Skip to main content
SpringerLink
Log in

New Distribution Paradigms for Railway Interlocking

  • Conference paper
  • First Online:
Leveraging Applications of Formal Methods, Verification and Validation: Applications (ISoLA 2020)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 12478))

Included in the following conference series:

Abstract

We discuss a new “flavour” of distributed interlocking systems, where the proper interlocking logic is allocated on cloud computers using conventional (i.e. commercial-off-the-shelf) multi-core hardware and operating systems. The servers in the cloud communicate with intelligent track elements over internet connections. Interlocking logic may even be geographically distributed on more than one server farm, introducing a new dimension of fault tolerance. This technology has been announced 2018 by Siemens Mobility, and the certification is currently underway. In this paper, it is analysed how the new distribution concept affects verification, validation, and certification. In particular, the complexity of the cloud system suggests to create a collection of scenario models instead of a single comprehensive model specifying the expected behaviour of the system. The use of scenario models is well known from the autonomous vehicle domain, but, to our best knowledge, it is the first time that this approach is also applied in the railway domain. We discuss verification-related and test-related implications of the scenario approach. In particular, solutions are proposed for determining whether a collection of scenario models is complete, and for deciding whether sufficient test coverage has been achieved for a given scenario. The material presented here is based on a collaboration between Siemens and Verified Systems International, a company specialised on verification and validation of safety-critical systems.

This work has been partially funded by the Deutsche Forschungsgemeinschaft (DFG, German Research Foundation) – project number 407708394.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    See, for example, https://www.mobility.siemens.com/global/en/portfolio/rail/automation/signaling-on-board-and-crossing-products/axle-counting-systems.html, where 2-out-of-2 track vacancy detectors are described.

  2. 2.

    More details about the model-based construction of test oracles are explained in  [21].

  3. 3.

    The name is motivated by the collection of soccer player pictures provided with some product and the question how many products need to be bought in order get at least one picture of every player.

  4. 4.

    For example, condition \(0< x \wedge x < 10\) has size 10.

  5. 5.

    https://www.cprover.org/cbmc/.

References

  1. Roadmap to a Single European Transport Area - Towards a competitive and resource efficient transport system. Technical report, European Union - EUR-Lex (2011). https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=celex:52011DC0144, white paper

  2. CENELEC: EN 50128:2011 Railway applications - Communication, signalling and processing systems - Software for railway control and protection systems (2011)

    Google Scholar 

  3. Chow, T.S.: Testing software design modeled by finite-state machines. IEEE Trans. Softw. Eng. SE-4(3), 178–186 (1978)

    Google Scholar 

  4. Cristian, F.: Probabilistic clock synchronization. Distrib. Comput. 3(3), 146–158 (1989). https://doi.org/10.1007/BF01784024

  5. Dorofeeva, R., El-Fakih, K., Yevtushenko, N.: An improved conformance testing method. In: Wang, F. (ed.) FORTE 2005. LNCS, vol. 3731, pp. 204–218. Springer, Heidelberg (2005). https://doi.org/10.1007/11562436_16

    Chapter  Google Scholar 

  6. Ferrante, N., Saltalamacchia, M.: The coupon collector’s problem. Materials matemàtics, pp. 1–35 (2014). http://mat.uab.cat/matmat_antiga/PDFv2014/v2014n02.pdf

  7. Gärtner, F.C.: Fundamentals of fault-tolerant distributed computing in asynchronous environments. ACM Comput. Surv. 31(1), 1–26 (1999). https://doi.org/10.1145/311531.311532

  8. Gülker, J.: Certification of the coded monoprocessor as ATP according to European standards. In: Proceedings of the 7th International Conference on Automated People Movers 1999, pp. 96–101. IDA (1999)

    Google Scholar 

  9. Hauer, F., Schmidt, T., Holzmüller, B., Pretschner, A.: Did we test all scenarios for automated and autonomous driving systems? In: 2019 IEEE Intelligent Transportation Systems Conference, ITSC 2019, Auckland, New Zealand, 27–30 October 2019, pp. 2950–2955. IEEE (2019). https://doi.org/10.1109/ITSC.2019.8917326

  10. Haxthausen, A.E., Peleska, J.: Formal development and verification of a distributed railway control system. IEEE Trans. Softw. Eng. 26(8), 687–701 (2000)

    Article  Google Scholar 

  11. Herdt, V., Große, D., Drechsler, R.: Fast and accurate performance evaluation for RISC-V using virtual prototypes. In: 2020 Design, Automation & Test in Europe Conference & Exhibition, DATE 2020, Grenoble, France, 9–13 March 2020, pp. 618–621. IEEE (2020). https://doi.org/10.23919/DATE48585.2020.9116522

  12. Hierons, R.M.: Testing from a nondeterministic finite state machine using adaptive state counting. IEEE Trans. Comput. 53(10), 1330–1342 (2004). https://doi.org/10.1109/TC.2004.85. http://doi.ieeecomputersociety.org/10.1109/TC.2004.85

  13. Huang, W., Özoguz, S., Peleska, J.: Safety-complete test suites. Softw. Qual. J. 27(2), 589–613 (2019). https://doi.org/10.1007/s11219-018-9421-y

  14. Huang, W., Peleska, J.: Complete model-based equivalence class testing for nondeterministic systems. Formal Aspects Comput. 29(2), 335–364 (2017). https://doi.org/10.1007/s00165-016-0402-2

  15. Huang, W., Peleska, J.: Model-based testing strategies and their (in)dependence on syntactic model representations. STTT 20(4), 441–465 (2018). https://doi.org/10.1007/s10009-017-0479-9

  16. Hübner, F., Huang, W., Peleska, J.: Experimental evaluation of a novel equivalence class partition testing strategy. Softw. Syst. Model. 18(1), 423–443 (2019). https://doi.org/10.1007/s10270-017-0595-8, published online 2017

  17. Hungar, H.: Scenario-based validation of automated driving systems. In: Margaria, T., Steffen, B. (eds.) ISoLA 2018. LNCS, vol. 11246, pp. 449–460. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-03424-5_30

    Chapter  Google Scholar 

  18. Kuhn, D.R., Kacker, R.N., Lei, Y.: Introduction to Combinatorial Testing. CRC Press (2013)

    Google Scholar 

  19. Lardennois, R.: Safety: single coded processor architecture combined with ASIC provide a cost efficient and flexible solution to safety issues. IFAC Proc. Volumes 27(12), 971–976 (1994). http://www.sciencedirect.com/science/article/pii/S1474667017476002, iFAC Symposium on Transportation Systems: Theory and Application of Advanced Technology, Tianjin, PRC, 24–26 August. https://doi.org/10.1016/S1474-6670(17)47600-2

  20. Object Management Group: OMG Systems Modeling Language (OMG SysML), Version 1.6. Technical report, Object Management Group (2019). http://www.omg.org/spec/SysML/1.4

  21. Peleska, J.: Industrial-strength model-based testing - state of the art and current challenges. In: Petrenko, A.K., Schlingloff, H. (eds.) Proceedings Eighth Workshop on Model-Based Testing, Rome, Italy, 17th March 2013. Electronic Proceedings in Theoretical Computer Science, vol. 111, pp. 3–28. Open Publishing Association (2013). https://doi.org/10.4204/EPTCS.111.1

  22. Peleska, J.: Model-based avionic systems testing for the airbus family. In: 23rd IEEE European Test Symposium, ETS 2018, Bremen, Germany, 28 May–1 June 2018, pp. 1–10. IEEE (2018). https://doi.org/10.1109/ETS.2018.8400703

  23. Peleska, J., Brauer, J., Huang, W.: Model-based testing for avionic systems proven benefits and further challenges. In: Margaria, T., Steffen, B. (eds.) ISoLA 2018. LNCS, vol. 11247, pp. 82–103. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-03427-6_11

    Chapter  Google Scholar 

  24. Peleska, J., Huang, W., Cavalcanti, A.: Finite complete suites for CSP refinement testing. Sci. Comput. Program. 179, 1–23 (2019). https://doi.org/10.1016/j.scico.2019.04.004. http://www.sciencedirect.com/science/article/pii/S0167642319300620

  25. Peleska, J., Huang, W., Hübner, F.: A novel approach to HW/SW integration testing of route-based interlocking system controllers. In: Lecomte, T., Pinger, R., Romanovsky, A. (eds.) RSSRail 2016. LNCS, vol. 9707, pp. 32–49. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-33951-1_3

    Chapter  Google Scholar 

  26. Petrenko, A., Timo, O.N., Ramesh, S.: Test generation by constraint solving and FSM mutant killing. In: Wotawa, F., Nica, M., Kushik, N. (eds.) ICTSS 2016. LNCS, vol. 9976, pp. 36–51. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-47443-4_3

    Chapter  Google Scholar 

  27. Simão, A., Petrenko, A., Yevtushenko, N.: On reducing test length for FSMs with extra states. Softw. Test. Verification Reliab. 22(6), 435–454 (2012). https://doi.org/10.1002/stvr.452. https://onlinelibrary.wiley.com/doi/abs/10.1002/stvr.452

  28. Steffens, S., Siemens Mobility GmbH: Safety@COTS Multicore, Distributed Smart Safe System DS3. In: Innovationstag ETCS Stellwerk smartrail 4.0. pp. 35–47 (2018). https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&ved=2ahUKEwjTnZe9tfXqAhVOeMAKHWmuBn4QFjAAegQIARAB&url=https%3A%2F%2Fwww.smartrail40.ch%2Fservice%2Fdownload.asp%3Fmem%3D0%26path%3D%255Cdownload%255Cdownloads%255C2018%252011%252013%2520Innovationstag%2520ETCS%2520Stellwerk_smartrail%25204.0.pdf&usg=AOvVaw0UXmG4VZsVLc-HqG6e3ZOJ, presentation slides

  29. Vasilevskii, M.P.: Failure diagnosis of automata. Kibernetika (Transl.) 4, 98–108 (1973)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Mathematics and Computer Science, University of Bremen, Bremen, Germany

    Jan Peleska

Authors
  1. Jan Peleska
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jan Peleska .

Editor information

Editors and Affiliations

  1. University of Limerick and Lero, Limerick, Ireland

    Tiziana Margaria

  2. TU Dortmund, Dortmund, Germany

    Bernhard Steffen

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Peleska, J. (2020). New Distribution Paradigms for Railway Interlocking. In: Margaria, T., Steffen, B. (eds) Leveraging Applications of Formal Methods, Verification and Validation: Applications. ISoLA 2020. Lecture Notes in Computer Science(), vol 12478. Springer, Cham. https://doi.org/10.1007/978-3-030-61467-6_28

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-61467-6_28

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-61466-9

  • Online ISBN: 978-3-030-61467-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation