The present invention relates to apparatus and techniques for performing vital processing in the context of a railway system that provides vital operation by which is meant that the system exhibits vital or fail safe characteristics, well-known to those skilled in the art.
More specifically, the invention constitutes an advancement over an original VRD (Vital Relay Driver) concept as embodied in the vital relay driver circuit assembly for a system known as VPI (Vital Processor Interlocking), VPI having been described in U.S. Pat. No. 4,831,521 and related patents such as: U.S. Pat. Nos. 4,498,650; 4,949,273; and 4,790,972.
The so-called VPI system and related systems are based, for the most part, on a logic scheme known as NISAL (Numerically Integrated Safety Assurance Logic), particular applications of which are described, for example, in U.S. Pat. No. 4,181,849, U.S. Pat. No. Reissue 30,986, U.S. Pat. Nos. 4,740,972 and 4,611,291.
The significant problem which has been presented in systems designs such as VPI and the like, is that the VRD (Vital Relay Driver) portion of the system gives rise to a deficiency because of its deviation from numerical safety assurance concepts that form the foundation of the remainder of the VPI system. The reason for this is that quantitative analysis has not been practical--because of the inordinate time consumption involved--with respect to safety assurance logic implementation of the VRD portion of the VPI design; i.e., painstaking safety analysis of software and hardware has been required. The results of the calculation of a "Probability Of Unsafe Event" for highly integrated electronic devices is impossible to substantiate with formal analysis. All possible failure modes and the associated effects cannot be demonstrated.
Accordingly, it is a primary object of the present invention to provide a VRD which overcomes the aforenoted problem. The new design for the VRD uses a discrete hardware circuit which implements a NISAL-based safety check algorithm only. Thus there is no software, microprocessors, etc., used in the present invention implementation of the VRD concept.
Another object is to provide a unique implementation of the contemplated VRD, henceforth, called NVRD (Numerical Vital Relay Driver). It will be understood that the philosophy of having any failure involving the corruption of one or more checkwords or failures within the hardware to lead directly to an infinitely random signal output from the checkword evaluator is not per se different in principle; however, the particular implementation as will be described is unique.