TBL1 Plus Certification Plan

ID: tsc_tbl1plus_rams_certif_plan_tbl1plus
Version: V1.2.1
Status: Published
Author: Alexandre Betis
Date: 11/04/2023
Review: !1257
Authorized by: Alexandre Betis

Configuration Management
Commit: 4a522af2
On branch: tbl1plus_v1

Document signature
5212272157c71d1f17c3fa94720e1dff91f6764e
 CONTENTS

1 Revision history [artifact history] 3

2 Introduction 4
2.1 Context . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
2.2 Purpose . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
2.3 Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
2.4 Applicable documents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
2.5 Reference documents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
2.6 Terms and definitions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

3 Management of the document 6

3.1 Creation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
3.2 Revision . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
3.3 Filing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6

4 SCOPE AND CERTIFICATION PROCESS 7

4.1 SCOPE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
4.2 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
4.3 Functional and technical aspects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
4.4 RAMS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
4.5 Assessment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
4.6 Limitations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10

5 Appendix 11
5.1 BE national rules compliance matrix . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11

2 of 11 CONTENTS
5212272157c71d1f17c3fa94720e1dff91f6764e
 CHAPTER

ONE

REVISION HISTORY [ARTIFACT HISTORY]

This artifact version is: V1.2.1

This artifact signature: 5212272157c71d1f17c3fa94720e1dff91f6764e

Name Description Date Author Signature MR

2ddce692832fddf51696e
V1.0 First version of Certification plan for TBL1+ 08/07/2022 Xavier Fayolle !933
93cd5db278e7023fdff
8498579bce467825c3fae
V1.1 Update roles, skills and safety artifact 27/10/2022 Xavier Fayolle !933
34177816750d01e9917
Housekeeping change. Fix name of PBS f4df9ac0a2d845ef6913e
V1.2 02/12/2022 Alexandre Betis !1091
doc. 302aef0c0179f7b8873
Housekeeping change. Updated program 5212272157c71d1f17c3f
V1.2.1 11/04/2023 Alexandre Betis !1257
roles. a94720e1dff91f6764e

1. Revision history [artifact history] 3 of 11

5212272157c71d1f17c3fa94720e1dff91f6764e
 CHAPTER

TWO

INTRODUCTION

2.1 Context

The TBL1+ program consists into developing a Generic Application kit that is intended to be
used together with the iEVC platform. The TBL1+ application from this kit implements the re-
quirements from [CERTIFPTBL1-R13-INF-TBL1plus-SGv3_4], [CERTIFPTBL1-R14-MEMOR] and
[CERTIFPTBL1-R21-TBL1PP].
The TBL1+ application may be used either as a stand-alone signalling application or in bi-standard mode (under
the supervision of the ETCS signalling application).

2.2 Purpose

This document defines the compliance strategy retained for this development with regards to the Belgian referential
[CERTIFPTBL1-R15-LAW-30_08_2013] that define the necessary requirement to obtain generic certification of
a Class B TBL1+ solution in Belgium.

2.3 Contents

• Introduction - this section;

• Management of the document - describes the rules for managing this plan;
• SCOPE AND CERTIFICATION PROCESS - presents the compliance plan for certifying the TBL1+ appli-
cation;
• Appendix - provides the preliminary traceability matrices for the TSI.

2.4 Applicable documents

[CERTIFPTBL1-R0-Glossary] TBL1 Plus Glossary [id: tsc_tbl1plus_glossary]

[CERTIFPTBL1-R1-PMP] TBL1 Plus Program Management plan [id: tsc_tbl1plus_pmqa_pmp]
[CERTIFPTBL1-R2-EMP] TBL1 Plus Engineering Plan [id: tsc_tbl1plus_system_eng]
[CERTIFPTBL1-R3-SAFETYP] TBL1 Plus Application Safety Plan [id: tsc_tbl1plus_rams_safetyplan]
[CERTIFPTBL1-R4-PQP] TBL1 Plus Program Quality plan [id: tsc_tbl1plus_pmqa_pqp]
[CERTIFPTBL1-R5-SYRS] TBL1 Plus System requirement specification [id: tsc_tbl1plus_system_syrs]
[CERTIFPTBL1-R17-SYAD] TBL1 Plus Architecture Description [id: tsc_tbl1plus_system_syad]
[CERTIFPTBL1-R20-PBS] TBL1 Plus Product Breakdown Structure (To be released)

4 of 11 Bibliography
5212272157c71d1f17c3fa94720e1dff91f6764e
 TBL1 Plus Certification Plan

2.5 Reference documents

[CERTIFPTBL1-R6-TSI-CCS-2016] COMMISSION REGULATION (EU) 2016/919 of 27 May 2016 on the

technical specification for interoperability relating to the ‘control-command and signalling’ subsys-
tems of the rail system in the European Union
[CERTIFPTBL1-R7-REG-2019-776] COMMISSION IMPLEMENTING REGULATION (EU) 2019/776 of 16
May 2019 amending Commission Regulations (EU) No 321/2013, (EU) No 1299/2014, (EU) No
1301/2014, (EU) No 1302/2014, (EU) No 1303/2014 and (EU) 2016/919 and Commission Im-
plementing Decision 2011/665/EU as regards the alignment with Directive (EU) 2016/797 of the
European Parliament and of the Council and the implementation of specific objectives set out in
Commission Delegated Decision (EU) 2017/1474
[CERTIFPTBL1-R8-EN50126_2017-1] Railway Applications - The Specification and Demonstration of Relia-
bility, Availability, Maintainability and Safety (RAMS) - Part 1: Generic RAMS Process
[CERTIFPTBL1-R9-EN50126_2017-2] Railway Applications - The Specification and Demonstration of Relia-
bility, Availability, Maintainability and Safety (RAMS). Basic requirements and generic process
[CERTIFPTBL1-R10-EN50128_2011] Railway applications - Communication, signalling and processing sys-
tems - Software for railway control and protection systems
[CERTIFPTBL1-R11-EN50129_2018] Railway applications - Communication, signalling and processing sys-
tems - Safety related electronic systems for signalling
[CERTIFPTBL1-R12-EN50159_2010] Railway applications - Communication, signalling and processing sys-
tems - Safety related communication in transmission systems
[CERTIFPTBL1-R13-INF-TBL1plus-SGv3_4] TBL1 Plus General specification v3.4
[CERTIFPTBL1-R14-MEMOR] A.M. from 30 July 2010 – Part C - Generic description of MEMOR system
[CERTIFPTBL1-R15-LAW-30_08_2013] Loi du 30 août 2013 portant le Code ferroviaire - version adaptée du
23.02.21
[CERTIFPTBL1-R16-AR-06_12_20] 6 DECEMBRE 2020. — Arrêté royal déterminant les exigences applica-
bles au matériel roulant pour l’utilisation des sillons
[CERTIFPTBL1-R18-REG-2018-545] Commission Implementing Regulation (EU) 2018/545 of 4 April 2018
establishing practical arrangements for the railway vehicle authorization and railway vehicle type
authorization process pursuant to Directive (EU) 2016/797 of the European Parliament and of the
Council
[CERTIFPTBL1-R19-EN50155_2017] Railway applications - Rolling stock - Electronic equipment
[CERTIFPTBL1-R21-TBL1PP] TBL1++ supervision functions specification - 20230126 EXCOFER - Spécifica-
tion TBL1++ - v2

2.6 Terms and definitions

The terms and definitions used in the TBL1 Plus Program are summarized and explained in the TBL1+ glossary
[CERTIFPTBL1-R0-Glossary].

2.5. Reference documents 5 of 11

5212272157c71d1f17c3fa94720e1dff91f6764e
 CHAPTER

THREE

MANAGEMENT OF THE DOCUMENT

3.1 Creation

The certification plan is elaborated by the certification project manager as mentioned in

[CERTIFPTBL1-R1-PMP].

3.2 Revision

New revisions of the plan are triggered by the certification project manager as needed. Update of this plan can be
triggered upon request of:
• NSAs,
• The Client,
• AsBo/NoBo/DeBo,
• Project Manager,
• RAMS Director,

3.3 Filing

Storage and diffusion of this document is performed according to the rules described in [CERTIFPTBL1-R4-PQP].

6 of 11 3. Management of the document

5212272157c71d1f17c3fa94720e1dff91f6764e
 CHAPTER

FOUR

SCOPE AND CERTIFICATION PROCESS

4.1 SCOPE

In accordance with [CERTIFPTBL1-R6-TSI-CCS-2016], and [CERTIFPTBL1-R15-LAW-30_08_2013], TBL1+

aims at increasing safety on Belgian conventional railway network by reducing probability of bypassing a danger
point (DP) by generalizing MEMOR-STOP functionalities as described in [CERTIFPTBL1-R14-MEMOR] and
monitoring speed close to this danger point and triggering a emergency brake (EB) if the speed is too high.
TSC’s TBL1+ Generic solution consists into a Generic Application kit that is intended to be used together with
the iEVC Generic Platform.

4.2 Overview

The full working perimeter is defined in [CERTIFPTBL1-R1-PMP]. The TBL1+ generic solution is described in
[CERTIFPTBL1-R2-EMP].

4.3 Functional and technical aspects

The TBL1+ constituent defined in the previous section will be fully defined in [CERTIFPTBL1-R5-SYRS]
and [CERTIFPTBL1-R17-SYAD]. The Functional and technical aspects of TBL1+ and MEMOR are de-
fined following specifications [CERTIFPTBL1-R13-INF-TBL1plus-SGv3_4], [CERTIFPTBL1-R14-MEMOR]
and [CERTIFPTBL1-R21-TBL1PP].
The requirement capture process is realized accordingly with article 13 of [CERTIFPTBL1-R18-REG-2018-545].
It considers requirements mentioned in Regulation 2019/776 [CERTIFPTBL1-R7-REG-2019-776] and TSI CCS
[CERTIFPTBL1-R6-TSI-CCS-2016] for European regulations and [CERTIFPTBL1-R15-LAW-30_08_2013],
and [CERTIFPTBL1-R16-AR-06_12_20] for Belgian regulations.

4.4 RAMS

Safety aspects of the TBL1+ Program are covered in [CERTIFPTBL1-R3-SAFETYP]. In particular, for CEN-
ELEC requirements:
• [CERTIFPTBL1-R8-EN50126_2017-1]
• [CERTIFPTBL1-R9-EN50126_2017-2]
• [CERTIFPTBL1-R10-EN50128_2011]
• [CERTIFPTBL1-R11-EN50129_2018]
• [CERTIFPTBL1-R12-EN50159_2010]
• [CERTIFPTBL1-R19-EN50155_2017]

4. SCOPE AND CERTIFICATION PROCESS 7 of 11

5212272157c71d1f17c3fa94720e1dff91f6764e
TBL1 Plus Certification Plan

No RAM plan will be prepared in the frame of this program as it aims at developing an application only and will
not modify the product defined at iEVC platform level.

4.5 Assessment

4.5.1 Choice of the DeBo [activity]

Data
• Input:
– TBL1 Plus Certification Plan[artifact]
• Product:
– Contract between DeBo and TSC[artifact]
• Entry criteria: Certification plan signed.
• Exit criteria: DeBo is selected by TSC
• Responsible roles:
– Certification Manager[role]
• Accountable role:
– Program Manager[role]
• Consulted roles:
– Stakeholder[role]
– System Verifier[role]
– Validator[role]
– Safety Assurance Engineer[role]
• Tools:
– TSC Sphinx Extension[ci]
– TSC Gitlab[ci]

In order to ensure the compliance of the TBL1+ solution to Belgian regulation, a DeBo will assess
the conformity of the solution with respect to national regulations. The DeBo is chosen by TSC and
is mentioned in [CERTIFPTBL1-R1-PMP].

4.5.2 Demonstration of conformity to Belgian National rules [activity]

Data
• Input:
– TBL1 Plus Certification Plan[artifact]
• Product:
– Traceability matrix versus Belgian National rules[artifact]
• Entry criteria: Certification plan signed, DeBo selected.
• Exit criteria: Traceability to national rules is validated by DeBo.

8 of 11 4.5. Assessment
5212272157c71d1f17c3fa94720e1dff91f6764e
 TBL1 Plus Certification Plan

• Responsible roles:
– Certification Manager[role]
• Accountable role:
– Program Manager[role]
• Consulted roles:
– Stakeholder[role]
– System Verifier[role]
– Validator[role]
– Safety Assurance Engineer[role]
• Tools:
– TSC Sphinx Extension[ci]
– TSC Gitlab[ci]

Conformity to national rules will be demonstrated via a traceability matrix. This matrix is built based
on requirements identified during the requirements capture process and completed by proofs brought
by the program. The matrix and proofs will then be validated by the DeBo.

4.5.3 Perform QMS audit vs Module CH1 [activity]

Data
• Input:
– TBL1 Plus Certification Plan[artifact]
• Product:
– QMS Certificate[artifact]
• Entry criteria: Certification plan signed, DeBo selected.
• Exit criteria: QMS is judged conform to module CH1 by DeBo.
• Responsible roles:
– Certification Manager[role]
• Accountable role:
– Program Manager[role]
• Consulted roles:
– Stakeholder[role]
– System Verifier[role]
– Validator[role]
– Safety Assurance Engineer[role]
• Tools:
– TSC Sphinx Extension[ci]
– TSC Gitlab[ci]

Per [CERTIFPTBL1-R6-TSI-CCS-2016] clause 6.2.2, the TBL1+ Program selects module CH1 as
assessment method. An evaluation of the QMS by a competent Designated Body (DeBo) shall be

4.5. Assessment 9 of 11
5212272157c71d1f17c3fa94720e1dff91f6764e
TBL1 Plus Certification Plan

organized,

4.5.4 Certification of the constituent [activity]

Data
• Input:
– TBL1 Plus Certification Plan[artifact]
– Traceability matrix versus Belgian National rules[artifact]
• Product:
– Certificate of verification for TBL1+ constituent[artifact]
• Entry criteria: Certification plan signed, DeBo selected.
• Exit criteria: Certificate of verification for TBL1+ constituent emitted by DeBo.
• Responsible roles:
– Certification Manager[role]
• Accountable role:
– Program Manager[role]
• Consulted roles:
– Stakeholder[role]
– System Verifier[role]
– Validator[role]
– Safety Assurance Engineer[role]
• Tools:
– TSC Sphinx Extension[ci]
– TSC Gitlab[ci]

Following the validation of the traceability matrix by the DeBo, the DeBo will produce a certificate
of verification to Belgian national rules for the constituent TBL1+.
Furthermore, as explained previously, but repeated here, the TBL1+ program complies with EN 50126, EN
50129, EN50155 and EN50128. This compliance is presented in the safety plan [CERTIFPTBL1-R3-SAFETYP].
This compliance along with other safety requirements will be evaluated by an ISA. After this evaluation,
ISA will provide an assessment report and an ISA certificate. Safety assessment procedure is described in
[CERTIFPTBL1-R3-SAFETYP].

4.6 Limitations

The present plan covers DeBo certification of TBL1+ solution as a constituent. The complete perimeter of the
TBL1+ will be defined in the [CERTIFPTBL1-R20-PBS]. Any change on the configuration needs to be assessed.
DeBo conformity studies should be performed on a subsystem level before after integrating this TBL1+ Solution
inside a train accordingly with [CERTIFPTBL1-R6-TSI-CCS-2016] and [CERTIFPTBL1-R16-AR-06_12_20].

10 of 11 4.6. Limitations
5212272157c71d1f17c3fa94720e1dff91f6764e
 CHAPTER

FIVE

APPENDIX

5.1 BE national rules compliance matrix

Attached file

BE national rules compliance [attach]

5. Appendix 11 of 11
5212272157c71d1f17c3fa94720e1dff91f6764e