Alex Hawkes: What types of rail software solutions are currently entering the market and how is this technology driving the future of rail operations worldwide?
Jens Wiegand: New train and tram developments involve more and more electronics, including automatic train protection systems, automatic train operations, driver and passenger information systems, plus new emerging video and internet data services for passengers. These are usually not key areas of expertise for the train manufacturer.
The move towards lower costs and shorter project timescales is driving the system developers to use commercial off-the-shelf (COTS) equipment, both in hardware and software, rather than developing these technologies in house. While these COTS technologies can bring lower costs and speedier development, they also have to meet the specific needs of the transportation market for reliability, long-term support over the 20 or 30 years of the equipment life and compliance with safety regulations, which is often difficult to achieve.
All of this is creating a new ecosystem of subsystem hardware and software suppliers with different approaches; and while there are many COTS hardware suppliers, there are fewer that concentrate specifically on software. There are key gaps here, particularly on the certification of the software and support for safety-critical systems.
AH: So how are current rail safety regulations or legislation geared towards the increasing adoption of software technologies?
JW: The standards governing safety systems have been evolving over time and are starting to learn from markets such as aerospace about the appropriate architectural concepts and model-based designs. These are increasingly used to achieve better certifiability of systems and more effective product life-cycle management.
While this presents opportunities for equipment makers looking to use the same technologies in numerous global markets, bringing economies of scale and lower costs, it also means that existing projects or ones under development may have to be modified to meet fast-changing regulatory requirements.
Regulatory bodies and insurance companies are increasingly demanding that operators have the latest safety systems installed to protect against large-scale accidents, which has a significant impact on development.
AH: Is there any guidance currently available to rail operators concerning rail software technology?
JW: The CENELEC EN50128 standard defines software partitioning and the use of COTS software. This is converging with the IEC 61508 standard that defines the development process for safety-critical systems. In evolving markets such as Asia, many equipment makers are using the European safety standards so that they can use equipment available off the shelf. The Chinese Government has mandated the introduction of the CENELEC EN standard series, requiring equipment makers to acquire this expertise from third-party suppliers.
AH: And what implications does this have for the rail software manufacturers?
JW: The move to COTS, model-based designs, methodology-driven designs, and converged regulations does have a significant impact on the development process. Engineers need to focus more and more on implementing added value and encapsulating their expertise as intellectual property in the system, rather than developing software such as schedulers, real-time operating systems, and often their own tool chains.
The majority of the effort is not necessarily in the development of the software but in the verification and validation of software that is required to demonstrate that the software conforms to the standards. As an alternative, commercial certifiable software can provide these certification artefacts and tools, dramatically speeding up the development process. This allows the engineer to integrate the software effectively and easily into the design, eliminating the need to design around a complete solution from a third-party supplier.
AH: What are some of the potential drawbacks of a move towards COTS?
can be implemented.”
JW: New technologies are changing they way the safety regulations can be implemented. Multicore processors can provide separation by running safety-critical routines on one dedicated core with certified software, while new features such as networking and user interfaces can be run on other processors without influencing the safety-critical elements of the system. This allows developers to use commercial or open source software and add new features, including localisation for new markets, much more easily and quickly without having to recertify large parts of the system.
Key enablers for those architectural concepts are separation or virtualisation technologies providing both space and time separation, allowing different operating systems to be added, but more importantly, adding safety and security to these systems. These systems need to be secure from attack, which is an increasing risk of more connectivity. Software separation technologies can provide significantly higher safety and security by creating small, highly safe and secure partitions that protect access to the rest of the system and make the system less vulnerable.
AH: To summarise, what advice would you offer rail operators that are considering adopting COTS technologies?
JW: The world of mass transportation is going through a dramatic upheaval amid one of the worst global recessions in living memory. Moving to COTS technologies provides vital advantages in cost and development times, but there are key challenges to managing the complexity of the system and maintaining the conformance of the system to safety and security standards.