A challenging problem for model checking is represented by railway interlocking systems. It is a well known fact that interlocking systems, due to their inherent complexity related to the high number of variables involved, are not amenable to automatic verification, typically incurring in state space explosion problems. The literature is however quite scarce on data concerning the size of interlocking systems that have been successfully proved with model checking techniques. In this paper we attempt a systematic study of the applicability bounds for general purpose model checkers on this class of systems, by studying the typical characteristics of control tables and their size parameters. The results confirm that, although small scale interlocking systems can be addressed by model checking, interlockings that control medium or large railway yards can not, asking for specialized verification techniques.
Model Checking Interlocking Control Tables / Alessio Ferrari;Gianluca Magnani;Daniele Grasso;Alessandro Fantechi. - STAMPA. - (2011), pp. 107-115. (Intervento presentato al convegno FORMS/FORMAT 2010) [10.1007/978-3-642-14261-1_11].
Model Checking Interlocking Control Tables
FERRARI, ALESSIO;MAGNANI, GIANLUCA;GRASSO, DANIELE;FANTECHI, ALESSANDRO
2011
Abstract
A challenging problem for model checking is represented by railway interlocking systems. It is a well known fact that interlocking systems, due to their inherent complexity related to the high number of variables involved, are not amenable to automatic verification, typically incurring in state space explosion problems. The literature is however quite scarce on data concerning the size of interlocking systems that have been successfully proved with model checking techniques. In this paper we attempt a systematic study of the applicability bounds for general purpose model checkers on this class of systems, by studying the typical characteristics of control tables and their size parameters. The results confirm that, although small scale interlocking systems can be addressed by model checking, interlockings that control medium or large railway yards can not, asking for specialized verification techniques.
I documenti in FLORE sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
