Applied Bounded Model Checking for Interlocking System Designs

In this article the verification and validation of interlocking systems is investigated. Reviewing both geographical and route-related interlocking, the verification objectives can be structured from a perspective of computer science into (1) verification of static semantics, and (2) verification of behavioural (operational) semantics. The former checks that the plant model – that is, the software components reflecting the physical components of the interlocking system – has been set up in an adequate way. The latter investigates trains moving through the network, with the objective to uncover potential safety violations. From a formal methods perspective, these verification objectives can be approached by theorem proving, global, or bounded model checking. This article explains the techniques for application of bounded model checking techniques, and discusses their advantages in comparison to the alternative approaches

Verification of interlocking systems using statistical model checking

In the railway domain, an interlocking is the system ensuring safe train traffic inside a station by controlling its active elements such as the signals or points. Modern interlockings are configured using particular data, called application data, reflecting the track layout and defining the actions that the interlocking can take. The safety of the train traffic relies thereby on application data correctness, errors inside them can cause safety issues such as derailments or collisions. Given the high level of safety required by such a system, its verification is a critical concern. In addition to the safety, an interlocking must also ensure that availability properties, stating that no train would be stopped forever in a station, are satisfied. Most of the research dealing with this verification relies on model checking. However, due to the state space explosion problem, this approach does not scale for large stations. More recently, a discrete event simulation approach limiting the verification to a set of likely scenarios, was proposed. The simulation enables the verification of larger stations, but with no proof that all the interesting scenarios are covered by the simulation. In this paper, we apply an intermediate statistical model checking approach, offering both the advantages of model checking and simulation. Even if exhaustiveness is not obtained, statistical model checking evaluates with a parametrizable confidence the reliability and the availability of the entire system.Comment: 12 pages, 3 figures, 2 table

Interlocking structure design and assembly

Many objects in our life are not manufactured as whole rigid pieces. Instead, smaller components are made to be later assembled into larger structures. Chairs are assembled from wooden pieces, cabins are made of logs, and buildings are constructed from bricks. These components are commonly designed by many iterations of human thinking. In this report, we will look at a few problems related to interlocking components design and assembly. Given an atomic object, how can we design a package that holds the object firmly without a gap in-between? How many pieces should the package be partitioned into? How can we assemble/extract each piece? We will attack this problem by first looking at the lower bound on the number of pieces, then at the upper bound. Afterwards, we will propose a practical algorithm for designing these packages. We also explore a special kind of interlocking structure which has only one or a small number of movable pieces. For example, a burr puzzle. We will design a few blocks with joints whose combination can be assembled into almost any voxelized 3D model. Our blocks require very simple motions to be assembled, enabling robotic assembly. As proof of concept, we also develop a robot system to assemble the blocks. In some extreme conditions where construction components are small, controlling each component individually is impossible. We will discuss an option using global controls. These global controls can be from gravity or magnetic fields. We show that in some special cases where the small units form a rectangular matrix, rearrangement can be done in a small space following a technique similar to bubble sort algorithm