA/D), are proposed for solving the ADP optimisation problems. The methodologies are applied to the scenarios mentioned above. To evaluate the optimisation results, the optimised AP deployments are tested on a simulation platform integrating a railway network simulator and a communication network simulator. The test result shows that with the optimised AP deployments the DCS can achieve a better performance while using fewer APs

Ingénierie de modèle pour la sécurité des systèmes critiques ferroviaires

Development and application of formal languages are a long-standing challenge within the computer science domain. One particular challenge is the acceptance of industry. This thesis presents some model-based methodologies for modelling and verification of the French railway interlocking systems (RIS). The first issue is the modellization of interlocking system by coloured Petri nets (CPNs). A generic and compact modelling framework is introduced, in which the interlocking rules are modelled in a hierarchical structure while the railway layout is modelled in a geographical perspective. Then, a modelling pattern is presented, which is a parameterized model respecting the French national rules. It is a reusable solution that can be applied in different stations. Then, an event-based concept is brought into the modelling process of low-level part of RIS to better describe internal interactions of relay-based logic. The second issue is the transformation of coloured Petri nets into B machines, which can help designers on the way from analysis to implementation. Firstly, a detailed mapping methodology from non-hierarchical CPNs to abstract B machine notations is presented. Then the hierarchy and the transition priority of CPNs are successively integrated into the mapping process, in order to enrich the adaptability of the transformation. This transformation is compatible with various types of colour sets and the transformed B machines can be automatically proved by Atelier B. All these works at different levels contribute towards a global safe analysis frameworkLe développement et l’application des langages formels sont un défi à long terme pour la science informatique. Un enjeu particulier est l’acceptation par l’industrie. Cette thèse présente une approche pour la modélisation et la vérification des postes d’aiguillage français. La première question est la modélisation du système d’enclenchement par les réseaux de Petri colorés (RdPC). Un cadre de modélisation générique et compact est introduit, dans lequel les règles d’enclenchement sont modélisées dans une structure hiérarchique, tandis que les installations sont modélisées dans une perspective géographique. Ensuite, un patron de modèle est présenté. C’est un modèle paramétré qui intègre les règles nationales françaises qui peut être appliquée pour différentes gares. Puis, un concept basé sur l’événement est présenté dans le processus de modélisation des parties basses des postes d’aiguillage. La deuxième question est la transformation des RdPCs en machines B, qui va aider les concepteurs sur la route de l’analyse à application. Tout d’abord, une méthodologie détaillée, s’appuyant sur une table de correspondance, du RdPCs non-hiérarchiques vers les notations B est présentée. Ensuite, la hiérarchie et la priorité des transitions du RdPC sont successivement intégrées dans le processus de mapping, afin d’enrichir les possibilités de types de modèles en entrées de la transformation. Les machines B produites par la transformation permettent la preuve automatique intégrale par l’Atelier B. L’ensemble de ces travaux, chacun à leur niveau, contribuent à renforcer l’efficacité d’un cadre global d’analyse sécuritair

Safety and Reliability - Safe Societies in a Changing World

The contributions cover a wide range of methodologies and application areas for safety and reliability that contribute to safe societies in a changing world. These methodologies and applications include: - foundations of risk and reliability assessment and management - mathematical methods in reliability and safety - risk assessment - risk management - system reliability - uncertainty analysis - digitalization and big data - prognostics and system health management - occupational safety - accident and incident modeling - maintenance modeling and applications - simulation for safety and reliability analysis - dynamic risk and barrier management - organizational factors and safety culture - human factors and human reliability - resilience engineering - structural reliability - natural hazards - security - economic analysis in risk managemen