Centralized Safety Information System

Updated 31 January 2026

Centralized safety information systems are integrated infrastructures that aggregate and process heterogeneous safety data, ensuring traceability and automated reasoning.
They leverage model-driven safety engineering, sensor fusion, and formal synchronization protocols to maintain system-wide consistency and rapid emergency responses.
Applications span railway safety management and connected vehicle operations, demonstrating improved detection accuracy, reduced manual errors, and enhanced control.

A centralized safety information system is an architectural paradigm and technical infrastructure that collates, integrates, and processes safety-relevant data or artifacts within a single logically central locus to enable traceability, automated reasoning, and high-assurance control of safety-critical processes. Centralization in this context refers to the aggregation of heterogeneous inputs—ranging from system engineering models and failure analyses to real-time sensor measurements—into a unified repository or processing core that supports both continuous synchronization with distributed sources and coordinated decision-making or analysis across complex engineered or operational systems. Distinct implementations exist in model-driven safety engineering, railway safety management, and connected automated vehicle infrastructure, each leveraging central orchestration to enhance traceability, reaction time, detection accuracy, and system-wide consistency.

1. Architectures of Centralized Safety Information Systems

Model-based engineering environments such as INSiDER utilize a centralized reference model to organize and interlink system design and safety analysis artifacts. The System-Safety Analysis Model (S²AM) forms the heart of the approach, acting as a superset overlaying the System Model (SM), which encodes entity structures and communication ports, and the Safety Analysis Model (SAM), representing either global or per-component failure logic. Each model element is mapped using globally unique identifiers, with S²AM maintaining pointers only and enforcing no changes to the original model notations (Zeller et al., 2021).

In high-speed railway contexts, the system architecture features per-car clusters of IoT sensors and local controllers feeding real-time data via wired (CAN/Ethernet) or wireless (LTE-R) networks to a central processing unit (CPUs executing real-time safety operating systems). This CPU performs sensor fusion, state estimation, and global emergency decision logic, cascading coordinated brake commands back to each car through redundant communication backbones, thus centralizing both information flow and critical control (Har, 2015).

Cooperative intelligent transportation systems (C-ITS) for connected and automated vehicles embed on-board sensor fusion modules and communication units (OBUs) which uplink safety-relevant data in standardized formats to roadside units (RSUs) and onwards to Traffic Management Centers (TMCs). The TMC acts as the centralized analytics and alerting node, aggregating data across the fleet and delivering real-time or retrospective system-wide safety monitoring (Tak et al., 2021).

2. Formal Mechanisms, Synchronization, and Consistency Constraints

Centralized safety reference models enforce formal mappings and synchronization protocols to maintain coherence between physical or logical system topology and associated safety logic. In INSiDER, mapping functions $Y : P_c \rightarrow F_c$ (system ports to failure ports) and their inverses are defined to maintain a bijective correspondence at the port/granule level. Predicate logic constraints ensure:

For every system component, an associated safety analysis model exists.
System-level port relationships mirror corresponding failure-propagation links in the safety model.
Synchronization algorithms automatically instantiate or retire safety analysis entities and links as system model artifacts are created, deleted, or modified, ensuring set-theoretic consistency at all times (Zeller et al., 2021).

In sensor-based architectures, formal estimation (e.g., Kalman filter dynamical models in trains) merges all raw sensor streams into a single state vector within the central CPU, maintaining an up-to-date, globally validated safety state. Strict communication and latency requirements are maintained via deterministic protocols (e.g., TDMA for command channels, prioritized CSMA/CA for telemetry), and fall-over logic ensures system coherence across network or hardware failures (Har, 2015).

3. Data Integration, Indicator Computation, and Tradeoffs

CAV safety information systems structure sampled sensor streams (e.g., acceleration, lane position, time-to-collision) from each vehicle using a time-synchronous, packetized protocol (e.g., SAE J2735). At the central server, real-time algorithms compute safety performance indicators:

Severe Deceleration ( $I_{SD}(t)$ ): detects hard braking using thresholds on longitudinal acceleration.
Lateral Position Variance ( $I_{LPV}(t)$ ): measures proximity to lane boundaries.
Inverse Time-to-Collision ( $\tau^{-1}(t)$ ): captures collision imminence via relative speed to lead obstacles.

Data is sampled at tunable intervals ( $\Delta t$ ) to balance communication overhead (compression) against detection rate (fidelity). An explicit optimization objective $J(\Delta t)$ , weighing both domains, supports selection of the ideal sampling rate. Statistical consistency with raw data, validated via the Kolmogorov–Smirnov test between empirical CDFs, is checked to ensure sampling does not degrade safety-relevant signal characteristics (Tak et al., 2021).

In train safety systems, sensor fusion at the central CPU employs a discrete Kalman filter to merge high-rate, heterogeneous measurements, supporting both continuous state estimation and trigger logic for emergency interventions. This unified architecture improves detection rates of failure conditions across the fleet (Har, 2015).

4. Tool Support, Protocols, and Industrial Integration

Centralized safety models operate across a spectrum of toolchains and integration environments:

Design-level models (e.g., SysML, UML, EAST-ADL) and safety analyses (FMEA, fault trees, CFTs) are linked through reference models instantiated in generic repositories or platform-neutral infrastructures (relational databases, Eclipse/EMF, PLM systems). Change-propagation plugins and listening services automate synchronization tasks (Zeller et al., 2021).
Railway safety implementations use standards such as dual CAN-bus rings (1 Mb/s), Ethernet backbones (100 Mb/s), and LTE-R (1.5 Gb/s) uplinks, with protocol support for real-time and redundant channel switching.
C-ITS environments structure flows via IEEE 802.11p (27 Mb/s), LTE C-V2X (~24 Mb/s) and JSON-encoded V2X messages, supporting star-topology aggregation and centralized event filtering. Sampling intervals around 0.2 s optimize both data load and safety detection rates, as established via field data (Tak et al., 2021, Har, 2015).

5. Traceability, Automated Reasoning, and Example Systems

Traceability is enforced through global unique identifiers at every model and system artifact, enabling $O(1)$ retrieval and update propagation across the central model. Central repositories maintain reference cardinalities from components to modally-linked safety models, strictly mirroring port and connection relationships at the system and analysis levels.

Empirical case studies validate these frameworks. INSiDER demonstrates a three-component system with synchronized extensions, showing automatic creation and deletion of trace links as design evolves (Zeller et al., 2021). In railway systems, end-to-end centralized response yields stopping distances as low as 1,800 m at 300 km/h (with blended braking), emergency reaction times under 100 ms, and rapid fault reconfiguration (<10 ms bus fail-over, <50 ms sensor cross-check) (Har, 2015). CAV safety monitoring achieves >85 % event-detection rates on critical indicators at 0.2 s sampling, with communication loads reduced ~95 % over raw streaming modes (Tak et al., 2021).

6. Advantages, Limitations, and Validation Outcomes

Centralized safety information systems confer several distinct advantages:

Automated traceability without metamodel extension, with 100 % alignment of engineering and safety artifacts (Zeller et al., 2021).
Continuous consistency throughout system and safety co-evolution, reducing manual synchronization errors and accelerating design iteration in industrial practice (e.g., Siemens projects) (Zeller et al., 2021).
Unified global decision logic in operational systems, lowering reaction latency by ~30 % and increasing detection resolution via sensor fusion (Har, 2015).
Statistically validated event detection with operator-tunable communication/reliability tradeoff (Tak et al., 2021).

Key limitations are primarily related to the persistence of manual input in Boolean failure-logic formulas (INSiDER), the necessity for unique identifiers throughout all model and data artifacts, and the absence of quantitative measurements for labor or effort reduction—only qualitative claims are reported (Zeller et al., 2021). In live sensor-based systems, centralization requires robust networking and powerful CPUs to avoid single points of failure, but redundancy and fallback logic are integral to current implementations (Har, 2015).

Reported outcomes include significant reduction of manual errors, improved update cycles, high statistical consistency between sampled and raw data streams, and operational metrics such as SIL 3 emergency-brake chains and MTBF exceeding $10^6$ hours (Har, 2015, Tak et al., 2021, Zeller et al., 2021). Ongoing research focuses on extending repository-based reuse of safety model fragments and automation of failure propagation logic in early-stage design.