1 ansaldo signal union switch & signal 9/8/2015 arrc collision avoidance system 2005 asme/ieee...

1ANSALDO SIGNAL

UNION SWITCH & SIGNAL04/19/23

ARRC Collision Avoidance System

2005 ASME/IEEE Joint Rail Conference

March 16-18, 2005

Presented by

Chinnarao Mokkapati

Robert D. Pascoe

Union Switch & Signal Inc.

2ANSALDO SIGNAL

UNION SWITCH & SIGNAL

3ANSALDO SIGNAL


Alaska Rail Road Facts (2003 Data)

Employees

722 Year-round10.8 average years of service43.2 average age

Operating Statistics

446,162 Passenger ridership8,324,395 Freight tonnage102,292 Revenue car loads

Trains per day

33 Freights14 Passenger - Summer1 Passenger - Winter

Operating Data

Miles of track466 main line59 branch line86 yards/sidings611 Total

Rolling Stock

1,625 Freight cars42 Passenger cars60 Locomotives

Train Control

~500 miles of DTC~30 miles of CTC

4ANSALDO SIGNAL


ARRC CAS Objectives

• PREVENT TRAIN TO TRAIN COLLISIONS BY ENFORCEMENT OF AUTHORITY LIMITS

• ENFORCE SPEED RESTRICTIONS

• PROVIDE PROTECTION FOR ROADWAY WORKERS AND EQUIPMENT

• IMPROVE EFFICIENCY OF OPERATIONS

• INCREASE CAPACITY

5ANSALDO SIGNAL


FRA Requirements

• Generation of safe mandatory directives

• Enforcement of authority limits

• Enforcement of speed restrictions

• Protection of Maintenance-of-Way workers and equipment

• Rule 236 Subpart H compliance required

• Performance Std: New system must be as safe or safer than the system being replaced

– Operating conditions, parameters, constraints must be defined

– Structured qualitative and quantitative assessment of safety (Base Case and New Case) required

• Product Safety Plan or Safety Case

6ANSALDO SIGNAL


Centralized Traffic Control (CTC) territory is segmented into blocks that are governed byblock signals. The block signal indication authorizes movement into the block segmentand specifies the speed requirement for entering the block, and for movement within theblock.

The Direct Traffic Control System (DTC) segments the railroad into blocks (similar to CTC)that are designated by name or milepost location in the Timetable. Significant safety isobtained by not authorizing overlapping authorities to directional trains and maintenancevehicles except in situations where work is to be performed.

Some Definitions

CTC and DTC Operation

7ANSALDO SIGNAL


Form A Track Bulletin is used to establish a temporary speed restrictionsover territories.

Form B Track bulletin item establishing protection for men or machines ontrack within specified limits and limiting train movement within the limitsto restricted speed or another speed negotiated with the maintenanceforeman.

Form C Track Bulletin is used to protect restrictions placed on specific railcars and equipment due to excess dimension or weight.

Form F Track Bulletin is used to provide supplementary information totrain crews.

Form S Track Bulletin advises of slide zones that are in effect and contain ahead end restriction if the slide zone is in effect.

Track Bulletins Used in System

Some Definitions

8ANSALDO SIGNAL


The CAS [Collision Avoidance System] performs vital and non-vital functions. Non-vitalapplications are performed within the dispatcher system, and the on-board system,however, train authorities, speed, and on-track worker limits are protected via vital controllogic in the office MicroLok II, and on-board to ensure the safety functions are executed ina vital fashion. The system is designed to optimize train operations by automating manydispatching, train crew, and on-track equipment operator functions.

Collision Avoidance System

9ANSALDO SIGNAL


10ANSALDO SIGNAL


GenerateMandatoryDirectives

Servers

latigid

MicroBlok

SwitchPosition

DGPS(DifferentialCorrection)

Position Reference

System OverviewTrains

Speed limit

VITAL SAFETY SERVERSEGMENT

Signal Aspect

Authority limit

Track Integrity

COMPUTER AIDED DISPATCHSYSTEM SEGMENT

LOCOMOTIVE SEGMENT

Data Radio

- Provide Communications link between office and

equipment

COMMUNICATIONSEGMENT

WAYSIDEEQUIPMENT SEGMENT

11ANSALDO SIGNAL


DispatcherWorkstations

Servers CommsInterface

CommsSubsystem

OfficeSafetyServer(CASOSS)

Monitoring Devices(MD)

CommsInterface

OnboardComputer

CommsInterface

Train CrewInterface

DGPS

Throttle/BrakeInterface

Tachometermeter

RoadwayCrews

Administrator

WebUsers

MIS

CAD Subsystem

CarborneSubsystem(CAS CAB)

12ANSALDO SIGNAL


cad_hardware_block_diagram.vsd

CAD Hardware Architecture Block Diagram

Switched Ethernet Segment

Switched Ethernet Segment

ApplicationServers

DatabaseServersWorkstations

Traffic Control &Communications

Servers

PrintersWeb

Server

RAID drives

Router

Router

ReplicatedDatabase

RAID drives

13ANSALDO SIGNAL


General Philosophy of CAD and OSS Subsystems

Track Block 3

Block 6

Block 5 Block 7 Block 11Block 9

Servers

Existing Comms

(( ))

DispatcherWork

StationsVital

IndependentCheck of

LOA, Bulletins

CAD

OSS

14ANSALDO SIGNAL


Vital Checks Done by OSS

Via the OBC, the position of all trains are known to the OSS

‘Occupies’ Virtual blocks

‘un-occupies’ Virtual blocks

Checks Bulletins associated with Blocks & LOA

15ANSALDO SIGNAL


OSS Hub Physical Architecture

HUB

Microlok II

Microlok II Microlok II

Microlok II

RS423

RS423

RS423

RS423

RS

42

3

NetworkInterfaceAdapter

EthernetCAD SubsystemEthernet Switch

16ANSALDO SIGNAL


Executive Software• Operating System• Application Processing • Serial Communications Control• Safety Diagnostics• User Interfaces• Event Logging

Application Data Tables • Track Sections defined as Virtual Blocks• Switch locations• Other identifiable points

Software in MicroLok II Units

North

Block 1 Block 3

Block 6

Block 5 Block 7 Block 11 Block 13Block 9S#5 S#7

17ANSALDO SIGNAL


OBC Requirements:

Profile Generation

Train Location and Speed Determination

Digital Track Data Map

Communication via Digital Radio

18ANSALDO SIGNAL


LOCATION AND SPEED DETERMINATION

• DGPS• Accelerometers• Tachometers• Digital Map

The result is that the OBC vitallydetermines its location on the rails

and transmits its location to Central

19ANSALDO SIGNAL


obc_logical_architecture.vsd

OBC Logical Architecture

Vital CPU

Vital Input Unit

Communications Unit

Multi-function Unit

Locomotive Systems

LocomotiveDisplay Unit & Keypad

Data Radio

ConditionalPowerSupply

New On Board Computer (OBC) - ATP

20ANSALDO SIGNAL


Existing Network Communication System

drn_loco_view.vsd

Data Radio Network: Locomotive View

Base StationMCC 545C

MCC-545C

Base StationMCC 545C

21ANSALDO SIGNAL


data_radio_network.vsd

Data Radio Network: Overview

CAD

DDD

BaseStation

Backbone

LocomotiveData Radio

BaseStation

BaseStation






RepeaterLocomotiveData Radio

FleetTrak

WaysideDevices

WaysideDevices

WaysideDevices

22ANSALDO SIGNAL


code_system_interface.vsd

Code System Architecture

CAD System

E: UDP/IPATCS

Comm Server 1

Comm Server 2

ActiveCodeLine

Server Task

DormantCodeLine

Server Task

CommunicationsBackbone

Line

Digital Radio

Microwave Radio

“Code Line types”

Note:The “Line” Code Line typeincludes phone lines, fiber

optic cable, and digitalcarrier over copper cable.

VHLC

VHLC

Code Station

VHLC

VHLCCode Station

VHLC

VHLC

Code Station

Off-Line Packet Switch

Note:Not a Hot

Standby; can beswapped/patched

in if needed

On-Line PacketSwitch

Central Office Wayside

Track DiagramsCFAs

InfrastructureConfiguration

Data

SCT

23ANSALDO SIGNAL


T1 T1 T1

Ana

log

Tunnel Section

56k

Bear Valley56k

Cisco-2600

T1

Ana

log

Hope

Analog

Campbell Point

56kbps

Talkeetna56k

Cisco-2600

T1

Analog

Serial line

CMP Room Premisys SRU Port

Water Tower Premisys SRU Port

Ana

log

T1 56

k

T1

T1

T1

T1

T1

T1

T1

T1

T1T1T1WillowCisco 2600

ChulitnaCisco 2600 Hurricane

Cisco 2611

CantwellCisco 2600

GarnerCisco 2600 Kobe

Cisco 2600

Ester DomeCisco 3641

FairbanksWater TowerCisco 2600

NENANA(upper )Cisco 2600

Cisco-3661PTC-Master

TUDOR RDSTATE Telecom

Cisco-3641

ALCANTRA(AKA: Wasil la)

T1Cisco-2600

MOOSE PASSCisco 2600

SEWARDCisco 2600

PORTAGECisco-2600

Analog Modem

Analog ModemAnalog Modem

Analog Modem

Huntermodem

DenaliCisco 2600

Huntermodem

DataRadio

Mile 18 RepeaterData Radio

HunterDataRadio

Mile 43 RepeaterData Radio

DataRadio

DataRadio

DataRadio

Campbell PointRadio

HopeRadio

DataRadio

DataRadio

DataRadio

DataRadio

DataRadio

DataRadio

DataRadio

DataRadio

DataRadio

YanertCisco 2600

WHITTIERCisco-2600 Site Summit

Cisco 2600

Moose PassData Radio

DataRadio

DataRadio

Tunnel SectionData Radio

DataRadio

DataRadio

DataRadio

SiteSummitDataRadio

Miami LakeRepeater

GoldcreekDataRadio

ComBackBone.vsd

Communications Backbone

Communication Backbone

24ANSALDO SIGNAL


MONITORING DEVICES

Rail Integrity

Switch Position

Signal Aspect in CTC

25ANSALDO SIGNAL


The Locomotive’s ATP Interrogates Three Wayside Devicesusing a short range data radio:

A Rail Integrity Device

Broken Rail Detection

MicroTrax

A Switch Position Device

Normal or Reverse

A Wayside Signal Device

Aspect

Locomotive

Device Broken rail

Short RangeData Radio

Device

N

R

Locomotive


Device

AspectLocomotive


26ANSALDO SIGNAL


CAS Safety Assurance

• Safety resides in OSS and OBC, though CAD performs some safety-related functions

• OSS is implemented on US&S MICROLOK II Platform

• OBC implemented on US&S MICROCAB Platform• These platforms use a combination of Inherent

Fail-Safety and Diversity & Self-Checking safety architectures

• Certified by independent safety assessors• Extensive service history

27ANSALDO SIGNAL


CAS Safety Assurance

• Compliance with FRA Rule 236 Subpart H• Risk analysis of CAD-only DTC/CTC Operation

(Base Case)• Derive safety requirements for CAS• V&V of CAS design and operation • Risk analysis of CAS (CAS Case)• Risk assessment

– Show CAS provides higher safety than CAD-only DTC/CTC operation

28ANSALDO SIGNAL


Risk Analysis

• Conduct Hazard Analyses– PHA– O&SHA

SSHA

• Determine MTTHE using FFTA

29ANSALDO SIGNAL


Derive safety requirements for CAS

• Potential hazards in Base Case• FFTA of CAS elements • CAS subsystem safety requirements

30ANSALDO SIGNAL


V&V of CAS design and operation

• Normal operation • Systematic faults• Random hardware faults• Common Mode faults• External influences

31ANSALDO SIGNAL


Risk analysis of CAS (CAS Case)

• Conduct Hazard Analyses– PHA– O&SHA

SSHA

• Determine MTTHE using FFTA

32ANSALDO SIGNAL


Risk Assessment

• Show CAS provides higher safety than CAD-only DTC/CTC operation

• Submit PSP– 20 elements required per FRA Rule 236.907

33ANSALDO SIGNAL


Project Timeline

2005 2006 2007

4/16/2005 - 10/16/20052005 Peak Season

4/15/2006 - 10/15/20062006 Peak Season

11 / 2005CAD SAT

Complete

2 / 2007Revenue Service

10 / 2006Office Safety and OBCSAT

06 / 2006Office Safety and OBC FAT

1 / 2006CAD Cutovercomplete

4Q 2004SystemDefinitionComplete

34ANSALDO SIGNAL


Conclusions

• CAS is a practical, relatively inexpensive PTC System

• Scalable for larger systems• Uses proven safety architectures• Credible, straight-forward safety proof

1 ansaldo signal union switch & signal 9/8/2015 arrc collision avoidance system 2005 asme/ieee...

Documents