In the realm of railway software development, adherence to industrial standards is not just a matter of compliance; it’s a cornerstone of ensuring safety, reliability, and efficiency in railway operations. The latest milestone in this journey is the introduction of the CENELEC standard EN 50716:2023. This new standard represents a significant leap forward from its predecessors, EN 50128:2011 and EN 50657:2017, while maintaining a smooth transition from its predecessors and a closer alignment with the railway RAMS standards (EN 50126 and EN 50129).
At Prover, we’ve been deeply involved in the landscape of railway software standards, providing compliant tools and applications for years. Now, as we delve into the nuances of the standard, we’re thrilled to share our insights and discoveries with you.
One of the standout features of EN 50716 is the expanded endorsement of formal methods across all Safety Integrity Levels (SILs), a testament to the growing efficiency and effectiveness of these techniques for rail systems. Moreover, the concept of “tool diversity”, introduced in previous standards and further solidified in EN 50716, opens new avenues for trust delegation among T2 and T3 tools1, enhancing the robustness and flexibility of software development processes. These evolutions align seamlessly with our longstanding commitment to formal methods and the principles (regarding tool diversity) that have guided Prover’s product design for many years.
But evolution doesn’t stop there. Annex C of EN 50716 introduces fresh perspectives on software development, including guidance on two lifecycle models (linear versus iterative), modeling techniques, and the integration of Artificial Intelligence and Machine Learning (AI/ML). While iterative lifecycle models offer flexibility, they also demand careful navigation to maintain safety and regulatory compliance—a balance we’re well-equipped to address at Prover.
As for AI/ML, while their potential is undeniable, challenges in verification and validation of ML components within the context of EN 50716 remain. However, at Prover, we’re already exploring how these technologies can synergize with formal methods to drive innovation and efficiency.
Another notable change we wish to highlight before concluding this blog post is the major improvements made to software management and organization (clause 5) in EN 50716. These improvements eliminate outdated terminology, enhance clarity, and improve readability, thereby facilitating users to navigate standards with greater ease and flexibility while maintaining the same level of rigor.
1 Model checkers (such as Prover’s PSL) and testing-related utilities fall into the class of T2 tools, which is specifically designed for verifying code or data. In contrast, T3 tools are involved in the creation or transformation of code, commonly represented by code compilers and generators.
How safe and efficient are your rail control systems? Let’s find out!
Share this article
Learn to build a solid safety case for rail control systems using formal verification
Fill out your information here.
More News & Articles
The Open signaling Initiative is transforming how railway and metro signaling systems are delivered.
By combining modular technology, collaboration, and open standards, it reduces vendor lock-in, cuts lifecycle costs, and creates space for innovation.
We are launching the Open Signaling Initiative. With this launch, we are helping the industry move beyond closed, monolithic systems to modular, sustainable solutions that give infrastructure managers greater control and freedom of choice.
Registration is now open for SDA Forum 2025. Join us on October 1 in Stockholm or online for a full-day conference.
This year we will focus on two key topics transforming the industry: open signaling and the increasing role of AI.
+46 (0)8 617 68 00