Interlocking Design Automation

Cost of change

Most interlocking system projects today are developed with the following characteristics:

• Errors are found late
• Late changes are costly
• Schedules to deliver interlocking software are long and unpredictable

Root causes

The root causes for these problems include:

• Vague and imprecise requirements
• Design, test and safety assessment is based on repetitive and manual work, and requiring senior skills
• Lack of standard interfaces

Main principles of interlocking design automation

To deliver the cost-efficiency that future railroads need, a new solution for interlocking design automation is needed, based on useful requirements that need to:

• Be precise, to enable automated development
• Separate safety and test principles, to enable 100% coverage proof of safety and automated functional test
• Use standard interfaces where possible, to make it cost-efficient to replace individual sub systems

The process for interlocking design automation

The modern interlocking design automation process needs to start with the following step:

• Gather and analyze requirements, applicable standards, interfaces, rules & regulations and scope
• Determine the system’s principles
• Determine how configuration of principles is to be done for individual systems

Based on the above, the next step is to define the principles as a formal specification library, with:

• The object model defining the underlying ideas and objects, along with their properties and relations
• Separation of design, test and safety principles, based on the object model
• Configuration of individual systems, to apply the principles

With the above two steps completed, the concept of interlocking design automation can be realized using modern software tools:

• Automated generation of design and revenue service code based on (reusable) principles
• 100% coverage proof of safety and automated functional test of each system developed
• Efficient support for change in principles and requirements