Towards the verification of a generic interlocking logic: Dafny meets parameterized model checking

Interlocking logics are at the core of critical systems controlling the traffic within stations. In this paper, we consider a generic interlocking logic, which can be instantiated to control a wide class of stations. We tackle the problem of parameterized verification, i.e. prove that the logic satisfies the required properties for all the relevant stations. We present a simplified case study, where the interlocking logic is directly encoded in Dafny. Then, we show how to automate the proof of an important safety requirement, by integrating simple, template-based invariants and more complex invariants obtained from a model checker for parameterized systems. Based on these positive preliminary results, we outline how we intend to integrate the approach by extending the IDE for the design of the interlocking logic

Simplifying the Formal Verification of Safety Requirements in Zone Controllers through Problem Frames and Constraints based Projection

Formal methods have been applied widely to verifying the safety requirements of Communication-Based Train Control (CBTC) systems, while the problem situations could be much simplified. In industrial practices of CBTC systems, however, huge complexity arises, which renders those methods nearly impossible to apply. In this paper, we aim to reduce the state space of formal verification problems in Zone Controller, a sub-system of a typical CBTC. We achieve the simplification goal by reducing the total number of device variables. To do this, two projection methods are proposed based on Problem Frames and constraints, respectively. The Problem Frames based method decomposes the system according to sub-properties through functional decomposition, whilst the constraints based projection method removes redundant variables. Our industrial case study demonstrates the feasibility though an evaluation, confirming that these two methods are effective in reducing the state spaces of complex verification problems in this application domain

DELFIN+: An efficient deadlock detection tool for CCS processes

AbstractModel checking is a formal technique for proving the correctness of a system with respect to a desired behavior. However, deadlock detection via model checking is particularly difficult for the following two problems: (i) the state explosion problem, due to the exponential increase in the size of a finite state model as the number of system components grows; and (ii) the output interpretation problem, as often counter-examples are so long that they are hard to understand. The aim of this paper is to solve both problems by using heuristic-based search strategies. We have realized DELFIN+ (DEadLock FINder) a tool supporting efficient deadlock detection in CCS processes. We have used this tool to verify a sample of CCS processes, in order to evaluate the method on them