Skip to main content
European Commission logo

Performing Enhanced Rail Formal Engineering Constraints Traceability

France Icon
Complete with results
Geo-spatial type
Infrastructure Node
Project website
Project Acronym
STRIA Roadmaps
Network and traffic management systems (NTM)
Transport mode
Rail icon
Transport policies
Transport sectors
Passenger transport,
Freight transport


Background & Policy context

When a train crosses a border, it will need to change its onboard signalling system, which will generate an important financial cost. Interoperability of the rail system within Europe is therefore a key to its competitiveness. It aims at creating a rail network allowing transport that is safe, compliant with the required performance level of the lines, and which does not necessitate train transfers. This requires the compliance with a set of rules, technical and operational conditions which ensure that the essential requirements are met.


The present project aims at contributing to the validation and implementation of a European system for railway signalling called ERTMS 'European Rail Traffic Management System'.

The management of railway signalling in ERTMS is based on local rules pertaining to each country and not on global rules. This makes it difficult to evaluate the system in terms of safety. Thus, one of the main objectives of this study is to supply methodological tools for the evaluation of the global consistency between the specification and the operating rules, with regard to safety. This issue is crucial and yet it has scarcely been covered by scientific literature.


A formal representation of the ERTMS specifications is provided, which enables the validation various systems through automatically generated test scenarios.

  • These systems have been modelled and studied in order to establish, if possible without having to test, whether they are compliant with ERTMS
  • The national rules complementing ERTMS are included in the study

Achieving interoperability through ERTMS requires that all parties have the same understanding of the technical specifications for interoperability. Using a model featuring rigorous semantics will help identifying and clarifying ambiguousness in the specifications.

A first step was therefore to build a formal model based on complex requirements taken out of some rules. It has then been possible to analyse in details a European specification in the face of national operating rules, for example with regard to the execution of a Movement authority (MA). An actual specification, proposed by the railway company, is analysed in work-package 1 (The ERA or EPSF will be asked to provide an initial specification). The French Public Railway Safety Authority (EPSF) is competent in railway security matters whiles being independent from railway operators.

A second step provided a study of methodological and software tools in the literature. Formal models have been used to determine whether a given scenario meets the specifications. The respect of the European system requirement specifications (SRS) and of national safety requirements is be studied, on the level of models as well as analysis tools.

In a last step, the study was based on tests on an ERTMS simulation tool compliant with the official specifications. The possibility of making the two work together in an integrated approach was studied.


Parent Programmes
Institution Type
Research agency
Institution Name
L'Agence nationale de la recherche (The French National Research Agency)
Type of funding
Public (national/regional/local)


One of the key component of the project provided methodological tools for the evaluation of the global consistency between the specification and the operating rules, with regard to safety. The results of a case study application are available at the following link


Lead Organisation
EU Contribution
Partner Organisations
EU Contribution


Contribute! Submit your project

Do you wish to submit a project or a programme? Head over to the Contribute page, login and follow the process!