Abstract
The railway sector has been a source of inspiration for generations of researchers challenged to develop models and tools to analyze safety and reliability. Threats were coming mainly from within, due to occasionally faults in hardware components. With the advent of smart trains, the railway industry is venturing into cybersecurity and the railway sector will become more and more compelled to protect assets from threats against information & communication technology. We discuss this revolution at large, while speculating that instruments developed for security requirements engineering can then come in support of in the railway sector. And we explore the use of one of them: the Controlled Natural Language for Data Sharing Agreement (CNL4DSA). We use it to formalize a few exemplifying signal management system requirements. Since CNL4DSA enables the automatic generation of enforceable access control policies, our exercise is preparatory to implementing the security-by design principle in railway signalling management engineering.
Lenzini is supported by Luxembourg National Research Fund (FNR) CORE project C16/IS/11333956 “DAPRECO: DAta Protection REgulation COmpliance”; Petrocchi is supported by the TOFFEe Integrated Activity Project funded by IMT Scuola Alti Studi Lucca.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
- 2.
- 3.
- 4.
Not that it matters in the argument we are here developing, but one of the authors recalls to have worked in his early PhD to the validation of a safety-critical hardware system for the management of medium-large railway networks against the occurrence of Byzantine faults [18].
- 5.
- 6.
- 7.
- 8.
The integration of the NL2CNL Translator is under development.
- 9.
The description of the L3 signalling system is kindly provided by the authors of [3].
References
Bartolini, C., Lenzini, G., Santos, C.: An agile approach to validate a formal representation of the GDPR. In: New Frontiers in Artificial Intellingence. New Frontiers in Artificial Intelligence. Springer (2019, in press)
Basile, D., ter Beek, M.H., Ciancia, V.: Statistical model checking of a moving block railway signalling scenario with Uppaal SMC - experience and outlook. In: Leveraging Applications of Formal Methods, Verification and Validation. Verification - 8th International Symposium, ISoLA 2018, Limassol, Cyprus, 5–9 November 2018, Proceedings, Part II, pp. 372–391 (2018). https://doi.org/10.1007/978-3-030-03421-4_24
Basile, D., ter Beek, M.H., Ferrari, A., Legay, A.: Modelling and analysing ERTMS L3 moving block railway signalling with simulink and Uppaal SMC. In: Formal Methods for Industrial Critical Systems - 24th International Conference, FMICS 2019, Amsterdam, The Netherlands, 30–31 August 2019, Proceedings (2019). https://doi.org/10.1007/978-3-030-27008-7_1
Caimi, C., Gambardella, C., Manea, M., Petrocchi, M., Stella, D.: Legal and technical perspectives in data sharing agreements definition. In: Privacy Technologies and Policy - Third Annual Privacy Forum, APF 2015, Luxembourg, 7–8 October 2015, Revised Selected Papers, pp. 178–192 (2015). https://doi.org/10.1007/978-3-319-31456-3_10
Coco Cloud Consortium - Confidential and Compliant Clouds: Deliverable 4.2: First DSA management infrastructure (2015). http://www.coco-cloud.eu/deliverables
Coco Cloud Consortium - Confidential and Compliant Clouds: Deliverable 4.3: Final DSA management infrastructure (2016). http://www.coco-cloud.eu/deliverables
Coco Cloud Consortium - Confidential and Compliant Clouds: Deliverable 5.3: Final version of the enforcement infrastructure (2016). http://www.coco-cloud.eu/deliverables
Costantino, G., Martinelli, F., Matteucci, I., Petrocchi, M.: Analysis of data sharing agreements. In: Information Systems Security and Privacy, pp. 167–178 (2017)
Costantino, G., Martinelli, F., Matteucci, I., Petrocchi, M.: Efficient detection of conflicts in data sharing agreements. In: Mori, P., Furnell, S., Camp, O. (eds.) ICISSP 2017. CCIS, vol. 867, pp. 148–172. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-93354-2_8
Cregan, A., Schwitter, R., Meyer, T., et al.: Sydney OWL syntax - towards a controlled natural language syntax for OWL 1.1. In: OWL: Experiences and Directions, vol. 258. CEURs Workshop Proceedings (2007)
CYRAIL: Safety and security requirements of rail transport system in multi-stakeholder environment. Technical report, EU, June 2017
CYRail: Recommendations on cybersecurity of rail signalling and communications systems. Technical report, CYRail, September 2018
EEIG ERTMS Users Group: ERTMS/ETCS RAMS Requirements Specification - Chapter 2 - RAM (1998). http://www.era.europa.eu/Document-Register/Documents/B1-02s1266-.pdf
ENISA: Cyber Security and Resilience of Intellingent Public Transport, Good Practices and Recommendations. Technical report, ENISA, December 2015
Ferrari, A., Lipari, G., Gnesi, S., Spagnolo, G.O.: Pragmatic ambiguity detection in natural language requirements. In: Proceedings of AIRE, pp. 1–8 (2014)
Ferrari, A., Spoletini, P., Gnesi, S.: Ambiguity cues in requirements elicitation interviews. In: Proceedings of RE, pp. 56–65 (2016)
Fuchs, N.E., Kaljurand, K., Kuhn, T.: Attempto controlled English for knowledge representation. In: Baroglio, C., Bonatti, P.A., Małuszyński, J., Marchiori, M., Polleres, A., Schaffert, S. (eds.) Reasoning Web. LNCS, vol. 5224, pp. 104–124. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-85658-0_3
Gnesi, S., Lenzini, G., Latella, D., Abbaneo, C., Amendola, A., Marmo, P.: An automatic SPIN validation of a safety critical railway control system. In: Proceedings of the International Conference on Dependable Systems and Networks (DSN 2000), 25–28 June 2000, New York, NY, USA, pp. 119–124 (2002)
Gnesi, S., Petrocchi, M.: Towards an executable algebra for product lines. In: 16th International Software Product Line Conference, SPLC 2012, Salvador, Brazil, 2–7 September 2012, vol. 2, pp. 66–73 (2012). https://doi.org/10.1145/2364412.2364424
Hart, G., Dolbear, C., Goodwin, J.: Lege Feliciter: using structured English to represent a topographic hydrology ontology. In: OWL: Experiences and Directions (2007)
Kuhn, T.: A survey and classification of controlled natural languages. Comput. Linguist. 40(1), 121–170 (2014)
Martinelli, F., Matteucci, I., Petrocchi, M., Wiegand, L.: A formal support for collaborative data sharing. In: Multidisciplinary Research and Practice for Information Systems - IFIP WG 8.4, 8.9/TC 5 International Cross-Domain Conference and Workshop on Availability, Reliability, and Security, CD-ARES 2012, Prague, Czech Republic, 20–24 August 2012, Proceedings, pp. 547–561 (2012). https://doi.org/10.1007/978-3-642-32498-7_42
Martinelli, F., Petrocchi, M.: A uniform framework for security and trust modeling and analysis with crypto-CCS. Electr. Notes Theor. Comput. Sci. 186, 85–99 (2007). https://doi.org/10.1016/j.entcs.2007.03.024
Matteucci, I., Mori, P., Petrocchi, M., Wiegand, L.: Controlled data sharing in E-health. In: Socio-Technical Aspects in Security and Trust (STAST), pp. 17–23. IEEE (2011)
Matteucci, I., Petrocchi, M., Sbodio, M.L.: CNL4DSA: a controlled natural language for data sharing agreements. In: Symposium on Applied Computing, pp. 616–620. ACM (2010)
OASIS XACML Technical Committee: eXtensible Access Control Markup Language (XACML) Version 3.0 (2013)
Ruiz, J.F., et al.: A lifecycle for data sharing agreements: how it works out. In: Schiffner, S., Serna, J., Ikonomou, D., Rannenberg, K. (eds.) APF 2016. LNCS, vol. 9857, pp. 3–20. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-44760-5_1
Schwitter, R.: Controlled natural languages for knowledge representation. In: Proceedings of the 23rd International Conference on Computational Linguistics: Posters, pp. 1113–1121. Association for Computational Linguistics (2010)
Schwitter, R., Kaljurand, K., Cregan, A., Dolbear, C., Hart, G., et al.: A comparison of three controlled natural languages for OWL 1.1. In: OWL: Experiences and directions (2008)
Stanford Encyclopedia of Philosophy: Quantifiers and quantification (2018). https://plato.stanford.edu/entries/quantification/#SecOrdQua
Tanoli, I.K., Petrocchi, M., De Nicola, R.: Towards automatic translation of social network policies into controlled natural language. In: 12th International Conference on Research Challenges in Information Science, RCIS 2018, Nantes, France, 29–31 May 2018, pp. 1–12 (2018). https://doi.org/10.1109/RCIS.2018.8406683
Acknowledgement
This work has been written for the Festschrift in honor of Stefania Gnesi, head of the Formal Methods & Tools group of the Istituto di Scienza e Tecnologie dell’Informazione “A. Faedo” (ISTI) of the National Council of Research (CNR), in Pisa, Italy. Both authors wish to express their professional and personal gratitude to Stefania for the time spent together at the CNR in Pisa and for years of fruitful collaboration. Stefania has been our mentor but she is also a friend. Rephrasing what we took from a comic strip about Livorno, the seaside town where she lives, we could affectionately say: “È una livornese, una donna forte con un cuore di madre”.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this chapter
Cite this chapter
Lenzini, G., Petrocchi, M. (2019). Modelling of Railway Signalling System Requirements by Controlled Natural Languages: A Case Study. In: ter Beek, M., Fantechi, A., Semini, L. (eds) From Software Engineering to Formal Methods and Tools, and Back. Lecture Notes in Computer Science(), vol 11865. Springer, Cham. https://doi.org/10.1007/978-3-030-30985-5_29
Download citation
DOI: https://doi.org/10.1007/978-3-030-30985-5_29
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-30984-8
Online ISBN: 978-3-030-30985-5
eBook Packages: Computer ScienceComputer Science (R0)