Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Run-Time Monitoring of ERTMS/ETCS Control Flow by Process Mining

Francesco Vitale, Tommaso Zoppi, Francesco Flammini, Nicola Mazzocca

TL;DR

The paper tackles the challenge of ensuring resilience in ERTMS/ETCS L2 by enabling run-time monitoring of control flow through process mining. It proposes a three-stage methodology that first learns a normative execution model via offline process discovery (Petri nets), then performs online conformance checking to generate diagnoses, and finally applies unsupervised clustering and explanation to localize anomalies to specific components. The RBC/RBC Handover scenario serves as a proof-of-concept, demonstrating that online conformance diagnoses can be effectively clustered and explained, achieving high accuracy and clear localization under appropriate window sizes. The work contributes to safer, more explainable railway software by bridging offline verification with online assurance and outlines future work on adaptive mitigation and digital twin integration. Overall, the approach shows promise for improving dependability in safety-critical rail systems through explainable, run-time anomaly detection and localization.

Abstract

Ensuring the resilience of computer-based railways is increasingly crucial to account for uncertainties and changes due to the growing complexity and criticality of those systems. Although their software relies on strict verification and validation processes following well-established best-practices and certification standards, anomalies can still occur at run-time due to residual faults, system and environmental modifications that were unknown at design-time, or other emergent cyber-threat scenarios. This paper explores run-time control-flow anomaly detection using process mining to enhance the resilience of ERTMS/ETCS L2 (European Rail Traffic Management System / European Train Control System Level 2). Process mining allows learning the actual control flow of the system from its execution traces, thus enabling run-time monitoring through online conformance checking. In addition, anomaly localization is performed through unsupervised machine learning to link relevant deviations to critical system components. We test our approach on a reference ERTMS/ETCS L2 scenario, namely the RBC/RBC Handover, to show its capability to detect and localize anomalies with high accuracy, efficiency, and explainability.

Run-Time Monitoring of ERTMS/ETCS Control Flow by Process Mining

TL;DR

The paper tackles the challenge of ensuring resilience in ERTMS/ETCS L2 by enabling run-time monitoring of control flow through process mining. It proposes a three-stage methodology that first learns a normative execution model via offline process discovery (Petri nets), then performs online conformance checking to generate diagnoses, and finally applies unsupervised clustering and explanation to localize anomalies to specific components. The RBC/RBC Handover scenario serves as a proof-of-concept, demonstrating that online conformance diagnoses can be effectively clustered and explained, achieving high accuracy and clear localization under appropriate window sizes. The work contributes to safer, more explainable railway software by bridging offline verification with online assurance and outlines future work on adaptive mitigation and digital twin integration. Overall, the approach shows promise for improving dependability in safety-critical rail systems through explainable, run-time anomaly detection and localization.

Abstract

Ensuring the resilience of computer-based railways is increasingly crucial to account for uncertainties and changes due to the growing complexity and criticality of those systems. Although their software relies on strict verification and validation processes following well-established best-practices and certification standards, anomalies can still occur at run-time due to residual faults, system and environmental modifications that were unknown at design-time, or other emergent cyber-threat scenarios. This paper explores run-time control-flow anomaly detection using process mining to enhance the resilience of ERTMS/ETCS L2 (European Rail Traffic Management System / European Train Control System Level 2). Process mining allows learning the actual control flow of the system from its execution traces, thus enabling run-time monitoring through online conformance checking. In addition, anomaly localization is performed through unsupervised machine learning to link relevant deviations to critical system components. We test our approach on a reference ERTMS/ETCS L2 scenario, namely the RBC/RBC Handover, to show its capability to detect and localize anomalies with high accuracy, efficiency, and explainability.

Paper Structure

This paper contains 28 sections, 1 equation, 5 figures, 1 table.

Table of Contents

  1. Introduction
  2. Background and Motivation
  3. Preliminary Definitions
  4. ERTMS/ETCS L2
  5. Process Mining and Machine Learning
  6. Methodology
  7. Behavior Characterization
  8. Offline ERTMS/ETCS Execution
  9. Model Building
  10. Behavior Diagnosis
  11. Online ERTMS/ETCS Execution
  12. Online Conformance Checking
  13. Anomaly Detection and Explanation
  14. Clustering
  15. Anomaly Explanation
  16. ...and 13 more sections

Figures (5)

  • Figure 1: Movement authority provision in ERTMS/ETCS L2.
  • Figure 2: The proposed methodology for run-time monitoring of ERTMS/ETCS control flow by process mining.
  • Figure 3: An example deployment diagram showing the on-board and trackside subsystems communicating with each other and sending run-time events to a monitor server.
  • Figure 4: The RBC/RBC Handover Petri net obtained through the integer linear programming-based miner during behavior characterization.
  • Figure 5: Spectral clustering with 50 clusters, averaged over experiments with different injected faults.