Participatory Verification of Railway Infrastructure Regulations using RailCNL (long version)

Previously, we have worked on verification of railway regulations against CAD designs, and integrated a verification engine into the tool chain of railway engineers. This tool was used successfully in a pilot project at RailCOMPLETE AS, (formerly Anacon AS). However, the engineers were reluctant to accept the verification results because they did not have control over the properties being verified. To allow engineers with limited logic programming experience to participate in defining and maintaining the verification properties, we design a controlled natural language (CNL) which contains constructs corresponding closely to the regulation texts. The CNL is translated automatically into the Datalog input language of the verification engine. We demonstrate a prototype system which, upon detecting regulation violations, traces back from errors in the design through the CNL to the marked-up original text, thus allowing domain experts to examine the correctness of each translation step. We describe a methodology based on CNL best practices and previous experience with creating verification front-end languages. By designing the CNL’s structure specifically to support our use case, the language stays natural and readable for non-programmers, allowing railway engineers to better understand verification properties and to participate in improving the system.