Model-Based Generation of Interlocking Controller Software from Control Tables

Railroad interlocking software drives specialised micro-devices, known as interlocking controllers. These controllers primarily actuate railroad points and change signal aspects in real-time, based on sensor and timer input. Due to their central function in railroad control, interlocking controllers and their firmware are safety-critical. The firmware programs, which mimic physical relays, are written in variants of domain-specific programming languages based on ladder logic. The programs have to comply with a more abstract specification of allowable states of sections of railroad track and equipment, known as a control table. The translation of a track layout and associated control tables into ladder logic-based code is manual, and hence subject to costly review and rework cycles. In this report, we describe a case study that uses a model-driven tool-chain as an automated alternative to the existing process. The two domain languages, control table and ladder logic, were modelled and transformations were implemented between the two models, and from model to program text. We report on implementation challenges, and describe the outlook and scalability of the approach in this application domain.

[1]  Neil J. Robinson,et al.  Modelling Large Railway Interlockings and Model Checking Small Ones , 2003, ACSC.

[2]  Yuen Man Hon,et al.  Simulation and Verification of UML-based Railway Interlocking Designs , 2006 .

[3]  Paul A. Strooper,et al.  An Automated Approach for the Interpretation of Counter-Examples , 2007, Electron. Notes Theor. Comput. Sci..

[4]  C. Bayley Modelling interlocking systems with UML , 2004 .

[5]  Frank Weil,et al.  Model-Driven engineering in a large industrial context — motorola case study , 2005, MoDELS'05.

[6]  David Clark,et al.  Safety and Security Analysis of Object-Oriented Models , 2002, SAFECOMP.

[7]  thierry lecomte,et al.  Formal Methods in Safety-Critical Railway Systems , 2007 .

[8]  Arne Borälv Case Study: Formal Verification of a Computerized Railway Interlocking , 1998, Formal Aspects of Computing.

[9]  Jakob Lyng Petersen,et al.  Automatic verification of railway interlocking systems: a case study , 1998, FMSP '98.

[10]  István Majzik,et al.  Development of Model Based Tools to Support the Design of Railway Control Applications , 2007, SAFECOMP.

[11]  Jean-Michel Bruel,et al.  Satellite Events at the MoDELS 2005 Conference , 2006 .

[12]  Jim Steel,et al.  Practical Declarative Model Transformation with Tefkat , 2005, MoDELS Satellite Events.

[13]  Fausto Giunchiglia,et al.  Verification of a safety-critical railway interlocking system with real-time constraints , 2000, Sci. Comput. Program..

[14]  Martin Große-Rhode Integration of Software Specification Techniques for Applications in Engineering , 2004, Lecture Notes in Computer Science.

[15]  Ales Janota,et al.  The Use of UML for Development of a Railway Interlocking System , 2004, SoftSpez Final Report.