A. Bondavalli et al., Hierarchical modelling of complex control systems: dependability analysis of a railway interlocking, COMP SYS SC, 16(4), 2001, pp. 249-261
This paper reports an experience made in building a model and analysing the
dependability of an actual railway station interlocking control system. De
spite our analysis has been restricted to the Safety Nucleus subsystem, mas
tering complexity and size required a considerable effort. We identified a
modelling strategy, based on a modular, hierarchical decomposition allowing
to use different methods and tools for modelling at the various level of t
he hierarchy. This multi-layered modelling methodology led to an accurate r
epresentation of the system behaviour and allowed us (i) to keep under cont
rol the size of the models within the different levels to be easily managed
by the automatic tools, (ii) to make changes in the model in a very easy a
nd cheap way. The paper contains also examples of the extensive analyses pe
rformed regarding the sensitivity of the dependability measures to variatio
ns of critical parameters and towards the validation of the assumptions mad
e.