A Model-Based System Engineering Approach to Manage Railway Safety-Related Decisions

A Model-Based System Engineering Approach to Manage Railway Safety-Related Decisions

Sana Debbech Philippe Bon Simon Collart-Dutilleul

Université de Lille/Nord de France, IFSTTAR/COSYS/ESTAS, France

Available online: 
| Citation



The safety assessment of Safety Critical Systems (SCSs) is a challenging task since it involves different actors and a combination of several knowledge domains. This increases the complexity of the integration of safety requirements into the design model. Consequently, there is a need for a shared model with an unambiguous terminology aiming to avoid misunderstandings between both safety and design teams. In this paper, we propose a model-based system engineering approach in order to support the goal-oriented safety reasoning and to provide a common model between both safety and requirement engineering driven by goals. Furthermore, the present study considers the safety rules development process based on the Organization-based Access Control (Or-BAC) model, which is normally used to improve the security of the information systems. Then, the common vocabulary proposed for the inter- pretation of the considered notions of domains is defined. Moreover, safety requirements are expressed with a high level of abstraction according to the required railway knowledge and the requirement trace- ability process is considered through an up-bottom reasoning using the Unified Modeling Language (UML) diagrams. The proposed approach aims to provide a methodology able to identify safety conditions in order to anticipate risks and to make better safety-related decisions. Finally, the proposed methodology is evaluated through a real accident scenario analysis in order to validate its adaptability to represent real critical situations.


rail accident scenario, design model, dysfunctional analysis, model-based safety engineering, Or-BAC, safety requirements


[1] Summers, A.E., Techniques for assigning a target safety integrity level. ISA transactions, 37(2), pp. 95–104, 1998.

[2] Debbech, S., Bon, P. & Collart-Dutilleul, S., Towards Semantic Interpretation of Goal-Oriented Safety Decision based on Foundational Ontology. Proceedings of the 11 th International Conference of Computer Science and Information Technology, Paris, 2018.

[3] Limnios, N., Fault Trees, John Wiley & Sons: USA, 2013.

[4] Mortureux, Y., Preliminary risk analysis, Techniques de l’ingénieur. Sécurité et gestion des risques, SE2 (SE4010): SE4010, 2002.

[5] Bouti, A. & Kadi, D.A., A state-of-the-art review of FMEA/FMECA. International Journal of reliability, quality and safety engineering, 1(04), pp. 515–543, 1994.

[6] Abrial, J.R., The B-Book: Assigning Programs to Meanings, Cambridge University Press: UK, 1996.

[7] Schmidt, D., Model-driven engineering, IEEE computer, 39(2), pp. 25–31, 2006.

[8] Ougier, F. & Terrier, F., ADONA: an open Integration Platform for automotiveSystems Development Tools, from Model-Driven Design to Resource Management for Distributed Embedded Systems. IFIP TC 10 Working Conference on Distributed and Parallel Embedded Systems (DIPES), 2006.

[9] Debbech, S., Bon, P. & Collart-Dutilleul, S., Improving safety by integrating dysfunctional analysis into the design of railway systems. WIT Transactions on the Built Environment, 181, pp. 399–411, 2018.

[10] Guarino, N., Formal ontology and information systems. Proceedings of FOIS, 98, pp. 81–97, 1998.

[11] Hoinaru, O., Mariano, G. and Gransart, C., Ontology for complex railway systems  application to ERTMS/ETCS system. FM-RAIL-BOK Workshop SEFM’2013 11 th  International Conference on Software Engineering and Formal Methods, 2013.

[12] E, U. G. UNISIG, System requirements Specification (SRS) version 3.4.0, E. R. Agency, available at http://www.era.europa.eu/Document-Register/Pages/Set-2-System-Requirements- Specification.aspx, 2016 (accessed 02 May 2017).

[13] Cranefield, S. & Purvis, M., UML as an Ontology Modeling Language. Proceedings of the Workshop on Intelligent Information Integration, 16th Int. Joint Conference on AI (IJCAI-99), Germany, 1999.

[14] Manfred, B. & Cengarle, M.V., UML formal semantics: lessons learned. Software and Systems Modeling, 10(4), pp. 441–446, 2011.

[15] Richters, M. & Gogolla, M., On formalizing the UML Object Constraint Language OCL, 17th Int. Conf. Conceptual Modeling, eds. T. W. Ling, s. Ram & M. L. Lee  Lecture Notes in Computer Science, number 1507, Springer-Verlag, 1998.

[16] Cancila, D. et al., Sophia: a modeling language for model-based safety engineering, MoDELS ACE-MB, Denver, Colardo, USA, pp. 11–25.

[17] Object Management Group: SysML v 1.5 Online. www.omg.org:spec/SysML/; p.161.(accessed 06 December 2017).

[18] Lucic, I., Risk and Safety in Engineering Processes, Cambridge Scholars Publishing: UK, 2015.

[19] Friedenthal, S., Moore, A., Steiner, R. A practical guide to SysML: the systems modeling language. Morgan Kaufmann, 2014.

[20] The Saint-Romain-En-Gier accident BEA-TT report, Rapport d’enqu ête technique sur l’accident ferroviaire du 5 avril 2004 à saint-romain-en-gier. Rapport technique, Ministère de l’É quipement, des Transports, de l’Aménagement du Terrioire, du Tourisme et de la Mer, METATTM. Online. http://www.bea-tt.developpement-durable.gouv. fr/saint-romain-en-gier-english-summary-a15.html. (accessed 09 September 2018).

[21] Ben Ayed, R., Modélisation UML/B pour la validation des exigences de sécurité des règles d’exploitation ferroviaires, Thèse de doctorat, IFSTTAR/COSYS/ESTAS, Univ. Lille, 2016.

[22] Rangra, S., Performance shaping factor based human reliability assessment using  valuation-based systems – application to railway operations. Thèse de doctorat, Labex MS2T, Heudiasyc, UTC, 2017.

[23] Feiler, P. & Rugina, A., Dependability Modeling with the Architecture Analysis & Design Language (AADL). Technical report, Software Engineering Institute, Carnegie Mellon, 2007.

[24] ATESST Project. Advancing Traffic Efficiency and Safety through Software Technology. ATESST STREP - FP6 project Online. http://www.atesst.org. (accessed 09 March 2017).

[25] Piriou, P.Y., Faure, J.M. & Deleuze, G., A meta-model for integrating safety concerns into systems engineering processes. 7th Annual IEEE International Systems Conference (SysCon) 2013, Orlando (Florida), pp. 298–304, 2013.

[26] Guillerm, R., Demmou, H. & Sadou, N., Combining FMECA and Fault Trees for  declining safety requirements of complex systems. Advances in Safety, Reliability and Risk Management: ESREL 2011, pp. 207, 2011.

[27] Dubois, H., Gestion des exigences de sûreté de fonctionnement dans une approche IDM. Journées Neptune no5, Paris, 2008. (in french).