Michele Banci
ABSTRACT
The development of computer controlled Railway Interlocking Systems has seen an increasing interest in the use of Formal Methods, due to their ability to precisely specify the logical rules that guarantee the safe establishment of routes for trains through a railway yard. Recently, a trend has emerged about the use of statecharts as a standard formalism to produce precise specifications of these systems.A problem that arises in the practical application of such formalization is that each produced interlocking system is dependent on the physical layout of the controlled yard. This has strong effects on development costs and especially on validation, which has to be repeated for each product. Validating formalized interlocking principles first, and then instantiating them to a specification which is tailored to the considered layout is a solution that we investigate in this paper.
- M. Banci and A. Fantechi. The role of format methods in developing a distributed railway interlocking system. In E. Schnieder and G. Tarnai, editors, Proc. of the 5th Symposium on Formal Methods for Automation and Safety in Railway and Automotive Systems (FORMS/FORMAT 2004), pages 220--230. Technical University of Braunschweig, Institute for Traffic Safety and Automation Engineering, November 2004.]]Google Scholar
- M. Banci and A. Fantechi. Geographical versus functional modelling by statecharts of interlocking systems. Electr. Notes Theor. Comput. Sci., 133:3--19, 2005.]] Google ScholarDigital Library
- J. Berger, P. Middelraad, and A. J. Smith. Euris, the european railway interlocking specification. In IRSE Proceedings 1992/93, page 70-82. UIC, Commission 7A/16, 1992, 1993.]]Google Scholar
- C. Bernardeschi, A. Fantechi, S. Gnesi, S. Larosa, G. Mongardi, and D. Romano. A formal verification environment for railway signaling system design. Formal Methods in System Design, 12(2):139--161, 1998.]] Google ScholarDigital Library
- P. L. Bouar. Interlocking sncf functional requirements description. Paris, 28 May 2003. Eurointerlocking Project.]]Google Scholar
- A. Cimatti, F. Giunchiglia, G. Mongardi, D. Romano, F. Torielli, and P. Traverso. Formal verification of a railway interlocking system using model checking. Formal Aspects of Computing, 10:361--380, 1998.]]Google ScholarCross Ref
- P. E. Debarbieri, F. Valdambrini, and E. Antonelli. A.C.E.I. Telecomandati per linee a semplice binario, schemi I0/19, volume 12. CIFI, 1997. Collana di testi per la preparazione agli esami di abilitazione.]]Google Scholar
- L. H. Eriksson, G. Finnie, I. Herrtua, and N. Koenig. Formal methods strategy study report, report of a study carried out on behalf of the international union of railways (uic). Technical report, project EURO-INTERLOCKING, Zurich, 2000.]]Google Scholar
- European Committee for Electrotechnical Standardization. EN 50128, Railway applications Communications, signaling and processing systems Software for railway control and protection systems, 2001.]]Google Scholar
- U. Foschi, M. Giuliani, A. Morzenti, M. Pradella, and P. S. Pietro. The role of formal methods in software procurement for the railway transportation industry. In Symposium on Formal Methods for Railway Operation and Control Systems (FORMS 2003), Budapest, Hungary, 15-16 May 2003.]]Google Scholar
- B. Fringuelli, E. Lamma, P. Mello, and G. Santocchia. Knowledge-based technology for controlling railway stations. IEEE Intelligent Systems, 7(6):45--52, December 1992.]] Google ScholarDigital Library
- G. Hamon and J. Rushby. An operational semantics for stateflow. In FASE '04, volume LNCS 2984, pages 229--243, Barcelona, Spain, March 2004.]]Google ScholarCross Ref
- D. Harel, A. Pnueli, J. Schmidt, and R. Sherman. On the formal semantics of statecharts. In Proc. 2nd IEEE LICS Symposium, pages 54--64, Ithaca, NY, 1987.]]Google Scholar
- D. Harel and M. Politi. Modelling Reactive Systems with Statecharts: The STATEMATE Approach. McGraw-Hill, 1998. Early version titled: The Languages of STATEMATE, I-Logix, Inc., Andover, MA, 1991.]] Google ScholarDigital Library
- A. E. Haxthausen and J. Peleska. Generation of executable railway control components from domain-specific descriptions. In FORMS 2003, pages 83--90, Budapest/Hungary, May 15-16 2003. Tarnai, E. Schnieder (eds).]]Google Scholar
- I-Logix Inc, Burlington, MA USA. Statemate Magnum Simulation Reference Manual, 2003.]]Google Scholar
- N. H. Koenig and S. Einer. The euro-interlocking formalized functional requirements approach (eiffra). Symposium on Formal Methods for Railway Operation and Control Systems (FORMS 2003), 15-16 May 2003.]]Google Scholar
- M. J. Morley. Safety in railway signalling data: A behavioural analysis. In proceedings of the 6th annual Workshop on Higher Order Logic Theorem Proving and its Applications, volume LNCS 740, Vancouver, 4-6 August 1993. Springer-Verlag.]] Google ScholarDigital Library
- Object Management Group, http://www.omg.org/technology/documents/formal/uml.htm. Unified Modelling Language Specification, Version 1.5, 1999.]]Google Scholar
- Object Management Group, http://www.omg.org/docs/formal/02-01-01.pdf. XML Metadata Interchange (XMI) Specification. Version 1.2, January 2002.]]Google Scholar
- F. J. van Dijk, W. J. Fokkink, G. P. Kolk, P. H. J. van de Ven, and S. F. M. van Vlijmen. Euris, a specification method for distributed interlockings. In Lecture Notes in Computer Science, volume 1516, pages 296--305, Heidelberg, October 1998. Springer. 17th Conference on Computer Safety, Reliability and Security - SAFECOMP'98.]] Google ScholarDigital Library
Index Terms
- Instantiating generic charts for railway interlocking systems
Recommendations
Geographical Versus Functional Modelling by Statecharts of Interlocking Systems
The development of computer controlled Railway Interlocking Systems (RIS) has seen an increasing interest in the use of Formal Methods, due to their ability to precisely specify the logical rules that guarantee the safe establishment of routes for ...
A calculus of hazard for railway signalling
WIFT '95: Proceedings of the 1st Workshop on Industrial-Strength Formal Specification TechniquesInterlockings-systems which control railway signals-are modeled as situated automata holding in memory an image of their trackside environment. Interlocking functionality is generic, but each interlocking consults a geographic database which specifies ...
Applying SOFL to a Railway Interlocking System in Industry
6th International Workshop on Structured Object-Oriented Formal Language and Method - Volume 10189This paper describes another application of the SOFL three-step specification approach in specifying a railway interlocking system in industrial setting. We also explore the way of deriving hazard conditions from formal specifications, and propose a way ...
Comments