Sage Journals: Discover world-class research

Abstract

In this paper a computer architecture is presented which is suitable for distributed control systems where fault tolerance is desired. The architecture is designed for implementation mainly with standard components ‘off the shelf’ (COTS). In particular there is only a comparable small device called fault-tolerant communication control (FTCC) that requires extensive redundancy. The FTCC is used to close control loops as tightly to the controlled physical device as possible, gaining from the excess computing capacity that a distributed system offers but at the same time removing the impact of increased fault intensity from an increased number of processing elements.

The architecture is preferable for applications where there is some kind of natural inherent redundancy. As a starting point, and also as a case, a state-of-the-art brake control system for railway vehicles is considered. Common computer architectures designed to handle safety-critical applications are recaptured and a feasible solution arrived at in the shape of a slightly modified distributed architecture. This revised distributed architecture is then applied and a revised brake control system is described.

The FTCC device has been implemented, but without redundancy, with standard VHDL (very high speed integrated circuit hardware description language) tools and tested in a simulator environment. Results are promising and indicate that the FTCC device has a great potential in future ‘control-by-wire’ designs.

Keywords

control by wire inherent redundancy fault tolerance hard real-time requirements

Get full access to this article

View all access options for this article.

References

Kopetz

Damm

Koza

Mulazzi

Schwabl

Senft

Zainlinger

Distributed fault-tolerant realtime systems: The MARS approach

IEEE Micro, 1989, 9 (1), 25–40.

Powell

Arlat

Beus-Dukic

Bondavalli

Coppola

Fantechi

Jenn

Rabéjac

Wellings

GUARDS: A generic upgradable architecture for real-time dependable systems

IEEE Trans. Parallel Distributed Systems, 1999, 10 (6), 580–599.

McDonnell

Stefow

Safety certification of Toronto's new Sheppard subway line. In Proceedings of the 21st System Safety Conference, Ottawa, Canada, 4–8 August 2003, pp. 329–336 (System Safety Society Publications, Unionville, Virginia).

Leveson

Integrating safety information into the system engineering process. In Proceedings of the 21st System Safety Conference, Ottawa, Canada, 4–8 August 2003, pp. 1009–1028 (System Safety Society Publications, Unionville, Virginia).

Hachiga

Akita

Hasegawa

Y. A.

The design concepts and operational results of fault-tolerant computer systems for the Shinkansen train control. In Digest of Papers of the 23rd International Symposium on

Fault-Tolerant Computing (FTCS-23), Toulouse, France, 22–24 June 1993, pp. 78–87.

Hennebert

Guiho

SACEM: A fault tolerant system for train speed control. Digest of Papers of the 23rd International Symposium on

Fault-Tolerant Computing (FTCS-23), Toulouse, France, 22–24 June 1993, pp. 624–628.

Holding

Brake by wire [computer controlled braking]. In Proceedings of the Institution of Electrical Engineers Colloquium on

Chassis Electronics, 23 March 1990, pp. 5/1–5/2.

Johansson

Johannessen

Forsberg

Sivencrona

Torin

On communication requirements for control-by-wire applications. In Proceedings of the 21st International System Safety Conference 2003 (ISSC21), Ottawa, Canada, 4–8 August 2003, pp. 1123–1132.

Forsberg

Design principles of fly-by-wire architectures. PhD thesis, Department of Computer Engineering, Chalmers University of Technology, Göteborg, Sweden, 2003.

10.

Bridal

Johansson

L-Å.

Ohlsson

Rimén

Rostamzadeh

Torin

Snedsböl

DACAPO: a dependable distributed computer architecture for control applications with periodic operation. Technical Report 165R, Department of Computer Engineering, Chalmers University of Technology, Göteborg, Sweden, 1993.

11.

Hansson

Lawson

Bridal

Eriksson

Larsson

Lönn

Stromberg

BASEMENT: An architecture and methodology for distributed automotive real-time systems

IEEE Trans. Computers, 1997, 46 (9), 1016–1027.

12.

Johansson

Dependability characteristics and safety criteria for an embedded distributed brake control system in railway freight trains. Technical Report 8, Chalmers Lindholmen University College, August 2001.

13.

prEN 50126:1995Railway Applications, The Specification and Demonstration of Dependability, Reliability, Availability, Maintainability and Safety (RAMS).

14.

prEN 13452–1:1999E Railway Applications-Braking–Mass Transit Brake System, Part 1: Performance Requirements.

15.

prEN 13452–2:1999E Railway Applications-Braking–Mass Transit Brake System, Part 2: Methods of Test.

16.

Koopman

Tran

Hendrey

Toward middle-ware fault-injection for automotive networks. In Proceedings of the 28th International Symposium on

Fault-Tolerant Computing Systems, Munich, Germany, June 1998, pp. 78–79.

17.

Yeh

Y. C.

Triple-triple redundant 777 primary flight computer. In Proceedings of the 1996 IEEE Aerospace Applications Conference, 1996, Vol. 1, pp. 293–307 (IEEE, New York).

18.

Naidu

A. K.

Case study: Airbus A340 flight control system. Report, Department of Computer Science, University of Virginia, Charlottesville, Virginia.

19.

David

Guidal

Development of a fault tolerant computer system for the HERMES space shuttle. In Digest of Papers of the 23rd International Symposium on

Fault-Tolerant Computing (FTCS-23), Toulouse, France, 22–24 June 1993, pp. 641–646.

20.

Rushby

A comparison of bus architectures for safety-critical embedded systems. Computer Science Laboratory (CSL) Technical Report, Stanford Research Institute (SRI) International, September 2001.

21.

Johansson

A fault tolerant architecture for brake-by-wire in railway cars. Technical Report 15, Chalmers Lindholmen University College, December 2003.

22.

Freedman

Das

Formal modelling and analysis of computerized control in rail transport: A case study. In Proceedings of the IEEE Pacific Rim Conference on

Communications, Computers, and Signal Processing, Victoria, British Columbia, Canada, 17–19 May 1995, pp. 610–613 (IEEE, New York).

23.

Harley

W. L.

Riley

C. E.

Performance based safety critical contracts. In Proceedings of the Institution of Electrical Engineers Colloquium on

Systems Engineering on Large Railway Projects, Digest 1997/140, 7 May 1997, pp. 5/1–5/6.

24.

Ashiya

Sone

Sato

Kaga

Application of pure electric braking system to electric railcars. In Proceedings 6th International Workshop on

Advanced Motion Control, 30 March-1 April 2000, pp. 163–168.

25.

Khmelnitsky

On an optimal control problem of train operation

IEEE Trans. Autom. Control, July 2000, 45 (7), 1257–1266.

26.

Tse

Y. H.

Chen

E.-D.

Myers

L. F.

Economic considerations of operating a train with electronically controlled pneumatic (ECP) brakes. In Proceedings of the 1998 ASME-IEEE Joint Railroad Conference, Philadelphia, Pennsylvania, 15–16 April 1998, pp. 9–19.

27.

EN 50155:1995 Railway Applications, Electronic Equipment Used on Rolling Stock.

28.

prEN 50125–1:1998 Railway Applications, Environmental Conditions for Equipment, Part 1.

29.

prEN 50125–2:1998 Railway Applications, Environmental Conditions for Equipment, Part 2.

A fault-tolerant architecture for computer-based railway vehicle brake systems

Abstract

Abstract

Keywords

Get full access to this article

References