中英文文献翻译.docx
- 文档编号:12166578
- 上传时间:2023-06-04
- 格式:DOCX
- 页数:13
- 大小:128.40KB
中英文文献翻译.docx
《中英文文献翻译.docx》由会员分享,可在线阅读,更多相关《中英文文献翻译.docx(13页珍藏版)》请在冰点文库上搜索。
中英文文献翻译
毕业设计(论文外文参考文献及译文中文题目模块化安全铁路信号计算机联锁系统
学院自动化与电气工程学院
专业自动控制
姓名葛彦宁
学号200808746
指导教师贺清
2012年5月30日
Component-basedSafetyComputerofRailwaySignalInterlockingSystem
1Introduction
SignalInterlockingSystemisthecriticalequipmentwhichcanguaranteetrafficsafetyandenhanceoperationalefficiencyinrailwaytransportation.Foralongtime,thecorecontrolcomputeradoptsininterlockingsystemisthespecialcustomizedhigh-gradesafetycomputer,forexample,theSIMISofSiemens,theEI32ofNipponSignal,andsoon.Alongwiththerapiddevelopmentofelectronictechnology,thecustomizedsafetycomputerisfacingseverechallenges,forinstance,thehighdevelopmentcosts,poorusability,weakexpansibilityandslowtechnologyupdate.Toovercometheflawsofthehigh-gradespecialcustomizedcomputer,theU.S.DepartmentofDefensehasputforwardtheconcept:
weshouldadoptcommercialstandardstoreplacemilitarynormsandstandardsformeetingconsumers’demand[1].Inthemeantime,thereareseveralexplorationsandpracticesaboutadoptingopensystemarchitectureinavionics.TheUnitedStatedandEuropehavedomuchresearchaboututilizingcost-effectivefault-tolerantcomputertoreplacethededicatedcomputerinaerospaceandothersafety-criticalfields.Inrecentyears,itisgraduallybecominganewtrendthattheutilizationofstandardizedcomponentsinaerospace,industry,transportationandothersafety-criticalfields.
2Railwayssignalinterlockingsystem
2.1Functionsofsignalinterlockingsystem
Thebasicfunctionofsignalinterlockingsystemistoprotecttrainsafetybycontrollingsignalequipments,suchasswitchpoints,signalsandtrackunitsinastation,andithandlesroutesviaacertaininterlockingregulation.
Sincethebirthoftherailwaytransportation,signalinterlockingsystemhasgonethroughmanualsignal,mechanicalsignal,relay-basedinterlocking,andthemoderncomputer-basedInterlockingSystem.
2.2Architectureofsignalinterlockingsystem
Generally,theInterlockingSystemhasahierarchicalstructure.Accordingtothefunctionofequipments,thesystemcanbedividedtothefunctionofequipments;thesystem
canbedividedintothreelayersasshowninfigure1.
Figure1ArchitectureofSignalInterlockingSystem
3Component-basedsafetycomputerdesign
3.1Designstrategy
Thedesignconceptofcomponent-basedsafetycriticalcomputerisdifferentfromthatofspecialcustomizedcomputer.OurdesignstrategyofSICisonabaseoffault-toleranceandsystemintegration.WeseparatetheSICintothreelayers,thestandardizedcomponentunitlayer,safetysoftwarelayerandthesystemlayer.Differentsafetyfunctionsareallocatedforeachlayer,andthefinalintegrationofthethreelayersensuresthepredefinedsafetyintegritylevelofthewholeSIC.Thethreelayerscanbedescribedasfollows:
(1ComponentunitlayerincludesfourindependentstandardizedCPUmodules.Ahardware“SAFETYAND”logicisimplementedinthisyear.
(2Safetysoftwarelayermainlyutilizesfail-safestrategyandfault-tolerantmanagement.TheinterlockingsafetycomputingofthewholesystemadoptstwooutputsfromdifferentCPU,itcanmostlyensurethediversityofsoftwaretoholdwithdesignerrorsofsignalversionandremovehiddenrisks.
(3Systemlayeraimstoimprovereliability,availabilityandmaintainabilitybymeansofredundancy.
3.2Designofhardwarefault-tolerantstructure
Asshowninfigure2,theSICoffourindependentcomponentunits(C11,C12,C21,C22.Thefault-tolerantarchitectureadoptsdual2vote2(2v2×2structure,andakindofhigh-performancestandardizedmodulehasbeenselectedascomputingunitwhichadoptsIntelXScalekernel,533MHZ.
TheoperationofSICisbasedonadualtwo-layerdatabuses.ThehighbusadoptsthestandardEthernetandTCP/IPcommunicationprotocol,andthelowbusisControllerAreaNetwork(CAN.C11、C12andC21、C22respectivelymakeupoftwosafetycomputing
componentsIC1andIC2,whichareof2v2structure.Andeachcomponenthasanexternaldynamiccircuitwatchdogthatissetforcomputingsupervisionandswitching.
Figure2HardwarestructureofSIC
3.3Standardizedcomponentunit
Aftercomponentmoduleismadecertain,accordingtothesafety-criticalrequirementsofrailwaysignalinterlockingsystem,wehavetodoasecondarydevelopmentonthemodule.Thedesignincludespowersupply,interfacesandotherembeddedcircuits.
Thefault-tolerantprocessing,synchronizedcomputing,andfaultdiagnosisofSICmostlydependonthesafetysoftware.Herethesafetysoftwaredesignmethodisdifferingfromthatofthespecialcomputertoo.Fordedicatedcomputer,thesoftwareisoftenspeciallydesignedbasedonthebarehardware.Asrestrictedbycomputingabilityandapplicationobject,aspecialschedulingprogramiscommonlydesignedassafetysoftwareforthecomputer,andnotauniversaloperatingsystem.Thefault-tolerantprocessingandfaultdiagnosisofthededicatedcomputeraretightlyhardware-coupled.However,thesafetysoftwareforSICisexotericandlooselyhardware-coupled,anditisbasedonastandardLinuxOS.
Thesafetysoftwareisvitalelementofsecondarydevelopment.ItincludesLinuxOSadjustment,fail-safeprocess,fault-tolerancemanagement,andsafetyinterlockinglogic.ThehierarchyrelationsbetweenthemareshowninFigure4.
SafetyInterlockLogic
Fail-safeprocess
Fault-tolerancemanagement
LinuxOSadjustment
Figure4SafetysoftwarehierarchyofSIC
3.4Fault-tolerantmodelandsafetycomputation
3.4.1Fault-tolerantmodel
TheFault-tolerantcomputationofSICisofamultilevelmodel:
SIC=F1002D(F2002(Sc11,Sc12,F2002(Sc21,Sc22
Firstly,basiccomputingunitCi1adoptsonealgorithmtocompletetheSCi1,andCi2finishestheSCi2viaadifferentalgorithm,secondly2outof2(2oo2safetycomputingcomponentofSICexecutes2oo2calculationandgetsFSICifromthecalculationresultsofSCi1SCi2,andthirdly,accordingthestatesofwatchdogandswitchunitblock,theresultofSICisgottenviaa1outof2withdiagnostics(1oo2Dcalculation,whichisbasedonFSIC1andFSIC2.Theflowofcalculationsisasfollows:
(1Sci1=Fci1(Dnet1,Dnet2,Ddi,Dfss
(2Sci2=Fci2(Dnet1,Dnet2,Ddi,Dfss
(3FSICi=F2oo2(Sci1,Sci2,(i=1,2
(4SIC_OutPut=F1oo2D(FSIC1,FSIC2
3.4.2Safetycomputation
Asinterlockingsystemconsistsofafixedsetoftask,thecomputationalmodelofSICistask-based.Ingeneral,applicationsmayconformtoatime-triggered,event-triggeredormixedcomputationalmodel.Herethetime-triggeredmodeisselected,tasksareexecutedcyclically.TheconsistencyofcomputingstatesbetweenthetwounitsisthefoundationofSICforensuringsafetyandcredibility.AsSICworksunderalooselycoupledmode,itisdifferentfromthatofdedicatedhardware-coupledcomputer.SoaspecializedsynchronizationalgorithmisnecessaryforSIC.
SICcanbeconsideredasamultiprocessordistributedsystem,anditscomputationalmodelisessentiallybasedondatacomparingviahighbuscommunication.First,ananalyticalapproachisusedtoconfirmtheworst-caseresponsetimeofeachtask.Toguaranteethedeadlineoftasksthatcommunicateacrossthenetwork,theaccesstimeanddelayofcommunicationmediumissettoafixedpossiblevalue.Moreover,thecomputationalmodelmustmeetstherealtimerequirementsofrailwayinterlockingsystem,withinthesystemcomputingcycle,wesetmanycheckpointsPi(i=1,2,...n,whicharesmallenoughforsynchronization,andcomputationresultvotingisexecutedateachpoint.Thesafety
computationflowofSICisshowninFigure5.
Start
0clock
clock
Safetyfunctions
Tasksofinterlocking
logic
i:
p
:
checkpoint
InitializeSynchronization
GuaranteeSynchronousTimetrigger
Figure5SafetycomputationalmodelofSIC
4.Hardwaresafetyintegritylevelevaluation
4.1SafetyIntegrity
Asanauthoritativeinternationalstandardforsafety-relatedsystem,IEC61508presentsadefinitionofsafetyintegrity:
probabilityofasafety-relatedsystemsatisfactorilyperformingtherequiredsafetyfunctionsunderallthestatedconditionswithinastatedperiodoftime.InIEC61508,therearefourlevelsofsafetyintegrityareprescribe,SIL1~SIL4.TheSIL1isthelowest,andSIL4highest.
AccordingtoIEC61508,theSICbelongstosafety-relatedsystemsinhighdemandorcontinuousmodeofoperation.TheSILofSICcanbeevaluatedviatheprobabilityofdangerousperhour.TheprovisionofSILaboutsuchsysteminIEC61508,seetable1.
Table1-SafetyIntegritylevels:
targetfailuremeasuresforasafetyfunctionoperatinginhighdemandor
continuousmodeofoperation
SafetyIntegritylevel
HighdemandorcontinuousmodeofOperation(ProbabilityofadangerousFailureperhour
4≥10-9to<10-83≥10-8to<10-72≥10-7to<10-61≥10-6to<10-5
4.2ReliabilityblockdiagramofSIC
AfteranalyzingthestructureandworkingprincipleoftheSIC,wegetthebockdiagramofreliability,asfigure6.
Figure6BlockdiagramofSICreliability
5.Conclusions
Inthispaper,weproposedanavailablestandardizedcomponent-basedcomputerSIC.Railwaysignalinterlockingisafail-safesystemwitharequiredprobabilityoflessthan10-9safetycriticalfailuresperhour.Inordertomeetthecriticalconstraints,fault-tolerantarchitectureandsafetytacticsareusedinSIC.Althoughthecomputationalmodelandimplementationtechniquesarerathercomplex,thephilosophyofSICprovidesacheerfulprospecttosafetycriticalapplications,itrendersinasimplerstyleofhardware,furthermore,itcan
- 配套讲稿:
如PPT文件的首页显示word图标,表示该PPT已包含配套word讲稿。双击word图标可打开word文档。
- 特殊限制:
部分文档作品中含有的国旗、国徽等图片,仅作为作品整体效果示例展示,禁止商用。设计者仅对作品中独创性部分享有著作权。
- 关 键 词:
- 中英文 文献 翻译
![提示](https://static.bingdoc.com/images/bang_tan.gif)