Article

"Une nouvelle génération du processeur sécuritaire codé"

Authors:
To read the full-text of this research, you can request a copy directly from the author.

No full-text available

Request Full-text Paper PDF

To read the full-text of this research,
you can request a copy directly from the author.

... Les équipements développés en France sont souvent à base de processeur codé et n'utilisent donc que des cartes spécifiques. Lorsqu'il s'agit de traiter des séquences codées, on peut utiliser des circuits intégrés du commerce ou des ASIC [2] ; en revanche, dans tous les autres cas, la technologie utilisée est soit à base de composants discrets, soit à base de circuits hybrides étant donné la difficulté de concevoir des circuits intégrés capables en cas de Le deuxième chapitre est réservé à la présentation du circuit de capteur du courant dénommé BICS dans les publications anglo-saxonnes. Ce circuit permet de mesurer le courant de fuite d'un sous-circuit. ...
Article
Each actuator of a sail-safe system must be controlled by a fail-safe (i.e. a signal which in presence of failures is either correct or safe). Self-checking systems deliver groups of encoded signals and are not adequate for driving these actuators (since each actuator is controlled by a single signal, which must be fail-safe individually). Due to this particular requirement it was not possible to implement fail-safe systems in VLSI. Therefore all existing fail-safe systems are composed of a self-checking or fault tolerant processing system (e.g. using error detection codes, duplication, triplication etc.), and of a fail-safe interface implemented using discrete components. This interface transforms the outputs of the processing system into fail-safe signals. The draw back of these interfaces is that they are very cumbersome and have a high cost. Furthermore using discrete components results in lower MTTF with respect to VLSI implementations, so that the system availability is reduced. It is therefore mandatory to implement fail-safe interfaces in VLSI. The present work describes a fail-safe interface realised in a smart power technology. It transforms the groups of encoded signals into high-level power signals for driving thus actuators. It combines fail-safe concepts, self-checking design and current monitoring to achieve high levels of safety.
Chapter
This chapter presents the first implementation of a processor and software-based application in the field of railway transport. This application is known as the “safety-coded processor” (SCP). After successful implementation within the SACEM context, the coded safe processor was considered by all stakeholders in the field as an architecture ensuring safety of a software-based system. The principles implemented are independent of hardware architecture. For this reason, in addition to the SACEM project, this architecture has been deployed on many railway projects such as the POMA 2000 in Laon, Maggaly in Lyon, the automatic light vehicle (VAL: véhicule automatique léger) in Chicago O’Hare, the train vital management (TVM) 430 of the North TGV, the SAET from METEOR or the two VAL lines from Charles de Gaulle airport (inaugurated in 2007). The chapter also presents the normative and legal constraints. fifth generation systems; railway industry
Chapter
The computers used for the automation of railway systems have increasingly important needs in terms of safety and availability. This chapter begins by presenting the architecture and safety principles of the simple computer, based on the principle of encoding. Then, it presents the principles of redundancy used in the past. The chapter also presents the integrated redundancy protocol that we currently use to provide the high availability demanded by the railway applications, starting from the principles and objectives to the detailed design. fifth generation systems; railway safety; redundancy
Chapter
Siemens SAS Industry Mobility is an international center of excellence for the creation of fully automatic subway systems and is a world leader in automated urban transport systems. The classic software development cycle involves specification, design, coding, testing and maintenance phases. These documents are translated into a formal model using B [ABR 96], known as the abstract model. The purpose of reviews is to identify faults in B models and their documentation as early as possible. Monitoring and analysis activities are also carried out with each evolution of Atelier B and the relevant transcoding tools. The implementation of automatic refinement has allowed us to multiply the size and complexity of our applications by 4, while reducing the size of development teams and the time needed to create our systems.
Chapter
Although formal analysis programming techniques may be quite old, the introduction of formal methods only dates from the 1980s. These techniques enable us to analyze the behavior of a software application, described in a programming language. It took until the end of the 1990s before formal methods or the B method could be implemented in industrial applications or be usable in an industrial setting. Current literature only gives students and researchers very general overviews of formal methods. The purpose of this book is to present feedback from experience on the use of "formal methods" (such as proof and model-checking) in industrial examples within the transportation domain. This book is based on the experience of people who are currently involved in the creation and evaluation of safety critical system software. The involvement of people from within the industry allows us to avoid the usual problems of confidentiality which could arise and thus enables us to supply new useful information (photos, architecture plans, real examples, etc.). Topics covered by the chapters of this book include SAET-METEOR, the B method and B tools, model-based design using Simulink, the Simulink design verifier proof tool, the implementation and applications of SCADE (Safety Critical Application Development Environment), GATeL: A V and V Platform for SCADE models and ControlBuild.
ResearchGate has not been able to resolve any references for this publication.