Formalizing a subset of ERTMS/ETCS specifications for verification purposes |
| |
Affiliation: | 1. Data Science Laboratory, Rey Juan Carlos University c/ Tulipán, s/n, Móstoles 28933, Spain;2. Research Group on Agent-based, Social & Interdisciplinary Applications, Complutense University of Madrid c/ Profesor Jos Garca Santesmases 9, Madrid 28040, Spain;1. IRIT, University of Toulouse, 118 Route de Narbonne, 31062 Toulouse Cedex 9, France;2. IKERLAN-IK4 Research Centre, Mondragon, Spain |
| |
Abstract: | ERTMS is the standard railway control-command and signaling system which aims to ensure railway interoperability throughout Europe while enhancing safety and competitiveness. ERTMS is composed of two main subsystems which include GSM-R, a radio system for enabling communication between the train and the traffic management center and ETCS, an automatic train protection system (ATP) to replace the existing national ATP systems. The ERTMS specifications are defined by means of standard documents which set out the requirements ensuring interoperability. These documents evolve regularly to give rise to successive versions. The ERTMS/ETCS standard defines different levels and operation modes according to various trackside and onboard setups and some operational conditions. Given the complexity and the high criticality of railway operation, verification and validation (V&V) are crucial tasks in railway application development.In this paper, after setting the background and the motivations, a mechanizable formalization of a subset of ERTMS/ETCS specifications relative to ETCS modes and transitions is developed. The present work aims to offer a readily available model for formal V&V. Using formal techniques to check SRS is highly recommended to tackle the complexity of the defined requirements and prevent specification errors. Model-checking technique, which is targeted here, offers exhaustive analysis of the system behavior based on its model and is highly automated, since it is supported by software tools. Based on the last available version of SRS specifications, a progressive process is undertaken to get a formal model which makes explicit the various modes characterized by their respective active functions, as well as the numerous combinations of conditions for switching between modes. The various steps guiding the translation of the SRS literal specifications into a formal model are explained. As will be shown through different examples, the obtained model is a convenient basis to check safety, interoperability and liveness properties. |
| |
Keywords: | ERTMS/ETCS Railway interoperability Railway safety Specification Formalization Verification and validation Model-checking |
本文献已被 ScienceDirect 等数据库收录! |
|