Analysis
Bombardier Selects Green Hills Platform for Industrial Safety for Next-Generation Train Control Management System
Bombardier, the global leader in rail technology, is partnering with Green Hills Software to develop the safety platform for its next-generation Train Control Management System (TCMS) that will simplify maintenance and aid the certification process. The TCMS will use the Green Hills Platform for Industrial Safety, which incorporates the IEC 61508 SIL3 safety-certified INTEGRITY real-time operating system (RTOS) and the MULTI® integrated development environment (IDE). Green Hills Software will also develop and conduct the CENELEC EN 50128 safety certification for a board support package for Bombardier’s system.
BombBombardier is the world’s largest supplier of passenger and freight rail transportation systems with over 100,000 vehicles currently in operation. It is at the forefront of the drive to combine the highest levels of safety certification with the most ergonomic and energy-efficient rail vehicles. Working together with Green Hills Software, the largest independent vendor of embedded software solutions, Bombardier is developing a TCMS that will be more flexible and easier to upgrade than existing systems. This capability is particularly valuable given the long lifecycle of railway rolling stock.
A derivative of IEC 61508, EN 50128 is the European standard for railway applications – communications, signalling and processing systems. As system safety monitoring increases, the task of certification can become increasingly complex. This is due to the manner in which individual functions are handled by separate computer boards, in order to prevent a failure in a non-safety element compromising a safety-critical element of the system. The outcome of this traditional approach is that each carriage on a train might require up to 50 boards in its control system.
By adopting Green Hills Software’s safety-certified INTEGRITY RTOS, developers are able to run applications containing software of multiple levels of safety criticality concurrently on a single processor. The INTEGRITY secure separation kernel enables applications to be partitioned in such a way as to ensure that an error or failure in one application cannot impact negatively on another. Using INTEGRITY, Bombardier will be able to maintain the highest safety certification standards while significantly reducing the number of boards in the TCMS. This change will simplify future system upgrades and maintenance; result in better space utilization and lower energy usage.
Igor Savicic, head of TCMS, Bombardier Transportation, Propulsion & Controls, commented, “The ability of the INTEGRITY RTOS to partition safety-critical functions from non-safety-related elements will help to streamline our development process to meet our customers’ needs. Working with Green Hills Software to develop the safety platform for the TCMS will simplify safety certification of systems to EN 50128, hastening the rollout of product enhancements and regional variants.”
Peter Sandberg, TCMS system architect, Bombardier Transportation, Propulsion & Controls, added, “The INTEGRITY RTOS, having been deployed and certified on dozens of safe and secure systems, is the most competent platform on which to develop our next-generation systems and also provides a highly effective route to EN 50128 certification.”
Bombardier is working closely with Green Hills Software’s EMEA (Europe, Middle East and Africa) Engineering Centre in the Netherlands, which will also develop and certify the board support package.