Computer aided modelling of railway station traffic control systems 3

Piotr Kawalec 1 Warsaw University of Technology Marcin Rżysko 2 Bombardier Transportation (Rail Engineering) Polska Sp. z o.o. Computer aided modelling of railway station traffic control systems 3 Introduction The formal description methods for railway traffic control systems is an important issue in modelling such devices. Despite the use of certain formalisation elements in existing systems and research made on this topic [5, 6] there is still no method which would allow to model complex functionalities of railway interlocking systems and which would be a direct input for designing the prototype. When seeking for new methods, attention should be paid especially to the ability to use computer-aided design tools for creating the model. This paper presents several issues related to modelling complex functionalities in railway interlocking systems using formal algorithm notation and Active-HDL tools by Aldec. Model formalisation Formal description of complete interlocking functions for a geographical interlocking system can be achieved basing on the algorithms [2, 3, 4]. This approach allows to easily specify complex functionalities of the system. The first step of creating the formal description of a model is defining the input and output data. Considering the interlocking system as one element, the following alphabets can be distinguished: X = {X P, X K } - input alphabet, Y = {Y M, Y S } - output alphabet, where: X P = {X P1, X P2,..., X PN }, X P... = (x p0, x p1,..., x pn ) - manoeuvres vector, X K = {X K1, X K2,..., X KN }, X K... = (x k0, x k1,..., x kn ) - check vector, Y M = {Y M1, Y M2,..., Y MN }, Y M... = (y m0, y m1,..., y mn ) - indication vector, Y S = {Y S1, Y S2,..., Y SN }, Y S... = (y s0, y s1,..., y sn ) - control vector. For the description of a single element of the system, labelled as E i, an additional interlocking vector was introduced to the alphabets. It allows to specify the connections between the element and adjacent ones: 1 D.Sc. Eng. Hab., P. Kawalec, Associate Professor, Department of Traffic Control, Faculty of Transport, Warsaw University of Technology, Koszykowa str. 75, 00-662 Warszawa, tel. (+48 22) 234 7585, pka@wt.pw.edu.pl 2 M.Sc. Eng., M. Rżysko, assistant designer, Bombardier Transportation (Rail Engineering) Polska Sp. z o.o., ul. Ogrodowa 58, 00-876 Warszawa, (+48) 698 648 063, marcin.rzysko@pl.transport.bombardier.com 3 Artykuł recenzowany 2915

X Z = {X ZA, X ZB,..., X ZG }, X Z... = (x z0, x z1,..., x zn ) - interlocking vector (input), Y Z = {Y ZA, Y ZB,..., Y ZG }, Y Z... = (y z0, y z1,..., y zn ) - interlocking vector (output). where: A, B,... - geographical connections to adjacent logical objects, G - non-geographical connection. The system decomposition method is shown in fig. 1. Fig. 1. Decomposition method scheme 2916

The selected form of formal description of the algorithm, which can be easily obtained from the verbal description, is the logical algorithm scheme [1, 3, 7]. It is assumed that the construction of each algorithm will consist of the following steps: decomposition of the function into execution steps (for example route execution: rest state selecting setting locking releasing rest state), creating the possible variants of algorithm execution according to the number of routes possible to execute by the element. When modelling a single geographical element a route is considered as a possibility to use the element for the train passage. The number of possible p routes was labelled as P and it depends on the object type. p { 1, 2,..., P} For the exemplary functionality of route execution the general concept of algorithm was developed (rys.2). Fig. 2. General concept of route execution algorithm for an object with P possible routes The logical algorithm scheme corresponding to fig. 2 is shown below. The following notation is used: Y Mp X mnp - vector of output data in m state, in p route, - vector of input variables, which specifies the condition for transition from m to n state in p route, 2917

0 11 21 P1 0 S sw1 sw2 swp 11 12 11 21 22 21 P1 P2 P1 W1 wn1 W 2 wn2 WP wnp 12 13 12 22 23 22 P2 P3 P2 N1 nu1 N 2 nu2 NP nup 13 14 13 23 24 23 P3 P4 P3 14 Y X X... X ω Y X ω Y X ω... Y X ω Y X ω Y X ω... Y X ω Y X ω Y X ω... Y X ω U1 uz1 U 2 uz 2 UP uzp 0 14 24 0 24 P4 0 P4 YZ 1X zs1 ω YZ 2 X zs2 ω... YZP X zsp ω The logical algorithm scheme provides a convenient basis for the construction of the finite-state machine graph. By transforming the Y set into vertices, and the X set into edges, the finite-state machine for an exemplary object with two possible routes was achieved (fig. 3). (1) Fig. 3. Finite-state machine in FSM editor 2918

For every given element it is necessary to identify the conditions, which have to be fulfilled to execute the transition to the next state (specification of X... values). Thanks to the appropriate model decomposition this task is much simpler to achieve, that describing the whole system as one graph. The developed method allows to create every algorithm of every logical object in geographical railway interlocking system in the form of FSM graph. Computer-aided specification and verification Creating the finite-state machine graph suitable for the given element and identifying the conditions for all transitions allows to create the specification in a hardware description language. It is possible with the FSM editor, which is one of the tools in Active-HDL environment, used during the work. Because FSM editor allows to automatically generate VHDL code basing on the given FSM graph, this is the last step of transformation the verbal description of the functionality to the formal description, which can be used later for implementation and prototyping. In the integrated computer-aided design environment it is possible to verify the model on various hierarchical levels. The first level is the FSM graph, on which it is easy to check for any errors created during the algorithm to graph transformation. The FSM editor of the Active-HDL environment allows to simulate the created algorithm manually, by changing the input values, or automatically - using Testbench'es which allow to verify whole graph. Observation of the simulation is possible directly on the graph (fig. 4a), or on the waveforms (fig. 4b). Fig. 4. Simulation observation on the graph (a) and on waveforms (b) 2919

On the next level, the graph shown above, along with graphs modelling another algorithms in the object, is used to build a complete object, which can be then tested for algorithm integration and data exchange with adjacent objects. On this level it is also possible to analyse the variable values in BDE editor, which is used to build the model from single elements (fig. 5a). Fig. 5. Simulation observation on objects (a) and model level (b) The highest hierarchical level allows to create a model of all station elements in one block in BDE editor. This object should be considered as a complete description of interlocking data for a given track layout (fig. 5b). Conclusion The described modelling method for railway station geographical interlocking systems allows to fully utilise the modern computer-aided design technology. It is possible thanks to the appropriate decomposition and formalisation of the model. The simulation process, performed using the mentioned tools, proved the correctness of the design on algorithm, object, and the complete model level. The description obtained using the described method is transparent and easy to modify and implement new functions, which is an important issue in analysis of modern railway traffic control systems. 2920

Abstract The paper presents a modelling method for complex interlocking functions in railway traffic control systems. The method is based on the geographical approach, which allows to use the created elements for any track layout. Specification and verification of the designed algorithms was performed in computer-aided design environment. The use of algorithms to describe the functions allowed to intuitively transform the elementary conditions in verbal description into formal notation and finally the VHDL code. Komputerowe wspomaganie modelowania stacyjnych systemów srk Streszczenie W artykule przedstawiono propozycję sformalizowanej metody specyfikacji złożonych funkcji zależnościowych w systemach sterowania ruchem kolejowym. Opisana metoda opiera się na podejściu geograficznym, umożliwiającym uniwersalne wykorzystanie zbudowanych elementów dla dowolnego układu torowego. Zaprezentowane zostały możliwości specyfikacji i weryfikacji otrzymanych algorytmów w środowisku komputerowego wspomagania prac projektowych. Zastosowanie algorytmów do opisu działania pozwala na intuicyjne przejście od elementarnych warunków opisanych w języku naturalnym do zapisu formalnego i ostatecznie kodu języka VHDL. References [1] Apuniewicz S.: Układy przekaźnikowe w automatyce zabezpieczenia ruchu kolejowego. Wydawnictwa Politechniki Warszawskiej, Warszawa 1969. [2] Kawalec P., Rżysko M.: Komputerowo wspomagana specyfikacja funkcji zależnościowych urządzeń srk. Technika Transportu Szynowego 9/2012, s.1605-1614. [3] Kawalec P., Rżysko M.: Metoda tworzenia formalnego zapisu algorytmów działania urządzeń srk. Prace Naukowe - Transport, z. 100, 2013, s.91-108. [4] Kawalec P., Rżysko M.: Zastosowanie grafów przejść automatów skończonych do opisu algorytmów działania urządzeń srk. Prace Naukowe - Transport, z. 95, 2013, s.221-230. [5] Koliński D.: Formalny opis funkcji zależnościowych systemów srk dla współczesnych posterunków ruchu. Prace Naukowe - Transport, z. 86, 2013, s.35-52. [6] Minkowitz C., Atkiss J.: An object-oriented formal specification of a configuration language for railway interlockings. 3rd Northern Formal Methods Workshop, 1998. [7] Traczyk W.: Układy cyfrowe. Podstawy teoretyczne i metody syntezy. Wydawnictwa Naukowo- Techniczne, 1982. 2921