B Formal Validation of ERTMS/ETCS Railway Operating Rules

The B method is a formal specification method and a means of formal verification and validation of safety-critical systems such as railway systems. In this short paper, we use the B4MSecure tool to transform the UML models, fulfilling requirements of European Railway Traffic Management System (ERTMS) operating rules, into B specifications in order to formally validate them

Business optimization through automated signaling design

M.Ing. (Engineering Management)Abstract: Railway signaling has become pivotal in the development of railway systems over the years. There is a global demand for upgrading signaling systems for improved efficiency. Upgrading signaling systems requires new signaling designs and modifications to adjacent signaling systems. The purpose of this research is to compare manually produced designs with design automation by covering the framework of multiple aspects of railway signaling designs in view of business optimization using computer drawings, programming software language and management of signaling designs. The research focuses on design automation from the preliminary design stage to the detailed design stage with the intention of investigating and resolving a common project challenge of time management. Various autonomous methods are used to seek improvement on the detailed design phase of re-signaling projects. An analysis on the project’s duration, resources and review cycles is conducted to demonstrate the challenges that are faced during the design of a project. Signaling designs are sophisticated and crucial in an ever-changing railway environment. As a result, there is a demand for efficiency and knowledge within railway signaling to achieve successful completion project target dates. A quantitative approach is used to identify the gaps leading to delays and best practices are applied using a comparative analysis to remediate on any snags that may potentially extend the project duration. The results illustrate that the resources required when automating detailed designs are reduced by two thirds for cable plans and book of circuits and reduced by one third for source documents. Successively, the projects benefit with reduced organizational resources, reduced design durations and reduced design review cycles. This research concludes that software integration of the signaling designs due to the efficiency and innovation of the selected computer drawing software and programming software language such as AutoCAD required less resources for computer drawings that are generated using automation tools compared to computer drawings that are generated manually. The resources required when automating the generation of signaling detailed designs are reduced for cable plans, book of circuits and source documents. This means that the business is optimized by utilizing less resources and subsequently delays are reduced during the design stage

Security in Open Model Software with Hardware Virtualisation – The Railway Control System Perspective

Using the openETCS initiative as a starting point, we describe how open software can be applied in combination with platform-specific, potentially closed source extensions, in the development, verification, validation and certification of safety-critical railway control systems. We analyse the safety and security threats presented by this approach and discuss conventional operating system partitioning mechanisms, as well as virtualisation methods with respect to their potential to overcome these problems. Furthermore, we advocate a shift from open source to open models, in order to increase the development efficiency of combined open and proprietary solutions

Modélisation et validation formelle des règles d'exploitation ferroviaires

Le système européen de surveillance du trafic ferroviaire (en anglais, European Rail Traffic Management System, ERTMS) est un système complexe de contrôle/commande et de signalisation ferroviaire mettant en ½uvre des règles européennes d'exploitation ferroviaires. Cet article propose une étude de cas basée sur deux scénarios extraits de ces règles, un scénario nominal d'autorisation de mouvement et un scénario exceptionnel de franchissement d'un arrêt. En effet, on trouve dans ces scénarios des aspects fonctionnels et de sécurité. Ces aspects nécessitent, d'une part, une modélisation fonctionnelle enrichie par des modèles décrivant la politique de sécurité et les autorisations données aux agents agissant sur le système, et d'autre part, une validation formelle. Pour ce faire, nous avons utilisé la plate-forme B4MSecure, fondée sur l'approche IDM (Ingénierie Dirigée par les Modèles), produisant à partir des modèles UML des spécifications formelles B. L'objectif de ces spécifications résultantes est de valider ces scénarios à l'aide d'outils d'animation et de preuve de spécifications B afin de garantir une analyse rigoureuse de la fonctionnalité et de la politique de sécurité

Application of Cognitive Systems Engineering Approach to Railway Systems (System for Investigation of Railway Interfaces)

This chapter presents the results of a cognitive systems engineering approach applied to railway systems. This application is through the methodology of ’System for Investigation of Railway Interfaces – SIRI’. The utility of the chapter lies in highlighting errors in the current approaches to safety risk management

Services interfaces for interoperability of signaling computer interlocking on borders

Technological developments in the field of railway signaling have allowed more and more flexibility in the management of rail traffic, especially with computer interlocking. However, differences in signaling principles from one country to another as well as differences in the structure of interlocking software and communication protocols depending on suppliers lead to interoperability difficulties at the borders between computer interlocking. Some deployed projects deal with interoperability issues regarding the communication of signaling information between the train and interlocking like the European rail traffic management system (ERTMS) project. Unfortunately, the interoperability between interlocking themselves is still not achieved. Some deployed projects deal with interoperability issues regarding the communication of signaling information between the train and interlocking like the ERTMS project. Unfortunately, the interoperability between interlocking themselves is still not achieved. This article draws up a proposed model for interfacing at the interlocking boundaries based on service-oriented architecture (SOA). In addition, to ensure the coupling of SOA services to the internal functions of the signaling computer interlocking, a distributed architecture of programmable logic controller according to the IEC 61499 standard is suggested

Dealing with standardization in liberalized network industries: Some lessons from the European railway sector

The European railway sector is undergoing dramatic changes. During the still ongoing liberalization process most vertically-integrated railway operators have already been “unbundled”. The shift from integrated to disintegrated companies coupled with the introduction of competition – so far in freight, but as of 2010 also in international passenger traffic – is having profound implications on the development and deployment of new technologies. In addition, within the framework of the Single European Market the main stakeholders have now to work under the constraint of interoperability. The paper examines railway standardization processes within an interoperable environment. So far, the railway sector has a strong history of national standards development. In the area of signalling, the result and current situation is therefore a patchwork of poorly interoperable systems. The paper builds on a case study of the development and deployment of a core signalling system – the European Rail Train Management System (ERTMS) – to illustrate the difficulties to coordinate a standardization process in such a liberalized and deregulated environment. The paper questions whether, in the framework of the emerging technological and institutional environment, the current governance of rail standards is suited to the EU’s objectives of a competitive railway market. Through the introduction of ERTMS the paper discusses the role of the new European Rail Agency (ERA) as the locus for coordinating the ERTMS standardization process. It makes recommendations as to which actor(s) is/are best suited to govern the standardization of such highly complex and interdependent technical systems