A Failure Propagation Mode Based Method For The Safety Analysis Of China Train Control System Level-3

ABSTRACT:The growing development of high-speed railway is the main artery of the national economy. To meet the running speed, high density and high safety requirements of high-speed railway, the CTCS train control system level3has been developed to control train speed and running intervals and ensure the safety and operational efficiency of rail transport. The main feature of this new generation of CTCS train control system level3is based on GSM-R radio communication system to achieve information exchange between ground equipment and onboard equipment. However, the high-speed train in motion when crossing the RBC boarder will cause the communication switch between adjacent RBC, which involves a complicate process of switching GSM-R wireless message transmission and LAN transmission of messages etc. All of them are important and difficult problems in research of CTCS train control system level3.Based on the deep understanding of the model-based system safety analysis method ideology, stratification characteristics and message interaction stateflow characteristics in the process of RBC handover, we use a method of Simulink combinated with Stateflow for RBC handover process modeling. Considering the steps of model-based system safety analysis method, we extend system model with adding into failure model and message status tracking variables. Ultimately, we achieve the failure propagation path trace message. The verification results show that the model has simulated the behavior of the system well. The model based analysis method has also satisfyied the system safety requirements well. The main works are as follows:(1) Describe the steps of traditional safety analysis methods and concepts. Introduce the ideology of model-based system safety analysis and related steps, developments and achievements.(2) Summary the composition of CTCS-3train control system, and highlight the message interaction process during RBC handover. Based on the characteristics of the system, we chose a method of Simulink combinated with Stateflow for modeling, and analyse the feasibility and basic steps of the modeling method.(3) Use Simulink and Stateflow during message exchange process in RBC switch scenes for modeling. Study the way to achieve and clearly simulate message exchange process in the communication system, and finally verify the handover process. (4) Based on the ideology of model-based system safety analysis to establish system failure modes, identify and analyze the failure modes, establish system failure modes, extend original system model and add tags and failure conditions to trigger failure states.(5) On the basis of the system model and failure mode, use Simulink module to add tracking signals in failure process, get failure propagation routes and achieve data processing in the Matlab workspace. Based on data transfer routes and results of states transfer, generate safety analysis results by using FMEA method.