Artesyn Embedded Technologies
Fail-Safe Computer Systems for Railways
Artesyn Embedded Technologies (Artesyn) supplies commercial off-the-shelf (COTS), fail-safe computer solutions to rail system integrators and application providers.
Artesyn’s ControlSafe™ Platform (CSP) can be deployed in safety application environments to protect rail infrastructure investments and it is designed to comply with the following industry standards:
- Safety-related software: EN50128 SIL4
- Availability, maintainability and safety (RAMS) processes: EN50126
- Hardware: EN50129 SIL4
Compliant fail-safe systems for railways
Artesyn’s ControlSafe Platform is a cost-effective solution that enables all rail application developers and system integrators to substantially accelerate time-to-market without being deterred by the potentially high costs and the risks associated with the stringent SIL4 system development and certification process.
Artesyn aims to provide rail industry customers with an unmatched, highly reliable platform with a 15-year product life and 25 years of extended support and service.
Reducing railway downtime
Artesyn’s ControlSafe Platform is designed to deliver best-in-class system availability as high as 99.9999%, which means that downtime is limited to less than a few seconds a year.
Artesyn has successfully completed extensive modelling and analysis by its team of highly qualified staff throughout the development and testing stages. As a result, its ControlSafe Platform meets all the functional safety, reliability and availability requirements mandated by rail standards and specifications.
Fail-safe computing system implementation for rail operators
Due to Artesyn’s future-proof development philosophy, its ControlSafe Platform is modular, scalable and designed to seamlessly accommodate additional I/O interfaces and any upgraded processors required throughout a product’s lifecycle.
The ControlSafe Platform consists of two redundant ControlSafe computers (CSCs), which each deliver fail-safe operations. They are linked by a safety relay box (SRB) that monitors the health of the two CSCs, designating one as ‘active’ and the other as ‘standby’. The platform also controls fail-over operation between the two CSCs to deliver a fail-safe computing system.
The ‘active’ CSC controls the I/O via a customer application, while the ‘standby’ CSC runs the same application but has no ability to drive any output.
At the core of each CSC are two identical CPU boards that run in data lock-step mode and implement a two-out-of-two (2oo2) voting mechanism. The certified and field-proven VxWorks 653 operating system from Wind River provides safe partitions for customer applications.
Any discrepancy between these two CPUs causes the active CSC to declare itself unhealthy and signal its state to the SRB, which in turn causes the standby CSC to become active. The unhealthy CSC is taken out of operation and can be brought back into service once it has been repaired.
This health-and-safety architecture guarantees that there is no possibility of an incorrect output being driven to external equipment.
Software upgrades for rail safety systems
Artesyn provides a high-quality platform that is easy to use, scalable and upgradeable. Application processing is carried out on a modern Freescale QorIQ™ processor, which delivers a high level of performance, energy-efficient processing and required extended lifecycle support.
The ControlSafe Platform’s data lock-step architecture supports high-performance modern processors. It enables possible future processor upgrades while retaining the platform’s I/O.
Implementing the 2oo2 voting facilities in hardware allows application developers to migrate existing software with minimal modifications. An extensive set of well-documented application programming interfaces (APIs) provides access to system parameters and management facilities. This makes it easy for application developers and system integrators to monitor and control the system.
The Artesyn ControlSafe Platform includes I/O modules that provide interfaces to a range of communication protocols such as CAN, ethernet, ethernet Ring, UART and MVB.
All I/O modules have a common architecture based on the same Freescale CPU core and the same Wind River VxWorks 653 certified operating system, which simplifies the software development environment.
All I/O modules are accessed over ethernet, allowing a seamless distributed architecture where additional expansion can be contained in a remote chassis. All modules support remote online software and firmware upgrade without the risk of rendering a system inoperable.
Artesyn has more than 30 years of experience serving a range of fault-tolerant industries, including global telecommunications networks, where it has deployed numerous products.
With experience comes a deep understanding of client’s requirements for on-time, consistent and high-quality products with excellent customer support, Artesyn delivers on all counts from its own factory and support experts.
Products features are supported with local system architects worldwide, as well as field application engineers, to keep clients on schedule.
In addition, Artesyn offer various services that designed to facilitate the release and deployment of new products.