The development of safety critical systems such as railway interlocking systems demands the application of formal methods in order to verify the operativeness and the safety of the system. In this contribution we outline our approach of developing a UML-based Railway Interlocking System. The feasibility of the basic functionality is demonstrated by simulation. In order to verify the system under development, we apply model checking for the verification of specifications that belong to a single object. We tackle the state space explosion problem in those cases in which a number of objects is related to a checking condition by the application of multi-object checking. As multi-object checking is only limited by the state space of the largest object (a point in our case), multi-object checking will be applied successfully to verify the system (e.g ensure the absence of conflicting routes). First results of a case study promise the near future of fully automatic verification of complete station layouts and all desired routes.
[1]
Hans-Dieter Ehrich,et al.
Checking Object System Designs Incrementally
,
2003,
J. Univers. Comput. Sci..
[2]
Rik Eshuis,et al.
Requirements Level Semantics for UML Statecharts
,
2000,
FMOODS.
[3]
Hans-Dieter Ehrich,et al.
Specifying communication in distributed information systems
,
2000,
Acta Informatica.
[4]
Wan Fokkink,et al.
EURIS, a Specification Method for Distributed Interlockings
,
1998,
SAFECOMP.
[5]
David Harel,et al.
Executable object modeling with statecharts
,
1996,
Proceedings of IEEE 18th International Conference on Software Engineering.
[6]
Clifford F Bonnett.
Practical Railway Engineering
,
2005
.
[7]
Jörn Pachl,et al.
Railway Operation and Control
,
2002
.