Invited Talks

The conference programme will include invited talks by:

Logos sub set talk
  • Michael Leuschel, Heinrich-Heine-Universität Düsseldorf, Germany.
    • 'The Unreasonable Effectiveness of B for Data Validation and Modelling of Railway Systems'. 
    • Abstract: The B method is quite popular for developing provably correct software for safety critical railway systems, particularly for driverless trains. In recent years, the B method has also been used successfully for data validation. There, the B language has proven to be a compact way to express complex validation rules, and tools such as predicateB, Ovado or ProB can be used to provide high assurance validation engines, where a secondary toolchain validates the result of the primary toolchain.
       
    • This talk will give an overview of our experience in using B for data validation tasks, as well as for other modelling tasks in the railway domain. We will also touch subjects such as training and readability. We will examine which features of B make it well suited for the railway domain, but also point out some weaknesses and suggestions for future developments.
  • Jens Braband, Siemens AG, Rail Automation and Honorary Professor, TU  Braunschweig, Germany:
    • 'Quo vadis – Cybersecurity in railways'.
    • Abstract: Some recent incidents and analyses have indicated that possibly the vulnerability of IT systems in railway automation has been underestimated so far. Due to several trends, such as digitalization,  the use of commercial IT and communication systems or privatization, the threat potential has increased. The presentation discusses the way forward for the railway sector, how many advantages of digitalization can be realized without compromising safety. In particular topics like standardization or certification are covered, but also technical issues like software update.
  • Aryldo Ar. Russo, CERTIFER, France.
    • 'Safety Certification: considering processes around the world.'
    • Abstract: The theoretical development path of safety critical system is, for a SILx (where 1 <= x <=4) => Safety Standards -> development + Independent Safety team + ISA -> Safety Certificate -> OK to operate. This development path, unfortunately, is followed mostly when formally required or imposed by the buyer, line operator or grant authority, and this formalization is not a reality all around the world. This talk presents the process that is normally applied to certify safety critical systems, the differences and pitfalls around the world, and briefly discusses the drawbacks and trade-offs of using automatic tools to replace manual development process.