Ph.D. - geht es zur Homepage der Informatik des Fachbereiches 3 ...
Ph.D. - geht es zur Homepage der Informatik des Fachbereiches 3 ...
Ph.D. - geht es zur Homepage der Informatik des Fachbereiches 3 ...
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Chapter 1. Introduction<br />
ERTMS Formal Specs The ERTMS Formal Specs [25] is an application for modelling parts<br />
of the ETCS specification [83]. The motivation is similar as for parts of this dissertation project<br />
since the transfer of the textual specification to a formal model provid<strong>es</strong> better methods during<br />
the system development 3 and supports direct t<strong>es</strong>ting on the model for V&V. The ERTMS<br />
Formal Specs is developed by the company ERTMS Solutions, which addr<strong>es</strong>s<strong>es</strong> their product<br />
to costumers in the area of ETCS hardware / system suppliers.<br />
Since only very few publications exist about the DSL, which only pr<strong>es</strong>ent small parts, a<br />
comparison with the in this dissertation developed DSL or rather meta model is hardly possible.<br />
It can be only determined that the ERTMS Formal Specs formalisms are strongly aligned to the<br />
textual formalisms used in the ETCS specification while parts have a graphical repr<strong>es</strong>entation.<br />
The focus lays mainly on the execution of the model in a simulation environment instead of<br />
generating code for an executable binary. At the end of October 2012 an open source version of<br />
the ERTMS Formal Specs application was released, but the tool chain and DSL development in<br />
this dissertation was already finished at this point. Thus, possible contributions by the ERTMS<br />
Formal Specs application could not been taken into account for the case study development.<br />
In contrast to the DSL developed for this dissertation the ERTMS Formal Specs is distributed<br />
as one single application and accordingly focus<strong>es</strong> and the tool development, similar to the<br />
openETCS project. Thus, no extendible tool chain is provided, no public meta meta model<br />
is employed, and neither a full definition of the concrete and abstract syntax and the static<br />
semantics of the meta model is available. Another difference is that the contributed case<br />
study is a pure graphical DSL because this approach in general provid<strong>es</strong> the maximal possible<br />
abstraction.<br />
In general, the ERTMS Formal Specs is a specialised, commercial software product for ETCS<br />
component suppliers, which source code is now published un<strong>der</strong> an open source license. On the<br />
other hand, the case study in this work was used to inv<strong>es</strong>tigate the potential of developing<br />
train control applications as open source software and not only distributing them un<strong>der</strong> an<br />
open source software license. This tak<strong>es</strong> the complete development proc<strong>es</strong>s into account and<br />
is not <strong>es</strong>pecially focussed on the tool development. Accordingly, ETCS was only used as an<br />
example for a train control application.<br />
1.4. Structure of this Document<br />
This document is divided in four major parts. Part I provid<strong>es</strong> background information needed<br />
for un<strong>der</strong>standing the following parts. It introduc<strong>es</strong> concepts for safe railway operation by<br />
means of the European Train Control System. Also, a brief introduction to Domain-Specific<br />
Modelling is given. This part conclud<strong>es</strong> with the choice of a meta meta model and modelling<br />
application for this work. The last chapter in this part deals with the new developed extension<br />
for the selected meta model, which is needed for the integration of safety-critical software.<br />
Part II explains mechanisms of verification and validation for safety-critical systems by using<br />
exampl<strong>es</strong> of applicable standards and how they might be used for the development of safetycritical<br />
open source software. The next chapter in this part elaborat<strong>es</strong> security problems arose<br />
by the development of open source software and provid<strong>es</strong> a solution by hardware virtualisation.<br />
3 by modelling<br />
6