The metrô rio ATP case study

Authors:
Alessio Ferrari;Daniele Grasso;Gianluca Magnani;Alessandro Fantechi;Matteo Tempestini
Affiliations:
General Electric Transportation Systems, Firenze, Italy;Università di Firenze, DSI, Firenze, Italy;Università di Firenze, DSI, Firenze, Italy;Università di Firenze, DSI, Firenze, Italy;General Electric Transportation Systems, Firenze, Italy
Venue:
FMICS'10 Proceedings of the 15th international conference on Formal methods for industrial critical systems
Year:
2010

Citing 11
Cited 6

Statecharts: A visual formalism for complex systems

Science of Computer Programming
SACEM software validation

ICSE '90 Proceedings of the 12th international conference on Software engineering
Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints

POPL '77 Proceedings of the 4th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
Simulation of hyibrd systems using stateflow

Proceedings of the 14th European Simulation Multiconference on Simulation and Modelling: Enablers for a Better Quality of Life
Defining and translating a "safe" subset of simulink/stateflow into lustre

Proceedings of the 4th ACM international conference on Embedded software
A denotational semantics for stateflow

Proceedings of the 5th ACM international conference on Embedded software
Automated Property Verification for Large Scale B Models

FM '09 Proceedings of the 2nd World Congress on Formal Methods
Testing-based translation validation of generated code in the context of IEC 61508

Formal Methods in System Design
Model Based Testing and Abstract Interpretation in the Railway Signaling Context

ICST '10 Proceedings of the 2010 Third International Conference on Software Testing, Verification and Validation
A story about formal methods adoption by a railway signaling manufacturer

FM'06 Proceedings of the 14th international conference on Formal Methods
An industrial application of formal model based development: the Metrô Rio ATP case

Proceedings of the 2nd International Workshop on Software Engineering for Resilient Systems

Experiences with formal engineering: model-based specification, implementation and testing of a software bus at neopost

FMICS'11 Proceedings of the 16th international conference on Formal methods for industrial critical systems
On the adoption of model checking in safety-related software industry

SAFECOMP'11 Proceedings of the 30th international conference on Computer safety, reliability, and security
Lessons learnt from the adoption of formal model-based development

NFM'12 Proceedings of the 4th international conference on NASA Formal Methods
Adoption of Model-Based Testing and Abstract Interpretation by a Railway Signalling Manufacturer

International Journal of Embedded and Real-Time Communication Systems
The Metrô Rio case study

Science of Computer Programming
Experiences with formal engineering: Model-based specification, implementation and testing of a software bus at Neopost

Science of Computer Programming

Quantified Score

Hi-index	0.00

Visualization

Abstract

This paper reports on the Simulink/Stateflow based development of the on-board equipment of the Metrô Rio Automatic Train Protection system. Particular focus is given to the strategies followed to address formal weaknesses and certification issues of the adopted tool-suite. On the development side, constraints on the Simulink/Stateflow semantics have been introduced and design practices have been adopted to gradually achieve a formal model of the system. On the verification side, a two-phase approach based on model based testing and abstract interpretation has been followed to enforce functional correctness and runtime error freedom. Quantitative results are presented to assess the overall strategy: the effort required by the design activities is balanced by the effectiveness of the verification tasks enabled by model based development and automatic code generation.