Automated generation of formal safety conditions from railway interlocking tables

FMRCS

Abstract

This paper describes a tool for extracting formal safety conditions from interlocking tables for railway interlocking systems. The tool has been applied to generate safety conditions for the interlocking system at Stenstrup station in Denmark, and the SAL model checker tool has been used to check that these conditions were satisfied by a model of the relay circuits implementing the interlocking system at Stenstrup station.

Keywords

Railways Interlocking systems Formal methods  Safety Verification Model checking Interlocking tables Signal control tables 

References

  1. 1.
    Aanæs, M., Thai, H.P.: Modelling and verification of relay interlocking systems. Technical Report IMM-MSC-2012-14, DTU Informatics. Master thesis supervised by Anne Haxthausen, ah@imm.dtu.dk, Technical University of Denmark (2012)Google Scholar
  2. 2.
    Banci, M., Fantechi, A., Gnesi, S.: Some experiences on formal specification of railway interlocking systems using Statecharts (2005)Google Scholar
  3. 3.
    Bjørner, D.: New results and current trends in formal techniques for the development of software for transportation systems. In: Tanai, G., Schnieder, E. (eds.) Proceedings of the Symposium on Formal Methods for Railway Operation and Control Systems (FORMS’2003), Budapest/Hungary. L’Harmattan Hongrie, 15–16 May 2003, pp. 3–22Google Scholar
  4. 4.
    Bliguet, M.L., Kjær, A.A.: Modelling interlocking systems for railway stations. Technical Report IMM-M.Sc.-2008-68, DTU Informatics. Master thesis supervised by Anne Haxthausen, ah@imm.dtu.dk, Technical University of Denmark (2008)Google Scholar
  5. 5.
    Cao, Y., Xu, T., Tang, T., Wang, H., Zhao, L.: Automatic generation and verification of interlocking tables based on domain specific language for computer based interlocking systems (DSL-CBI). In: Proceedings of the IEEE International Conference on Computer Science and Automation Engineering (CSAE 2011), pp. 511–515. IEEE (2011)Google Scholar
  6. 6.
    Clarke, E.M., Grumberg, O., Peled, D.A.: Model checking. The MIT Press, Cambridge (1999)Google Scholar
  7. 7.
    de Moura, L., Owre, S., Shankar, N.: The SAL language manual. Technical Report SRI-CSL-01-02, SRI International, 2003. Available from http://sal.csl.sri.com
  8. 8.
    Eriksson, L.-H.: Using formal methods in a retrospective safety case. In: Computer safety, reliability, and security—23rd International Conference, SAFECOMP 2004, volume 3219 of Lecture Notes in Computer Science. Springer, Berlin, Heidelberg (2004)Google Scholar
  9. 9.
    European Committee for Electrotechnical Standardization: EN 50128:2011—Railway applications—communications, signalling and processing systems—software for railway control and protection systems. CENELEC, Brussels (2011)Google Scholar
  10. 10.
    Fantechi, A.: The role of formal methods in software development for railway applications. In: Railway safety, reliability and security: technologies and system engineering, pp. 282–297. IGI Global, USA (2012)Google Scholar
  11. 11.
    Ferrari, A., Magnani, G., Grasso, D., Fantechi, A.: Model checking interlocking control tables. In: Schnieder, E., Tarnai G. (eds.) Proceedings of formal methods for automation and safety in railway and automotive systems (FORMS/FORMAT 2010). Springer, Berlin, Heidelberg (2011)Google Scholar
  12. 12.
    Haxthausen, A.E.: Towards a framework for modelling and verification of relay interlocking systems. In: 16th Monterey Workshop: modelling, development and verification of adaptive systems: the grand challenge for robust software, number 6662 in Lecture Notes in Computer Science. Springer, Berlin, Heidelberg (2011) (Invited paper)Google Scholar
  13. 13.
    Haxthausen, A.E., Bliguet, M.L., Kjær, A.A.: Modelling and verification of relay interlocking systems. In: Choppy, C., Sokolsky, O. (eds.) 15th Monterey Workshop: foundations of computer software, pp. 141–153. Future trends and techniques for development, number 6028 in Lecture Notes in Computer Science. Springer, Berlin, Heidelberg (2010) (Invited paper)Google Scholar
  14. 14.
    Haxthausen, A.E., Kjær, A.A., Bliguet, M.L.: Formal development of a tool for automated modelling and verification of relay interlocking systems. In: 17th International Symposium on Formal Methods (FM 2011), number 6664 in Lecture Notes in Computer Science, pp. 118–132. Springer, Berlin, Heidelberg (2011)Google Scholar
  15. 15.
    Haxthausen, A.E., Peleska, J., Kinder, S.: A formal approach for the construction and verification of railway control systems. Formal aspects of computing, 23(2):191–219, (2011). The article is also available electronically on SpringerLink: http://www.springerlink.com/openhbreakurls.asp?genre=article&id=doi:10.1007/s00165-009-0143-6
  16. 16.
    Manna, Z., Pnueli, A.: The temporal logic of reactive and concurrent systems. Springer, New York (1992)CrossRefGoogle Scholar
  17. 17.
    Mirabadi, A., Yazdi, M.B.: Automatic generation and verification of railway interlocking control tables using FSM and NuSMV. Transp. Probl. 4, 103–110 (2009) Google Scholar
  18. 18.
    Moller, F., Nguyen, H.N., Roggenbach, M., Schneider, S., Treharne, H.: Defining and model checking abstractions of complex railway models using CSP\(\parallel \)B. In: Hardware and Software: Verification and Testing, 8th International Haifa Verification Conference, number 7857 in Lecture Notes in Computer Science. Springer, Berlin, Heidelberg (2013)Google Scholar
  19. 19.
    Schnieder, E., Tarnai, G. (eds.): Proceedings of formal methods for automation and safety in railway and automotive systems (FORMS/FORMAT 2010). Springer, Berlin, Heidelberg (2011)Google Scholar
  20. 20.
    Symbolic Analysis Laboratory, SAL, home page: http://sal.csl.sri.com (2001)
  21. 21.
    The RAISE Language Group: The RAISE specification language. The BCS Practitioners Series. Prentice Hall Int., UK (1992)Google Scholar
  22. 22.
    The RAISE Method Group: The RAISE development method. The BCS Practitioners Series. Prentice Hall Int., UK (1995)Google Scholar
  23. 23.
    Winter, K.: Optimising ordering strategies for symbolic model checking of railway interlockings. In: 5th International Symposium On Leveraging Applications of Formal Methods, Verification and Validation (ISOLA’2012), Part II, number 7610 in Lecture Notes in Computer Science, pp. 246–260. Springer, Berlin, Heidelberg (2012)Google Scholar
  24. 24.
    Winter, K.: Symbolic model checking for interlocking systems. In: Railway safety, reliability and security: technologies and system engineering, pp. 298–315. IGI Global, USA (2012)Google Scholar
  25. 25.
    Winter, K., Johnston, W., Robinson, P., Strooper, P., van den Berg, L.: Tool support for checking railway interlocking designs. In: Proceedings of the 10th Australian workshop on Safety Critical Systems and Software, vol. 55, SCS ’05, pp. 101–107. Australian Computer Society Inc., Darlinghurst (2006)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  1. 1.DTU Compute, Technical University of DenmarkLyngbyDenmark

Personalised recommendations