• Proceedings of the KSR Conference
• /
• 2011.10a
• /
• pp.188-194
• /
• 2011

The purpose of this paper is to explain the implementation method in order to enhance stability and reliability of embedded system. In this research, Texas Instrument (TI)'s TMS570 MCU(Micro Controller Unit) is used to satisfy the standard of stability that is IEC 61508. IEC 61508 suggest SIL(Safety Integrity Level) from 1 to 4 and TMS570 is satisfied SIL3. Also, TMS570 can provide several stability functions can be used in realtime system. To use such functions, this paper suggest the solution about the defect that can be used in realtime system. In basic way TMR(Triple Modular Redundancy) suggested in addition to explain about the way to improve safety and reliability. Also this paper will suggest the method that reinforce the stability of calculation by using multiplex voter and memory.

• Journal of Applied Reliability
• /
• v.16 no.3
• /
• pp.231-237
• /
• 2016

Purpose: It is not easy to suggest a quantitative data related to safety analysis. The objective of this paper is to propose a method of Safety Integrity Level (SIL) analysis and to suggest a SIL analysis result for single station controller in nuclear power plant based on IEC 61508. Methods: The Failure Modes and Effects Diagnostic Analysis (FMEDA) and average probability of failure on demand (PFD) are used for SIL assessment. Results: A SIL of single station controller is evaluated 4 by a reliability analysis results and PFD. Conclusion: A SIL analysis method and result for single station controller based on IEC 61508 are proposed in this paper. It can applicable for a manufacturer data in safety-related system.

• Proceedings of the KSR Conference
• /
• 2011.05a
• /
• pp.1195-1201
• /
• 2011

Since the release of safety standard IEC 61508 which defines functional safety of electronic safety-related systems, SIL(Safety Integrity Level) certification for railway systems has gained lots of attention lately. In this paper, we propose a new design technique of the computer board for train control systems with high reliability and safety. The board is designed with TMR(Triple Modular Redundancy) using a certified SIL3 Texas Instrument(TI)'s TMS570 MCU(Micro-Controller Unit) to guarantee safety and reliability. TMR for the control device is implemented on FPGA(Field Programmable Gate Array) which integrates a comparator, a CAN(Controller Area Network) communication module, built-in self-error checking, error discriminant function to improve the reliability of the board. Even if a malfunction of a processing module occurs, the safety control function based on the proposed technique lets the system operate properly by detecting and masking the malfunction. An RTOS (Real Time Operation System) called FreeRTOS is ported on the board so that reliable and stable operation and convenient software development can be provided.

• Fire Science and Engineering
• /
• v.19 no.3 s.59
• /
• pp.20-27
• /
• 2005

This paper evaluates the fire safety level of eight pump rooms in the nuclear power plant using a fire model, CFAST We estimate the Conditional Core Damage Probability (CCDP) of each room based on the analyzed results of CFAST Eight rooms located on the primary auxiliary building of the nuclear power plant are high pressure safety injection pump room A/B, low pressure safety injection pump room Am. containment sprdy pump room A/B, and motor-driven auxiliary feed water pump room A/B. The upper layer gas temperature of each room is estimated and the integrity of cable is reviewed. Based on the results, the integrity of the cable located at the upper part of compartment is maintained without thermal damage. The Conditional Core Damage Probability Is reduced to half of the old values. Accordingly, the fire safety assessment for eight pump rooms using the fire model will be capable of reducing the uncertainty and to develop a more realistic model.

• Journal of Electrical Engineering and Technology
• /
• v.10 no.4
• /
• pp.1915-1920
• /
• 2015

ISO 26262 is an international standard for the functional safety of electric and electronic systems in vehicles, and this standard has become a major issue in the automotive industry. In this paper, a functional safety compliant electronic control unit (ECU) for an electric power steering (EPS) system and a demonstration purposed EPS system are developed, and a software and hardware structure for a safety critical system is presented. EPS is the most recently introduced power steering technology for vehicles, and it can improve driver’s convenience and fuel efficiency. In conformity with the design process specified in ISO 26262, the Automotive Safety Integrity Level (ASIL) of an EPS system is evaluated, and hardware and software are designed based on an asymmetric dual processing unit architecture and an external watchdog. The developed EPS system effectively demonstrates the fault detection and diagnostic functions of a functional safety compliant ECU as well as the basic EPS functions.

• Journal of the Korean Society for Railway
• /
• v.10 no.6
• /
• pp.730-734
• /
• 2007

In this paper, we suggest the criticality of Hidden Failure with regard to the design of watch dog timer, used to detect HALT on railway signaling embedded controller, via FMEA and FTA. Hidden Failure means reliability and safety degradation of the system due to any failure occurred on elements added for fault tolerance. In this paper, therefore, we design vital watch dog timer to prevent the system from operating in low SIL conditions and assess the safety of circuit on failure occurrence to demonstrate that safety degradation problems owing to existing design are supplemented.

• The Transactions of the Korean Institute of Electrical Engineers B
• /
• v.53 no.2
• /
• pp.99-106
• /
• 2004

Train control system in LRT (Light Rail Transit) is developed as a part of "Light Rail Transit System Development Project". But there was no specific requirement representing the system safety. Because system safety must be ensured before the customization, we applied the system to a officially recognized specific procedure, such as "A Guideline to Ensure the Safety of Train Control System in Korea" that was officially announced by KNR (Korea National Railroad) in 2001. We should draw system safely requirement to guarantee system safety for the first time. In this paper, the hazard identification and analysis to derive the safety requirement on LRT train control system are carried out following the KNR guideline. To analyze hazard, we have to deduce system functions, identify related hazards, derive the effects of the hazards, analyze current risk, define the target risk of the system, and deduce the alternative plans to reduce the effects of the hazards. After the hazard analysis following the upper procedure, 30 hazards are identified and analysed. Especially detailed analysis on train collision that is a main hazard of the train control of system is specially carried out.

• Journal of the Korean Society for Railway
• /
• v.19 no.2
• /
• pp.170-186
• /
• 2016

This paper introduces a multi-phase fuzzy risk graph model, representing a method for determining for SIL values for railway industry systems. The purpose of this paper is to compensate for the shortcomings of qualitative determination, which are associated with input value ambiguity and the subjectivity problem of expert judgement. The multi-phase fuzzy risk graph model has two phases. The first involves the determination of the conventional risk graph input values of the consequence, exposure, avoidance and demand rates using fuzzy theory. For the first step of fuzzification this paper proposes detailed input parameters. The fuzzy inference and the defuzzification results from the first step will be utilized as input parameters for the second step of the fuzzy model. The second step is to determine the safety integrity level and tolerable hazard rate corresponding to be identified hazard in the railway industry. To validate the results of the proposed the multi-phase fuzzy risk graph, it is compared with the results of a safety analysis of a level crossing system in the CENELEC SC 9XA WG A0 report. This model will be adapted for determining safety requirements at the early concept design stages in the railway business.

• The Journal of Korean Institute of Electromagnetic Engineering and Science
• /
• v.23 no.8
• /
• pp.942-949
• /
• 2012

In order to ensure the safety of the large-scale public facilities, the analysis of EMC(ElectroMagnetic Compatibility) of electronic systems included in the facilities is very necessary. The reason is that the system-level EMC of the facility could be not guaranteed, even if individual equipments included in the facility are satisfied with their EMC requirements. As a result, the system-level evaluation and analysis of EMC should be carried out in order to establish the reliable operations of safety and mission-critical electronic systems. This paper analyze the relevant legal systems of domestic and other countries, and furthermore case studies of system-level EMC approaches were analyzed in the specific applications of electric railways, building, automobile, petroleum refinery systems. And the introduction of related systems in Korea is proposed, and main parts and problems to be looked at each proposed measures are discussed. The results are expected to be utilized in the introduction of the system-level EMC engineering, and contributed in national security and the protection of people's life, body and their properties.

• Journal of Navigation and Port Research
• /
• v.39 no.3
• /
• pp.179-184
• /
• 2015

The purpose of this study is to provide appropriate methodology to ensure the safety and integrity of the production riser in offshore structure. In order to select integrity estimation methodology for production riser, level I and II Non-destructive Damage Evaluation (NDE) methods that were applied to existing structures are classified and reviewed. Numerical analysis is performed to verify the applicability and capability on damage detection of reviewed methods. As a result, the damage detection methodology using modal strain energy is more sensitive in detection of the damage than other methods. In practice, the number of sensors is limited due to the environmental and financial conditions. The impact on damage detection performance by reducing the number of sensors is systematically investigated through a series of numerical analyses and the results are discussed. The optimal number of sensor for the integrity estimation of production riser is recommended.