Information Technology Reference
In-Depth Information
Fig. 7. Proposed openETCS based on ERA's base line 3 SRS natural English speci-
fication text (= “prose”) converting into a formal functional specification to define
software for modeling as well as embedded control integration, providing equip-
ment manufacturers to integrate the openETCS kernel software via API into their
particular EVC hardware design.
3.5
Formal Methods to validate Specification for openETCS
In the first step of formalization only a generic, purely functional and there-
fore not implementation related specification has to be developed. This can
be mainly done in the academic sector and by R&D institutes. However rail-
way operators have to feed in their operational experience, in order to make
sure that man-machine-interactions and case studies for test definitions are
covering real life operational scenarios and not only synthetic test cases of
solely academic interest.
For verification purposes a test case data base need to be derived from the
functional specification and supplemented by a response pattern data base,
which defines the expected outcome of a certain test case. That database
needs to be open for all parties and should collect even all real world cases
of potentially critical situations and in particular those cases, which have
already caused safety relevant incidents. That means this type of formalized
