A New Formal Methods Guidebook for the Railway Signalling Domain

Considerable know-how about formals methods (FMs) exists in the railway signalling domain, and FMs have been successfully applied e.g. for verification of interlockings or development of computer-based train control systems. But FMs expertise is not generally available or widespread, and there is a lack of FMs integration into standards, of recommendations for FMs use and of guidance on where and how to employ them. For these reasons, TD2.7 of Shift2Rail is currently preparing a FMs guidebook which aims to document know-how, experience, and recommendations, to pave the way for wider use of FMs for today's and future railway signalling systems. In this contribution, the guidebook contents are briefly presented, including why, when and for what purpose to apply FMs, what FMs are and which steps their application follows. Afterwards, an example application of the guidebook's FMs concepts is described

Verification of Railway Interlocking - Compositional Approach with OCRA

In the railway domain, an electronic interlocking is a computerised system that controls the railway signalling components (e.g. switches or signals) in order to allow a safe operation of the train traffic. Interlockings are controlled by a software logic that relies on a generic software and a set of application data particular to the station under control. The verification of the application data is time consuming and error prone as it is mostly performed by human testers. In the first stage of our research, we built a model of a small Belgian railway station and we performed the verification of the application data with the nusmv model checker. However, the verification of larger stations fails due to the state space explosion problem. The intuition is that large stations can be split into smaller components that can be verified separately. This concept is known as compositional verification. This article explains how we used the ocra tool in order to model a medium size station and how we verified safety properties by mean of contracts. We also took advantage of new algorithms (k-liveness and ic3) recently implemented in nuxmv in order to verify LTL properties on our model

Safety and Reliability - Safe Societies in a Changing World

The contributions cover a wide range of methodologies and application areas for safety and reliability that contribute to safe societies in a changing world. These methodologies and applications include: - foundations of risk and reliability assessment and management - mathematical methods in reliability and safety - risk assessment - risk management - system reliability - uncertainty analysis - digitalization and big data - prognostics and system health management - occupational safety - accident and incident modeling - maintenance modeling and applications - simulation for safety and reliability analysis - dynamic risk and barrier management - organizational factors and safety culture - human factors and human reliability - resilience engineering - structural reliability - natural hazards - security - economic analysis in risk managemen