TY - GEN
T1 - Use of model transformation for the formal analysis of railway interlocking models
AU - Xu, T.
AU - Santos, O. M.
AU - Ge, X.
AU - Woodcock, J.
PY - 2010
Y1 - 2010
N2 - Model transformation is at the heart of Model-Driven Engineering (MDE). In MDE, the system model is specified using a modelling language, such as UML (Unified Modelling Language) or a DSL (Domain-Specific Language). Once a model is specified, executable code for a computing platform can be automatically generated by means of model transformation (code generation). Besides the support for incremental model development, MDE also enables the formal verification of system properties. In the context of safety-critical systems, such as railway interlockings, the system model (e.g., specified in terms of UML) can be translated to a formal (mathematical) language more amendable to rigorous analysis. This paper presents a model transformation that takes a railway interlocking model (specified in Executable UML (xUML)) as input and outputs a formal model that can be mathematically analysed. This can potentially bridge the gap between well-known modelling languages (such as xUML) and formal languages, which facilitates the systematic development of safety-critical systems in terms of MDE. A small xUML railway interlocking model is used to illustrate the proposed method.
AB - Model transformation is at the heart of Model-Driven Engineering (MDE). In MDE, the system model is specified using a modelling language, such as UML (Unified Modelling Language) or a DSL (Domain-Specific Language). Once a model is specified, executable code for a computing platform can be automatically generated by means of model transformation (code generation). Besides the support for incremental model development, MDE also enables the formal verification of system properties. In the context of safety-critical systems, such as railway interlockings, the system model (e.g., specified in terms of UML) can be translated to a formal (mathematical) language more amendable to rigorous analysis. This paper presents a model transformation that takes a railway interlocking model (specified in Executable UML (xUML)) as input and outputs a formal model that can be mathematically analysed. This can potentially bridge the gap between well-known modelling languages (such as xUML) and formal languages, which facilitates the systematic development of safety-critical systems in terms of MDE. A small xUML railway interlocking model is used to illustrate the proposed method.
KW - executable UML (xUML)
KW - formal analysis
KW - formal languages
KW - model driven engineering (MDE)
KW - railway interlocking systems
UR - http://www.scopus.com/inward/record.url?scp=78649399877&partnerID=8YFLogxK
U2 - 10.2495/CR100741
DO - 10.2495/CR100741
M3 - Conference contribution
AN - SCOPUS:78649399877
SN - 9781845644680
T3 - WIT Transactions on the Built Environment
SP - 815
EP - 826
BT - Computers in Railways XII, COMPRAIL 2010
T2 - 12th International Conference on Computer System Design and Operation in the Railways and other Transit Systems, COMPRAIL 2010
Y2 - 31 August 2010 through 2 September 2010
ER -