ABZ'18

ABZ 2018 (Southampton, UK)

6th International Conference on ASM, Alloy, B, TLA, VDM, and Z

The Hybrid ERTMS/ETCS Level 3 Case Study

Abstract This document presents a description of the European Rail Traffic Management System (ERTMS) case study. ERTMS is a system of standards for management and interoperation of signalling for railways by the European Union (EU).

An Event-B Model of the Hybrid ERTMS/ETCS Level 3 Standard

Abstract This paper presents an Event-B model of the ABZ2018 case study on the European Rail Traffic Management System (ERTMS) standard. The case study focusses on the management of fixed virtual sub-sections (VSS).

Diagram-Led Formal Modelling Using iUML-B for Hybrid ERTMS Level 3

Abstract We demonstrate diagrammatic Event-B formal modelling of a hybrid, ‘fixed virtual block’ approach to train movement control for the emerging European Rail Traffic Management System (ERTMS) level 3. We perform a refinement-based formal development and verification of the no-collision safety requirement.

Modeling the Hybrid ERTMS/ETCS Level 3 Standard Using a Formal Requirements Engineering Approach

Abstract This paper presents a specification of the hybrid ERTMS/ETCS level 3 standard in the framework of the case study proposed for the 6th edition of the ABZ conference. The specification is based on the method and tools, developed in the ANR FORMOSE project, for the modeling and formal verification of critical and complex system requirements.

Modelling the Hybrid ERTMS/ETCS Level 3 Case Study in Spin

Abstract The Spin model checker has been successfully applied to the modelling, validation, and verification of different safety-critical systems. In this paper, we model and validate the Hybrid ERTMS/ETCS Level 3 Case Study using Spin; in particular, we show the assumptions we made to keep the state space limited, and present the problems and ambiguities that arose during the modelling.

The ABZ-2018 Case Study with Event-B

Abstract Usually, case studies dealing with train systems concentrate on the safety of trains circulating on tracks equipped with points and crossings and protected by means of traffic lights and speed limit sign postings as in [1, 2, 3].

Using a Formal B Model at Runtime in a Demonstration of the ETCS Hybrid Level 3 Concept with Real Trains

Abstract In this article, we present a concrete realisation of the ETCS Hybrid Level 3 concept, whose practical viability was evaluated in a field demonstration in 2017. Hybrid Level 3 (HL3) introduces Virtual SubSections (VSS) as sub-divisions of classical track sections with Trackside Train Detection (TTD).

Validating the Hybrid ERTMS/ETCS Level 3 Concept with Electrum

Abstract This paper reports on the development of a formal model for the Hybrid ERTMS/ETCS Level 3 concept in Electrum, a lightweight formal specification language that extends Alloy with mutable relations and temporal logic operators.

A Translation from Alloy to B

Abstract In this paper, we introduce a translation of the specification language Alloy to classical B. Our translation closely follows the Alloy grammar, each construct is translated into a semantically equivalent component of the B language.

Abstract State Machines with Exact Real Arithmetic

Abstract Type-2 Theory of Effectivity is a well established theory of computability on infinite strings, which in this paper is exploited to define a data type ( Real ) as part of the background structure of Abstract State Machines.

ABZ Languages and Tools in Industrial-Scale Application

Abstract We give an early view of an ongoing evaluation of ABZ-style languages and their accompanying tools. The target is specifications of safety- and security-critical (software-rich) systems. Our perspective is that of long-term users of formal methods in all parts of the development life cycle.

An Automation-Friendly Set Theory for the B Method

Abstract We propose an automation-friendly set theory for the B method. This theory is expressed using first order logic extended to polymorphic types and rewriting. Rewriting is introduced along the lines of deduction modulo theory, where axioms are turned into rewrite rules over both propositions and terms.

AsmetaA: Animator for Abstract State Machines

Abstract In this paper, we present AsmetaA – a graphical animator for Abstract State Machines integrated within the ASMETA framework. The execution of formal specifications through animation provides several advantages, e.

Capturing Membrane Computing by ASMs

Abstract Natural computing is a field of research that tries to imitate the ways of “computing” in nature. Membrane computing is a branch of natural computing that exploits hierarchically nested membrane structures that are associated with multisets of objects.

CASM-IR: Uniform ASM-Based Intermediate Representation for Model Specification, Execution, and Transformation

Abstract The Abstract State Machine (ASM) theory is a well-known formal method, which can be used to specify arbitrary algorithms, applications or even whole systems. Over the past years, there have been many approaches to implement concrete ASM-based modeling and specification languages.

Clarification of Ambiguity for the Simple Authentication and Security Layer

Abstract The Simple Authentication and Security Layer (SASL) is a framework for enabling application protocols to support authentication, integrity and confidentiality services. The SASL was originally specified in RFC 2222, and later updated in RFC 4422, using natural language.

Distributed Adaptive Systems - Theory, Specification, Reasoning

Abstract A distributed system can be characterised by autonomously acting agents, where each agent executes its own program, uses shared resources and communicates with the others, but otherwise is totally oblivious to the behaviour of the other agents.

Event-B Expression and Verification of Translation Rules Between SysML/KAOS Domain Models and B System Specifications

Abstract This paper is about the extension of the SysML/KAOS requirements engineering method with domain models expressed as ontologies. More precisely, it concerns the translation of these ontologies into B System for system construction.

Extracting Symbolic Transitions from TLA+ Specifications

Abstract In (\textsc {TLA}^{+}), a system specification is written as a logical formula that restricts the system behavior. As a logic, (\textsc {TLA}^{+}) does not have assignments and other imperative statements that are used by model checkers to compute the successor states of a system state.

Formal Specification of the Semantics of Control State Diagrams

Abstract Control State Diagrams (CSD) are a graphical representation of Control State Abstract State Machines, a subclass of Abstract State Machines (ASM). We extend the existing semi-formal specification of this diagram type by a concrete syntax and its formal semantics.

Insulin Pump: Modular Modeling of Hybrid Systems Using Event-B

Abstract This case study of an insulin pump is to describe our solution of the following difficulties. Firstly, how to model features to obtain a family of products. Secondly, how to handle complex constraints and synchronization of components when composing features.

Issues in Automated Urban Train Control: 'Tackling' the Rugby Club Problem

Abstract Normally, the passengers on urban rail systems remain fairly stationary, allowing for a relatively straightforward approach to controlling the dynamics of the system, based on the total rest mass of the train and passengers.

Modelling Dynamic Data Structures with the B Method

Abstract The software B method has so far been mainly used in the industrial world to develop safety critical software with very basic memory management limited to arrays of fixed size defined at compilation time.

On B and Event-B: Principles, Success and Challenges

Abstract After more than 20 years since the publication of the book on B [1], and almost 10 years since the publication of the book on Event-B [2], the purpose of this short paper is to present some key points of these technologies.

On the Importance of Explicit Domain Modelling in Refinement-Based Modelling Design. Experiments with Event-B

Abstract Although several authors like Zave and Jackson [11, 17], Bjørner [5], Van Lamsweerde [13] have drawn the attention of system designers on the necessity to handle domain knowledge, while designing systems, it is still a major concern nowadays.

Proof-Based Approach to Hybrid Systems Development: Dynamic Logic and Event-B

Abstract The design of hybrid systems controllers requires one to handle both discrete and continuous functionalities in a single development framework. In this paper, we propose the design and verification of such controllers using a correct-by-construction approach.

Proposition of an Action Layer for Electrum

Abstract Electrum is an extension of Alloy that adds (1) mutable signatures and fields to the modeling layer; and (2) connectives from linear temporal logic (with past) and primed variables à la (\textsf {TLA}^+) to the constraint language.

Refinement of Timing Constraints for Concurrent Tasks with Scheduling

Abstract Event-B is a refinement-based formal method that is used for system-level modeling and analysis of concurrent and distributed systems. Work has been done to extend Event-B with discrete time constraints.

Solver-Based Sketching of Alloy Models Using Test Valuations

Abstract We introduce ASketch, the first framework for sketching models in the Alloy language. The Alloy Analyzer is a SAT-based constraint solver that allows users to create valuations for relations with respect to given constraints and bound on the universe of discourse.