Professional Documents
Culture Documents
P205 ISCS D2.2 SRS Rev0.4.0
P205 ISCS D2.2 SRS Rev0.4.0
ISCS
Software Requirements
Specification
Yaw Choon Kit Norjannah Hazali Liong Zhong Jin Han Chung Siew
Requirement Manager Verifier Validator Project Manager
14 July 2023 14 July 2023 14 July 2023 14 July 2023
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
Revision History
Rev. No. Rev. Date Rev. Description Revised By
Page 2 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
- ISCS-SWRS-301091-08-04
Page 3 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
Contents
1 Introduction ................................................................................................................................... 9
1.1 Purpose of Document ........................................................................................................... 9
1.2 Scope of Works ..................................................................................................................... 9
1.3 Acronyms, Abbreviations and Terms .................................................................................. 10
1.3.1 Acronyms and Abbreviations ...................................................................................... 10
1.3.2 Terms .......................................................................................................................... 14
1.4 References .......................................................................................................................... 15
1.4.1 Reference Documents ................................................................................................ 15
1.4.2 Standards .................................................................................................................... 15
1.5 Requirement ID ................................................................................................................... 16
2 Document Structure .................................................................................................................... 17
3 Overall Description [ISCS-SWRS-100000] ............................................................................................. 18
3.1 General [ISCS-SWRS-101000] ....................................................................................................... 18
3.2 ISCS HMI [ISCS-SWRS-102000] .................................................................................................... 19
3.3 System Integration [ISCS-SWRS-103000] ...................................................................................... 20
3.4 Standard Conformance [ISCS-SWRS-104000]............................................................................... 21
3.5 Software Version / License [ISCS-SWRS-105000] ......................................................................... 21
3.6 Source Code Escrow [ISCS-SWRS-106000] .................................................................................. 22
3.7 Constraints and Assumptions [ISCS-SWRS-107000] ..................................................................... 22
3.8 Software Failure Reports [ISCS-SWRS-108000] ............................................................................ 22
3.9 Software Management Control [ISCS-SWRS-109000] ................................................................... 23
3.9.1 General [ISCS-SWRS-109010] ............................................................................................... 23
3.9.2 Software Quality Assurance Plan [ISCS-SWRS-109020] ....................................................... 23
3.9.3 Software Release and Management Control [ISCS-SWRS-109030]...................................... 24
3.9.4 Software Progress Tracking [ISCS-SWRS-109040] ............................................................... 24
3.9.5 Software Audit [ISCS-SWRS-109050] .................................................................................... 25
3.9.6 Software Documentation [ISCS-SWRS-109060] .................................................................... 26
3.9.7 Safety Integrity Level [ISCS-SWRS-109070] ......................................................................... 26
3.9.8 Software Deliverables and Licenses [ISCS-SWRS-109080] ................................................. 26
3.9.9 Backup [ISCS-SWRS-109090] ............................................................................................... 27
Page 4 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
5.1.5 Private Automatic Branch Exchange System (PABX) Interface [ISCS-SWRS-301050] ......... 55
5.2.2 High Voltage System (HV) /Integrated Building Management System (iBMS)/ Electrical
System (ES)/ Low Voltage System (LV) [ISCS-SWRS-302020] ............................................................. 63
5.2.3 Traction Power System (TPS) Interface [ISCS-SWRS-302030] ............................................. 63
5.2.4 Access Management System (AMS) Interface [ISCS-SWRS-302040] ................................... 64
5.2.5 Automatic Fare Collection System (AFC) Interface [ISCS-SWRS-302050] ............................ 65
5.2.6 Rolling Stock (RS) Interface [ISCS-SWRS-302060] ............................................................... 65
5.2.7 Signalling System (SS) Interface [ISCS-SWRS-302070] ........................................................ 66
5.2.8 Platform Screen Door (PSD) Interface [ISCS-SWRS-302080] ............................................... 67
5.2.9 Depot Equipment, Service Vehicle (TWP) Interface [ISCS-SWRS-302090] .......................... 67
5.2.10 Maintenance Management System (NOT USED) [ISCS-SWRS-302100] .............................. 67
Page 6 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
Figures
Figure 1-1: Requirement ID Example ................................................................................................. 16
Figure 5-1: Sequence Diagram for Monitoring of the CBN Systems .................................................. 50
Figure 5-2: Data Flow Diagram for Monitoring of the CBN Systems .................................................. 50
Figure 5-3: Sequence Diagram for Monitoring of the WDCS Systems .............................................. 50
Figure 5-4: Data Flow Diagram for Monitoring of the WDCS Systems .............................................. 51
Figure 5-5: Sequence Diagram for Message Display and Audio Announcement Synchronization ... 51
Figure 5-6: Data Flow Diagram for Message Display and Audio Announcement Synchronization ... 51
Figure 5-7: Sequence Diagram for Train Information Status .............................................................. 53
Figure 5-8: Data Flow Diagram for Train Information Status .............................................................. 53
Figure 5-9: Sequence Diagram for Monitoring of the Monitoring and Annunciation of PABX and System
Alarms ................................................................................................................................................. 56
Figure 5-10: Data Flow Diagram for Monitoring of the Monitoring and Annunciation of PABX and
System Alarms .................................................................................................................................... 56
Figure 5-11: Sequence Diagram for “District map” Display ................................................................ 57
Figure 5-12: Data Flow Diagram for “District map” Display ................................................................ 57
Figure 5-13: Sequence Diagram for Voice Recording ........................................................................ 58
Figure 5-14: Data Flow Diagram for Voice Recording ........................................................................ 58
Figure 5-15: Sequence Diagram for ESP Activation .......................................................................... 60
Figure 5-16: Data Flow Diagram for ESP Activation .......................................................................... 60
Figure 5-17 : Sequence Diagram for “Triggering of TVS Mode” ......................................................... 62
Figure 5-18: Data Flow Diagram for “Triggering of TVS Mode” .......................................................... 62
Figure 5-19: Sequence Diagram for Monitoring of the Traction Power Network ................................ 63
Figure 5-20: Data Flow Diagram for Monitoring of the Traction Power Network ................................ 63
Figure 5-21: Sequence Diagram for Control Output Circuit ................................................................ 63
Figure 5-22: Data Flow Diagram for Control Output Circuit ................................................................ 64
Page 7 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
Tables
Table 1-1: Table of Abbreviations ....................................................................................................... 10
Table 1-2: Table of Definitions ............................................................................................................ 14
Table 1-3: List of Reference Documents ............................................................................................ 15
Table 1-4: List of Standards ................................................................................................................ 15
Table 2-1: Document Structure with the Section Number and Content Descriptions ......................... 17
Table 3-1: ISCS Integrated Systems .................................................................................................. 20
Table 5-1: PA Announcement Priority Levels ..................................................................................... 52
Page 8 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
1 Introduction
The Government of the Republic of Singapore and the Government of Malaysia have agreed to jointly
develop the RTS Link project to enhance connectivity between Malaysia and Singapore, to benefit
commuters who travel between Singapore and Johor Bahru. The RTS Link will primarily serve as an
alternative mode of transport for commuters currently utilising the Johor Bahru-Singapore Causeway
to cross the border. The RTS Link is intended to be a convenient, safe, and cost-effective system that
integrates well with other transportation services in Woodlands and Johor Bahru.
The RTS Link will be a shuttle link with double tracks that crosses the Straits of Johor via a high bridge.
It will serve two terminal stations, one in Woodlands, Singapore and the other in Bukit Chagar, Johor
Bahru, Malaysia. The proposed link will be approximately 4.6km in length, and the crossing will take
approximately 5-10 minutes. The RTS Link Operator (who will be the Employer) will be required to
operate the RTS Link all year round.
The purpose of ISCS Software Requirement Specification (SRS) is to define software requirements
for ISCS to fulfill the system requirements specification stated in ISCS System Requirements
Specification (P205_ISCS_D2.1_SysRS).
This document shall categorize all requirements as [INFO] Information, [BI] Basic Integrity, or [SIL 2]
SIL 2 according to EN 50128:2011 + A2:2020 standard. Basic Integrity requirements shall be used for
development of non-safety related software.
In addition, any software requirements that involves configuration data that shall be used by project to
fulfill the system requirements via application data configuration shall be tagged additionally as [CD]
Configuration Data.
This document will supersede the Software Requirement Specifications of Integrated Supervisory
Control System (ISCS) (RTS-SY03-SYS-EIC-SPC-30001) Revision 05.
This document shall describe ISCS software functional requirements, software non-functional
requirements and interface requirements.
Page 9 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
BI Basic Integrity
Page 10 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
HA High Availability
HV High Voltage
IP Internet Protocol
NA Not Applicable
PA Public Address
Page 11 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
RS Rolling Stock
SS Signalling System
TTNT Time-To-Next-Train
Page 12 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
Page 13 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
1.3.2 Terms
Table 1-2: Table of Definitions
Term Definition
MAY This word, or the adjective “OPTIONAL”, denotes a truly optional item.
One developer may choose to include the item because it is required
by a specific requirement or because the project owner/manager
believes it improves the product, while another developer may choose
to leave it out.
MUST This word, or the phase “REQUIRED” or “SHALL”, denotes that the
definition is a requirement of the specification in its entirety.
MUST NOT This term, or the word “SHALL NOT”, indicates that the specification’s
definition is an absolute prohibition.
SHOULD NOT The phrase, or the phrase “NOT RECOMMENDED”, indicates that
there may be valid reasons for a particular behaviour to be acceptable
or even useful in specific circumstances, but the full implications
SHOULD be understood and the case carefully weighed before
implementing any behaviour described with this label.
Site The ‘Site’ may be considered the whole site of the project, a particular
worksite, a sub-set of a worksite or a smaller section of a worksite that
may be specific to a particular part of the project or WPC
Systems Consultant Ch2M Sdn Bhd or other persons appointed from time to time by the
Employer and notified to the WPC.
Page 14 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
1.4 References
1.4.2 Standards
Table 1-4: List of Standards
ISO 9000:2015 All parts Quality Management and Quality Assurance Standards
*Note: The latest version of the standard and applicable test as of the contract effective date shall be
used.
Page 15 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
1.5 Requirement ID
Every requirement specification in this document shall be assigned with a unique identification (ID) for
traceability of subsequent documents including design, implementation and testing phase.
In this document, every requirement shall be assigned the ID format as follows:
ISCS-SWRS-ABBCCD-EE-FF-GG
where;
A – SWRS Heading Level 1
The numbering assignment starts from Section 3.
BB – SWRS Heading Level 2
CC – SWRS Heading Level 3
D – SWRS Heading Level 4
EE – SWRS Item Number Level 1
FF – SWRS Item Number Level 2
GG – SWRS Item Number Level 3
Example:
2. System requirement:
“Malfunction power failure.”
2 Document Structure
The following table summarizes the document structure:
Table 2-1: Document Structure with the Section Number and Content Descriptions
Section Content
Number
Section 1 This section introduces the document by providing domain background and
documents references to be considered.
Section 2 This section briefs the content of each section in the document.
Section 3 This section briefs on the overall description of the software.
Section 4 This section details all functional requirements of the software. These are specific
software functions that must be implemented to enable users to accomplish their
tasks, which are further categorized into different features.
Section 5 This section details all the external interface requirements of the software. These
are specific types of functional requirements to outline how the software interfaces
with other components.
Section 6 This section details all non-functional requirements of the software. These are
performance attributes of the software and define how the software should perform
to satisfy user expectations. If a performance attribute is specific to a certain
component, it shall be listed under the functional requirements.
Section 7 This section refers to the techniques and measures used to produce this
document.
Section 8 This section summarizes SIL 2 related requirements.
Section 9 This section refers to the traceability matrix for the requirements in the Software
Requirement Specification to the System Requirement Specification
Page 17 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
1) [INFO]
For systems requiring operational control, the ISCS HMI shall be the primary method of
operator control.
2) [BI] All
normal operator functions available within each of the controlled systems must be provided
at a minimum by the ISCS HMI.
Page 19 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
3) [BI]The ISCS HMI shall provide all required operator functionalities, inputs, and outputs to allow
full operation of the interfaced subsystems, so that the operator is not required to operate the
interfaced subsystems' equipment directly in normal operation.
4) [BI] Anysub-system functionality that the operator requires shall be incorporated into the ISCS, so
that the functions and features are presented consistently across the ISCS HMI.
1) [INFO] Foralarm and status monitoring, as well as system control, the ISCS system shall interface
with all other rail systems, as defined by the systems' interface requirements.
2) [INFO] The
ISCS system shall interface to the following systems to provide the required alarm and
status monitoring and / or operational control functionality.
Page 20 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
22 HV System Yes No
3) [BI]
As a minimum, the ISCS HMI shall provide all operator functions available within each of the
interfaced systems that are required for day-to-day operation.
1) [INFO] The
user interface shall be designed and developed in line with ISO 11064-5 to provide the
operator a consistent look and feel throughout all functionalities and views within the ISCS.
2) [INFO]
All ISCS displays and GUI shall also undergo an ergonomic design approach following the
Ergonomic & Human Factors Guidelines for Control Rooms and Control Centres and shall comply
with the requirements for electronic visual displays in ISO 9241-303.
3) [INFO]
During software programming, proven programming languages and methods defined in an
internationally recognised standard shall be used.
4) [INFO] Defined Codes of Practice shall be used to develop or modify the software.
5) [INFO]
For any developed and customised software, the WPC shall comply with the requirements
of EN 50128 and produce the specified output documents. These documents shall be submitted
to the Employer for review and acceptance.
1) [INFO]
With the exception of operating systems, all commercial "off the shelf" third-party software
shall be the most recent version.
2) [INFO]
Communication Systems shall have no physical dongle license and not dependent on the
identification and attribute of the hardware/equipment specific.
3) [INFO]
All equipment license shall be transferred to the end user that enable full setup on
replacement server, workstation, and spare parts.
4) [INFO] The baseline version shall be identified and documented in the Software Product Definition
if a previously developed software shall be reused.
5) [INFO] The supply of the ISCS shall include all necessary software perpetual licenses.
6) [INFO] All licenses shall be fully transferred to the Employer on completion of the works.
Page 21 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
1) [INFO]
For proprietary software that are used in vital systems, the WPC and the Employer shall
enter into an agreement with the Source Code Escrow for placing the proprietary software source
code used in the ISCS system as a minimum for a period equal to the design life of the ISCS
system.
2) [INFO]
The Escrow agreement shall enable the release of the sources code to the Employer from
the Sources Code Escrow under the condition that the WPC is in breach of the obligation of
maintenance and support of the software in the ISCS system as required in the Contract and in
the Escrow agreement.
3) The WPC shall provide the proposed Escrow agreement for the Employer’s review and
[INFO]
acceptance and shall incorporate any requirement from the Employer as necessary.
4) [INFO] The
WPC shall be responsible for the costs involved in establishing the Source Code Escrow
agreement and for the period of the whole period of the Escrow program.
1) [INFO] The
WPC shall generate a software failure report for each software failure that occurs, once
the software has been approved for inclusion into the system and is subject to configuration
control.
2) [INFO]
All such reports shall be retained as part of the testing and commissioning records for the
system and subject to inspection by the Employer.
3) [INFO] The report shall clearly show:
1. The observed symptoms
2. The likely cause
3. The fault category
4. The operator input
4) [INFO] Thereport shall also clearly show the following information which shall be entered when the
failure has been investigated:
1. The actual cause of the failure
2. The corrective action taken
Page 22 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
2) [INFO] Atypical contents list for the Software Quality Assurance Plan shall define, but shall not be
limited to:
1. The organisation of the WPC’s software development and testing personnel including his
subcontractors of any tier, to illustrate the division of the works among the team members,
and full details of the qualifications and experience of all software team leaders shall be
included in the Plan.
2. The WPC software development lifecycle processes, including those of his subcontractors,
in accordance with the requirements of ISO 12207 and/or EN 50128, whichever is applicable;
the WPC shall explain in the Plan the reason(s) for any specific development lifecycle
processes and/or documents that are to be combined or further split.
3. The software verification and validation processes in accordance with the requirements of
ISO 12207 and/or EN 50128 whichever is applicable, indicating clearly the parties involved
for each process.
4. The WPC configuration management processes in accordance with the requirements of ISO
10007 for the configuration management of software and documentation; the WPC
configuration management processes shall be extended to manage the software
configuration of his subcontractors of any tier.
5. An automated tool proposed by the WPC for keeping track of software changes and the full
history of software versions.
6. The proposed format for recording the configuration status of each software configuration
item which shall be reported in the Monthly Progress Report.
7. The proposed format for recording the software installation status of all software after the
commencement of Partial Acceptance Tests (PAT) which shall include, but shall not be
limited to, system/subsystem name; software name; software version/ baseline number,
installed locations, and key software changes. A softcopy of the software installation status
shall be provided to the Employer monthly and/or as requested by the Employer.
8. The proposed format of a software release note for notifying the Employer on the release of
each new version of software for Factory Acceptance Tests (FAT) and/or on-site tests; the
software release note shall include, but shall not be limited to, reference to baseline
Page 23 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
3) [INFO]
The WPC shall, at least once every six (6) months and/or as requested by the Employer,
review and update the Software Quality Assurance Plan to meet the requirements and
development of the Works throughout the Contract. For any amendments to the Plan, the WPC
shall as soon as practicable submit the proposed amendments for approval by the Employer.
4) [INFO]
For any proposed replacement of the software team leader(s), the WPC shall submit full
details of the qualifications and experience of the proposed replacement to the Employer for
approval. The replacement once approved, shall report for duty at least one (1) month prior to
the departure of the original team leader(s).
clear understanding of the software scope, software architecture and the planning of development
activities.
2) [INFO]
The WPC shall elaborate the entire software development efforts in detail in the Works
Programme, highlighting the critical path for the activities. The Works Programme shall include,
but shall not be limited to, the following activities:
1. software activities of all software components at each development lifecycle phase;
2. software related Milestones
3. internal software audit and software assessment
4. any other details as directed by the Employer
3) [INFO]
The WPC shall establish and implement metrics for the measurement of the quality and
progress of software activities. All metrics shall be based on auditable data. The metrics which
shall be reported in the Monthly Progress Report, as a minimum, shall include:
1. number of total, passed and failed FAT cases
2. number of total, passed and failed PAT cases
3. number of total, passed and failed SAT cases
4. number of passed test cases per month for FAT, PAT and SAT
5. number of outstanding software defects
6. number of software defects rectified per month
Page 25 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
during the audits. The WPC shall submit proposed corrective and preventive actions within seven
(7) days from the receipt of the CAR or OBS, to the Employer for review. The WPC shall take
timely corrective and preventive actions to rectify the CAR or OBS and to prevent any re-
occurrence and shall provide evidence of such to the Employer. The WPC shall maintain
communications with the auditor to ensure that all CAR/OBS are closed in a timely manner.
1) [INFO] Unless the Safety Integrity Level (SIL) of software is specified in the Contract, the WPC shall,
prior to the commencement of software requirement phase, assess the SIL for the software in
accordance with EN 50128 and IEC 61508. Each software component within a system shall by
default have the same SIL as that of the system. The assessment result, together with
justification, shall be recorded in a SIL assessment report and submitted to the Employer for
review.
1) [INFO] The WPC shall submit the following items to the Employer for review at least three (3) months
prior to the issue of the Completion Certificate for the Works:
1. Inventory list(s) of all software components installed for the Works
2. Licences of software
3. A backup copy of all delivered software in secondary storage media together with installation
instructions to enable complete and/or partial re-installation of all software components for
the Works
4. All software source codes together with all necessary development tools
5. A backup copy of the required software source files in secondary storage media.
2) [INFO] For
any further software modifications after the items have been approved by the Employer,
the WPC shall re-submit the revised items to the Employer by the end of the Defects Liability
Period or as requested by the Employer.
3) [INFO] TheRailway Operator shall be granted a royalty-free, non-exclusive and irrevocable licence
to use all software delivered for the Contract for an unlimited period.
4) [INFO]
In order to allow for future software maintenance by the Railway Operator, the WPC shall
deliver to the Employer the software source files of project specific software as required by the
Specifications. As a minimum, the source files of the following project specific software shall be
delivered:
Page 26 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
1) [INFO] The
WPC shall perform at least a fortnightly backup for the outputs of software development
works including those in progress, and shall also maintain backup copies of all software baselines
produced in the past six months. The WPC back-up process shall ensure zero data loss.
1) [INFO] TheWPC shall follow the requirements specified in the GS and the requirements of this PS
for the development and management of all software elements supplied under the Contract.
2) [INFO] The WPC shall produce a list of safety related software modules.
3) [INFO]
Based on the list, the WPC shall analyse the possible effects of each failure on these
components on the systems.
4) [INFO]
The analysis shall show that the software architecture has been thoroughly analysed to
ensure that all credible faults are identified, the fault control methods are effective, and the
residual faults are non-hazardous.
5) [INFO] The WPC shall remove all the dormant or unused code from the software before testing.
1) [INFO]The software shall take into account hardware systematic, random, and common mode
failures.
2) [INFO]
Data-driven software (including parametric or configurable software) shall be protected
against possible errors arising from entry of incorrect data through accepted procedures.
3) [INFO] If
vital and non-vital software is to be implemented on a single hardware platform, then all of
the software shall meet the requirements for vital software unless appropriate techniques are
used to ensure vital software is unaffected by the non-vital software.
4) [INFO] Safety
of software design shall be assured by the incorporation of fail-safe principles in the
design of safety-critical modules.
5) [INFO]
Fail-safe designs shall ensure that any failure, or combination of failures, shall result in a
condition that is known to be safe.
6) [INFO]
The software design shall adopt the Checked-Redundancy Design principle. The checking
process shall encompass the complete subsystem, and/or all components, related to performing
safety-critical functions.
Page 27 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
7) [INFO]
The checking process shall detect any failure of the subsystem which may degrade the
integrity of the safety function. Where software is used to implement a system function, then
software errors shall be considered as failures.
8) [INFO]
Common mode failures shall be eliminated by ensuring that the independence of the
checked-redundant paths of the safety-critical subsystem is maintained. This independence shall
be extended to include the subsystem power supplies and software components of the checked-
redundant elements, such that no common faults, environmental conditions, power fluctuation, or
EMI give rise to common mode failure.
9) [INFO]
The checking process shall be comprehensive and frequent. It shall be performed at least
as often as the function which is being checked and sufficiently frequently that the probability of
an unsafe failure shall satisfy the safety design requirement.
10) [INFO]Critical decision processes, which directly impact the system safety, within the software
program, shall be structured to ensure minimum complexity and thus allow for review and explicit
testing of the logic paths.
11) [INFO]
The dependence of safety of the system on a single software decision process, logic path,
or critical data element shall be avoided, where possible, by incorporating diversity within the
software design.
12) [INFO] Databases which contain information that can impact the safety performance of the supplied
system, shall be considered safety-critical, and shall be appropriately protected during data
storage, retrieval, communications, and processing.
13) [INFO] The
software system shall be designed to ensure that all such data is accurate during initial
data entry, processing, utilisation, and update, and a process shall be established for appropriate
data management of this safety-critical data.
1) [INFO]
The WPC shall implement a quality assurance system in compliance with the following
requirements and specified in the GS.
2) [INFO] In
addition to the requirements of GS, the WPC shall also submit the following for review and
acceptance of the Employer, to describe the software management methodology:
1. Software Management Plan
2. Software Development Plan
3. Software Configuration Management Plan
4. Software Verification & Validation Plan
3) [INFO]
Periodic testing of functions shall be carried out in accordance with the requirement in EN
50128 for ensuring that software functions are properly tested and meet safety requirements.
4) [INFO] All safety-related functions shall be allowed for testing during overall system operation.
Page 28 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
1) [BI]
The ISCS allow an operator with sufficient privileges to inhibited, suspended from the scanning
process, or forced to the required value to an alarm from a certain device, for example no alarms
from this device are generated during maintenance of the device.
2) [BI]
Inhibition/scan suspension/forcing/LOTO shall be notified on the display where the device
appears by icons, text or a change in colour.
Page 29 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
workflow study.
10) [BI]
The operator shall be able to use ISCS HMI to perform operation function, control function and
monitor function on all railway system and selected E&M systems.
11) [INFO]
The operator shall be able to control and monitor all equipment and functions for operation
of the relevant area of control.
Page 30 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
2) [BI]
The system shall allow for the creation of various operator profiles, each of which determines
the actions that an operator with that profile can execute.
3) [BI] The user access management system shall have the following typical functions:
1. Definition of User Profiles
2. Definition of Users
3. Assignment of profiles to users
4. Profiles Management:
1. Add/Remove Profiles
2. Defining profile permissions
5. Users Management:
1. Add/Remove Users
2. Assignment of profiles to users
6. Centralised authentication service
4) [BI]
The system administrator shall have the authority required to manage the user access
management system.
5) [BI]
A user database containing all operators together with the allocated area(s) of authority shall
be maintained.
6) [BI]
ISCS HMIs shall be provided used to keep track of all logged-in users and their assigned areas
of authority, and the state of automated log off enable / disable.
7) [BI]
The operator shall be allowed to log-in using his/her profile in the workstation at any location
to perform the control and monitoring functions as granted under the corresponding area of
authority.
Page 32 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
11) [BI]
The Employer's senior management shall be responsible for providing a unique password (for
the Takeover procedure).
12) [BI] The Employer shall be able to change the password as often as it is required.
13) [BI]
The WPC shall be responsible to study the OCC and BOCC change over operation, and
provide a report to Employer that shall cover of, but not limited to, the following items:
1. Manual switch over individual sub-systems
2. Failure on OCC
3. OCC server is down
4. Server change-over but operation remain at OCC and vice versa
5. OCC switchover to BOCC process
6. BOCC switch back to OCC process
14) [BI]
The control changeover shall not result in the loss of current displays and there shall be no
effect on system performance following completion of a changeover.
15) [INFO]
The ISCS equipment at BOCC shall be a direct copy of that in the OCC and provide full
redundancy.
1) [BI]
The application shall give the operator the ability to program a series of commands, save them
on disc with a given identity, and then subsequently execute them in the same order as they were
programmed, upon specific conditions.
2) [BI] The automation scheduler shall have the following typical functions:
1. Definition of complex and repetitive sequences;
2. Selection of orders on devices and management execution order;
3. Definition of actions in case of error for each command;
4. Disabling of individual commands from a command sequence list;
5. Definition of execution conditions for each action;
6. Created sequences can be used as actions in other sequences;
7. Different methods of activation:
1. Manual activation
2. Programmed activation.
3) [BI]
Depending on the operator profile, sequences shall be able to be created, modified, and
deleted as required by operators. The area of authority shall dictate what the operator could do.
4) [BI]
It shall also be possible to record operator actions, save the sequence, and then perform the
sequence as a command sequence.
5) [BI]
A command sequence shall comprise of a series of command outputs which are executed
sequentially but are initiated by a single command output.
6) [BI]
ISCS system shall be equipped with automation scheduler to enable management of task
execution based on specific calendar, event/ alarm/ set point occurrence, error condition
7) [BI]
ISCS can support the calculations using received analogue or status/alarm data, to generate
synthesized status or alarms or affect a colour change of corresponding equipment on the ISCS
HMI.
Page 33 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
8) [BI]The calculation result or synthesized object status or command can be transmitted to the
related interfaced system by ISCS, which can also be used by ISCS as part of any automation or
scheduling process.
9) [BI]
The command sequences could be executed manually or automatically in response to the
system events (alarms, changes of state).
10) [BI]
The operator shall be allowed to log-in using his / her profile in the workstation at any location
to perform the command sequencer as granted under their area of authority.
Page 34 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
4) [BI]
The ISCS workstation display icons, graphic displays and pictorial representations shall be
harmonised across all ISCS subsystems.
5) [INFO]
Graphical layouts shall be developed based on coordinated CAD inputs with the Other
WPCs.
6) [INFO]
Information from all interfaced sub-systems shall be collected and integrated by ISCS in
order to display views onto the VCP.
7) [INFO]
The VCP shall be capable of displaying legible symbols and text visible from all workstations
in the Control Room.
Page 35 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
6. The position of the mouse pointer shall not warp, i.e. the application shall not move the pointer;
and
7. Interaction is familiar, i.e. the same window shall have similar functionality in different
applications.
Page 36 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
8) [BI]
The HMI's focus shall be explicit, which means the user shall have to choose which window
the keyboard focus shall be applied to.
8. [BI]Radio System
5) [BI]
For all remote sites, the OCC and BOCC ISCS HMI shall be equipped with an overall graphical
mimic.
6) [BI]
Monitored points shall be dynamically presented using appropriate symbols and analogue
displays.
7) [BI]
Each element, alarms, instructions shall be clearly readable in lighting of 550 lux to the operator
in OCC/BCC.
4.5.7.1 Access Management System (AMS) Interface [ISCS-SWRS-205071]
1) [BI] The ISCS HMI shall provide a readily navigable display via a geographical map representation
of the site layout in plan view, onto which the location of each camera and other security
equipment (such as AMS doors etc.) shall be superimposed, along with the associated equipment
identification numbers.
Page 37 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
2) [BI]
The integrated GUI for AMS and VSS shall display a geographical map / layout with the exact
locations of AMS and VSS equipment.
4.5.7.2 Video Surveillance System (VSS) Interface [ISCS-SWRS-205072]
1) [BI] VSS intrusion detection zones and associated alarms shall be displayed on the geographic
map.
2) [BI]
The integrated GUI for AMS and VSS shall display a geographical map / layout with the exact
locations of AMS and VSS equipment.
4.5.7.3 Video Wall Display Interface [ISCS-SWRS-205073]
1) [BI] The VWDP shall be configurable to display the following, but not limited to:
1. Systems Network Overview
2. Critical Alarms
2) [BI] The VWDP shall provide a network overview including, but not limited to the following:
1. [BI] Changeover status
2. [SIL2] Selected alarms from other systems such as power, fire and ventilation systems
3) [BI]
The ESP shall automatically alert the operator at the OCC via the ISCS HMI when it is triggered.
The ISCS HMI shall automatically activate the adjacent VSS to display VSS images at
workstations and on the video wall.
4.5.7.4 Public Address (PA) System Interface [ISCS-SWRS-205074]
1) [BI] The ISCS HMI shall be equipped with the GUI with graphical display of site layout with icons
that represent the PA zones.
4.5.7.5 Traction Power System (TPS) Interface [ISCS-SWRS-205075]
1) [INFO] The TPS shall design and provide a single line diagram of the Traction Power Supply
distribution to COMMS WPC and assist COMMS WPC in designing the GUI on the ISCS HMI.
2) [INFO] The GUI drawing shall be reviewed and accepted by the Employer.
3) [SIL2]
On the ISCS HMI, the COMMS WPC shall be responsible to produce the GUI for all related
TPS equipment.
Page 38 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
3) [BI]
Among different types of menus, the most commonly used are drop-down menus and pop-up
menus.
4) [BI]
All menu commands shall be accessible via the keyboard, and all major system commands
shall be accessible through a menu.
5) [BI]
Keyboard shortcuts and mnemonics shall be provided. The underlined characters in menu
options or command names are keyboard mnemonics.
Page 39 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
3) [BI]
The cursor shall be easily seen on the screen minimising the object area obscured by the
cursor.
4) [BI] A mouse or tracker ball shall be used to manipulate the pointer.
5) [INFO]
User interface applications shall take input from mouse/tracker ball and touch screen devices
and from keyboards.
Page 40 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
8. Text or symbol colour depends on severity. Unacknowledged alarms use flashing text or
symbol
9. Alarm Summary (active alarm count per sub-system, total active alarms); and
10. Filtered Alarm Summary (filtered alarm count per sub-system, total filtered alarms), when
applicable.
3) [BI]
The system shall allow multiple Event Displays and Alarm Displays to be opened at a given
time, each with different filters.
4) [BI]Each display shall be able to have independent filters applied to show only the required
information. These filters shall include the following typical criteria for each of the groups:
1. By Tag number;
2. By date and time range;
3. By Control Zone;
4. By Location;
5. By device types;
6. By particular system;
7. By particular device;
8. By alarm status; and
9. By severity/priority.
5) [BI]
In order to achieve the desired information display, any combination of these criteria shall be
able to be applied to a given filter.
6) [BI]
The operator shall be able to see the operational mimic associated with the selected alarm
after selecting it in the Alarm Display.
7) [BI]
An alarm must have been acknowledged by the operator and returned to its normal state in
order for it to disappear from the Alarm Display.
8) [BI]
The alarm windows' display order shall normally be from the most recent alarm to the last, but
other filter parameters shall be able to order the alarms displayed.
9) [BI]The Event Displays and Alarm Displays shall allow the operator to easily supervise and control
all alarms and incidents as they occur.
Page 42 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
7) [BI]
The alerts shall be presented in chronological order, with the most recent alarms at the top of
the row. One end of the alarm banner shall have a number of unacknowledged alarms.
8) [BI] An audible and visual warning shall be given when a new alarm is triggered.
Page 43 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
4) [BI]
The filtering level selected shall depend on the seriousness of the condition. The operator shall
be able to suppress different alert severity levels at any time and shall be prompted by the monitor
throughout the time when it is in force.
Page 44 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
1) [INFO]
The alarm history storage database shall have sufficient capacity to store the anticipated
alarm for a period of at least twelve (12) months without carrying out any housekeeping.
2) [BI]
The design of the ISCS system shall allow for fall-back operation of the system to the BOCC
ISCS database in the event that the OCC ISCS database is “offline” or otherwise unavailable,
and vice versa.
3) [BI]
An alarm shall be raised in the ISCS upon its database and / or storage capacity exceeding a
pre-set threshold.
4) [BI]
Within the ISCS system, there shall be a data archiving function for storing all data received
from the field, as well as operator commands and events.
5) [BI] Analysis of the stored data shall be made by using any workstation connected to the system.
6) [BI] The following typical functions shall be available:
1. Historical analogue and digital value trend curves;
2. Event and alarm lists with filtering;
3. Internal events log;
4. Operation actions log;
5. Generation of reports; and
6. Backup and recovery of old data.
7) [BI] For the previous 365 days, all events, alarms, and analogue data shall be retained.
8) [BI]
The ISCS must be able to buffer at least 24 hours of data in the event that the archive system
cannot be updated due to a fault with the backup storage device or if the media is full.
9) [BI] Buffered data shall also be retrievable by the operator.
10) [BI]
A backup solution for ISCS Server and ISCS workstation shall be provided. All tools and
applications required for restoration of backed-up date shall be provided.
11) [BI] A
backup solution for the ISCS Database, for example, image files or clones of the hard disk,
and any necessary associated software shall be provided.
12) [BI]
Use of the appropriate tools shall allow queries to be made for specific time periods, system
equipment categories and location categories, as a minimum.
13) [BI]
Both alarms and events occurring in the system shall be recorded in the historical database
for future viewing and analysis if required.
5. View reports;
6. Print reports (automatically, periodically or on request); and
7. Export reports (CSV, and presentation formats to be agreed with the Employer).
4) [BI] It shall be possible to construct reports which include any of the following:
1. Real time data;
2. Stored or archived data;
3. Descriptive text, including but not be limited to, titles, page header, footer; and
4. Data derived by manipulation of any of the above.
5) [BI]
For each monitored sub-system, the system shall report the number of failures and system
downtime over a configurable time period.
6) [BI]
Through a pro-forma screen, the ISCS shall allow operators to freely define the format and
content of reports.
7) [INFO]
The WPC shall provide at least 10 different types of pre-defined report templates for the
Employer's approval.
8) [BI]
The generated reports shall be stored internally, and it can be manually backup to an external
USB mediums or optical disk.
1) [BI]
In real-time and in the historical, the ISCS system shall be able to display the acquired values
in text and graph/trend form. During final design, details of pre-defined trends, graphs, and
historical content shall be submitted to the Employer for approval.
2) [BI] The operators shall have access to pre-defined trend displays via a selection menu.
3) [BI]
The ISCS shall also provide operators with freely definable displays to construct trend displays
and graphs through a pro-forma screen.
1) [BI]
During the operation of the system, a Help facility shall be available to assist the user. The
Help facility shall allow the user to refer to a particular operation without searching for the hard
copy of the manual.
2) [BI]
The ISCS HMI shall have an intuitive help system that shall provide help not only for ISCS
systems, but also for all other sub systems that are integrated into the ISCS HMI, allowing an
operator to resolve all foreseeable issues with only one help system.
3) [BI]
Context-sensitive help shall be made available to assist the user in identifying the steps to
complete the control operation.
4) [BI]
The ISCS HMI shall also provide operators with a "scenario" help function to assist them when
a specific incident occurs.
5) [BI]
The operator administrator shall be able to modify, expand, and update the "scenario" help
procedures as actual operating experience accumulates.
6) [BI] The ISCS shall include a wiki database with:
1. Alarm codes
2. Descriptions
3. Suggested fault resolution actions including priorities
Page 46 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
The system administrator shall be able to update the wiki database in the future.
7) [BI]
An ISCS operator shall be aided by a Decision Support System (DSS) in responding to
abnormal situations that may arise within the system.
8) [BI]
The Decision Support System (DSS) shall guide the operator through the individual steps
involved in the response procedure and help the operator to take corrective actions that are
appropriate in the circumstances.
1) [BI]
In the event of changes to the monitored and controlled infrastructure, the ISCS shall allow the
Employer to fully edit the ISCS system configuration.
2) [BI] The OCC and BOCC shall be able to configure any distributed ISCS equipment.
3) [BI] ISCS Maintenance workstations shall be provided with:
1. Capability to perform configuration and modification of the ISCS HMI and database
2. Capability to perform maintenance and diagnostic activities for all ISCS equipment
4) [BI]
The ISCS shall include all necessary tools and licenses to allow configuration and modification
of, and additions to, the database, the workstation views, and the Operating System.
1) [BI]
The Training Simulator shall include all features available in the operational system, and
simulate all HMI functions, graphics, and responses.
2) [BI]
The Training Simulator shall be able to retrieve data from the operational system but not write
any data onto that system.
3) [BI] The Training Simulator shall be able to build training scenarios using retrieved data.
4) [BI]
The Training Simulator shall be able to reproduce all O&M operational scenarios possible on
the RTS Link.
5) [BI] The Training Simulator shall include a trainer’s workstation and trainee workstations.
1) [BI] Operators are intended to use log books to leave messages at shift handover times.
2) [BI] In the event of ISCS crashes or changeovers, these Log Books shall not be lost.
3) [BI]
The Log Book shall have the same editing functionality as modern commercial off the shelf
word processing packages, at least equivalent to Microsoft Windows WordPad editor.
4) [BI] For each user profile, a Log Book facility shall be provided.
5) [BI]
For each individual event or alarm in the event and alarm lists, the ISCS HMI shall provide an
operator with a log Book annotation facility.
6) [BI] When logging onto a shift, the message Log Book window shall automatically be displayed.
Page 47 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
7) [BI]
To facilitate operator, shift handovers, annotations pertaining to an operator's area of
responsibility shall be viewable upon operator login.
8) [BI]
No further amendments or deletions are permitted after an operator has made an entry and
confirmed it as correct.
9) [BI]
In terms of message identity numbers or date/time stamps, operators shall be able to define
the start and end points in any list (e.g., Logbook entries, Event Logs, etc.).
10) [INFO]
WPC to liaise with the Employer to collect all required processes and actions such as
equipment out of service, Possession and Written Order to be included in the logbook.
1) [BI]
All types of information, including operation, alarms, events, Log Books, reports, graphs; both
current and recovered from archive, shall be able to be printed.
2) [BI]
Operators shall be able to print filtered lists that clearly indicate the filter parameters being
used. Operator shall be able to define the start and end points of the list in terms of date/time
stamps.
3) [BI]
Printers shall be controlled by a print management facility that uses spooling to ensure print
requests do not disable operator interaction at a Workstation whilst printing is taking place.
4) [INFO] The printers and plotters supplied at OCC & BOCC shall be shared among all systems.
5) [INFO]
The WPC shall supply all required printers at the OCC and BOCC, including any large format
plotters required for train graphs etc.
1) [BI]
Automatic and seamless failovers of redundant equipment shall be provided to the operator.
To maintain the ISCS operation uninterrupted, the affected equipment shall be isolated and new
data paths shall be established.
2) [BI]
No data shall be lost, and the operator shall not have to re-log in. On the HMI, no disruption to
the operator shall be visible.
3) [BI]
An alarm and an indicator on the HMI designating the active equipment shall notify the operator
of a failover.
4) [BI]
An alarm shall be raised to alert the operator and maintainer in the case of a redundant link
and/or equipment failure.
Page 48 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
Page 49 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
CBN Equipment
Alarm Status
Display Alarm
Figure 5-2: Data Flow Diagram for Monitoring of the CBN Systems
WDCS Equipment
Alarm Status
Display Alarm
Page 50 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
Figure 5-4: Data Flow Diagram for Monitoring of the WDCS Systems
Train Information
Train Information
Message Display and
Audio Announcement
Synchronization
Figure 5-5: Sequence Diagram for Message Display and Audio Announcement Synchronization
Figure 5-6: Data Flow Diagram for Message Display and Audio Announcement Synchronization
6) [BI]
Pre-recorded or live announcement can be made to various locations throughout the RTS Link
by OCC or BOCC operator using the ISCS HMI, including but not limited to;
1. Individual zones,
2. A number of zones,
3. Depot zones,
4. All zones within an individual station or depot,
5. All stations or entire depot.
6. [NOTE] Individual train,
Page 51 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
Page 52 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
11-15 Spares
21) [BI]
The operator shall be able to disable the Automatic Noise Sensing function using the ISCS
HMI.
22) [BI]
The ISCS HMI allows the operator to assign the maximum level output for PA announcement.
23) [INFO]
The PA System shall interface with the Signalling System via ISCS for announcement
regarding with train service-related information, such as Time-To- Next-Train (TTNT), train delays
and etc.
1) [BI]
The information such as train scheduling, train departure, train arrival at station shall be
obtained by the PIDS interacting with Signalling system via ISCS.
Train Information
Train Information
Train Information
2) [BI]
Train-related information including but not limited to train arrival, train destination, train bypass,
train turn back, train short loop, detrain, and interchange information display shall be displayed
to passengers by interfacing the PIDS with Signalling system via ISCS.
3) [INFO]
Information regarding fire emergency evacuation shall be displayed by interfacing the PIDS
with Fire Protection System via ISCS.
4) [BI]
Information regarding station operation shall be displayed to passengers by interfacing the
PIDS with ISCS. For example, station daily open/close and concourse close.
5) [BI]
The operator shall be able to instantly construct a new message or select from the look-up
table and broadcast it to one or both sides of a PID, a group of PIDs or all PIDs using the ISCS
HMI.
6) [BI]
The operator shall be able to blank/un-blank either one side or both sides of a PID, a group of
PIDs or all PIDs within the station using the ISCS HMI.
7) The operator shall have the capability to manually set the PID’s display intensity using the
[BI]
ISCS HMI.
8) The “What You See What You Get” feature of the PID display shall be provided by the ISCS
[BI]
HMI. The operator shall be able to align the corporate image using specialised font types and
icon (input by the operator). Furthermore, screen display templates shall be provided for easy
editions.
9) [BI]
The operators shall be given the function to customise the PID display layout by the ISCS HMI.
For example, enlarging the video message window and shifting the text message from top to
bottom section.
10) [BI]
A time scheduler editable by the operator via ISCS HMI shall be equipped in the PIDS to allow
automatic display of special message based on the time schedule.
11) [BI]
The PIDS operator shall be provided with a reset command by the ISCS HMI to stop the
message display. Upon initiation of the reset function, the current messages shall be cancelled
and the pre-set routine display schedule shall be resumed.
12) [BI]
The operator shall be alerted of a faulty PIDS equipment by an equipment alarm accompanied
with an audible tone via ISCS HMI. The ISCS HMI shall display the PID faults on the associated
PID icon and shall be able to display at least fifty (50) alarm events. Furthermore, the ISCS HMI
shall also be capable of indicating the Application Status and its Integration Status between PIDS
system and other systems. If failure/fault/error on the application and integration were to occur,
facilities and tools shall be available for traceability and analysis.
13) [BI]
A facility shall be included in the ISCS HMI to allow the operator to manually override any train
service information display such as Time-Till-Next-Train (TTNT) and input train service
information manually. The manually input values shall be provided with auto countdown.
14) A real-time “WYSIWYG” facility shall be included in the ISCS HMI to allow dynamic view of the
[BI]
information assigned to a selected PID board. This shall be done by clicking on a PIC icon or by
inputting the identity number of the associated PID(s) via keyboard.
15) [BI] The PIDS display message shall be activated by, but not limit to the following modes:
1. Command mode - the commands from ISCS for specific station operational or emergency
messages.
2. Manual mode - triggered by the operator via ISCS HMI.
16) [BI]
A facility to initiate any fixed message or instantly constructed messages and editing from pre-
formatted messages shall be provided by the ISCS HMI.
17) [BI]The operators shall be allowed to instantly construct messages and store to the local database
in the PIDS Server via ISCS HMI.
Page 54 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
18) [BI]
Data fields such as name, time and other variables shall be provided to the pre-formatted
messages of each station which are identical. The ISCS HMI shall be used to enter the inputs for
these data fields.
19) [BI] The ISCS HMI shall classify and assign each constructed message.
20) [BI]
For periodic central archiving purposes, the message log shall be automatically downloaded
to the message database of the OCC and BOCC PIDS Server. The ISCS HMI can be used to
program the message retention.
21) [BI]
The ISCS HMI shall be able to group the PID boards (i.e. northbound platform PID group)
which can be addressed individually or in groups.
22) [BI]
The local control device or ISCS HMI can be used to initiate the reset, blank/un-blank, power
on/off functionalities of the PID.
23) [BI]
Fault logs and reports shall be stored in individual PID's memory for one (1) month before they
are overwritten. The ISCS HMI can be used to program the retention period.
24) [BI]
Maintenance personal/operator shall be able to perform the PIDS operation, system
configuration, diagnostics and alarm logging functions at the ISCS HMI at OCC, BOCC and
Station SCR.
25) [BI]The PIDS shall ensure the individual station PIDS design shall be able to operate
independently via ISCS HMI in case of lost connection to OCC or BOCC.
26) [BI]
Other operation information includes, current date and time, greeting messages, warning
messages and emergency messages sent from OCC, BOCC or local station via the ISCS HMI
shall also be displayed. For special non-emergency operating messages, the bottom row shall
be used to display the special message. During emergency, messages shall be expanded to
occupy the whole PID screen.
27) [INFO]The PIDS software shall use a distributed design with maintenance terminal and
configuration terminal serving as system resilience support.
28) [BI]
Workstation features (delivery via ISCS HMI) shall include as a minimum the capability to add,
modify, delete and change priority of messages.
29) [BI]
Messages shall each have a priority indication and a PA system interface (via ISCS) status
indicator if applicable.
30) [BI]
All these supervision and regulation functions shall be automatic without the need of human
intervention.
31) [INFO]
The PIDS GUI shall be integrated into ISCS HMI, which shall be provided, but not limited to
the following locations:
1. OCC
2. BOCC
3. Every Station PSC
1) [BI]The ISCS HMI shall be integrated with the functionality to fully control the PABX sub-system
to allow full compliance with the PABX system requirements. This shall include but not be limited
to:
1. Monitoring and annunciation of PABX and system alarms;
Page 55 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
PABX Equipment
Alarm Status
Display
Figure 5-9: Sequence Diagram for Monitoring of the Monitoring and Annunciation of PABX and
System Alarms
Figure 5-10: Data Flow Diagram for Monitoring of the Monitoring and Annunciation of PABX and
System Alarms
2. Full control of the PABX system to enable all normal and emergency call handling
functionalities; and
3. Suitable Computer Telephone Integration including Unified Messaging for all PABX services.
2) [BI]
Call handling shall include, as a minimum, the following features with visual and audible
prompts provided to the operator at the Control Room ISCS HMI, as appropriate to the call
function to be processed:
1. Call queuing in order of call arrival;
2. Call prioritisation for emergency services and user-defined requirements;
3. Intrusion, standard, private, night service and manager/secretary call facilities;
4. Incoming call answering;
5. Call Hold and Call Park;
6. Call Terminations;
7. Call Transfer to the recipient via the external systems accessible to the Telephone System
including the PSTN, InfraCo’s Telephone Network, and TETRA Radio system or to the
recipient’s cellular radio telephone;
8. Display of each user’s telephone status (availability);
9. Display of Call Line Identity; and
10. Display and scrolling through of telephone directory.
3) [BI]
Incoming calls shall be able to be received and outgoing calls can be made. Calls shall be able
to be routed to other locations based on the selection of a destination via entering an extension
number.
4) [BI]
Various forms of number dialling such as short-code and preconfigured single button dialling
shall be able to be handled.
5) [INFO] Normal operation shall be via the ISCS HMI.
Page 56 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
6) [BI] The on-line VSS image shall pop-up at station ISCS HMI and OCC ISCS HMI.
with GPS positioning features with TETRA antenna. The display covers the routings and locations
of RTS Link premises to pin-point the train locations, equipment ID, speed, direction headed, and
orbits.
TETRA Equipment
TETRA Info
“District
map” display
“District map”
TETRA Info display
TETRA CRIS ISCS Server ISCS Workstation
Server
3) [BI]
The user is allowed to log into the radio system through the ISCS HMI to prevent multiple
logins to each workstation.
the Voice Recorder System. This shall later be agreed with the Employer during final design.
2) [BI] Depending on the operator’s profile, the access to the types of functionalities shall differ.
Page 57 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
Operator
Voice
Recording
Request
Voice Recording
1) [BI]
The ISCS workstations shall allow viewing of live video streams and pre-recorded video across
the RTS Link regardless of geographical location.
2) [BI]
The number of tiles (each displaying an individual camera feed) per VDU at each ISCS HMI
shall be in line with the Ergonomic & Human Factors Guidelines for Control Rooms and Control
Centre and shall be quantified during the final design for the Employer’s approval.
3) [BI]
The ISCS HMI shall, as a minimum, provide the following additional fully programmable
functions listed below. Available functionality shall be dependent on the operator profile:
1. Pan, tilt and zoom control;
2. Selection of each camera to be displayed;
3. Automatic panning on group or individual basis;
4. Reprogramming and auto sequencing of camera images;
5. Manual control of Network Video Recorder functions such as playback of recording;
6. Equipment identification;
7. Indication of faulty cameras or system faults;
8. Facility to select video images for presentation on any VDU;
9. Full control of any Video Display Unit supplied as part of the ISCS system;
10. Manual selection by Operator of any single video image or a combination of video images for
display simultaneously;
Page 58 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
11. Automatic selection in accordance with a pre-set configuration in the event of an alarmed
condition such as the VSS images in the event of an intrusion detection alarm;
12. Manual selection by Operator of any sequence of camera images with each image displayed
in time sequence with a variable dwell time pre-set by the Operator;
13. Monitoring and annunciation of VSS system alarms;
14. Identification of the relevant camera on any video feed;
15. Addition and deletion of cameras; and
16. Modification of camera and VCA attributes.
4) [BI]
The ISCS HMI located at OCC and BOCC shall be able to support playback of images of the
VSS system.
5) [BI] At Stations, the WPC shall provide but not limited to:
1. The ISCS HMI (VSS part) shall be able to perform video footage playback, search, and offline
archiving for the local station VSS system.
2. PTZ cameras shall be provided with “absolute move” control by ISCS HMI.
6) [BI]
Both ISCS HMI and VSS keyboard controller shall allow OCC and BOCC operators to search,
retrieve and playback video clips stored in any NVR units of the VSS system.
7) [BI]
The recorded video footages shall be able to be exported to external storage devices such as
USB or other digital storage device via ISCS HMI.
8) [BI]
Video images can be selected by OCC and BOCC Operators on their ISCS HMI and relayed
onto the Video Display Panel.
9) [BI]
The ISCS should conform to ONVIF open standards for the addition of new cameras
conforming with ONVIF Profile S for video streaming.
10) [BI] ISCS HMI at OCC, BOCC & BDCC shall be able to display depot’s VSS images.
11) [BI]
The ISCS HMI shall work in conjunction with a keyboard and pointing devices for selecting the
camera and system icons so as to provide the interaction between the operator and the VSS
system for picture selection, camera control and fault information.
12) [BI]
The functionality integrated into the ISCS HMI shall allow full control of the VSS sub-system
to allow full compliance with the VSS system functional requirements.
13) [BI]
The ISCS HMI shall also work in conjunction with an integrated physical joystick for the control
of PTZ cameras.
5.1.9.1 Auto Display Camera Image [ISCS-SWRS-301091]
1) [BI] A designated tile shall be automatically projected by the ISCS HMI with the real time image
associated with an alarm trigger and initiate alarm-triggered recording, for the following scenarios:
1. Fire detection
2. Intrusion detection (using VSS video motion detection)
3. Intrusion detection (using AMS)
4. Blue Light Station (BLS Emergency Button)
2) [BI]The ISCS Workstation operator at the relevant Control Room shall be alerted to the location
of the alarm when an intruder is detected and the AMS security alarm is triggered. The nearest
VSS shall also be triggered to display the real-time image.
3) [BI]
The PHP shall be interfaced with the VSS system via ISCS at the location where VSS cameras
are overseeing PHP. It is integrated in a way that upon activation of PHP, the VSS camera image
shall automatically be displayed to the related SCR’s ISCS HMI and OCC’s ISCS HMI.
Page 59 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
4) [BI]
The VSS system shall be configured in a way the VSS system shall automatically produce an
image of the person activating the PHP onto the ISCS HMI of the station operator / OCC operator
/ BOCC operator answering the call when PHP is activated.
5) [BI]
Upon activation of ESP, the SS WPC shall be responsible for alerting the ISCS including the
location of the ESP. The COMMS WPC shall be responsible in receiving information from ISCS
for activating the necessary VSS.
6) [BI]
The operator at the OCC shall be alerted automatically upon the triggering of the ESP via ISCS
HMI. The adjacent VSS shall be activated automatically by the ISCS HMI to display the VSS
images at the workstations and video wall display.
7) [BI]
The operator at the PSC and OCC shall be alerted automatically upon the triggering of the
AFC ESS via ISCS HMI. The adjacent VSS shall be activated automatically by the ISCS HMI to
display the VSS images at the workstations.
5.1.9.2 Snapshot [ISCS-SWRS-301092]
1) [BI] A snapshot function shall be included in the ISCS HMI to allow users to capture still images
from a stored video clip together with any on-screen display and export these images into
computer-readable JPEG (.JPG or .JPEG) files.
5.1.9.3 Video Recording Playback [ISCS-SWRS-301093]
1) [BI] The ISCS HMI shall allow the user to control the playback which shall include at least the
following functions, but not limited to:
1. Play,
2. Pause,
3. Stop,
4. Rewind,
5. Fast play,
6. Slow play
7. Next file,
8. Previous file,
Page 60 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
5) According to the user profile and control location, the ISCS HMI screen shall provide the
monitoring and control of the Tunnel Systems. The OCC operator shall be able to monitor and
control the minimum but not limited to following:
1. [BI] Individual start/stop control TVS
2. [BI] Tunnel/ Viaduct Emergency Lighting
3. [BI] Equipment operating status
4. [BI] Equipment alarms
5. [SIL2] TVS mode operating status
1. Normal modes
2. Congestion modes
3. Fire mode
6) The ISCS shall be provided with a “Train Stopped in Tunnel Zone” status by the SS WPC to
[SIL2]
prompt the trigger of the tunnel ventilation system to operate in the necessary mode when any
train is stationary inside any section of the tunnel for more than a predefined period. The
conditions for providing the triggering signals shall be coordinated by SS WPC with InfraCo WPC.
7) [BI]
Based on the requests received from the SS, the respective section of the tunnel light shall be
switched on by the ISCS.
8) [BI]
The ISCS shall be able to monitor and control the Tunnel Lighting System / Viaduct lighting
system.
9) [SIL2] The ISCS shall be able to enable the control of TVS mode.
10) [BI] No intervention from the OCC/BOCC operator is required except for incident handling.
11) [BI]
The ISCS shall communicate with the Tunnel System Controllers to enable remote ISCS HMI
operation at OCC.
12) [BI]
In the event of emergency e.g. Fire mode, OCC shall able to override the automatic mode
remotely via ISCS HMI.
Page 62 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
TPS Equipment
Figure 5-19: Sequence Diagram for Monitoring of the Traction Power Network
Equipment
Alarm Alarm Display
TPS Server ISCS Server ISCS Workstation
Figure 5-20: Data Flow Diagram for Monitoring of the Traction Power Network
2) [SIL2]
Only one control output circuit or a group of output circuits shall be able to be selected at any
one time by the operator. This shall be ensured by the ISCS.
Control Signal
Page 63 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
3) [INFO]
For the integration of the control and monitoring between ISCS system and Video Wall
Display Panel, a 750V system architecture and I/O shall be provided by the TPS WPC.
4) [INFO]
The COMMS WPC and TPS WPC shall ensure the ISCS to have the functions of monitoring
the status and control of TPS equipment. The ISCS shall be ensured to be provided with the
functionality to monitor the status and control of TPS equipment by the COMMS WPC and TPS
WPC.
5) [INFO]
TPS equipment shall not be directly controlled by ISCS. Instead, all control commands from
ISCS shall communicate to the TPS Power SCADA server.
6) [INFO]
COMMS WPC is responsible to coordinate with the TPS WPC and define the priority /
severity level of TPS equipment I/O points to be displayed at ISCS HMI. The TPS WPC shall
provide the I/O point information in hardwire configuration, software configuration, software
protocol, software point address of the TPS equipment to COMMS WPC
7) [SIL2]
The traction status received from Traction Power System shall be transmitted to Signalling
System via ISCS.
Spontaneous update
1) [BI]
The status of selected AMS devices which are controlling the access to rooms in the
Employer’s area of operations can be obtained by interfacing the ISCS with the AMS.
2) [BI]
The operational state of the selected AMS devices shall be able to be displayed by the ISCS
Workstations located in the OCC and BOCC.
3) [BI]
In the event of a fire alarm, the number of staffs in the affected building at the moment of
activation of the Fire Alarm (as provided by the AMS) shall be displayed by the ISCS.
Page 64 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
1) [BI]
The equipment operation status and fault alarm conditions shall be transferred to the ISCS
system by the AFC system. Hardwire interface is used to interface the ISCS system with the
AFC system.
2) [BI] Triggering
of the AFC ESS shall automatically alert the operator at the PSC and OCC via
ISCS HMI. The ISCS HMI shall automatically activate the adjacent VSS in order to display the
VSS images at the workstations.
Display
Figure 5-25: Sequence Diagram for Monitoring of the Rolling Stock Systems
Figure 5-26: Data Flow Diagram for Monitoring of the Rolling Stock Systems
2) [BI]
The information and data exchange necessary to facilitate functional of Communication system
via Train-borne Radio System or/and train-borne Wi-Fi System shall be coordinated by the RS
WPC with the COMMS WPC. In a data transfer protocol agreed by the WPCs, this information
shall contain, but not be limited to, the following:
1. Train Operation Mode – Auto or Manual mode
2. Front or rear driver cab activation
3. Rolling Stock health status;
4. Rolling Stock speed and position (information provided by Signalling System) via Rolling Stock;
5. Train descriptors, including destination and identification;
6. PEC activation and deactivation
7. Critical train-borne communication equipment health status (list of equipment to be monitored
subject to approval by the Employer)
Page 65 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
prompt the trigger of the tunnel ventilation system to operate in the necessary mode when any
train is stationary inside any section of the tunnel for more than a predefined period. The
conditions for providing the triggering signals shall be coordinated by SS WPC with InfraCo WPC.
10) The SS shall be provided with a “Fire Alarm” status for stations and tunnel by the COMMS
[SIL2]
WPC to prevent trains from departing into the reported fire zone. In the event that a train has
already departed, the train shall either be service brake to a standstill before the zone or continue
to move to the platform outside the zone depending on the distance between the train and the
reported fire zone.
Page 66 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
Periodically poll
Forward to
11) [BI]
The ISCS shall turn on respective section of the tunnel light based on the request received
from the SS.
12) [BI]
When the train door emergency release handle is operated and the train is stopped in between
stations, the SS WPC shall provide a tunnel light switch on request from the ATS to the ISCS.
13) [BI]
The ISCS only offer limited control and monitoring on signalling system, and platform screen
door system.
14) [BI] The ISCS shall exchange operational data with the Signalling System.
1) [BI]
The alarm and status monitoring functionality shall be provided by interfacing the ISCS
system to the PSD systems.
1) [BI]
The status of Train Wash Plant (TWP) equipment shall be able to be remote monitored by the
ISCS HMI at OCC.
1) [BI]
The equipment operation status and fault alarms conditions shall be transferred by the UPS
System to the ISCS.
1) [SIL2]
Through interfacing with Fire Protection System, the ISCS system will be able to receive the
“Fire Alarm” status of stations.
Page 67 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
2) [SIL2] Operators can perform the following function via ISCS HMI (Interface at ISCS Server):
1) [INFO]
The hardwire configuration and the software protocol used for ISCS and Civil related M&E
shall be agreed by both WPCs.
2) [INFO] The COMMS WPC shall be responsible to do the software configuration on the ISCS.
Page 68 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
state’ at the ISCS monitoring device (RTU/PLC/IED, interfaced system boundary), and the display
and annunciation at the operator’s workstation, in normal or degraded modes, while operator pre-
set delays are disabled.
2) [BI]A maximum time of 2 seconds shall be required between the operator command at the
workstation and the activation of the relevant output at the ISCS RTU/PLC, or reception by
interfaced system, in normal or degraded modes.
3) [BI]
A control command or indication from an integrated sub-system shall be added with not more
than 500ms by the ISCS.
4) [BI]The restoration and synchronization of the core equipment to all redundant equipment,
RTU/PLC/IED and interfaced system shall not take more than 10 minutes if a showdown or restart
of a core ISCS equipment were to occur.
5) [BI]
It shall not take more than 2 seconds for an ISCS workstation to display a new view after a
request from an operator.
6) [BI]
The ISCS HMI screen update shall not be more than 0.5 second between the operator
command and the display of the requested real-time updated information table for PIDS interface.
7) [BI]
The system should properly update all requisite graphical displays and remain responsive
while processing a continuous throughput of 100 alarms per second, and a burst of 1,500 alarms
per second over 10 seconds, without the operator noticing any reduction in performance.
8) [BI] The ISCS HMI should be fluid and never show signs of system freezing.
9) [BI]
Switchover / failover from standby to active state and reaching full system operational mode
should be less than 5 seconds and should be seamless to operators. No data shall be lost during
the switchover/ failover.
10) [BI] Complete system shutdown following the correct procedures should take less than 5 minutes.
11) [INFO] The ISCS shall not adversely affect the response times of any integrated sub-system.
12) [BI]
Execution of any data enquiry functions such as archival and retrieval of historical data, printing
or trending functions should not degrade the performance of the ISCS HMI.
13) [BI]
It shall not take more than 15 seconds for the ISCS HMI to generate the On-screen
performance management report.
14) [BI]The display of a fault alarm at the ISCS HMI shall not exceed two (2) seconds from the time
of the fault occurring.
Page 69 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
2) [BI]Control of the RTS Link shall be transferred to the Backup Operation Control Centre (BOCC)
if any disruption or failures were to occur at the OCC.
3) [BI]
The ISCS system shall be designed in a way that the ability to perform ISCS control and
monitoring over the rest of the systems or RTS Link shall be ensured even if total failure of the
ISCS at any single location including full loss of the ISCS within the OCC were to occur.
4) [BI]The ISCS system shall be configured such that no credible single point of failure can cause
failure of monitoring and control functions of the System at its workstations.
5) [INFO]
In the event of ISCS HMI failure, the Digital Call Station shall operate in fall back mode
allowing station operator to make live announcement to particular zone or any combination of
zones.
6) [INFO]
In the event of ISCS HMI failure, the Digital Call Station shall operate in fall back mode
allowing OCC and BOCC operator to make live announcement to selected station(s).
7) [INFO]
In case of the ISCS HMI failure, the PID shall still display the pre-defined
messages/schedules according to the operations requirement.
8) [INFO]
The VSS shall provide VSS keyboard controllers at the OCC and BOCC to allow the
Operators to perform fall back VSS control and selection functions during failure of the ISCS HMI.
9) [INFO]
The VSS shall provide a VSS fall back workstation (not connected to the ISCS system) at
OCC and BOCC to allow the OCC and BOCC Operators to perform fall back VSS control and
monitoring in the event the ISCS system fails.
10) [BI] System data shall not be lost in the event of a system failure, shutdown, or power loss
11) [BI]
In the event of a power failure, the system shall resume service without manual intervention
once power is restored.
12) [INFO]
Failure or unavailability of the ISCS system shall not impact the ability of the interfaced
subsystems from achieving their intended functionality.
13) [INFO]
In the event of a complete failure or unavailability of the OCC, the system shall be able to
be operated from the BOCC.
14) [INFO]
In the event of failure or unavailability of a remote ISCS workstation, the functionality of the
said workstation shall be available at the OCC and BOCC.
15) [INFO]
The design of the ISCS system architecture shall ensure that no data is lost due to failure of
any part of the system, whether hardware, software or communications failure.
16) [INFO]
In the event of ISCS HMI failure, the Digital Call Station shall operate in fall back mode
allowing station operator to make live announcement to particular zone or any combination of
zones.
1. ISCS system is flexible and scalable which is upgradable with only configuration data and
modular software modification.
2. ISCS system is upgradable and able to modify to incorporate any other changes that is
required during the lifetime of the system.
3. ISCS system is open and modular to provide maximum adaptability during the lifetime of the
system.
2) [INFO]
The WPC shall include provision for the evolution, upgrade path and support of software
and systems for the period specified in the contract.
3) [BI] The following are the hardware expansion available for ISCS system:
1. Addition of ISCS Workstation
2. Addition of ISCS Server storage
3. Addition of I/O points
4. Addition of other ISCS equipment
4) [BI] The following are the software expansion available for ISCS system:
1. Database
2. Virtual Machine
3. Software interface
5) [INFO]
The details of ISCS system future expansion must be provided in Future Expansion Strategy
document.
6) [BI]
Software databases, regardless of the mode of operation, shall be designed to allow ease of
expansion.
7) [BI]
The delivered system database structures shall be able to expand by 100% of the original
supplied size without the purchase of any hardware or software for system database structures.
8) [INFO]
The ISCS system shall be easily reconfigurable, to allow changes to be made without the
need to resort to the original contracting organisation.
9) [INFO]
This shall include but not be limited to the addition, removal or update of HMI graphical
objects, RTU/PLC/IED, input and outputs, etc.
10) [INFO]
The ISCS shall be designed to enable modifications and/or extensions to be executed with
no significant disruption of operation across the Project.
1) [INFO] The system should be protected by latest Endpoint Security such as antivirus.
2) [BI]
The software should be protected by Access Authority Management to prevent misusing of
unauthorized functionality.
3) [BI]
Remote access to ISCS for diagnostics and maintenance shall be possible from any location
within RTS link via CBN subject to sufficient login privileges. The diagnostic and maintenance
access shall be protected by security features such as a password protection to maintain the
integrity of the ISCS system.
4) [INFO] The system shall be protected against viruses, hacking and malicious attack.
5) [INFO]
The interfaces shall be secure and shall not affect the integrity of the rail systems or the
safety of the railway.
6) [BI] Remote access activities shall be logged in the event log and shall be monitored.
Page 71 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
1) [BI]The integrity of the rail systems or the safety of the railway shall not be affected, and the
interfaces are ensured to be secure, in line with Cybersecurity Requirements.
2) [INFO]The result of ISCS safety integrity level allocation as identified in Safety Integrity Level
Determination Report (RTS-SY03-SYS-GRA-REP-20003) is, the overall Software SIL (SSIL) of
the ISCS is SSIL 2.
3) [INFO]The demonstration of the SSIL of ISCS system are performed in accordance with EN 50128.
4) [INFO] A System Safety Demonstration Report (SSR) must be produced.
1) [INFO]
During the various design stages, the screen layouts shall be developed while considering
the users’ requirements. The developed screen layouts shall be subjected to further refinement
and review by the user representatives before being incorporated into the final HMI workstations
and equipment design.
2) [INFO]
Symbol libraries and Display pages shall be submitted to the Employer for review and
approval.
3) [INFO]The Employer’s approval shall be sought by the WPC at multiple stages throughout the
development of the HMI. The stages shall include, but not be limited to, the production of
wireframes and the hosting of mock-up HMI workshops.
4) [INFO]
This dialogue process shall be a part of a more general process of discussion to achieve
configuration and final design of the ISCS system, to meet the operator and maintainer
requirements.
5) [INFO]
The alarm management strategy shall be submitted for review and approved by the
Employer.
6) [INFO]COMMS WPC shall coordinate with other WPCs and Employer to define the list of statuses
and alarms that are to be monitored by ISCS, the priority / severity levels of the alarms, and the
list of operational controls.
7) [INFO]
The analogue parameters and performance to be present by WPC for employer approval
during design process.
8) [INFO]Verification shall be carried out at each phase of the development lifecycle to verify the
output of the phase meets the input requirements of that phase in accordance with the
requirement in EN 50128. The verification shall include the review of design document and the
review of code. The verification and the production of the output documents or software code
shall be performed by different persons.
9) [INFO]
Key software design documents such as System Requirement Specification, Software
Requirement Specification and Software Design Specification shall be submitted for the
Employer’s acceptance.
10) [INFO]
For any system configured by application data, the WPC shall comply with the requirements
of EN 50128 and produce the specified output documents. These documents shall be submitted
to the Employer for review and acceptance.
11) [INFO]
Consistency between requirements, designs, code, tests specifications, user manuals shall
be maintained throughout the development lifecycle.
12) [INFO]
Formal change control process shall be performed for the changes of all documentation and
software.
Page 72 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
13) [INFO] The verification shall include the review of design document and the review of code.
14) [INFO]
The verification and the production of the output documents or software code shall be
performed by different persons.
15) [INFO]
A design presentation to the Employer for each of the document shall be conducted and
how the design outputs comply with the input requirements shall be demonstrated.
16) [INFO]
Requirement of software shall be traceable throughout the document produces in the
development lifecycle.
1) [INFO]
Following the System being handed over for operation, any of the software modification and
installation activities, which have an impact to the operation, shall be subject to control of the
Employer and shall comply with following requirements:
1. All changes to the software shall be managed and controlled in accordance with the
procedures as defined in the Software Configuration Management Plan.
2. Method of the system upgrades are to be delivered to site, installed and tested shall be defined.
This includes the definition of the media to be used and the method of proving correctness of
the modified software.
3. Any impact to operations are ensured to be avoided for any modification works on the
delivered software.
Page 73 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
4. For each installation of modified software to live system, a software release note, an
installation method statement, and a system safety certificate shall be submitted to the
Employer at least seven (7) days prior to the installation.
1. The software release note shall provide details of the modified software
2. The method statement shall identify the schedule, installation procedure, impact to the
operational system, and the fall back procedures.
Page 74 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
Page 75 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
4 The ISCS shall be able to enable the control of TVS ISCS- SIL 2 NA
mode. SWRS-
302010-09
6 The ISCS shall be provided with a “Train Stopped ISCS- SIL 2 The
in Tunnel Zone” status by the SS WPC to prompt SWRS- requirement
the trigger of the tunnel ventilation system to 302010-06 involved
operate in the necessary mode when any train is interfacing
stationary inside any section of the tunnel for more between
than a predefined period. The conditions for ISCS and
providing the triggering signals shall be coordinated Tunnel
by SS WPC with InfraCo WPC. Ventilation
System
Page 76 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
7 The ISCS HMI located at OCC and BOCC shall be ISCS- SIL 2 NA
integrated with functionality which allows control SWRS-
and monitoring of the Traction Power Network. 302030-01
Page 77 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
ISCS-SysRS- 2. Design, Manufacture, Supply, Delivery, Installation, Testing, and Commissioning, Interfacing, Info N/A
010100 Warranty and Other Related Works of Communications System (COMMS) of Rapid Transit System
(RTS) Link Assets for RTS Link Between Malaysia-Singapore
Part 2 : Particular Specification (Document no: RTSO/TDR/SB/COMMS/CPX/2021/003)
Page 78 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
Page 79 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
Referring to Figure 1 1, below are examples of how the System Requirement ID is allocated:
Page 80 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
Page 82 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
Page 83 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
Page 84 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
Page 85 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
Page 87 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
Page 88 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
Page 89 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
Page 90 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
Page 91 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
Page 92 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
Page 93 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
Page 94 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
Page 95 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
Page 96 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
Page 98 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
ISCS-SysRS- 2. The focus to be used for the HMI shall be explicit, that means, the user must explicitly Functional ISCS-SWRS-
020503-22-02 select which window the keyboard focus is applied to. 205060-08
ISCS-SysRS- 3. A mouse or tracker ball shall be used to manipulate the pointer. Functional ISCS-SWRS-
020503-22-03 205130-04
ISCS-SysRS- 4. User interface applications shall take input from mouse/tracker ball and touch screen Functional ISCS-SWRS-
020503-22-04 devices and from keyboards. 205130-05
ISCS-SysRS- 5. The ISCS application may have several main windows in operation simultaneously. Functional ISCS-SWRS-
020503-22-05 These windows may be displayed on one or more screens of a multi-screen workstation. The focus 205060-06
can be moved from one window to another either by activating the button that enabled the window,
by using a two key combination on the keyboard, or by selecting the window if part of it is visible.
ISCS-SysRS- 6. All menu commands shall be keyboard accessible, and all major system commands Functional ISCS-SWRS-
020503-22-06 shall be available from a menu. 205100-04
Page 138 of 171
Copyright © 2023. All rights reserved.
Document Title ISCS Software Requirement Specification
Document No. P205_ISCS_D2.2_SRS
Rev. No. 0.4.0
ISCS-SysRS- 2.5.5.16 The alarm system shall provide alarm response procedures for operator to access when Info N/A
020505-16 alarm is triggered. The information should include:
ISCS-SysRS- Info N/A
1. Tag name & description
020505-16-01
ISCS-SysRS- Info N/A
2. Alarm description
020505-16-02
ISCS-SysRS- Info N/A
3. Alarm type
020505-16-03
ISCS-SysRS- Info N/A
4. Alarm setpoint
020505-16-04
ISCS-SysRS- Info N/A
5. Allowable response time
020505-16-05
ISCS-SysRS- Info N/A
6. Alarm class
020505-16-06
ISCS-SysRS- Info N/A
7. Additional info (potential causes, consequence on inaction, operator action)
020505-16-07
ISCS-SysRS- Functional ISCS-SWRS-
2.5.5.17 To manage nuisance alarms, alarms can be suppressed, shelved, or labelled out of service.
020505-17 206070
ISCS-SysRS- 1. Alarm suppression under Avalanche conditions shall suppress non-critical alarms to Functional ISCS-SWRS-
020505-17-01 avoid an excessive quantity of alarms in the Alarm Display due to the cascade effect of a high-level 206070-01
equipment failure or alarm.
ISCS-SysRS- 2. The avalanche alarm suppression conditions shall each be defined by Boolean logic Functional ISCS-SWRS-
020505-17-02 expressions of states of one or more equipment and shall be operator configurable. 206070-02
ISCS-SysRS- Functional ISCS-SWRS-
3. Multiple levels of alarm suppression shall be supported.
020505-17-03 206070-03
ISCS-SysRS- 4. The filtering level selected shall depend on the seriousness of the condition. The Functional ISCS-SWRS-
020505-17-04 operator shall have the ability to suppress different alarm severity levels at any time and shall be 206070-04
prompted by the monitor throughout the time when it is in force.
ISCS-SysRS- 4.1.3.5 The following table gives the maximum time between the operator command at the Non-functional ISCS-SWRS-
040103-05 workstation and the activation of the relevant output at the ISCS RTU/PLC, or reception by interfaced 401010-02
system, in normal or degraded modes.
ISCS-SysRS- Non-functional ISCS-SWRS-
040103-05 401010-02