Formalization and Validation of Safety-Critical Requirements

The validation of requirements is a fundamental step in the development process of safety-critical systems. In safety critical applications such as aerospace, avionics and railways, the use of formal methods is of paramount importance both for requirements and for design validation. Nevertheless, while for the verification of the design, many formal techniques have been conceived and applied, the research on formal methods for requirements validation is not yet mature. The main obstacles are that, on the one hand, the correctness of requirements is not formally defined; on the other hand that the formalization and the validation of the requirements usually demands a strong involvement of domain experts. We report on a methodology and a series of techniques that we developed for the formalization and validation of high-level requirements for safety-critical applications. The main ingredients are a very expressive formal language and automatic satisfiability procedures. The language combines first-order, temporal, and hybrid logic. The satisfiability procedures are based on model checking and satisfiability modulo theory. We applied this technology within an industrial project to the validation of railways requirements

Estimating Workforce Development Needs for High-Speed Rail in California, Research Report 11-16

This study provides an assessment of the job creation and attendant education and training needs associated with the creation of the California High-Speed Rail (CHSR) network, scheduled to begin construction in September 2012. Given the high profile of national and state commitment to the project, a comprehensive analysis that discusses the education, training, and related needs created during the build out of the CHSR network is necessary. This needs assessment is achieved by means of: 1) analyzing current high-speed rail specific challenges pertaining to 220mph trains; 2) using a more accurate and robust “bottom-up” approach to estimate the labor, education, skills, and knowledge needed to complete the CHSR network; and 3) assessing the current capacity of railroad-specific training and education in the state of California and the nation. Through these analyses, the study identifies the magnitude and attributes of the workforce development needs and challenges that lie ahead for California. The results of this research offer new insight into the training and education levels likely to be needed for the emergent high-speed rail workforce, including which types of workers and professionals are needed over the life of the project (by project phase), and their anticipated educational level. Results indicates that although the education attained by the design engineers of the system signifies the most advanced levels of education in the workforce, this group is comparatively small over the life of the project. Secondly, this report identifies vast training needs for the construction workforce and higher education needs for a managerial construction workforce. Finally, the report identifies an extremely limited existing capacity for training and educating the high-speed rail workforce in both California and in the U.S. generally

Modeling of Secure and Dependable Applications Based on a Repository of Patterns: The SEMCO Approach

International audienceThe requirement for higher quality and seamless development of systems is continuously increasing, even in domains traditionally not deeply involved in such issues. Security and Dependability (S&D) requirements are incorporated to an increasing number of systems. These newer restrictions make the development of those systems more complicated than conventional systems. In our work, we promote a new approach called SEMCO (System and software Engineering with Multi-COncerns) combining Model-Driven Engineering (MDE) with a model-based repository of S&D patterns to support the design and the analysis of pattern-based secure and dependable system and software architectures. The modeling framework to support the approach is based on a set of modeling languages, to specify security and dependability patterns, resources and a set of property models, and a set of model transformation rules to specify some of the analysis activities. As part of the assistance for the development of S&D applications, we have implemented a tool-chain based on the Eclipse platform to support the different activities around the repository, including the analysis activities. The proposed approach was evaluated through a case study from the railway domain

Model-Driven Engineering for Trusted Embedded Systems based on Security and Dependability Patterns

National audienceNowadays, many practitioners express their worries about current software engineering practices. New recommendations should be considered to ground software engineering on two pillars: solid theory and proven principles. We took the second pillar towards software engineering for embedded system applications, focusing on the problem of integrating Security and Dependability (S&D) by design to foster reuse. The framework and the methodology we propose associate the model-driven paradigm and a model-based repository of S&D patterns to support the design of trusted Resource Constrained Embedded System (RCES) applications for multiple domains (e.g., railway, metrology, automotive). The approach has been successfully evaluated by the TERESA project external reviewers as well as internally by the Ikerlan Research Center for the railway domain

Dependability checking with StoCharts: Is train radio reliable enough for trains?

Performance, dependability and quality of service (QoS) are prime aspects of the UML modelling domain. To capture these aspects effectively in the design phase, we have recently proposed STOCHARTS, a conservative extension of UML statechart diagrams. In this paper, we apply the STOCHART formalism to a safety critical design problem. We model a part of the European Train Control System specification, focusing on the risks of wireless communication failures in future high-speed cross-European trains. Stochastic model checking with the model checker PROVER enables us to derive constraints under which the central quality requirements are satisfied by the STOCHART model. The paper illustrates the flexibility and maturity of STOCHARTS to model real problems in safety critical system design