Work performed and main results achieved in 1st Reporting Period

The Safe4RAIL project started intensively by analysing the State of the Art for varies domains such as avionic, automotive and railway in different levels i.e. safety-critical and mixed-critical Ethernet networking, functional distribution architectures, and distributed simulation frameworks. The requirements are collected for the following levels:

  • Network includes the system integration and networking requirements which can be traceable to system-level TCMS and embedded platform requirements,
  • Functional distribution architecture includes the safety and security requirements for the next generation TCMS framework,
  • Simulation includes the technical requirements for existing industrial co-simulation frameworks and typical work experience using them, and
  • Brake by Wire requirements.

Based on that, the concept for design and methodology for next generation TCMS including all relevant technologies, and integration of deterministic Ethernet with software platform that support for critical (up to SIL4) and non-critical networked function are established. This includes the Drive-by-Data networking platform and the Functional Distribution Framework middleware concept.

Furthermore, the high-level distributed simulation framework concept supporting efficient co-simulation at different sites, SIL/HIL testing, mechanisms for observation of messages, remote testing and fault injection is designed. Besides, a concept of a simulation environment for the validation of TCMS interfaces to ground systems including testing of compliance to relevant railway standards is defined.

Moreover, the application domain “Brake-by-Wire” is focussed on the safety aspects related to the development of a Brake-by-wire system, specifically when integrated in a next-generation TCMS platform. The activities concentrate on the Electronic Control subsystem involved in the execution of the brake function(s).

In addition to the technological results, Safe4RAIL has provided significant results with respect to collaboration and dissemination activities. The project website has been set up, flyers and a poster have been created, press releases announced and a first project newsletter was released. The collaboration with the complementary project CONNECTA was initiated and the technical teams are collaborating effectively. A joint project advisory board for next-generation TCMS, has been set up with nine practitioners in the railway safety and V&V domain.

Progress beyond the state of the art and expected potential impact

Integrated Modular Platform Concept: The Integrated Modular Platform (IMP) is the facilitation of system integration, interfacing and information transfer from one application partition to another application partition in the networked system. It focuses on all system integration capabilities required to define an integrated modular platform which can host different TCMS, door control, braking, safety or other non-critical functions in one system.

Networking Concept: The Drive-by-Data concept is built using the partitioning mechanisms in the form of “deterministic Ethernet dataflows” and separate the logical/temporal behaviour. The concept of the trainwide network virtual bus is introduced as a form to simplify the configuration of inter-consist communication and ensure that all consists have full access to state information of all other consists in a timely manner.

Middeware Concept: The Functional Distribution Framework (FDF) concept allows modular integration of TCMS applications, and hosts distributed safety-critical and non-critical application side-by-side on the same hardware platform in distributed next-generation TCMS systems. The goal of this mixed-criticality application is to provide solutions to fulfil functional safety-critical and non-critical requirements and non-functional requirements (including security) that support functional distribution, interoperability, reconfiguration, deterministic inter-partition communication, hardware and communication abstraction and virtual coupling of services.

Simulation framework: a network centric simulator that allows co-simulating End Device (ED) models with network models to gain insight into the functionality, timing, reliability and safety of the Train Control and Monitoring System (TCMS) from a network point of view. The framework ensures the validations of TCMS by means of automation and fault injection tests. This framework is composed of a Simulation Framework (SF), in charge of electro-mechanical and functional simulation, and a Communication Emulator (CE), in charge of providing communication among all the different devices in the TCMS.

T2G test environment: design of tools for testing T2G interfaces of an on-board (mobile) communication gateway (MCG) and ground communication gateway (GCG), Such test tools include MCG and GCG simulators, controllable hardwired or wireless data link, ground application simulator, and support automatic tests.

Brake-by-Wire concept: the brake system requirements specification, the safety requirement allocation, the risk analysis and new brake system concept electronic control specification have been the first steps in the first reporting period. Furthermore, the work has concentrated on the Safety, Verification and Validation activities, assuring that the Brake-by-wire system is designed fulfilling the requirements stated in the CENELEC standards.