A multiformalism modular approach to ertms/etcs failure modeling

European Railway Traffic Management System/European Train Control System (ERTMS/ETCS) is a recent standard aimed at improving performance, safety and inter-operability of modern railways. In order to be compliant to ERTMS/ETCS, a railway signalling system must meet strict nonfunctional requirements on system level failure modes. In this paper, a multiformalism model is employed to perform an availability analysis of an ERTMS/ETCS reference architecture at early phases of its development cycle. At this aim, a bottom-up analysis is performed from subsystem failure models (expressed by means of Generalized Stochastic Petri Nets, Fault Trees and Repairable Fault Trees) up to the overall system model. The modular approach, here used, allows to evaluate the influence of basic design parameters on the probability of system-level failure modes and demonstrates that system availability is within the bound required by the ERTMS/ETCS specification. The results show that the multiformalism modeling approach helps to cope with complexity, eases the verification of availability requirements and can be successfully applied to the analysis of complex critical systems. �� 2014 World Scientific Publishing Company.