SCBM Based Safety Analysis Method And Its Application In Train Control Systems

The railway equipment manufacture industry is a hot spot of China economic construction, and also the intersection point of "Made in China 2025" and "the Silk Road Economic Belt and the 21st-Century Maritime Silk Road", and also a key fulcrum of the city and district interconnectivity construction. Train control system is an important part of railway transport system. It is a comprehensive information System of Systems(SoS) that provides command scheduling, security protection, high efficiency and reliable running. Safety and high efficiency are the core pursuance of train control system, and safety is a precondition for efficiency. Along with the widely application of computer and information technology in the train control system, the classical safety strategy that relies on reliable hardware and the principle of "fail-safe" is not accurate and complete enough to guide the design and development of train control system. The analysis ability of the traditional safety analysis technology cannot adapt to the analysis difficulty result from the exponential growth of system scale and complexity currently.How to deal with the growing system complexity impact on the safety analysis? How to improve the understanding of SoS attributes in the safety analysis of safety critical systems? How to embody the particularity of current train control system among other safety critical systems in the process of safety analysis? The answers to the above three questions are penetrations of my research in this thesis. After a summary of the challenges facing in current safety analysis of train control systems, the concept of "SoS" is introduced innobately. On this basis, the SoS Comprehensive Behavior Model (SCBM) based safety analysis methodology is proposed. It advocates on the basis of correctness and completeness checking of the environment data, the SCBM can be established with three types of models:physical movement model, normal behavior model and fault behavior model. Then, automatic tools can be utilized to realize the qualitative and quantitative analysis of dangerous emergence phenomenon instead of manual activities. The minimum cut sets or ordered sets can be generated in this process, and also the failure probability of danger can be calculated. The application of the methodology adapts to the process of Model Based System Engineering, and it can be used in the fields of train control system in the actual design and development.According to the structure of the thesis, five key innovations are summarized as the following clauses:1) A new classification standard of main safety analysis methods is proposed in the second chapter. This standard is based on different modeling emphases in the process of modeling and the comparison between the three types of methods;2) The concept "SoS" is introduced in the third chapter. The SCBM based safety analysis methodology is proposed, which establishes the modeling steps and the tasks of model based safety analysis;3) The interlocking data relation model is proposed in the fourth chapter. Three critical algorithms are designed for dangerous data searching, which establishes foundation for SCBM modeling and safety analysis. A prototype tool is also developed, and it solves the inefficiency problem of a large amount of computer interlocking data checking in urban railway signaling system;4) The Colored Petri Net(CPN) based SCBM modeling method and the method of dangerous fault compositions checking are proposed in the fifth chapter. The practical problem which results from the state space explosion in the safety analysis of hot standby switching logic is solved in the application study. It overcomes the difficulty that makes the artificial analysis can be rarely exhaustive, and all the minimum cut sets are founded;5) Markov Decision Process(MDP) based SCBM modeling method and the method of dangerous failure probability calculation are proposed in the sixth chapter. The practical problem which results from the state space explosion in the safety analysis of train occupation checking logic is solved in the application study. It overcomes the difficulty that makes the artificial analysis can be rarely exhaustive, and the dangerous failure probability are calculated.