Building Models We Can Rely On: Requirements Traceability for Model-Based Verification Techniques
Proving the safety of a critical system is a complex and complicated task. Model-based formal verification techniques can help to verify a System Requirement Specification (SRS) with respect to normative and safety requirements. Due to an early application of these methods, it is possible to reduce the risk of high costs caused by unexpected, late system adjustments. Nevertheless, they are still rarely used. One reason among others is the lack of an applicable integration method in an existing development process.
In this paper, we propose a process to integrate formal model-based verification techniques into the development life-cycle of a safety critical system. The core idea is to systematically refine informal specifications by (1) categorization, (2) structural refinement, (3) expected behavioral refinement, and finally, (4) operational semantics. To support modeling, traceability is upheld through all refinement steps and a number of consistency checks are introduced.
The proposed process has been jointly developed with the German Railroad Authority (EBA) and an accredited safety assessor. We implemented an Eclipse-based IDE with connections to requirement and systems engineering tools as well as various verification engines. The applicability of our approach is demonstrated via an industrial-sized case study in the context of the European Train Control System with ETCS Level 1 Full Supervision.
KeywordsTraceability Verification Practical experiences
The work presented in this paper is funded by the German Ministry of Education and Science (BMBF) in the VIP-MoBaSA project (project-Nr. 16V0360).
- 1.Aceituna, D., Do, H.: Exposing the susceptibility of off-nominal behaviors in reactive system requirements. In: RE, pp. 136–145 (2015). doi: 10.1109/RE.2015.7320416
- 2.Aceituna, D., Do, H., Srinivasan, S.: A systematic approach to transforming system requirements into model checking specifications. In: ICSE, pp. 165–174 (2014). doi: 10.1145/2591062.2591183
- 3.Ammann, P.E., Black, P.E., Majurski, W.: Using model checking to generate tests from specifications. In: Proceedings of the Second International Conference on Formal Engineering Methods, pp. 46–54. IEEE (1998). doi: 10.1007/3-540-48166-4_10
- 6.Bozzano, M., Cimatti, A., Katoen, J.P., Nguyen, V.Y., Noll, T., Roveri, M.: The COMPASS approach: correctness, modelling and performability of aerospace systems. In: Buth, B., Rabe, G., Seyfarth, T. (eds.) SAFECOMP 2009. LNCS, vol. 5775, pp. 173–186. Springer, Heidelberg (2009). doi: 10.1007/978-3-642-04468-7_15 CrossRefGoogle Scholar
- 9.EN 50128: Railway applications-communication, signaling and processing systems-software for railway control and protection systems (2011)Google Scholar
- 10.Filax, M., Gonschorek, T., Lipaczewski, M., Ortmeier, F.: On traceability of informal specifications for model-based verification. In: IMBSA: Short & Tutorial Proceedings, pp. 11–18. OvGU Magdeburg (2014)Google Scholar
- 12.Ge, X., Paige, R.F., McDermid, J.A.: Analysing system failure behaviours with PRISM. In: SSIRI-C, pp. 130–136 (2010). doi: 10.1109/SSIRI-C.2010.32
- 15.IEC 61508: Functional safety of electrical/electronic/programmable electronic safety-related systems (2005)Google Scholar
- 16.ISO 26262: Road Vehicles-Functional Safety (2009)Google Scholar
- 17.OMG UML: Unified modeling language, superstructure (2011)Google Scholar
- 20.Withall, S.: Software Requirement Patterns (Developer Best Practices). Microsoft Press (2007). ISBN: 9780735623989Google Scholar