@inbook{3580e18dba4f48bfb765ad0073e5d9d7,
title = "Decomposing the Verification of Interlocking Systems",
abstract = "This paper considers model checking the safety for members of a product line of railway interlocking systems, where an actual interlocking system is modelled as an instance of a generic model configured over the network under its control. For models over large networks it is a well-known problem that model checking may fail due to state space explosion. The RobustRailS tools that combine inductive reasoning with SMT solving using Jan Peleska{\textquoteright}s powerful RT-Tester tool suite have pushed considerably the limits of the size of networks that can be handled. To further push these limits, we have proposed a compositional method that can be combined with RobustRailS to reduce the size of networks to be model checked: the idea is to divide the network of the system to be verified into two sub-networks and then model check the model instances for these sub-networks instead of that for the full network. In this paper we propose a strategy for applying such network divisions repeatedly to achieve a fine granularity decomposition of a given network into a number of small sub-networks. Under certain conditions, these sub-networks all belong to a library of pre-verified elementary networks, so model checking of the sub-networks is no longer needed.",
keywords = "Compositional Verification, Formal Methods, Interlocking Systems, Model Checking",
author = "Haxthausen, {Anne E.} and Alessandro Fantechi and Gloria Gori",
year = "2023",
doi = "10.1007/978-3-031-40132-9_7",
language = "English",
isbn = "978-3-031-40131-2",
series = "Lecture Notes in Computer Science",
publisher = "Springer",
pages = "96--113",
booktitle = "Applicable Formal Methods for Safe Industrial Products",
}