Security of Railway Infrastructures

The chapter is organized as follows: In section 1, the basic definitions of the security risk analysis and the characteristics of the railway security problem are introduced, and a bibliography review is reported. Then, in section 2, the general architecture for designing a security risk analysis tool is presented, focusing on the relevant specifications, and on the input/output characteristics. Therefore, in section 3, with the aim of pointing out the characteristics of the presented architecture, an explicative case study is defined based on real world data coming from Italian railways. Finally, some conclusions and remarks are discussed in chapter 4.

Symbolic Model Checking for Interlocking Systems

Our results yield a verification tool suitable for use in industry.

Software-Based Self-Test for Reliable Applications in Railway Systems

The very strict safety standards, which must be guaranteed in a railway system, make the testing of all electronic components a unique and challenging case study. Software-based self-test represents a very attractive test solution to cope with the problem of on-line and off-line testing of microprocessor-based systems. It makes it possible to deeply test hardware components without introducing extra hardware and stressing the system in its operational condition. This chapter overviews the basic principles of software-based self-test techniques, focusing on a set of best practices to be applied in writing, verifying and computing the final test coverage of high-quality test programs for railway systems.

Integration of Human Factors to Safety Assessments by Human Barrier Interaction

Human factors have a strong impact on railways safety. However, the assessments of these factors still follow traditional and inadequate approaches. While failure probabilities of technical systems can be measured in sufficient precision, human error probabilities are still estimated in a very rough and vague way. Upon this motivation, the contribution presents a method analyzing human influence in railway applications. The approach of human-barrier-interaction relies on a new model of human behavior, a classic model of human-machine-interaction and a model of safety measures by barriers. Applying the method, human reliability can be assessed in comparative way. An advantage over existing approaches is the substantial combination of cognitive psychology and engineering expertise without unpractical complexity.

Designing Usable Interactive Systems within the Railway Domain

Train drivers as well as signallers interact with several computer based information and communication systems to ensure safe and effective train operations. So far the technical progress mostly determines the design of such interactive systems and requirements out of a human factors perspective are not integrated. Beside the development of technical functions it is essential to take the usability as a quality attribute of every interactive system into account. If the usability is not considered during system development, it could occur that there are several functions available within a system but the user does not know how to use them in an efficient way. This chapter describes a psychological approach to design or redesign usable interactive systems within the railway domain. Some examples will be discussed to demonstrate the approach and the results.

The Role of Formal Methods in Software Development for Railway Applications

Formal methods for thirty years have promised to be the solution for the safety certification headaches of railway software designers. This chapter looks at the current industrial application of formal methods in the railway domain. After a recall of the dawning of formal methods in this domain, recent trends are presented that focus in particular on formal verification by means of model checking engines, with its potential and limitations. The paper ends with a perspective into the next future, in which formal methods will be expected to pervade in more respects the production of railway software and systems.

Hardware-In-the-Loop Testing of On-Board Subsystems

In this chapter some case-studies, based on typical topics of industrial research for railways, are introduced in order to emphasize some aspects of the mechatronic design with a particular attention to the integration of actuation systems into rig design.

Verification and Validation of Interoperability

The chapter shows an approach to use existing test methods to prove technical as well as operational interoperability. The first kinds of tests are test sequences to validate conformity of a single constituent – here, an on-board on-board unit (OBU) of the European Train Control System (ETCS) in the European Rail Traffic Management System (ERTMS). The second kind of tests is the integration test for assemblies – here, the complete on-board equipment. The third kinds of tests are the tests for the validation of operational serviceability. An approach for the stepwise integration of the different kinds of tests is shown. As a conclusion the perspective for the use of these test sequences in an independent test lab is given.

Advanced Techniques for Monitoring the Condition of Mission-Critical Railway Equipment

This chapter provides an overview of advanced techniques for monitoring the condition of mission-critical railway assets. The safe operation of railways depends on a large number of geographically distributed components, each of which has a low cost when compared to the highly complex arrangements of assets found in other industries, such as rolling mills and chemical plants. Failure of any one of these components usually results in a degradation of service in order to maintain safety, and is thus very costly to modern railway operators, who are required to compensate their customers when delays occur. In this chapter, techniques for industrial condition monitoring are reviewed, highlighting the main approaches and their applicability, advantages, and disadvantages. The chapter first makes some basic definitions of faults, failures, and machine conditions. The analysis of faults through methods such as Fault Tree Analysis and Failure Modes Effects Analysis are examined. The field of fault diagnosis is then reviewed, partitioning into the three main areas: numeric/analytical models, qualitative models, and data/history-based methods. Some of the key approaches within each of these areas will be explained at a high level, compared, and contrasted.

Mίνθa

Implementation of railway controller application logic is a highly safety-critical and time-consuming task carried out individually for each client and station by specialised signalling engineers, with corresponding high costs. M???a is a software development framework designed to create code generators for application logic for the client railway companies of Ansaldo STS that use the Microlok II controller to lower the cost and increase repeatability. This chapter describes the evolution of M???a from prototype to framework, and introduces the software engineering approaches of object-oriented meta-modelling and framework development along the way. It also presents known limitations and further application areas of the framework.