Abstract—Fixed-block railway signaling systems are both regarded as Discrete Event System (DES) due to having DES-like features in their structure and safety-critical due to the fact that the occurrence of a fault may result with a huge loss of life and property. Therefore, DES-based modeling and fault diagnosis methods which are also recommended in the railway related safety standards are applicable to fixed-block signaling systems. On the other hand, the design steps of software for safety-critical systems are guided by software lifecycles. Among different lifecycle models proposed in the literature, the V-model is one of the most well-known software development lifecycle model. In this study, a modification for the V- model is proposed by adding a DES-based fault diagnosis step to the V-model. The proposed method is also explained with a case study on the German Ks signaling system. Keywords—Fixed-block railway signaling systems, discrete event systems, fault diagnosis, German Ks system, software development lifecycle, the V-model. I. INTRODUCTION IKE in all other safety-critical system applications, software development process for railway signaling systems are also guided by software lifecycle models. For railway signaling systems, in addition to the recommendations of the EN 50126, EN 50128 and EN 50129 standards, recommendations of the IEC 61508 standard should be taken into consideration. These standards recommends to use the V- model for software development processes (the V-model lifecycle). Definition of the scope of the software, hazard and risk analysis, definition of the software requirements, determination of the safety requirements, software design, software integration, software tests, installation, commissioning, validation, operation, maintenance, repair and decommissioning are dealt with in this lifecycle Moreover, the IEC 61508-7 [1] describes fault diagnosis as the process of determining if a system is in a faulty state or not whereas, This work was supported by The Scientific and Technological Research Council of Turkey (TÜBİTAK) project number 115E394 – Fail-Safe PLC implementation of Interlocking System Design with Fault Diagnosis capability for Fixed-block Railway Signaling Systems. M.S. Durmuş is with the Electrical and Electronics Engineering Department, Pamukkale University, 20070, Denizli, Turkey (phone: +90-258- 296-3156, e-mail: msdurmus@pau.edu.tr). İ. Üstoğlu is with the Department of Control and Automation Engineering, Yildiz Technical University, Istanbul, Turkey (e-mail: ustoglu@yildiz.edu.tr). DES-based fault diagnosis and the diagnosability is described by Sampath et al. [2] as the detection with a finite delay occurrence of failures of any type using the record of observable events. The diagnoser is obtained by using the system model itself and it observes online the behavior of the system [3]. In particular, the EN 50128 standard, Table A.3 (Software Architecture) highly recommends to use fault detection and diagnosis for SIL3 (Safety Integrity Level) systems [4]. In this study, the DES-based fault diagnosis method is added as an intermediate step into the V-model software development lifecycle. The proposed modification provides advantages in three ways: 1. checks if the constructed software model covers all software requirements related with the faults, 2. decrease the costs by early detecting the modeling deficiencies before passing to the coding and test phases in the V-model, 3. enables designers more plain and simple coding. The paper is organized as follows: a brief description of the DES-based fault diagnosis concept is given with an example in section II, the V-model lifecycle and the proposed modification is given in section III, the German Ks signaling system with a case study is explained in section IV and finally, the paper ends with a conclusion in section V. II. DISCRETE EVENT SYSTEMS BASED FAULT DIAGNOSIS AND A RAILWAY POINT STUDY An event is defined by [5] as an encountered specific action, unplanned incident caused by nature or a result of numerous condition which are suddenly all met. A DES is a discrete- state, event-driven system in which the state evolution of the system depends entirely on the occurrence of discrete event over time. Representation of such a system with a model is necessary as in the conventional control theory. Events in DESs can be classified as observable and unobservable events. A system (or a software module) is said to be diagnosable if it is possible to detect, with a finite delay, occurrences of certain unobservable events which are referred to failure events [2]. In other words, a system is said to be diagnosable if the type of the fault is always detected within a uniformly bounded number of firings of transitions after the occurrence of the fault [6]. The diagnoser is built from the system model itself and performs diagnostics when it observes online the behavior of the system. An Application of Discrete Event Systems based Fault Diagnosis to German Railway Signaling System Mustafa S. Durmuş, İlker Üstoğlu L INTERNATIONAL JOURNAL OF SYSTEMS APPLICATIONS, ENGINEERING & DEVELOPMENT Volume 11, 2017 ISSN: 2074-1308 70