RECORDED WEBINAR

Software formal verification in the context of CENELEC EN 50716: from model to sign-off verification

As rail control software gets more complex, the real challenge is to ensure that implementations meet safety and functional requirements efficiently and convincingly. EN 50716 (the successor to EN 50128/EN 50657) sets the software development and verification expectations for railway applications, clarifying how formal methods and tool qualification contribute to a robust safety case. This session takes a practitioner’s view of applying that framework to real systems and on‑board functions.

We’ll walk through a repeatable assurance workflow: capture requirements as verifiable properties, model behavior in HLL and its sequential extension sHLL, use model checking to explore relevant executions, and establish auditable conformity between specification and implementation. We’ll illustrate the approach using Prover’s toolchain (HLL/sHLL, Prover PSL, Prover Certifier) to make the approach concrete, while maintaining the emphasis on methods, evidence, and governance that can be adopted in any environment.

Agenda:

  • EN 50716 in practice. What changed from EN 50128/EN 50657, specifically regarding the role of formal methods within the lifecycle, and what auditors expect in terms of tool classification and evidence.

  • A pragmatic formal‑assurance workflow. From property‑driven requirements to HLL/sHLL models, Prover PSL model‑checking, traceability, and preparation of sign‑off evidence.

  • Software conformity by proof. How proof‑producing sign‑off with a T2‑qualified engine (e.g., Prover Certifier) demonstrates alignment between specification and implementation for SIL‑classed applications.

  • Quality & efficiency gains. Ways to shorten verification cycles, raise coverage beyond testing, and catch defects earlier—without disrupting your current development process.

Yes please, send me the recording!

Speakers
Benjamin Blanc Prover

Benjamin Blanc
Solutions Manager at Prover