82,973 research outputs found
A Train Protection Logic Based on Topological Manifolds for Virtual Coupling
Virtual coupling is a promising innovation aimed at increasing railway capacity. Compared to current railway signaling systems, it allows two or more trains to run with reduced headway between them. However, such reduced headways are a challenge to safety. In this work we consider this challenge by formally describing and verifying an approach to virtual coupling. We propose a general modeling method based on topological manifolds to describe the protection logic for virtual coupling train control systems. We also describe the basic train control elements in topological terms and analyze the line condition of our virtual coupling logic. We establish that the line condition safety requirements and its representation as a manifold are equivalent and further provide a formal definition of the concept of a movement authority with manifold notations. This allows us to consider the dynamic behavior of trains and a series of theorems that establish the correctness of our protection logic for virtual coupling. Finally, we apply the presented methods to a case study. The results show that the proposed method provides a suitable way to realize a virtual coupling logic safely
Test Case Generation for a Level Crossing Controller
Formal methods (FM) can be used for the precise specification, property-ensuring development and exhaustive property verification of systems. Thus they are especially suited for highly safety or mission critical applications. Railway signaling systems clearly belong to these applications, and there are indeed several industrial projects where FM have been successfully applied; especially to core interlocking and communication-based train control (CBTC) systems. But despite their potential, FM are not very wide-spread in the sector. Work Package 5 of the X2Rail-2 project seeks to foster the use of FM in railway signaling by providing an introduction and overview of formal methods and demonstrating their use and
benefit. For the latter, four different formal and one classical development methods are applied by different project partners to a level crossing (LX) controller specified by the Swedish railway infrastructure manager Trafikverket. For all of these developments, the safety properties from the LX specification
are planned to be formally verified afterwards using the High Level Language (HLL). Since that means proving them exhaustively, they are of less interest for testing.
However, there are further non-safety functional requirements in the specification which
remain for testing. The extended abstract at hand reports on an automatic test case
generation (TCG) approach of a test suite testing these requirements. In fact, this approach is
based on formal methods as well, since the test case generator applies symbolic execution
and theorem solving techniques: given a behavioral model of the system under test (SUT),
the former method finds feasible paths through the model, while the latter completes the test
case by determining suitable test data. This way, the test design task is partly automated,
ensures a structural coverage of the model and the modeling process usually leads to a high
test suite quality. The different LX controller implementations are tested as black box
systems, each one with the same generated test cases. In order to simplify the integration of
the different implementations with the test environment, a common test interface has been
drawn up
A formal theory of railway track networks in higher-order logic and its applications in interlocking design
The research described in this dissertation centres on the application of a discipline of formal methods in railway signalling system design. A generic abstract model of railway track networks and signals has been developed in Higher-Order Logic(HOL). It consists of several theories arranged in a hierarchy. Railway track networks are modelled by a class of constraint labelled directed graphs. HOL theories of graphs and paths have been developed for representing track networks. HOL theories modelling individual track components and signals have also been developed. These theories are then combined to create a theory of track network. Three applications of this model are described. The first is a network verifier which verifies a formal specification of track layout against its abstract model by proving theorems automatically. The second application is to extract information from the specifications and to create control tables automatically. Lastly, a method of modelling the interlocking processor using finite state machines is described. Although this research has centred on railway signalling, it can be viewed as a case study of how to apply formal methods in the analysis and design of safety- critical systems. The approach and methods used can be generalized in order to be useful in other industries
Automatic instantiation of abstract tests on specific configurations for large critical control systems
Computer-based control systems have grown in size, complexity, distribution
and criticality. In this paper a methodology is presented to perform an
abstract testing of such large control systems in an efficient way: an abstract
test is specified directly from system functional requirements and has to be
instantiated in more test runs to cover a specific configuration, comprising
any number of control entities (sensors, actuators and logic processes). Such a
process is usually performed by hand for each installation of the control
system, requiring a considerable time effort and being an error prone
verification activity. To automate a safe passage from abstract tests, related
to the so called generic software application, to any specific installation, an
algorithm is provided, starting from a reference architecture and a state-based
behavioural model of the control software. The presented approach has been
applied to a railway interlocking system, demonstrating its feasibility and
effectiveness in several years of testing experience
Verification of interlocking systems using statistical model checking
In the railway domain, an interlocking is the system ensuring safe train
traffic inside a station by controlling its active elements such as the signals
or points. Modern interlockings are configured using particular data, called
application data, reflecting the track layout and defining the actions that the
interlocking can take. The safety of the train traffic relies thereby on
application data correctness, errors inside them can cause safety issues such
as derailments or collisions. Given the high level of safety required by such a
system, its verification is a critical concern. In addition to the safety, an
interlocking must also ensure that availability properties, stating that no
train would be stopped forever in a station, are satisfied. Most of the
research dealing with this verification relies on model checking. However, due
to the state space explosion problem, this approach does not scale for large
stations. More recently, a discrete event simulation approach limiting the
verification to a set of likely scenarios, was proposed. The simulation enables
the verification of larger stations, but with no proof that all the interesting
scenarios are covered by the simulation. In this paper, we apply an
intermediate statistical model checking approach, offering both the advantages
of model checking and simulation. Even if exhaustiveness is not obtained,
statistical model checking evaluates with a parametrizable confidence the
reliability and the availability of the entire system.Comment: 12 pages, 3 figures, 2 table
Developing a distributed electronic health-record store for India
The DIGHT project is addressing the problem of building a scalable and highly available information store for the Electronic Health Records (EHRs) of the over one billion citizens of India
Formalization and Validation of Safety-Critical Requirements
The validation of requirements is a fundamental step in the development
process of safety-critical systems. In safety critical applications such as
aerospace, avionics and railways, the use of formal methods is of paramount
importance both for requirements and for design validation. Nevertheless, while
for the verification of the design, many formal techniques have been conceived
and applied, the research on formal methods for requirements validation is not
yet mature. The main obstacles are that, on the one hand, the correctness of
requirements is not formally defined; on the other hand that the formalization
and the validation of the requirements usually demands a strong involvement of
domain experts. We report on a methodology and a series of techniques that we
developed for the formalization and validation of high-level requirements for
safety-critical applications. The main ingredients are a very expressive formal
language and automatic satisfiability procedures. The language combines
first-order, temporal, and hybrid logic. The satisfiability procedures are
based on model checking and satisfiability modulo theory. We applied this
technology within an industrial project to the validation of railways
requirements
A software architecture for autonomous maintenance scheduling: Scenarios for UK and European Rail
A new era of automation in rail has begun offering developments in the operation and maintenance of industry standard systems. This article documents the development of an architecture and range of scenarios for an autonomous system for rail maintenance planning and scheduling. The Unified Modelling Language (UML) has been utilized to visualize and validate the design of the prototype. A model for information exchange between prototype components and related maintenance planning systems is proposed in this article. Putting forward an architecture and set of usage mode scenarios for the proposed system, this article outlines and validates a viable platform for autonomous planning and scheduling in rail
- …