Artesyn Embedded Technologies

Fail-Safe Computer Systems for Railways

lead

Artesyn Embedded Technologies (Artesyn) supplies commercial off-the-shelf (COTS), fail-safe computer solutions to rail system integrators and application providers.

Artesyn's ControlSafe™ Platform (CSP) can be deployed in safety application environments to protect rail infrastructure investments and it is designed to comply with the following industry standards:

  • Safety-related software: EN50128 SIL4
  • Availability, maintainability and safety (RAMS) processes: EN50126
  • Hardware: EN50129 SIL4

Compliant fail-safe systems for railways

Artesyn's ControlSafe Platform is a cost-effective solution that enables all rail application developers and system integrators to substantially accelerate time-to-market without being deterred by the potentially high costs and the risks associated with the stringent SIL4 system development and certification process.

Artesyn aims to provide rail industry customers with an unmatched, highly reliable platform with a 15-year product life and 25 years of extended support and service.

Reducing railway downtime

Artesyn's ControlSafe Platform is designed to deliver best-in-class system availability as high as 99.9999%, which means that downtime is limited to less than a few seconds a year.

Artesyn has successfully completed extensive modelling and analysis by its team of highly qualified staff throughout the development and testing stages. As a result, its ControlSafe Platform meets all the functional safety, reliability and availability requirements mandated by rail standards and specifications.

Fail-safe computing system implementation for rail operators

Due to Artesyn's future-proof development philosophy, its ControlSafe Platform is modular, scalable and designed to seamlessly accommodate additional I/O interfaces and any upgraded processors required throughout a product's lifecycle.

The ControlSafe Platform consists of two redundant ControlSafe computers (CSCs), which each deliver fail-safe operations. They are linked by a safety relay box (SRB) that monitors the health of the two CSCs, designating one as 'active' and the other as 'standby'. The platform also controls fail-over operation between the two CSCs to deliver a fail-safe computing system.

The 'active' CSC controls the I/O via a customer application, while the 'standby' CSC runs the same application but has no ability to drive any output.

At the core of each CSC are two identical CPU boards that run in data lock-step mode and implement a two-out-of-two (2oo2) voting mechanism. The certified and field-proven VxWorks 653 operating system from Wind River provides safe partitions for customer applications.

Any discrepancy between these two CPUs causes the active CSC to declare itself unhealthy and signal its state to the SRB, which in turn causes the standby CSC to become active. The unhealthy CSC is taken out of operation and can be brought back into service once it has been repaired.

This health-and-safety architecture guarantees that there is no possibility of an incorrect output being driven to external equipment.

Software upgrades for rail safety systems

Artesyn provides a high-quality platform that is easy to use, scalable and upgradeable. Application processing is carried out on a modern Freescale QorIQ™ processor, which delivers a high level of performance, energy-efficient processing and required extended lifecycle support.

The ControlSafe Platform's data lock-step architecture supports high-performance modern processors. It enables possible future processor upgrades while retaining the platform's I/O.

Implementing the 2oo2 voting facilities in hardware allows application developers to migrate existing software with minimal modifications. An extensive set of well-documented application programming interfaces (APIs) provides access to system parameters and management facilities. This makes it easy for application developers and system integrators to monitor and control the system.

The Artesyn ControlSafe Platform includes I/O modules that provide interfaces to a range of communication protocols such as CAN, ethernet, ethernet Ring, UART and MVB.

All I/O modules have a common architecture based on the same Freescale CPU core and the same Wind River VxWorks 653 certified operating system, which simplifies the software development environment.

All I/O modules are accessed over ethernet, allowing a seamless distributed architecture where additional expansion can be contained in a remote chassis. All modules support remote online software and firmware upgrade without the risk of rendering a system inoperable.

About Artesyn

Artesyn has more than 30 years of experience serving a range of fault-tolerant industries, including global telecommunications networks, where it has deployed numerous products.

With experience comes a deep understanding of client's requirements for on-time, consistent and high-quality products with excellent customer support, Artesyn delivers on all counts from its own factory and support experts.

Products features are supported with local system architects worldwide, as well as field application engineers, to keep clients on schedule.

In addition, Artesyn offer various services that designed to facilitate the release and deployment of new products.

Contact Details

Artesyn Embedded Technologies
2900 South Diablo Way
Suite 190
Tempe
85282-3222
Arizona
United States of America
+1 602 438 5720
+1 888 412 7832
computingsales@artesyn.com
www.artesyn.com

Available White Papers

Download

Trends and Drivers in Fail-Safe Architectures for Rail Systems 21 October 2015 The market for embedded computing technologies in rail applications is following a similar trend as has been seen in other embedded market spaces.

Download

Maximizing Safety Without Compromising Reliability 21 October 2015 A programmable electronic system can be defined as functionally safe if it operates correctly and predictably, so that even in the event of failures it remains safe for persons and the environment.

Company Videos