1、 中文 2570 字 外文文献翻译 院 、 部: 电气与信息工程学院 学生姓名: 指导教师: 职称 讲师 专 业: 自动化 班 级: 09 级 01 班 完成时间: 2013.06.06 出处: Computing, Communication, Control, and Management, 2008. CCCM08. ISECS International Colloquium on. IEEE, 2008, 1: 538-541 Component-based Safety Computer of Railway Signal Interlocking System 1 Introdu
2、ction Signal Interlocking System is the critical equipment which can guarantee traffic safety and enhance operational efficiency in railway transportation. For a long time, the core control computer adopts in interlocking system is the special customized high-grade safety computer, for example, the
3、SIMIS of Siemens, the EI32 of Nippon Signal, and so on. Along with the rapid development of electronic technology, the customized safety computer is facing severe challenges, for instance, the high development costs, poor usability, weak expansibility and slow technology update. To overcome the flaw
4、s of the high-grade special customized computer, the U.S. Department of Defense has put forward the concept: we should adopt commercial standards to replace military norms and standards for meeting consumers demand 1. In the meantime, there are several explorations and practices about adopting open
5、system architecture in avionics. The United Stated and Europe have do much research about utilizing cost-effective fault-tolerant computer to replace the dedicated computer in aerospace and other safety-critical fields. In recent years, it is gradually becoming a new trend that the utilization of st
6、andardized components in aerospace, industry, transportation and other safety-critical fields. 2 Railways signal interlocking system 2.1 Functions of signal interlocking system The basic function of signal interlocking system is to protect train safety by controlling signal equipments, such as switc
7、h points, signals and track units in a station, and it handles routes via a certain interlocking regulation. Since the birth of the railway transportation, signal interlocking system has gone through manual signal, mechanical signal, relay-based interlocking, and the modern computer-based Interlocki
8、ng System. 2.2 Architecture of signal interlocking system Generally, the Interlocking System has a hierarchical structure. According to the function of equipments, the system can be divided to the function of equipments; the system can be divided into three layers as shown in figure1. M a n - M a c
9、h i n e I n t e r f a c e l a y e rI n t e r l o c k i n g s a f e t y l a y e rI m p l e m e n t a t i o n l a y e rO u t d o o re q u i p t m e n t s Figure 1 Architecture of Signal Interlocking System 3 Component-based safety computer design 3.1 Design strategy The design concept of component-bas
10、ed safety critical computer is different from that of special customized computer. Our design strategy of SIC is on a base of fault-tolerance and system integration. We separate the SIC into three layers, the standardized component unit layer, safety software layer and the system layer. Different sa
11、fety functions are allocated for each layer, and the final integration of the three layers ensures the predefined safety integrity level of the whole SIC. The three layers can be described as follows: (1) Component unit layer includes four independent standardized CPU modules. A hardware “SAFETY AND
12、” logic is implemented in this year. (2) Safety software layer mainly utilizes fail-safe strategy and fault-tolerant management. The interlocking safety computing of the whole system adopts two outputs from different CPU, it can mostly ensure the diversity of software to hold with design errors of s
13、ignal version and remove hidden risks. (3) System layer aims to improve reliability, availability and maintainability by means of redundancy. 3.2 Design of hardware fault-tolerant structure As shown in figure 2, the SIC of four independent component units (C11, C12, C21, C22). The fault-tolerant architecture adopts dual 2 vote 2 (2v2 2) structure, and a kind of high-performance standardized module has been selected as computing unit which adopts Intel X Scale kernel, 533 MHZ. The operation of SIC is based on a dual two-layer data buses. The high bus adopts the
