*Supported by National Research Council of Thailand

Slides:



Advertisements
Similar presentations
Data Communications and Networking
Advertisements

SCORT/TRB Rail Capacity Workshop - Jacksonville Florida1 1  A Primer on Capacity Principles  New Technologies  Public Sector Needs 22 September
25 February 2009Instructor: Tasneem Darwish1 University of Palestine Faculty of Applied Engineering and Urban Planning Software Engineering Department.
Formal Development and Verification of Distibuted Railway Control System – Haxthausen&Peleska To allow for private companies to be key players in the railway.
The Assembly Language Level
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 24 Slide 1 Critical Systems Validation 2.
Location of Signals. Considerations for Location of Signals Braking Distance Overlaps Isolation Simultaneous Reception.
Banker’s Algorithm Implementation in CPN Tools Michal Žarnay Department of Transportation Networks University of Žilina, Slovakia.
Concurrent Processes Lecture 5. Introduction Modern operating systems can handle more than one process at a time System scheduler manages processes and.
CPN Models of Transport Systems Michal Zarnay Slovakia.
EE694v-Verification-Lect5-1- Lecture 5 - Verification Tools Automation improves the efficiency and reliability of the verification process Some tools,
Toward Formal Modelling and Analysis of SCTP Connection Managment Somsak Vanit-Anunchai School of Telecommunication Engineering Institute of Engineering.
CPN'09, Aarhus, Denmark, October 19-21, 2009 Verification of Railway Interlocking Tables using Coloured Petri Nets * Somsak Vanit-Anunchai
[ §6 : 1 ] 6. Basic Methods II Overview 6.1 Models 6.2 Taxonomy 6.3 Finite State Model 6.4 State Transition Model 6.5 Dataflow Model 6.6 User Manual.
Ch 11 Managing System Reliability and Availability 1.
Office of Railroad, Pipeline and Hazardous Materials Safety Collision of Metrolink Passenger Train 111 and Union Pacific Freight Train LOF65-12 Signal.
1 Satisfiability Testing in the Railway Industry Simon Chadwick Head of Research Westinghouse Rail Systems Limited, Chippenham, UK SAT2009 Twelfth International.
Capacity analysis of complex materials handling systems.
MSE Presentation 3 By Padmaja Havaldar- Graduate Student
Presentation for Document ACSF-03-03_rev1 Oliver Kloeckner September rd meeting of the IG ASCF Munich, Airport Informal Document.
FDT Foil no 1 On Methodology from Domain to System Descriptions by Rolv Bræk NTNU Workshop on Philosophy and Applicablitiy of Formal Languages Geneve 15.
3 June Paris Seminar Modelling and Analysis of TCP’s Connection Management Procedures Jonathan Billington and Bing Han Computer Systems Engineering.
Quality Assurance.
San Francisco Railroad Accident Michael Murphy SYSM /25/12 San Francisco Railroad Accident Michael Murphy SYSM /25/12 San Francisco Railroad.
Centralised Traffic Control Working On Dhamra line of ECoR
ROLE OF SIGNALLING IN RAILWAYS
Software Engineering Lecture 8: Quality Assurance.
1 G4UIRoot Isidro González ALICE ROOT /10/2002.
A new fail-safe principle for railway signaling
1 Address: UIC Safety Database (SDB) System and Results.
Insert the title of your presentation here
Principles of Information Systems Eighth Edition
Project Management: Messages
Memory Management.
Requirements Techniques, cont.
CHP - 9 File Structures.
Machine Independent Assembler Features
Communications in Railway Centralized Traffic Control Systems
Training for the Work-Study Supervisor
Poushali Pal AMIEEE, M. Tech in Information Technologies
Computer Network Topologies
ACTIVITY PLANNING AND RISK MANAGEMENT
Concluding Paragraphs
Starter Review your filament lamp experiment and make corrections (in green pen) Review your test and complete the front cover sheet, correct any mistakes.
AIR TRAFFIC CONTROL SERVICE
About the Presentations
Machine Independent Assembler Features
Lesson 9 Sharing Documents
OVERVIEW: POSITIVE TRAIN CONTROL (ptc)
Applied Software Implementation & Testing
Designed-in Logic to Ensure Safety of Integration and Field Engineering of Large Scale CBTC Systems Author: Fenggang Shi.
Organizational Culture
Rule Book Updates December 2018
Chapter 13 Quality Management
CS240: Advanced Programming Concepts
Basic Rules of Sailboat Sailing
CS385T Software Engineering Dr.Doaa Sami
Doc.: IEEE /XXXr0 10 May 2011 Sep 19, 2007 Project: IEEE P Working Group for Wireless Personal Area Networks (WPANs)‏ Submission Title:
Software Interoperability.... Same game, same rules?
2008 Workshop AHEPA District 3 Website Presentation
ECE 352 Digital System Fundamentals
Feedback Content Types of feedback to optimise performance: intrinsic; extrinsic; concurrent; terminal Interpretation and analysis of graphical.
PASSI (Process for Agent Societies Specification and Implementation)
Lab 8: GUI testing Software Testing LTAT
A Case Study of Variation Mechanism in an Industrial Product Line
Ground Recommendations Review of Recent Discussion
Principles of Information Technology
Future of EDAMIS Webforms
Fluid Power System Electrical Control
Presentation transcript:

*Supported by National Research Council of Thailand Experience using Coloured Petri Nets to Model Railway Interlocking Tables* Somsak Vanit-Anunchai somsav@sut.ac.th School of Telecommunication Engineering Suranaree University of Technology Nakhon Ratchasima 30000 Thailand *Supported by National Research Council of Thailand and the State Railway of Thailand FSFMA 2014

Outline Introduce the railway signalling systems 26/04/62 Introduce the railway signalling systems What is the interlocking tables? (four functions) Motivation Previous work Two Problems with CPN 2009 Examples: CPN Model of the signalling system Objectives of Analysis Concluding Remark

Introduction to railway signalling 26/04/62 Railway Signalling System divides rail track into sections. Only one train is allowed in one section at a time. A section or route comprises wayside equipment 1) Track Circuits used to indicate the presence of trains 2) Signals to allow the train enter into the route. 3) Points (switches ) to diverge the train to another track. Each wayside equipment has an Identification number.

Route Released  Normal Signal Operation 26/04/62 1 Route Released  Normal Route 1-3(2) locked

Operation requirement Testing and Commissioning 26/04/62 Interlocking Tables play a central role for > 100 years Operation requirement Traffic Rules Signalling principle + x =  Interlocking Tables or Control Tables are the tabular representation specifying how the train moves together with the states and actions of related equipment. Circuit Design Implementation Installation x  x Accident Testing and Commissioning

1. Route Setting 26/04/62 201, 202

2. Approach Locked and 3.Route Released 26/04/62

4. What is Flank Protection? 26/04/62 The fail safe means that, in the event of failure, the system shall respond in a no harmful way or no danger to persons. The equipment within the surrounding area of the reserved route that may cause an accident shall be protected even if no train is expected to pass such a signal or such points. Points should be in such positions that they do not give immediate access to the route. Even though those flank points are not located on the required route, when the route is set, they shall be locked in the safe position until the route is released.

4. Flank Protection 26/04/62 201, 202

Motivation 26/04/62 Problems with manual inspection of railway Interlocking table  labour intensive, erorr prone Labour x No. of Station = Too long time + errors Q:Why do not buy software tools from someone? A:Other software tools usually are designed for a specific railway company but SRT’s Operating rule is unique and can be changed. Need easy formal methods for signal engineers in order to maintain models themselves  Coloured Petri Nets Model

26/04/62 Previous Work CPN 2009 Actually we use Coloured Petri Nets (CPNs) to model Railway Signalling Systems = Interlocking Tables + Signalling layout = Simulates trains movement.

26/04/62 Excel  XML XSLT script  ML functions are automatically created from XML control table using XSLT.

Generic Model for Interlocking Table 26/04/62 Generic Model for Interlocking Table require_point_normal(route) ++ require_point_reverse(route)

Two problems and suggestions in CPN2009 26/04/62 Two problems and suggestions in CPN2009 1. When the layout is complex  difficult to model using Places and Transitions. Suggestion: Geographic information (how each wayside equipment connects to each other) is encoded into tokens. 2. Analysis result is not understandable because of too many terminal marking. Suggestion: prefers only 1 terminal marking  No train in the terminal marking .

MoveT2T Page : (Coordination2010 ) (Generic mode for station layout) 26/04/62 MoveT2T Page : (Coordination2010 ) (Generic mode for station layout)

Previous Work: Coordination2010 26/04/62 Previous Work: Coordination2010 1. To answer the first comments  Generic model of Signalling layout in Coordination2010. 2. While the second problem has not been solved, we encountered the third problem: State Exploded. The model in Coor2010 was the double track model but in CPN2009 was the single track model. 3. Even a small double track model we cannot fully analyse. However SRT can use partial analysis and simulation.

Previous Work: Coordination2010 (cont) 26/04/62 Previous Work: Coordination2010 (cont) 4. While the second problem has not been solved, the state explosion problem caused the project at halt. 5. Until CPN Tools version 4.0.0 Prioritized Transition, Reset Arc, Inhibitor Arc These features are very helpful so that we revise the CPN model.

A safe but undesired deadlock Automatic Route Setting required 26/04/62 Revisting 2nd Problem: why so many Terminal marking Initial Markings Case D A safe but undesired deadlock Automatic Route Setting required

Automatic Route Cancellation (required) 26/04/62 Automatic Route Cancellation (required) 2 1 1. Route #1 requires 111T = Normal and Lock 2. Route #2 requires 111T = Reverse  keep attempting to move 111T to Reverse 3.After route #1 released, route #2 is still pending due to FP = 62T is not clear. 4. Another deadlock  route #2 should be cancelled.

Automatic Route Setting and Automatic Route Cancellation 26/04/62 Automatic Route Setting and Automatic Route Cancellation These two functions are not in the Interlocking Table. Normally a signalman conducts the two functions. 3. Our model combines the specification and human action.

26/04/62 UserCommand Page

Objectives of Analysis 26/04/62 Objectives of Analysis The desired property is no train collision. Confidence in the model correctness and the Content of Interlocking Tables After route(s) setting and train(s) movement , The terminal markings shall be as we expected.

Initial Markings Case A 26/04/62 Set All Routes Initial Markings Case A Case B

Initial Markings Case C3 26/04/62 Initial Markings Case C3

26/04/62

26/04/62 With Flank Protection

26/04/62 With Flank Protection

Concluding Remarks 26/04/62 We can use the same (CPN) net structure to model any interlocking systems regardless of the size of the station. (CPN-09) Geographic information (how each wayside equipment connects to each other) is encoded into tokens. (Coordination 2010) We extend the model to include “Flank protection” (FSFMA2014) We include human action “Automatic Route Setting” and “Automatic Route Cancellation. However state explosion is still the problem.

Future work Refine the model. 26/04/62 Future work Refine the model. “Sectional Route Release” some part of the route is released so that we can reuse the equipment such as point for something else e.g. for another route, for shunting etc. Use symmetry property to reduce the size of state space. Apply the sweep-line method to tackle the state explosion problem.

Questions and comments? 26/04/62 Thank You! Questions and comments?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.