[SystemSafety] Interesting new publication about safety for autonomous vehicles

[Olwen Morgan]

On 11/07/2019 10:47, paul_e.bennett at topmail.co.uk wrote:

<snip>

Could we do software interlocking such that when implemented would test 
out as robust as if we had done it mechanically? It is a tall ask I 
think, but one where this community should aspire to be able to achieve.

 >>> Yes, I think we could and that it should not actually be too tall 
an order. First the old relays could be replaced with modern solid-state 
equivalents. Then you encode the safe states of the interlocking network 
into a table and set interlocking state by moving between safe states in 
response to local train flow. In fact, you wouldn't even need to write 
much software to do it. In most cases it could be done quite safely with 
basic PLC functionality. If I were given the job of replacing a physical 
interlocking system with an equivalent digital one, my first 
recommendation would be to explore the possibility of mimicking the 
existing system using PLCs.

 >>> If you opted for a full software implementation, then AFAI can see, 
it should be relatively straightforward to do using a 
state-machine/action-system design for which, given careful design, 
testing could readily achieve 100% transition coverage of the underlying 
state machine and 100% simple path coverage or LCSAJ coverage for the 
transition actions. That would make automated stress testing on a test 
rig fairly easy to do.

 >>> Having seen the signalling diagrams, I believe that even the most 
complex junctions on London Underground (South Kensington - Earls Court 
area) would not be hard to convert to digital control, although using 
PLCs for those particular junctions might not be the best way to do it. 
Even so, as action systems go, they are well towards the lower end of 
complexity.


regards,
Olwen