Skip to main content
SpringerLink
Log in

Behavior modeling and verification of movement authority scenario of Chinese Train Control System using AADL

基于AADL的中国高速铁路控制系统中的移动授权场景建模与验证

  • Research Paper
  • Published:
Science China Information Sciences Aims and scope Submit manuscript

Abstract

Train control systems like most digital controllers are, by definition, hybrid systems as they interact with or try to control some aspects of the physical world. Detailed behavior modeling with constraints specification and formal verification, required for reliability prediction, is a great challenge for hybrid system designers. Train control systems further intensify this challenge with extensive interaction between computing units and their physical environment and their mutual dependence on each other. In this paper, we investigate behavior modeling and formal verification of Chinese Train Control System Level 3 (CTCS-3) using Architectural Analysis & Design Language (AADL) to cope with this challenge. AADL is an architecture description language for embedded systems and is based on model-based engineering paradigm. Along with structural modeling of embedded systems using the core language constructs, AADL also provides support for language extension through annex sublanguages. In system requirements specification document, the behavior of the CTCS-3 is specified as a set of basic operation scenarios that cooperate with each other to achieve safe and secure functionality of trains. Movement Authority (MA) scenario, explored in this paper, is considered as a basic and most crucial scenario to prevent trains from colliding with each other. The detailed discrete behavior of control system is modeled and verified using the Behavior Language for Embedded Systems with Software (BLESS) annex sublanguage of AADL, and the continuous behavior of train with the cyber–physical interaction (communication between train and control system) is modeled using the Hybrid annex sublanguage. The behavior of the MA scenario at system level is verified using the Hybrid Hoare Logic theorem prover. Behavior constraints are specified as assertions using first-order logic formulas augmented with a simple temporal operator.

摘要

创新点

列控系统像大多数数字控制系统一样, 需要和物理部件交互或者控制它们行为, 因而是混成系统。对混成系统行为建模与验证, 从而使得混成系统行为可靠并可以预测, 是混成系统设计的一个挑战。列控系统中, 计算单元和物理环境相互依赖, 交替影响, 是复杂混成系统, 这增加建模与验证的难度。本文考虑如何使用AADL对中国高速铁路3级控制系统( CTCS-3) 建模与验证。AADL是基于模型的嵌入式系统体系结构描述语言, 它提供了结构化建模机制, 同时通过附件子语言支持对语言本身的扩充。在CTCS-3的系统级别规范文档中, CTCS-3包含14个基本场景, 在任意时刻, 列车由CTCS-3中的某些基本场景相互作用, 共同控制列车的功能与安全。本文考虑的移动授权场景是其中最重要的基本场景, 它能够保证列车间不会发生碰撞。我们使用AADL的BLESS附件描述和验证移动授权场景中的离散行为, 使用混成附件描述和验证其中的连续行为, 使用混成Hoare逻辑及其定理证明器验证该场景整体性质。

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Zhang S. CTCS-3 Technology Specification. Beijing: China Railway Publishing House, 2000

    Google Scholar 

  2. SAE International. Architecture Analysis & Design Language (AADL). SAE AS5506 Rev B, 2012

  3. Larson R B, Chalin P, Hatcliff J. BLESS: formal specification and verification of behaviors for embedded systems with software. In: Proceedings of 5th International Symposium on NASA Formal Methods, Moffett Field, 2013. 276–290

    Chapter  Google Scholar 

  4. Ahmad E, Larson R B, Barrett C S, et al. Hybrid annex: an AADL extention for continuous behavior and cyberphysical interaction modeling. In: Proceedings of ACM SIGAda Annual Conference on High Integrity Language Technology, Portland, 2014. 29–38

    Google Scholar 

  5. He J. From CSP to hybrid systems. In: Roscoe W, ed. A Classical Mind Hertfordshire: Prentice Hall, 1994. 171–189

    Google Scholar 

  6. Zhou C, Wang J, Ravn P A. A formal description of hybrid systems. In: Alur R, Henzinger T A, Sontag E D, eds. Hybrid Systems III. Berlin/Heidelberg: Springer, 1996. 511–530

    Google Scholar 

  7. Zhan N, Wang S, Zhao H. Formal modelling, analysis and verification of hybrid systems. In: Proceedings of ICTAC Training School on Software Engineering, Shanghai, 2013. 207–281

    Google Scholar 

  8. Feiler P, Jorgen H, Niz D, et al. System architecture virtual integration: an industrial case study. Technical Report CMU/SEI-2009-TR-017, 2009

    Google Scholar 

  9. Larson R B. BLESS language reference manual. http://www.santoslab.org/pub/bless/docs/BLESS_Language_Reference_Manual.pdf

  10. Ahmad E, Dong Y, Wang S, et al. Adding formal meanings to AADL with hybrid annex. In: Proceedings of 11th International Symposium on Formal Aspects of Component Software, Bertinoro, 2014. 228–247

    Google Scholar 

  11. Liu J, Lv J, Quan Z, et al. A calculus for hybrid CSP. In: Proceedings of 8th Asian Symposium on Programming Languages and Systems, Shanghai, 2010. 1–15

    Chapter  Google Scholar 

  12. Zou L, Lv J, Wang S, et al. Verifying chinese train control system under a combined scenario by theorem proving. In: Proceedings of 5th International Conference on Verified Software: Theories, Tools and Experiments, Menlo Park, 2013. 262–280

    Google Scholar 

  13. Zou L, Zhan N, Wang S, et al. Verifying simulink diagrams via a hybrid hoare logic prover. In: Proceedings of 11th ACM International Conference on Embedded Software, Montreal, 2013. 1–13

    Google Scholar 

  14. Guo D, Lv J, Wang S, et al. Formal analysis and verification of chinese train control system (in Chinese). Sci Sin Inform, 2015, 45: 417–438

    Article  Google Scholar 

  15. Platzer A, David Q. European train control system: a case study in formal verification. In: Proceedings of 11th Internatinal Conference on Formal Engineering Methods, Rio de Janerio, 2009. 246–265

    Google Scholar 

  16. Wang H, Schmid F, Chen L, et al. A topology-based model for railway train control systems. IEEE Trans Intell Transp Syst, 2013, 14: 819–827

    Article  Google Scholar 

  17. Wang H, Tang T. On integrating component into safety critical system. In: Proceedings of International Conference on Information Engineering and Computer Science, Wuhan, 2009. 1–4

    Google Scholar 

  18. Liu J, Liu Z, He J, et al. Hybrid MARTE statecharts. Front Comput Sci, 2013, 7: 95–108

    Article  MathSciNet  Google Scholar 

  19. Bu L, Wang Q, Chen, X, et al. Toward online hybrid systems model checking of cyber-physical systems’ time-bounded short-run behavior. ACM SIGBED Rev, 2011, 8: 7–10

    Article  Google Scholar 

  20. Zhang L, Xu B. Specification of communication based train control system using AADL. In: Proceedings of 4th International Conference on Mobile, Ubiquitous, and Intelligent Computing, Gwangju, 2013. 63–68

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Computer Science, Northwestern Polytechnical University, Xi’an, 710072, China

    Ehsan Ahmad & YunWei Dong

  2. State Key Laboratory of Computer Science, Institute of Software, Chinese Academy of Sciences, Beijing, 100190, China

    Ehsan Ahmad & NaiJun Zhan

  3. Computing and Information Systems, Kansas State University, Manhattan, KS, 66506, USA

    Brian Larson

  4. State Key Laboratory of Rail Traffic Control and Safety, Beijing Jiaotong University, Beijing, 100044, China

    JiDong Lü & Tao Tang

Authors
  1. Ehsan Ahmad
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. YunWei Dong
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Brian Larson
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. JiDong Lü
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Tao Tang
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. NaiJun Zhan
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to NaiJun Zhan.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Ahmad, E., Dong, Y., Larson, B. et al. Behavior modeling and verification of movement authority scenario of Chinese Train Control System using AADL. Sci. China Inf. Sci. 58, 1–20 (2015). https://doi.org/10.1007/s11432-015-5346-2

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11432-015-5346-2

Keywords

关键词

Search

Navigation