What is the Point: Formal Analysis and Test Generation for a Railway Standard

Bouwman, Mark; Wal, Djurre van der; Luttik, Bas; Stoelinga, Mariëlle; Rensink, Arend

doi:10.3850/978-981-14-8593-0_4410-cd

Cited by 4 publications

(5 citation statements)

References 18 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Many other formal notations have been the target of translations from SysML design. Another work very similar to our from the point of view of the goal is the one described by Bouwman et al [5]. Also in that case the goal was aimed at the analysis of a signaling standard under development rather than the verification of a specific system.…”

Section: Related Workmentioning

confidence: 83%

“…Moreover, it would have tied the whole analysis approach to a specific commercial tool, a fact which was not considered desirable. Therefore our initial SysML models have the structure of simple graphical designs; their role is just that one of constituting an intermediate, easy-to-understand documentation halfway between the natural language requirements and the formal models 5 . Starting from the UMC notation, further formal models have been automatically generated in the notations accepted by the ProB 6 and CADP/LNT 7 tools.…”

Section: From Executable Uml Specifications To Verifiable Scenariosmentioning

confidence: 99%

See 1 more Smart Citation

Formal Modeling and Initial Analysis of the 4SECURail Case Study

Mazzanti

Belli

2022

Electron. Proc. Theor. Comput. Sci.

View full text Add to dashboard Cite

We present the case study developed in the context of the 4SECURail project and the approach used for its formal modeling and analysis. Starting from a simple SysML/UML behavioral model of the system requirements, three formal models have been developed using three different frameworks, namely UMC, ProB, and CADP/LNT. The paper shows how the different ways to represent and analyze the system from the three different points of view allow us to take advantage of the resulting diversity.SubLayer (SAI) of the SUBSET-098. These two components are the main actors that support the creation/deletion of safe communication lines and protect the transmission of messages exchanged on such lines. In particular, the CSL is responsible for requesting the activation -and in case of failure, the re-establishment -of the communication line, for continuously controlling its liveliness, and for the forwarding of the handover transaction messages. The SAI is responsible for ensuring the absence of excessive delays, repetitions, losses, or re-ordering of messages during their transmissions. This is achieved by adding sequence numbers and time-related information to the RBC messages. The RBC/RBC communication line consists of two sides that are properly configured as "initiator" and "called". With respect to ETCS/ERTMS Class 1 System Requirements Specification FIS for RBC/RBC Handover RBC-RBC Safe Communication Interface EuroRadio FIS

show abstract

Section: Related Workmentioning

confidence: 83%

Section: From Executable Uml Specifications To Verifiable Scenariosmentioning

confidence: 99%

Formal Modeling and Initial Analysis of the 4SECURail Case Study

Mazzanti

Belli

2022

Electron. Proc. Theor. Comput. Sci.

View full text Add to dashboard Cite

show abstract

“…We reckon that significant optimization can be done to reduce the state space. One such optimization possibility was discovered in a case study of the EULYNX Point interface [4]. In our model all updates to variables are stored in the vars parameter of the StateMachine process.…”

Section: Discussionmentioning

confidence: 99%

“…In a first case study, we have demonstrated the viability of this idea. We took the EULYNX SysML model of the Point interface, associated an mCRL2 model with it, used the mCRL2 model checker to analyse its correctness and used the model-based test tool JTorX [2] to check conformance of a SysML simulator of Point [4]. The EULYNX standard is under development, and it is likely that also in the future it will be subject to changes.…”

Section: Introductionmentioning

confidence: 99%

A Formalisation of SysML State Machines in mCRL2

Bouwman

Luttik

Wal

2021

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

This paper reports on a formalisation of the semi-formal modelling language SysML in the formal language mCRL2, in order to unlock formal verification and model-based testing using the mCRL2 toolset for SysML models. The formalisation focuses on a fragment of SysML used in the railway standardisation project EULYNX. It comprises the semantics of state machines, communication between objects via ports, and an action language called ASAL. It turns out that the generic execution model of SysML state machines can be elegantly specified using the rich data and process languages of mCRL2. This is a big step towards an automated translation as the generic model can be configured with a formal description of a specific set of state machines in a straightforward manner.

show abstract

“…Several other studies (e.g., [39]) instead describe the translation of UML/SysML models in mCRL2. Still, the approach which is the most similar to ours is the one by Bouwman et al [40], which has the same goal of enriching EULYNX interfaces with formal models, that in this case, are encoded in mCRL2.…”

Section: Related Workmentioning

confidence: 99%

The 4SECURail Formal Methods Demonstrator

Mazzanti

Belli

2022

Reliability, Safety, and Security of Railway Systems. Modelling, Analysis, Verification, and Certification

View full text Add to dashboard Cite

The need for high-quality standard interfaces is widely recognized as a mandatory step to reduce procurement costs and create safely operating complex railway infrastructures. That is why European initiatives like EULYNX have been set up precisely with the purpose of supporting standard interfaces development. The exploitation of formal methods during the phase of standardization plays an essential role in raising the quality of the generated specifications. 4SECURail is a recent project that aims to precisely show, with a structured evaluation (known as the formal methods demonstrator), how formal methods might help to improve the quality of a specific signalling interface selected as case study. This paper describes the experience gained with the experiment.

show abstract

What is the Point: Formal Analysis and Test Generation for a Railway Standard

Cited by 4 publications

References 18 publications

Formal Modeling and Initial Analysis of the 4SECURail Case Study

Formal Modeling and Initial Analysis of the 4SECURail Case Study

A Formalisation of SysML State Machines in mCRL2

The 4SECURail Formal Methods Demonstrator

Contact Info

Product

Resources

About