自动控制毕业论文中英文资料外文翻译文献.docx

自动控制毕业论文中英文资料外文翻译文献.docx

《自动控制毕业论文中英文资料外文翻译文献.docx》由会员分享，可在线阅读，更多相关《自动控制毕业论文中英文资料外文翻译文献.docx（16页珍藏版）》请在冰点文库上搜索。

自动控制毕业论文中英文资料外文翻译文献

　毕业论文外文译文

学院　　自动化与电气工程学院　

专　业　　自动控制　　

Cｏmponent-basedSaｆｅtyCｏmputerofRailwaｙ　ＳｉｇｎalInｔｅrlｏcｋiｎgSystem

1Ｉntroｄｕcｔｉoｎ

SignalIｎterlocｋingSystemis　thecriticaleqｕiｐmｅntwhichcanguarａｎtｅe　tｒａｆficsafetyandｅｎhanceoｐeratiｏnal　efficiency　in　ｒailwaｙｔｒaｎｓpｏｒtａtioｎ.Ｆoralong　ｔime,tｈecoreconｔrｏlcomputer　adoptsin　iｎtｅrlｏckｉngsystemis　thespｅｃｉalｃustoｍizedhigh-graｄｅsaｆetyｃｏmpｕter,ｆorexaｍple，tｈeSＩMＩS　oｆSiemens,ｔheEI3２ｏfNｉｐpｏnSｉgnal,aｎd　sｏｏn.Ａlong　withthｅrapiｄ　dｅvelｏpmeｎtofelectroｎictｅchｎology,the　customiｚedｓａfeｔycoｍpｕtｅriｓ　ｆacingseveｒｅｃhallenges，for　inｓｔaｎcｅ，tｈehighdevelopmentcｏｓｔs,poｏrusabilｉty，weaｋexpａｎｓibｉlityand　sｌowteｃhnｏlｏgy　ｕpdate.To　ｏvercomｅtheflaws　oｆ　tｈehｉgh-grade　speｃialcustomizｅd　compｕter,theＵ.S.DepartｍentofDeｆｅnsｅｈasｐuｔｆｏrwarｄｔhecｏncept:

ｗeshoulｄａdoptcommｅrcial　sｔaｎｄardｓtoｒeｐlａce　mｉlitarynoｒmｓandstandａrds　for　ｍeetｉngcoｎsumers’demanｄ［１].Ｉnｔheｍｅantime,tｈerｅａｒeseveｒaｌｅxplorationsandpｒactｉcｅsabｏutａdoptinｇoｐeｎsystemaｒchiｔecｔureiｎａvioｎｉcs．TｈeUnited　Stａｔｅdａnｄ　Europehaｖeｄomucｈｒesearchaboututilizingcｏst-effeｃｔｉvefault-tolｅｒantｃomｐutｅrｔorepｌace　tｈedeｄicａｔｅdｃoｍpｕterin　aｅrospaceａndother　ｓａfety-ｃriticａlfｉelｄs.Iｎ　recｅnt　ｙears,itｉsgrａduａllybecominｇanewtrendthat　ｔｈeｕtilｉzatｉonof　sｔaｎdａrdｉzｅdcomｐoneｎｔsiｎaeｒospａcｅ,indusｔrｙ,transpｏrtatioｎ　and　other　ｓａfeｔy－critiｃａlｆieｌds．

2　Railwａyｓ　sigｎａliｎterloｃkｉngｓysｔem

２.１　Functｉoｎｓ　ofｓｉｇnaliｎterlocking　sｙstem

Ｔhe　basｉcfuncｔioｎoｆsignaliｎterlockingsyｓｔｅm　istｏprotecttｒａinsａｆeｔybｙconｔrolling　ｓigｎalｅquｉpｍeｎｔs,suｃh　as　sｗｉtcｈpｏiｎtｓ,　sｉｇnａlsanｄ　tracｋ　unitｓin　ａｓtａtioｎ,　aｎdｉtｈandles　rouｔes　vｉａａcｅrｔain　ｉｎterloｃking　reｇｕｌation．

Sincｅ　ｔｈｅｂirｔhｏfｔheraiｌway　ｔraｎsｐortａｔｉon,signaｌ　inteｒloｃｋingsyｓtemｈａsgｏne　thrｏughｍａnｕal　sigｎaｌ,ｍｅchaｎicａl　sigｎal,relａy-bａseｄinterloｃkｉng,anｄ　tｈeｍoｄern　ｃompｕter-based　IｎterlockingSysteｍ.

２.2Ａｒchｉtectｕｒeｏfsignａliｎterloｃkinｇsｙstｅm

Geｎerally，　thｅInｔerloｃkinｇＳysteｍhas　ahieｒarchｉcalｓtructure.Accordingtｏ　ｔhe　fｕｎcｔiｏnｏfequipｍentｓ,　ｔhｅsystemcanbedivｉdedto　tｈefｕnｃtionofequiｐmeｎts;　tｈeｓyｓtemcan　ｂeｄiｖｉdｅｄｉnｔothrｅelaｙeｒsａsshown　in　fｉgurｅ1.

Figure　1AｒｃhiteｃtｕｒeｏfＳiｇnalＩnteｒｌoｃkingＳystem

3Componeｎt－basedsａfetycoｍpuｔerdeｓign

3.1　Ｄeｓｉgｎｓtrateｇy

Ｔｈe　deｓign　conceptof　coｍｐonｅnｔ-ｂased　ｓafeｔyｃｒitｉｃａｌcｏmｐuterisｄiffeｒeｎt　fromｔhaｔｏfspeciａlｃustｏmizedcomputeｒ.　Ourdeｓigｎstraｔegy　of　SICis　onabaｓeｏffａult－tolerａnceandsystem　intｅｇration.　WeseparatｅtｈｅSＩCｉnｔｏｔhreｅ　ｌayers,thestandardizｅdcｏmpoｎentunitlayer,sａfetｙ　softwarｅｌａｙｅrandthｅsyｓtemｌaｙeｒ．Difｆerentｓaｆeｔyfunctiｏｎsareallocatedｆoｒｅaｃｈlayer,　aｎdthefinalintegrationof　thｅthreｅlaｙｅrsｅnｓuｒｅsthepredefinedsafety　iｎtegrｉｔｙlevｅｌofｔhewhｏle　ＳIC.The　tｈrｅeｌayeｒsｃａｎbｅｄescｒibedasfolｌows:

（１）　Ｃoｍponｅntunitlayｅr　incｌudeｓfour　ｉnｄｅｐenｄentstandaｒdizeｄ　CPUmodules.Ａharｄｗare　“SAＦETＹ　AND”lｏgｉc　isiｍplemｅntediｎthisｙear.

（2）　Ｓafｅｔysｏｆｔwaｒｅlayer　ｍaｉｎｌyutilizｅsｆail-safeｓtrategｙaｎdfault－tolerant　mａnageｍｅnｔ．Tｈｅiｎｔeｒlｏcｋinｇｓafeｔycomｐutingoftheｗhｏｌesyｓtem　ａdoｐtstwooutputsfroｍdiffｅrentCPU,　ｉt　caｎmostlyenｓｕre　ｔhｅ　divｅrsityoｆｓoｆｔwaretohold　wiｔh　ｄesignｅrrorsofsiｇnalveｒsｉoｎａnd　removeｈｉdｄenｒisｋs.

（3）　Systｅmｌaｙｅrａimsｔoｉmpｒｏvereｌiabｉlity,avａｉｌabilitｙaｎdmaｉｎtainａbｉlitybｙmeansoｆｒedunｄancy.

3.2Deｓigｎ　ofhardwａre　fault-toleｒaｎtstrucｔure

Aｓsｈｏｗniｎfｉｇｕrｅ　2,　tｈｅＳICof　fouriｎｄｅpｅndentcomponｅntｕnits（C11,C１２，　C2１,C２２）.Thｅfault-ｔｏｌｅrantarchiｔectuｒｅadopts　duaｌ2vote2（２v2×2）stｒｕｃture，and　ａ　kindofhigｈ－perｆormａncestａｎdardｉzedmodulｅhasｂeenselecteｄａscoｍputiｎgunitｗhichａdｏptsInｔeｌXScalｅｋerｎeｌ,5３3MHZ．

Theoｐeraｔionｏf　SＩCisbaｓedona　dual　two-layerdａｔaｂｕses.Tｈehighbｕs　aｄopts　thｅｓｔaｎｄaｒd　Etheｒnetanｄ　TCＰ／IPcｏmmunicａｔion　protoｃoｌ,anｄtｈｅloｗbus　isCｏｎｔrｏllerＡｒeａＮｅtwｏrk（ＣAN）.C1１、C１2andC21、Ｃ22　rｅspeｃtivｅlｙ　make　upoftwｏ　safｅｔycompuｔinｇｃompｏnentsIC1　anｄＩC2,ｗhichaｒe　of2v2strucｔure.Ａndeaｃｈ　ｃomｐｏnenthaｓａnexternal　dｙnamicｃｉrcｕiｔwatchdｏgｔhaｔis　sｅtforｃomputｉｎg　sｕpervision　andsｗｉｔcｈiｎg.　

Figuｒe　２HaｒdwａreｓtructｕrｅofSIC

3．3ﻩStａndardizedcｏｍｐｏｎentunit

After　comｐｏnent　moｄuｌe　is　mａde　certain,accoｒdingto　ｔhesafeｔy-criticaｌrｅqｕireｍentsoｆraｉlｗaｙ　sｉｇｎaｌ　iｎtｅｒlockiｎg　sysｔem,ｗehavｅｔodoa　secoｎdarｙｄeveｌopmentonｔｈemodｕle．　Tｈeｄｅsｉgnincludes　poweｒsupply,　ｉｎterfａcｅsandｏtｈｅrｅmｂｅｄdｅdcircｕｉｔs.

The　fａuｌt-ｔolerant　prｏceｓsing,syncｈronizeｄ　ｃｏｍputiｎg,ａｎdｆaｕltｄiagnｏsｉｓ　ofSICｍostly　ｄｅpeｎd　ｏntheｓａfeｔｙｓoｆtｗarｅ．Hｅｒethesafetysｏｆｔwａrｅｄesiｇnmetｈoｄｉsdiｆferinｇfｒomthａtofthespecialcoｍｐuｔｅrｔｏo．Fordeｄiｃａｔeｄ　compuｔer，theｓofｔwareisoｆteｎspecially　desｉgned　baseｄon　the　bａrｅhａrｄｗare.Ａｓ　ｒｅstｒicted　bycomputiｎgabilｉｔyａndａpplicａtionoｂjｅct,a　speｃｉａlｓchｅｄuｌingｐrogram　isｃommonlyｄeｓiｇneｄassａfetｙsofｔwareｆｏrtｈeｃｏmpｕter,andnota　univerｓaｌopeｒatingsysteｍ．Thefaｕlｔ-tｏleｒantprｏcessiｎｇａnd　faｕlt　ｄｉagnｏsis　ｏfｔhededｉcatedcｏmputerａretightｌｙhａrｄwarｅ-coｕｐｌeｄ.Hｏweｖer,thesafｅtysofｔwarｅ　forSICisexoｔericaｎdｌｏosｅｌyhardware－ｃｏupled,aｎd　iｔisｂaseｄ　onaｓｔaｎdardLinuxOS.

Thｅsaｆetysｏftwarｅｉsｖitaｌｅlemeｎt　ｏfsecondarydｅveloｐmenｔ.Ｉｔincludeｓ　LiｎuxOSadjusｔmｅｎt,fail-saｆeｐrｏcesｓ,faｕlt-toｌerａｎceｍanagemｅnt，aｎdｓafetyinｔeｒlockiｎg　logic.Thｅhierarchy　ｒeｌatiｏnsbetweentheｍ　arｅshownin　Ｆｉｇｕre4.

Ｆigｕre4　Sａｆety　sｏｆｔwarｅhｉｅrａrｃhyofSＩC

3.４Faｕlt-ｔoleｒａntmodelaｎdｓafetｙｃomｐｕtaｔｉoｎ

3．4.１Fａuｌｔ－toｌeraｎtmodel

The　Ｆaｕlt－tｏｌｅraｎｔｃｏｍputationofSIＣｉsofamｕltilevel　ｍodel:

SＩＣ＝Ｆ1０02D（F20０２（Sc11,Sc１2）,F2００2（Sｃ21,Sc２２））

Firstly,baｓicｃomｐｕtｉngunit　Ｃi1adoｐtsoｎealgorithmｔoｃｏmpｌｅtｅthe　SCi1,　andCi2finishestheＳCi２ｖiaａdifferentalgｏrithm,sｅconｄlｙ2ｏut　oｆ２　（2ｏo2）sａfetycomputingｃｏｍpoｎenｔ　oｆ　SIC　execｕteｓ2ｏｏ２ｃalcｕlaｔｉonandｇｅtsFSICifromtｈecalｃｕlatiｏn　rｅsultsofSCi1SCi2,andｔhirｄly,　aｃcordｉｎgthesｔaｔes　ofwatchdog　anｄｓwiｔｃhunit　bloｃk,the　resｕltofSＩC　ｉsｇottenvｉaa　1　outof2withｄiaｇｎosticｓ（1oo2D）　calｃulａtｉoｎ,whｉcｈisbaｓedoｎ　FSIC1andＦSＩC２.

The　flｏwofcaｌculａtionsiｓａsfｏllowｓ:

（1）Sci1=Fci１（Dnet1,Dｎｅt２,Ddｉ，Dfss）

（2）　Sci２=Fcｉ2　（Dneｔ1，Dnｅt2，Ddi，Ｄfｓs）

（3）　FSＩCi=Ｆ２ｏo２　（Sci1,　Ｓcｉ2）,（i=1,2）

（４）　SIC＿OutPut=F1ｏｏ２Ｄ　（FＳIC１，　FSIＣ2）

3.4.2Safｅtｙ　ｃomputatｉｏn

Asｉｎtｅrlockｉｎgsystemcｏnsistsoｆaｆixedsｅtoftaｓk,tｈe　coｍpuｔatｉonalmoｄeｌofＳICｉstaｓk-based.Ingｅnｅｒaｌ,appｌicatｉｏnｓ　ｍayｃｏｎｆｏｒmtoatime－triggeｒed，event-triggｅredormixeｄcompuｔationａlmodel．Ｈｅreｔhetｉme-triggerｅdmodｅiｓseleｃtｅｄ,tasks　are　eｘecｕtedcyclｉｃaｌly．Thecoｎsisteｎcｙ　of　cｏmpuｔｉngstatesbeｔwｅｅnｔhetwounitｓistｈeｆoundaｔionｏfSIＣforｅｎsuringsafｅtyaｎd　crediｂｉｌiｔy.ＡｓSICworｋｓｕndｅr　aｌooseｌy　cｏupledmoｄｅ,iｔisdｉｆferentfroｍｔｈatofｄeｄicatedhaｒdｗarｅ-coupled　computer．Ｓoaspeciａｌizedｓｙnchronizatｉonalｇorithｍisnｅｃｅsｓary　ｆoｒSIC．

SIＣcanbeconｓidereｄaｓa　mｕltiprocessｏｒdistributｅdｓysｔem,　aｎdｉtｓ　coｍｐutａtionaｌmodelisesｓenｔially　baｓeｄ　ondatacomｐarｉngviahighbｕs　cｏmｍuｎiｃation．Ｆirｓt，　aｎａｎaｌyｔical　ａpprｏａch　isusｅｄtocoｎｆｉrmthｅworst-caｓeｒespｏnｓe　tｉmeofeacｈtask.Tｏguａｒantｅeｔhｅ　deａdlｉnｅ　oftasｋs　that　cｏmmuｎicateａcｒossｔheｎetｗork，tｈeaccesｓｔｉme　ａnｄ　delaｙ　ｏf　coｍｍunicａtｉon　mediumisseｔto　a　fｉxed　posｓｉｂlｅvaluｅ.Morｅover,tｈe　cｏmputationalmodelmustmｅetstｈeｒｅaltimerequiｒｅmｅntsofrailwayinterlｏckｉｎｇsystｅｍ,ｗｉthin　ｔｈｅsysｔemｃoｍputiｎgｃycle,weset　maｎychｅｃkｐｏints　Pi（ｉ=1,2,...n）,whicｈ　aresｍalｌeｎouｇh　ｆorsynchroｎizatiｏn,anｄcｏmputatｉoｎresulｔ　votｉnｇisｅxeｃutedat　eachpｏinｔ.Thesafeｔy　computaｔiｏｎｆlowofSIＣiｓshowniｎFｉguｒe　5.

Ｆigurｅ５　SａfetｙｃompｕtatｉoｎalmodelofSＩC

4.Hardware　ｓafｅtyintegritylｅvelevaluatｉon

4．1　SａfetyＩntｅgriｔy

Ａsａn　authｏritatｉveinternａｔｉonalｓtandａrdfｏrsafety-relatedsyｓtｅｍ,IEＣ61５08pｒesentsａ　defiｎitｉｏn　ofsaｆeｔyｉntegrｉｔy：

proｂａbｉlｉtyofａsafety-ｒｅlatedｓysｔemｓａtisfacｔoriｌy　ｐerfｏrｍingｔｈeｒeqｕｉrｅdsafeｔyfunctionsunｄｅr　ａlltheｓｔatedcondiｔionswithin　astatｅｄ　ｐerioｄoｆｔiｍe．In　IEC6150８,therearｅfourlevｅｌｓ　ｏfsaｆeｔy　integｒitｙ　arｅ　pｒescribe,SIL1~SIＬ4.TｈeＳIL１is　tｈelｏweｓt,　and　SIL4higｈｅst.

ＡcｃｏｒdiｎｇtoIEC　6１５08,the　SＩC　ｂelonｇｓtｏ　safety-relａｔeｄsｙsｔemsinhiｇhdemandｏrcontｉnuoｕsmｏdeof　operatioｎ.TheSILofSICcanｂeevaluatedviａtｈｅpｒobabilityofdanｇerousｐerhouｒ.Theｐrｏvision　ofSILaboｕｔ　ｓuchsysteminIEC　61５０8,　seeｔable1.

Table　１-SafetｙInteｇritylｅvels:

tａrget　ｆailｕremeaｓures　forａsafetyfuｎcｔiｏnｏperａtingｉｎhiｇhdemａnd　oｒcontiｎｕous　modeof　opｅration

Ｓafｅｔy　Intｅgrityleｖel

Highｄemanｄ　or　conｔinuousｍoｄｅofOperation

（Probability　ofadangeｒous　Fａiｌｕｒｅperhouｒ）

4　　　　　　　　　　　　　　≥1０－9ｔo<10-8

3　　　　　　　≥１０-8tｏ＜10-7

2　　　　　　　　≥１0-７to＜１0-6

1　　　　　　　　　≥１０-6　ｔo＜1０-５

4．2Rｅliability　bｌocｋdiａｇrａmｏｆ　SIC

　Ａfteｒanａlyzing　theｓtrｕctｕreandworkｉng　principleoｆtheSＩC,wｅgetｔheｂoｃkｄiagraｍof　rｅliａbiｌity,　asｆｉｇure6.

Figｕre6Blockｄiaｇramof　SICreｌiａbilｉtｙ

５．Cｏｎｃｌusionｓ

Ｉｎ　thiｓpaper,wｅｐroｐｏsedaｎavailaｂｌestaｎdａrdizeｄ　cｏmｐｏnent-basｅdcoｍputeｒSIC．Railｗａysignaliｎterlockingiｓaｆail-safeｓystemwｉｔha　ｒequired　probabｉlitｙofless　ｔhan1０-9sａfeｔｙcriｔｉｃalfaiｌures　pｅｒhour．Ｉnordeｒ　ｔomeettｈecｒiticalcｏｎｓｔraｉｎtｓ,faｕlt-tｏleraｎｔaｒｃhitｅｃｔure　aｎdsafeｔytａctics　areuｓeｄinSIC.Alｔhoｕｇhthecompuｔaｔionalmoｄelanｄｉmpｌeｍenｔatioｎtｅchniquｅs　ａrerathercomｐｌｅx,the　phiｌosopｈy　ｏfSIＣｐroｖidesａcheｅｒfｕｌprｏspecttosafeｔycｒitｉｃalappliｃａｔions,　it　rendeｒsinａsimplｅr　styleofhａrｄwaｒe,furthｅrmore,iｔcａnｓｈｏｒtendｅvｅloｐmenｔcｙcle　aｎd　redｕce　cosｔ.　SIC　hasbeen　putinto　praｃｔiｃａl　applｉcaｔｉon，　ａndhigｈpeｒformanｃe　ofｒeliabilitｙaｎdsaｆeｔｙｈaｓｂeｅn　pｒovｅn.

………………………………………………………………………………………………………

　　　　　　　　　　　　　　　　Ｆｒom:

模块化安全铁路信号计算机联锁系统

1概述

信号联锁系统是保证交通安全、提高铁路运输效率的关键设备。

长期以