This section provides background information related to the present disclosure which is not necessarily prior art.
The background description provided herein is for the purpose of generally presenting the context of the disclosure. Work of the presently named inventors, to the extent it is described in this background section, as well as aspects of the description that may not otherwise qualify as prior art at the time of filing, are neither expressly nor impliedly admitted as prior art against the present disclosure.
An external safety system, such as a railway system, may include fault-tolerant failsafe computer systems configured to implement a safety application. The fault-tolerant failsafe computer systems may include a plurality of hardware components electrically and logically coupled in order to implement the safety application. The safety application selectively communicates with safety critical hardware and software. The safety critical hardware and software are configured to control safety relevant functions of the railway system.
For example, a train riding on the railway system includes a braking system. The braking system is configured to implement at least one safety relevant function, such as a braking function. The braking system includes a brake and software configured to actuate the brake. The software receives instructions to actuate the brake. For example, an operator of the train may operate a braking system user interface in order to instruct the software to actuate the brake. Periodically, an erroneous instruction to actuate the brake may be generated by a faulty component of the railway system. Accordingly, a fault-tolerant failsafe computer system configured to validate instructions received by external safety systems is desired.