Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

5 Things to Know about the Train Control System menTCS

366 views

Published on

menTCS is an open computer platform based upon modern IT standards that covers all safety-critical applications on a train and wayside. It is SIL 4 certifiable and comes with pre-certified hardware in combination with pre-certified software and corresponding certificates from TÜV SÜD, drastically reducing the time of the certification process.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

5 Things to Know about the Train Control System menTCS

  1. 1. 5 Thingsto Know about the Train Control System menTCS
  2. 2. Done by MEN menTCS is an open computer platform based upon modern IT standards that covers all safety-critical applications on a train and wayside. It is SIL 4 certifiable and comes with pre-certified hardware in combina- tion with pre-certified software and corresponding certificates from TÜV SÜD, drastically reducing the time of the certification process. menTCS Train Control System
  3. 3. 1. Is menTCS just a single piece of hardware – or more? 2. How can menTCS guarantee safety levels from SIL 2 to SIL 4? 3. What are the key factors that make menTCS innovative for the railway market? 4. What significant cost savings are achieved with menTCS? 5. What are typical safety-relevant applications on board a train or wayside? menTCS Train Control System
  4. 4. 1. Is menTCS just a single piece of hardware – or more?
  5. 5. 1. Is menTCS just a single piece of hardware – or more? menTCS has a modular structure consisting of a safe controller, safe I/O func- tions, and the communication interfaces to the “outside” world”. It is as such scalable to the requirements of the application: » Unlimited number of safe railway inputs and outputs » Ethernet and wireless communication interfaces connecting WLAN, 4G-LTE and GPS » Fieldbus interfaces connecting into existing networks like MVB, CAN bus, Profinet etc. » Remote I/O boxes to expand the central unit, interconnecting to distributed sensors and actuators » Second safe controller to deliver system availability of 99,9999%
  6. 6. 2. How can menTCS guarantee safety levels from SIL 2 to SIL 4?
  7. 7. » Safe processing hardware: The central element of menTCS is a self-contained, safe CPU board which uses 2oo2d voting. It consists of 3 Intel processors (two of which being redundant CPUs that execute the safety logic), independent supervisors for each block, a fail-safe board ar- chitecture and event logging with intelligent board management controller. » Safe I/O hardware: The I/O boards of menTCS are self-contained, using a 1oo1d architecture. A SIL 4 certification package is available for all I/O boards together. A single I/O board can be used to reach SIL 2. Two combined boards are required to reach SIL 3 and SIL 4. » Separation between safe and non-vital domains: The menTCS software distinguishes between the safe and the non-vital domain, allowing to develop non-vital applications separately from safe applications. Non-vital applications cannot influence safe applications because they are executed on a separate processor running a standard Linux operating system. 2. How can menTCS guarantee safety levels from SIL 2 to SIL 4?
  8. 8. » Safe communication: In order to guarantee appropriate communication between the safe controller and the safe I/O functions via real-time Ethernet, the black channel approach is applied. The requirements to transport safe data over untrusted communication are defined by EN 50159 and realized using the FSoE safe communication protocol (Fail Safe over EtherCat). » Safe Application Interface: As menTCS is an open general-purpose hardware platform for diffe- rent kinds of safe applications, the software programmer needs an interface to get full access to the control electronics. The PACY safety I/O framework provides easy and modular access to the safe I/O boards and includes a safe communication layer crossing the black channel. » Safe operating systems: Without being influenced by non-vital applications, the safe appli- cations are executed on two separated redundant control processors. Integrity tests ensure the safe operation of each safe processor is provided by the safe operating system. This ar- chitecture allows the development of safe applications on a menTCS platform in combination with all market relevant safe operating systems, such as QNX, PikeOS, VxWorks, or Integrity. 2. How can menTCS guarantee safety levels from SIL 2 to SIL 4?
  9. 9. 3. What are the key factors that make menTCS innovative for the railway market?
  10. 10. The use of digital technology has transformed the way modern railways work today. Safe train control and railway signaling are expected to play a key role in the overall railway computer infrastructure with respect to an increasing demand for passenger, worker and traffic safety in combination with higher speeds, autonomous driving and higher track frequencies. menTCS is the first computer system ever in the history of the railway industry that is based on defined open standards for hardware, software and communication. Its modularity makes it configurable for every control function inside and outside the train – and scalable to any required safety level from SIL 2 up to SIL 4. 3. What are the key factors that make menTCS innovative for the railway market?
  11. 11. menTCS offers separation of the rail service from the electronic control system behind. This is a major difference to existing solutions, which are proprietary with a fixed hardware/software configuration that is not accessible by the end user. It allows railway system suppliers to concentrate on their core business, facilitates market entry for small and medium-size companies, and enables rail operators to become their own general contractor, keeping full transparency of their project at any time. 3. What are the key factors that make menTCS innovative for the railway market?
  12. 12. 4. What significant cost savings are achieved with menTCS?
  13. 13. 1. Acquisition costs must only be paid for one computer system for all applications – instead of the previous practice of one computer for each application. 2. This also reduces installation costs – as there are fewer cables, less weight, and reduced space requirements (resulting in lower energy consumption). 3. Maintenance and the necessary expertise are limited to one system. 4. New, additional or modified application software does not require any other or additional hardware. 5. The life cycle management of an open system is limited to the exchange of single components, without affecting the functionality of the overall system. 4. What significant cost savings are achieved with menTCS?
  14. 14. 4. What significant cost savings are achieved with menTCS? 6. Therefore, the life cycle of the application/s is practically unlimited. 7. Another cost saving factor is the fact that menTCS comes with pre-certified hardware in combination With a pre-certified QNX operating system and drivers, together with the corresponding certificates from TÜV SÜD (German Technical Inspection Agency), this means: » Considerable reduction of the duration of the certification process – no need to develop an own safe BSP and drivers from scratch. » Considerable risk reduction – as the approval for SIL 4 operation has already been achieved for hardware and software.
  15. 15. 5. What are typical safety-relevant applications on board a train or wayside?
  16. 16. menTCS is application-ready for the complete portfolio of vital train and wayside functions. Thanks to its scalability it is easy to install in new trains and as a retrofit in combination with other already existing train control equipment. 5. What are typical safety-relevant applications on board a train or wayside?
  17. 17. Rolling Stock: » CBTC: Central computer of the Communication Based Train Control » TCMS: Central computer of the Train Control Management System » ATO, ATP, ATS: Central computer of the Automated Train Operation, Pro- tection and Supervision systems » OBU, EVC: On Board Unit or European Vital Computer as part of an ETCS application » Interfacing to: the driver cab display, all existing train communication with Ethernet, MVB, CAN bus etc. and wireless to the outside world through GSM-R, GPS, Wi-Fi etc. 5. What are typical safety-relevant applications on board a train or wayside?
  18. 18. Wayside: » RBC: control of Radio Block Center as part of an ETCS application » CBI: control of Computer Based Interlockings – increasing performance at lower cost » Wayside devices: control of level crossings, switches, signals 5. What are typical safety-relevant applications on board a train or wayside?
  19. 19. www.men.de/tcs

×