About the project
The vehicles must meet the highest safety requirements. The control system architecture therefore calls for implementing safety functions in a dedicated control unit – the Safety Control Unit or SCU. While Stadler implemented the non-safety-relevant vehicle functions, Enotrac implemented the SCU part of the software, which includes the safety-relevant functions.
The SCU is an autonomous unit consisting of a CPU, secure hardware interfaces and communication capabilities with the central vehicle control system and other systems. The implementation of the SCU complies with the requirements of EN 50657 (new EN 50716) with Safety Integrity Level 2 (SIL-2).
The safety functions include, among others, driver vigilance control, roll-back protection, and emergency brake request from the passenger area.
Our contribution
A typical V-development model with the distribution of roles in Rolling Stock (Project Manager, Implementer and Tester) and RAMS (Validator) departments was established. An independent assessment was also part of the assignment.
The phases defined in the EN 50657 standard are as follows:
- Planning
- Software Requirements
- Architecture and Design
- Component Design
- Component Implementation and Testing
- Integration
- Overall Software Testing / Final Validation
The SCU software was implemented using a function block diagrams according to IEC 61131 with a certified function block editor. The function block diagrams are translated into executable code by certified tools and run on a certified operating system from Selectron.

© Selectron
Facts and Figures
-
Client
Stadler Rail AG
-
Period
2022 – 2023
-
Location
Newcastle upon Tyne, GB