Author(s)

R Straatman, S de Jong & F van Dijk

Abstract

VPI (Vital Processor Interlocking) is a fail-safe microprocessor based system used to safeguard several yards of the Dutch Railways. The safety logic is defined by means of Boolean equations. You can compare the Boolean equations as a free wired interlocking and because of this, every application is unique in its safety logic, and should therefore be subjected to an exhaustive validation and verification test. The validation and verification process of VPIs is split into two diverse processes. On the one hand a detailed check of the VPI source-code, which is carried out manually and, on the other hand, the safety logic is subjected to a logic safety test. Due to the increasing usage of VPI applications, the amount of logic safety tests became a problem, because both test hardware and test capacity is limited (see also: Process optimisation in the engineering of safety-systems, Comprail2000, JvS, GaF, FvD). To make the verification process less time consuming, several improvements of the process have been made. One of them is the automation of test vector generation, which is largely automated. The test vectors are generated, based on generic test rules, from a database containing the track layout, and signal aspect sequence charts of the yard. Another improvement is the reduction of the amount of test hardware. Where formerly the logic safety test was executed on a copy of the actual hardware, the tests are now executed on a VPI simulator which is equipped with a graphical user interface for entering input stimuli and viewing output. At this moment (august 2001), the first release of the VPI simulator is available and put into service in test processes, resulting in a significant saving of test hardware and testing time.

Keywords