SAFe-VX
Safe Computing by Kontron & SYSGO
Vital Computing Platform for Safety-critical Systems
in Rolling-stock and Wayside Applications
Safety-critical computer based on qualified VPX building blocks
Safety-critical RTOS: SYSGO PikeOS
Compact 40HP platform, 4U height typical
SIL-ready certifiable architecture (SIL2/SIL3/SIL4)
Safety certification kit
/ / 2 www.kontron.com
PLATFORM ARCHITECTURE
INTRODUCTION
The SAFe-VX safety computing platform is a half 19” 4U platform
based on VPX 3U building blocks. It is certifiable up to SIL 4 and
specifically designed for safety-critical rolling stock or wayside
applications.
SAFe-VX is well suited for the control of all safety-related func-
tions in wayside applications as well as in new trains and also for
the refurbishment of trains. Thanks to its modularity, it is easy to
tailor the SAFe-VX to the required I/O subset and environmental
conditions.
Due to its VPX standard openness, it is possible to build an all-in-
one safe control system plus non-vital processing safely separat-
ed through strict partitioning with PikeOS RTOS from SYSGO acting
as an hypervisor. Interfacing to existing train communication is
achieved through Ethernet links or fieldbuses.
The versatility and the segregation of the tasks and the application
allow critical and non-critical partitions to cohabit without jeopar-
dizing the safety, enabling train operators to run several applica-
tions on a single platform needed for example in Data Analytics,
Artificial Intelligence or Autonomous Trains.
The total cost of ownership is dramatically decreased through an
easy maintenance of standard components. Longer operating life
is achieved by the modularity and the longevity of the VPX archi-
tecture, designed for long term programs, and for partial technol-
ogy refresh with a minimum impact on applications.
The base configuration is a redundant one, including three identi-
cal VPX processor modules, interconnected by a Gigabit Ethernet
switch module through a backplane. SAFe-VX does not present
any single point of failure.
Due to its modular architecture, SAFe-VX oers a high level of
flexibility in terms of CPU, storage and I/Os. CPU boards integrated
in SAFe-VX have already been certified with safety critical real time
hypervisor and RTOS such as PikeOS from SYSGO. The other major
building blocks like the PSU and the fan trays can be oered with
redundancy. In the simplest implementation, all boards are shar-
ing the same Power Supply Unit. The boards are electrically isolat-
ed from each other by the backplane design in order to guarantee
the absence of common root cause of failure.
When needed, two SAFe-VX can be used in parallel to reach the
expected availability at SIL4 level.
Ethernet Ethernet Ethernet
EthernetSafety I/O (ch B)Safety I/O (ch A)
Backplane
Interconnects
EthernetI/O
CPU
Gateway or
monitoring
CPU
Channel A
CPU
Channel B
Ethernet
switch