Decision Tools Regarding Time Constraints Violation in Manufacturing Workshops

This paper is dedicated to the study of constraints violation in manufacturing workshops with time constraints. In such systems, every operation duration is included between minimal and maximal values. P-time Petri nets are used for modeling. A new theorem is introduced, constituting a decision tool about the occurrence of constraints violation at the level of a synchronization transition when various types of time disturbances occur. It shows the robustness properties of a manufacturing system on a range that may include delay and advance disturbances. The theoretical result is illustrated step by step on a given workshop. Two other lemmas are elaborated contributing to the study of the constraints violation problem. The final goal is to generalize the robustness property towards simultaneous occurrence of two delays at two points of the system, each having its own robustness range

Identifying Alterability States of a Single Track Railway Line Control System

In the context of automation and deployment of computer based control systems, a specific application on French railway line is proposed on low traffic single track railway lines. The issue of updates requires thorough consideration. In the case of low traffic single track railway lines, handling the removal of a shunting track, which role is to allow trains to circulate in both directions of a same line, the issue of timing the update to the control system is particularly critical. Indeed, a wrongly timed update could lead to a deadlock, while one or more trains are expected to travel while respecting safety constraints on the blocked infrastructure. This paper studies the application of works from the field of dynamic software updating, specifically the works of Panzica La Manna et al. [12]. Using their results on a graph based model of a single track rail line, it identifies alterability states that ensure safety constraints are respected at all times without causing deadlocks. These results are then used to discuss the pertinence of using concepts from dynamic software updating in the context of railway systems

Requirements Modeling Methodology Based on Knowledge Engineering: A Case Study of Railway Control System

The complexity of the verification and the validation of embedded systems is increasing. This paper explores the first requirements engineering processes in the solution domain, which are analysis and specification. In this work we present an architecture of a requirement specification system. We show how the requirements are analysed and structured to generate a dependency graph. This latter will serve to analyse requirements and to model specifications on goal model. In this paper we will focus on the analysis, and structuring processes. We will explain the requirement classification criteria. Keywords: Requirements Modeling, Qualification Strategy, Knowledge Engineering, Ontology, Dependency Graph, Embedded System, ERTMS/ETC

B Formal Validation of ERTMS/ETCS Railway Operating Rules

The B method is a formal specification method and a means of formal verification and validation of safety-critical systems such as railway systems. In this short paper, we use the B4MSecure tool to transform the UML models, fulfilling requirements of European Railway Traffic Management System (ERTMS) operating rules, into B specifications in order to formally validate them

Modélisation et validation formelle des règles d'exploitation ferroviaires

Le système européen de surveillance du trafic ferroviaire (en anglais, European Rail Traffic Management System, ERTMS) est un système complexe de contrôle/commande et de signalisation ferroviaire mettant en ½uvre des règles européennes d'exploitation ferroviaires. Cet article propose une étude de cas basée sur deux scénarios extraits de ces règles, un scénario nominal d'autorisation de mouvement et un scénario exceptionnel de franchissement d'un arrêt. En effet, on trouve dans ces scénarios des aspects fonctionnels et de sécurité. Ces aspects nécessitent, d'une part, une modélisation fonctionnelle enrichie par des modèles décrivant la politique de sécurité et les autorisations données aux agents agissant sur le système, et d'autre part, une validation formelle. Pour ce faire, nous avons utilisé la plate-forme B4MSecure, fondée sur l'approche IDM (Ingénierie Dirigée par les Modèles), produisant à partir des modèles UML des spécifications formelles B. L'objectif de ces spécifications résultantes est de valider ces scénarios à l'aide d'outils d'animation et de preuve de spécifications B afin de garantir une analyse rigoureuse de la fonctionnalité et de la politique de sécurité

Time Disturbances and Filtering of Sensors Signals in Tolerant Multi-product Job-shops with Time Constraints

This paper deals with supervision in critical time manufacturing jobshops without assembling tasks. Such systems have a robustness property to deal with time disturbances. A filtering mechanism of sensors signals integrating the robustness values is proposed. It provides the avoidance of control freezing if the time disturbance is in the robustness intervals. This constitutes an enhancement of the filtering mechanism since it makes it possible to continue the production in a degraded mode providing the guarantees of quality and safety. When a symptom of abnormal functioning is claimed by the filtering mechanism, it is imperative to localize the time disturbance occurrence. Based upon controlled P-time Petri nets as a modeling tool, a series of lemmas are quoted in order to build a theory dealing with the localization problem

A passenger flow oriented security and safety approach in international railway stations

TRA 2018, 7th Transport Research Arena, Vienne, AUTRICHE, 16-/04/2018 - 19/04/2018; In the context of the Franco-German research project Re(h)strain, this work focuses on a global system analysis integrating both safety and security analysis of international and/or urban railway stations. The Re(h)strain project focuses on terrorist attacks on high speed train systems and investigates prevention and mitigation measures to reduce the overall vulnerability and strengthen the system resilience. One main criterion regarding public transport issues is the number of passengers. For example, the railway station of Paris 'Gare du Nord' deals with a bigger number of passengers than the biggest airport in the world (SNCF open Data 2014), the Atlanta airport, but in terms of passengers, it is only around the 23rd rank railway station in the world. Due to the enormous mass of people, this leads to the system approach of breaking out the station into several classes of zones, e.g. entrance, main hall, quays, trains, etc. All classes are analysed considering state-of-the-art parameters, like targets attractiveness, feasibility of attack, possible damage, possible mitigation and defences. Then, safety incidence of security defence is discussed in order to refine security requirement with regard to the considered zone. Finally, global requirements of security defence correlated to the corresponding class of zones are proposed. A case study based on the works in Re(h)strain is used as an illustration to demonstrate how the above-mentioned security and safety requirements may be implemented and handled at train stations. Therefore, the different security measures proposed for an unaffected flow of passengers are correlated to existing ones, such as video surveillance and security personal patrolling. The results of sensor set-ups realised within the project and tested in real environment show new ways of implementing innovative techniques to security applications. Depending on the technology, sensor portals at the entrances of train stations or sensor nodes distributed throughout the station increase the level of protection achievable for the detection of threats as part of preventive security concepts. The fusion of data gained by different sensor systems, including person-tracking by non-visual object recognition and trailing, enables a core function of a security assistance system. This assistance system makes security personnel aware of threats and the location of possible carriers of suspicious material as a prior condition to successful intervention measures. The high level of automation reduces human intervention to a minimum. In the conclusion it will be recommended to think of international railway stations as complex interconnected systems which are made for sharing traffic flows. It means that thinking about local solutions may produce safety problems to connected zones due to possible overcrowding. Document type: Conference objec

Fuzzy Filtering of Sensors Signals in Manufacturing Systems with Time Constraints

The presented work is dedicated to the supervision of manufacturing job-shops with time constraints. Such systems have a robustness property towards time disturbances. The main contribution of this paper is a fuzzy filtering approach of sensors signals integrating the robustness values. This new approach integrates a classic filtering mechanism of sensors signals and fuzzy logic techniques. The strengths of these both techniques are taken advantage of the avoidance of control freezing and the capability of fuzzy systems to deal with imprecise information by using fuzzy rules. Finally, to demonstrate the effectiveness and accuracy of this new approach, an example is depicted. The results show that the fuzzy approach allows keeping on producing, but in a degraded mode, while providing the guarantees of quality and safety based on expert knowledge integration

Réseaux de Petri P-temporels: Modélisation et validation d'exigences temporelles

Le corps de ce travail concerne la modélisation des systèmes à événements discrets. Il s'intéresse par ailleurs en quasi exclusivité à la gestion des contraintes de temps de séjour. Mes travaux de thèse ont comporté la constitution du cahier des charges en amont et les applications en aval d'un outil de modélisation des exigences temporelles : Les Réseaux de Petri P-temporels. L'ensemble de mes travaux de recherche a été développé dans le but d'asseoir l'utilisation de cet outil. Un premier axe a été de positionner l'outil par rapport à ceux de l'état de l'art. Une deuxième tâche a été de prouver un certains nombre de propriétés mathématiques dans l'optique de permettre des applications industrielles efficaces. Au delà de la stricte recherche de propriété, l'extension du champ applicatif, vers le domaine du ferroviaire par exemple, a pris une part très importante. Une troisième activité a débouché sur la caractérisation des limites du modèle et la proposition d'extension fonctionnelle ou de rapprochement de l'outil de modélisation vers des modèles existants. Ce modèle concerne donc les Systèmes à Evénements Discrets où l'on rencontre des contraintes de temps de séjour maximum dans un état donné. C'est le cas de la galvanoplastie qui a été le premier support applicatif. Très rapidement, le champ des applications potentielles de l'outil a été élargi par des publications dans les domaines de l'industrie alimentaire. Les travaux se sont par ailleurs concentrés sur la partie commande, en supposant que la séquence des opérations avait déjà été fixée. Ils ont été appuyés par le travail de master de recherche de M.F. Karoui en 2004 (deux conférences ont été publiées dans la suite de son mémoire). Par ailleurs, l'expertise en supervision qui se trouvait au sein de l'équipe Système à Evénement Discret a été valorisée par le stage de master de T. Lecuru sur la supervision des ateliers automobiles en 2003. Ce travail a pris une autre ampleur avec la thèse de Jerbi Nabil sur la commande des ateliers à contraintes de temps soutenue en 2006 (3 publications de revue). Il se poursuit avec la thèse de Annis Mhalla. En 2006, F. Defossez soutient un master dans le domaine ferroviaire sur la gestion des exigences temporelles de sécurité. Ce dernier va s'inscrire en troisième année de thèse et a déjà publié 5 conférences. Ce travail ouvre un champ très important pour l'outil de modélisation que je porte. Par exmple, cela a amné la participation à un projet Européen. Ce projet SELCAT qui s'intéresse au passage à niveau et qui s'est terminé en juin 2008. Il se prolongera dans un projet national ANR accepté qui débutera autour de janvier 2009. En parallèle, un projet spécifique ayant trait aux outils de modélisation sur les chantiers est en cours avec la SNCF. Enfin, la thèse de Hedi Dhouibi a été l'occasion de proposer un nouveau modèle capable de généraliser certaines propriétés des Réseaux de Pétri P-temporels à des systèmes où le paramètre critique est différent du temps. Une validation industrielle sur des données réelles a pu être effectuée (soutenance en 2005). Elle fait l'objet de trois publications de revues internationales (acceptation en 2008)

From a Solution Model to a B Model for Verification of Safety Properties

In the context of safety requirement engineering, model transformation is a task of interest. Indeed, it allows us to keep all the requirements while switching from one point of view to another. The presented work assumes that a valid solution has been found and proposes an approach in order to build a valid implementation. As some fine dynamic properties are integrated into the specification, high-level Petri nets are used to specify and verify the solution. Then, considering an industrial railway context, the transformation of the Petri net model in order to provide an input to a B process is considered. This last consideration leads to a proposition of a systematic direct transformation of the Petri net model into abstract B machines. The approach is illustrated by a theoretical railway example. The limitations of this approach are discussed at the end of the paper and some prospects are detailed