This paper presents a formal model-based methodology to support railway engineers in the design of safe electronic urban railway control systems. The purpose of our research is to overcome the deficiencies of existing traditional design methodologies, namely the incompleteness and the potential presence of contradictions in the system specification resulting from non-formal development techniques. We illustrate the application of the methodology via a case study of a tram-road level crossing protection system. It was chosen partly because it has a simple architecture and a small number of elements, thus it fits the scope limitations of this article. At the same time, it is suitable for presenting all essential features of our methodology. The proposed solution provides a specification/verification environment that facilitates the construction of correct, complete, consistent, and verifiable functional specifications during the development, while hiding all the formal method-related details from the railway engineers writing the specifications. Using this formal model-based methodology, a high-quality functional specification can be achieved, which is guaranteed to be more exhaustive and will contain fewer errors than traditional development.

本文提出了一种基于模型的正式方法，以支持铁路工程师设计安全的电子城市铁路控制系统。我们研究的目的是克服现有传统设计方法的缺陷，即非正规开发技术导致的系统规范的不完整性和潜在的矛盾。我们通过一个电车-道路平交道口保护系统的案例研究来说明该方法的应用。选择它的部分原因是它具有简单的架构和少量的元素，因此它符合本文的范围限制。同时，它适合展示我们方法论的所有基本特征。提议的解决方案提供了一个规范/验证环境，有助于在开发过程中构建正确、完整、一致和可验证的功能规范，同时对编写规范的铁路工程师隐藏所有与正式方法相关的细节。使用这种形式化的基于模型的方法，可以实现高质量的功能规范，保证比传统开发更详尽，并且包含更少的错误。