基于车车通信的列控系统在传统车地通信的基础上，引入了车车通信技术，后车与前车实时通信，极大地简化了地面设备，提高了列车运行效率。本文使用STPA法对该系统的关键设备-资源管理单元的安全性进行研究。以资源管理单元下发临时限速命令的过程为例，识别出过程中危险行为，找出系统的不安全因素，规划安全性设计需求。通过安全性设计需求条件搭建该场景的时间自动机网络模型，使用UPPAAL对模型进行验证。验证表明：STPA方法能够找到列控系统中控制缺陷，并采用相应的策略，提高系统的安全性，在列控系统的安全性分析中具有较好的适用性。

Based on the traditional train ground communication, the train control system introduces the train ground communication technology to realize the real-time communication between the rear train and the front train, which greatly simplifies the ground equipment and improves the train operation efficiency. This paper used STPA method to analysis the security ofresource management unit, the key equipment of the system. The process of Temporary Speed Restriction sending by RMU is studied as typical of the control scenario. The dangerous behaviors in the process are identified, the unsafe factors of the system are found out, and SDR is formulated in the scenario. The timed automata network model of TSR sending scenario is built by SDR condition, and UPPAAL is used to verify the model. The verification shows that STPa method can find the control defects in the train control system, and adopt corresponding strategies to improve the security of the system, which has good applicability in the security analysis of the train control system.