Low-cost railway level crossings - breaking down the barriers

Level crossing risk continues to be a significant safety concern for the security of rail operations around the world. Over the last decade or so, a third of railway related fatalities occurred as a direct result of collisions between road and rail vehicles in Australia. Importantly, nearly half of these collisions occurred at railway level crossings with no active protection, such as flashing lights or boom barriers. Current practice is to upgrade level crossings that have no active protection. However, the total number of level crossings found across Australia exceed 23,500, and targeting the proportion of these that are considered high risk (e.g. public crossings with passive controls) would cost in excess of AU$3.25 billion based on equipment, installation and commissioning costs of warning devices that are currently type approved. Level crossing warning devices that are low-cost provide a potentially effective control for reducing risk; however, over the last decade, there have been significant barriers and legal issues in both Australia and the US that have foreshadowed their adoption. These devices are designed to have significantly lower lifecycle costs compared with traditional warning devices. They often make use of use of alternative technologies for train detection, wireless connectivity and solar energy supply. This paper describes the barriers that have been encountered for the adoption of these devices in Australia, including the challenges associated with: (1) determining requisite safety levels for such devices; (2) legal issues relating to duty of care obligations of railway operators; and (3) issues of Tort liability around the use of less than fail-safe equipment. This paper provides an overview of a comprehensive safety justification that was developed as part of a project funded by a collaborative rail research initiative established by the Australian government, and describes the conceptual framework and processes being used to justify its adoption. The paper provides a summary of key points from peer review and discusses prospective barriers that may need to be overcome for future adoption. A successful outcome from this process would result in the development of a guideline for decision-making, providing a precedence for adopting low-cost level crossing warning devices in other parts of the world. The framework described in this paper also provides relevance to the review and adoption of analogous technologies in rail and other safety critical industries.

The role of human factors in led outdoor activity accidents: literature review and exploratory analysis

While the exact rate of incidence is unknown (due to the paucity of exposure data), it is acknowledged that safety compromising accidents and incidents occur in the led outdoor activity domain, and that they represent an important issue. Despite this, compared to other safety critical domains, very little is currently known about the key causal factors involved in such accidents and incidents. This report presents the findings derived from a review of the literature, the aim of which was to identify the Human Factors-related issues involved in accidents and incidents occurring in this area. In addition, to demonstrate the utility of systems-based, theoretically underpinned accident analysis methodologies for identifying the systemic and human contribution to accidents and incidents occurring in the led outdoor activity domain, three case-study accidents were analysed using two such approaches. In conclusion, the review identified a range of causal factors cited in the literature; however, it was noted that the majority of the research undertaken to date lacks theoretical underpinning and focuses mainly on instructor or activity leader causal factors, as opposed to the wider system failures involved. The accident analysis presented highlighted the utility of systems-based, theoretically underpinned accident analysis methodologies for analysing and learning from accidents and incidents in the led outdoor activity sector. In closing, the need for further research in the area is articulated, in particular focussing on the development of standardised and universally accepted accident and incident reporting systems and databases, the development of data driven, theoretically underpinned causal factor taxonomies, and the development and application of systems-based accident analysis methodologies.

Research outcomes for improved management of insulated rail joints

Insulated Rail Joints (IRJs) are safety critical component of the automatic block signalling and broken rail detection systems. IRJs exhibit several failure modes due to complex interaction between the railhead ends and the wheel tread near the gap. These localised zones could not be monitored using automatic sensing devices and hence are resorted to visual inspection only, which is error prone and expensive. In Australia alone currently there are 50,000 IRJs across 80,000 km of rail track. The significance of the problem around the world could thus be realised as there exists one IRJ for each 1.6 km track length. IRJs exhibit extremely low and variable service life; further the track substructure underneath IRJs degrade faster. Thus presence of the IRJs incur significant costs to track maintenance. IRJ failures have also contributed to some train derailments and various traffic disruptions in rail lines. This paper reports a systematic research carried out over seven years on the mechanical behaviour of IRJs for practically relevant outcomes. The research has scientifically established that stiffening the track bed for reduction in impact force is an ill-conceived concept and the most effective method is to reduce the gap size. Further it is established that hardening the railhead ends through laser coating (or other) cannot adequately address the metal flow problem in the long run; modification of the railhead profile is the only appropriate technique to completely eliminate the problem. Part of these outcomes has been adopted by the rail infrastructure owners in Australia.

Development and validation of a multilevel model for predicting workload under routine and nonroutine conditions in an air traffic management center

Objective: The aim of this study was to develop a model capable of predicting variability in the mental workload experienced by frontline operators under routine and nonroutine conditions. Background: Excess workload is a risk that needs to be managed in safety-critical industries. Predictive models are needed to manage this risk effectively yet are difficult to develop. Much of the difficulty stems from the fact that workload prediction is a multilevel problem. Method: A multilevel workload model was developed in Study 1 with data collected from an en route air traffic management center. Dynamic density metrics were used to predict variability in workload within and between work units while controlling for variability among raters. The model was cross-validated in Studies 2 and 3 with the use of a high-fidelity simulator. Results: Reported workload generally remained within the bounds of the 90% prediction interval in Studies 2 and 3. Workload crossed the upper bound of the prediction interval only under nonroutine conditions. Qualitative analyses suggest that nonroutine events caused workload to cross the upper bound of the prediction interval because the controllers could not manage their workload strategically. Conclusion: The model performed well under both routine and nonroutine conditions and over different patterns of workload variation. Application: Workload prediction models can be used to support both strategic and tactical workload management. Strategic uses include the analysis of historical and projected workflows and the assessment of staffing needs. Tactical uses include the dynamic reallocation of resources to meet changes in demand.

Security issues for future intelligent transport systems

Cooperative Intelligent Transportation Systems (C-ITS) allow in-vehicle systems, and ultimately the driver, to enhance their awareness of their surroundings by enabling communication between vehicles and road infrastructure. C-ITS are widely considered as the next major step in driving assistance systems, aiming at increasing safety, comfort and mobility for drivers. However, any communicating systems are subjected to security threats. A key component for providing secure communications at a large scale is a Public Key Infrastructure (PKI). Due to the safety-critical nature of Vehicle-to-Vehicle (V2V) communications, a C-ITS PKI has functional, performance and scalability requirements that differ from traditional non-automotive environments. This paper identifies and defines the key functional and security requirements for C-ITS PKI systems and analyses proposed C-ITS PKI standards against these requirements. In particular, the proposed US and European C-ITS PKI systems are identified as being too complex and not scalable. The paper also highlights various privacy, security and scalability concerns that should be considered for a secure C-ITS PKI solution in the Australian transport landscape.

The Australian naturalistic driving study: From beginnings to launch

The Australian Naturalistic Driving Study (ANDS), a ground-breaking study of Australian driver behaviour and performance, was officially launched on April 21st, 2015 at UNSW. The ANDS project will provide a realistic perspective on the causes of vehicle crashes and near miss crash events, along with the roles speeding, distraction and other factors have on such events. A total of 360 volunteer drivers across NSW and Victoria - 180 in NSW and 180 in Victoria - will be monitored by a Data Acquisition System (DAS) recording continuously for 4 months their driving behaviour using a suite of cameras and sensors. Participants’ driving behaviour (e.g. gaze), the behaviour of their vehicle (e.g. speed, lane position) and the behaviour of other road users with whom they interact in normal and safety-critical situations will be recorded. Planning of the ANDS commenced over two years ago in June 2013 when the Multi-Institutional Agreement for a grant supporting the equipment purchase and assembly phase was signed by parties involved in this large scale $4 million study (5 university accident research centres, 3 government regulators, 2 third party insurers and 2 industry partners). The program’s second development phase commenced a year later in June 2014 after a second grant was awarded. This paper presents an insider's view into that two year process leading up to the launch, and outlines issues that arose in the set-up phase of the study and how these were addressed. This information will be useful to other organisations considering setting up an NDS.

Effect Of Electroslag Refining On Microstructure And Mechanical-Properties Of Is-7670 Alloy

The electroslag refining technique is one of the modern tools which is capable of imparting superior mechanical and chemical properties to metals and alloys. Refining usually results in the elimination of a number of casting or solidification defects, such as shrinkage porosity, gas porosity, pipe, micro- and macro segregation. Remelting also imparts a directional grain structure apart from refining the size of the inclusions, grains and precipitates. This technique has over the years been used widely and successfully to improve the mechanical and chemical properties of steels and alloy steels which are used in the nuclear, missile, aerospace and marine industries for certain critical applications. But the application of ESR to aluminium and its alloys is only recent. This paper investigates the response of an aluminium alloy (corresponding to the Indian Specification IS: 7670) to ESR. Based on theoretical considerations and microstructural evidence it elucidates how ESR of aluminium alloys differs from that of ferrous alloys. The improvement achieved in mechanical properties of the alloy is correlated with the microstructure.

Automatic verification of distributed logic specifications

Formal specification is vital to the development of distributed real-time systems as these systems are inherently complex and safety-critical. It is widely acknowledged that formal specification and automatic analysis of specifications can significantly increase system reliability. Although a number of specification techniques for real-time systems have been reported in the literature, most of these formalisms do not adequately address to the constraints that the aspects of 'distribution' and 'real-time' impose on specifications. Further, an automatic verification tool is necessary to reduce human errors in the reasoning process. In this regard, this paper is an attempt towards the development of a novel executable specification language for distributed real-time systems. First, we give a precise characterization of the syntax and semantics of DL. Subsequently, we discuss the problems of model checking, automatic verification of satisfiability of DL specifications, and testing conformance of event traces with DL specifications. Effective solutions to these problems are presented as extensions to the classical first-order tableau algorithm. The use of the proposed framework is illustrated by specifying a sample problem.

Fault-Tolerant Average Execution Time Optimization for General Purpose Multi-Processor System-on Chips

Fault-tolerance is due to the semiconductor technology development important, not only for safety-critical systems but also for general-purpose (non-safety critical) systems. However, instead of guaranteeing that deadlines always are met, it is for general-purpose systems important to minimize the average execution time (AET) while ensuring fault-tolerance. For a given job and a soft (transient) error probability, we define mathematical formulas for AET that includes bus communication overhead for both voting (active replication) and rollback-recovery with checkpointing (RRC). And, for a given multi-processor system-on-chip (MPSoC), we define integer linear programming (ILP) models that minimize AET including bus communication overhead when: (1) selecting the number of checkpoints when using RRC, (2) finding the number of processors and job-to-processor assignment when using voting, and (3) defining fault-tolerance scheme (voting or RRC) per job and defining its usage for each job. Experiments demonstrate significant savings in AET.

Derating Based Hardware Optimizations in Soft Error Tolerant Designs

Ensuring reliable operation over an extended period of time is one of the biggest challenges facing present day electronic systems. The increased vulnerability of the components to atmospheric particle strikes poses a big threat in attaining the reliability required for various mission critical applications. Various soft error mitigation methodologies exist to address this reliability challenge. A general solution to this problem is to arrive at a soft error mitigation methodology with an acceptable implementation overhead and error tolerance level. This implementation overhead can then be reduced by taking advantage of various derating effects like logical derating, electrical derating and timing window derating, and/or making use of application redundancy, e. g. redundancy in firmware/software executing on the so designed robust hardware. In this paper, we analyze the impact of various derating factors and show how they can be profitably employed to reduce the hardware overhead to implement a given level of soft error robustness. This analysis is performed on a set of benchmark circuits using the delayed capture methodology. Experimental results show upto 23% reduction in the hardware overhead when considering individual and combined derating factors.

PriDyn: Enabling Differentiated I/O Services in Cloud Using Dynamic Priorities

Virtualization is one of the key enabling technologies for Cloud computing. Although it facilitates improved utilization of resources, virtualization can lead to performance degradation due to the sharing of physical resources like CPU, memory, network interfaces, disk controllers, etc. Multi-tenancy can cause highly unpredictable performance for concurrent I/O applications running inside virtual machines that share local disk storage in Cloud. Disk I/O requests in a typical Cloud setup may have varied requirements in terms of latency and throughput as they arise from a range of heterogeneous applications having diverse performance goals. This necessitates providing differential performance services to different I/O applications. In this paper, we present PriDyn, a novel scheduling framework which is designed to consider I/O performance metrics of applications such as acceptable latency and convert them to an appropriate priority value for disk access based on the current system state. This framework aims to provide differentiated I/O service to various applications and ensures predictable performance for critical applications in multi-tenant Cloud environment. We demonstrate through experimental validations on real world I/O traces that this framework achieves appreciable enhancements in I/O performance, indicating that this approach is a promising step towards enabling QoS guarantees on Cloud storage.

Robust near-threshold QDI circuit analysis and design

The two most important digital-system design goals today are to reduce power consumption and to increase reliability. Reductions in power consumption improve battery life in the mobile space and reductions in energy lower operating costs in the datacenter. Increased robustness and reliability shorten down time, improve yield, and are invaluable in the context of safety-critical systems. While optimizing towards these two goals is important at all design levels, optimizations at the circuit level have the furthest reaching effects; they apply to all digital systems. This dissertation presents a study of robust minimum-energy digital circuit design and analysis. It introduces new device models, metrics, and methods of calculation—all necessary first steps towards building better systems—and demonstrates how to apply these techniques. It analyzes a fabricated chip (a full-custom QDI microcontroller designed at Caltech and taped-out in 40-nm silicon) by calculating the minimum energy operating point and quantifying the chip’s robustness in the face of both timing and functional failures.

Influence of particle properties on the erosive wear of sintered boron carbide

Sintered boron carbide is very hard, and can be an attractive material for wear-resistant components in critical applications. Previous studies of the erosion of less hard ceramics have shown that their wear resistance depends on the nature of the abrasive particles. Erosion tests were performed on a sintered boron carbide ceramic with silica, alumina and silicon carbide erodents. The different erodents caused different mechanisms of erosion, either by lateral cracking or small-scale chipping; the relative values of the hardness of the erodent and the target governed the operative mechanism. The small-scale chipping mechanism led to erosion rates typically an order of magnitude lower than the lateral fracture mechanism. The velocity exponents for erosion in the systems tested were similar to those seen in other work, except that measured with the 125 to 150 μm silica erodent. With this erodent the exponent was initially high, then decreased sharply with increasing velocity and became negative. It was proposed that this was due to deformation and fragmentation of the erodent particles. In the erosion testing of ceramics, the operative erosion mechanism is important. Care must be taken to ensure that the same mechanism is observed in laboratory testing as that which would be seen under service conditions, where the most common erodent is silica.

Lightweight Formal Methods for the Development of High-Assurance Networking Systems

We survey several of the research efforts pursued by the iBench and snBench projects in the CS Department at Boston University over the last half dozen years. These activities use ideas and methodologies inspired by recent developments in other parts of computer science -- particularly in formal methods and in the foundations of programming languages -- but now specifically applied to the certification of safety-critical networking systems. This is research jointly led by Azer Bestavros and Assaf Kfoury with the participation of Adam Bradley, Andrei Lapets, and Michael Ocean.