1/5

RAILWAY SAFETY
INTEGRITY LEVELS

@Babu Mamidi
 1/5
The SIL(Safety Integrity Levels)value is a
measure of the reliability and availability of a
safety system. It is the measurement of
performance of a safety system under all the
stated conditions within a stated period of time.

@Babu Mamidi
 CBTC subsystem SIL Level

ATP SIL4

ATO SIL2

IXL or CBI SIL4

ATS SIL2

@Babu Mamidi
CBTC Subsystem
and it's SIL level
CBTC safety System design should consider

1️⃣Fail Safe Design Principle

2️⃣Protection against Software Fault
3️⃣Protection against Hardware Fault
4️⃣Protection against Human Error

CBTC system
@Babu Mamidi
should consider..
The CBTC signalling system's safety-critical
nature necessitates a fail-safe design
principle, ensuring a safe system state in case
of subsystem or component failure.
Redundancy techniques, such as redundant
processor channels or communication
networks, are often used to mitigate single-
point hardware failures.

Redundancy can only tolerate a single random

fault, so it must be combined with comparison
or voting techniques to detect faults.
Combinations of redundancy and voting can
lead to hardware architectures like 2oo2, 2oo3,
and 2*2oo2.

Fail Safe Design

@Babu Mamidi
Principle:
Core Computer Based Telecommunications
(CBTC) functions are primarily achieved
through application software running on a
reliable hardware platform. The correctness of
CBTC software functionality is ensured through
rigorous development, testing, verification, and
validation processes compliant with the
software safety standard EN50128.

Defensive programming and fault detection

mechanisms in software architecture prevent
unexpected behavior, utilizing inductive and
deductive analysis techniques for safety-
critical software, considering software diversity
and performance penalties.

@Babu Mamidi
Protection against
Software Fault:
Common protection mechanisms against
hardware faults include voting or comparison
tactics or mature software coding techniques
like hamming codes, cyclic codes, and
polynomial codes (Cyclic Redundancy Check).
These techniques provide quick assurance of
message integrity but are not suitable for
intentional data alteration. Fault diagnosis can
enhance system availability and reduce
maintenance costs.

Protection against
@Babu Mamidi
Hardware Fault:
Human error is a significant contributor to
modern system accidents. Current CBTC
design solutions address this by designing
appropriate human machine interfaces and
constraining human behaviors. Dual
confirmation and diverse inputs are used to
mitigate hazards, but each has limitations.
Both techniques can be combined into a single
ATS design, ensuring safety and preventing
accidents.

@Babu Mamidi
Protection against
Human Error:
 Share
Like

WAS THIS HELPFUL?

Be sure to save it so you
can come back to it later!

@Babu Mamidi