• 한국철도학회논문집
• /
• 제7권2호
• /
• pp.114-119
• /
• 2004

According to the computerization of railway signalling systems. the communication protocol for interface between these systems are required. Therefore the new communication protocol for railway signaling system is required. Generally, there are two verification method for new designed protocol in the industrial and academic fields. One is the laboratory testing method which is very popular and general technique. In our research the comparison between existing and new designed protocol for signaling is described and the verification test results are also represented. From these laboratory test, we are verified the conformance of new designed protocol. Another method is verified by formal method. The format verification method is widely used at safety-critical system design but this approach is nor popular at verification communication protocol. However it is very important to verify the safety of new designed protocol for railway signaling system because signaling systems are very safety-critical systems. So, the methodology for formal verification of designed protocol is also reviews in this paper.

• 전기학회논문지
• /
• 제59권8호
• /
• pp.1456-1463
• /
• 2010

The safety critical systems in nuclear power plants should be designed to have a high level of fault tolerant capability because those systems are used for protection or mitigation of the postulated accidents of nuclear reactor. Due to increasing of the system complexity of the digital based system in nuclear fields, the reliability of the digital based systems without an auto-test or a self-diagnostic feature is generally lower than those of analog system. To overcome this problem, additional redundant architectures in each redundant channel and self-diagnostic features are commonly integrated into the digital safety systems. The self diagnostic function is a key factor for increasing fault tolerant capabilities in the digital based safety system. This paper presents an availability and safety evaluation model to analyze the effect to the system's fault tolerant capabilities depending on self-diagnostic features when the loss or erroneous behaviors of self-diagnostic function are expected to occur. The analysis result of the proposed model on the several modules of a safety platform shows that the improvement effect on unavailability of each module has generally become smaller than the result of usage of conventional models and the unavailability itself has changed significantly depending on the characteristics of failures or errors of self-diagnostic function.

• 대한임베디드공학회논문지
• /
• 제16권6호
• /
• pp.267-276
• /
• 2021

The automotive industry and academic research have been continuously conducting research on standardization such as AUTOSAR (AUTomotive Open System ARchitecture) and ISO26262 to solve problems such as safety and efficiency caused by the complexity of electric/electronic architecture of automotive. AUTOSAR is an automotive standard software platform that has a layered structure independent of MCU (Micro Controller Unit) hardware, and improves product reliability through software modularity and reusability. And, ISO26262, an international standard for automotive functional safety and suggests a method to minimize errors in automotive ECU (Electronic Control Unit)s by defining the development process and results for the entire life cycle of automotive electrical/electronic systems. These design methods are variously applied in representative automotive safety-critical systems. However, since the functional and safety requirements are different according to the characteristics of the safety-critical system, it is essential to research the AUTOSAR functional safety design method specialized for each application domain. In this paper, a software functional safety mechanism design method using AUTOSAR is proposed, and a new failure management framework is proposed to ensure the high reliability of the product. The AUTOSAR functional safety mechanism consists of memory partitioning protection, timing monitoring protection, and end-to-end protection. The fault management framework is composed of several safety SWCs to maintain the minimum function and performance even if a fault occurs during the operation of a safety-critical system. Finally, the proposed method is applied to the Shift-by-Wire system design to prove the validity of the proposed method.

• 대한전기학회:학술대회논문집
• /
• 대한전기학회 2007년도 제38회 하계학술대회
• /
• pp.1201-1202
• /
• 2007

Safety critical systems are those in which a failure can have serious and irreversible consequences. Nowadays digital technology has been rapidly applied to critical system such as railways, airplanes, nuclear power plants, vehicles. The main difference between analog system and digital system is that the software is the key component of the digital system. The digital system performs more varying and highly complex functions efficiently compared to the existing analog system because software can be flexibly designed and implemented. The flexible design make it difficult to predict the software failures. This paper reviews safety standard and criteria for safety critical system such as railway system and introduces the framework for the software lifecycle. The licensing procedure for the railway software is also reviewed.

• 한국멀티미디어학회논문지
• /
• 제14권3호
• /
• pp.440-448
• /
• 2011

스마트 폰, 개인용 기기 등을 비롯한 다양한 시스템들에서 그래픽 기반의 사용자 인터페이스를 개발하기 위한 OpenGL 계열 렌더링 표준에 대한 수요가 증가하고 있다. 또한, 항공용, 군사용, 의료용, 차량용 분야의 수요를 중심으로 형성된 세이프티-크리티컬(safety-critical) 시장에서는 OpenGL의 세이프티 크리티컬 프로파일로 개발된 OpenGL SC 표준이 중요한 역할을 담당한다. 본 논문에서는 OpenGL SC 표준을 비용 대비 효과적으로 제공하기 위해서, 기존의 임베디드 시스템들에서 비교적 널리 사용되고 있는 OpenGL 1.x 파이프라인 상에서 OpenGL SC 에뮬레이션을 제공하는 방법을 제안한다. 우리가 제안하는 방법은 임베디드 시스템에서 낮은 개발비로 OpenGL SC 표준을 제공할 수 있으며, 임베디드 시스템용 PC 개발 환경에서의 에뮬레이션용을 위한 필수 요소이기도 하다. 최종 결과는 리눅스기반 시스템과 VxWORKS 기반 시스템에서 표준에 맞게 작동하고, 적합한 실행 속도를 보였다.

• 한국산학기술학회논문지
• /
• 제17권8호
• /
• pp.363-368
• /
• 2016

고장으로 인한 사고 등으로 막대한 피해를 초래할 수 있어 안전성이 중요시 되는 시스템을 안전중시 시스템이라고 한다. 시스템의 대형화, 복잡도 증가 및 무인화 운영 등으로 인해서 안전 위해 요소가 증가하고 있기 때문에 안전성 확보는 국방 및 다양한 산업분야에서 중요한 문제가 되었다. 이러한 이유로 미 국방부와 IEC 등 국제표준기구 등에서는 안전 관련 표준을 만들어서 안전성 확보의 강조 및 시스템 설계와 안전성 분석의 연계를 제시하고 있다. 또한 많은 연구들에서 안전성 분석 활동이 반영된 시스템 설계 프로세스, 방법론 및 도구가 개발되고 있다. 하지만 현재까지 제시된 시스템 설계와 안전성 분석의 통합 프로세스는 각 계층 수준에 존재하는 시스템 설계 정보를 어떻게 활용하는지 명확하게 제시하지 하지 못했다. 그 결과, 체계적인 방식으로 위험원을 식별하는데 어려움이 따르게 되었다. 이와 같은 문제점을 해결하기 위해서 본 연구에서는 각 계층 수준의 시스템 설계 정보를 기반으로 위험원을 식별하여 안전성을 향상 시키고, 여러 산업 분야에 적용 가능한 시스템 설계와 안전성 분석 활동의 통합 모델을 생성했다. 통합 모델이 체계적으로 안전성 분석을 수행할 수 있는 것을 보여주기 위해서 자동차 시스템을 대상으로 적용한 연구결과를 제시하였다.

• Nuclear Engineering and Technology
• /
• 제41권6호
• /
• pp.849-858
• /
• 2009

Risk caused by safety-critical instrumentation and control (I&C) systems considerably affects overall plant risk. As digitalization of safety-critical systems in nuclear power plants progresses, a risk model of a digitalized safety system is required and must be included in a plant safety model in order to assess this risk effect on the plant. Unique features of a digital system cause some challenges in risk modeling. This article aims at providing an overview of the issues related to the development of a static fault-tree-based risk model. We categorize the complicated issues of digital system probabilistic risk assessment (PRA) into four groups based on their characteristics: hardware module issues, software issues, system issues, and safety function issues. Quantification of the effect of these issues dominates the quality of a developed risk model. Recent research activities for addressing various issues, such as the modeling framework of a software-based system, the software failure probability and the fault coverage of a self monitoring mechanism, are discussed. Although these issues are interrelated and affect each other, the categorized and systematic approach suggested here will provide a proper insight for analyzing risk from a digital system.

• 한국원자력학회:학술대회논문집
• /
• 한국원자력학회 2005년도 추계학술발표회
• /
• pp.1097-1098
• /
• 2005

• 한국철도학회논문집
• /
• 제6권1호
• /
• pp.1-9
• /
• 2003

This article proposes an integrated systems engineering and safety analysis model for safety-critical systems development. A methodology in system design for safety is considered during the early phase of the development life cycle of systems engineering process. The evolution of the design automation technology has enabled engineers to perform the model-based systems engineering. A Computer-Aided Systems Engineering(CASE) tool, CORE, is utilized to integrate the systems engineering model with a system safety analysis model. The results of the functional analysis phase can drive the analysis of the system safety. An example of Communications-Based Train Control(CBTC) system for an Automated Guided Transit(AGT) system demonstrated an application of the integrated model.

• 제어로봇시스템학회논문지
• /
• 제13권10호
• /
• pp.933-939
• /
• 2007

Safety critical systems such as x-by-wire systems require in-vehicle network systems that can interconnect various sensors, actuators, and controllers. These networks need to have high data rate, deterministic operation, and fault tolerance. Recently, FlexRay protocol that is a time-triggered protocol has been introduced, and many automotive companies have been focusing on this protocol. This paper presents a design method of FlexRay network system and implementation of FlexRay-based motor control system.