Skip to main content
SpringerLink
Log in
Book cover

International Conference on Software Engineering and Formal Methods

SEFM 2013: Software Engineering and Formal Methods pp 167–183Cite as

Twenty-Five Years of Formal Methods and Railways: What Next?

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 8368))

Abstract

Since more than 25 years, railway signalling is the subject of successful industrial application of formal methods in the development and verification of its computerized equipment.

However the evolution of the technology of railways signalling systems in this long term has had a strong influence on the way formal methods can be applied in their design and implementation. At the same time important advances had been also achieved in the formal methods area. The scope of the formal methods discipline has enlarged from the methodological provably correct software construction of the beginnings to the analysis and modelling of increasingly complex systems, always on the edge of the ever improving capacity of the analysis tools, thanks to the technological advances in formal verification of both qualitative and quantitative properties of such complex systems.

The thesis we will put forward in this paper is that the complexity of future railway systems of systems can be addressed with advantage only by a higher degree of distribution of functions on local interoperable computers - communicating by means of standard protocols - and by adopting a multi-level formal modelling suitable to support the verification at different abstraction levels, and at different life-cycle times, of the safe interaction among the distributed functions.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Abrial, J.R.: The B-Book. Cambridge University Press, New York (1996)

    Book  MATH  Google Scholar 

  2. Abril, M., Barber, F., Ingolotti, L., Salido, M.A., Tormos, P., Lova, A.: An assessment of railway capacity. Transp. Res. Part E-Logist. Transp. Rev. 44, 774–806 (2008)

    Article  Google Scholar 

  3. Angeletti, D., Giunchiglia, E., Narizzano, M., Puddu, A., Sabina, S.: Using bounded model checking for coverage analysis of safety-critical software in an industrial setting. J. Autom. Reason. 45, 397–414 (2010)

    Article  MathSciNet  Google Scholar 

  4. Bacherini, S., Fantechi, A., Tempestini, M., Zingoni, ò: A story about formal methods adoption by a railway signaling manufacturer. In: Misra, J., Nipkow, T., Sekerinski, E. (eds.) FM 2006. LNCS, pp. 179–189. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  5. Banci, M., Fantechi, A.: Instantiating generic charts for railway interlocking systems. In: Tenth International Workshop on Formal Methods for Industrial Critical Systems (FMICS 2005), Lisbon, 5–6, September 2005

    Google Scholar 

  6. Behm, P., Benoit, P., Faivre, A., Meynadier, J.-M.: Météor: a successful application of B in a large project. In: Wing, J.M., Woodcock, J. (eds.) FM 1999. LNCS, vol. 1708, pp. 369–387. Springer, Heidelberg (1999)

    Google Scholar 

  7. Bernardeschi, C., Fantechi, A., Gnesi, S., Larosa, S., Mongardi, G., Romano, D.: A formal verification environment for railway signaling system design. Formal Methods Syst. Des. 12(2), 139–161 (1998)

    Article  Google Scholar 

  8. Biere, A., Cimatti, A., Clarke, E., Zhu, Y.: Symbolic model checking without BDDs. In: Cleaveland, W.R. (ed.) TACAS 1999. LNCS, vol. 1579, pp. 193–207. Springer, Heidelberg (1999)

    Google Scholar 

  9. Bonacchi, A., Fantechi, A., Bacherini, S., Tempestini, M., Cipriani, L.: Validation of railway interlocking systems by formal verification, a case study. In: Counsell, S., Núñez, M. (eds.) SEFM 2013 Workshops. LNCS, vol. 8368, pp. XX–XY (2013)

    Google Scholar 

  10. Burdett, R., Kozan, E.: Techniques for absolute capacity determination in railways. Transp. Res. Part B: Methodol. 40, 616–632 (2006)

    Article  Google Scholar 

  11. Cavada, R., Cimatti, A., Mariotti, A., Mattarei, C., Micheli, A., Mover, S., Pensallorto, M., Roveri, M., Susi, A., Tonetta, S.: EuRailCheck: tool support for requirements validation. In: ASE 2009, Auckland, New Zealand, 16–20, November 2009

    Google Scholar 

  12. CBMC. http://www.cprover.org/cbmc/

  13. Cimatti, A., Corvino, R., Lazzaro, A., Narasamdya, I., Rizzo, T., Roveri, M., Sanseviero, A., Tchaltsev, A.: Formal verification and validation of ERTMS industrial railway train spacing system. In: Madhusudan, P., Seshia, S.A. (eds.) CAV 2012. LNCS, vol. 7358, pp. 378–393. Springer, Heidelberg (2012)

    Google Scholar 

  14. Clarke, E.M., Grumberg, O., Peled, D.A.: Model Checking. MIT Press, Cambridge (1999)

    Google Scholar 

  15. Cousot, P., Cousot, R.: Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints. In: Proceedings of 4th ACM SIGACT-SIGPLAN Symposium on Principles of Programming Languages, POPL ’77, pp. 238–252. ACM, New York (1977)

    Google Scholar 

  16. DaSilva, C., Dehbonei, B., Mejia, F.: Formal specification in the development of industrial applications: subway speed control system. In: Proceedings 5th IFIP Conference on Formal Description Techniques for Distributed Systems and Communication Protocols (FORTE’92), Perros-Guirec, North-Holland, pp. 199–213 (1993)

    Google Scholar 

  17. Deutsch, A.: Static verification of dynamic properties. Polyspace, White Paper (2004)

    Google Scholar 

  18. http://www.ertms.net

  19. Esposito, R., Lazzaro, A., Marmo, P., Sanseviero, A.: Formal verification of ERTMS Euroradio safety critical protocol. In: 4th Symposium on Formal Methods for Railway Operation and Control Systems (FORMS’03). L’Harmattan, Budapest, Hongrie (2003)

    Google Scholar 

  20. European Committee for Electrotechnical Standardization: EN50128, Railway Applications - Software for Railway Control and Protection Systems. CENELEC, Brussels (1997)

    Google Scholar 

  21. European Committee for Electrotechnical Standardization: EN50128, Railway Applications - Communication, Signalling and Processing Systems - Software for Railway Control and Protection Systems. CENELEC, Brussels (2011)

    Google Scholar 

  22. Fantechi, A.: Distributing the challenge of model checking interlocking control tables. In: Margaria, T., Steffen, B. (eds.) ISoLA 2012, Part II. LNCS, vol. 7610, pp. 276–289. Springer, Heidelberg (2012)

    Google Scholar 

  23. Fantechi, A., Fokkink, W., Morzenti, A.: Some trends in formal methods applications to railway signaling. In: Gnesi, S., Margaria, T. (eds.) Formal Methods for Industrial Critical Systems: A Survey of Applications. IEEE Computer Society Press, Los Alamitos, pp. 63–84 (2013)

    Google Scholar 

  24. Ferrari, A., Fantechi, A., Bacherini, S., Zingoni, N.: Modeling guidelines for code generation in the railway signaling context. In: Proceedings of 1st Nasa Formal Methods Symposium, pp. 166–170 (2009)

    Google Scholar 

  25. Ferrari, A., Fantechi, A., Gnesi, S., Magnani, G.: Model-based development and formal methods in the railway industry. IEEE Softw. 30(3), 28–34 (2013)

    Google Scholar 

  26. Ferrari, A., Grasso, D., Magnani, G., Fantechi, A., Tempestini, M.: The Metro Rio case study. Sci. Comput. Program. 78(7), 828–842 (2013)

    Article  Google Scholar 

  27. Ferrari, A., Magnani, G., Grasso, D., Fantechi, A.: Model checking interlocking control tables. In: Proceedings of the 8th FORMS/FORMAT Symposium, pp. 98–107 (2010)

    Google Scholar 

  28. Ferrari, A., Magnani, G., Grasso, D., Fantechi, A., Tempestini, M.: Adoption of model-based testing and abstract interpretation by a railway signalling manufacturer. IJERTCS 2(2), 42–61 (2011)

    Google Scholar 

  29. Groote, J.F., van Vlijmen, S., Koorn, J.: The safety guaranteeing system at station Hoorn-Kersenboogerd. In: Logic Group Preprint Series 121. Utrecht University (1995)

    Google Scholar 

  30. Harel, D.: Statecharts: a visual formalism for complex systems. Sci. Comput. Program. 8, 231–274 (1987)

    Article  MATH  MathSciNet  Google Scholar 

  31. Hase, K.R.: Open proof for railway safety software - a potential way-out of vendor lock-in advancing to standardization, transparency, and software security. In: Proceedings of the 8th FORMS/FORMAT Symposium, pp. 4–37 (2010)

    Google Scholar 

  32. Haxthausen, A.E., Peleska, J., Pinger, R.: Applied bounded model checking for interlocking system designs. In: Counsell, S., Núñez, M. (eds.) SEFM 2013 Workshops. LNCS, vol. 8368, pp. XX–YY (2013)

    Google Scholar 

  33. Haxthausen, A.E., Peleska, J.: Formal development and verification of a distributed railway control system. IEEE Trans. Softw. Eng. 26(8), 687–701 (2000)

    Article  Google Scholar 

  34. Iliasov, A., Romanovsky, A.: SafeCap domain language for reasoning about safety and capacity. Newcastle University, Computing Science, Technical Report Series, CS-TR-1352 (2012)

    Google Scholar 

  35. FP7 Project INESS - Deliverable D.1.5 Report on translation of requirements from text to UML (2009)

    Google Scholar 

  36. FP7 Project INESS - Deliverable D.4.1 Documented strategy for Verification and Validation, Report (2009)

    Google Scholar 

  37. Institute of Electrical and Electronics Engineers: IEEE Standard for Communications Based Train Control (CBTC) Performance and Functional Requirements. IEEE Std 1474.1-2004

    Google Scholar 

  38. Isobe, Y., Moller, F., Nguyen, H.N., Roggenbach, M.: Safety and line capacity in railways - an approach in timed CSP. In: Derrick, J., Gnesi, S., Latella, D., Treharne, H. (eds.) IFM 2012. LNCS, vol. 7321, pp. 54–68. Springer, Heidelberg (2012)

    Google Scholar 

  39. James, P., Lawrence, A., Moller, F., Roggenbach, M., Seisenberger, M., Setzer, A., Kanso, K., Chadwick, S.: Verification of solid state interlocking programs. In: Counsell, S., Núñez, M. (eds.) SEFM 2013 Workshops. LNCS, vol. 8368, pp. XX–YY (2013)

    Google Scholar 

  40. James, P., Moller, F., Nguyen, H.N., Roggenbach, M., Schneider, S., Treharne, H., Trumble, M., Williams, D.: Verification of Scheme Plans using CSP\(||\)B. In: Counsell, S., Núñez, M. (eds.) SEFM 2013 Workshops. LNCS, vol. 8368, pp. XX–YY (2013)

    Google Scholar 

  41. Jhala, R., Majumdar, R.: Software model checking. ACM Comput. Surv. 41(4), 21:1–21:54 (2009)

    Article  Google Scholar 

  42. Kontaxi, E., Ricci, S.: Railway capacity analysis; methodological framework and harmonization perspectives. In: Proceedings of the 12th World Conference on Transportation Research, Lisboa, July 2010

    Google Scholar 

  43. Mentre, D.: Evaluation model of ETCS using GNATprove, openETCS Technical Report June 2013

    Google Scholar 

  44. Pascoe, R.D., Eichorn, T.N.: What is Communication-Based Train Control? IEEE Vehicular Technology Magazine (2009)

    Google Scholar 

  45. Sauvage, S., Bouali, A.: Development approaches in software development. In: Proceedings of ERTS, Toulouse (2006)

    Google Scholar 

  46. Simulink. http://www.mathworks.com/products/simulink/

  47. UK Ministry of Defence: Def Stan 00–55: Requirements for Safety Related Software in Defence Equipment, August 1997

    Google Scholar 

  48. Winter, K., Johnston, W., Robinson, P., Strooper, P., van den Berg, L.: Tool support for checking railway interlocking designs. In: Proceedings of the 10th Australian workshop on Safety critical systems and software, pp. 101–107 (2006)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. DINFO - University of Florence, Via S. Marta 3, Firenze, Italy

    Alessandro Fantechi

Authors
  1. Alessandro Fantechi
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Alessandro Fantechi .

Editor information

Editors and Affiliations

  1. Brunel University, Uxbridge, Middlesex, United Kingdom

    Steve Counsell

  2. Universidad Complutense de Madrid, Madrid, Spain

    Manuel Núñez

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer International Publishing Switzerland

About this paper

Cite this paper

Fantechi, A. (2014). Twenty-Five Years of Formal Methods and Railways: What Next?. In: Counsell, S., Núñez, M. (eds) Software Engineering and Formal Methods. SEFM 2013. Lecture Notes in Computer Science(), vol 8368. Springer, Cham. https://doi.org/10.1007/978-3-319-05032-4_13

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-05032-4_13

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-05031-7

  • Online ISBN: 978-3-319-05032-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation