ERTMS/ETCS Full Platform

AI-defined safety-critical railway signalling — ETCS Baseline 3, Release 2 (v3.6.0) · Levels 0, 1, 2 & 3

AI-Defined Safety-Critical System
Lines of Rust
55,000
19 crates6 layers
Requirements Traced
2,527
99.6% covered42 specs analyzed
Total Tests
1,988
100% pass rate0 failures
CENELEC Documents
80
Docs-as-codeAuto-generated
Hazards Identified
152
441 DSRsSafety case
unsafe Blocks
0
0 unwrap/expectin prod code

Layered Safety Architecture

CENELEC EN 50128
L5
Platformetcs-sim · etcs-harness · etcs-tool · etcs-test
SIL0
L4
I/O Wiringetcs-evc (std, I/O only — cannot override safety decisions)
SIL2
Safety Boundary — no_std below — zero heap allocation
L3
Applicationsetcs-evc-core · etcs-rbc · etcs-leu · etcs-dmi · etcs-jru · etcs-procedures
SIL4
L2
Core Logicetcs-kernel · etcs-braking · etcs-odometry
SIL4
L1
Protocolsetcs-codec · etcs-euroradio
SIL4
L0
Domain Typesetcs-types · etcs-safety
SIL4
Strict dependency: Layer N depends only on Layer < N

Requirements Traceability

Baseline-Driven
99.6%Coverage
2,516 / 2,527 requirements fully covered (implementation + tests)
1,172DMI
497Braking
422Procedures
186Modes
154Versioning
33Safety
42 SpecificationsYAML ExtractionCode Annotation ScanCoverage Matrix

6 Complete Subsystems

EVCEuropean Vital ComputerCore SIL4 · I/O SIL2
RBCRadio Block Centre
LEULineside Electronic Unit
DMIDriver Machine Interface
JRUJuridical Recording Unit
EuroradioSecure Communication

Verification

All Passing
100%
1,213Unit & Integration
100%
775SS-076 Standard
100%
775SS-076 Physics
69,857SS-076 test steps executed · 0 skipped

Safety Case

152Hazards
441Derived Safety Reqs
System
56
EVC
44
RBC
16
COM
16
DMI
12
LEU
8

CENELEC Documentation

80 Total
18SwRSSoftware Requirements
18SwDDDetailed Design
14SafetyHazard & DSR Logs
12ICDInterface Control
6SSRSSubsystem Reqs
1SwADArchitecture