Technical Reports

Safety Analysis of the ATCS

  • 01
  • Apr
  • 1990
AUTHOR: William W. Weinstein, Andrei L. Schor
SUBJECT: Evaluation
KEYWORDS: Advanced Train Control System, Advanced Railroad Electronics System, Accidents, Control Systems, Safety Analysis
ABSTRACT: There are two reasons to model Advanced Train Control System (ATCS) safety. The first is to provide a general sense of how well the ATCS performs, from the viewpoint of safety, with respect to the current signaling and control systems. The second is to examine the relative contribution to the overall accident rate of the various elements of the ATCS. This knowledge provides the ATCS designers with the ability to apply resources where they will do the most good. In the spring of 1987 the ATCS organization contracted with the Charles Stark Draper Laboratory (CSDL) to develop a model for the safety of railroad operation under the TCS. CSDL had previously conducted such an analysis for the Advanced Railroad Electronics Systems (ARES), and as a result of this prior effort had developed techniques for reducing the model of a railroad operating region to a problem of tractable dimension. Since ATCS and ARES address the same control problem and happen to share structural similarities, these techniques could be applied to ATCS as well. In order to address the specific needs of the ATC organization, significant enhancements were made to the modeling approach. The result was a spreadsheet-based model that provides improved modeling precision, allows a great deal of flexibility in specifying the characteristics of the operating region being modeled and provides a detailed breakdown of how well the ATCS addresses the hazards that produce accidents under current control system operation.