Advertisement

Deductive Verification of Railway Operations

  • Eduard KamburjanEmail author
  • Reiner Hähnle
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10598)

Abstract

We use deductive verification to show safety properties for the railway operations of Deutsche Bahn. We formalize and verify safety properties for a precise, comprehensive model of operational procedures as specified in the rule books, independently of the shape and size of the actual network layout and the number or schedule of trains. We decompose a global safety property into local properties as well as compositionality and well-formedness assumptions. Then we map local state-based safety properties into history-based properties that can be proven with a high degree of automation using deductive verification. We illustrate our methodology with the proof that for any well-formed infrastructure operating according to the regulations of Deutsche Bahn the following safety property holds: whenever a train leaves a station, the next section is free and no other train on the same line runs in the opposite direction.

Notes

Acknowledgments

We thank the anonymous reviewers for their constructive and valuable feedback. This work is supported by FormbaR, “Formalisierung von betrieblichen und anderen Regelwerken”, part of AG Signalling/DB RailLab in the Innovation Alliance of Deutsche Bahn AG and TU Darmstadt.

References

  1. 1.
    Beckert, B., Hähnle, R.: Reasoning and verification. IEEE Intell. Syst. 29(1), 20–29 (2014)CrossRefGoogle Scholar
  2. 2.
    Cappart, Q., Limbrée, C., Schaus, P., Legay, A.: Verification by discrete simulation of interlocking systems. In: 29th Annual European Simulation and Modelling Conference ESM, pp. 402–409 (2015)Google Scholar
  3. 3.
    Cimatti, A., Dorigatti, M., Tonetta, S.: OCRA: a tool for checking the refinement of temporal contracts. In: 28th IEEE/ACM International Conference on Automated Software Engineering (ASE), pp. 702–705 (2013)Google Scholar
  4. 4.
    DB Netz AG, Frankfurt, Germany: Richtlinie 408, Fahrdienstvorschrift (2017)Google Scholar
  5. 5.
    DB Netz AG, Frankfurt, Germany: Richtlinie 819, LST-Anlagen planen (2017)Google Scholar
  6. 6.
    Din, C.C., Bubel, R., Hähnle, R.: KeY-ABS: a deductive verification tool for the concurrent modelling language ABS. In: Felty, A.P., Middeldorp, A. (eds.) CADE 2015. LNCS, vol. 9195, pp. 517–526. Springer, Cham (2015). doi: 10.1007/978-3-319-21401-6_35 CrossRefGoogle Scholar
  7. 7.
    Din, C.C., Owe, O.: Compositional reasoning about active objects with shared futures. Formal Aspects Comput. 27(3), 551–572 (2015)CrossRefzbMATHMathSciNetGoogle Scholar
  8. 8.
    Fantechi, A., Flammini, F., Gnesi, S.: Formal methods for railway control systems. STTT 16(6), 643–646 (2014)CrossRefGoogle Scholar
  9. 9.
    Flores-Montoya, A.E., Albert, E., Genaim, S.: May-Happen-in-Parallel based deadlock analysis for concurrent objects. In: Beyer, D., Boreale, M. (eds.) FMOODS/FORTE -2013. LNCS, vol. 7892, pp. 273–288. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-38592-6_19 CrossRefGoogle Scholar
  10. 10.
    Hähnle, R.: The abstract behavioral specification language: a tutorial introduction. In: Giachino, E., Hähnle, R., de Boer, F.S., Bonsangue, M.M. (eds.) FMCO 2012. LNCS, vol. 7866, pp. 1–37. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-40615-7_1 CrossRefGoogle Scholar
  11. 11.
    Honda, K., Yoshida, N., Carbone, M.: Multiparty asynchronous session types. SIGPLAN Not. 43(1), 273–284 (2008)CrossRefzbMATHGoogle Scholar
  12. 12.
    Johnsen, E.B., Hähnle, R., Schäfer, J., Schlatte, R., Steffen, M.: ABS: a core language for abstract behavioral specification. In: Aichernig, B.K., de Boer, F.S., Bonsangue, M.M. (eds.) FMCO 2010. LNCS, vol. 6957, pp. 142–164. Springer, Heidelberg (2011). doi: 10.1007/978-3-642-25271-6_8 CrossRefGoogle Scholar
  13. 13.
    Kamburjan, E., Din, C.C., Chen, T.-C.: Session-based compositional analysis for actor-based languages using futures. In: Ogata, K., Lawford, M., Liu, S. (eds.) ICFEM 2016. LNCS, vol. 10009, pp. 296–312. Springer, Cham (2016). doi: 10.1007/978-3-319-47846-3_19 CrossRefGoogle Scholar
  14. 14.
    Kamburjan, E., Hähnle, R.: Uniform modeling of railway operations. In: Artho, C., Ölveczky, P.C. (eds.) FTSCS 2016. CCIS, vol. 694, pp. 55–71. Springer, Cham (2017). doi: 10.1007/978-3-319-53946-1_4 CrossRefGoogle Scholar
  15. 15.
    Limbrée, C., Cappart, Q., Pecheur, C., Tonetta, S.: Verification of railway interlocking - compositional approach with OCRA. In: Lecomte, T., Pinger, R., Romanovsky, A. (eds.) RSSRail 2016. LNCS, vol. 9707, pp. 134–149. Springer, Cham (2016). doi: 10.1007/978-3-319-33951-1_10 Google Scholar
  16. 16.
    Macedo, H.D., Fantechi, A., Haxthausen, A.E.: Compositional verification of multi-station interlocking systems. In: Margaria, T., Steffen, B. (eds.) ISoLA 2016. LNCS, vol. 9953, pp. 279–293. Springer, Cham (2016). doi: 10.1007/978-3-319-47169-3_20 CrossRefGoogle Scholar
  17. 17.
    Macedo, H.D., Fantechi, A., Haxthausen, A.E.: Compositional model checking of interlocking systems for lines with multiple stations. In: Barrett, C., Davies, M., Kahsai, T. (eds.) NFM 2017. LNCS, vol. 10227, pp. 146–162. Springer, Cham (2017). doi: 10.1007/978-3-319-57288-8_11 CrossRefGoogle Scholar
  18. 18.
    Pachl, J.: Systemtechnik des Schienenverkehrs: Bahnbetrieb Planen, Steuern und Sichern. Springer Vieweg, Berlin (2008)Google Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  1. 1.Department of Computer ScienceTechnische Universität DarmstadtDarmstadtGermany

Personalised recommendations