Skip to content

Railway Functional Safety Automation

Next-Gen Signaling. Zero-Compromise Safety.

 

Automate EN 50128 SIL 4 Compliance for ETCS and CBTC Systems.

.

TimeZero is the world’s first Autonomous Functional Safety Engineer for the railway industry. We bridge the gap between legacy signaling infrastructure and modern digital control, automating the rigorous verification required for CENELEC EN 50128 SIL 4 certification. Deliver safer trains faster, with mathematically proven reliability.

Get a demo

The railway industry faces a unique contradiction: it must maintain safety-critical systems for 30+ years while integrating modern digital standards (ERTMS/ETCS).

The "Long-Lifecycle" Trap in Railway Engineering

  • The SIL 4 Barrier: Achieving Safety Integrity Level (SIL) 4 requires the highest level of rigor, where the probability of failure on demand (PFD) must be less than 10 −8 . Manual verification of this magnitude is slow and prohibitively expensive.
  • Legacy "Spaghetti Code": Decades of patches and updates create architectural erosion in signaling software. Validating changes in these fragile environments often requires full regression testing, which is time-consuming and error-prone
  • The Documentation Mountain: CENELEC standards (EN 50126/50128/50129) require massive documentation for the Safety Case. Manually synchronizing requirements, code, and test results for every software update is a primary cause of project delays.
Ask for a Demo
railway challenge

Deterministic Automation for High-Speed Rail

TimeZero applies advanced "Hybrid AI" and architectural discipline to solve the headaches of railway software validation, ensuring compliance from the interlocking logic to the onboard computer

100% MC/DC for SIL 4 (Hybrid AI)

For SIL 3 and SIL 4 software, "structural testing" is mandatory. TimeZero automates this completely.

Hybrid Solver

We combine Z3 SMT Solvers (formal methods) with Large Language Models (LLMs) to generate test vectors that achieve 100% Modified Condition/Decision Coverage (MC/DC). This guarantees that every logic gate in your interlocking or braking system is tested and verified

Unreachable Code Detection

TimeZero identifies "dead code" (unreachable instructions) using Control Flow Analysis (CFA), ensuring that your deployed software contains only verified, executable logic as required by EN 50128

Railway projects rarely start from scratch. TimeZero helps you manage the evolution of long-lifecycle assets.

Mastering Legacy Code with DSM

Architectural Visualization

Using Dependency Structure Matrix (DSM) technology, TimeZero creates a visual heatmap of your software architecture. It highlights "bad dependencies" (e.g., UI layers calling Safety Kernels directly) that violate modularity and safety concepts

Safe Refactoring

The platform acts as a guardrail, allowing engineers to refactor legacy C/C++ code for modernization (e.g., moving to LTE/5G signaling) without introducing regression faults

Automated Safety Case Generation

Turn the bureaucratic burden into an automated process.

Traceability Matrices

TimeZero automatically links Requirements Architecture Code Test Results.

Evidence Packs

Generate the specific artifacts required by Independent Safety Assessors (ISAs), including Software Requirement Specs (SRS), Software Design Specs (SDS), and Verification Reports, drastically reducing the time required for final safety audits

Ensure code quality from the first keystroke.

Real-Time MISRA & CENELEC Compliance

Static Analysis
TimeZero enforces MISRA C/C++ rules in real-time within VS Code. This prevents common coding errors (buffer overflows, uninitialized variables) that could lead to dangerous failures in Train Control Management Systems (TCMS)

Use cases

signalling use case
rolling stock use case
PSD use case
psd use case

Frequently asked questions

How does TimeZero handle the difference between SIL 2 and SIL 4 in railways?

TimeZero scales its verification rigor automatically. For SIL 2 functions (e.g., passenger information), it may enforce standard coverage (Statement/Branch). For SIL 4 functions (e.g., emergency braking), it automatically enforces 100% MC/DC, Boundary Value Analysis, and strict architectural independence checks, producing the exact evidence required for that specific integrity level

Can TimeZero analyze "Spaghetti Code" in older railway systems?

Yes. This is a core capability. TimeZero uses Dependency Structure Matrix (DSM) technology to analyze code dependencies. It visualizes the "spaghetti" (cyclical dependencies and layer violations) and helps engineers untangle the architecture to meet the modularity requirements of EN 50128, preventing software erosion

Does TimeZero replace the Independent Safety Assessor (ISA)?

No, the ISA is a mandatory human role in rail certification. TimeZero acts as a "force multiplier" for the engineering team. It prepares the Evidence Packs and Safety Cases that the ISA reviews. By ensuring the data is complete, traceable, and error-free before the audit begins, TimeZero reduces the likelihood of findings and costly re-assessments

Is TimeZero compatible with tools like Cantata or VectorCAST?

Yes. TimeZero is a "Total Testing Platform" that can integrate with existing toolchains. However, it offers superior value by combining Test Generation, Static Analysis, and Architecture Analysis into a single autonomous workflow, often replacing disjointed tools to reduce licensing costs and complexity

Keep Your Projects on Track. Automate the road to SIL 4 and eliminate certification bottlenecks.

Get in touch