This invention relates generally to control systems, and more particularly to methods and systems for implementing high integrity control of safety critical control systems.
At least some known control systems, including control systems in nuclear power plants, aircraft, and other applications where high reliability is determined to be needed, are qualified for those applications after rigorous testing and certification of all the components of the system. Components that do not meet the rigorous criteria are segregated from the qualified components and are not permitted to perform safety-related functions. Such rigorous testing is expensive and time consuming and may be able to be accommodated in new construction of a new model of equipment or new construction of a power plant. However, retro-fitting components for a safety-related system into an existing system, for example, a standard locomotive can be cost prohibitive.
To permit trains to operate autonomously having what is termed a “zero man crew”, operation with de-skilled operators, or operation with a “single man crew” requires a level of safety and reliability of the train control system that heretofore does not exist. Replacing all existing control equipment in all existing locomotives represents a cost that will prohibit implementation of the zero-man-crew concept. A method and system for supervising the operation of low vitality equipment to permit high vitality operation of the vehicle control system is needed.