Abstract
In order to assist domain experts, several tools exist for the definition of graphical or textual domain specific modeling languages (DSMLs). The resulting models are useful, but not sufficient, for an overall understanding of the system, especially when formal methods are being applied. Indeed, formal methods failures often result from misunderstandings of the requirements, even if the system is entirely proved. This is confirmed by several industrial experiments which showed that the poor readability of the formal notations is not convenient for communication with domain experts and hence the validation activity is often tedious, time consuming and complex. In order to circumvent this shortcoming, we propose to make domain specific models provable and also executable thanks to the animation of their expected behaviour directly in a dedicated DSML tool. Our approach starts from an intuitive description of the system’s operational semantics thanks to high-level Petri-nets which abstract away structural constraints and focus on safety-critical behaviours. Then we take benefit of the B method in order to refine and prove these operational semantics on the one hand, and to merge them with the static semantics of a given DSML, on the other hand. This work is applied to the design of ERTMS/ETCS 3 which is an emergent solution for railway system management.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
- 2.
ERTMS: European Rail Traffic Management System.
ETCS: European Train Control System.
- 3.
- 4.
European Vital Computer.
- 5.
Radio Block Center.
- 6.
- 7.
- 8.
- 9.
For place reason we do not develop the animation technique in this paper. Demonstration videos of Meeduse with graphical and textual DSL animation can be found at: http://vasco.imag.fr/tools/meeduse/.
References
Abrial, J.-R.: The B-book: Assigning Programs to Meanings. Cambridge University Press, New York (1996)
Bousse, E., Leroy, D., Combemale, B., Wimmer, M., Baudry, B.: Omniscient debugging for executable DSLs. J. Syst. Softw. 137, 261–288 (2018)
Butler, M., Raschke, A., Hoang, T.S., Reichl, K. (eds.): ABZ 2018. LNCS, vol. 10817. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-91271-4
Deantoni, J.: Modeling the behavioral semantics of heterogeneous languages and their coordination. In: 2016 Architecture-Centric Virtual Integration (ACVI), pp. 12–18, April 2016
EEIG ERTMS USERS GROUP ERA, UNISIG. System Requirements Specification, SUBSET-026. Technical report, European Railway Agency, Version 3.6.0 (2016)
Gaudel, M.-C.: Advantages and limits of formal approaches for ultra-high dependability. In: Randell, B., Laprie, J.C., Kopetz, H., Littlewood, B. (eds.) Predictably Dependable Computing Systems. ESPRIT Basic Research Series, pp. 241–251. Springer, Heidelberg (1995). https://doi.org/10.1007/978-3-642-79789-7_14
Gehlot, V., Nigro, C.: An introduction to systems modeling and simulation with colored petri nets. In: Proceedings of the 2010 Winter Simulation Conference, WSC 2010, USA, 5–8 December 2010, pp. 104–118 (2010)
Hagalisletto, A.M., Bjørk, J., Yu, I.C., Enger, P.: Constructing and refining large-scale railway models represented by petri nets. IEEE Trans. Syst. Man Cybern. Part C 37(4), 444–460 (2007)
James, P., Knapp, A., Mossakowski, T., Roggenbach, M.: Designing domain specific languages – a craftsman’s approach for the railway domain using Casl. In: Martí-Oliet, N., Palomino, M. (eds.) WADT 2012. LNCS, vol. 7841, pp. 178–194. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-37635-1_11
Janczura, C.: Modelling and analysis of railway network control logic using coloured Petri Nets. Ph.D. thesis. University of South Australia (1998)
Jensen, K.: Coloured Petri Nets and the invariant-method. Theor. Comput. Sci. 14, 317–336 (1981)
Jensen, K.: Coloured Petri Nets: Basic Concepts, Analysis Methods and Practical Use, vol. 1. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-662-03241-1
Lecomte, T.: Applying a formal method in industry: a 15-year trajectory. In: Alpuente, M., Cook, B., Joubert, C. (eds.) FMICS 2009. LNCS, vol. 5825, pp. 26–34. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-04570-7_3
Leuschel, M., Butler, M.: ProB: an automated analysis toolset for the B method. STTT 10(2), 185–203 (2008)
Mayerhofer, T., Langer, P., Wimmer, M., Kappel, G.: xMOF: executable DSMLs based on fUML. In: Erwig, M., Paige, R.F., Van Wyk, E. (eds.) SLE 2013. LNCS, vol. 8225, pp. 56–75. Springer, Cham (2013). https://doi.org/10.1007/978-3-319-02654-1_4
Petri, C.-A.: Fundamentals of a theory of asynchronous information flow. In: IFIP Congress, pp. 386–390 (1962)
Schn, W., Larraufie, G., Mons, G., Por, J.: Railway signalling and automation, vol. 3. La vie du rail (2014)
Svendsen, A., Haugen, Ø., Møller-Pedersen, B.: Synthesizing software models: generating train station models automatically. In: Ober, I., Ober, I. (eds.) SDL 2011. LNCS, vol. 7083, pp. 38–53. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-25264-8_5
Vu, L.H., Haxthausen, A., Peleska, J.: A domain-specific language for railway interlocking systems. In: 10th Symposium on Formal Methods for Automation and Safety in Railway and Automotive Systems, pp. 200–209 (2014)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Idani, A., Ledru, Y., Ait Wakrime, A., Ben Ayed, R., Collart-Dutilleul, S. (2019). Incremental Development of a Safety Critical System Combining formal Methods and DSMLs. In: Larsen, K., Willemse, T. (eds) Formal Methods for Industrial Critical Systems. FMICS 2019. Lecture Notes in Computer Science(), vol 11687. Springer, Cham. https://doi.org/10.1007/978-3-030-27008-7_6
Download citation
DOI: https://doi.org/10.1007/978-3-030-27008-7_6
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-27007-0
Online ISBN: 978-3-030-27008-7
eBook Packages: Computer ScienceComputer Science (R0)