325 research outputs found
A Formal Methodology for Engineering Heterogeneous Railway Signalling Systems
Ph. D. Thesis.Over the last few decades, the safety assurance of cyber-physical systems has become one of the
biggest challenges in the field of model-based system engineering. The challenge arises from an
immense complexity of cyber-physical systems which have deeply intertwined physical, software
and network system aspects.
With significant improvements in a wireless communication and microprocessor technologies,
the railway domain has become one of the frontiers for deploying cyber-physical signalling
systems. However, because of the safety-critical nature of railway signalling systems, the
highest level of safety assurance is essential. This study attempts to address the challenge of
guaranteeing the safety of cyber-physical railway signalling systems by proposing a development
methodology based on formal methods. In particular, this study is concerned with the safety
assurance of heterogeneous cyber-physical railway signalling systems, which have emerged by
gradually replacing outdated signalling systems and integrating mainline with urban signalling
systems. The main contribution of this work is a formal development methodology of railway
signalling systems. The methodology is based on the Event-B modelling language, which
provides an expressive modelling language, a stepwise model development and a proof-based
model verification. At the core of the methodology is a generic communication-based railway
signalling Event-B model, which can be further refined to capture specific heterogeneous or
homogeneous railway signalling configurations. In order to make signalling modelling more
systematic we developed communication and hybrid railway signalling modelling patterns.
The proposed methodology and modelling patterns have been evaluated on two case studies.
The evaluation shows that the methodology does provide a system-level railway signalling
modelling and verification method. This is crucial for verifying the safety of cyber-physical
systems, as safety is dependent on interactions between different subsystems. However, the study
has also shown that automatic formal verification of hybrid systems is still a major challenge and
must be addressed in the future work in order to make this methodology more practical.(EPSRC and Siemens
Rail Automation
Step-wise development of resilient ambient campus scenarios
This paper puts forward a new approach to developing resilient ambient applications. In its core is a novel rigorous development method supported by a formal theory that enables us to produce a well-structured step-wise design and to ensure disciplined integration of error recovery measures into the resulting implementation. The development method, called AgentB, uses the idea of modelling database to support a coherent development of and reasoning about several model views, including the variable, event, role, agent and protocol views. This helps system developers in separating various modelling concerns and makes it easier for future tool developers to design a toolset supporting this development. Fault tolerance is systematically introduced during the development of various model views. The approach is demonstrated through the development of several application scenarios within an ambient campus case study conducted at Newcastle University (UK) as part of the FP6 RODIN project. Ă© 2009 Springer Berlin Heidelberg
Extended Model driven Architecture to B Method
International audienceModel Driven Architecture (MDA) design approach proposes to separate design into two stages: implementation independent stage then an implementation-dependent one. This improves the reusability, the reusability, the standability, the maintainability, etc. Here we show how MDA can be augmented using a formal refinement approach: B method. Doing so enables to gradually refine the development from the abstract specification to the executing implementation; furthermore it permits to prove the coherence between components in low levels even if they are implemented in different technologies
A Refinement Strategy for Hybrid System Design with Safety Constraints
Whenever continuous dynamics and discrete control interact, hybrid systems arise. As hybrid systems become ubiquitous and more and more complex, analysis and synthesis techniques are in high demand to design safe hybrid systems. This is however challenging due to the nature of hybrid systems and their designs, and the question of how to formulate and reason their safety problems. Previous work has demonstrated how to extend discrete modelling language Event-B with continuous supports to integrate traditional refinement in hybrid system design. In the same spirit, we extend previous work by proposing a strategy that can coherently refine an abstract hybrid system design with safety constraints down to the concrete one with implementable discrete control that can behave safely. Our proposal is validated on the design of a smart heating system, and we share with our experience
A Refinement Strategy for Hybrid System Design with Safety Constraints
International audienceWhenever continuous dynamics and discrete control interact, hybrid systems arise. As hybrid systems become ubiquitous and more and more complex, analysis and synthesis techniques are in high demand to design safe hybrid systems. This is however challenging due to the nature of hybrid systems and their designs, and the question of how to formulate and reason their safety problems. Previous work has demonstrated how to extend the discrete modeling language Event-B with continuous support to integrate traditional refinement in hybrid system design. In the same spirit, we extend previous work by proposing a strategy that can coherently refine an abstract hybrid system design with safety constraints down to a concrete one, integrated with implementable discrete control, that can behave safely. We demonstrate our proposal on a smart heating system that regulates room temperature between two references, and we share our experience
- âŠ