Formal Validation Method and Tools for French Computerized Railway Interlocking Systems
Marc Antoni
International Journal of Railway, vol. 2, no. 3, pp.99-106, 2009
Abstract : Checks and tests before putting safety facilities into service as well as the results of these tests are essential, time consuming
and may show great variations between each other. Economic constraints and the increasing complexity associated
with the development of computerized tools tend to limit the capacity of the classic approval process (manual or
automatic). A reduction of the validation cover rate could result in practice. This is not compatible with the French
national plan to renew the interlocking systems of the national network. The method and the tool presented in this paper
makes it possible to formally validate new computerized systems or evolutions of existing French interlocking systems
with real-time functional interpreted Petri nets. The aim of our project is to provide SNCF with a method for the formal
validation of French interlocking systems. A formal proof method by assertion, which is applicable to industrial automation
equipment such as interlocking systems, and which covers equally the specification and its real software implementation,
is presented in this paper. With the proposed method we completely verify that the system follows all safety
properties at all times and does not show superfluous conditions: it replaces all the indoor checks (not the outdoor
checks). The advantages expected are a significant reduction of testing time and of the related costs, an increase of the
test coverage rate, an answer to the new demand of railway infrastructure maintenance engineering to modify and validate
computerized interlocking systems. Formal methods mastery by infrastructure engineers are surely a key to prove
that more safety is not necessarily more expensive.
Keyword : Interlocking system, Formal validation method |