Abstract
Currently a new tunnel tube crossing the river Elbe is built in Hamburg. Therefore a new height control system is required. A computer examines the signals from light barriers and overhead sensors to detect vehicles, which try to drive into a tube with insufficient height. If necessary, it raises an alarm that blocks the road.
This paper describes the application of two safety analysis techniques on this embedded system: model checking has been used to prove functional correctness with respect to a formal model. Fault tree analysis has validated the model and considered technical defects. Their combination has uncovered a safety flaw, led to a precise requirement specification for the software, and showed various ways to improve system safety.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
M. Balser, W. Reif, G. Schellhorn, K. Stenzel, and A. Thums. Formal system development with KIV. In T. Maibaum, editor, Fundamental Approaches to Software Engineering, number 1783 in LNCS. Springer, 2000.
M. Balser and A. Thums. Interactive verification of statecharts. In Integration of Software Specification Techniques (INT’02), 2002.
D. Harel. Statecharts: A visual formalism for complex systems. Science of Computer Programming, 8(3), 1987.
K. L. McMillan. Symbolic Model Checking. Kluwer Academic Publishers, 1990.
W. Reif, G. Schellhorn, and A. Thums. Safety analysis of a radio-based crossing control system using formal methods. In 9th IFAC Symposium on Control in Transportation Systems 2000, 2000.
J. Ruf. RAVEN: Real-time analyzing and verification environment. Technical Report WSI 2000-3, University of Tübingen, Wilhelm-Schickard-Institute, January 2000.
Jürgen Ruf and Thomas Kropf. Symbolic Model Checking for a Discrete Clocked Temporal Logic with Intervals. In E. Cerny and D.K. Probst, editors, Conference on Correct Hardware Design and Verification Methods (CHARME), pages 146–166, Montreal, 1997. IFIP WG 10.5, Chapman and Hall.
Jürgen Ruf and Thomas Kropf. Modeling and Checking Networks of Communicating Real-Time Systems. In Correct Hardware Design and Verification Methods (CHARME 99), pages 265–279. IFIP WG 10.5, Springer, September 1999.
G. Schellhorn, A. Thums, and W. Reif. Formal fault tree semantics. In The Sixth World Conference on Integrated Design & Process Technology, 2002. (to appear).
W. E. Vesely, F. F. Goldberg, N.H. Roberts, and D.F. Haasl. Fault Tree Handbook. Washington, D.C., 1981. NUREG-0492.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2002 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Ortmeier, F., Schellhorn, G., Thums, A., Reif, W., Hering, B., Trappschuh, H. (2002). Safety Analysis of the Height Control System for the Elbtunnel. In: Anderson, S., Felici, M., Bologna, S. (eds) Computer Safety, Reliability and Security. SAFECOMP 2002. Lecture Notes in Computer Science, vol 2434. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45732-1_29
Download citation
DOI: https://doi.org/10.1007/3-540-45732-1_29
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-44157-1
Online ISBN: 978-3-540-45732-9
eBook Packages: Springer Book Archive