On the safety assessment of an automatic train operation system

Abstract

The paper examines the automatic train operation system as part of the locomotive control and protection system, the remote supervision centre’s means for control of onboard and trackside machine vision facilities. The focus is on the dependence of the system’s safety and dependability on the dependability characteristics of its components and adverse weather effects. The criteria of a system’s wrong-side and right-side failures were defined, the graph models were constructed of the safety and dependability states of an automatic train operation system. The Markovian graph method of calculating the safety and dependability of complex systems was substantiated. That allowed defining such key safety indicators of an automatic train operation system as the mean time to wrong-side failure, probability of wrong-side failure, wrong-side failure rate. The study established that the safety of an automatic train operation system primarily depends on the dependability of machine vision facilities. The growth of the system’s wrong-side failure rate is limited to half the failure rate of machine vision facilities. It was also established that the dependability of an automatic train operation system is defined by the failure rate of a locomotive control and protection system and the failure rate of machine vision facilities. The conducted analysis allows concluding that in order to achieve an acceptable level of safety of an automatic train operation system, efforts should focus on machine vision redundancy, ensuring the SIL4 functional safety of on-board and trackside machine vision facilities, as well as regular comparison of the outputs of on-board and trackside machine vision facilities, redundant output comparison, integration of the outputs in motion. Additionally, adverse weather effects are to be countered by improving the efficiency of machine learning of the machine vision software.