Skip to main content
SpringerLink
Log in

From Formal Test Objectives to TTCN-3 for Verifying ETCS Complex Software Control Systems

  • Conference paper
  • First Online:
Book cover Software Technologies (ICSOFT 2019)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 1250))

Included in the following conference series:

Abstract

The design of a practical but accurate software methodology to guarantee systems correctness and safety is still a big challenge. Where test coverage is dissatisfying, formal analysis grants much higher potential to discover errors or safety vulnerabilities during the design phase of a system. However, formal verification methods often require a strong technical background that limits their usage. In this paper, we present a framework based on testing and verification to ensure the correctness and safety of complex distributed software systems. As a result of the application of our methodology we obtain a more reliable system, in terms of functionality, safety and robustness and a reduction of the time necessary for verification. In order to show the applicability of our solution we applied it on a real industrial case study, that is the European Train Control System (ETCS)  [14]. We specify the system using the SDL language  [24], and we use a test generation tool to generate abstract test cases in TTCN-3. Based on these standardized tests, we verify using model-checking, some critical properties of the system, in particular these regarding safety requirements. We analyse a real train accident and we demonstrate how the accident could have been avoided if the ETCS system was used.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    El Pais Journal, 24th of July 2013, https://elpais.com/ccaa/2013/07/24/galicia/1374693125_734192.html.

  2. 2.

    http://pragmadev.com/product/index.html.

  3. 3.

    http://www.ttcn-3.org.

  4. 4.

    http://www.ertms.net/.

  5. 5.

    https://medium.com/@POST_UK/moving-block-signalling-b9b0b9f498c2.

  6. 6.

    https://ec.europa.eu/transport/modes/rail/ertms_en.

References

  1. Ameur-Boulifa, R., Cavalli, A.R., Maag, S.: Verifying complex software control systems from test objectives: application to the ETCS system. In: Proceedings of the 14th International Conference on Software Technologies, ICSOFT 2019, Prague, Czech Republic, 26–28 July 2019, pp. 397–406 (2019). https://doi.org/10.5220/0007918203970406

  2. Ameur-Boulifa, R., Henrio, L., Kulankhina, O., Madelaine, E., Savu, A.: Behavioural semantics for asynchronous components. J. Log. Algebraic Methods Program. 89, 1–40 (2017)

    Article  MathSciNet  MATH  Google Scholar 

  3. Andres, C., Cavalli, A., Yetvushenko, N.: On modeling and testing the european train control system, technical report 09013 lor, telecom sudparis. Technical report, March 2013

    Google Scholar 

  4. Abbaspour Asadollah, S., Inam, R., Hansson, H.: A survey on testing for cyber physical system. In: El-Fakih, K., Barlas, G., Yevtushenko, N. (eds.) ICTSS 2015. LNCS, vol. 9447, pp. 194–207. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-25945-1_12

    Chapter  Google Scholar 

  5. Belghiat, A., Chaoui, A.: A Pi-calculus-based approach for the verification of UML2 sequence diagrams. In: 2015 10th International Joint Conference on Software Technologies (ICSOFT), vol. 2, pp. 1–8. IEEE (2015)

    Google Scholar 

  6. Bérard, B., et al.: Systems and Software Verification: Model-checking Techniques and Tools. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-662-04558-9

  7. Berthomieu, B., et al.: The syntax and semantics of FIACRE. In: Deliverable number F.3.2.11 of project TOPCASED (2012)

    Google Scholar 

  8. Bougacha, R., Wakrime, A.A., Kallel, S., Ayed, R.B., Collart-Dutilleul, S.: A model-based approach for the modeling and the verification of railway signaling system. In: Proceedings of the 14th International Conference on Evaluation of Novel Approaches to Software Engineering, pp. 367–376. SCITEPRESS-Science and Technology Publications, Lda (2019)

    Google Scholar 

  9. Bozga, M., Graf, S., Mounier, L.: IF-2.0: a validation environment for component-based real-time systems. In: Brinksma, E., Larsen, K.G. (eds.) CAV 2002. LNCS, vol. 2404, pp. 343–348. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45657-0_26

    Chapter  Google Scholar 

  10. Bozga, M., Graf, S., Ober, I., Ober, I., Sifakis, J.: The IF toolset. In: Bernardo, M., Corradini, F. (eds.) SFM-RT 2004. LNCS, vol. 3185, pp. 237–267. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-30080-9_8

    Chapter  MATH  Google Scholar 

  11. Bundell, G.A.: Aspects of the safety analysis of an on-board automatic train operation supervisor. In: 2009 IEEE International Conference on Systems, Man and Cybernetics, pp. 3223–3230. IEEE (2009)

    Google Scholar 

  12. Cavalli, A.R., Grepet, C., Maag, S., Tortajada, V.: A validation model for the DSR protocol. In: 24th International Conference on Distributed Computing Systems Workshops (ICDCS 2004 Workshops), 23–24 March 2004, Hachioji, Tokyo, Japan, pp. 768–773 (2004). https://doi.org/10.1109/ICDCSW.2004.1284120

  13. Che, X., Lalanne, F., Maag, S.: A logic-based passive testing approach for the validation of communicating protocols. In: ENASE 2012 - Proceedings of the 7th International Conference on Evaluation of Novel Approaches to Software Engineering, Wroclaw, Poland, 29–30 June 2012, pp. 53–64 (2012)

    Google Scholar 

  14. ERTMS Commission Group - European Commission: delivering an effective and interoperable European Rail Traffic Management System (ERTMS) – the way ahead. Technical report, SWD(2017), p. 375, November 2017. https://ec.europa.eu/transport/sites/transport/files/swd20170375-ertms-the-way-ahead.pdf

  15. ETSI-ES-201-873-1: Methods for testing and specification (MTS), the testing and test control notation version 3, part 1: Ttcn-3 core language, v4.11.1. Technical report, April 2019

    Google Scholar 

  16. Ferrante, O., Scholte, E., Rollini, S., North, R., Manica, L., Senni, V.: A methodology for formal requirements validation and automatic test generation and application to aerospace systems. Technical report, SAE Technical Paper (2018)

    Google Scholar 

  17. Fraser, G., Wotawa, F., Ammann, P.E.: Testing with model checkers: a survey. Softw. Test. Verification Reliab. 19(3), 215–261 (2009)

    Article  Google Scholar 

  18. Garavel, H., Lang, F., Mateescu, R., Serwe, W.: CADP 2010: a toolbox for the construction and analysis of distributed processes. In: Abdulla, P.A., Leino, K.R.M. (eds.) TACAS 2011. LNCS, vol. 6605, pp. 372–387. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-19835-9_33

    Chapter  MATH  Google Scholar 

  19. Garousi, V., Felderer, M., Karapıçak, Ç.M., Yılmaz, U.: Testing embedded software: a survey of the literature. Inf. Softw. Technol. 104, 14–45 (2018)

    Article  Google Scholar 

  20. Ghazel, M.: Formalizing a subset of ERTMS/ETCS specifications for verification purposes. Transp. Res. Part C Emerg. Technol. 42, 60–75 (2014)

    Article  Google Scholar 

  21. Godefroid, P.: Between testing and verification: Dynamic software model checking (2016)

    Google Scholar 

  22. Hennessy, M., Lin, H.: Symbolic bisimulations. Theor. Comput. Sci. 138(2), 353–389 (1995)

    Article  MathSciNet  MATH  Google Scholar 

  23. Henrio, L., Madelaine, E., Min, Z.: pNets: an expressive model for parameterised networks of processes. In: 2015 23rd Euromicro International Conference on Parallel, Distributed, and Network-Based Processing, pp. 492–496. IEEE (2015)

    Google Scholar 

  24. ITU-T: Recommandation Z.100: CCITT Specification and Description Language (SDL, 1999, updated 2019). Technical report, ITU-T, October 2019

    Google Scholar 

  25. Jesus Valdivia, L., Solas, G., Añorga, J., Arrizabalaga, S., Adin, I., Mendizabal, J.: ETCS on-board unit safety testing: saboteurs, testing strategy and results. Promet-Traffic Transp. 29(2), 213–223 (2017)

    Article  Google Scholar 

  26. Kahani, N., Bagherzadeh, M., Cordy, J.R., Dingel, J., Varró, D.: Survey and classification of model transformation tools. Softw. Syst. Model. 18(4), 2361–2397 (2018). https://doi.org/10.1007/s10270-018-0665-6

    Article  Google Scholar 

  27. Kapinski, J., Deshmukh, J.V., Jin, X., Ito, H., Butts, K.: Simulation-based approaches for verification of embedded control systems: an overview of traditional and advanced modeling, testing, and verification techniques. IEEE Control Syst. Mag. 36(6), 45–64 (2016)

    Article  MathSciNet  Google Scholar 

  28. Karna, A.K., Chen, Y., Yu, H., Zhong, H., Zhao, J.: The role of model checking in software engineering. Front. Comput. Sci. 12(4), 642–668 (2018). https://doi.org/10.1007/s11704-016-6192-0

    Article  Google Scholar 

  29. Lee, D., Yannakakis, M.: Principles and methods of testing finite state machines - a survey. IEEE Trans. Comput. 84, 1090–1123 (1996)

    Google Scholar 

  30. Lee, D., Yannakakis, M.: Principles and methods of testing finite state machines - a Survey. Proc. IEEE 84, 1090–1123 (1996)

    Article  Google Scholar 

  31. Liu, Y., Tang, T., Liu, J., Zhao, L., Xu, T.: Formal modeling and verification of RBC handover of ETCS using differential dynamic logic. In: 2011 Tenth International Symposium on Autonomous Decentralized Systems, pp. 67–72. IEEE (2011)

    Google Scholar 

  32. Mateescu, R., Thivolle, D.: A model checking language for concurrent value-passing systems. In: Cuellar, J., Maibaum, T., Sere, K. (eds.) FM 2008. LNCS, vol. 5014, pp. 148–164. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-68237-0_12

    Chapter  Google Scholar 

  33. Merouane, K., Grepet, C., Maag, S.: A methodology for interoperability testing of a manet routing protocol. In: International Conference on Wireless and Mobile Communications, p. 5, March 2007. https://doi.org/10.1109/ICWMC.2007.2

  34. Mouttappa, P., Maag, S., Cavalli, A.: Using passive testing based on symbolic execution and slicing techniques: application to the validation of communication protocols. Comput. Netw. 57(15), 2992–3008 (2013)

    Article  Google Scholar 

  35. Mubeen, S., Nolte, T., Sjödin, M., Lundbäck, J., Lundbäck, K.-L.: Supporting timing analysis of vehicular embedded systems through the refinement of timing constraints. Softw. Syst. Model. 18(1), 39–69 (2017). https://doi.org/10.1007/s10270-017-0579-8

    Article  Google Scholar 

  36. Petiot, G., Kosmatov, N., Giorgetti, A., Julliand, J.: How test generation helps software specification and deductive verification in Frama-C. In: Seidl, M., Tillmann, N. (eds.) TAP 2014. LNCS, vol. 8570, pp. 204–211. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-09099-3_16

    Chapter  Google Scholar 

  37. Platzer, A., Quesel, J.-D.: European train control system: a case study in formal verification. In: Breitman, K., Cavalcanti, A. (eds.) ICFEM 2009. LNCS, vol. 5885, pp. 246–265. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-10373-5_13

    Chapter  Google Scholar 

  38. Salem, M.O.B., Mosbahi, O., Khalgui, M., Frey, G.: R-UML: An UML profile for verification of flexible control systems. In: Lorenz, P., Cardoso, J., Maciaszek, L.A., van Sinderen, M. (eds.) ICSOFT 2015. CCIS, vol. 586, pp. 118–136. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-30142-6_7

    Chapter  Google Scholar 

  39. Willcock, C., Dei, T., Tobies, S., Keil, S., Engler, F., Schulz, S.: An Introduction to TTCN-3, 2nd edn. Wiley Publishing, Hoboken (2011)

    Book  Google Scholar 

  40. Yan, F., Gao, C., Tang, T., Zhou, Y.: A safety management and signaling system integration method for communication-based train control system. Urban Rail Transit 3(2), 90–99 (2017). https://doi.org/10.1007/s40864-017-0051-7

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. LTCI, Télécom ParisTech, Institut Polytechnique de Paris, Palaiseau, France

    Rabea Ameur-Boulifa

  2. Samovar, CNRS, Télécom SudParis, Institut Polytechnique de Paris, Palaiseau, France

    Ana Cavalli & Stephane Maag

Authors
  1. Rabea Ameur-Boulifa
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ana Cavalli
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Stephane Maag
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Stephane Maag .

Editor information

Editors and Affiliations

  1. Information Systems Group, University of Twente, Enschede, The Netherlands

    Marten van Sinderen

  2. Institute of Business Informatics, Wrocław University of Economics, Wrocław, Poland

    Leszek A. Maciaszek

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Ameur-Boulifa, R., Cavalli, A., Maag, S. (2020). From Formal Test Objectives to TTCN-3 for Verifying ETCS Complex Software Control Systems. In: van Sinderen, M., Maciaszek, L. (eds) Software Technologies. ICSOFT 2019. Communications in Computer and Information Science, vol 1250. Springer, Cham. https://doi.org/10.1007/978-3-030-52991-8_8

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-52991-8_8

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-52990-1

  • Online ISBN: 978-3-030-52991-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation