Signaling Design Automation Forum is an event gathering signaling professionals from the railway industry to share and discuss the latest evolutions on design automation – software technologies to automate design and verification of railway signaling systems. This year focus was on Digital Twins.
SDA forum is a forum for sharing experiences and best practices as well as for networking. We are proud and happy by the interest and the engagement shown during the day by the participants online and onsite.
What happened during SDA Forum 2022?
This is the fourth SDAF conference and in many ways, it turned out to be the most successful one to date, with over 100 participants online and onsite from all over the world. It was a full hybrid event.
During the day we had several very interesting presentations by e.g. Alstom, Stockholm Metro, RATP, SafeRiver, and GCRE to name a few. Some take aways from the day were:
- Formal methods together with digital twins, is a powerful and promising way to manage the digitalization of rail control systems.
- Formal verification is now being broadly applied to more complex systems and system of systems. More and more system suppliers apply Formal Verification as standard procedure to ensure quality and safety of their solutions.
- There is work to be done in combining formal methods for rail control with BIM to create more comprehensive digital twins for the complete rail infrastructure.
The conference was an opportunity for Alstom to share their current work on system of systems verification, how higher system requirements can be refined and allocated to several subsystems/functionalities.
We also got to hear from Stockholm Metro on their experience with formal verification and digitalization. The battle that was fought to improve their process from manual and time-consuming methods to a more automated and effective way of working. Stockholm Metro have now made formal verification mandatory on all projects and all changes. Their formally written safety and functional requirements are even included as part of tenders, thus guaranteeing the unambiguity and consistency of their requirements.
Veronique Delebarre from SafeRiver shared her experience from the automotive industry and methodology for defining high level safety properties.
Andy Doherty from GCRE presented their work on a unique purpose-built rail research, testing & innovation facility in Wales. The aim is to create a realistic infrastructure and rolling stock testing environment. Digital models, such as BIM, is a key part of this project; the plan is to build a digital twin of the site to enable easy integration of monitoring and sensor system technology.
Trafikverket then moved on to share their formal methods experience, dating back to the early nineties, demonstrating the strength of formal verification. Moving forward, they are counting on the work being conducted in Shift2Rail to guide the way.
On behalf of the Paris metro (RATP), Yoann Fonteneau presented the work on higher level requirements for CBTC safety verification. The project was motivated by certain missed bugs due to the gap between system-level requirement and subsystem requirements. The verification focused on one of the most critical functions for the CBTC, the Tracking Function. By modelling a realistic environment (clocks, physical trains, wayside objects, …), they defined a generic model. The proof of the safety requirements (resulting from a Hazard Analysis) is then conducted on instantiated models. The project led to the reproduction of the known issues and discovery of new complex unsafe scenarios.
New York City Transit (NYCT), as one of the oldest, largest, and busiest subways, are also using formal methods. Their use of Prover iLock to formally verify the safety of (vital) interlocking applications was briefly explained and demonstrated. The Generic Safety Specification captures the safety aspect of the 733s (NYCT design process for interlocking logic based on template/typical relay drawings). In a next step they are looking to use formal methods to build a complete model of the interlocking systems, including simulation and formal requirement specifications.
In all, it was a day full of new insights, networking and discussions. A day leaving us with a positive feeling about our industry!