Formal Methods for Railway Disasters Prevention

  • Lilia BelabedEmail author
  • Tullio Joseph TanziEmail author
  • Sophie CoudertEmail author
Conference paper
Part of the IFIP Advances in Information and Communication Technology book series (IFIPAICT, volume 516)


Due to the increasing complexity of railway signalling systems, the design of those systems is more difficult and the demonstration of their safety can be extremely tedious. In this article, the verification and validation of railway signalling systems is investigated. We explain how railway signalling functions are designed, we show how they can be mathematically modelled using formal methods and we discuss some ways to use formal methods mechanisms to design, verify signalling systems and to prove the validity of their safety properties.


Railway signalling systems Formal methods Safety verification 


  1. 1.
    Standard NF EN 50128 Railway applications. Communication, signalling and processing systems. Software for railway control and protection systemsGoogle Scholar
  2. 2.
    Standard IEC 61508 Functional Safety of Electrical/Electronic/Programmable Electronic Safety-related Systems (E/E/PE, or E/E/PES)Google Scholar
  3. 3.
    Roger Rétiveau. La signalisation fériovaire. Département Edition de l’Association des Ingénieurs Anciens Elèves de l’Ecole Nationale des Ponts et Chaussées.© 1987 ISBN 2-85978-102-1Google Scholar
  4. 4.
    Standard NF EN 50126 Railway Applications Specification and Demonstration of Reliability, Availability, Maintainability and Safety (RAMS)Google Scholar
  5. 5.
    Haxthausen, A.E., Nguyen, H.N., Roggenbach, M.: Comparing formal verification approaches of interlocking systems. In: Lecomte, T., Pinger, R., Romanovsky, A. (eds.) RSSRail 2016. LNCS, vol. 9707, pp. 160–177. Springer, Cham (2016). Scholar
  6. 6.
    Coudert, S., Tanzi, T.J.: Formal methods for safe design of autonomous systems dedicated to risk management. In: Murayama, Y., Velev, D., Zlateva, P., Gonzalez, Jose J. (eds.) ITDRR 2016. IAICT, vol. 501, pp. 61–76. Springer, Cham (2017). Scholar
  7. 7.
    Krivine, J.L., Kreisel, G.: Elements of Mathematical Logic (Model Theory). North Holland, Amsterdam (1967)zbMATHGoogle Scholar
  8. 8.
    Sommerville, I.: Software Engineering, 9th edn. Pearson, London (2011). Chapter 27. Formal methodszbMATHGoogle Scholar
  9. 9.
    Abrial, J.-R.: Modeling in Event-B: System and Software Engineering, 1st edn. Cambridge University Press, New York (2010)CrossRefGoogle Scholar
  10. 10.
    Clarke, E.M., Grumberg, O., Peled, D.A.: Model Checking. MIT Press, Cambridge (2001)CrossRefGoogle Scholar
  11. 11.
    Liu, J., Liu, J.: A formal framework for hybrid event b. Electron. Notes Theor. Comput. Sci. 309, 3–12 (2014)CrossRefGoogle Scholar
  12. 12.
    Platzer, A.: A complete axiomatization of quantified differential dynamic logic for distributed hybrid systems. Log. Methods Comput. Sci. 8(4), 1–44 (2012). Special issue for selected papers from CSL 2010MathSciNetzbMATHGoogle Scholar
  13. 13.
    Clarke, E.M., Gao, S.: Model checking hybrid systems. In: Margaria, T., Steffen, B. (eds.) ISoLA 2014. LNCS, vol. 8803, pp. 385–386. Springer, Heidelberg (2014). Scholar
  14. 14.
  15. 15.
    Fürst, A.: Formal development of a train control system using event-B. Theses, ETH Zurich (2015)Google Scholar
  16. 16.
    Busard, S., Cappart, Q., Limbrée, C., Pecheur, C., Schaus, P.: Verification of railway interlocking systems. In: ESSS 2015, Oslo, Norway, 22 June 2015, pp. 19–31 (2015)Google Scholar
  17. 17.
    Vu, L., Haxthausen, A.E., Peleska, J.: Formal modelling and verification of interlocking systems featuring sequential release. Sci. Comput. Program. 133, 91–115 (2017)CrossRefGoogle Scholar
  18. 18.
    Haxthausen, A.E., Østergaard, P.H.: On the use of static checking in the verification of interlocking systems. In: Margaria, T., Steffen, B. (eds.) ISoLA 2016. LNCS, vol. 9953, pp. 266–278. Springer, Cham (2016). Scholar
  19. 19.
    Benerecetti, M., et al.: Dynamic state machines for modelling railway control systems. Sci. Comput. Program. 133(2), 116–153 (2017). FTSCS 2014CrossRefGoogle Scholar
  20. 20.
    Fehnker, A., Clarke, E.M., Jha, S.K., Krogh, B.H.: Refining abstractions of hybrid systems using counterexample fragments. In: Proceedings of 8th International Workshop in Hybrid Systems: Computation and Control, HSCC 2005, Zurich, Switzerland, 9–11 March 2005, pp. 242–257 (2005)Google Scholar
  21. 21.

Copyright information

© IFIP International Federation for Information Processing 2019

Authors and Affiliations

  1. 1.Institut Mines-TelecomParisFrance
  2. 2.ENGIE-INEO UTSMontreuilFrance

Personalised recommendations