Research On Safety Analysis Method Of CTCS-1 Train Control System Based On STPA

The CTCS-1 train control system is a technical upgrade of the train control system for existing lines,with the aim to enhance the safety,reliability,traffic efficiency and automation of new and upgraded lines under 200km/h.As a typical safety critical system,the train control system plays an important role in the whole railway transportation system.Therefore,it is of great significance to analyze the safety of train control system and identify the potential safety hazards in specific application scenarios.Compared with traditional risk identification methods,STPA can identify risks more systematically.However,the STPA analysis process completely relies on the manual analysis and highly relies on the expertise of safety analysts.In addition,due to the diversity of functions and behaviors of complex systems,it is difficult to guarantee the comprehensiveness and accuracy of results only by relying on manual analysis.Therefore,this thesis proposes a formal STPA-CPN method based on CPN dynamic model to identify the causes of system hazards.The main works of this paper are as follows:(1)Firstly,the safety analysis process of STPA is completed by taking train receiving on sidings and TSR scenario as examples.On the basis of establishing system model by using hierarchical control block diagram,SysML sequence diagram and OCL language,the identification of inappropriate control behaviors and the analysis of control defects were realized by referring to the four types of guide words provided by STPA,thus laying a foundation for verifying the effectiveness of the method proposed in this paper.(2)Secondly,by comparing the advantages and disadvantages of SysML and CPN,the necessity and operability of the transformation of SysML activity diagrams to colored Petri nets were demonstrated.The SysML activity diagrams of the train receiving on sidings and TSR scenario were established,and the transformation rules and simplification rules of the activity diagram to the CPN model were given,so as to complete the establishment and simplification of the CPN model.CPN Tools were used to generate state space reachable graphs of CPN models of the two scenarios.(3)Thirdly,to increase the versatility of formal safety analysis method proposed in this thesis,on the basis of writing the program of searching the reachable path of hazardous states,the Reachability Analysis Tool was developed in C#environment,which takes the unsafe control behavior and state space reachable graphs as the input and the reachable paths of hazardous state as the output.(4)Finally,according to the reachable path of hazardous state output by the Reachability Analysis Tool,the cause analysis was carried out by tracing the state transition process,and the problems of omissions and errors easy to occur in STPA relying on manual identification are ameliorated,and the dependence on the expertise of safety analysts are reduced.The result generated by this method were compared with that of the STPA,to prove that it is feasible and effective to introduce CPN reachability analysis into STPA.There are 62 pictures,5 tables and 72 references in this thesis.