Model-Based Approaches for Railway Safety, Reliability and Security: The Experience of Ansaldo STS

Abstract

In order to master the increasing complexity of modern railway control systems, novel model-based approaches are needed to allow engineers to evaluate such systems against strict system-level dependability requirements. In this talk, we provide an overview of the experience of Ansaldo STS in using model-based approaches for railway safety, reliability and security. Dependability requires assessment both at the software and at the hardware levels. At the software level, models have proven useful to support both static and dynamic functional analyses in order to discover systematic faults in the code. At the hardware level, we have experimented that compositional multi-formalism modeling approaches well suit the evaluation of system safety and reliability against random faults. The use of models has allowed engineers to improve both the effectiveness and the efficiency of system verification. Views of the Unified Modeling Language have been adopted to perform informal or semi-formal analyses, while Stochastic Petri Nets, (Repairable) Fault Trees, Continuous Time Markov Chains and Bayesian Networks have been employed for formal and quantitative analyses. Analytical risk and vulnerability models have also been experimented for security assessment with respect to intentional threats and natural hazards. Due to the wide range of possible applications, we are currently studying in depth both the theoretical and the technological issues related to the multi-paradigm dependability modeling using appropriate frameworks Francesco Flammini got with honours his laurea (July 2003) and doctorate (December 2006) degrees in Computer Engineering from the University Federico II of Naples. Since October 2003 to January 2007, he has worked in Ansaldo STS as a Software/RAMS Engineer in the Verification & Validation unit, specializing in model-based dependability evaluation and testing of real-time control systems. During these years, he has been involved in several ERTMS/ETCS (European Railway Traffic Management System / European Train Control System) projects. Since February 2007, he has worked on the protection of transportation infrastructures against external threats, specializing in risk assessment and design of security management systems. In 2006/2007 he has been an Adjunct Professor of Software Engineering at the Second University of Naples. He currently teaches Computer Science at the University “Federico II” of Naples and serves as the