Abstract
This paper describes a formal analysis method applied at the software design level. The objective is to prove that a software specification and its implementation satisfy the expected system properties. In our case the analysed design is that of the Zone Controller of a CBTC developed using B. The B-Method is used to ensure that the implementation is correct wrt the software specification, but it does not guarantee that the algorithms described in the specification are correct wrt the system level requirements.
Our analysis overcomes this shortcoming, providing a stronger assurance that the designed software meets its objectives. In particular, we prove that the implemented algorithms ensure that the track portion actually occupied by a train is covered by a protection envelope on the software side. The analysis is formalised with an Event-B model that is subject to tool-based inspections: animation with ProB and formal proof with Atelier B. In contrast to the existing B-Method model, our Event-B model links environment variables (the real position of the trains) with software variables (protection envelopes) and models the assumptions about the possible evolution of the environment.
This analysis was carried out on an industrial scale software, consisting of 12000 lines of executable code, with immediate concrete results. This paper shows that, in addition to demonstrating compliance, this approach is clearly of interest from an industrial point of view.
This research has been conducted within the project AMASS, that has received funding from the ECSEL JU under grant agreement No 692474. This Joint Undertaking receives support from the European Union’s Horizon 2020 research and innovation programme and from Spain, Czech Republic, Germany, Sweden, Italy, United Kingdom and France.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsNotes
- 1.
ProB did already support Event-B within the Rodin platform, but for this development we used Event-B as supported by Atelier-B.
References
Abrial, J.: The ABZ-2018 case study with Event-B. In: Butler et al. [3], pp. 322–337
Abrial, J.-R.: Modeling in Event-B: System and Software Engineering. Cambridge University Press, Cambridge (2010)
Butler, M., Raschke, A., Hoang, T.S., Reichl, K. (eds.): ABZ 2018. LNCS, vol. 10817. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-91271-4
ClearSy: Atelier B, User and Reference Manuals. Aix-en-Provence, France (2009). http://www.atelierb.eu/
Comptier, M., Déharbe, D., Molinero-Perez, J., Mussat, L., Thibaut, P., Sabatier, D.: Safety analysis of a CBTC system: a rigorous approach with Event-b. In: Fantechi, A., Lecomte, T., Romanovsky, A.B. (eds.) RSSRail 2017. LNCS, vol. 10598, pp. 148–159. Springer, Heidelberg (2017). https://doi.org/10.1007/978-3-319-68499-4_10
Dghaym, D., Poppleton, M., Snook, C.F.: Diagram-led formal modelling using iUML-B for hybrid ERTMS level 3. In: Butler et al. [3], pp. 338–352
Dollé, D., Essamé, D., Falampin, J.: B dans le transport ferroviaire. L’expérience de Siemens Transportation Systems. Technique et Science Informatiques 22(1), 11–32 (2003)
Essamé, D., Dollé, D.: B in large-scale projects: the canarsie line CBTC experience. In: Julliand, J., Kouchnarenko, O. (eds.) B 2007. LNCS, vol. 4355, pp. 252–254. Springer, Heidelberg (2006). https://doi.org/10.1007/11955757_21
Hansen, D., et al.: Using a formal B model at runtime in a demonstration of the ETCS hybrid level 3 concept with real trains. In: Butler et al. [3], pp. 292–306
Leuschel, M., Butler, M.J.: ProB: an automated analysis toolset for the B method. STTT 10(2), 185–203 (2008)
Mammar, A., Frappier, M., Fotso, S.J.T., Laleau, R.: An Event-B model of the hybrid ERTMS/ETCS level 3 standard. In: Butler et al. [3], pp. 353–366
Sabatier, D.: Using formal proof and B method at system level for industrial projects. In: Lecomte, T., Pinger, R., Romanovsky, A. (eds.) RSSRail 2016. LNCS, vol. 9707, pp. 20–31. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-33951-1_2
Acknowledgements
We would like to thank David Deharbe, Etienne Prun and Fabien Belmonte for useful contributions to this research. We thank David Schneider for developing the visualisation plugin seen in Fig. 3.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Comptier, M., Leuschel, M., Mejia, LF., Perez, J.M., Mutz, M. (2019). Property-Based Modelling and Validation of a CBTC Zone Controller in Event-B. In: Collart-Dutilleul, S., Lecomte, T., Romanovsky, A. (eds) Reliability, Safety, and Security of Railway Systems. Modelling, Analysis, Verification, and Certification. RSSRail 2019. Lecture Notes in Computer Science(), vol 11495. Springer, Cham. https://doi.org/10.1007/978-3-030-18744-6_13
Download citation
DOI: https://doi.org/10.1007/978-3-030-18744-6_13
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-18743-9
Online ISBN: 978-3-030-18744-6
eBook Packages: Computer ScienceComputer Science (R0)