2021/11/30

SIL4 Data Center – a new platform architecture for safety-relevant railway applications

With digitalization, a multitude of new technologies will be introduced to the railway system. These will not only place high demands on performance and connectivity of IT environments, but also strict requirements on safety. As part of the Digitale Schiene Deutschland sector initiative, DB Netz AG and Siemens Mobility GmbH have taken a first important step in this direction and have developed the basic architecture for "SIL 4 Data Centers" – the data centers, in which safety-critical railway applications will run. SIL4 (Safety Integrity Level 4) stands for the highest level of safety and reliability in the railway system. 

 

Digitalization, automation and artificial intelligence are the key to higher capacity and optimal utilisation of the rail network. The task of Digitale Schiene Deutschland is to bring these new technologies into the railway system, which also requires a technological leap in terms of highly safe, new IT platforms.   

In a joint research project, DB Netz AG (DB) and Siemens Mobility GmbH (SMO) developed a basic platform architecture for "SIL 4 Data Centers". This will be the foundation on which safety-relevant railway applications such as future 

control command and signalling (CCS) systems based on the European Train Control System (ETCS), digital interlockings and a safe high-precision location of trains are to run in the future. 

 

One important design paradigm is that the platform architecture should provide a clear and standardised separation of application, runtime environment and hardware. With this, the very different life cycles of the various hardware and software components can be taken into account and supported. The platforms should also be based as far as possible on mass-produced commercial-off-the-shelf (COTS) components, enable a strong centralisation of safety-relevant applications in a small number of data centers, and be scalable. Last but not least, the platforms should be flexible in the sense that applications can be ported between data centers if necessary. 

 

The research project took into account the preliminary work on the generic "Safe Computing Platform" of the railway initiatives "Reference CCS Architecture" (RCA) and "Open CCS Onboard Reference Architecture" (OCORA), but focused on trackside data centres and went significantly beyond the work in RCA and OCORA, e.g., with a detailed development of solutions for geo-redundant data centres and migration approaches. It describes, for example, how to move from the digital interlockings that are currently being rolled out to the new platform architecture. 

 

The project partners jointly concluded that SIL4 Data Centers according to the aforementioned premises are generally feasible, and that the related long-term business clearly case appears positive. However, various challenges were identified that must be overcome, e.g., regarding the integration of components from different manufacturers, their testing and the overall system approval. Possible solutions were identified for this. 

 

The results of the collaboration were summarised in a paper article of Signal + Draht and documented in a comprehensive research report. DB Netz AG would like to take this opportunity to thank Siemens Mobility GmbH for the pleasant and fruitful collaboration on this important foundation of digitalised rail operations and is looking forward to the next steps on this topic within the Digitale Schiene Deutschland!