Engineering for Critical Systems: The Automatic Train Operation over European Train Control System for Freight Trains Use Case

Fulfilling norms is a way to respect all the safety properties embedded in norm specifications. Moreover, it provides interoperability qualities that are particularly relevant in the transport domain. The article proposes a modelling engineering approach using a semi-formal model phase to identify a multilayered decomposition of the system with domain experts. Then a transformation into formal models is used in order to verify and validate the behaviour with technical and safety experts. Propositions are illustrated on a case study from the transport domain: Automatic Train Operation (ATO) over European Train Control System (ETCS), also named AoE, for freight trains. ATO under the supervision of a human driver is sometimes presented as a first step toward autonomous train. This paper provides a system analysis of the available norms dealing with automatic train operation under driver supervision. The work focuses on the collaboration between an automatic software for braking and accelerating in the European normative and technological context, known as AoE. From the study of the available documents, the authors derive an architectural model of this global system containing on board automation and on track automated specific devices. The technical contribution is a proposition of an approach specifying a correct-by-construction software system. This software component respects the industrial norms of automated train. The authors explain how it is relevant to use a norm-based technical architecture, that allow drivers to identify various functioning phases where, depending on the overall context, they can let an automatic system drive the train or not.

Language

  • English

Media Info

Subject/Index Terms

Filing Info

  • Accession Number: 01908267
  • Record Type: Publication
  • Files: TRIS
  • Created Date: Feb 15 2024 1:12PM