the verification and validation activity for a railway
play

The Verification and Validation activity for a railway control - PowerPoint PPT Presentation

Feb 01, 2024 •474 likes •811 views

Ansaldo Segnalamento Ferroviario The Verification and Validation activity for a railway control system Davide Alagna, Alessandro Romei [alagna.davide@asf.ansaldo.it, romei.alessandro@asf.ansaldo.it] RAMS Department Geneva, 19 th September 2008

  1. Ansaldo Segnalamento Ferroviario The Verification and Validation activity for a railway control system Davide Alagna, Alessandro Romei [alagna.davide@asf.ansaldo.it, romei.alessandro@asf.ansaldo.it] RAMS Department Geneva, 19 th September 2008

  2. Ansaldo Segnalamento Ferroviario Summary 1. Ansaldo signalling systems • Overview • Safety Logic • System Data 2. V&V activities • Overview • Code inspection • Independent generation of System Data • Typologies of tests 3. Conclusions • Software Problem Report

  3. Ansaldo Segnalamento Ferroviario 1. Ansaldo signalling systems

  4. Ansaldo Segnalamento Ferroviario 1. Ansaldo signalling systems – Overview Purpose of a signalling system � Safe railway traffic requires a signalling system to • assign and control the route • support the driver’s behaviour • avoid collisions

  5. Ansaldo Segnalamento Ferroviario 1. Ansaldo signalling systems – Overview Architecture of Ansaldo ACC interlocking ART2 ART1 server server Peripheral Posts Field Signaller’s desk devices ACC Central Interlocking Unit

  6. Ansaldo Segnalamento Ferroviario 1. Ansaldo signalling systems – Overview Architecture of Ansaldo Radio Block Centre Interlocking ART2 ART1 server server Train Communication Computer Adjacent Operator’s desk RBCs RBC Central Interlocking Unit

  7. Ansaldo Segnalamento Ferroviario 1. Ansaldo signalling systems – Overview Products and applications � Generic Product: • Hardware and Kernel Software (e.g. ACC, RBC) � Generic Application: • Signalling Safety Logic (e.g. Italy, UK, ERTMS) � Specific Applications: • Systems (e.g. NVC Milano-Bologna, ACC Roma Termini, RBC Torino-Novara)

  8. Ansaldo Segnalamento Ferroviario 1. Ansaldo signalling systems – Overview CIU design guidelines � Same product for different applications � Strict separation between invariant and variant parts of the product • Invariant : Hardware, Kernel Software • Variant : Safety Logic, System Data � Variant parts managed through databases, handled by a common software engine

  9. Ansaldo Segnalamento Ferroviario 1. Ansaldo signalling systems – Overview CIU software architecture Hardware Safety Logic Kernel Software System Data

  10. Ansaldo Segnalamento Ferroviario 1. Ansaldo signalling systems – Overview Safety Logic design � Object-Oriented modelling of Safety Logic starting from safety requirements (principle schemes): • Entities (classes) • Attributes (classes specification) • Linked Entities (relationships among classes) • Entities state (classes members) • Commands (classes methods)

  11. Ansaldo Segnalamento Ferroviario 1. Ansaldo signalling systems – Overview Design example � Requirement: a point machine shall not move if it is engaged by a train. • Entities (classes): Point , Track_circuit • Attributes (classes specification): - • Linked entities (relationships among classes): Dead_track_circuit • Entities state (classes members): Point.position , Track_circuit.state • Commands (classes methods): Point.move()

  12. Ansaldo Segnalamento Ferroviario 1. Ansaldo signalling systems – Overview Safety Logic implementation � Safety Logic developed in a high-level proprietary language • Conditional statements • Assignments • Exceptions • No pointers • No dynamic memory allocation • Restricted use of error-prone statements � Safety Logic compiled in a symbolic language ready to be interpreted by the Logic Handler Process • Reflects the strict separation between invariant and variant parts of the product • All objects and their relationships are statically instantiated, therefore they can be analyzed offline

  13. Ansaldo Segnalamento Ferroviario 1. Ansaldo signalling systems – Overview From Safety Logic to System Data � Requirements, design and implementation of Safety Logic are abstract (generic application) � Systems are configured (specific applications) � Databases to be instantiated for: • entities • attributes • linked entities

  14. Ansaldo Segnalamento Ferroviario 1. Ansaldo signalling systems – Overview Configuration example � Entities: PT.01, PT.03, … TC.110, TC.111, … � Attributes: PT.01 is Oleodynamic, PT.07 is Electromechanic � Linked entities: PT.01 → TC.161 , …

  15. Ansaldo Segnalamento Ferroviario 2. V&V activities

  16. Ansaldo Segnalamento Ferroviario 2. V&V activities – Overview V&V activities � Generic Product: • Hardware testing • Kernel Software testing � Generic and Specific Application: • Code inspection of Safety Logic code • Coverage analysis • Independent generation of System Data • Automatic and manual testing in simulated environment • Field testing on target system

  17. Ansaldo Segnalamento Ferroviario 2. V&V activities – Code inspection Code inspection � Automatic analysis provides: • Context diagrams • Used vs not used variables • Used vs not used attributes and linked entities � Manual analysis focuses on: • UML modelling of safety logic code • Check lists for good programming style • Functional analysis, search for critical complex scenarios � Tools under development for: • Automatic UML modelling of safety logic code through its translation in C++ or Java, thus allowing off-the-shelf environments to be positively used

  18. Ansaldo Segnalamento Ferroviario 2. V&V activities – Code inspection Coverage analysis � Performed after the completion of automatic and manual test sets � Focuses on either Code or Data � Automatic analysis provides: • Coverage statistics • Reports and databases � Manual analysis focuses on: • Non covered branches, attributes and linked entities • Feedback to test specifications

  19. Ansaldo Segnalamento Ferroviario 2. V&V activities – Code inspection Tools for Coverage analysis Safety Logic Entities Commands Statistics code

  20. Ansaldo Segnalamento Ferroviario 2. V&V activities – Independent generation of System Data Independent generation of System Data � Aims at verifying the correctness and completeness of System Data • Independent generation of: • entities • attributes • linked entities according to the design model of Safety Logic • Comparison with System Data produced by the Development Team • Evaluation of differences

  21. Ansaldo Segnalamento Ferroviario 2. V&V activities – Independent generation of System Data Independent generation of System Data Scheme Scheme Design model of Safety Logic SP CT Configuration System Data Ansaldo Proprietary Rules Query Processor (Development) = Configuration System Data Query Processor Off-the-shelf Rules (V&V) (Microsoft Access)

  22. Ansaldo Segnalamento Ferroviario 2. V&V activities – Typologies of tests Typologies of tests � Functional tests : all functional requirements are correctly implemented by Safety Logic code • Scope: generic application � Configuration tests : all System Data required by the Safety Logic are correctly configured, and no spurious data are present • Scope: specific application � Stress tests : critical functions of the system are stressed introducing a set of random inputs • Scope: both generic and specific application (in particular RBC)

  23. Ansaldo Segnalamento Ferroviario 2. V&V activities – Typologies of tests Functional tests � A Test Case is specified for each Safety Logic requirement, according to a black-box approach � Abstract Test Scripts are implemented Level of abstraction ≡ classes of equivalence • � Test Scripts are executed in a fully or partially simulated environment � Both positive and negative results are analysed, leading to Code Coverage Analysis

  24. Ansaldo Segnalamento Ferroviario 2. V&V activities – Typologies of tests Configuration tests � A Test Case can be defined: • for each attribute and for each linked entity, according to a white-box approach based on the Safety Logic design model • for each relationship among data, according to a black- box approach based on System Data requirements � Abstract Test Scripts are implemented Level of abstraction ≡ entity • � Test Scripts are executed in a fully or partially simulated environment � Both positive and negative results are analysed, leading to Data Coverage Analysis

  25. Ansaldo Segnalamento Ferroviario 2. V&V activities – Typologies of tests Stress tests � Identification of a set of critical functions with references both to safety and complexity issues � System stressed with a set of random inputs � System behaviour analysed searching for: • compliance with pre-defined properties of state variables • unforeseen evolutions of state variables based on Chronological Events Recording (RCE) � Suitable for reactive systems such as RBC

  26. Ansaldo Segnalamento Ferroviario 2. V&V activities – Typologies of tests Testing approach and development � The white-box approach requires a detailed knowledge of the Safety Logic • Applied to Italian ACC interlocking � The black-box approach is independent from the system implementation • Applied to projects developed incrementally, such as UK ACC interlocking and RBC � Tools under development for: • Specifying black-box test cases with UML class and sequence diagrams • Automatic generations of test scripts from UML model

Recommend

Verification and Validation Steven Zeil February 13, 2013 Verification and Validation

Verification and Validation Steven Zeil February 13, 2013 Verification and Validation

Verification and Validation Verification and Validation Steven Zeil February 13, 2013 Verification and Validation Outline The Process 1 Non-Testing V&V 2 Code Review Mathematically-based verification Static analysis tools

790 views • 55 slides
Verification & Validation Verification is getting the system right : Verification and

Verification & Validation Verification is getting the system right : Verification and

Verification & Validation Verification is getting the system right : Verification and Validation Does the program you built do what you designed it to do? Dr. James A. Bednar Validation is getting the right system : jbednar@inf.ed.ac.uk

331 views • 8 slides
Advances in Railway Control Systems Architectures and Related Challenges for Verification and

Advances in Railway Control Systems Architectures and Related Challenges for Verification and

BCTCS 2020 AlgUK Session on Railway Verifikation 2020-04-06 Advances in Railway Control Systems Architectures and Related Challenges for Verification and Validation Jan Peleska University of Bremen and Verified Systems International GmbH

540 views • 33 slides
Verification and Validation of a Verification and Validation of a Fault- -Tolerant Architectural

Verification and Validation of a Verification and Validation of a Fault- -Tolerant Architectural

Verification and Validation of a Verification and Validation of a Fault- -Tolerant Architectural Abstraction Tolerant Architectural Abstraction Fault Patrick H. S. Brito - Unicamp, Brazil Rogrio de Lemos - University of Kent, UK Eliane

381 views • 21 slides
Verification Verification and and Validation Validation 1 /41 1 /41 C2 C2 Overview

Verification Verification and and Validation Validation 1 /41 1 /41 C2 C2 Overview

C2 C2 Verification Verification and and Validation Validation 1 /41 1 /41 C2 C2 Overview Overview It is very simple to create a simulation ! It is very difficult difficult to model something to model something accurately .

736 views • 41 slides
Verification and Validation for Safety in Robots Kerstin Eder Design Automation and Verification

Verification and Validation for Safety in Robots Kerstin Eder Design Automation and Verification

Verification and Validation for Safety in Robots Kerstin Eder Design Automation and Verification Trustworthy Systems Laboratory Verification and Validation for Safety in Robots, Bristol Robotics Laboratory Verification and Validation for Safety

1.29k views • 72 slides
Validation and Verification Using Spatial Logic Framework for Building Layouts By Abhinav

Validation and Verification Using Spatial Logic Framework for Building Layouts By Abhinav

Validation and Verification Using Spatial Logic Framework for Building Layouts By Abhinav Fatehpuria Vineet Gupta 12/ 6/ 2005 ENPM 643 System Validation & Verification 1 Agenda Background Project Description Floor Plan

340 views • 32 slides
INDEPENDENT VERIFICATION AND VALIDATION OBJECTIVES To Define Independent Verification &

INDEPENDENT VERIFICATION AND VALIDATION OBJECTIVES To Define Independent Verification &

INDEPENDENT VERIFICATION AND VALIDATION OBJECTIVES To Define Independent Verification & Validation (IV&V) and its Benefits To Understand the Federal Requirements for IV&V To Provide the Federal Perspective on IV&V

489 views • 38 slides
Geant4 Physics Validation and Geant4 Physics Validation and Verification Verification Ions

Geant4 Physics Validation and Geant4 Physics Validation and Verification Verification Ions

Geant4 Physics Validation and Geant4 Physics Validation and Verification Verification Ions Ions Koi, Tatsumi SLAC/SCCS Koi, Tatsumi SLAC/SCCS Neutron & Ion Models High Precision neutron down to thermal energy Inventory Elastic

416 views • 31 slides
The purpose of the Presentation is to introduce the Verification Validation Reporting

The purpose of the Presentation is to introduce the Verification Validation Reporting

The purpose of the Presentation is to introduce the Verification Validation Reporting and Tracking System (VVRTS) with a sample video demonstration. 1.1 System Overview The purpose of the Verification and Validation Reporting and

78 views • 3 slides
INDEPENDENT INTEGRATED VERIFICATION AND VALIDATION (I 2 V 2 ) INDEPENDENT VERIFICATION and

INDEPENDENT INTEGRATED VERIFICATION AND VALIDATION (I 2 V 2 ) INDEPENDENT VERIFICATION and

INDEPENDENT INTEGRATED VERIFICATION AND VALIDATION (I 2 V 2 ) INDEPENDENT VERIFICATION and VALIDATION (IV&V) System System Validation Requirements Test Verification Software Software Validation Test Requirements Verification

443 views • 25 slides
Tuesday 9 th April 2013 Process Validation-Enhanced Approach Continuous Process Verification

Tuesday 9 th April 2013 Process Validation-Enhanced Approach Continuous Process Verification

EMA Expert Workshop on Validation of Manufacturing for Biological Medicinal Products Tuesday 9 th April 2013 Process Validation-Enhanced Approach Continuous Process Verification Brendan Hughes Agenda Definition and purpose of validation

730 views • 18 slides
SOFTWARE VERIFICATION AND VALIDATION BY: MITCHELL LANE TOPICS T erms and Methods

SOFTWARE VERIFICATION AND VALIDATION BY: MITCHELL LANE TOPICS T erms and Methods

SOFTWARE VERIFICATION AND VALIDATION BY: MITCHELL LANE TOPICS T erms and Methods Historic Failures Licenses and certifjcation Warranties Ethical Evaluations Software Validation- Does the model accurately represent the

442 views • 17 slides
Closing the Validation Gap or Verifying Railway Interlockings in Agda Anton Setzer Swansea

Closing the Validation Gap or Verifying Railway Interlockings in Agda Anton Setzer Swansea

Closing the Validation Gap or Verifying Railway Interlockings in Agda Anton Setzer Swansea University, Swansea UK Shonan Meeting Logical Analysis of Descriptions and their Representations Shonan Village Center, Japan 26 January 2015 Anton

599 views • 38 slides
Chapter 10 Verification and Validation of Simulation Models Banks, Carson, Nelson & Nicol

Chapter 10 Verification and Validation of Simulation Models Banks, Carson, Nelson & Nicol

Chapter 10 Verification and Validation of Simulation Models Banks, Carson, Nelson & Nicol Discrete-Event System Simulation Purpose & Overview The goal of the validation process is: To produce a model that represents true

518 views • 28 slides
Verification and validation of Geant4 Bertini cascade Aatos Heikkinen, Pekka Kaitaniemi Helsinki

Verification and validation of Geant4 Bertini cascade Aatos Heikkinen, Pekka Kaitaniemi Helsinki

Verification and validation of Geant4 Bertini cascade Aatos Heikkinen, Pekka Kaitaniemi Helsinki Institute of Physics P.O.B. 64, FIN-00014 University of Helsinki, FINLAND email: aatos.heikkinen@cern.ch A. Heikkinen: Verification and validation

285 views • 9 slides
INDEPENDENT VERIFICATION AND CODING VALIDATION (IV & V) FOR APR-DRG Effective September 1,

INDEPENDENT VERIFICATION AND CODING VALIDATION (IV & V) FOR APR-DRG Effective September 1,

INDEPENDENT VERIFICATION AND CODING VALIDATION (IV & V) FOR APR-DRG Effective September 1, 2014 Who are we? eQHealth has a 16 year partnership with Mississippi Division of Medicaid (DOM) as the Utilization Management and Quality

575 views • 35 slides
SAT-based verification (BMC, temporal induction) Mary Sheeran, Chalmers SAT-based verification

SAT-based verification (BMC, temporal induction) Mary Sheeran, Chalmers SAT-based verification

SAT-based verification (BMC, temporal induction) Mary Sheeran, Chalmers SAT-based verification now hot Used here in Sweden since 1989 mostly in safety critical applications (railway control program verification) Bounded Model Checking a

468 views • 25 slides
Verification and Validation Ian Sommerville, SW Engineering, 7th/8th edition Ch 22 Why Test? 2

Verification and Validation Ian Sommerville, SW Engineering, 7th/8th edition Ch 22 Why Test? 2

Verification and Validation Ian Sommerville, SW Engineering, 7th/8th edition Ch 22 Why Test? 2 Why Test? 3 Software is Buggy! On average, 1-5 errors per 1KLOC Windows 2000 35M LOC 63,000 known bugs at the time of release

823 views • 49 slides
Pathfinder Verification and Validation www.thunderheadeng.com Quality Assurance Process

Pathfinder Verification and Validation www.thunderheadeng.com Quality Assurance Process

Pathfinder Verification and Validation www.thunderheadeng.com Quality Assurance Process Source Code Control Continuous Integration Entire system rebuilt after every change Automated Testing Tests run automatically after every

867 views • 43 slides
concepts and cri riteria towards a 0-deaths strategy Validation and verification process Phd.

concepts and cri riteria towards a 0-deaths strategy Validation and verification process Phd.

Road safety through FEM sim imulations: concepts and cri riteria towards a 0-deaths strategy Validation and verification process Phd. Eng. Monica Meocci September, 16 - 2019 The FEM Methods The Finite Element Method (FEM) is now regularly

505 views • 46 slides
for railway tracks maintenance Railway track maintanance Railway track maintenance - one of the

for railway tracks maintenance Railway track maintanance Railway track maintenance - one of the

Digital innovation for railway tracks maintenance Railway track maintanance Railway track maintenance - one of the most important types of track work carried out continuously throughout the year in order to prevent railway track

347 views • 13 slides
From robot swarms to ethical robots: the challenges of verification and validation - part 1

From robot swarms to ethical robots: the challenges of verification and validation - part 1

From robot swarms to ethical robots: the challenges of verification and validation - part 1 Swarm Engineering Alan FT Winfield RoboCheck Winter School, Bristol Robotics Laboratories University of York http://www.brl.ac.uk 1 Dec 2015 This

578 views • 43 slides
Mark Validation System API & Alternative Rights Verification Not Another Mark Service

Mark Validation System API & Alternative Rights Verification Not Another Mark Service

Mark Validation System API & Alternative Rights Verification Not Another Mark Service Fills a localised niche market Supplementary to TMCH Intended to cover the local industry Companies Unregistered Marks MVS API

473 views • 10 slides

More recommend