Dynamic state machines for modelling railway control systems

被引:13
作者
Benerecetti, M. [1 ]
De Guglielmo, R. [3 ]
Gentile, U. [1 ]
Marrone, S. [2 ]
Mazzocca, N. [1 ]
Nardone, R. [1 ]
Peron, A. [1 ]
Velardi, L. [3 ]
Vittorini, V. [1 ]
机构
[1] Univ Naples Federico II, Dept Elect Engn & Informat Technol, Naples, Italy
[2] Univ Naples 2, Dept Math & Phys, Naples, Italy
[3] Ansaldo STS, Naples, Italy
来源
SCIENCE OF COMPUTER PROGRAMMING | 2017年 / 133卷
关键词
Dynamic Slate machines; Promela model; ERTMS/ETCS; Control system; Verification and validation; STATECHARTS;
D O I
10.1016/j.scico.2016.09.002
中图分类号
TP31 [计算机软件];
学科分类号
081202 ; 0835 ;
摘要
Verification and Validation of railway controllers is the most critical and time-consuming phase in a system development life-cycle. It is regulated by international standards, which explicitly recommend the usage of state machines to model the specification of the system under test. Despite the great deal of works addressing the usage of state machines and their extensions, model-based verification and validation processes still lack concise and expressive-enough notations able to easily capture peculiar features of the specific domain of multi-process control systems, on which proper tool chains can be implemented in order to realize effective and automated environments. This paper introduces a novel class of hierarchical state machines, called Dynamic STate Machines (DSTMs), and proposes an approach for modelling and validating railway control systems, based on the new specification language. Key features of DSTM are recursive execution, parallelism, parameter passing, abortion transition, and communication through global variables and channels, but its main peculiarity resides in the semantics of fork and join operators which allows for dynamic instantiation of machines (processes). The formal semantics of DSTM allows for the definition of verification and validation methodologies supported by automated tools. The paper also describes how DSTM specifications may be mapped to Promela models in order to achieve automated generation of test cases by model checking and Spin. The work presented in this paper was carried out in the context of an European project and is strongly driven by the industrial necessity of tackling issues concerning the automation of functional system-level testing of modern railway signalling systems. Hence, the language and the proposed approach are illustrated and motivated by applying them to a specific functionality of the Radio Block Centre, the vital core of the ERTMS/ETCS Control System. (C) 2016 Elsevier B.V. All rights reserved.
引用
收藏
页码:116 / 153
页数:38
相关论文
共 38 条
[11]   Enabling the usage of UML in the verification of railway systems: The DAM-rail approach [J].
Bernardi, S. ;
Flammini, F. ;
Marrone, S. ;
Mazzocca, N. ;
Merseguer, J. ;
Nardone, R. ;
Vittorini, V. .
RELIABILITY ENGINEERING & SYSTEM SAFETY, 2013, 120 :112-126
[12]  
Bjerner D., 2003, P 4 S FORM METH RAIL
[13]  
Braunstein C, 2014, LECT NOTES COMPUT SC, V8829, P380, DOI 10.1007/978-3-319-11737-9_25
[14]  
CENELEC, 2011, EN50128 CENELEC
[15]  
CENELEC, 2003, EN50129 CENELEC
[16]  
Cimatti A., 2000, INT J SOFTW TOOLS TE
[17]  
Gentile Ugo, 2014, Formal Methods for Industrial Critical Systems. 19th International Conference, FMICS 2014. Proceedings: LNCS 8718, P170, DOI 10.1007/978-3-319-10702-8_12
[18]  
Glinz M., P ICSE 2002 INT WORK
[19]   An operational semantics for Stateflow [J].
Grégoire Hamon ;
John Rushby .
International Journal on Software Tools for Technology Transfer, 2007, 9 (5-6) :447-456
[20]  
Harel D., 1996, ACM Transactions on Software Engineering and Methodology, V5, P293, DOI 10.1145/235321.235322
1234