A train operation control system is an important part of modernization of a Chinese railway technology system and equipment and is one of the core technologies for guaranteeing safe, reliable and efficient operation of high-speed trains. Once the system fails, the result is often disastrous. With the rapid development of the national economy, the acceleration of urbanization, the expansion of railway construction scale and the further improvement of train speeds, a high-speed railway operation control system has played an increasingly important role, which also means that higher requirements are proposed for the safe and efficient operation of the train control system.
An on-board system is an important part of a CTCS-3 (Chinese Train Control System, the third generation, referred to as C3) level train operation control system, and is responsible for receiving ground data command information, generating a speed mode curve, monitoring the operation of a train and guaranteeing the safe operation of the train. Whether the system structure of the on-board system is reasonable is directly related to the safe operation of the train, thus security analysis needs to be carried out on the system structure. Weak links of system reliability may be found by the security analysis, and the design of the system can be further perfected accordingly, to further improve the performance of the system.
So far, a plurality of technologies have been developed based on the security analysis method, however, there are still some shortcomings when the security analysis method is applied to the train control system. FMEA (Failure Mode and Effects Analysis, potential failure mode and effects analysis) has very heavy workload, requires a user to have a sufficient understanding of the system, and cannot be used for analyzing the influence of a combined failure mode on the system. A failure tree analysis method proposes higher requirements on the user and has poorer reusability. HAZOP (Hazard and Operability Analysis, hazard and operability) has a prolix analysis process, and highly depends on experts and experience, while the accuracy of analysis results is limited.
Most of the methods above are highly subjective and depend on the ability of participants, the analysis is usually based on an informal system model and is very difficult to be complete, continuous and error-free, thereby influencing the reliability analysis of the train control system to a certain extent and potentially threatening life and property of people. Accordingly, a method capable of describing the inherent characteristics of the train control system and carrying out security analysis on the train control system is needed urgently.